Tightened bus security

Another area of the service integration bus which has seen some significant changes in WebSphere Application Server Version 6.1 is that of security. For starters, the option for bus security has always been checked by default but it is only enforced when global security is enabled. To reduce the confusion, this option is now greyed out in the administration console if global security is not enabled.

Default security is also improved by having non-SSL connectivity disabled. Indeed, it is now possible to specify, on a bus (rather than on each server), exactly which transport chains can be used to connect. This not only simplifies administration but means that you can safely make a server a member of both secure and insecure buses.

Lastly, it used to be the default behaviour that all authenticated users were able to connect to the bus. This is no longer the case and the bus connector role can now be explicitly configured via the administration console. Sadly, wsadmin is still required to setup authorizations relating to bus destinations.

2 Responses to “Tightened bus security”

  1. I wonder what it says about me that when I first read the title for this post I immediately thought of bag searches at bus stops?

  2. Dave says:

    Yep – only one item of hand baggage allowed on the bus and no bigger than a Tesco carrier bag! 😉