Securing WS-Notification
The WS-Notification security implementation requires that a user identity is flowed in requests for WS-Notification services. This identity is used to authenticate the client application and check that the client is authorized to invoke the requested operation, and to access the underlying service integration bus topic spaces and topic resources.
About this task
WS-Notification uses the same mechanisms as other Web services to provide an authenticated identity. For example WS-Security or HTTP Basic Authentication.
- Securing the communication channel between the application and the server.
- Authorizing the application to invoke the NotificationBroker.
- Authorizing the application to access the resources of the service integration bus.
If messaging security is enabled, and the WS-Security or HTTP Basic Authentication components are
not configured to flow a user identity in WS-Notification requests, then all such requests are
treated as unauthenticated and can only access messaging resources that are accessible by the WebSphere® Application Server
everyone
group.