The com.tivoli.pd.jcfg.PDJrteCfg utility configures Tivoli Access
Manager Runtime for Java. This component enables WebSphere Application Server
to use Tivoli Access Manager security.
Purpose
Important: If you are using the WebSphere Application Server Network
Deployment product, run the pdjrtecfg utility first on the deployment manager.
Then, run the script on the other nodes in the cell.
Steps
To run the pdjrtecfg script,
perform the following steps:
- Log into your system with a user profile and the all object (*ALLOBJ)
authority.
- On the command line, enter the Start Qshell (STRQSH) command.
- Change to the /bin subdirectory of WebSphere Application Server.
For example:
cd app_server_rootND/bin
- Run the script. For example:
pdjrtecfg -action config -profileName myprofile
-host mypolicy.mycompany.com -config_type full
The previous example
was split onto multiple lines for illustrative purposes only.
Syntax
java com.tivoli.pd.jcfg.PDJrteCfg -action {config | unconfig} -host policy_server_host -was -java_home jre_path
Syntax
java com.tivoli.pd.jcfg.PDJrteCfg -action {config | unconfig} -cfgfiles_path
configuration_file_path -host policy_server_host -was -java_home jre_path
Syntax
The following syntax diagram
shows the usage of the pdjrtecfg script:
pdjrtecfg
-action config
-profileName profile_name
-host policy_server_name
-config_type { full | standalone
-cfgfiles_path configuration_file_path
-action unconfig
-profileName profile_name
Parameters
- -action {config|unconfig}
- Specifies the action to be performed. Actions include:
- config
- Use to configure the Tivoli Access Manager Runtime for Java component.
- unconfig
- Use to reconfigure the Tivoli Access Manager Runtime for Java component.
- -cfgfiles_path
- Specifies where the generated configuration files will be placed.
Note: This parameter is required.
- -config_type {full|standalone}
- Specifies the configuration type of Tivoli Access Manager Runtime for
Java. Specify full or standalone with this argument. This
option is required.
- -host policy_server_host
- Specifies the policy server host name.
Valid values for policy_server_host include
any valid IP host name.
Examples include:
host = libra
host = libra.dallas.ibm.com
- -was
- Notifies Tivoli Access Manager Runtime for Java that the WebSphere Application
Server version is being configured so it is not necessary to perform certain
steps such as copying the Java security jar files and PD.jar file since they
were already placed in the appropriate directory by the WebSphere Application
Server installer.
- -profileName
- Specifies the name of the WebSphere Application Server profile. If not
specified, the default profile is used.
- -java_home jre_path
- Specifies the fully qualified path to the Java runtime (such as the directory
ending in jre). If this parameter is not specified, the home directory for
the jre in the PATH statement is used. If the home directory for the jre is
not in the PATH statement, this utility can create an incorrect parameter
in the output files.
Comments
This command copies Tivoli Access Manager
Java libraries to a library extensions directory that exists for a Java runtime
that has already been installed on the system.
You can install more
than one Java Runtime Environment (JRE) on a given machine. The pdjrtecfg command
can be used to configure the Tivoli Access Manager Runtime for Java component
independently for each of the JRE configurations.
Example
${JAVA_HOME}/bin/java
-Dfile.encoding=ISO8859-1 \
-Dws.output.encoding=CP1047 \
-Xnoargsconversion \
-Dpd.home=${WAS_HOME}/java/jre/PolicyDirector \
-cp ${WAS_HOME}/java/jre/lib/ext/PD.jar \
com.tivoli.pd.jcfg.PDJrteCfg \
-action config \
-cfgfiles_path ${WAS_HOME}/java/jre \
-host gary.us.ibm.com \
-java_home ${JAVA_HOME}
where:
- -Dws.output.encoding
- Is used to enable z/OS to display all of its messages and errors in a
readable format.
- -Dpd.home
- Indicates where Tivoli Access Manager Runtime for Java has been installed.
For WebSphere Application Server, this is java.home/PolicyDirector