Automating authorization group configurations using wsadmin scripting

The scripting library provides Jython script procedures to assist in automating your environment. Use the authorization groups scripts create, configure, remove and query your authorization group configuration.

Before you begin

Before you can complete this task, you must install an application server in your environment.

About this task

스크립트 라이브러리는 가장 일반적인 애플리케이션 서버 관리 기능을 자동화하는 프로시저 세트를 제공합니다. Jython 스크립트 라이브러리를 사용하는 방법에는 다음 세 가지가 있습니다.
  • wsadmin 도구를 사용하여 대화식 모드에서 Jython 스크립트 라이브러리의 스크립트를 실행합니다. wsadmin 도구를 실행한 후 다음 구문을 사용하여 스크립트 라이브러리에 포함된 개별 스크립트를 실행할 수 있습니다.
    wsadmin>AdminServerManagement.createApplicationServer("myNode", "myServer", "default")
  • 문서 편집기를 사용하여 다음 샘플에 표시된 것과 같이 Jython 스크립트 라이브러리의 여러 스크립트를 결합합니다.
    #
    # My Custom Jython Script - file.py
    #
    AdminServerManagement.createApplicationServer("myNode", "Server1", "default")
    AdminServerManagement.createApplicationServer("myNode", "Server2", "default")
    
    # Use one of them as the first member of a cluster
    AdminClusterManagement.createClusterWithFirstMember("myCluster", "APPLICATION_SERVER", "myNode", "Server1")
    
    # Add a second member to the cluster
    AdminClusterManagement.createClusterMember("myCluster", "myNode", "Server3")
    
    # Install an application
    AdminApplication.installAppWithClusterOption("DefaultApplication",
        "..\installableApps\DefaultApplication.ear", "myCluster") 
    
    # Start all servers and applications on the node
    AdminServerManagement.startAllServers("myNode")
    사용자 정의 스크립트를 저장한 후 다음 구문 데모에 표시된 것과 같이 명령행에서 이 스크립트를 실행합니다.
    bin>wsadmin -language jython -f path/to/your/jython/file.py
  • 샘플 구문과 같이 Jython 스크립트 라이브러리 코드를 사용하여 사용자 정의 스크립트를 작성합니다. 스크립트 라이브러리의 각 스크립트 예제는 wsadmin 스크립트를 작성하는 우수 사례를 보여 줍니다. 스크립트 라이브러리 코드는 app_server_root/scriptLibraries 디렉토리에 있습니다. 이 디렉토리에서 스크립트는 기능에 따라 서브디렉토리로 구성됩니다. 예를 들어, app_server_root/scriptLibraries/application/V70 서브디렉토리에는 버전 7.0 이상 제품에 적용 가능한 애플리케이션 관리 태스크를 수행하는 프로시저가 있습니다.스크립트 라이브러리 경로의 서브디렉토리 V70은 해당 서브디렉토리의 스크립트가 버전 7.0 스크립트임을 의미하지 않습니다.
The authorization group management procedures in scripting library are located in the app_server_root/scriptLibraries/security/V70 subdirectory. Each script from the directory automatically loads when you launch the wsadmin tool. To automatically load your own Jython scripts (*.py) when the wsadmin tool starts, create a new subdirectory and save existing automation scripts under the app_server_root/scriptLibraries directory.
우수 사례 우수 사례: To create custom scripts using the scripting library procedures, save the modified scripts to a new subdirectory to avoid overwriting the library. Do not edit the script procedures in the scripting library.bprac

You can use the AdminAuthorizations.py scripts to perform multiple combinations of authorization group administration functions. Use the following steps to create an authorization group, adds resources to the group, and assigns user roles.

Procedure

  1. Optional: wsadmin 스크립트 도구를 시작하십시오.
    Use this step to launch the wsadmin tool and connect to a server. If you launch the wsadmin tool, use the interactive mode examples to run scripts. Alternatively, you can run each script individually without launching the wsadmin tool.
    • Enter the following command from the bin directory to launch the wsadmin tool and connect to a server:
      bin>wsadmin -lang jython
    When the wsadmin tool launches, the system loads each script from the scripting library.
  2. Create an authorization group.
    Use the createAuthorizationGroup script to create a new authorization group in your configuration, as the following example demonstrates:
    bin>wsadmin -lang jython -c "AdminAuthorizations.createAuthorizationGroup("myAuthGroup")"
    You can also use interactive mode to run the script procedure, as the following example demonstrates:
    wsadmin>AdminAuthorizations.createAuthorizationGroup("myAuthGroup")
  3. Add resources to the new authorization group.
    Use the addResourceToAuthorizationGroup script to add resources. You can create a file-grained administrative authorization groups by selecting administrative resources to be part of the authorization group, as the following example demonstrates:
    bin>wsadmin -lang jython -c "AdminAuthorizations.addResourceToAuthorizationGroup("myAuthGroup", "Node=myNode:Server=myServer")"
    You can also use interactive mode to run the script procedure, as the following example demonstrates:
    wsadmin>AdminAuthorizations.addResourceToAuthorizationGroup("myAuthGroup", "Node=myNode:Server=myServer")
  4. Assign users to the administrative role for the authorization group.
    Use the mapUsersToAdminRole script to assign one or more users to the administrative role for the resources in the authorization group. You can assign users for the authorization group to the administrator, configurator, deployer, operator, monitor, adminsecuritymanager, and iscadmins administrative roles. The following example maps the user01, user02, and user03 users as administrators for the resources in the authorization group:
    bin>wsadmin -lang jython -c "AdminAuthorizations.mapUsersToAdminRole("myAuthGroup", "administrator", "user01 user02 user03")"
    You can also use interactive mode to run the script procedure, as the following example demonstrates:
    wsadmin>AdminAuthorizations.mapUsersToAdminRole("myAuthGroup", "administrator", "user01 user02 user03")

Results

The wsadmin script libraries return the same output as the associated wsadmin commands. For example, the AdminServerManagement.listServers() script returns a list of available servers. The AdminClusterManagement.checkIfClusterExists() script returns a value of true if the cluster exists, or false if the cluster does not exist. If the command does not return the expected output, the script libraries return a 1 value when the script successfully runs. If the script fails, the script libraries return a -1 value and an error message with the exception.

By default, the system disables failonerror option. To enable this option, specify true as the last argument for the script procedure, as the following example displays:
wsadmin>AdminApplication.startApplicationOnCluster("myApplication","myCluster","true")

What to do next

Create custom scripts to automate your environment by combining script procedures from the scripting library. Save custom scripts to a new subdirectory of the app_server_root/scriptLibraries directory.


주제 유형을 표시하는 아이콘 태스크 주제



시간소인 아이콘 마지막 업데이트 날짜: July 9, 2016 6:14
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=cord&product=was-nd-mp&topic=txml_7libsecurity
파일 이름:txml_7libsecurity.html