Attempting to create a file space without the required authority

To create a file space through the WebSphere® MQ Managed File Transfer Web Gateway, your user ID must be associated with the appropriate MQMFT security roles. If you attempt to create a file space without the correct authority, you receive an HTTP error code and a WebSphere MQ Managed File Transfer error message. The following example shows a user who does not have the appropriate authority attempting to create a file space.

  1. This HTTP request follows the required format for creating a file space. The user submitting the request is jill, who is a member of the group employees. The employees group is defined in the application server environment that hosts the Web Gateway. The group employees is not associated with either the wmqfte-filespace-create role or the wmqfte-admin role. The user jill is attempting to create a file space named kevin, into which the users jill and lakshmi can transfer files.
    POST HTTP/1.1 /admin/filespace/kevin
Host: example.com
User-Agent: mozilla
Content-Type: application/xml

<?xml version="1.0" encoding="UTF-8"?>
<filespaces>
  <filespace>
    <quota bytes="1048576"/>
    <writers>
      <authorized action="add">
        <agent-user>jill</agent-user>
        <agent-user>lakshmi</agent-user>
      </authorized>
      <unauthorized action="add">
        <agent-user>mary</agent-user>
      </unauthorized>
    </writers>
  </filespace>
</filespaces>
  2. The Web Gateway returns an HTTP response with the following format: 
    HTTP/1.1 401 Unauthorized
Server: Apache-Coyote/1.1
Content-Type: text/plain;charset=ISO-8859-1

BFGWI0014E: User not authorized to perform the request.

To make the request valid, the user jill must be added to an application server group that is associated with one of the MQMFT roles wmqfte-admin or wmqfte-filespace-create. The example deployment plan provided with the Web Gateway shows a sample security configuration for WebSphere Application Server Community Edition. This plan associates the wmqfte-admin role with the administrators group and the wmqfte-filespace-create role with the managers and administrators groups. The user jill does not belong to either of these groups and so cannot create a file space.

For more information about configuring security permissions in your application server, see the topics Preparing to deploy the Web Gateway with WebSphere Application Server Community Edition and Deploying the Web Gateway with WebSphere Application Server Version 7.0.

For more information about the error codes returned by the Web Gateway administration API, see the HTTP Response Codes topic.