ASG
IBM
Zystems
Cressida
Icon
Netflexity
 
  MQSeries.net
Search  Search       Tech Exchange      Education      Certifications      Library      Info Center      SupportPacs      LinkedIn  Search  Search                                                                   FAQ  FAQ   Usergroups  Usergroups
 
Register  ::  Log in Log in to check your private messages
 
RSS Feed - WebSphere MQ Support RSS Feed - Message Broker Support

MQSeries.net Forum Index » WebSphere Message Broker (ACE) Support » How to secure execution groups independently?

Post new topic  Reply to topic
 How to secure execution groups independently? « View previous topic :: View next topic » 
Author Message
Dev80
PostPosted: Fri Dec 02, 2016 1:13 am    Post subject: How to secure execution groups independently? Reply with quote

Novice

Joined: 28 Nov 2013
Posts: 10

Suppose there are is a single IIB node. And I have two execution groups EG1 and EG2. I want to use EG1 for development and EG2 for SIT. However I want all my developers get access to deploy code in EG1 but they should not be able to deploy anything in EG2. Is this possible with single node? I am aware that I can set up security in node level. But I want to check if this can be done in execution group level?
Thanks
Soumitra
Back to top
View user's profile Send private message
Vitor
PostPosted: Fri Dec 02, 2016 5:11 am    Post subject: Reply with quote

Grand High Poobah

Joined: 11 Nov 2005
Posts: 26093
Location: Texas, USA

Yes.

Check in the InfoCenter about restricting deploy rights.
_________________
Honesty is the best policy.
Insanity is the best defence.
Back to top
View user's profile Send private message
Dev80
PostPosted: Fri Dec 02, 2016 5:46 am    Post subject: Reply with quote

Novice

Joined: 28 Nov 2013
Posts: 10

Vitor wrote:
Yes.

Check in the InfoCenter about restricting deploy rights.


I was checking in IIB10 infocenter got below link

http://www.ibm.com/support/knowledgecenter/en/SSMKHH_10.0.0/com.ibm.etools.mft.doc/bn28610_.htm
Is this some thing you are pointing to ?
Back to top
View user's profile Send private message
Vitor
PostPosted: Fri Dec 02, 2016 5:56 am    Post subject: Reply with quote

Grand High Poobah

Joined: 11 Nov 2005
Posts: 26093
Location: Texas, USA

Dev80 wrote:

http://www.ibm.com/support/knowledgecenter/en/SSMKHH_10.0.0/com.ibm.etools.mft.doc/bn28610_.htm
Is this some thing you are pointing to ?


Assuming you're using file based security in IIBv10.

I was thinking more of this which gives the actual permissions you need to set with that command, or on the queue if you're using that kind of security.
_________________
Honesty is the best policy.
Insanity is the best defence.
Back to top
View user's profile Send private message
zpat
PostPosted: Fri Dec 02, 2016 8:05 am    Post subject: Reply with quote

Jedi Council

Joined: 19 May 2001
Posts: 5849
Location: UK

With the MQ based security, you can specify EG names or use a prefix with masking characters (e.g EGNAME*) - so that if you name your EGs consistently then one security rule can cover several related EGs.

I would recommend naming all IIB objects in a fairly hierarchical (left to right) style as this lends itself to easier security controls.
_________________
Well, I don't think there is any question about it. It can only be attributable to human error. This sort of thing has cropped up before, and it has always been due to human error.
Back to top
View user's profile Send private message
Dev80
PostPosted: Mon Dec 05, 2016 5:57 am    Post subject: Reply with quote

Novice

Joined: 28 Nov 2013
Posts: 10

Vitor wrote:
Dev80 wrote:

http://www.ibm.com/support/knowledgecenter/en/SSMKHH_10.0.0/com.ibm.etools.mft.doc/bn28610_.htm
Is this some thing you are pointing to ?


Assuming you're using file based security in IIBv10.

I was thinking more of this which gives the actual permissions you need to set with that command, or on the queue if you're using that kind of security.


Hi,
I am using File based security. and able to set it on the broker execution groups now I am into dilemma how to test and verify from my Windows machine.
Back to top
View user's profile Send private message
fjb_saper
PostPosted: Mon Dec 05, 2016 6:03 am    Post subject: Reply with quote

Grand High Poobah

Joined: 18 Nov 2003
Posts: 20696
Location: LI,NY

You'd have to have a login in each group you are using...
Maybe using r u n a s ?
_________________
MQ & Broker admin
Back to top
View user's profile Send private message Send e-mail
Display posts from previous:   
Post new topic  Reply to topic Page 1 of 1

MQSeries.net Forum Index » WebSphere Message Broker (ACE) Support » How to secure execution groups independently?
Jump to:  



You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Protected by Anti-Spam ACP
 
 


Theme by Dustin Baccetti
Powered by phpBB © 2001, 2002 phpBB Group

Copyright © MQSeries.net. All rights reserved.