Connection Security

When authorization is enabled, the server requires a name and password before users can connect. Only authenticated users can connect to the server. The form of authentication can be either an X.509 certificate or a username and password (or both).

When authorization is disabled, the server does not check user authentication; user (non-admin) connections are allowed. However, even when authorization is disabled, admin connections must still supply the correct password to connect to the server.

Even when authorization is enabled, the administrator (admin) may explicitly allow anonymous user connections, which do not require password authorization. To allow these connections, create a user with the name anonymous and no password.

Note: Creating the user anonymous does not mean that anonymous has all permissions. Individual topics and queues can still be secure, and the ability to use these destinations (either sending or receiving) is controlled by the access control list of permissions for those destinations. The user anonymous can access only non-secure destinations.

Nonetheless, this feature (anonymous user connections) is outside the tested configuration of EMS security certification.

For more information on destination security, refer to the destination property secure, and Create Users.