Use these commands to remove authorization data for the
default roles, or for a destination or a foreign bus.
To run these commands, use
the AdminTask object of the wsadmin scripting client. Each command acts on
multiple objects in one operation. The commands are provided to allow
you to make the most commonly-required types of update in a consistent
manner, where modifying the underlying objects directly would be error-prone.
Commands
- Removing authorization data for the defaults
- To remove all users and groups from every role (sender, receiver
and so on) in the defaults, use the following command:
$AdminTask removeDefaultRoles
{-bus busname}
- Removing all authorization data for a destination
- To delete all authorization data for a destination, use the following
command:
$AdminTask removeDestinationRoles
{-type destinationType
-bus busname
-foreignBus foreignBusName
-destination destinationName}
Notes:
- This command deletes all authorization data for the specified
destination. If the destination is a topic space, the command removes
all authorization data for the virtual root and for the topics within
the topic space, as well as for the topic space itself.
- You could use this command if you are deleting the destination
and want to remove all associated authorization permissions. You could
also use this command if you want to block all access to a destination
by removing all authorization permissions for it. In this second case
a user might still be able to access the destination if they have
been granted default authorization permissions. If you have specified
default authorization permissions and you want to block all access
to the destination, you must stop the destination inheriting the default
permissions by using the command setInheritDefaultsForDestinations (see Defining destination defaults inheritance using the wsadmin tool). You should use the removeDestinationRoles command
first, followed by the setInheritDefaultsForDestinations command.
- Removing all authorization data for a foreign bus
- To delete all authorization data for the specified foreign bus,
use the following command:
$AdminTask removeForeignBusRoles
{-bus busname
-foreignBus foreignBusName}
After
using these commands, save your changes to the master configuration;
for example, by using the following command:
$AdminConfig save