addGroupToTopicSpaceRootRole command
Use the addGroupToTopicSpaceRootRole command to add a group to topic space roles on the topic space root.
To run the command, use the AdminTask object of the wsadmin scripting client.
(iSeries) (iSeries) The wsadmin scripting client is run from Qshell. (iSeries) See Configure Qshell to run WebSphere scripts .
This command is valid only when used with WebSphere Application Server v7.0 or later application servers. Do not use it with earlier versions.
Command-line help is provided for service integration bus commands:
- For a list of the available service integration bus security commands in Jython and a brief description of each command, enter at the wsadmin prompt:
print AdminTask.help('SIBAdminBusSecurityCommands')
- For overview help on a given command, enter at the wsadmin prompt:
print AdminTask.help('command_name')
After using the command, save the changes to the master configuration using the following command:
AdminConfig.save()
Use the addGroupToTopicRootSpaceRole command to grant a group permission to access the topic space root in the sender and receiver roles. This is in addition to any access permissions granted to the topics in the topic space.
Use this command to define the access control policy for a topic that does not yet exist. By defining the access control policy first, you ensure that the topic is secure from the moment it is created.
Target object
None.
Required parameters
- -bus busName
- The name of the local bus. Use the listSIBuses command to list the names of existing buses.
- -topicSpace topicSpaceName
- The name of the topic space.
- -role roleName
- We can specify the Sender or Receiver roles for a topic.
- -group groupName
- The name of the group to add to the Sender or Receiver roles for the topic space root. We can specify a group name, or one of the following specialized group names:
- Server
- This group contains application servers.
- AllAuthenticated
- This group contains authenticated users only.
- Everyone
- This group contains all users. Each user is anonymous.
Conditional parameters
None.
Optional parameters
- -uniqueName uniqueName
- Name that uniquely defines the group in the user registry. If an LDAP user registry is in use, the unique name is the distinguished name (DN) for the group. We can specify values for both -uniqueName and -group, but ensure that they identify the same group. The command does not check that the values match.
Examples
The following example adds a group called Group1, and the unique name SalesGroup to the Sender role for the topic space root, for a topic space called Sport, on a local bus called Bus1.
AdminTask.addGroupToTopicSpaceRootRole ('[-bus Bus1 -topicSpace Sport -role Sender -group Group1 uniqueName SalesGroup]')