WAS v8.5 > Secure applications > Secure Service integration > Secure service integrationSecure links between messaging engines
For a mixed-version bus, when security is enabled, you must define an inter-engine authentication alias so the messaging engines can establish trust.
Ensure the user ID that you intend to use for the inter-engine authentication alias meets the following conditions:
- It exists in the user registry.
- It is used only for messaging engine to messaging engine authentication.
- It has not been added to the bus connector access role.
If we have a secure bus where all bus members are at v7.0 or later, trust between v7.0 or later messaging engines is established using a LTPA token, and we do not need to perform this task. If we have a secure, mixed-version bus, you must define an inter-engine authentication alias to prevent unauthorized messaging engines from establishing a connection. Messaging engines use the inter-engine authentication alias to establish trust in the following scenarios:
- A WebSphere Application Server v6 messaging engine initiates a link with a v7.0 or later messaging engine.
- A v7.0 or later messaging engine initiates a link with a v6 messaging engine.
If you add a server or cluster as a bus member, if that action creates a mixed-version bus, you define an inter-engine authentication alias during that task, and we do not need to perform this task.
- In the navigation pane, click Service integration -> Buses -> security_value. The bus security configuration panel for the corresponding bus is displayed.
- In the Inter-engine authentication alias field, select an authentication alias.
- Click OK.
- Save your changes to the master configuration.
Results
You have selected an inter-engine authentication alias for the bus to use in establishing trust between mixed-version messaging engines.
If you require additional security, we can configure the SSL certificate stores to restrict objects that can make an SSL connection, and thereby connect to the bus. For more information see Create an SSL configuration.
Related concepts:
Temporary bus destinations
Destination routing paths
Interconnected buses
Common issues with all bus configurations
Related
Disable bus security
Enable client SSL authentication
Administer authorization permissions
Secure messages between messaging buses
Secure access to a foreign bus
Controlling which foreign buses can link to your bus
Secure database access
Secure mediations
Administer the bus connector role
Add a server as a new bus member
Related information:
Secure buses
Add unique names to the bus authorization policy
Administer permitted transports for a bus