WAS v8.5 > Script the application serving environment (wsadmin) > Scripting for security > Configure security with scripting

Enable authentication in the file transfer service using scripting

The file transfer service provides role-based authentication. We can enable authentication in the file transfer service using scripting and wsadmin.

Before starting this task, wsadmin must be running. See Start the wsadmin scripting client for more information.

  1. Run the redeployFileTransfer.jacl script to help redeploy the file transfer Web application. This wsadmin script is located in the app_server_root/bin directory. Run the script from the app_server_root/bin directory using the following syntax:
    wsadmin -conntype NONE -lang jacl -profile redeployFileTransfer.jacl -c 
    "fileTransferAuthenticationXxx cell_name node_name dmgr"
    In this example, the variables represent the following:

    • Xxx is On or Off.
    • cell_name is the name of your cell.
    • node_name is the name of your node.
    • dmgr is the server type. This script will work only on the deployment manager.

    Use wsadmin.sh.

    Use wsadmin or wsadmin.bat. Review the following examples on how to run the script with the different authentication options:

    • To run the script with authentication, which uses the filetransfer.ear file, use a command similar to the following:
      wsadmin -conntype NONE -lang jacl -profile redeployFileTransfer.jacl -c 
      "fileTransferAuthenticationOn managedCell managedCellNode dmgr"
    • To run the script and file transfer service without authentication, use a command similar to the following:
      wsadmin -conntype NONE -lang jacl -profile redeployFileTransfer.jacl -c 
      "fileTransferAuthenticationOff managedCell managedCellNode dmgr"

    In the previous examples, the following values apply:

    • managedCell the names of the cell.
    • managedCellNode is the names of your node.
    • dmgr is the server type.

  2. If you receive an error related to the file transfer service, troubleshoot the problem by reviewing the systemapps.xml file. You might receive the following error if you attempt to set authentication to a state in which it is already configured:

      Error: com.ibm.ws.scripting.ScriptingException: WASX7280E: An application with name "filetransfer" does not exist.
    This error will be displayed, for example, when we try to set authentication to on when it is already on or off when it is already off.

    To determine the current state of the file transfer authentication, see the systemapps.xml file in the app_server_root/AppServer/profiles/dmgr_profile/config/cells/cell_name/nodes/node_name directory:

    • This entry indicates that authentication is on:
      <deployedApplications>${app_server_root}/
         systemApps/filetransferSecured.ear</deployedApplications> 
    • This entry indicates that authentication is off:
      <deployedApplications>${app_server_root}/
         systemApps/filetransfer.ear</deployedApplications>

Restart the server for the change to take affect.


Related


Configure security with scripting
Start the wsadmin scripting client using wsadmin.sh


+

Search Tips   |   Advanced Search