+

Search Tips   |   Advanced Search

Add a secured bus


Overview

In this task we add a new service integration bus that is secured by default. The security settings for the bus are stored in a security domain. When we add a new bus, we can assign it to the default global security domain, the cell-level domain, or specify a custom domain containing a set of settings unique to the bus, or shared with another resource.

  1. Plan the security requirements for the bus.
  2. Stop all servers that have the SIB Service enabled.

This task uses an administrative console security wizard to add a new bus. If the wizard detects that administrative security is disabled, it prompts you to configure a user repository, and enable administrative security.

By default, connecting clients are required to use SSL protected transports to ensure data confidentiality and integrity. If we do not want clients to use SSL protected transports, we can specify that we do not require this option.

The type of security domain we can specify for the bus depends on the versions of the bus members you intend to add to the bus:


Add a secured bus

  1. In the navigation pane, click...

  2. Type a name for the new bus.

    Choose bus names that are compatible with the WebSphere MQ queue manager naming restrictions. We cannot change a bus name after the bus is created, which means that we can only interoperate with WebSphere MQ in the future if you use compatible names.

  3. Ensure that the Bus security check box is selected.

  4. Click Next.

    The Bus Security Configuration wizard is started.

  5. Read the Introduction panel, and click Next.

  6. If the wizard detects that administrative security is disabled, follow the prompts to select, and configure the appropriate user repository.

  7. Click Next.

    A summary of the administrative security settings for the bus is displayed.

  8. Review the summary, and click Finish.

    Administrative security for the cell is now enabled.

  9. If we do not want clients to use SSL protected transports, clear the check box...

      Require clients use SSL protected transports

  10. Select a security domain for the bus.

  11. If we have selected to use a custom security domain, follow the prompts to specify a user realm.

  12. Review the summary of the choices, and click Finish.

  13. Save the changes to the master configuration.


Results

You have created a new bus secured with the chosen security settings.


What to do next


Related concepts

  • Messaging security and multiple security domains
  • Service integration buses
  • Secure an existing bus by using multiple security domains
  • Configure bus security by using an administrative console panel
  • Configure the bus to access secured mediations
  • Configure a bus to run mediations in a multiple security domain environment
  • Configure the members of a bus
  • SIBAdminCommands: Bus administrative commands (AdminTask)
  • WebSphere MQ naming restrictions
  • Secure an existing bus using the global security domain
  • Migrate an existing secure bus to multiple domain security