WAS v8.5 > Secure applications > Secure Service integration > Secure service integration > Secure buses

Configure bus security using an dmgr console panel

Use the dmgr console to configure the security properties for an existing service integration bus.

This task uses the Bus Security dmgr console panel. We can start the Bus security wizard from the panel, or specify individual security properties directly in the panel. The bus security properties are effective only when administrative security for the cell is enabled. If the wizard detects that administrative security is disabled, it prompts you to enable it.

The security properties available to a particular bus depend on the versions of the bus members:

To run mediations across multiple security domains, we can specify a single server identity for the bus, rather than specify a mediation authentication alias for each domain. We can use a server identity to run mediations on the global domain.

  1. In the navigation pane, click Service integration -> Buses -> security_value. security_value is either Enabled or Disabled, depending on the security status of the bus.

  2. Optional: Click Launch Bus Security Wizard to start the wizard, or specify the following properties directly:

    Enable bus security

    Bus security is enabled by default. Clear this check box to disable security for the selected bus. Note the check box is read-only if administrative security is disabled.

    Inter-engine authentication alias

    The name of the authentication alias used to authorize communication between messaging engines on the bus. Specify an inter-engine authentication alias if the bus has a v6 bus member, bus security is enabled, and to prevent unauthorized messaging engines from establishing a connection with the bus.

    Permitted transports

    Specify one of the following transports for the bus:

    • Any messaging transport chain defined to any bus member.

    • Only messaging transport chains that are protected by an SSL chain.

    • Only the transports specified in the list of permitted transports.

    To add and remove permitted transports, click Service integration -> Buses -> security_value -> [Additional Properties] Permitted transports.

    Use the Server ID when running mediations

    Check this option to run mediations using the server identity, instead of using a mediation authentication alias.

    Mediations are deployed as applications, and run in the domain used by the application server, not the bus domain. To run a mediation on multiple servers in different domains, ensure the user identity in the mediation authentication alias exists in the configuration for each domain. Alternatively, we can choose to use the server identity option. We can use this option when multiple domains are not in use.

    Mediations authentication alias

    The name of the authentication alias used to authorize mediations to access the bus. If the bus has a WASv6.0.x bus member, specify a mediations authentication alias. If we specify a mediations authentication alias for a bus containing WASv7.0 or later bus members only, it is ignored.

    Bus security domain

    Specify one of the following security domains for the bus:

    Global domain

    Specify the global domain if the bus contains a v6 bus member, or we do not want the bus to use multiple domains.

    Cell level domain

    Specify the cell-level security domain if the bus has v7.0 or later bus members only, and you want the bus to share security settings with the administrative cell.

    Custom domain

    Specify a custom security domain if the bus has v7.0 or later bus members only, and you want the bus to use a security domain used by another resource, or to create a new security configuration for this bus.

  3. Save your changes to the master configuration.


Results

You have configured security properties for the selected bus.

We can use the dmgr console to control access to the bus.


Related concepts:

Messaging security and multiple security domains


Related


Secure an existing bus using multiple security domains
Configure the bus to access secured mediations
Configure a bus to run mediations in a multiple security domain environment
Add an unsecured bus


Related information:

Add a secured bus
Secure an existing bus using the global security domain
Migrating an existing secure bus to multiple domain security
Security domain configuration. [Settings]


+

Search Tips   |   Advanced Search