Delete application-specific bindings from the configuration using wsadmin

Delete application-specific bindings from the configuration using wsadmin

Use the Jython or Jacl scripting language to delete a custom application or system policy set binding from the configuration. We cannot delete cell-level default bindings.
Before you use the commands in this topic, verify that we are using the most recent version of wsadmin. The policy set management commands that accept a properties object as the value for the attributes or bindingLocation parameters are not supported on previous versions of wsadmin. For example, the commands do not run on a V6.1.0.x node. When administrative security is enabled, verify that you use the correct administrative role, as the following table describes:

Table 1. Administrative roles

Administrative role Authorization
Administrator The Administrator role must have cell-wide access to modify bindings. If we have access to a specific resource only, we can modify bindings for the resource for which we have access.
Configurator The Configurator role cannot modify bindings.
Deployer The Deployer role cannot modify bindings.
Operator The Operator role cannot modify bindings.
Monitor The Monitor role cannot modify bindings.

Policy set bindings specify the details about how the quality of service (QoS) is configured. For example, a policy set attachment determines that sign, encrypt, or reliable messaging is enabled. The policy set binding specifies how the protection is configured, for example, the path of the keystore file, the class name of the token generator, or the JAAS configuration name.
For application policy sets, policy set bindings exist at the cell-level and server-level using default binding configurations, or at the application level using application-specific binding configurations. We can also specify cell-level general bindings. For system policy sets, bindings exist at the cell level and server level, or we can create application-specific bindings.
Use the following procedure to delete application-specific bindings for trust policy sets and application level bindings for application policy sets:

Launch the wsadmin scripting tool using Jython.
Retrieve the current binding configuration for the policy of interest. Use the getBinding command to display a properties object that contains all configuration attributes for a specific binding. Specify the location of the binding by passing a properties object using the bindingLocation parameter and the following reference table:

Table 2. bindingLocation parameter options

Type of Binding Value for the -bindingLocation parameter
Application -bindingLocation "[[application application1][attachmentId 123]]"
Trust service -bindingLocation "[[attachmentId 123]]"
WS-Notification client -bindingLocation "[[bus myBus][WSNService myService][attachmentId 123]"
General binding -bindingLocation []

In this example, the command displays the current binding configuration for the WSAddressing policy, with the 123 attachmentId, for the application1 application:
AdminTask.getBinding('[-policyType WSAddressing -bindingLocation "[[application application1][attachmentId 123]]"]')

To display general policy set bindings, identify the bindings by specifying the -bindingName parameter...
AdminTask.getBinding('[-bindingLocation [] -attachmentType application -bindingName "General Provider Binding"]')

Remove the binding of interest from each attachment.
We cannot remove a binding from the configuration if that binding is referenced by one or more attachments. Modify and use the following example command to remove a binding from an attachment:
AdminTask.setBinding('[-bindingLocation "[[application application1][attachmentId 123]]" -remove true]')

Delete the binding of interest.
Use the setBinding command to delete a application-specific binding configuration. Specify the binding of interest with the -bindingName parameter, an asterisk (*) for the -attachmentId property, and set the -remove parameter to true.
The following example setBinding command removes the WSAddressing123binding application policy set binding:
AdminTask.setBinding('[-attachmentType application -bindingName WSAddressing123binding -bindingLocation "[[application application1][attachmentId *]]" -remove true]')

The following example setBinding command removes the customTrust trust service binding:
AdminTask.setBinding('[-attachmentType "system/trust" -bindingName customTrust -bindingLocation "[attachmentId *]" -remove true]')

The following example setBinding command removes the General Provider Binding general binding:
AdminTask.setBinding('[-attachmentType application -bindingName "General Provider
Binding" -bindingLocation [] -bindingScope domain -remove true]')

We cannot delete general bindings if an attachment references the binding, or if the binding is set as the default for a server or domain.
Save the configuration changes...
AdminConfig.save()

Results

The application-specific binding of interest is removed from the configuration.

Related tasks

Remove policy set bindings using wsadmin
Create policy sets using wsadmin
Add and remove policies using wsadmin
Create policy set attachments using wsadmin
Manage policy set attachments using wsadmin
Remove policy set attachments using wsadmin
Manage policy sets

Related

PolicySetManagement

Administrative role	Authorization
Administrator	The Administrator role must have cell-wide access to modify bindings. If we have access to a specific resource only, we can modify bindings for the resource for which we have access.
Configurator	The Configurator role cannot modify bindings.
Deployer	The Deployer role cannot modify bindings.
Operator	The Operator role cannot modify bindings.
Monitor	The Monitor role cannot modify bindings.

Type of Binding	Value for the -bindingLocation parameter
Application	-bindingLocation "[[application application1][attachmentId 123]]"
Trust service	-bindingLocation "[[attachmentId 123]]"
WS-Notification client	-bindingLocation "[[bus myBus][WSNService myService][attachmentId 123]"
General binding	-bindingLocation []