WAS v8.5 > Script the application serving environment (wsadmin) > Welcome to scripting for web services > Configure web services applications using wsadmin.sh > Configure application and system policy sets for web services using wsadmin.sh

Delete application-specific bindings from your configuration using wsadmin.sh

We can use the Jython or Jacl scripting language to delete a custom application or system policy set binding from your configuration. We cannot delete cell-level default bindings.

Before using the commands in this topic, verify that you are using the most recent version of wsadmin. The policy set management commands that accept a properties object as the value for the attributes or bindingLocation parameters are not supported on previous versions of wsadmin. For example, the commands do not run on a v6.1.0.x node.

When administrative security is enabled, verify that we use the correct administrative role, as the following table describes:

Administrative roles. The administrative role determines if we can delete or modify bindings.

Administrative role Authorization
Administrator The Administrator role must have cell-wide access to modify bindings. If we have access to a specific resource only, we can modify bindings for the resource for which we have access.
Configurator The Configurator role cannot modify bindings.
Deployer The Deployer role cannot modify bindings.
Operator The Operator role cannot modify bindings.
Monitor The Monitor role cannot modify bindings.
Policy set bindings specify the details about how your quality of service (QoS) is configured. For example, a policy set attachment determines that sign, encrypt, or reliable messaging is enabled. The policy set binding specifies how the protection is configured, for example, the path of the keystore file, the class name of the token generator, or the Java Authentication and Authorization Service (JAAS) configuration name.

For application policy sets, policy set bindings exist at the cell-level and server-level using default binding configurations, or at the application level using application-specific binding configurations. We can also specify cell-level general bindings. For system policy sets, bindings exist at the cell level and server level, or we can create application-specific bindings.

Use the following procedure to delete application-specific bindings for trust policy sets and application level bindings for application policy sets:

  1. Launch a scripting command. To learn more, see the starting the wsadmin scripting client information.
  2. Retrieve the current binding configuration for the policy of interest.

    Use the getBinding command to display a properties object containing all configuration attributes for a specific binding. Specify the location of the binding by passing a properties object using the bindingLocation parameter and the following reference table:

    bindingLocation parameter options. Use the parameter to control the output of the getBinding command.

    Type of Binding Value for the -bindingLocation parameter
    Application -bindingLocation "[[application application1][attachmentId 123]]"
    Trust service -bindingLocation "[[attachmentId 123]]"
    WS-Notification client -bindingLocation "[[bus myBus][WSNService myService][attachmentId 123]"
    General binding -bindingLocation []

    In this example, the command displays the current binding configuration for the WSAddressing policy, with the 123 attachmentId, for the application1 application:

    AdminTask.getBinding('[-policyType WSAddressing -bindingLocation  "[[application 
     application1][attachmentId 123]]"]')

    To display general policy set bindings, identify the bindings by specifying the -bindingName parameter, as the following example demonstrates:

    AdminTask.getBinding('[-bindingLocation [] -attachmentType application 
     -bindingName "General Provider Binding"]')
  3. Remove the binding of interest from each attachment.

    We cannot remove a binding from your configuration if that binding is referenced by one or more attachments. Modify and use the following example command to remove a binding from an attachment:

    AdminTask.setBinding('[-bindingLocation "[[application application1][attachmentId 
     123]]"  -remove true]')
  4. Delete the binding of interest.

    Use the setBinding command to delete a application-specific binding configuration. Specify the binding of interest with the -bindingName parameter, an asterisk (*) for the -attachmentId property, and set the -remove parameter to true. The following example setBinding command removes the WSAddressing123binding application policy set binding:

    AdminTask.setBinding('[-attachmentType application -bindingName 
     WSAddressing123binding  -bindingLocation "[[application application1][attachmentId *]]" -remove 
     true]')

    The following example setBinding command removes the customTrust trust service binding:

    AdminTask.setBinding('[-attachmentType "system/trust" -bindingName 
     customTrust  -bindingLocation "[attachmentId *]" -remove true]')

    The following example setBinding command removes the General Provider Binding general binding:

    AdminTask.setBinding('[-attachmentType application -bindingName "General Provider 
     Binding" -bindingLocation [] -bindingScope domain -remove true]')

    We cannot delete general bindings if an attachment references the binding, or if the binding is set as the default for a server or domain.

  5. Save your configuration changes.

    Use the following command example to save your configuration changes:


Results

The application-specific binding of interest is removed from your configuration.


Related


Start the wsadmin scripting client using wsadmin.sh
Remove policy set bindings using wsadmin.sh
Create policy sets using wsadmin.sh
Add and remove policies using wsadmin.sh
Create policy set attachments using wsadmin
Manage policy set attachments using wsadmin
Remove policy set attachments using wsadmin
Manage policy sets


Reference:

PolicySetManagement command group for AdminTask


+

Search Tips   |   Advanced Search