Authentication is the process of establishing the identity of a user or system and verifying that the identity is valid. You can control access to the IBM® Integration Bus administration interfaces by using the authentication capabilities that are provided with the product.
-i tcp://userid:password@hostname
If
your password contains URI reserved characters, you must convert these
characters to the percent-encoded format. For more information, see A correct URL and password returns error BIP1939 when you attempt to connect to a remote host name in Resolving problems when running commands. If you issue a command without specifying
security credentials, the integration node accepts the system user
ID and uses it to check against authorization queues.If administration security is enabled, users of the web user interface and the RESTful API must log in with a user ID and password, which are authenticated by checking them against the credentials held in the integration node. Users' access to data and integration node resources is controlled by the permissions that have been associated with their role (system user ID).
If administration security is not enabled, web users can interact with the web user interface without logging on; they interact with the web UI as the 'default' user and can access all data and integration node resources. For users of the RESTful API, all REST requests are unrestricted if administration security is not enabled.
For the following administration interfaces, authentication is provided only by the system login; no additional authentication is carried out by the integration node:
When you access the integration node locally through these interfaces, the system user ID that ran the Toolkit, application, or command is passed to the integration node, and it uses this system ID as the role name to check for configured file or mq mode permissions. If no explicit permission is granted through the configured file mode permissions, the integration node checks whether the system ID is a member of the mqbrkrs group, or is the same ID that the integration node runs under, and if so all permissions are granted.
For more information about authenticating users for integration node administration, see Managing web user accounts and Accessing the web user interface.
For information about authorizing users based on the role to which they are assigned, see Authorizing users for administration.