Security and the Eclipse Amlen resource adapter

When you configure the Eclipse Amlen resource adapter, you must consider the configuration of the Eclipse Amlen server and the associated security requirements when you set the following activation specification and connection factory properties.

Configuring properties that are related to authentication:

  • user
    The user name for user authentication with Eclipse Amlen.
    Eclipse Amlen always uses this value if it is provided, unless a security profile is attached to the endpoint with UsePasswordAuthentication set to False. If user authentication is required in your environment, you must use tcps protocol if you want to protect your user data.
  • password
    The password for user authentication with Eclipse Amlen.
    Eclipse Amlen uses this value if user is specified. If user authentication is required in your environment, you must use tcps protocol if you want to protect your password data.

If you are not using multiple application servers and therefore multiple connections, you can specify the following property in your connection policies, topic messaging policies, or queue messaging policies:

  • client ID
    The client ID for this connection.
    From a security perspective, you must understand whether the Eclipse Amlen server is configured to restrict access by client ID. If restrictions are configured on the server, then the Eclipse Amlen resource adapter settings for clientID must to adhere to those restrictions. If the server is not configured to restrict access by clientId, any valid client ID can be used for the resource adapter with no impact on security.

If you are using shared or durable subscriptions, you must specify the following property in your subscription messaging policies:

  • subscriptionName
    The name for a durable or shared subscription.
    This value must be set for any durable or shared subscription. From a security perspective, you must understand whether the Eclipse Amlen server is configured to restrict which subscription name values can be used. If restrictions are configured on the server, then the Eclipse Amlen resource adapter settings for subscriptionName must to adhere to those restrictions. If the server is not configured to restrict access by subscriptionName, any valid subscription name can be used for the resource adapter with no impact on security.

Configuring secure connections:

  • protocol
    The protocol for communication with Eclipse Amlen.
    A value of tcp indicates a non-secure connection. A value of tcps indicates a secure connection. If a secure connection is specified, then you must ensure that the WebSphere® Application Server is correctly configured. For more information, see Transport Layer Security for the Eclipse Amlen resource adapter.