Securing an existing bus by using multiple security domains

You can configure an existing bus to use a cell-level or custom security domain. Using non-global security domains provides the scope to use multiple security domains. The bus can inherit security settings from the cell, or have a unique security configuration.

Before you begin

About this task

This task uses the administrative console Bus Security Configuration wizard to secure an existing bus. If the wizard detects that administrative security for the cell is disabled, it prompts you to enable it. You must specify the type of user repository, the administrative security username and password. By default, connecting clients are required to use SSL protected transports to ensure data confidentiality and integrity. You can choose not to use this option. You can specify that the bus uses the cell-level or a custom security domain. If you choose a custom security domain, you must also specify a user realm.

Procedure

  1. In the navigation pane, click Service integration -> Buses -> security_value . The general properties for the selected bus are displayed.
  2. Click Configure Bus Security to start the Bus Security Configuration wizard.
  3. Read the Introduction panel, and click Next.
  4. If administrative security is disabled, follow the instructions to configure the appropriate user repository, and click Next.
  5. Review the summary of your choices:
    1. If you want to make changes, click Previous to return to an earlier panel, and make the changes you require.
    2. Click Finish when you are ready to confirm your choices.
    Administrative security for the cell is now enabled.
  6. If you do not want clients to use SSL protected transports, clear the check box Require clients use SSL protected transports .
  7. Select the cell-level or custom security domain for the bus.
  8. Optional: To create a new custom security domain:
    1. Use the name suggested for the security domain, or type a new one.
    2. Optional: Provide a description of the security domain.
    3. Select a user realm for the domain. You can use the user realm configured in the global security domain, or follow the steps to configure a new user realm.
  9. Click Next.
  10. Review the summary of your choices:
    1. Optional: If you want to make changes, click Previous to return to an earlier panel, and make the changes you require.
    2. Click Finish to confirm your choices.
  11. Save your changes to the master configuration.

Results

You have specified that the selected bus uses a cell-level or custom security domain. The security settings configured for the bus are displayed in the updated Bus Security Settings panel. The bus is secured after you restart all the servers that are members of the bus, or (for a bus that has bootstrap members) servers for which the SIB service is enabled.

What to do next

You must restart the servers. Starting an application server provides more information.



In this information ...


IBM Redbooks, demos, education, and more

(Index)

Use IBM Suggests to retrieve related content from ibm.com and beyond, identified for your convenience.

This feature requires Internet access.

Task topic Task topic    

Terms of Use | Feedback

Last updatedLast updated: Sep 19, 2011 5:16:49 PM CDT
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=matt&product=was-base-iseries&topic=tjr_secure_bus
File name: tjr_secure_bus.html