Muokkaa

Jaa


Security with the MQSeries adapter

MQSeries adapter security begins with securing your BizTalk and MQSeries servers. For information about securing BizTalk Server, see Secure and protect your data. For information about MQSeries Server security, see the IBM MQSeries Server documentation.

Note

The adapter automatically uses packet privacy for sending and receiving messages between BizTalk Server and MQSeries Server.

Adapter security

Using the adapter itself securely requires attention to four areas:

  • Choosing the application identity and members for MQSAgent

  • Controlling the BizTalk Server accounts using the adapter

  • Securing the queue creation scripts

  • Making appropriate use of the SSO Affiliate Application property

    The account assigned to the application identity during configuration should not be an administrator account. Rather, the account should have the minimum required privileges—read and write access to the MQSeries queues.

    Make sure that you assign only BizTalk Server accounts using the adapter to the MQSAgent role.

    When using exported scripts created during the queue definition process, keep the scripts in a secure area. Only administrators using the scripts should have access.

    If your application uses MQCIH and MQIIH header properties to put user credentials in outbound messages, use the SSO Affiliate Application property on the Transport Properties page. For more information about this property, see How to Configure MQSeries Adapter Receive Locations and Send Ports.

See Also

Structure of the MQSeries Adapter
What Is the MQSeries Adapter?