Manage WS-Security distributed cache configurations using wsadmin
The distributed cache stores tokens on the client. Use this topic and the commands in the WSSCacheManagement group of the AdminTask object to query, update, and remove custom and non-custom properties for the distributed cache configuration.
Set a policy set with WS-Security enabled.
The distributed cache stores tokens on both distributed and local clients. WAS supports only the security context token for the WS-Trust security token service client and the security trust service components. Use the admin console or wsadmin to manage the secure conversation distributed cache configuration. Use wsadmin and Jython syntax to:
- Query the current distributed cache settings.
- Set the value for the renewal time after token expiration.
- Enable or disable distributed cache for clustered servers.
- Add custom properties to the configuration.
- Remove custom properties from the configuration.
- Display distributed cache configuration...
Retrieve lists of distributed cache settings with...
There are no required or optional parameters for the query commands.
To list all non-custom configuration settings, run the following Jython command:
AdminTask.queryWSSDistributedCacheConfig()To list all distributed cache custom properties, enter the following Jython command:
AdminTask.queryWSSDistributedCacheCustomConfig()- Update the secure conversation distributed cache configuration settings and custom properties. Use the following steps to update all non-custom distributed cache settings:
- Review the existing settings by running the queryWSSDistributedCacheConfig command...
AdminTask.queryWSSDistributedCacheConfig()The command returns a properties object that contains the configuration properties and values for the distributed cache configuration.The following table displays the configuration properties that the command returns:
Table 1. Returned configuration properties
Property Description tokenRecovery Specifies whether token recovery is enabled or disabled. If the tokenRecovery property is set to true, the Datasource property specifies the shared data source assigned to the distributed cache. distributedCache Specifies whether distributed caching is enabled or disabled. Datasource Name of the shared data source assigned to the distributed cache if token recovery is enabled. renewIntervalBeforeTimeoutMinutes Amount of time, in minutes, that the client waits before it attempts to renew the token. synchronousClusterUpdate Specifies whether the system performs a synchronous update of distributed caches on cluster members. By default, synchronous cluster updating is enabled. minutesInCacheAfterTimeout Amount of time that the token remains in the cache after the token times out.
- Use the updateWSSDistributedCacheConfig command to enable or disable distributed cache and to modify the amount of time after token expiration when downstream calls are allowed to complete.
The following command example enables distributed cache, and sets the mySharedDataSource as the shared data source for token recovery:
AdminTask.updateWSSDistributedCacheConfig('[-tokenRecovery true -Datasource mySharedDataSource -distributedCache true')- Enter the following command to save the configuration changes:
AdminConfig.save()Use the following steps to update custom properties for the distributed cache configuration:
- Review the existing settings by executing the queryWSSDistributedCacheCustomConfig command. For example:
AdminTask.queryWSSDistributedCacheCustomConfig()The command returns a properties object that contains the name and value pairs that correspond to each custom property.
- Use the updateWSSDistributedCacheCustomConfig command to add custom properties for the distributed cache configuration. Specify and define each custom property by passing a properties object with the -customProperties parameter using the following Jython format:
-customProperties [[property1 value1][property2 value2]]For example, the following command adds the cancelActionRST custom property and defines the value as http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT/Cancel:AdminTask.updateWSSDistributedCacheCustomConfig('[-customProperties [[cancelActionRST http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT/Cancel]]]')- Enter the following command to save the configuration changes:
AdminConfig.save()- Remove custom properties from the distributed cache configuration.
Use the following steps to remove custom properties from the distributed cache configuration:
- Review the existing settings by executing the queryWSSDistributedCacheCustomConfig command. For example:
AdminTask.queryWSSDistributedCacheCustomConfig()- Use the deleteWSSDistributedCacheConfigCustomProperties command to remove custom properties for the distributed cache configuration. Specify the custom properties to delete by passing a string array with the -propertyNames parameter. For example, the following command removes the cancelActionRST custom property:
AdminTask.deleteWSSDistributedCacheConfigCustomProperties('[-propertyNames [cancelActionRST]]')- Enter the following command to save the configuration changes:
AdminConfig.save()
Results
Your WS-Security distributed cache configuration is updated.
Secure conversation client cache and trust service configuration
SecureConversation default policy sets
Related tasks
Set the WS-Security distributed cache
Example: Installing a Web Services Sample with the console