If you have enabled broker administration security, users require specific authority so that they can complete administration tasks.
Task category | Tasks | Authorization | Queue |
---|---|---|---|
Broker | Set broker properties | Read and write | SYSTEM.BROKER.AUTH |
View broker properties | Read | SYSTEM.BROKER.AUTH | |
Configurable services | Create or delete configurable services | Read and write | SYSTEM.BROKER.AUTH |
Set configurable services properties | Read and write | SYSTEM.BROKER.AUTH | |
View configurable services properties | Read | SYSTEM.BROKER.AUTH | |
Integration servers | Create or delete integration servers | Read and write | SYSTEM.BROKER.AUTH |
Rename integration servers | Read and write | SYSTEM.BROKER.AUTH | |
List integration servers | Read | SYSTEM.BROKER.AUTH | |
Start or stop integration servers | Read | SYSTEM.BROKER.AUTH | |
Execute | SYSTEM.BROKER.AUTH or SYSTEM.BROKER.AUTH.EG | ||
Set integration server properties | Read | SYSTEM.BROKER.AUTH | |
Write | SYSTEM.BROKER.AUTH.EG | ||
View integration server properties | Read | SYSTEM.BROKER.AUTH | |
Read | SYSTEM.BROKER.AUTH.EG | ||
Resource statistics | Start or stop resource statistics collection | Read | SYSTEM.BROKER.AUTH |
Write | SYSTEM.BROKER.AUTH.EG1 | ||
Report resource statistics | Read | SYSTEM.BROKER.AUTH | |
Read | SYSTEM.BROKER.AUTH.EG2 | ||
Message flows | Deploy | Read | SYSTEM.BROKER.AUTH |
Write | SYSTEM.BROKER.AUTH.EG | ||
List message flows and other deployed objects | Read | SYSTEM.BROKER.AUTH | |
Read | SYSTEM.BROKER.AUTH.EG | ||
Start or stop message flows | Read | SYSTEM.BROKER.AUTH | |
Execute | SYSTEM.BROKER.AUTH.EG | ||
Delete resources from an integration server | Read | SYSTEM.BROKER.AUTH | |
Write | SYSTEM.BROKER.AUTH.EG | ||
Web user interface | Logon to the web user interface | Read | SYSTEM.BROKER.AUTH |
Create, delete, or modify web users | Write | SYSTEM.BROKER.AUTH | |
Changing a web user's password in the web user interface (supplying the old password) | Read | SYSTEM.BROKER.AUTH | |
Record and replay | View recorded data with record and replay (apart from bit stream and exception-list data) | Read | SYSTEM.BROKER.AUTH, SYSTEM.BROKER.AUTH.EG,4 and SYSTEM.BROKER.DC.AUTH |
View recorded data with record and replay (bit stream or exception-list data) | Read | SYSTEM.BROKER.DC.AUTH | |
Replay data | Read and execute | SYSTEM.BROKER.DC.AUTH | |
Services | View or import an MQ service from the Integration Registry | Read | SYSTEM.BROKER.AUTH |
Create or delete an MQ service in the Integration Registry | Read and write | SYSTEM.BROKER.AUTH | |
Policies | View policies in the web user interface | Read | SYSTEM.BROKER.AUTH |
Create, update, or delete policies in the web user interface | Read and write | SYSTEM.BROKER.AUTH | |
Attach a policy to an integration server | Read and write | SYSTEM.BROKER.AUTH.EG |
If you grant a user ID authority at the broker level (on queue SYSTEM.BROKER.AUTH), it does not inherit authority for integration servers. You must explicitly grant authority to all, or to individual, integration servers.