Removing authorization data

Use these commands to remove authorization data for the default roles, or for a destination or a foreign bus.

To run these commands, use the AdminTask object of the wsadmin scripting client. Each command acts on multiple objects in one operation. The commands are provided to allow us to make the most commonly-required types of update in a consistent manner, where modifying the underlying objects directly would be error-prone.

(iSeries) (iSeries) The wsadmin scripting client is run from Qshell. (iSeries) See Configure Qshell to run WebSphere scripts .

Command-line help is provided for service integration bus commands:

• For a list of the available service integration bus security commands in Jython and a brief description of each command, enter at the wsadmin prompt:

  print AdminTask.help('SIBAdminBusSecurityCommands')

• For overview help on a given command, enter at the wsadmin prompt:

  print AdminTask.help('command_name')

After using the command, save the changes to the master configuration using the following command:

AdminConfig.save()

Commands

Removing authorization data for the defaults

To remove all users and groups from every role (sender, receiver and so on) in the defaults.

• Use Jython:

  AdminTask.removeDefaultRoles("-bus busname")
  

• Use Jacl:

  $AdminTask removeDefaultRoles {-bus busname}
  

Removing all authorization data for a destination

To delete all authorization data for a destination.

• Use Jython:

  AdminTask.removeDestinationRoles("-type destinationType -bus busname
   -foreignBus foreignBusName -destination destinationName")
  

• Use Jacl:

  AdminTask.removeDestinationRoles("-type destinationType -bus busname
   -foreignBus foreignBusName -destination destinationName")
  

• This command deletes all authorization data for the specified destination. If the destination is a topic space, the command removes all authorization data for the virtual root and for the topics within the topic space, as well as for the topic space itself.

• Use this command if we are deleting the destination and want to remove all associated authorization permissions, or to block all access to a destination by removing all authorization permissions for it. In this second case a user might still be able to access the destination if they have been granted default authorization permissions. If we have specified default authorization permissions and we want to block all access to the destination, we must stop the destination inheriting the default permissions using the command setInheritDefaultsForDestinations (see Define destination defaults inheritance ). We should use the removeDestinationRoles command first, followed by the setInheritDefaultsForDestinations command.

Removing all authorization data for a foreign bus

To delete all authorization data for the specified foreign bus.

• Use Jython:

  AdminTask.removeForeignBusRoles("-bus busname
   -foreignBus foreignBusName")
  

• Use Jacl:

  $AdminTask removeForeignBusRoles {-bus busname
   -foreignBus foreignBusName}
  

After using these commands, save the changes to the master configuration; for example, using the following command:

AdminConfig.save()