Security for bus bus_name [Settings]
Configure the security settings for your service integration bus.
To view this pane in the console, click one of the following paths:
.
.
Configuration tab
The Configuration tab shows configuration properties for this object. These property values are preserved even if the runtime environment is stopped then restarted. See the task descriptions for information about how to apply configuration changes to the runtime environment.
Launch Bus Security Wizard
Click to start a wizard to configure the security settings bus for a bus. If the wizard detects that bus security is disabled, you are prompted to enable it.
General Properties
Enable bus security
Select this option to inherit the secure administration setting of the cell. Deselect this option if you always wish to disable bus security.
Information | Value |
---|---|
Required | No |
Data type | Boolean |
Inter-engine authentication alias
The name of the authentication alias used to authorize communication between messaging engines on the bus.
Information | Value |
---|---|
Required | No |
Data type | drop-down list |
Permitted transports
Select the type of allowed permitted transports.
- Allow the use of all defined transport channel chains
- Restrict the use of defined transport channel chains to those protected by SSL
- Restrict the use of defined transport channel chains to the list of permitted transports
To ensure that all ports used by the bus are secure, select Restrict the use of defined transport channel chains to those protected by SSL , or if your permitted transport chains are secure, select Restrict the use of defined transport channel chains to the list of permitted transports. This prevents the InboundBasicMessaging port being opened. Changes to this setting are effective when the server is restarted.
Information | Value |
---|---|
Required | No |
Data type | Radio button |
Use the Server ID when running mediations
Check this option if you want to run mediations using the server identity, instead of using a mediation authentication alias.
Select this option if you want to run mediations on multiple servers in different domains. Using the server identity enables you to run mediations successfully across multiple security domains without having to specify a mediation authentication alias for each domain. You can also use this option when multiple domains are not in use.
Information | Value |
---|---|
Required | No |
Data type | Boolean |
Mediations authentication alias
The name of the authentication alias used to authorize mediations to access the bus.
Information | Value |
---|---|
Required | No |
Data type | drop-down list |
Bus security domain
- Use the global security domain
- Select this option to assign the bus to the global security domain. If you have a mixed-version bus, you must assign it to the global security domain.
Information Value Required No Data type Radio button - Inherit the cell level security domain
- Select this option to let the bus inherit the cell level security domain. If no cell level domain is specified then the global security domain will be used.
Information Value Required No Data type Radio button - Use the selected domain
- Select a custom security domain for this bus. This domain will be used for authentication and determining other security information.
Information Value Required No Data type Radio button - Configure Security Domain...
- Select this link to configure security settings for a custom security domain. This link becomes active only after you have applied or saved the option to use a non-global domain.
Performance
Group cache timeout
The length of time, in minutes, that a security group will be cached for.
A change to this value is effective immediately and only affects the group cache of the bus for which the configuration was changed.
Information | Value |
---|---|
Required | No |
Data type | Long |
Range | 0 through 99999 |
Audit
Enable the auditing service for this bus
Information | Value |
---|---|
Required | No |
Data type | Boolean |
Authorization Policy
- Users and groups in the bus connector role
- The list of users and groups in the bus connector role.
- Manage default access roles
- Manage the assignment of default role types to users and groups
- Manage destination access roles
- Manage the assignment of destination role types to users and groups
- Manage foreign bus access roles
- Manage the assignment of foreign bus role types to users and groups
- Manage temporary destination prefix access roles
- Manage the assignment of temporary destination prefix role types to users and groups
- Manage topic access roles
- Manage the assignment of topic role types to users and groups
- Manage users and groups not known to the user repository
- Manage users and groups not known to the user repository
Additional Properties
- Permitted transports
- The list of permitted transports.
Related Items
- JAAS - J2C authentication data
- Specifies a list of user identities and passwords for Java™ 2 connector security to use.
- Secure Administration and Applications
- Link to configure WebSphere global security settings.
- Security domains
- Security domain configuration
- Audit Service
- Configure the global audit settings