WAS v8.5 > Secure applications > Secure Service integration > Secure service integration > Administer authorization permissions > Administer topic rolesEnable topic role inheritance
Service integration bus security uses role-based authorization. When messaging security, and topic level security are enabled, and users and groups require access in the sender and receiver roles to access a topic in a publish/subscribe topic hierarchy. By default, topics inherit these roles from the parent topic. If topic role inheritance has been disabled for a particular topic, we can restore it using the dmgr console.
You must ensure the following conditions are met:
- Messaging security is enabled. For more information, see Disable bus security.
- Topic level security is enabled for the topic space. Check the setting Topic Access Check Required? in the topic space destination configuration. For more information, see Configure bus destination properties.
In this task we use the dmgr console to restore topic role inheritance for selected topics. A topic can only inherit the sender and receiver roles from the parent topic in the topic hierarchy.
- Log into the dmgr console.
- Click Service integration -> Buses -> security_value -> [Authorization Policy] Manage topic access roles -> topic_space_name > topic_name. The Topic access roles panel lists users and groups that have been assigned role types for the selected topic.
- Expand the topic name header to display details of the users and groups that have one or more access roles for this topic.
- Select the Inherit sender role from parent topic check box.
- Select the Inherit receiver role from parent topic check box.
- Click OK to save your changes.
- Save your changes to the master configuration.
Results
The select topic inherits access roles from the parent topic. The Topic access roles panel displays the inherited access roles for the topic.
Related concepts:
Messaging security
Topic security
Reference:
Access role assignments for bus security resources
Define topic role inheritance using wsadmin
Related information:
List users and groups in topic roles
Add users and groups to topic roles
Remove users and groups from topic roles
Disable topic role inheritance