Administer foreign bus roles
Service integration bus security uses role-based authorization. When messaging security is enabled, groups of users require authority to send messages from a local bus destination to a foreign bus. By listing, adding and removing users and groups in foreign bus roles, we can control who can send messages to foreign buses.
These tasks assumes that one or more foreign bus connections have been configured. See Configure foreign bus connections.
The foreign bus connection represents another service integration bus, either in the same cell as the local bus or in a different cell, or it represents an IBM MQ queue manager. From the local bus, every other bus is regarded as a foreign bus, even if it is a bus in the same cell. Messages route to a foreign bus either directly through a link between the local bus and the foreign bus, or indirectly through one or more intermediate buses. A member of a group that belongs to the sender role on the local bus and the foreign bus can send messages directly to the foreign bus. The sender role is the only foreign bus role.
Subtopics
- List users and groups in foreign bus roles
Service integration bus security uses role-based authorization. When messaging security is enabled, users and groups require authority to send messages from a secured local bus destination to a secured foreign bus. By listing all the users and groups in foreign bus roles for a selected foreign bus, we can find out who has authority to send messages from the local bus to the selected foreign bus.- Add users and groups to foreign bus roles
Service integration bus security uses role-based authorization. When messaging security is enabled, users and groups require authority to send messages from a secured local bus destination to a secured foreign bus. By adding selected users and groups to the sender role for a selected foreign bus, we can control who has authority to send messages to the selected foreign bus.- Removing users and groups from foreign bus roles
Service integration bus security uses role-based authorization. By removing users and groups from the foreign bus roles for a selected secured local bus, you prevent those users and groups from sending messages to the foreign bus.
Related:
Role-based authorization Foreign buses Administer foreign bus roles Administer destination roles Controlling which foreign buses can link to your bus Access role assignments for bus security resources Default messaging provider unified connection factory [Settings] Manage foreign bus access roles [Collection]