WsSecCheck command-line utility for validating security settings
 Downloadable files
 
Abstract
WsSecCheck is a command-line utility for validating security settings in WebSphere® Application Server V5.x and V5.1.x
 
Download Description
WsSecCheck provides an ldapsearch-type interface to the SecurityAdmin MBean in WebSphere Application Server V5.x and V5.1.x to query basic security settings.

It is a standalone Java™ program that allows you to query WebSphere Application Server for users and groups, as well as some basic configuration settings.

Functionality is limited to the methods provided by the SecurityAdmin MBean.

Installation Overview
Update the file bin\WsSecCheck.properties to point to the SOAP port and hostname of the target application server (base) or DeploymentManager (ND).

Usage
Launch using the bat file (Windows) or .sh script (Unix and z/OS). The syntax is:

WsSecCheck uid pswd propertiesFile "cmd"

where

  • uid and password are an operating system ID and password, such as the those that are used to execute WebSphere.

  • propertiesFile is the file containing WsSecCheck, bin/WsSecCheck.properties by default. It must be specified if "cmd" is supplied

  • "cmd" is an optional WsSecCheck command. If given, WsSecCheck will execute the command, display the output, and exit, instead of going into command mode.


Commands:

realm Get realm
getUsers <pattern> <limit> List all users matching <pattern>, up to <limit> occurrences
getGroups <pattern> <limit> List all groups matching <pattern>, up to <limit> occurrences
getAl <u|g> "<id>" Get access ID for u(ser) or g(roup) "id"
checkPwd "<id>" <pswd> Checks whether the id and password are valid
getJAAS Show JAAS configuration
examples Display command examples

Examples

To display 1st 100 users: (or all if less than 100):
getUsers * 100

List up to 50 users ending with "Smith":
getUsers *Smith 50

Verify that there is a group "Managers":
getGroups Managers 1

Get access ID for user Aboulfadl:
getAI u "Aboulfadl"

Get access ID for users in OS group Human Resources:
getAI g "Human Resources"

Get access ID for users in LDAP group Human Resources:
getAI g "cn=Human Resources,ou=AGroupName,o=OrgName,c=Country"

Verify that there is a user Aboulfadl with password Nabile:
checkPwd "Aboulfadl" Nabile

List resources available to user Aboulfadl, and redirect output to a file (as a system command):
WsSecCheck root rootPassword WsSecCheck.properties "getACs u \"Aboulfadl\"" > aboulAcs.txt

Get a dump of the JAAS configuration:
getJAAS
 
Prerequisites
WebSphere Application Server V5.x and V5.1.x
 
 
Installation Instructions
Unzip WsSecCheck.zip into the <WebSphere install root> directory. On Unix and z/OS platforms, use the -a option in unzipping to avoid ctl-M characters in the properties file.
 
URL LANGUAGE SIZE(Bytes)
Readme US English 2438
 
Download package
Download RELEASE DATE LANGUAGE SIZE(Bytes) Download Options
WsSecCheck 1/22/2004 US English 9196 FTP
 
Technical support
1-800-IBM-SERV (U.S. Only)
 
Cross Reference information
Segment Product Component Platform Version Edition
Application Servers Runtimes for Java Technology Java SDK
 


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server > Security
Operating system(s): z/OS
Software version: 5.1
Software edition:
Reference #: 4006653
IBM Group: Software Group
Modified date: Aug 17, 2004