addGroupToDefaultRole command

Use the addGroupToDefaultRole command to add a group to the default roles for a local bus.

如果要執行這個指令,請使用 wsadmin Scripting 用戶端AdminTask 物件

[IBM i][IBM i]wsadmin Scripting 用戶端是從 Qshell 執行. [IBM i]如需相關資訊,請參閱利用 wsadmin Script 配置 Qshell 來執行 WebSphere Script.

只有在搭配 WebSphere® Application Server 7.0 版或更新版本應用程式伺服器使用時,這個指令才有效。 請勿搭配較舊的版本來使用它。

服務整合匯流排指令有指令行說明:
  • 如需 Jython 中可用的服務整合匯流排安全指令清單,以及每個指令的簡要說明,請在 wsadmin 提示下,輸入下列指令:

    print AdminTask.help('SIBAdminBusSecurityCommands')

  • 如需給定指令的概觀說明,請在 wsadmin 提示下,輸入下列指令:

    print AdminTask.help('command_name')

使用指令之後,請利用下列指令,儲存對主要配置所做的變更:

AdminConfig.save()

Purpose

Use the addGroupToDefaultRole command to grant a group default access to all local bus destinations for the specified roles. Adding a group to the default role does not grant access to local destinations where the inheritance of default access is disallowed. To grant access to a local destination where inheritance is disallowed, you must add the group to a destination role. For more information, see addGroupToDestinationRole command.

You can use this command to define the access control policy for a messaging resource that does not yet exist. This approach ensures that the messaging resource is secure from the moment it is created.

Target object

None.

Required parameters

-bus busName
The name of the local bus. You can use the listSIBuses command to list the names of existing buses.
-role roleType
The role type to which you want to assign the group. You can assign a group to the following role types:
Sender
This role type is authorized to send messages to destinations on the local bus.
Receiver
This role type is authorized to receive messages from destinations on the local bus.
Browser
This role type is authorized to browse messages on destinations on the local bus.
Creator
This role type is authorized to create messages on destinations on the local bus.
-group groupName
The name of a group you want to add to default roles for the local bus. You can type a specific group name, or use one of the following specialized group names:
Server
This group contains application servers.
AllAuthenticated
This group contains authenticated users only.
Everyone
This group contains all users. Each user is anonymous.

Conditional parameters

None.

Optional parameters

-uniqueName uniqueName
請指定在使用者登錄中,用來唯一定義群組的名稱。 如果 LDAP 使用者登錄在使用中,唯一名稱就是群組的識別名稱 (DN)。 您可以指定 -uniqueName-group 的值,但您必須確定它們識別相同的群組。指令不會檢查值是否相符。

Examples

The following example adds a group with the group name Group1, and the unique name SalesGroup, to the sender role type for a bus called Bus1.

AdminTask.addGroupToDefaultRole ('[-bus Bus1 -role Sender -group Group1 uniqueName SalesGroup]')

The following example adds the AllAuthenticated group to the browser role for a bus called Bus1.

AdminTask.addGroupToDefaultRole ('[-bus Bus1 -role Browser -group AllAuthenticated]')

指出主題類型的圖示 參照主題



時間戳記圖示 前次更新: July 9, 2016 11:12
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=cord&product=was-nd-mp&topic=rjr_add_gp_default_role
檔名:rjr_add_gp_default_role.html