Security and scripting
Enabling and disabling security
The wsadmin tool has two security related profiles by default that make security configuration easier. These profiles set up procedures that you can call to enable and disable security. The available procedures are:
securityon Turns global security on using LocalOS security securityoff Turns global security off LTPA_LDAPSecurityOn Turns LTPA and LDAP global security on using the LDAP user registry LTPA_LDAPSecurityOff Turns LTPA and LDAP global security off Enter the securityon help command or LTPA_LDAPSecurityOn help command to find out the parameters required for these procedures. For the procedures that turn security off, no parameters are required.
Supplying user and password information
If you enable security for a WebSphere Application Server cell, you need to supply authentication information in order to communicate with servers.
One can specify user and password information on a wsadmin command line or the sas.client.props file located in the properties directory.
Use the -user and -password command options on the wsadmin tool to specify the user and password information.
The properties file updates required for running in secure mode will depend on whether a Remote Method Invocation (RMI) or Simple Object Access Protocol (SOAP) connector is being used to connect.
If you are using a Remote Method Invocation (RMI) connector, set the following properties in the sas.client.props file with the appropriate values:
com.ibm.CORBA.loginUserid= com.ibm.CORBA.loginPassword=Change the value of the following property from prompt to properties:
com.ibm.CORBA.loginSource=propertiesThe default value for this property is prompt in the sas.client.props file. If you leave the default value, a dialog box appears with a password prompt. If the script is running unattended, if will appear to hang.
If you are using a Simple Object Access Protocol (SOAP) connector, set the following properties in the soap.client.props file with the appropriate values:
There is no corresponding com.ibm.SOAP.loginSource property for a SOAP connector.com.ibm.SOAP.loginUserid= com.ibm.SOAP.loginPassword= com.ibm.SOAP.securityEnabled=trueIf you specify user and password information on a command line and in the properties file, the command line information will override the information in the properties file.
WebSphere is a trademark of the IBM Corporation in the United States, other countries, or both.
IBM is a trademark of the IBM Corporation in the United States, other countries, or both.