Managing Management User Authentication/Authorization

There are three classes of users that can connect to a Solace router:

  • CLI—A management user that connects to the router through the CLI or SolAdmin for the purpose of configuring, managing, and monitoring the router. A CLI user can also be a management application that uses Solace Element Management Protocol (SEMP) request over HTTP service to manage and monitor the router. This user connection uses the Secure Shell (SSH) protocol.
  • File Transfer—A user that can remotely transfer files to and from specific directories on the selected Solace router using Secure File Transfer Protocol (SFTP) or Secure Copy (SCP).
  • Client—A client application that uses a Solace messaging API, REST, or OpenMAMA to connect to the router and publish and/or receive messages. A client user can also be a management application that uses SEMP Request Over Message Bus service to monitor the router. Unlike CLI and File Transfer users, client users connect to a specific Message VPN on a router and are authenticated on a Message VPN-basis.
  • Note:  Client users are not discussed in this section. For information on clients and on how to configure client authentication for a Solace router, refer to Managing Client Authentication.

A system administrator can assign either CLI or File Transfer user accounts to multiple individuals within an organization, up to a maximum of 512 user accounts per Solace router.