addUserToTopicSpaceRootRole command
Use the addUserToTopicSpaceRootRole command to add a user to the sender and receiver roles on the topic space root.
To run the command, use the AdminTask object of the wsadmin scripting client.
The wsadmin scripting client is run from Qshell. For more information, see Configure Qshell to run WebSphere scripts .
This command is valid only when used with WAS v7 or later application servers. Do not use it with earlier versions.
Command-line help is provided for service integration bus commands:
- For a list of the available service integration
bus security commands in Jython and a brief description of each command, enter the following command at the wsadmin prompt:
print AdminTask.help('SIBAdminBusSecurityCommands')
- For overview help on a given command, enter the following command at the wsadmin prompt:
print AdminTask.help('command_name')
After using the command, save the changes to the master configuration using the following command:
AdminConfig.save()
Purpose
Use the addUserToTopicSpaceRootRole command to grant a user permission to access the topic space root in the sender and receiver roles. This is in addition to any access permissions granted to the topics in the topic space. We can use this command to define the access control policy for a topic that does not yet exist. By defining the access control policy first, you ensure that the topic is secure from the moment it is created.
Target object
None.
Required parameters
- -bus busName
- The name of the local bus. We can use the listSIBuses command to list the names of existing buses.
- -topicSpace topicSpaceName
- The name of the topic space.
- -role roleName
- We can specify the Sender or Receiver roles for the topic space root.
- -user userName
- The name of the user to add to the Sender or Receiver roles for the topic space root.
Conditional parameters
None.
Optional parameters
- -uniqueName uniqueName
- Specify the name that uniquely defines the user in the user registry. If an LDAP user registry is in use, the unique name is the distinguished name (DN) for the user. We can specify values for both -uniqueName and -user, but you must ensure that they identify the same user. The command does not check that the values match.
Examples
The following example adds a user called User1, to the Sender role for the topic space root, for a topic space called Sport, on a local bus called Bus1.
- AdminTask.addUserToTopicSpaceRootRole ('[-bus Bus1 -topicSpace Sport -role Sender -user User1]')
Related concepts
Related tasks
Reference topic