Connection Security
When
authorization
is enabled, the server requires a name and password before users can connect. Only authenticated users can connect to the server. The form of authentication can be either an X.509 certificate or a username and password (or both).
When
authorization
is disabled, the server does not check user authentication; user (non-admin) connections are allowed. However, even when
authorization
is disabled, admin connections must still supply the correct password to connect to the server.
Even when
authorization
is enabled, the administrator (admin
) may explicitly allow anonymous user connections, which do not require password authorization. To allow these connections, create a user with the name
anonymous
and no password.
anonymous
does not mean that
anonymous
has all permissions. Individual topics and queues can still be secure, and the ability to use these destinations (either sending or receiving) is controlled by the access control list of permissions for those destinations. The user
anonymous
can access only non-secure destinations.
Nonetheless, this feature (anonymous user connections) is outside the tested configuration of EMS security certification.
For more information on destination security, refer to the destination property
secure
, and
Create Users.