April 3, 2014

Securing Tibco EMS

Posted in JMS tagged authorization, Tibco, TIBCO EMS admin at 7:16 AM by bsnaresh

One can follow these steps to secure a queue in Tibco EMS 5.0:

• Get into the TIBCO EMS admin cli:
  •       tibemsadmin -server “tcp://HOSTNAME:7222”
• To enable security, authorization has to be enabled. This can be done as follows:
  •   set server authorization=enabled
• Restart the Tibco EMS server.
• Create a connection factory using the following command
  • create factory <Connection Factory Name>  generic
• To make the ConnectionFactory accessible from remote hosts, add the following property:
  • addprop factory <Connection Factory Name> url=tcp://HOSTNAME:7222
• Create queue using the following command:
  • create queue <QUEUE NAME>
• Create a group of users who would be able to access the above queue:
  • create group <groupname>
• Create a user who can be added to the above group:
  • create user <username>
• Set a password to the above user:
  •  set password <username> <new password>
•  Add this user to the created group
  •  add member <group name> <user to be added>
• Grant permissions on the queue to the created group
  • grant queue <queuename> group=<groupname>  all
• Enable authorization on this queue
  • addprop queue <queuename> secure

If working on Tibco EMS 8.0, thr url property needs to be set while creating the factory itself:

• create factory <Connection Factory Name>  generic  url=tcp://HOSTNAME:7222

Permalink Leave a Comment