Editing policy configurations using wsadmin scripting

Use the wsadmin tool, which supports the Jython and Jacl scripting languages, to edit policy configurations for your policy sets.

Before you begin

이 주제의 명령을 사용하기 전에 최신 버전의 wsadmin 도구를 사용하고 있는지 확인하십시오. attributes 또는 bindingLocation 매개변수 값으로 특성 오브젝트를 허용하는 정책 세트 관리 명령은 이전 버전의 wsadmin 도구에서 지원되지 않습니다. 예를 들어, 이 명령은 버전 6.1.0.x 노드에서 실행되지 않습니다.

When administrative security is enabled, verify that you use the correct administrative role, as the following table describes:
Table 1. Administrative roles. This table describes the administrative roles and associated authorization when administrative security is enabled.
Administrative role Authorization
Administrator The Administrator role must have cell-wide access to modify policies.
Configurator The Configurator role cannot modify policies.
Deployer The Deployer role cannot modify policies.
Operator The Operator role cannot modify policies.
Monitor The Monitor role cannot modify policies.

About this task

Policies define the type of policy to manage within a policy set. Policies are based on the Quality of Services (QoS), such as Web Services Security (WS-Security) and Web Services Addressing (WS-Addressing). Policy definitions are based on the standards set by the Organization for the Advancement of Structured Information (OASIS) and WS-Security specifications.

Use the following steps to edit existing policies in your policy set configurations:

Procedure

  1. Launch the wsadmin scripting tool using the Jython scripting language To learn more, see the starting the wsadmin scripting client information.
  2. Determine which policy set to edit.
    To view a list of policies on a policy set, enter the listPolicyTypes command, specifying the policy set of interest.
    AdminTask.listPolicyTypes('[-policySet PolicySet1]')
    Enter the listPolicyTypes command without the policySet parameter to view a list of available policies for all policy sets in your configuration:
    AdminTask.listPolicyTypes()
  3. Review the policy attributes to edit.
    Enter the getPolicyType command, specifying the policy and associated policy set of interest.
    AdminTask.getPolicyType('[-policySet PolicySet1 -policyType myPolicyType]')
  4. Modify the policy attributes.

    Use the setPolicyType command to update the policy configuration. Update one or multiple attributes by passing a properties object for the -attributes parameter. The properties for the -attributes parameter are dependent on the policy type specified in the -policyType parameter. The following example modifies the enabled and provides properties:

    AdminTask.setPolicyType('[-policySet PolicySet1 -policyType myPolicyType
     -attributes "[[enabled true][provides security]]"')
  5. Save the configuration changes.
    Enter the following command to save your changes:
    AdminConfig.save()
  6. For your configuration changes to take effect, restart all applications with attachments to the policy set.

What to do next

Use the validatePolicySet to validate your policy set configurations after modifying attributes for policies. For example, enter the following command to validate the PolicySet1 policy set:
AdminTask.validatePolicySet('-policySet PolicySet1')

주제 유형을 표시하는 아이콘 태스크 주제



시간소인 아이콘 마지막 업데이트 날짜: July 9, 2016 6:15
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=cord&product=was-nd-mp&topic=txml_wsfpeditpolicytypes
파일 이름:txml_wsfpeditpolicytypes.html