Creating application-specific and trust service-specific bindings using the wsadmin tool
You can use the Jython or Jacl scripting language to create application-specific and trust service-specific bindings to match your installation environment or requirements.
Before you begin
Administrative role | Authorization |
---|---|
Administrator | The Administrator role must have cell-wide access to configure bindings. If you have access to a specific resource only, you can configure bindings for the resource for which you have access. Only the Administrator role can configure binding attributes. |
Configurator | The Configurator role with cell-wide or resource specific access can assign or unassign bindings, but cannot edit attributes. |
Deployer | The Deployer role with cell-wide or resource specific access can assign or unassign bindings, but cannot edit attributes. |
Operator | The Operator role can view, but cannot configure bindings. |
Monitor | The Monitor role can view, but cannot configure bindings. |
About this task
Policy set bindings specify the details about how your quality of service (QoS) is configured. For example, a policy set attachment determines that sign, encrypt, or reliable messaging should be enabled. The policy set binding specifies how the protection is configured, for example, the path of the keystore file, the class name of the token generator, or the Java™ Authentication and Authorization Service (JAAS) configuration name.
For application policy sets, you can specify the policy set bindings at the cell-level using default binding configurations, at the application level using application-specific binding configurations, or at the cell-level with general bindings. Server-level default bindings are deprecated. If no binding information is specified during policy set attachment, the policy set inherits the default binding. You can specify a general binding as the default for a server instead of server-default bindings.
For system policy sets, you can specify the bindings at the cell-level and the server-level. The available bindings for system policy sets are the TrustServiceSymmetricDefault and TrustServiceSecurityDefault bindings. If no custom binding information is specified by the attachment, the resources inherit the TrustServiceSymmetricDefault or TrustServiceSecurityDefault binding.

為了支援混合 Cell 的環境,WebSphere Application Server 支援 7.0 版和 6.1 版連結。 一般的 Cell 層次連結專用於 7.0 版及更新的版本,應用程式特定連結保持應用程式所需要版本。 當使用者建立應用程式專用連結時,應用程式伺服器會判斷供應用程式使用所需要的連結版本。
- 如果要顯示或修改預設的 6.1 版連結、7.0 版和信任服務連結,或要由應用程式的附件來參照連結,請在 getBinding 或 setBinding 指令中指定 attachmentId 和 bindingLocation 參數。
- 如果要使用或修改一般 7.0 版及更新版本的連結,請在 getBinding 或 setBinding 指令中指定 bindingName 參數。
- 如果要顯示特定連結的版本,請指定 getBinding 指令的 version 屬性。
- 應用程式中的模組安裝在至少一部 Web Services Feature Pack 伺服器上。
- 應用程式包含至少一個 6.1 版應用程式特定連結。 應用程式伺服器未將一般連結指派給 Web Services Feature Pack 伺服器上所安裝之應用程式的資源附件。 應用程式的所有應用程式特定連結都必須在相同層次。
- 伺服器層次預設值
- 安全網域層次預設值
- 廣域安全 (Cell) 預設值
本產品所提供的一般連結範例,最初設定為廣域安全 (Cell) 預設連結。 如果沒有指派任何應用程式特定連結或信任服務連結給原則集附件,則會使用預設服務提供者連結和預設服務用戶端連結。 如果是信任服務附件,在未指派任何信任特定連結的情況下,會使用預設連結。如果不要使用提供的「提供者範例」作為預設服務提供者連結,您可以選取現有的一般提供者連結,或建立新的一般提供者連結,以符合您的商業需求。 同樣地,如果不要使用提供的「用戶端範例」作為預設服務用戶端連結,您可以選取現有的一般用戶端連結,或建立新的一般用戶端連結。