If you want to use distributed identity mapping for System Authorization Facility (SAF), use the removeMapPlatformSubject Jython script that is provided to remove the unnecessary Java Authentication and Authorization Service (JAAS) login module, MapPlatformSubject, from the security configuration.
The removeMapPlatformSubject script searches for and removes the com.ibm.ws.security.common.auth.module.MapPlatformSubject JAAS login module from these login entries: DEFAULT, WEB_INBOUND, RMI_INBOUND, SWAM_ZOSMAPPING. You can run this script for the global security configuration or for a specific security domain.
wsadmin.sh -conntype NONE -lang jython -f
/path/to/script/removeMapPlatformSubject.py [options]
Running this script with no options updates the global security configuration.
The following options are available for the removeMapPlatformSubject script:
The following examples demonstrate correct syntax.
Use this example to remove the login module from the global security configuration:
wsadmin.sh -conntype NONE -lang jython -f
/WebSphere/AppServer/bin/removeMapPlatformSubject.py
wsadmin.sh -conntype NONE -lang jython -f
/WebSphere/AppServer/bin/removeMapPlatformSubject.py
-securityDomain server2Domain