Configuring TIBCO Enterprise Message Service Servers for Non-Admin Users

Configuration of TIBCO ActiveMatrix runtime objects and services is easiest if you have administrative privileges on the TIBCO Enterprise Message Service server you want to use. If you do not have administrative privileges, you can set up the TIBCO Enterprise Message Service server to configure Enterprise Message Service servers for non-admin users.

If you want to configure TIBCO ActiveMatrix runtime objects and services, and you do not have administrator privileges on the TIBCO Enterprise Message Service server you want to use, you can configure the TIBCO Enterprise Message Service server to configure Enterprise Message Service servers for non-admin users. The following steps list the most restrictive permissions necessary.

Procedure

  1. In the TIBCO Enterprise Message Service server console, set permissions for the Administrator server users. In the following commands, replace username and password with the username and password values appropriate for each bus.
    • Messaging Bus 
      delete queue >
delete topic >
create user username "Description of the user" password=password
create queue AMX_SV.>
grant queue AMX_SV.> user=username create, delete, modify, send, receive
    • Notification Bus 
      delete queue >
delete topic >
create user username "Description of the user" password=password
create topic EMSGMS.>
grant topic EMSGMS.> user=username create, modify, subscribe, publish
grant topic $sys.monitor.connection.* user=username subscribe
grant admin user=username view-connection,view-server
create topic AMX_MGMT.>
grant topic AMX_MGMT.> user=username create, modify, subscribe, publish
create queue AMX_MGMT.>
grant queue AMX_MGMT.> user=username create, delete, modify, send, receive
    • Management Bus 
      delete queue >
delete topic >
create user username "Description of the user" password=password
create queue com.tibco.amf.admin.deploymentServerQueue.>
grant queue com.tibco.amf.admin.deploymentServerQueue.> user=username create, delete, send, receive
    • Logging and Payload Buses 
      delete queue >
delete topic >
create user username "Description of the user" password=password
create queue cl_logservice_queue.physical
create queue cl_payload_queue.physical
grant queue cl_logservice_queue.physical user=username send, receive
grant queue cl_payload_queue.physical user=username send, receive
create jndiname cl_logservice_queue queue cl_logservice_queue.physical
create jndiname cl_payload_queue queue cl_payload_queue.physical
    • Monitoring Bus 
      delete queue >
delete topic >
create user username "Description of the user" password=password
create queue amx.governance.stats
grant queue amx.governance.stats user=username send, receive
create queue amx.governance.internal.stats
grant queue amx.governance.internal.stats user=username send, receive
  2. If you intend to manually separate notification, management, and messaging buses, group their constraints first.
    The Notification, Management, and Messaging buses are initially grouped together as are the Monitoring, Logging, and Payload buses.
    • Messaging, Notification, and Management Buses 
      delete queue >
delete topic >
create user username "Description of the user" password=password
create queue AMX_SV.>
grant queue AMX_SV.> user=username create, delete, modify, send, receive
create topic EMSGMS.>
grant topic EMSGMS.> user=username create, modify, subscribe, publish
grant topic $sys.monitor.connection.* user=username subscribe
create queue com.tibco.amf.admin.deploymentServerQueue.>
grant admin user=username view-connection,view-server
grant queue com.tibco.amf.admin.deploymentServerQueue.> user=username create, delete, send, receive
       create topic AMX_MGMT.>
 grant topic AMX_MGMT.> user=username create, modify, subscribe, publish

 create queue AMX_MGMT.>
 grant queue AMX_MGMT.> user=username create, delete, modify, send, receive
    • Monitoring, Logging, and Payload Buses 
      delete queue >
delete topic >
create user username "Description of the user" password=password
create queue cl_logservice_queue.physical
create queue cl_payload_queue.physical
create queue amx.governance.stats
create queue amx.governance.internal.stats
grant queue cl_logservice_queue.physical user=username send, receive
grant queue cl_payload_queue.physical user=username send, receive
grant queue amx.governance.stats user=username send, receive
grant queue amx.governance.internal.stats user=username send, receive
create jndiname cl_logservice_queue queue cl_logservice_queue.physical
create jndiname cl_payload_queue queue cl_payload_queue.physical
      create queue AMX_SV.>
grant queue AMX_SV.> user=username create, delete, modify, send, receive
create topic EMSGMS.>
grant topic EMSGMS.> user=username create, modify, subscribe, publish
  3. Configure and create the Administrator server and TIBCO Host instances as described in Create TIBCO ActiveMatrix Administrator Server and TIBCO Host Instance.