To grant a user or group access to a service integration bus destination, you add them to the appropriate destination role or roles. Use the addUserToDestinationRole and addGroupToDestinationRole commands to add users and groups to destination roles for a local or foreign bus.
To run these commands, use the AdminTask object of the wsadmin scripting client. Each command acts on multiple objects in one operation. The commands are provided to allow you to make the most commonly-required types of update in a consistent manner, where modifying the underlying objects directly would be error-prone.
The wsadmin scripting client is run from
Qshell. For more information, see the topic "Configure Qshell to
run WebSphere Application Server scripts".
These commands
are only valid when used with WebSphere Application Server Version
6 and later application servers. Do not use them with earlier versions.
Command-line help
is provided for service integration bus commands:
wsadmin> $AdminTask help SIBAdminCommands
wsadmin> $AdminTask help command_name
The allowed roles for a destination depend on the type of the destination as defined in Administering destination roles through the command line.
If you are specifying a destinationType that is either foreignDestination or alias, the foreign bus name that you specify must be the name of the foreign bus hosting the destination.
If you specify a destinationType of queue or topic, the foreign bus name is ignored. The authorization is granted against the destination in the local bus.
$AdminTask addUserToDestinationRole
{-type destinationType
-bus busName
-foreignBus foreignBusName
-destination destinationName
-role roleName
-user userName}
$AdminTask addGroupToDestinationRole
{-type destinationType
-bus busName
-foreignBus foreignBusName
-destination destinationName
-role roleName
-group groupName}
Give a user and group send access to a destination:
addUserToDestinationRole { -type queue -bus BusName -destination mydestination -role Sender -user Fred } addGroupToDestinationRole { -type queue -bus BusName -destination mydestination -role Sender -group TheGroup}
Give a user and group access to receive messages from a destination:
addUserToDestinationRole { -type queue -bus BusName -destination mydestination -role Sender -user Fred } addGroupToDestinationRole { -type queue -bus BusName -destination mydestination -role Sender -group TheGroup}
$AdminConfig save