Create policy sets
Policy sets, created using wsadmin, centrally manage policies customized for the web services.
To create an application policy set:
AdminTask.createPolicySet('[-policySet PolicySet1 -description policySet_description]')
Create a policy set for the trust service:
AdminTask.createPolicySet('[-policySet PolicySet1 -description policySet_description -policySetType system]')
The command returns a success or failure message.
Add policies for the new policy set. Use this step to add a policy with default values for the specified policy set. Add and enable a policy:
AdminTask.addPolicyType('[-policySet PolicySet1 -policyType policyType_name]')
Add and disable a policy. Your configuration changes are contained within the policy set, but will have no effect on the system if the -enabled parameter is set to false.
AdminTask.addPolicyType('[-policySet PolicySet1 -policyType policyType_name -enabled false]')
The command returns a success or failure message. Repeat this step to create additional policies for the configuration.
Save the configuration changes. Save the changes:
AdminConfig.save()
Copy an existing policy set using the Jython scripting language.
- Start the wsadmin scripting tool.
- Determine the policy requirements for the web services.
- Enter the command syntax to copy an existing policy set:
Set the -transferAttachments parameter to true to transfer the attachments from the existing policy set to the new policy set. The default value for the -transferAttachments parameter is false.
Create the new policy set and to transfer the attachments of the existing policy set:
AdminTask.copyPolicySet('[-sourcePolicySet existingPolicySet_name -newPolicySet PolicySet1 -newDescription PolicySet1_description -transferAttachments true]')
The command returns a success or failure message.
- Save the configuration changes.
Save the changes:
AdminConfig.save()
Import a policy set from an archive file or import a default policy set using the Jython scripting language.
- Start the wsadmin scripting tool.
- Determine the policy requirements for the web services.
- Import a policy set.
Use the importPolicySet command to import the archive file containing the policy set configuration of interest to the destination environment. Specify the verifyPolicySetType parameter to verify that the policy set to import matches a specific type. Set the value as application, system, or system/trust to specify the policy set type. We cannot import a policy set onto a server or client environment if the policy set already exists in the destination environment.
For example, the following command creates a customSecureConversation policy set from the customSC.zip archive file:
AdminTask.importPolicySet('[-importFile C:\IBM\WebSphere\AppServer\bin\customSC.zip -verifyPolicySetType system/trust]')
AdminTask.importPolicySet('[-importFile /IBM/WebSphere/AppServer/bin/customSC.zip -verifyPolicySetType system/trust]')Additionally, we can also use the importPolicySet command to import a default policy set onto a server environment:
AdminTask.importPolicySet('[-defaultPolicySet SecureConversation -policySet copyOfdefaultSC -verifyPolicySetType system]')The command returns a success or failure message.
- Save the configuration changes.
Save the changes:
AdminConfig.save()
Results
If you receive a success message after entering the commands, we can now manage a policy set that is customized for the web services applications. We can further configure the policy set and policies.
What to do next
Use the validatePolicySet command to validate your policy set configurations after modifying attributes for policies. For example, to validate the PolicySet1 policy set:
AdminTask.validatePolicySet('-policySet PolicySet1')
Related tasks
Update policy set attributesWeb services policy sets Delete policy sets Add and remove policies Create policy sets using the administrative console PolicySetManagement (AdminTask)