Secure buses
Securing a service integration bus provides the bus with an authorization policy to prevent unauthorized users from gaining access. If a bus is configured to use multiple security domains, the bus also has a security domain and user realm to further enforce its authorization policy.
If administrative security is not enabled for the cell that hosts the bus, enable it. These tasks use an administrative console wizard that detects if administrative security is not enabled, and takes you through the steps to enable it. Supply the type of user repository used by the server, and the administrative security username and password.
If the bus contains a bus member at WAS V6, provide an inter-engine authentication alias to establish trust between bus members, and to enable the bus to operate securely. To specify a new inter-engine authentication alias, provide a user name and password.
If we are securing a bus containing only Version 7.0 or later bus members, we can use a non-global security domain for the bus. If the bus has a WAS v6 bus member, or might have a Version 6 bus member in the future, you must assign the bus to the global security domain. To assign the bus to a custom domain, we can select an existing security domain, or create a new one. If we assign the bus to a custom domain, specify a user realm. We can select an existing user realm, or use the global user realm.
Subtopics
- Add a secured bus
- Secure an existing bus by using multiple security domains
- Secure an existing bus using the global security domain
- Migrate an existing secure bus to multiple domain security
- Configure bus security by using an administrative console panel
- Configure the bus to access secured mediations
- Configure a bus to run mediations in a multiple security domain environment
What to do next
The bus is secured after you restart all the servers that are members of the bus, or (for a bus that has bootstrap members) servers for which the SIB service is enabled.
Use the administrative console to control access to the bus by administering users and groups in the bus connector role.
Related concepts
- Messaging security and multiple security domains
- Disable bus security
- Enable client SSL authentication
- Administer authorization permissions
- Secure messages between messaging buses
- Secure access to a foreign bus
- Secure links between messaging engines
- Controlling which foreign buses can link to the bus
- Secure database access
- Secure mediations
- Add unique names to the bus authorization policy
- Administer permitted transports for a bus