Adding users and groups to foreign bus roles using the wsadmin tool

By default, when security is enabled, you do not have access to a foreign service integration bus. To grant a user or group access to a foreign bus, use these commands to add them to the Sender or IdentityAdopter role.

To run these commands, use the AdminTask object of the wsadmin scripting client. Each command acts on multiple objects in one operation. The commands are provided to allow you to make the most commonly-required types of update in a consistent manner, where modifying the underlying objects directly would be error-prone.

Commands

You can use this command to define the access control policy for a messaging resource that does not yet exist. This approach is deliberate; by defining the access control policy first, you ensure that the associated messaging resource is secure from the moment it is created.
Tip: You can use the special subject AllAuthenticated to give all users access to a foreign bus. For more information, see Assigning users to naming roles.
Adding a user
To add a user to a Sender or IdentityAdopter role on a foreign bus, use the following command:
$AdminTask addUserToForeignBusRole
         {-bus busName
         	-foreignBus foreignBusName
         	-role roleName
         	-user userName}
Adding a group
To add a group to a Sender or IdentityAdopter role on a foreign bus, use the following command:
$AdminTask addGroupToForeignBusRole
         {-bus busName
         	-foreignBus foreignBusName
         	-role roleName
         	-group groupName}
After using these commands, save your changes to the master configuration; for example, by using the following command:
 $AdminConfig save



Related tasks
Administering foreign bus roles through the command line
Reference topic    

Terms of Use | Feedback

Last updated: Aug 29, 2010 6:22:59 PM CDT
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=vela&product=was-express-dist&topic=rjr_fb_roles_add
File name: rjr_fb_roles_add.html