Authentication
When a messaging client connects to Eclipse Amlen, you can choose whether you want to authenticate the messaging user ID and password of that client.
This authentication is set up within the security profile for the endpoint that is associated with a message hub. Any messaging client with a valid messaging user ID and password that is stored on Eclipse Amlen, or in an external LDAP server, is successfully authenticated. You can connect to Eclipse Amlen without giving a password, if password authentication is not enabled.
If you use authentication to secure your solution, it is best practice to enable Transport Layer Security (TLS). Use TLS to ensure that user IDs and passwords are not transmitted in plain text.
Authentication is not the same as authorization. The authorization mechanism in Eclipse Amlen is achieved by using policies. These policies enable the messaging user to connect to Eclipse Amlen and use a messaging action - for example, publish or subscribe. Authentication validates that the messaging user is who they claim to be, but does not allow messaging users to connect or use any messaging actions.