Administering topic roles

Service integration bus security uses role-based authorization. When messaging security is enabled, users and groups require authority to access a topic in a publish/subscribe topic hierarchy. By adding and removing users and groups in topic roles, you can control access to the topic.

About this task

You use the administrative console to list, add and remove users and groups in the sender and receiver roles, and to define topic role inheritance. By default, a child topic inherits its topic roles from its parent topic. You can change the default roles for a particular topic by adding or removing topic roles at the topic level. You can also allow or block inheritance of topic roles at topic level.

You can add access roles for a topic before it exists. Topics are created at runtime only, and exist only for as long as they are active.

For information about how to list, add, and remove users and groups in topic roles by using the administrative console, refer to the following tasks.

What to do next

  • Listing users and groups in topic roles

    Service integration bus security uses role-based authorization. When messaging security is enabled, users and groups require authority to access topics in a publish/subscribe topic hierarchy. By listing the users and groups that are members of topic roles for a selected topic, you can find out who has authority to send messages to and from the topic.

  • Adding users and groups to topic roles

    Service integration bus security uses role-based authorization. When messaging security, and topic level authorization is enabled, users and groups must be authorized to access topics in a publish/subscribe topic hierarchy. By adding users and groups to topic roles, you control access to a topic in a selected topic space.

  • Removing users and groups from topic roles

    Service integration bus security uses role-based authorization. When messaging security is enabled, and the Topic access check required setting is enabled for the topic space, users and groups require authority to access a topic in the topic space. By removing users and groups from all topic roles for a selected topic, you prevent them from accessing the topic.

  • Enabling topic role inheritance

    Service integration bus security uses role-based authorization. When messaging security, and topic level security are enabled, and users and groups require access in the sender and receiver roles to access a topic in a publish/subscribe topic hierarchy. By default, topics inherit these roles from the parent topic. If topic role inheritance has been disabled for a particular topic, you can restore it by using the administrative console.

  • Disabling topic role inheritance

    Service integration bus security uses role-based authorization. When messaging security, and topic level security are enabled, users and groups require access in the sender and receiver roles to access a topic in a publish/subscribe topic hierarchy. By default, topics inherit these roles from the parent topic. If you do not want topics to inherit topic roles from the parent topic in the topic hierarchy, you can override topic role inheritance by using the administrative console.

Task topic    

Terms of Use | Feedback

Last updated: Oct 21, 2010 7:37:48 AM CDT
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=v701sca&product=was-nd-mp&topic=tjr0160_
File name: tjr0160_.html