For a mixed-version bus, when security is enabled, you
must define an inter-engine authentication alias so that the messaging
engines can establish trust.
Before you begin
Ensure that the user ID that you intend to use for the inter-engine
authentication alias meets the following conditions:
- It exists in the user registry.
- It is used only for messaging engine to messaging engine authentication.
- It has not been added to the bus connector access role.
If you have a secure bus where all bus members are at
Version 7.0 or later, trust between
Version 7.0 or later messaging engines is
established by using a Lightweight Third Party Authentication (LTPA)
token, and you do not need to perform this task.
About this task
If you have a secure, mixed-version bus, you must define
an inter-engine authentication alias to prevent unauthorized messaging
engines from establishing a connection. Messaging engines use the
inter-engine authentication alias to establish trust in the following
scenarios:
- A WebSphere® Application Server Version 6 messaging engine initiates
a link with a Version 7.0 or later messaging
engine.
- A Version 7.0 or later messaging
engine initiates a link with a Version 6 messaging
engine.
If you add a server or cluster as a bus member, if that
action creates a mixed-version bus, you define an inter-engine authentication
alias during that task, and you do not need to perform this task.
Procedure
- In the navigation pane, click . The bus security configuration panel for the corresponding bus
is displayed.
- In the Inter-engine authentication alias field,
select an authentication alias.
- Click OK.
- Save your changes to the master configuration.
Results
You have selected an inter-engine authentication alias for
the bus to use in establishing trust between mixed-version messaging
engines.
What to do next
If you require additional security, you can configure the
SSL certificate stores to restrict objects that can make an SSL connection,
and thereby connect to the bus. For more information see
Creating a Secure Sockets Layer configuration.