+

Search Tips   |   Advanced Search

Forcing the unconfiguration of the ISAM JACC provider

If we find we cannot restart WebSphere Application Server after configuring the JACC provider for Security Access Manager a utility is available to clear the security configuration and return WAS to an operable state.

The utility removes all of the PDLoginModuleWrapper entries as well as the ISAM authorization table from security.xml and wsjaas.conf files. This utility effectively removes the JACC provider for ISAM.


Tasks

  1. Back up the security.xml and wsjaas.conf files.

  2. Enter the following command as one continuous line. 

    app_server_root/java/jre/bin/java 
-classpath "app_server_root /$WAS_HOME/plug-in/com.ibm.ws.runtime_1.0.0.jar" 
 com.tivoli.pd.as.jacc.cfg.CleanSecXML 
 fully_qualified_path/security.xml fully_qualified_path/wsjaas.conf

    (iSeries) 

    java -classpath 
"app_server_root/$WAS_HOME/plug-ins/com.tivoli.pd.amwas.core_6.1.0.jar"
com.tivoli.pd.as.jacc.cfg.CleanSecXML fully_qualified_path/security.xml 
 fully_qualified_path/wsjaas.conf

  • Enable an external JACC provider
  • Disable embedded ISAM client using wsadmin