WebSphere Application Server Network Deployment, Version 6.0.x   Operating Systems: AIX, HP-UX, Linux, Solaris, Windows
             [TIP: Focusing the table of contents and search results]

Example: User revocation from a cache

In WebSphere Application Server, Version 5.0.2 and later, revocation of a user from the security cache using an MBean interface is supported.

This procedure can be called from another JACL script. The following Java Command Language (JACL) revokes a user when given the realm and the user ID, and cycles through all the security administration MBean instances that are returned for the entire cell when run from the deployment manager wsadmin command. The command also purges the user from the cache during each process.

Note: When a user is removed from authentication cache, the user can still login to WebSphere Application Server at any time. Removing the cache only removes the user from the runtime cache. It does not remove the user from the registry, nor does it lock out the user.
Attention: In some of the following lines of code, the lines are split into two or more lines for illustrative purposes only.
proc clearAuthCache {realm userid} {
	global AdminControl AdminConfig
	
if {[catch {$AdminControl queryNames WebSphere:type=SecurityAdmin,*} result]} {
      puts stdout "\$AdminControl queryNames WebSphere:type=SecurityAdmin,* caught 
           an exception $result\n"
      return
    } else {
   if {$result != {}} {
       foreach secBean $result {
           if {$secBean != {} || $secBean != "null"} {
             if {[catch {$AdminControl invoke $secBean clearAuthCache} result]} {
               puts stdout "\$AdminControl invoke $secBean clearAuthCache caught 
                    an exception $result\n"
               return
             } else {
               puts stdout "\ncache cleared for process $secBean\n"
             }
           } else {
             puts stdout "unable to get securityAdmin Mbean, user $userid not revoked"
          }
           }
  } else {
    puts stdout "Security Mbean was not found\n"
  return
}
 }



Related tasks
Customizing application login with Java Authentication and Authorization Service
Related reference
Customization of a server-side Java Authentication and Authorization Service authentication and login configuration
Reference topic    

Terms of Use | Feedback

Last updated: Mar 8, 2007 8:14:28 PM CST
http://publib.boulder.ibm.com/infocenter/wasinfo/v6r0/index.jsp?topic=/com.ibm.websphere.nd.doc/info/ae/ae/rsec_cachepurge.html

© Copyright IBM Corporation 2002, 2006. All Rights Reserved.
This information center is powered by Eclipse technology. (http://www.eclipse.org)