About this task
When you
create a new WebSphere MQ link, you can use the
foreign bus connection wizard to enable security:
- If the WebSphere MQ queue manager
requires a secure connection, you can set the WebSphere MQ receiver
channel to accept only connections that have secure sockets layer
(SSL) based encryption.
- If the local bus is secure, you can set the service integration
bus inbound user ID to replace the user ID in messages from the WebSphere MQ queue manager, so that these
messages are authorized to access their destinations.
- Inbound user ID
- If an inbound user ID is set, then all incoming messages will
appear to have originated from that user ID. If the bus is security
enabled then messages will appear authenticated as this user ID and
have access to any resources that the user ID has access to.
- If an inbound user ID is not set, then messages will have the
same user ID as in the WebSphere MQ message
descriptor (MQMD) header of the WebSphere MQ message.
These users will not be authenticated and therefore only have access
to resources that require no authentication.
- Outbound user ID
- If an outbound user ID is set, then all outgoing messages will
appear to have originated from that user ID (using the userid field
of the MQMD)
- If an outbound user ID is not set, then messages will have the
same user ID as in the original service integration bus message.
Use this task to secure the local and foreign bus that
are part of a WebSphere MQ links configuration, and to
secure an existing WebSphere MQ link that was
not secured when it was first created.
For more general information
about service integration bus security, see Securing service integration.