Securing an existing bus by using the global security domain
Use this task to secure an existing service integration bus by using the global security domain.
Before you begin
- Review the information in Service integration security planning.
- The bus you want to secure must exist in the administrative console. If you want to create a new bus, see Adding a secured bus.
- If administrative security is not enabled for the cell that hosts the bus, the wizard prompts you to enable it. You need to know the type of user repository, and the administrative security username and password.
- If the service bus contains a bus member at WebSphere® Application Server Version 6, the wizard prompts you to select an existing authentication alias, or specify a new one. If you want to specify a new authentication alias, you must provide a username and password.
- Ensure that there are no indoubt transactions on the messaging engine because incomplete transactions cannot be recovered after the bus is secured. For more information, see Resolving indoubt transactions.
- Stop all servers on which the SIB Service enabled. This ensures that the bus security configuration is applied consistently when the servers are restarted.
About this task
This task uses an administrative
console wizard to guide you through the steps to secure a bus. The
following steps are conditional, depending on the bus environment:
- If administrative security is not enabled for the cell that hosts the bus, the wizard prompts you to enable administrative security.
- If the bus has a bus member at WebSphere Application Server Version 6, the wizard prompts you for an authentication alias to establish trust between bus members, and to enable the bus to operate securely.
Use the administrative console to secure a selected bus by using the global security domain as follows:
Procedure
Results
What to do next
- You must propagate the bus security configuration to all the affected nodes, and restart the servers. For more information, see Synchronizing nodes using the wsadmin scripting tool and Starting an application server.
- Groups of users in the user repository require explicit authority to access the bus. For more information, see Administering authorization permissions.