You can control a web user's access to integration node resources by associating the web user ID with a role, which has security permissions assigned to it.
IBM Integration Bus administrators can use the mqsiwebuseradmin command to create a new web user, to set or change a web user's password, to remove a web user, or to assign a web user to a role.
If administration security is enabled, web users can access the web user interface only when they have logged on using their web user account. As an administrator, you can create multiple roles, with different permissions assigned to them. You can then assign one or more web users to a role, and their access to data and integration node resources is controlled by the permissions that have been set for their role. For more information, see Role-based security.
If administration security is not enabled, web users can interact with the web user interface without logging on; they interact with the web user interface as the 'default' user and can access all data and integration node resources.
If the integration node is configured to use file-based authorization, you assign permissions to the role by using the mqsichangefileauth command. Permissions are set for the integration node, the integration server, and the data capture object. For information about setting permissions for file-based authorization, see Setting file-based permissions.
For more information about how to set the permissions that are required for using the web user interface, see Controlling access to data and resources in the web user interface.
When you have defined your roles and set the required permissions, you can assign web users to the appropriate role, and they acquire permissions through their assigned role.
Complete these steps to grant access to web users based on their assigned role: