You can use the Jython or Jacl scripting language to delete
a custom application or system policy set binding from your configuration.
You cannot delete cell-level default bindings.
Before you begin
Before you use the commands in this topic, verify
that you are using the most recent version of the wsadmin tool. The
policy set management commands that accept a properties object as
the value for the attributes or bindingLocation parameters
are not supported on previous versions of the wsadmin tool. For example,
the commands do not run on a Version 6.1.0.x node.
When
administrative security is enabled, verify that you use the correct
administrative role, as the following table describes:
Table 1. Administrative
roles . The administrative role determines if you can delete
or modify bindings.
Administrative role |
Authorization |
Administrator |
The Administrator role must have cell-wide access
to modify bindings. If you have access to a specific resource only,
you can modify bindings for the resource for which you have access. |
Configurator |
The Configurator role cannot modify bindings. |
Deployer |
The Deployer role cannot modify bindings. |
Operator |
The Operator role cannot modify bindings. |
Monitor |
The Monitor role cannot modify bindings. |
About this task
Policy set bindings specify the details about how your
quality of service (QoS) is configured. For example, a policy set
attachment determines that sign, encrypt, or reliable messaging is
enabled. The policy set binding specifies how the protection is configured,
for example, the path of the keystore file, the class name of the
token generator, or the Java Authentication and Authorization Service
(JAAS) configuration name.
For application policy sets, policy
set bindings exist at the cell-level and server-level using default
binding configurations, or at the application level using application-specific
binding configurations. You can also specify cell-level general bindings.
For system policy sets, bindings exist at the cell level and server
level, or you can create application-specific bindings.
Use
the following procedure to delete application-specific bindings for
trust policy sets and application level bindings for application policy
sets:
Procedure
- Launch a scripting command.
To learn more, see
the starting the wsadmin scripting client information.
- Retrieve the current binding configuration for the policy
of interest.
Use the getBinding command to display a
properties object that contains all configuration attributes for a
specific binding. Specify the location of the binding by passing a
properties object using the bindingLocation parameter and the following
reference table:
Table 2. bindingLocation parameter options . Use the parameter to control the output of the getBinding command.
Type of Binding |
Value for the -bindingLocation parameter |
Application |
-bindingLocation [[application application1][attachmentId 123]] |
Trust service |
-bindingLocation [[attachmentId 123]] |
WS-Notification client |
-bindingLocation [[bus myBus][WSNService
myService][attachmentId 123] |
General binding |
-bindingLocation [] |
In this example, the command displays the current binding
configuration for the WSAddressing policy, with the
123 attachmentId,
for the
application1 application:
AdminTask.getBinding('[-policyType WSAddressing -bindingLocation "[[application
application1][attachmentId 123]]"]')
To
display general policy set bindings, identify the bindings by specifying
the -bindingName parameter, as the following example demonstrates:
AdminTask.getBinding('[-bindingLocation [] -attachmentType application
-bindingName "General Provider Binding"]')
- Remove the binding of interest from each attachment.
You cannot remove a binding from your configuration if that
binding is referenced by one or more attachments. Modify and use the
following example command to remove a binding from an attachment:
AdminTask.setBinding('[-bindingLocation "[[application application1][attachmentId
123]]" -remove true]')
- Delete the binding of interest.
Use the setBinding
command to delete a application-specific binding configuration. Specify
the binding of interest with the -bindingName parameter, an asterisk
(*) for the -attachmentId property, and set the -remove parameter
to true. The following example setBinding command
removes the WSAddressing123binding application policy set binding:
AdminTask.setBinding('[-attachmentType application -bindingName
WSAddressing123binding -bindingLocation "[[application application1][attachmentId *]]" -remove
true]')
The following example setBinding command removes
the customTrust trust service binding:
AdminTask.setBinding('[-attachmentType "system/trust" -bindingName
customTrust -bindingLocation "[attachmentId *]" -remove true]')
The
following example setBinding command removes the General Provider
Binding general binding:
AdminTask.setBinding('[-attachmentType application -bindingName "General Provider
Binding" -bindingLocation [] -bindingScope domain -remove true]')
Avoid trouble: You cannot delete general
bindings if an attachment references the binding, or if the binding
is set as the default for a server or domain.
- Save your configuration changes.
Use the following command example to save your configuration
changes:
AdminConfig.save()
Results
The application-specific binding of interest is removed
from your configuration.