To enable a message flow to perform identity propagation, the input nodes must extract the identity from the message flow and the output node must propagate it. If the message identity does not contain enough information for identity propagation, you can provide the identity to propagate.
Before you can configure a message flow to perform identity propagation, you must check that an appropriate security profile exists, or create a new security profile. See Creating a security profile.
To enable a message flow to perform identity propagation, complete the following steps.
mqsiapplybaroverride -b barFileName -k applicationName -m
flowName#nodeName.securityProfileName=securityProfileName
For
more information, see mqsiapplybaroverride command.For information about the identity tokens that you can propagate with each node type, see Identity and security token propagation.
mqsisetdbparms integrationNodeName -n securityIDName -u username -p password
Where
securityIDName is a name to associate with the static user name and password
identity, and username and password are the identity
credentials that you want to use. For more information, see mqsisetdbparms command.Properties | Values |
---|---|
propagation | TRUE |
idToPropagateToTransport | STATIC ID |
transportPropagationConfig | securityIDName |
mqsicreateconfigurableservice broker_name -c SecurityProfiles -o securityProfileName
-n "propagation,idToPropagateToTransport,transportPropagationConfig" -v "TRUE,STATIC ID,securityIDName"
For more information, see mqsicreateconfigurableservice command.