Network Deployment (Distributed operating systems), v8.0 > Scripting the application serving environment (wsadmin) > Welcome to scripting for web services > Configure web services applications using wsadmin.sh > Configure application and system policy sets for web services using wsadmin.sh
Manage WS-Security distributed cache configurations using wsadmin scripting
The distributed cache stores tokens on the client. Use this topic and the commands in the WSSCacheManagement group of the AdminTask object to query, update, and remove custom and non-custom properties for the distributed cache configuration. Configure a policy set with WS-Security enabled.
The distributed cache stores tokens on both distributed and local clients. WAS supports only the security context token for the WS-Trust security token service client and the security trust service components.
We can use the administrative console or wsadmin.sh to manage your secure conversation distributed cache configuration. We can use wsadmin.sh and the Jython scripting language syntax to:
- Query your current distributed cache configuration settings.
- Set the value for the renewal time after token expiration.
- Enable or disable distributed cache for clustered servers.
- Add custom properties to the configuration.
- Remove custom properties from the configuration.
Procedure
- Query the configuration for your existing distributed cache configuration.
We can retrieve a list of your current distributed cache configuration settings and custom properties with the queryWSSDistributedCacheConfig and queryWSSDistributedCacheCustomConfig commands. There are no required or optional parameters for the query commands.
To list all non-custom configuration settings, run the following Jython command:
AdminTask.queryWSSDistributedCacheConfig()To list all distributed cache custom properties, enter the following Jython command:
AdminTask.queryWSSDistributedCacheCustomConfig()- Update your secure conversation distributed cache configuration settings and custom properties.
Use the following steps to update all non-custom distributed cache configuration settings:
- Review your existing configuration settings by running the queryWSSDistributedCacheConfig command:
AdminTask.queryWSSDistributedCacheConfig()The command returns a properties object that contains the configuration properties and values for the distributed cache configuration. The following table displays the configuration properties that the command returns:
Returned configuration properties. Use the properties to determine the distributed cache configuration.
Property Description tokenRecovery Whether token recovery is enabled or disabled. If the tokenRecovery property is set to true, the Datasource property specifies the shared data source that is assigned to the distributed cache. distributedCache Whether distributed caching is enabled or disabled. Datasource Name of the shared data source that is assigned to the distributed cache if token recovery is enabled. renewIntervalBeforeTimeoutMinutes Amount of time, in minutes, that the client waits before it attempts to renew the token. synchronousClusterUpdate Whether the system performs a synchronous update of distributed caches on cluster members. By default, synchronous cluster updating is enabled. minutesInCacheAfterTimeout Amount of time that the token remains in the cache after the token times out. - Use the updateWSSDistributedCacheConfig command to enable or disable distributed cache and to modify the amount of time after token expiration when downstream calls are allowed to complete.
The following command example enables distributed cache, and sets the mySharedDataSource as the shared data source for token recovery:
AdminTask.updateWSSDistributedCacheConfig('[-tokenRecovery true -Datasource mySharedDataSource -distributedCache true')
- Enter the following command to save the configuration changes:
AdminConfig.save()Use the following steps to update custom properties for your distributed cache configuration:
- Review your existing configuration settings by executing the queryWSSDistributedCacheCustomConfig command. For example:
AdminTask.queryWSSDistributedCacheCustomConfig()The command returns a properties object that contains the name and value pairs that correspond to each custom property.
- Use the updateWSSDistributedCacheCustomConfig command to add custom properties for your distributed cache configuration. Specify and define each custom property by passing a properties object with the -customProperties parameter using the following Jython format:
-customProperties [[property1 value1][property2 value2]]For example, the following command adds the cancelActionRST custom property and defines the value as http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT/Cancel:AdminTask.updateWSSDistributedCacheCustomConfig('[-customProperties [[cancelActionRST http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT/Cancel]]]')
- Enter the following command to save the configuration changes:
AdminConfig.save()
- Remove custom properties from your distributed cache configuration. Use the following steps to remove custom properties from your distributed cache configuration:
- Review your existing configuration settings by executing the queryWSSDistributedCacheCustomConfig command. For example:
AdminTask.queryWSSDistributedCacheCustomConfig()- Use the deleteWSSDistributedCacheConfigCustomProperties command to remove custom properties for your distributed cache configuration. Specify the custom properties to delete by passing a string array with the -propertyNames parameter. For example, the following command removes the cancelActionRST custom property:
AdminTask.deleteWSSDistributedCacheConfigCustomProperties('[-propertyNames [cancelActionRST]]')
- Enter the following command to save the configuration changes:
AdminConfig.save()
Results
Your WS-Security distributed cache configuration is updated.
Secure conversation client cache and trust service configuration
SecureConversation default policy sets
Configure the Web Services Security distributed cache
Example: Installing a web services sample with the console