Configuring Client Authorization
After clients connecting to a Message VPN are authenticated, they must be authorized to access event broker resources and messaging capabilities. How much access that a client is authorized for is determined by the client profile and ACL profile it is assigned.
Client profiles and ACL profiles can be assigned to clients based on the client usernames that they use (refer to Client Username Configuration) or on an LDAP authorization group that they belong to (refer to Configuring Client LDAP Authorization).
Clients' access to endpoints is also determined by permission levels that are configured for each individual endpoint. For information on configuring queues’ permission levels for queues, refer to Configuring Permissions for Non-Owner Clients, for topic endpoints, refer to Configuring Permissions for Non-Owner Clients.