Service integration bus security uses role-based authorization.
When messaging security is enabled, users and groups must have authority
to undertake messaging operations, at a bus destination. By administering
destination roles, you can control which users and groups can undertake
operations at a bus destination, and the types of operations that
they can perform.
About this task
You use the administrative console to administer users
and groups in access roles for a destination. The access roles available
for a destination depend on the type of destination. The table below
lists the roles that you can assign for each destination type:
Table 1. Destination roles. The first
column of the table contains the list of destination types. The second
column contains the access roles that can be assigned for the destination
types.Destination type |
Access roles |
queue |
sender, receiver, browser, creator |
port |
sender, receiver, browser, creator |
webService |
sender, receiver, browser, creator |
topicSpace |
sender, receiver |
foreignDestination |
sender |
alias |
sender, receiver, browser |
In addition to controlling which users and groups have access
to a specific local or foreign destination, you can also control the
inheritance of access roles for a specific local destination. In this
case, the default access roles that apply to all the destinations
in the local bus namespace are added to any access roles that have
been added for a specific destination.