Granting Access Permissions to a New Client
Suppose you add a new client, and you want that client to be granted access permissions to a Broker Server. You must reconfigure that Broker Server's ACL. For the ACL to grant the new client access permissions, the following conditions must be met:
Broker basic authentication security or SSL must be able to authenticate the client. For SSL, client’s identity must exist in a client keystore and the
Broker Server keystore.
The new client's user name must appear in the user name ACL of the
Broker Server.
The new client's authenticator name must appear in the authenticator name ACL of the
Broker Server.
To configure a new SSL client so that it satisfies these conditions, follow the steps in this procedure (it is assumed that the client's keystore has already been properly configured).
To set access permissions to the
Broker Server for a new SSL client
1. Add the client's trusted root to the truststore file used by the Broker Server and its signed certificate to a new Broker Server keystore.
2. In My webMethods: Messaging > Broker Server s > Servers.
3. In the Broker Server List, click the server with the ACL(s) you want to update. If the server does not appear in the list, use the Search tab to locate it.
4. To add the client's user DN to the ACL:
a. On the Broker Server Details page, click the ACL tab, then click User Names.
b. Click Add User Names.
c. Click the Select User Names tab, check the User Name (DN) for the new client, and click Add.
5. To add the client's issuer DN to the ACL:
a. On the Broker Server Details page, click the ACL tab, then click Authenticator Names.
b. Click Add Authenticator Names.
c. Click the Select Authenticator Names tab, check the Authenticator Name (DN) for the new client, and click Add.
An ACL is automatically enabled after you add entries; no additional actions are needed.