![[z/OS]](../images/ngzos.gif)
removeMapPlatformSubject script
If you want to use distributed identity mapping for System Authorization Facility (SAF), use the removeMapPlatformSubject Jython script that is provided to remove the unnecessary Java™ Authentication and Authorization Service (JAAS) login module, MapPlatformSubject, from the security configuration.
The removeMapPlatformSubject script searches for and removes the com.ibm.ws.security.common.auth.module.MapPlatformSubject JAAS login module from these login entries: DEFAULT, WEB_INBOUND, RMI_INBOUND, SWAM_ZOSMAPPING. You can run this script for the global security configuration or for a specific security domain.
Syntax
wsadmin.sh -conntype NONE -lang jython -f
/path/to/script/removeMapPlatformSubject.py [options]
Running this script with no options updates the global security configuration.
Parameters
The following options are available for the removeMapPlatformSubject script:
- -securityDomain <securityDomainName>
- Specifies that you want to update only the specified security domain. If this option is not specified, the global security configuration is updated.
- -scripthelp
- Specifies that you want to see a description of the syntax and options that are available. A –trace option is also available for debug purposes. The debug output is sent to the stdout stream.
- –trace
- Specifies that you want to create a trace that you can use to debug a problem with the application of this function. The trace output is sent to the stdout stream.
Usage scenarios
The following examples demonstrate correct syntax.
Use this example to remove the login module from the global security configuration:
wsadmin.sh -conntype NONE -lang jython -f
/WebSphere/AppServer/bin/removeMapPlatformSubject.py
wsadmin.sh -conntype NONE -lang jython -f
/WebSphere/AppServer/bin/removeMapPlatformSubject.py
-securityDomain server2Domain