WebSphere WebSphere Application Server Network Deployment, Version 6.1.x Operating Systems: AIX, HP-UX, i5/OS, Linux, Solaris, Windows, z/OS

Removing authorization data using the wsadmin tool

Use these commands to remove authorization data for the default roles, or for a destination or a foreign bus.

To run these commands, use the AdminTask object of the wsadmin scripting client. Each command acts on multiple objects in one operation. The commands are provided to allow you to make the most commonly-required types of update in a consistent manner, where modifying the underlying objects directly would be error-prone.

For i5/OS platforms The wsadmin scripting client is run from Qshell. For more information, see the topic "Configure Qshell to run WebSphere Application Server scripts".

For i5/OS platforms These commands are only valid when used with WebSphere Application Server Version 6 and later application servers. Do not use them with earlier versions.

For i5/OS platforms Command-line help is provided for service integration bus commands:

Commands

Removing authorization data for the defaults
To remove all users and groups from every role (sender, receiver and so on) in the defaults, use the following command:
$AdminTask removeDefaultRoles 
         {-bus busname}
Removing all authorization data for a destination
To delete all authorization data for a destination, use the following command:
$AdminTask removeDestinationRoles
         {-type destinationType
         -bus busname
         -foreignBus foreignBusName
         -destination destinationName}
Notes:
  • This command deletes all authorization data for the specified destination. If the destination is a topic space, the command removes all authorization data for the virtual root and for the topics within the topic space, as well as for the topic space itself.
  • You could use this command if you are deleting the destination and want to remove all associated authorization permissions. You could also use this command if you want to block all access to a destination by removing all authorization permissions for it. In this second case a user might still be able to access the destination if they have been granted default authorization permissions. If you have specified default authorization permissions and you want to block all access to the destination, you must stop the destination inheriting the default permissions by using the command setInheritDefaultsForDestinations (see Defining destination defaults inheritance using the wsadmin tool). You should use the removeDestinationRoles command first, followed by the setInheritDefaultsForDestinations command.
Removing all authorization data for a foreign bus
To delete all authorization data for the specified foreign bus, use the following command:
$AdminTask removeForeignBusRoles
         {-bus busname
         -foreignBus foreignBusName}
After using these commands, save your changes to the master configuration; for example, by using the following command:
 $AdminConfig save

Reference topic

Terms of use | Feedback


Timestamp icon Last updated: 26 February 2009
http://publib.boulder.ibm.com/infocenter/wasinfo/v6r1/index.jsp?topic=/com.ibm.websphere.pmc.nd.multiplatform.doc/ref/rjr_auth_data_remove.html

Copyright IBM Corporation 2004, 2009. All Rights Reserved.
This information center is powered by Eclipse technology. (http://www.eclipse.org)