Use the wsadmin tool, which supports the Jython and Jacl
scripting languages, to edit policy configurations for your policy
sets.
Before you begin
Before you use the commands in this topic, verify
that you are using the most recent version of the wsadmin tool. The
policy set management commands that accept a properties object as
the value for the attributes or bindingLocation parameters
are not supported on previous versions of the wsadmin tool. For example,
the commands do not run on a Version 6.1.0.x node.
When
administrative security is enabled, verify that you use the correct
administrative role, as the following table describes:
Table 1. Administrative roles . This table describes
the administrative roles and associated authorization when administrative
security is enabled.
Administrative role |
Authorization |
Administrator |
The Administrator role must have cell-wide access
to modify policies. |
Configurator |
The Configurator role cannot modify policies. |
Deployer |
The Deployer role cannot modify policies. |
Operator |
The Operator role cannot modify policies. |
Monitor |
The Monitor role cannot modify policies. |
About this task
Policies define the type of policy to manage within a
policy set. Policies are based on the Quality of Services (QoS), such
as Web Services Security (WS-Security) and Web Services Addressing
(WS-Addressing). Policy definitions are based on the standards set
by the Organization for the Advancement of Structured Information
(OASIS) and WS-Security specifications.
Use the following steps
to edit existing policies in your policy set configurations:
Procedure
- Launch the wsadmin scripting tool using the Jython scripting
language
To learn more, see the starting the wsadmin scripting
client information.
- Determine which policy set to edit.
To view
a list of policies on a policy set, enter the listPolicyTypes command,
specifying the policy set of interest.
AdminTask.listPolicyTypes('[-policySet PolicySet1]')
Enter
the listPolicyTypes command without the policySet parameter to view
a list of available policies for all policy sets in your configuration:
AdminTask.listPolicyTypes()
- Review the policy attributes to edit.
Enter
the getPolicyType command, specifying the policy and associated policy
set of interest.
AdminTask.getPolicyType('[-policySet PolicySet1 -policyType myPolicyType]')
- Modify the policy attributes.
Use the setPolicyType
command to update the policy configuration. Update one or multiple
attributes by passing a properties object for the -attributes parameter.
The properties for the -attributes parameter are dependent on the
policy type specified in the -policyType parameter. The following
example modifies the enabled and provides properties:
AdminTask.setPolicyType('[-policySet PolicySet1 -policyType myPolicyType
-attributes "[[enabled true][provides security]]"')
- Save the configuration changes.
Enter the
following command to save your changes:
AdminConfig.save()
- For your configuration changes to take effect, restart
all applications with attachments to the policy set.
What to do next
Use the validatePolicySet to validate your policy set
configurations after modifying attributes for policies. For example,
enter the following command to validate the
PolicySet1 policy
set:
AdminTask.validatePolicySet('-policySet PolicySet1')