Pre-Authentication for Broker Manager

The Pre-Authentication security setting affects whether account users are automatically logged in to PubSub+ Broker Manager or users are required to log in manually.

The pre-auhentication feature is enabled by default. When launching Broker Manager from PubSub+ Cloud, all account users are automatically logged in. If the pre-authentication security is disabled, all account users are required to log in to Broker Manager for all new sessions.

We recommend that you align this setting with your organization's security policies. For more information about Broker Manager, see Using PubSub+ Broker Manager.

Considerations for Setting PubSub+ Pre-authentication Security

  • Ensure that you have an Administrator role in the account to modify this setting. For instructions, refer to Managing Users, Groups, Roles, and Permissions.
  • When PubSub+ Pre-authentication Security is disabled, a separate login prompt appears that requires users to enter the username and password for all new sessions with the event broker service.
  • The username and password are found on the Status tab for the service details in the Management Username and Management Password fields.
  • Regardless of whether you enable or disable Pre-authentication Security, if your event broker services are deployed in a private network [customer-controlled Virtual Private Cloud/Virtual Network (VPC/VNet)], it is possible that you can connect from a public IP address to the PubSub+ Cloud Console (outside of your private network) to create and configure event broker services, but cannot connect to Broker Manager.

    The reason for this is because the ability to connect to Broker Manager depends on the networking configuration of your private network (i.e., most private networks use 10.x.y.z, 172.x.y.z, or 192.x.y.z as IP addresses which are not accessible from a public network). If your networking configuration permits it, you may connect to Broker Manager when it's deployed in a private network if you:

    • use a VPN connection such as a VPN client on your computer (or AWS VPN) to connect to the VPC/VNet
    • have VNet peering (Azure) or VPC  peering (AWS) configured between the network from where you're connected, to the private network where the event broker services are deployed
    • have a DNS mapping from the event broker service to your private network. Contact Solace to configure this DNS mapping request.

Configuring PubSub+ Pre-authentication Security

To configure PubSub+ Pre-authentication security, do the following:

  1. Log in to the PubSub+ Cloud Console if you haven't done so yet.

  2. On the navigation bar, click User & Account  and select Account Details.
  3. On the Account Details page, select the Account Settings tab.
  4. On the Security Settings tile, enable or disable the PubSub+ Pre Authentication toggle. When disabled, launching Broker Manager from the Cloud Console requires that the user separately authenticates themselves for all new sessions; when enabled, users are automatically logged in when launching Broker Manager.