When a server’s authorization
parameter is enabled, other servers that actively connect to it must authenticate themselves by name and password, or by X.509 certificate.
In Figure 28, servers A and B both configure active routes to one another.
When routing a secure topic or queue, servers consult the ACL specification before forwarding each message. The servers must grant one another appropriate permissions to send, receive, publish or subscribe.
For example, in Figure 28, Q2 messages flow from A to B if and only if server A grants receive permission to user B for Q2, and server B grants send permission to user A on Q2.
Chapter 9, Authentication and Permissions
TIBCO Enterprise Message Service™ User’s Guide Software Release 4.3, February 2006 Copyright © TIBCO Software Inc. All rights reserved www.tibco.com |