Network Deployment (Distributed operating systems), v8.0 > Reference > Commands (wsadmin scripting)


SecurityRealmInfoCommands command group

We can use Jython to manage security realm configurations with wsadmin.sh. Use the commands and parameters in the SecurityRealmInfoCommands group to query and manage trusted realms.

Use the following commands to manage trusted realms in the security configuration:



addTrustedRealms

Add a realm or list of realms to the list of trusted realms for global security or in a security domain.

Target object None


Required parameters

-communicationType

Whether to trusted realms to inbound or outbound communication. Specify inbound to configure inbound communication. Specify outbound to configure outbound communication. (String)


Optional parameters

-securityDomainName

Name of the security domain of interest. If you do not specify a value for this parameter, the command uses the global security configuration. (String)

-realmList

Specifies a realm or list of realms to configure as trusted realms. (String)

Separate each realm in the list with the pipe character (|) as the following example demonstrates: realm1|realm2|realm3


Return value

The command does not return output.

Batch mode example usage


Interactive example...



configureTrustedRealms

Configure trusted realms. Use this command to replace the list of trusted realms and to clear each realm from the list.

To add realms to the trusted realm list, use the addInboundTrustedRealm command.

Target object None


Required parameters

-communicationType

Whether to configure the security domains, realms, or global security configuration for inbound or outbound communication. Specify inbound to configure inbound communication. Specify outbound to configure outbound communication. (String)


Optional parameters

-securityDomainName

Name of the security domain of interest. If you do not specify a value for this parameter, the command uses the global security configuration. (String)

-realmList

Specifies a list of realms to configure as trusted realms. (String)

Separate each realm in the list with the pipe character (|) as the following example demonstrates: realm1|realm2|realm3

-trustAllRealms

Whether to trust all realms. Specify true to trust all realms. If you specify true for this parameter, the command does not use the -realmList parameter. (Boolean)


Return value

The command does not return output.

Batch mode example usage


Interactive example...



listRegistryGroups

Display the groups in the user registry that belong to the security realm, security domain, or resource name of interest.

Target object None


Optional parameters

-securityRealmName

Name of the security realm of interest. securityDomainName, resourceName, and securityRealmName are mutually exclusive. Do not specify more than one of these parameters. (String)

-resourceName

Name of the resource of interest. securityDomainName, resourceName, and securityRealmName are mutually exclusive. Do not specify more than one of these parameters. (String)

-securityDomainName

Name of the security domain of interest. securityDomainName, resourceName, and securityRealmName are mutually exclusive. Do not specify more than one of these parameters.(String)

-displayAccessIds

Whether to display the access IDs for each group. Specify true to display the access ID and group name for each group that the command returns. (Boolean)

-groupFilter

Filter used to query for groups. For example, specify test* to return groups that begin with the test string. By default, the command returns all groups. (String)

-numberOfGroups

Number of groups to return. The default number of groups that the command displays is 20. (Integer)


Return value

The command returns an array of group names. If you specified the -displayAccessId parameter, the command returns an array of attribute lists which contain the group name and group access ID.

Batch mode example usage


Interactive example...



listRegistryUsers

Display the users in the user registry for a specific security realm, resource name, or domain name.

Target object None


Optional parameters

-securityDomainName

Name of the security domain of interest. securityDomainName, resourceName, and securityRealmName are mutually exclusive. Do not specify more than one of these parameters. If no parameters specified, the system uses the active user registry from the global security configuration. (String)

-resourceName

Name of the resource of interest. securityDomainName, resourceName, and securityRealmName are mutually exclusive. Do not specify more than one of these parameters. If no parameters specified, the system uses the active user registry from the global security configuration. (String)

-securityRealmName

Name of the security realm of interest. securityDomainName, resourceName, and securityRealmName are mutually exclusive. Do not specify more than one of these parameters. If no parameters specified, the system uses the active user registry from the global security configuration. (String)

-displayAccessIds

Whether to display the access IDs for each group. Specify true to display the access ID and group name for each group that the command returns. (Boolean)

-userFilter

Filter that the command uses to query for users. For example, specify test* to display each user name that starts with the test string. By default, the command returns all users. (String)

-numberOfUsers

Number of users to return. The default number of groups that the command displays is 20. (Integer)


Return value

The command returns an array of user names. If you specify the -displayAccessId parameter, the command returns an array of attribute lists that contain the user ID and user access IDs.

Batch mode example usage


Interactive example...



listSecurityRealms

Display each security realm from global security configuration and the security domains.

Target object None


Return value

The command returns an array of realm names.


Batch example...


Interactive example...



listTrustedRealms

Display a list of trusted realms for a security domain, resource, or realm. If you do not specify a security domain, resource name, or realm name, then the command returns a list of trusted realms from the global security configuration. The securityRealmName, resourceName, and securityDomainName parameters are mutually exclusive.

Target object None


Required parameters

-communicationType

Whether to list the trusted realms for inbound or outbound communication. Specify inbound to configure inbound communication. Specify outbound to configure outbound communication. (String)


Optional parameters

-securityRealmName

Name of the security realm of interest. If you use this parameter, do not use the resourceName or securityDomainName parameters. (String)

-resourceName

Name of the resource of interest. If you use this parameter, do not use the securityRealmName or securityDomainName parameters. (String)

-securityDomainName

Name of the security domain of interest. If you use this parameter, do not use the resourceName or securityRealmName parameters. (String)

-expandRealmList

Whether to return each realm name when the trustAllRealms property is enabled. Specify true to return each realm name. Specify false to return the trustAllRealms property. (Boolean)

-includeCurrentRealm

Whether to include the current realm in the list of trusted realms. Specify true to include the current realm, or specify false to exclude the current realm from the list of trusted realms. (Boolean)


Return value

The command returns an array of trusted realm names. If the realm, resource, or security domain of interest is configured to trust all realms, the command returns the trustAllRealms string.


Batch example...


Interactive example...



removeTrustedRealms

Remove realms from a trusted realm list in a security domain or in the global security configuration.

Target object None


Required parameters

-communicationType

Whether to remove trusted realms from inbound or outbound communication. Specify inbound to configure inbound communication. Specify outbound to configure outbound communication. (String)

-realmList

Specifies a list of realms to remove from trusted realms. (String)

Separate each realm in the list with the pipe character (|) as the following example demonstrates: realm1|realm2|realm3


Optional parameters

-securityDomainName

Name of the security domain of interest. If you do not specify a security domain, the command uses the global security configuration. (String)


Return value

The command does not return output.

Batch mode example usage


Interactive example...



unconfigureTrustedRealms

Remove the trusted realm object from the configuration.

Target object None


Required parameters

-communicationType

Whether to unconfigure the trusted realms for inbound or outbound communication. Specify inbound to remove inbound communication configurations. Specify outbound to remove outbound communication configurations. (String)


Optional parameters

-securityDomainName

Name of the security domain of interest. If you do not specify a security domain, the command uses the global security configuration. (String)


Return value

The command does not return output.

Batch mode example usage


Interactive example...


Configure multiple security domains using scripting


Related


SecurityConfigurationCommands command group
SecurityDomainCommands command group

+

Search Tips   |   Advanced Search