The integration framework supports basic J2EE security
to restrict access based on authentication and authorization.
Configuring J2EE restrictions for JMS queues
The JMS queues that are used by integration processing
support J2EE security, based on user ID and password-based authentication
and authorization. You can prevent unauthorized access to the queue
by assigning a user ID and password to the Java Naming and Directory
Interface (JNDI) name, even if the JNDI name of the queue is known.
Securing enterprise bean access
If J2EE Authentication on the system is enabled, you must
enable the security for each enterprise bean in the deployment descriptors.
Securing the HTTP servlet
The HTTP servlet is a J2EE component that handles inbound
HTTP posts. To secure the HTTP servlet, you must first secure the
enterprise bean. You can use HTTP basic authentication to secure the
HTTP servlet. Authorized users, with a valid user name and password
can post an XML transaction to the system.
Securing web services
You can secure integration web services by using HTTP basic
authentication in standard J2EE security. These security settings
provide access to web services to authorized users with a valid user
name and password.