WebSphere WebSphere Application Server Version 6.1.x Feature Pack for Web Services Operating Systems: AIX, HP-UX, i5/OS, Linux, Solaris, Windows, z/OS

Adding users and groups to bus destination roles using the wsadmin tool

To grant a user or group access to a service integration bus destination, you add them to the appropriate destination role or roles. Use these commands to add users and groups to destination roles for a local or foreign bus.

To run these commands, use the AdminTask object of the wsadmin scripting client. Each command acts on multiple objects in one operation. The commands are provided to allow you to make the most commonly-required types of update in a consistent manner, where modifying the underlying objects directly would be error-prone.

For i5/OS platforms The wsadmin scripting client is run from Qshell. For more information, see the topic "Configure Qshell to run WebSphere Application Server scripts".

For i5/OS platforms These commands are only valid when used with WebSphere Application Server Version 6 and later application servers. Do not use them with earlier versions.

For i5/OS platforms Command-line help is provided for service integration bus commands:

Commands

You can use this command to define the access control policy for a messaging resource that does not yet exist. This approach is deliberate; by defining the access control policy first, you ensure that the associated messaging resource is secure from the moment it is created.

The allowed roles for a destination depend on the type of the destination as defined in Administering destination roles through the command line.

If you are specifying a destinationType that is either foreignDestination or alias, the foreign bus name that you specify must be the name of the foreign bus hosting the destination.

Adding a user
To add a user to a destination role on a local or foreign bus, use the following command:
$AdminTask addUserToDestinationRole
        {-type destinationType
         -bus busName
         -foreignBus foreignBusName
         -destination destinationName
         -role roleName
         -user userName}
Adding a group
To add a group to a destination role on a local or foreign bus, use the following command:
$AdminTask addGroupToDestinationRole
        {-type destinationType
         -bus busName
         -foreignBus foreignBusName
         -destination destinationName
         -role roleName
         -group groupName}

Example

Give a user and group send access to a destination:

addUserToDestinationRole { -type queue -bus BusName -destination mydestination -role Sender -user Fred }
addGroupToDestinationRole { -type queue -bus BusName -destination mydestination -role Sender -group TheGroup}

Give a user and group access to receive messages from a destination:

addUserToDestinationRole { -type queue -bus BusName -destination mydestination -role Sender -user Fred }
addGroupToDestinationRole { -type queue -bus BusName -destination mydestination -role Sender -group TheGroup}
After using these commands, save your changes to the master configuration; for example, by using the following command:
 $AdminConfig save
Related reference
Adding users and groups to default roles using the wsadmin tool

Reference topic

Terms of use | Feedback


Timestamp icon Last updated: 27 November 2008
http://publib.boulder.ibm.com/infocenter/wasinfo/v6r1/index.jsp?topic=/com.ibm.websphere.pmc.wsfep.multiplatform.doc/ref/rjr_dest_roles_add.html

Copyright IBM Corporation 2004, 2008. All Rights Reserved.
This information center is powered by Eclipse technology. (http://www.eclipse.org)