Types of Users in IBM webMethods Managed File Transfer

IBM webMethods iPaaS Users

Administrators and users within your organization must create a user profile on IBM® webMethods iPaaS. IBM webMethods iPaaS users have the ability to access and collaborate on IBM webMethods Managed File Transfer using their designated permissions.

Partner Users

A partner user is an entity authorized to send and receive files in IBM webMethods Managed File Transfer.

Features of a Partner User

This topic provides information about specific features that can be configured for users and templates in IBM webMethods Managed File Transfer.

Restrictions for a Partner User

Define the following restrictions for a user:

  • Restrict server availability to specified times and days of the week.
  • Restrict particular actions for files that match a specified pattern, and restrict access to subfolders in a folder structure that match a specified pattern.
  • Restrict login volume and duration, and specify authentication settings.

Restrictions for Authentication and Login

Specify the maximum number of users who can log in simultaneously, the maximum login and idle times per session, public key and password requirements, and the paths to trusted public SSH key files.

Restrictions for Files

Restrict particular actions for files that match a specified pattern. For example, restrict users from uploading files that end with .exe. Also restrict access to subfolders in the file system that match a specified pattern.

Restrictions for Connections

Specify the default character encoding for the connection between the user and IBM webMethods Managed File Transfer.

Active Time Window

Specify the days of the week and the time during which users can connect to IBM webMethods Managed File Transfer.

Note: The days and times are represented in the time zone of the IBM webMethods Managed File Transfer. To configure time zone for date and time variables, see General Settings.

Encryption and Decryption

Define specific file-based encryption and decryption PGP keys for users. These settings override any encryption assignments set in the template associated with the user.

When encrypted, files are stored on the user’s drive. Encrypted files are decrypted only if they are transferred back through IBM webMethods Managed File Transfer using the same key that was used to encrypt them. When encryption and decryption keys are configured at multiple levels (user, server, and folder), IBM webMethods Managed File Transfer enforces the following order of preference:

  1. Users

  2. Folders

  3. Servers

For example, if user A accesses port 10 and uploads a file in VFS TestFolder123, then IBM webMethods Managed File Transfer checks if the encryption or decryption key is available for user A. If no key is available at the virtual folder level, then IBM webMethods Managed File Transfer checks for the user settings for the key. If no key is present at the user settings level, then IBM webMethods Managed File Transfer checks the server level settings for the key. If no key is present at the server level settings, then files are not encrypted or decrypted during upload or download.

File-based Encryption for Templates

Define specific file-based encryption and decryption PGP keys for users assigned to a template. When files are encrypted, they are stored on a user’s drive in a format that cannot be read outside of IBM webMethods Managed File Transfer. Encrypted files are decrypted only if they are transferred back through IBM webMethods Managed File Transfer using the same key that was used to encrypt them.

Override the template-level encryption and decryption options for a specific user.

Note: You must obtain the appropriate keystores and ensure that these keystore files reside on the machines that host the IBM webMethods Managed File Transfer on which you perform these configuration tasks.