admin Client Group
Members of the admin client group have full permissions and administrative privileges for a given Broker. Each Broker has one admin client group. Clients belonging to the admin client group can:
Add any document type to any client group's can-publish and can-subscribe lists.
Create client groups.
Browse and modify any client's queue.
Modify any
Broker setting.
Configure the territories or local gateways to which the
Broker belongs.
Generally, you should use membership in the admin client group to perform Broker administrative functions. As such, it is not necessary for admin client information to be saved between sessions; clients belonging to the admin client group have a queue storage setting of volatile and a lifecycle setting of destroy on disconnect.
It is strongly recommended that you restrict membership of the admin client group to only those users who should have administrative privileges, otherwise, any client could join the admin client group and gain full administrative access to the Broker. To limit access to the admin client group, configure its ACLs after you have configured the Broker Server for basic authentication or SSL.