Network Deployment (Distributed operating systems), v8.0 > Scripting the application serving environment (wsadmin) > Welcome to scripting for web services > Configure web services applications using wsadmin.sh > Configure application and system policy sets for web services using wsadmin.sh


Delete application-specific bindings from the configuration using wsadmin.sh

Use the Jython or Jacl scripting language to delete a custom application or system policy set binding from the configuration. We cannot delete cell-level default bindings.

Verify that you are using the most recent version of wsadmin.sh. The policy set management commands that accept a properties object as the value for the attributes or bindingLocation parameters are not supported on previous versions of wsadmin.sh. For example, the commands do not run on a v6.1.0.x node.

When administrative security is enabled, verify that you use the correct administrative role:

Administrative roles. The administrative role determines if you can delete or modify bindings.

Administrative role Authorization
Administrator The Administrator role must have cell-wide access to modify bindings. If we have access to a specific resource only, you can modify bindings for the resource for which we have access.
Configurator The Configurator role cannot modify bindings.
Deployer The Deployer role cannot modify bindings.
Operator The Operator role cannot modify bindings.
Monitor The Monitor role cannot modify bindings.

Policy set bindings specify the details about how your quality of service (QoS) is configured. For example, a policy set attachment determines that sign, encrypt, or reliable messaging is enabled. The policy set binding specifies how the protection is configured, for example, the path of the keystore file, the class name of the token generator, or the JAAS (JAAS) configuration name.

For application policy sets, policy set bindings exist at the cell-level and server-level using default binding configurations, or at the application level using application-specific binding configurations. We can also specify cell-level general bindings. For system policy sets, bindings exist at the cell level and server level, or you can create application-specific bindings.

Use the following procedure to delete application-specific bindings for trust policy sets and application level bindings for application policy sets:


Procedure

  1. Launch a scripting command.

    To learn more, see the starting the wsadmin scripting client information.

  2. Retrieve the current binding configuration for the policy of interest.

    Use the getBinding command to display a properties object that contains all configuration attributes for a specific binding. Specify the location of the binding by passing a properties object using the bindingLocation parameter and the following reference table:

    bindingLocation parameter options. Use to the output of the getBinding command.

    Type of Binding Value for the -bindingLocation parameter
    Application -bindingLocation "[[application application1][attachmentId 123]]"
    Trust service -bindingLocation "[[attachmentId 123]]"
    WS-Notification client -bindingLocation "[[bus myBus][WSNService myService][attachmentId 123]"
    General binding -bindingLocation []

    In this example, the command displays the current binding configuration for the WSAddressing policy, with the 123 attachmentId, for the application1 application:

    AdminTask.getBinding('[-policyType WSAddressing -bindingLocation  "[[application
     application1][attachmentId 123]]"]')
    

    To display general policy set bindings, identify the bindings by specifying the -bindingName parameter:

    AdminTask.getBinding('[-bindingLocation [] -attachmentType application  -bindingName "General Provider Binding"]')
    
  3. Remove the binding of interest from each attachment.

    We cannot remove a binding from the configuration if that binding is referenced by one or more attachments. Modify and use the following example command to remove a binding from an attachment:

    AdminTask.setBinding('[-bindingLocation "[[application application1][attachmentId
     123]]"  -remove true]')
    
  4. Delete the binding of interest.

    Use the setBinding command to delete a application-specific binding configuration. Specify the binding of interest with the -bindingName parameter, an asterisk (*) for the -attachmentId property, and set the -remove parameter to true. The following example setBinding command removes the WSAddressing123binding application policy set binding:

    AdminTask.setBinding('[-attachmentType application -bindingName
     WSAddressing123binding  -bindingLocation "[[application application1][attachmentId *]]" -remove
     true]')
    

    The following example setBinding command removes the customTrust trust service binding:

    AdminTask.setBinding('[-attachmentType "system/trust" -bindingName
     customTrust  -bindingLocation "[attachmentId *]" -remove true]')
    

    The following example setBinding command removes the General Provider Binding general binding:

    AdminTask.setBinding('[-attachmentType application -bindingName "General Provider
     Binding" -bindingLocation [] -bindingScope domain -remove true]')
    
    We cannot delete general bindings if an attachment references the binding, or if the binding is set as the default for a server or domain.

  5. Save the configuration changes.

    Save the configuration changes:

    AdminConfig.save()
    


Results

The application-specific binding of interest is removed from the configuration.
Start the wsadmin scripting client using wsadmin.sh
Remove policy set bindings using wsadmin.sh
Create policy sets using wsadmin.sh
Add and remove policies using wsadmin.sh
Create policy set attachments using wsadmin
Manage policy set attachments using wsadmin
Remove policy set attachments using wsadmin
Manage policy sets


Related


PolicySetManagement command group

+

Search Tips   |   Advanced Search