Enabling the SPNEGO TAI as JVM custom property using scripting

You use the wsadmin utility to enable the Simple and Protected GSS-API Negotiation Mechanism (SPNEGO) trust association interceptor (TAI) for WebSphere Application Server.

Before you begin

Before starting this task, the wsadmin tool must be running. See the Starting the wsadmin scripting client article for more information.

About this task

Perform the following steps to enable the SPNEGO TAI:

Procedure

  1. Identify the server and assign it to the server1 variable:
    • Using Jacl:

      set server1 [$AdminConfig getid /Cell:mycell/Node:mynode/Server:server1/]
    • Using Jython:
      server1 = AdminConfig.getid("/Cell:mycell/Node:mynode/Server:server1/")
      print server1
    Example output:
    server1(cells/mycell/nodes/mynode|servers/seerver1|server.xml#Server_1)
  2. Identify the Java virtual machine (JVM) belonging to this server and assign it to the jvm variable:
    • Using Jacl:

      set jvm [$AdminConfig list JavaVirtualMachine $server1]
    • Using Jython:
      jvm = AdminConfig.list('JavaVirtualMachine',server1)
    Example output:
    (cells/mycell/nodes/mynode/servers/server1:server.xml#JavaVirtualMachine_1)
    (cells/mycell/nodes/mynode/servers/server1:server.xml#JavaVirtualMachine_2)
    
  3. Identify the controller JVM of the server:
    • Using Jacl:

      set cjvm [lindex $jvm 0]
      
    • Using Jython:
      # get line separator
      import java
      lineSeparator = java.lang.System.getProperty('line.separator')
      arrayJVMs = jvm.split(lineSeparator)
      cjvm = arrayJVMs[0]
      
  4. Modify the generic JVM arguments to enable SPNEGO TAI:
    • Using Jacl:

      set attr_name          	[list name com.ibm.ws.security.spnego.isEnabled] 
      set attr_value         	[list value true] 
      set attr_required      	[list required false] 
      set attr_description    [list description "Enabled SPNEGO TAI"]
      
      set attrs [list $attr_name $attr_value $attr_required $attr_description]
      
      $AdminConfig create Property $cjvm $attrs
    • Using Jython:
      attr_name  = ['name', "com.ibm.ws.security.spnego.isEnabled"]
      attr_value = ['value', "true"]
      attr_required = ['required', "false"]
      attr_description = ['description', "Enabled SPNEGO TAI"]
      attr_list = [attr_name, attr_value, attr_required, attr_description]
      property=['systemProperties',[attr_list]]
      AdminConfig.modify(cjvm, [property])
  5. Save the configuration changes. See the Saving configuration changes with the wsadmin tool article for more information.
  6. In a network deployment environment only, synchronize the node. See the Synchronizing nodes with the wsadmin tool article for more information.



In this information ...


IBM Redbooks, demos, education, and more

(Index)

Use IBM Suggests to retrieve related content from ibm.com and beyond, identified for your convenience.

This feature requires Internet access.

Task topic    

Terms of Use | Feedback

Last updated: Feb 19, 2011 5:25:36 AM CST
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=v610web&product=was-nd-mp&topic=tsec_SPNEGO_tai_enable
File name: tsec_SPNEGO_tai_enable.html