FioranoMQ supports Realm based security that allows FioranoMQ to integrate with Solaris and NT Security realms. This eliminates the need to create MQ specific users/permissions.
A realm is an administrative entity around which basic operational security policies revolve. A realm determines the scope of the security data and is normally used to organize the objects used in defining access control policies.
Security realms represent a logical grouping of Users, Groups, and Access Control Lists (ACLs) for protecting FioranoMQ Server resources. The default security realm or one of the sets of alternative security realms can be used, which allow usage of Windows NT, UNIX, and LDAP (Lightweight Directory Access Protocol) security stores. In addition, FioranoMQ supports custom developed security realms.
A Realm object provides access to users and the main Principals around which a realm is organized, and supports modifying (and extending) it according to policies defined by the realm administrator and by each particular kind of realm. Different Realms use different Authentication Protocols such as passwords (or pass phrases) and public key certificates. Groups of users (and of other groups) are used to define various policies applying to many users. ACLs are uniquely associated with entries in each realm.
FioranoMQ implements a sophisticated security engine that allows dynamic updating of Users/Groups and their privileges. Users, Groups, and ACLs can be retrieved as needed from an external source.
FioranoMQ Realms Subsystem is divided into two services: User Management and Access Control Management, each of which is discussed in the following sections.