Broker 10.5 | webMethods Broker Documentation | Administering webMethods Broker | Managing Broker Security | Broker Security Model | Access Control Lists (ACLs)
 
Access Control Lists (ACLs)
There are two ACLs you can attach to a Broker component:
*A user ACL, which is a list of basic authentication user names and SSL user DNs. For example, “brokeruser” and “CN=Broker Server, O=My Company”.
*An authenticator ACL, which is a list of basic authentication system alias names and DNs for certification authorities or CAs (issuers of the user certificates). For example, “BrokerLDAP” and “CN=My Company SSL Issuer, O=My Company”.
You configure ACLs to achieve one or more of the following:
*To restrict a client's administrative access to the Broker Server (for example, whether a client can stop or restart a Broker Server)
*To control whether a client can add or delete Brokers
*To protect the document types to which a client can publish or subscribe by enlisting authorized users in client groups
*To control whether clients have access to the system-defined admin client group
*To grant permissions for a Broker to access other Brokers in a territory
*To grant permissions for Brokers in one Broker territory to access remote Brokers in another territory through a Broker gateway
*To grant permissions for a Broker to access other Brokers in a cluster
*To grant permissions for Brokers in one Broker cluster to access remote Brokers in another cluster through a Broker cluster gateway
For more information, see Access Control Lists.