addUserToDefaultRole command
Use the addUserToDefaultRole command to add a user to the default roles for a local bus.
如果要執行這個指令,請使用 wsadmin Scripting 用戶端的 AdminTask 物件。
wsadmin Scripting 用戶端是從 Qshell 執行.
如需相關資訊,請參閱利用 wsadmin Script 配置 Qshell 來執行 WebSphere Script.
只有在搭配 WebSphere® Application Server 7.0 版或更新版本應用程式伺服器使用時,這個指令才有效。 請勿搭配較舊的版本來使用它。
- 如需 Jython 中可用的服務整合匯流排安全指令清單,以及每個指令的簡要說明,請在 wsadmin 提示下,輸入下列指令:
print AdminTask.help('SIBAdminBusSecurityCommands')
- 如需給定指令的概觀說明,請在 wsadmin 提示下,輸入下列指令:
print AdminTask.help('command_name')
AdminConfig.save()
Purpose
Use the addUserToDefaultRole command to grant a user default access to all local bus destinations for the specified roles. Adding a user to the default role does not grant access to local destinations where the inheritance of default access is disallowed. To grant access to a local destination where inheritance is disallowed, you must add the user to a destination role. For more information, see addUserToDestinationRole command.
You can use this command to define the access control policy for a messaging resource that does not yet exist. This approach ensures that the messaging resource is secure from the moment it is created.
Target object
None.
Required parameters
- -bus busName
- The name of the local bus. You can use the listSIBuses command to list the names of existing buses.
- -role roleType
- The role type to which you want to assign the user. You can assign
a user to the following role types:
- Sender
- This role type is authorized to send messages to destinations on the local bus.
- Receiver
- This role type is authorized to receive messages from destinations on the local bus.
- Browser
- This role type is authorized to browse messages on destinations on the local bus.
- Creator
- This role type is authorized to create messages on destinations on the local bus.
- -user userName
- The name of a user you want to add to the bus connector role for the local bus.
Conditional parameters
None.
Optional parameters
- -uniqueName uniqueName
- 請指定在使用者登錄中,用來唯一定義使用者的名稱。 如果 LDAP 使用者登錄在使用中,唯一名稱就是使用者的識別名稱 (DN)。 您可以指定 -uniqueName 和 -user 的值,但您必須確定它們識別相同的使用者。指令不會檢查值是否相符。
Examples
The following example adds a user called User1 to the sender role type for a bus called Bus1.
AdminTask.addUserToDefaultRole ('[-bus Bus1 -role Sender -user User1]')