Forcing the unconfiguration of the Tivoli Access Manager JACC provider
If we find we cannot restart WebSphere Application Server after configuring the JACC provider for Tivoli Access Manager a utility is available to clear the security configuration and return WebSphere Application Server to an operable state.
The utility removes all of the PDLoginModuleWrapper entries as well as the Tivoli Access Manager authorization table from security.xml and wsjaas.conf files. This utility effectively removes the JACC provider for Tivoli Access Manager.
- Back up the security.xml and wsjaas.conf files.
- Enter the following command as one continuous line.
(dist)(zos)
app_server_root/java/jre/bin/java -classpath "app_server_root /$WAS_HOME/plug-in/com.ibm.ws.runtime_1.0.0.jar" com.tivoli.pd.as.jacc.cfg.CleanSecXML fully_qualified_path/security.xml fully_qualified_path/wsjaas.conf
(iseries)
java -classpath "app_server_root/$WAS_HOME/plug-ins/com.tivoli.pd.amwas.core_6.1.0.jar" com.tivoli.pd.as.jacc.cfg.CleanSecXML fully_qualified_path/security.xml fully_qualified_path/wsjaas.conf
Related tasks
Enable an external JACC provider Disable embedded Tivoli Access Manager client using wsadmin