WAS v8.5 > Secure applications > Secure Service integration > Secure service integration > Administer authorization permissions > Administer temporary destination prefix roles

Remove users and groups from temporary destination prefix roles

Service integration bus security uses role-based authorization. When security is enabled, a temporary destination prefix role is used to authorize access to temporary destinations. The temporary destination prefix is used at runtime to create temporary destinations on the bus. By removing users and groups from temporary destination prefix roles for a selected bus, we can prevent selected users and groups from sending messages to temporary destinations on the bus.

In this task we use the dmgr console to remove users, groups, and group members from the sender role for selected temporary destination prefixes. Note that we cannot use this task to remove users and groups from the creator role. To remove the creator role from a user or group, refer to Remove a temporary destination prefix.

  1. Log into the dmgr console.

  2. Click Service integration -> Buses -> security_value -> [Authorization Policy] Manage temporary destination prefix access roles The Temporary destination prefixes panel lists all the temporary destination prefixes defined for the selected bus.

  3. Select one or more temporary destination prefixes to work with:

    • Click the name of a single temporary destination prefixes.

    • Select the check boxes next to multiple temporary destination prefixes, and click Manage Access Roles.

    The Temporary destination prefix access roles panel is displayed. The access roles information for each temporary destination prefix is displayed in a collapsed section.

  4. Expand the header for a selected resource to show its role type assignments.

  5. Select the users and groups to remove from the sender role for the currently selected temporary destination prefix, and click Remove.

  6. Save your changes to the master configuration.


Results

The selected users, groups, and group members are removed from the sender role for the selected temporary destination prefix. The Temporary destination prefix access roles panel is updated to show the changes to the access role assignments.


Related concepts:

Messaging security
Temporary bus destinations
Role-based authorization


Reference:

Access role assignments for bus security resources
removeGroupFromBusConnectorRole command
removeUserFromBusConnectorRole command


Related information:

List users and groups in temporary destination prefix roles
Add users and groups to temporary destination prefix roles
Remove a temporary destination prefix
Temporary destination prefixes [Settings]


+

Search Tips   |   Advanced Search