Attempting to create a file space without the required authority
To create a file space through the WebSphere® MQ Managed File Transfer Web Gateway, your user ID must be associated with the appropriate MQMFT security roles. If you attempt to create a file space without the correct authority, you receive an HTTP error code and a WebSphere MQ Managed File Transfer error message. The following example shows a user who does not have the appropriate authority attempting to create a file space.
- This HTTP request follows the required format for creating a file
space. The user submitting the request is
jill
, who is a member of the groupemployees
. Theemployees
group is defined in the application server environment that hosts the Web Gateway. The groupemployees
is not associated with either thewmqfte-filespace-create
role or thewmqfte-admin
role. The userjill
is attempting to create a file space namedkevin
, into which the usersjill
andlakshmi
can transfer files.POST HTTP/1.1 /admin/filespace/kevin Host: example.com User-Agent: mozilla Content-Type: application/xml <?xml version="1.0" encoding="UTF-8"?> <filespaces> <filespace> <quota bytes="1048576"/> <writers> <authorized action="add"> <agent-user>jill</agent-user> <agent-user>lakshmi</agent-user> </authorized> <unauthorized action="add"> <agent-user>mary</agent-user> </unauthorized> </writers> </filespace> </filespaces>
- The Web Gateway returns an HTTP response with the following format:
HTTP/1.1 401 Unauthorized Server: Apache-Coyote/1.1 Content-Type: text/plain;charset=ISO-8859-1 BFGWI0014E: User not authorized to perform the request.
To make the request valid, the user jill
must
be added to an application server group that is associated with one
of the MQMFT roles wmqfte-admin
or wmqfte-filespace-create
.
The example deployment plan provided with the Web Gateway shows a
sample security configuration for WebSphere Application
Server Community Edition. This plan associates the wmqfte-admin
role
with the administrators
group and the wmqfte-filespace-create
role
with the managers
and administrators
groups.
The user jill
does not belong to either of these
groups and so cannot create a file space.
For more information about configuring security permissions in your application server, see the topics Preparing to deploy the Web Gateway with WebSphere Application Server Community Edition and Deploying the Web Gateway with WebSphere Application Server Version 7.0.
For more information about the error codes returned by the Web Gateway administration API, see the HTTP Response Codes topic.