WebSphere Message Broker

I wanted to know about the security capabilities of WMB.
In WMB,

if a particular node receives ENCRYPTED message. Can it handle that , say for content lookup ?

What capabilities does WMB have in respect to SECURITY ?

Any help ?

( I would post the answers once I find them. )

Thanks for any help that you can provide.

Technorati tags: , , , , , ,

Advertisements

7 responses to “WebSphere Message Broker

  1. Encrypted how?

    You can certainly perform encryption / decryption inside of broker, say using a JavaCompute node to call an existing API.

    The issue is that if the message is encrypted at one endpoint for transmission to another (in a PKI style) you probably wouldn’t want the broker to see the inside of the message. So, you might want to route on some kind of header information instead in that case.

  2. Now, if i use HTTP Input ( for exposing the message flow as a web service )
    and then do SOAP Extract.
    and then want to route based on the content in the soap message.
    And if, the elements are encrypted, how do i handle this ?
    What other features does WMB have in security aspect, except the SSL thing ?

  3. i’am really impressed!!

  4. Over the period of time and sufficient reading I have concluded that to satisfy Security capabilities of an ESB (here, WMB) its better to use DataPower as an entry / exit point to ensure the non-functional requirements.

    What say ?

  5. I wouldn’t say “better”. I’d say that it depends on what the specific non-functional requirements are. DataPower does have rich security (WS-Security) etc. capabilities as well as the XML Firewall aspects. If you need these then it can be a good fit.

  6. hmm. This gets me a bit confused.
    As, in the case of “content look-up of encrypted message” is it better if one handles it in WMB itself through Java / Compute nodes or is it *good* to have Data Power as entry point for an ESB.

  7. Datapower may handle that particular use case slightly faster – and it may depend on the other WS-* stuff you need to do. You mention “entry point” here and I’m not clear whether you mean that Datapower would then deliver on to something else.

    Clearly this is a complex discussion and not entirely suited to a discussion in blog comments.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s