Add unique names to the bus authorization policy
How to update the authorization policy for the service integration bus with unique name entries.
We should carry out this task if we are migrating from WebSphere Application Server v6 to WAS v7.0 or later. In this task, we manually run the populateUniqueNames command to query the user repository for a selected bus for unique names, and add them to the authorization policy. If we do not manually run this command, the messaging engine performs the query, and adds the missing unique names to the authorizations policy, which adversely affects the start up time.
When we migrate from a v6 node to a v7.0 or later node, the authorization policy only contains the user and group security names; it does not contain the names in the user registry that uniquely define each user and group. If an LDAP user registry is in use, the unique name is the distinguished name (DN). By default, only missing unique names are added to the authorization policy. If we set the -force parameter, all unique name entries added to the authorization policy
Tasks
- Run a scripting command.
- At the wsadmin command prompt, type the populateUniquenames command. The following example syntax queries the user repository for the unique names that match the security names for a bus called Bus 1, and adds the missing unique names to the authorization policy .
AdminTask.populateUniquenames('[-bus Bus1]')- Save changes to the master configuration repository. The following example presents the syntax:
AdminConfig.save()
The authorization policy for the bus is updated with the missing unique names.
Example
The following example updates all the unique name entries in the authorization policy for a bus called Bus 1.AdminTask.populateUniqueNames(AdminTask.populateUniquenames('[-bus Bus1 -force TRUE]')
What to do next
Use the administrative console to administer bus security authorizations.
Related:
Messaging security Role-based authorization Disable bus security Enable client SSL authentication Administer authorization permissions Secure messages between messaging buses Secure access to a foreign bus Secure links between messaging engines Controlling which foreign buses can link to your bus Secure database access Secure mediations populateUniqueNames command Secure buses Administer permitted transports for a bus