acpload utility

The acpload utility loads the XML files that contain the main access control policies into the appropriate databases.

Note: The acpload utility does not unload access control policies. To delete or remove components of a policy, administrators can use the Organization Administration Console.

Before beginning

Complete the following steps.

1. If we create customized XML files, copy the files into a directory in the Utility Docker container, for example, (Linux) utilities_root/xml/policies/xml. The files must be in the Utility Docker container in order for them to be loaded into the database. Or, copy the files into the

   (Developer) WCDE_installdir\xml\policies\xml directory.

2. The utility uses the Data Load framework to load the data. There are two steps in the load process.

   1. Transform the input data file and generate a file that can be loaded. Create the file using the naming convention input_data_transformed.xml.

   2. Load the data into the database using the Data Load utility.

3. Update the target database information in the (Linux) utilities_root/dataload/acpload/wc-dataload-env.xml or

   (Developer) WCDE_installdir\dataload\acpload\wc-dataload-env.xml configuration file. (The target database information in wc-dataload-env.xml is shared by acugload, acpload and acpnlsload utilities.)

   <_config:Database type="input_database_type" name="${dbName,input_database_name }" user="${dbUser,input_database_user }" 
   password="${dbPassword,input_database_encrypt_password_ASCII }" server="${server,input_target_dbServer_name }" 
   schema="${schemaName,input_database_schema_name}" > 
   <_config:property name="port" value="${port,input_database_port}" /> 
   </_config:Database>

   Where:

   input_database_type

   Required: Database type accepted values are db2, or oracle.

   input_database_name

   Required: Name of the database in which to load the policy.

   input_database_user

   Required: Name of the database user who can connect to the database.

   input_database_encrypt_password_ASCII

   Required: The associated password for the database user. The wcs_encrypt utility is required to encrypt the password into an ASCII string. See Generate encrypted data (wcs_encrypt).

   input_target_dbServer_name

   Required: Host name of the database server in which to load the policy.

   input_database_schema_name

   Optional: The name of target database schema. This name is normally the same as input_database_user.

   This parameter is required if there are multiple schemas in the database into which we are loading data, for example if the database is enabled for workspaces.

   input_database_port

   Required: Port of the server on which the database is listening.

4. To load the access groups and access control policies, you need to run the following related utilities in this sequence:

   1. acugload Loads the user access group definitions.

   2. acpload Loads the main access control policy.

   3. acpnlsload Loads the display names and descriptions.

Example

Runtime environment

 ./acpload.sh /opt/MergedAccessControlPolicies.xml

Related concepts
Organization Administration Console

Related tasks
Running utilities from the Utility server Docker container
Defining access control policy elements using XML

Related reference
Examples: Customize access control policies using the Organization Administration Console