You can use properties files to create, modify, or delete Java Authentication and Authorization
Service (JAAS) configuration entry properties.
Before you begin
Determine the changes that you want to make to your JAAS
configuration entry object or its properties.
Start the wsadmin
scripting tool. To start wsadmin using the Jython language, run the wsadmin
-lang Jython command from the bin directory
of the server profile.
About this task
Using a properties file, you can create, modify, or delete
a JAAS configuration entry object.
Run administrative commands
using wsadmin to create or change a properties file for a JAAS configuration
entry, validate the properties, and apply them to your configuration.
Table 1. Actions for JAAS configuration
entry properties files. You can create, modify, and delete
JAAS properties.
Action |
Procedure |
create |
Set required properties and then run the applyConfigProperties
command. |
modify |
Edit required properties and then run the applyConfigProperties
command.. |
delete |
Run the deleteConfigProperties command to delete
a property. If the deleted property has a default value, the property
is set to the default value. To delete the entire JAASConfigurationEntry
object, uncomment #DELETE=true and then run the deleteConfigProperties
command. |
create Property |
Not applicable |
delete Property |
Not applicable |
Optionally, you can use interactive mode with the commands:
AdminTask.command_name('-interactive')
Procedure
- Create a JAASConfigurationEntry properties file.
- Set JAASConfigurationEntry properties as needed.
You can add a new JAAS configuration entry under either systemLoginConfiguration or applicationLoginConfiguration.
Open
an editor and create a properties file for a JAASConfigurationEntry
object. The following example uses systemLoginConfiguration to
add a new JAAS configuration entry:
#
# Header
#
ResourceType=JAASConfigurationEntry
ImplementingResourceType=Security
ResourceId=Cell=!{cellName}:Security=:JAASConfiguration=systemLoginConfig#:JAASConfigurationEntry=
alias#myJAAS
#DELETE=true
#
#
#Properties
#
alias=myJAAS #required
#
# Header JAASLoginModule
#
ResourceType=JAASLoginModule
ImplementingResourceType=Security
ResourceId=Cell=!{cellName}:Security=:JAASConfiguration=systemLoginConfig#:JAASConfigurationEntry=
alias#myJAAS:JAASLoginModule=moduleClassName#com.acme.myLoginModule
AttributeInfo=loginModules
#DELETE=true
#
#
#Properties
#
callbackHandlerClassName=null
moduleClassName=com.acme.myLoginModule #required
authenticationStrategy=REQUIRED #ENUM(OPTIONAL|REQUISITE|REQUIRED|SUFFICIENT),de
fault(REQUIRED)
#
# Header JAASLoginModule options
#
ResourceType=JAASLoginModule
ImplementingResourceType=Security
ResourceId=Cell=!{cellName}:Security=:JAASConfiguration=systemLoginConfig#:JAASConfigurationEntry=
alias#myJAAS:JAASLoginModule=moduleClassName#com.acme.myLoginModule
AttributeInfo=options(name,value)
#
#
#Properties
#
myProp=myValue
#
# Header JAASLoginModule Another module
#
ResourceType=JAASLoginModule
ImplementingResourceType=Security
ResourceId=Cell=!{cellName}:Security=:JAASConfiguration=systemLoginConfig#:JAASConfigurationEntry=
alias#myJAAS:JAASLoginModule=moduleClassName#com.acme.myAnotherLoginModule
AttributeInfo=loginModules
#DELETE=true
#
#
#Properties
#
callbackHandlerClassName=null
moduleClassName=com.acme.myAnotherLoginModule #required
authenticationStrategy=REQUIRED #ENUM(OPTIONAL|REQUISITE|REQUIRED|SUFFICIENT),de
fault(REQUIRED)
#
# Header JAASLoginModule options
#
ResourceType=JAASLoginModule
ImplementingResourceType=Security
ResourceId=Cell=!{cellName}:Security=:JAASConfiguration=systemLoginConfig#:JAASConfigurationEntry=
alias#myJAAS:JAASLoginModule=moduleClassName#com.acme.myAnotherLoginModule
AttributeInfo=options(name,value)
#
#
#Properties
#
myProp=myValue
EnvironmentVariablesSection
#Environment Variables
cellName=myCell
- Run the applyConfigProperties command to create or change
a JAAS configuration entry.
Running the applyConfigProperties
command applies the properties file to the configuration. In this
Jython example, the optional -reportFileName parameter
produces a report named report.txt:
AdminTask.applyConfigProperties(['-propertiesFileName myObjectType.props -reportFileName report.txt '])
- Modify an existing properties file.
- Obtain a properties file for the JAASConfigurationEntry
that you want to change.
You can extract a properties
file for a JAASConfigurationEntry object using the extractConfigProperties
command.
- Open the properties file in an editor and change the
properties as needed.
Ensure that the environment variables
in the properties file match your system.
- Run the applyConfigProperties command.
- If you no longer need the JAAS configuration entry object
or an existing property, you can delete the entire JAAS object or
one or more properties.
Results
You can use the properties file to configure and manage
the JAAS configuration entry object and its properties.
What to do next
Save the changes to your configuration.