Enabling authentication in the file transfer service using scripting
You can enable authentication in the file transfer service using scripting and the wsadmin tool.
Before you beginBefore starting this task, the wsadmin tool must be running. See the Starting the wsadmin scripting client article for more information.
About this task
In WebSphere Application Server Network Deployment, V5.0.1 or later, the file transfer service is enhanced to provide role-based authentication. Two versions of the file transfer Web application are provided. By default, the version that does not authenticate its caller is installed. This default supports compatibility between the WAS Network Deployment, V5.0 and V5.0.1 or later.
Turning the file transfer authentication on is recommended to prevent unauthorized use of the file transfer application; however, if you have any V5.0 clients in your Network Deployment environment, they cannot communicate with the secured file transfer application if global security is turned on.
In WebSphere Application Server V6.x, mixed cells are supported and file transfer has become a system application. If all of the nodes in the cell are of V5.0.1 or later, you can activate authentication in the file transfer service by redeploying the file transfer application at the deployment manager. The compatible version is shipped in the app_server_root/systemApps/filetransfer.ear directory. The secured version is provided in the app_server_root/systemApps/filetransferSecured.ear directory.
- A wsadmin Jacl script is provided to help you redeploy the file transfer. The script is called redeployFileTransfer.jacl and is located in the app_server_root/bin directory.
After the deployment manager and all the nodes are upgraded to WAS Network Deployment, version 5.0.1 or later, you can deploy the secured file transfer service by running the script.
The syntax for running the script from the bin directory is the following:
- where Xxx is On or Off.wsadmin -profile redeployFileTransfer.jacl -c "fileTransferAuthenticationXxx cellName nodeName serverName"
Use wsadmin or wsadmin.bat.
- For example, when running the script to enable use of the filetransferSecured.ear file, the syntax is similar to the following exampleorwsadmin -profile redeployFileTransfer.jacl -c "fileTransferAuthenticationOn managedCell managedCellManager dmgr"wsadmin -profile redeployFileTransfer.jacl -c "fileTransferAuthenticationOn baseCell base server1"
orwsadmin -profile redeployFileTransfer.jacl -c "fileTransferAuthenticationOff baseNodeCell baseNode server1"
wsadmin -profile redeployFileTransfer.jacl -c "fileTransferAuthenticationOff managedCell managedCellManager dmgr"
WebSphere is a trademark of the IBM Corporation in the United States, other countries, or both.