Managing existing token providers with scripting

You can use the wsadmin tool, which supports the Jython and Jacl scripting languages, to manage the trust service. Use this topic to modify token provider configuration data, and to add custom properties.

Before you begin

You must have an existing token provider configured in the trust service.

About this task

Use the commands in the STSManagement group of the AdminTask object to modify existing configuration data. This topics includes examples for modifying existing noncustom configuration data.

Procedure

Modify existing configuration data.

Use the updateSTSTokenTypeConfiguration command to update existing properties for a specific token provider configuration.

  1. Determine the token provider configuration to edit.
    Enter the following command to view the list of names of the configured token providers:
    AdminTask.listSTSConfiguredTokenTypes()
  2. Review the current configuration data for the token provider configuration to edit.
    Enter the following command to view a Properties object containing all non-custom configuration data for the myTokenModule token provider:
    AdminTask.querySTSTokenTypeConfigurationDefaultProperties('myTokenModule')
  3. Update the token provider configuration with new configuration data.
    Determine which parameters to update in your configuration, using the following table as a reference:
    Parameter Data type
    LocalName

    Specifies the unique token provider name as the target object of the command.

    String, required
    -HandlerFactory

    Specifies the configuration class name, including package information.

    String, required
    -URI

    Specifies the unique token type schema URI.

    String, required
    -lifetimeMinutes

    Specifies the amount of time, in minutes, that the token is valid.

    Integer, optional

    Default: 120 (minutes)

    Minimum: 10 (minutes)

    -renewalWindowMinutes

    Specifies the amount of time after the token expires during which the token can be renewed.

    Integer, optional

    Default: 120 (minutes)

    Minimum: 10 (minutes)

    -postdatable

    Set to true to specify that tokens of the token provider are valid at a later time. Tokens can be created with or without a future start time.

    Boolean, optional

    Default: false

    -distributedCache

    Set to true to enable distributed cache.

    Boolean, optional

    Default: false

    -renewableAfterExpiration

    Set to true to specify that tokens of the token provider are renewable after expiration.

    Boolean, optional

    Default: false

    -tokenCacheFactory

    Specifies the fully qualified class name for the token provider.

    String, optional
    Default:
    com.ibm.ws.wssecurity.platform.websphere.trust
    .server.sts.ext.cache.STSTokenCacheFactoryImpl
    Use the updateSTSTokenTypeConfiguration command to update the configuration data for the myTokenModule token provider. The following example changes the time that the token is valid from 60 minutes to 100 minutes, disables token renewal after expiration, and enables distributed caching:
    AdminTask.updateSTSTokenTypeConfiguration('myTokenModule','-lifetimeMinutes 100 
    -renewableAfterExpiration false -distributedCache true')
    The command returns a message indicating the success or failure of the operation.
  4. Save your configuration changes.
    Use the following command to save your changes:
    AdminConfig.save()
  5. Reload the modified configuration changes.
    Use the following command to force the trust service to reload your modified configuration without restarting the application server:
    AdminTask.refreshSTS()



In this information ...


IBM Redbooks, demos, education, and more

(Index)

Use IBM Suggests to retrieve related content from ibm.com and beyond, identified for your convenience.

This feature requires Internet access.

Task topic Task topic    

Terms and conditions for information centers | Feedback

Last updatedLast updated: Aug 31, 2013 1:23:07 AM CDT
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=pix&product=was-nd-dist&topic=txml_wsfpmantoken
File name: txml_wsfpmantoken.html