ap01340_.htm |
Last updated Friday, 21 July 2017When you are designing an IBM® Integration Bus application it is important to consider the security measures that are needed to protect the information in the system.
An important aspect of securing an enterprise system is the ability to protect the information that is passed from third parties. This capability includes restricting access to WebSphere® MQ and JMS queues. For information about the steps involved, refer to the documentation supplied by your transport provider. If you are using HTTPS, you need to set specific properties in the HTTP nodes. For information about this option, see HTTPInput node, HTTPRequest node, and HTTPReply node.
In addition to securing the transport, you can secure individual messages based on their identity. For more information about securing messages in a message flow, see Message flow security.
Some security configuration is required to enable IBM Integration Bus to work correctly and to protect the information in the system. For example, you can secure the messaging transport with SSL connections, restrict access to queues, apply WS-Security to Web services, and secure access to message flows.
In addition, system administrators need IBM Integration Bus authorities that allow them to perform customization and configuration tasks, run utilities, perform problem determination, and collect diagnostic materials.
System administrators can control users' access to broker resources through the web user interface and REST API. Users can be assigned to roles, which have security permissions assigned to them. For more information about roles and web security, see Role-based security.
Additionally, if WebSphere MQ Version 7.1, or later, has been selected for the queue manager and channel auth security is required to be enabled, see Activating broker administration security for WebSphere MQ Version 7.1, or later.
Last updated Friday, 21 July 2017