Adding and removing token provider custom properties using wsadmin scripting
Use the wsadmin tool, which supports the Jython and Jacl scripting languages, to administer the trust service. Use this topic to set internal system configuration properties for your token provider configuration by adding or removing custom properties.
Before you begin
About this task
Procedure
- Add new custom properties to a specific token provider
configuration.
Use the updateSTSTokenTypeConfiguration command to add or update custom properties to your token provider configuration. Do not use the updateSTSTokenTypeConfiguration command to remove custom properties. If you specify the -distributedCache parameter, the security context token provider generates a warning and modifies the WS-Security distributed cache configuration. Do not specify a value for the -distributedCache parameter for custom tokens.
- Launch a scripting command. To learn more, see the starting the wsadmin scripting client information.
- Determine the token provider configuration to edit. Enter the following command to view a list of the names for each configured token provider:
AdminTask.listSTSConfiguredTokenTypes()
- Review the configured custom properties for the token
provider of interest. Enter the following command to view a properties object containing custom configuration data for the Security Context Token token provider:
AdminTask.querySTSTokenTypeConfigurationCustomProperties('Security Context Token')
- Add custom properties to the token provider configuration. Use the updateSTSTokenTypeConfiguration command to add the configuration data for the Security Context Token token provider. Use the following example to add the com.ibm.ws.security.webChallengeIfCustomSubjectNotFound custom property with a value of false and the com.ibm.ws.security.defaultLoginConfig custom property with a value of system.DEFAULT to the configuration:
The command returns a message indicating the success or failure of the operation.AdminTask.updateSTSTokenTypeConfiguration('Security Context Token', '[-customProperties [[com.ibm.ws.security.webChallengeIfCustomSubjectNotFound false] [com.ibm.ws.security.defaultLoginConfig system.DEFAULT]] ]')
- Save your configuration changes. Use the following command to save your changes:
AdminConfig.save()
- Reload the modified configuration changes. Use the following command to force the trust service to reload your modified configuration without restarting the application server.
AdminTask.refreshSTS()
- Edit custom properties for a specific token provider configuration.
- View configured custom properties for the token provider
of interest. Enter the following command to view a properties object containing custom configuration data for the Security Context Token token provider:
AdminTask.querySTSTokenTypeConfigurationCustomProperties('Security Context Token')
- Modify the configuration data for the token provider
of interest. Use the updateSTSTokenTypeConfiguration command to modify the existing configuration data for the Security Context Token token provider. This example specifies that the Security Context Token token provider configuration includes the com.ibm.ws.security.webChallengeIfCustomSubjectNotFound custom property with a value of false and the com.ibm.ws.security.defaultLoginConfig custom property with a value of system.DEFAULT. Use the following command to change the value of the com.ibm.ws.security.defaultLoginConfig custom property from system.DEFAULT to system.CUSTOM, and does not change any other configured custom properties:
The command returns a message indicating the success or failure of the operation.AdminTask.updateSTSTokenTypeConfiguration('Security Context Token', '[-customProperties [[com.ibm.ws.security.defaultLoginConfig system.CUSTOM]]]')
- Save your configuration changes. Use the following command to save your changes:
AdminConfig.save()
- Reload the modified configuration changes. Use the following command to force the trust service to reload your modified configuration without restarting the application server:
AdminTask.refreshSTS()
- View configured custom properties for the token provider
of interest.
- Remove custom properties from token provider configurations.
- View configured custom properties for the token provider
of interest. Enter the following command to view a properties object containing custom configuration data for the Security Context Token token provider:
AdminTask.querySTSTokenTypeConfigurationCustomProperties('Security Context Token')
- Delete the custom property from the token provider configuration. Use the deleteSTSTokenTypeConfigurationCustomProperties command to delete custom properties from your configuration. Specify the names of the custom properties to remove using the propertyNames parameter. If the specified name does not exist in the configuration, no configuration changes are made. The following command removes the com.ibm.ws.security.webChallengeIfCustomSubjectNotFound and com.ibm.ws.security.defaultLoginConfig custom properties from the Security Context Token token provider configuration:
The command returns a message indicating the success or failure of the operation.AdminTask.deleteSTSTokenTypeConfigurationCustomProperties('Security Context Token', '[-propertyNames com.ibm.ws.security.webChallengeIfCustomSubjectNotFound com.ibm.ws.security.defaultLoginConfig]')
- Save your configuration changes. Use the following command to save your changes:
AdminConfig.save()
- Reload the modified configuration changes. Use the following command to force the trust service to reload your modified configuration without restarting the service:
AdminTask.refreshSTS()
- View configured custom properties for the token provider
of interest.
Related tasks:


File name: txml_wsfpcustomtoken.html