You can use the Jython or Jacl scripting languages to manage policy set configurations with the wsadmin tool. Use the commands and parameters in the PolicySetManagement group to create, delete, and manage policy set, policy, and policy set attachment configurations.
Before you use the commands in this topic, verify that you are using the most recent version of the wsadmin tool. The policy set management commands that accept a properties object as the value for the attributes or bindingLocation parameters are not supported on previous versions of the wsadmin tool. For example, the commands do not run on a Version 6.1.0.x node.
The listPolicySets command returns a list of all existing policy sets.
Target object
None.
Optional parameters
Return value
A list of all existing policy sets. Each entry in the list is the name of a policy set.
Batch mode example usage
AdminTask.listPolicySets('[-policySetType system/trust]')
AdminTask.listPolicySets(['-policySetType system/trust'])
Interactive mode example usage
AdminTask.listPolicySets ('[-interactive]')
AdminTask.listPolicySets (['-interactive'])
The getPolicySet command returns general attributes, such as description and default indicator, for the specified policy set.
Target object
None.
Required parameters
Return value
A list of attributes for the specified policy set name.
Batch mode example usage
AdminTask.getPolicySet('[-policySet SecureConversation]')
AdminTask.getPolicySet(['-policySet SecureConversation'])
Interactive mode example usage
AdminTask.getPolicySet ('[-interactive]')
AdminTask.getPolicySet (['-interactive'])
The createPolicySet command creates a new policy set. Policies are not created with the policy set. The default indicator is set to false.
Target object
None.
Required parameters
Optional parameters
Return value
A success or failure message.
Batch mode example usage
AdminTask.createPolicySet('[-policySet myCustomPS -description [my new custom policy set] -policySetType system/trust]')
AdminTask.createPolicySet(['-policySet myCustomPS -description [my new custom policy set] -policySetType system/trust'])
Interactive mode example usage
AdminTask.createPolicySet ('[-interactive]')
AdminTask.createPolicySet (['-interactive'])
The copyPolicySet command creates a copy of an existing policy set. By default, the policy set attachments are transferred to the new policy set.
Target object
None.
Required parameters
Optional parameters
Return value
A success or failure message.
Batch mode example usage
AdminTask.copyPolicySet('[-sourcePolicySet SecureConversation -newPolicySet CustomSecureConversation -newDescription [my new copied policy set] -transferAttachments true]')
AdminTask.copyPolicySet(['-sourcePolicySet SecureConversation -newPolicySet CustomSecureConversation -newDescription [my new copied policy set] -transferAttachments true'])
Interactive mode example usage
AdminTask.copyPolicySet ('[-interactive]')
AdminTask.copyPolicySet (['-interactive'])
The deletePolicySet command deletes the specified policy set. If attachments exist for the policy set, the command returns a failure message.
Target object
None.
Required parameters
Return value
A success or failure message.
Batch mode example usage
AdminTask.deletePolicySet('[-policySet customSecureConversation]')
AdminTask.deletePolicySet(['-policySet customSecureConversation'])
Interactive mode example usage
AdminTask.deletePolicySet ('[-interactive]')
AdminTask.deletePolicySet (['-interactive'])
The updatePolicySet command enables you to input an attribute list to update the policy set. You can use this command to update all attributes for the policy set, or a subset of attributes.
Target object
None.
Required parameters
Return value
A success or failure message.
Batch mode example usage
AdminTask.updatePolicySet('-policySet policySet1 -attributes "[[type application] [description [my policy set description]]]"')
AdminTask.updatePolicySet(['-policySet policySet1 -attributes "[[type application] [description [my policy set description]]]"'])
Interactive mode example usage
AdminTask.updatePolicySet ('[-interactive]')
AdminTask.updatePolicySet (['-interactive'])
The addPolicyType command adds a policy with default values for the specified policy set. You must indicate whether to enable or disable the added policy.
Target object
None.
Required parameters
Return value
A success or failure message.
Batch mode example usage
AdminTask.addPolicyType('[-policySet customPolicySet -policyType WSTransaction -enabled true]')
AdminTask.addPolicyType(['-policySet customPolicySet -policyType WSTransaction -enabled true'])
Interactive mode example usage
AdminTask.addPolicyType ('[-interactive]')
AdminTask.addPolicyType (['-interactive'])
The deletePolicyType command deletes a policy from a policy set.
Target object
None.
Required parameters
Return value
A success or failure message.
Batch mode example usage
AdminTask.deletePolicyType('[-policySet customPolicySet -policyType WSTransaction]')
AdminTask.deletePolicyType(['-policySet customPolicySet -policyType WSTransaction'])
Interactive mode example usage
AdminTask.deletePolicyType ('[-interactive]')
AdminTask.deletePolicyType (['-interactive'])
The validatePolicySet command validates the policy set configuration.
Target object
None.
Required parameters
Return value
A success or failure message.
Batch mode example usage
AdminTask.validatePolicySet('[-policySet customSecureConversation]')
AdminTask.validatePolicySet(['-policySet customSecureConversation'])
Interactive mode example usage
AdminTask.validatePolicySet ('[-interactive]')
AdminTask.validatePolicySet (['-interactive'])
The exportPolicySet command exports a policy set as an archive that can be copied onto a client environment.
Target object
None.
Required parameters
Return value
A success or failure message.
Batch mode example usage
AdminTask.exportPolicySet('[-policySet customSecureConversation -pathName C:/IBM/WebSphere/AppServer/PolicySets/customSC.zip]')
AdminTask.exportPolicySet(['-policySet customSecureConversation -pathName C:/IBM/WebSphere/AppServer/PolicySets/customSC.zip'])
Interactive mode example usage
AdminTask.exportPolicySet ('[-interactive]')
AdminTask.exportPolicySet (['-interactive'])
The importPolicySet command imports a policy set from a compressed archive file onto the server environment.
Target object
None.
Required parameters
Return value
A success or failure message.
Batch mode example usage
AdminTask.importPolicySet('[-importFile C:/IBM/WebSphere/AppServer/PolicySets/customSC.zip]')
AdminTask.importPolicySet(['-importFile C:/IBM/WebSphere/AppServer/PolicySets/customSC.zip'])
Interactive mode example usage
AdminTask.importPolicySet ('[-interactive]')
AdminTask.importPolicySet (['-interactive'])
The listPolicyTypes command returns a list of the names of the policies configured on your system. The input parameters allow you to list each policy type configured in the system, the policy types configured in a policy set, or the policy types in a binding.
Target object
None.
Optional parameters
Return value
All policies that are configured.
Batch mode example usage
AdminTask.listPolicyTypes('[-policySet customSecureConversation]')
AdminTask.listPolicyTypes(['-policySet customSecureConversation'])
Interactive mode example usage
AdminTask.listPolicyTypes ('[-interactive]')
AdminTask.listPolicyTypes (['-interactive'])
The getPolicyType command returns the attributes for a specified policy.
Target object
None.
Required parameters
Optional parameters
Return value
A properties object containing the policy attributes.
Batch mode example usage
AdminTask.getPolicyType('[-policySet customSecureConversation -policyType SecureConversation]')
AdminTask.getPolicyType(['-policySet customSecureConversation -policyType SecureConversation'])
Interactive mode example usage
AdminTask.getPolicyType ('[-interactive]')
AdminTask.getPolicyType (['-interactive'])
Target object
None.
Required parameters
Optional parameters
Return value
A success or failure message.
Batch mode example usage
AdminTask.setPolicyType('[-policySet customSecureConversation -policyType SecureConversation -attributes "[[type application] [description [my new description]]]"]')
AdminTask.setPolicyType(['-policySet customSecureConversation -policyType SecureConversation -attributes "[[type application] [description [my new description]]]"'])
Interactive mode example usage
AdminTask.setPolicyType ('[-interactive]')
AdminTask.setPolicyType (['-interactive'])
The getPolicyTypeAttribute command returns the value for the specified policy attribute.
Target object
None.
Required parameters
Return value
A string that contains the value of the specified attribute.
Batch mode example usage
AdminTask.getPolicyTypeAttribute('[-policySet customSecureConversation -policyType SecureConversation -attributeName type]')
AdminTask.getPolicyTypeAttribute(['-policySet customSecureConversation -policyType SecureConversation -attributeName type'])
Interactive mode example usage
AdminTask.getPolicyTypeAttribute ('[-interactive]')
AdminTask.getPolicyTypeAttribute (['-interactive'])
The setPolicyTypeAttribute command sets the value for the specified policy attribute.
Target object
None.
Required parameters
Return value
If the attribute is successfully added to the policy, the command returns the true string value.
Batch mode example usage
AdminTask.setPolicyTypeAttribute('[-policySet customPolicySet -policyType WSReliableMessaging -attributeName specLevel -attributeValue 1.0]')
AdminTask.setPolicyTypeAttribute(['-policySet customPolicySet -policyType WSReliableMessaging -attributeName specLevel -attributeValue 1.0'])
Interactive mode example usage
AdminTask.setPolicyTypeAttribute ('[-interactive]')
AdminTask.setPolicyTypeAttribute (['-interactive'])
The getPolicySetAttachments command lists the properties for all policy set attachments configured in a specified application.
Target object
None.
Optional parameters
Return value
A list of properties for each attachment in the application, including the policy set name, attachment ID, and resource list.
Batch mode example usage
AdminTask.getPolicySetAttachments('[-attachmentType system/trust]')
AdminTask.getPolicySetAttachments(['-attachmentType system/trust'])
Interactive mode example usage
AdminTask.getPolicySetAttachments ('[-interactive]')
AdminTask.getPolicySetAttachments (['-interactive'])
The createPolicySetAttachment command creates a new policy set attachment for an application.
Target object
None.
Required parameters
Optional parameters
Return value
A string with the ID of the new attachment.
Batch mode example usage
AdminTask.createPolicySetAttachment('[-policySet policyset1 -resources "WebService:/" -applicationName WebService -attachmentType application]')
AdminTask.createPolicySetAttachment(['-policySet policyset1 -resources "WebService:/" -applicationName WebService -attachmentType application'])
Interactive mode example usage
AdminTask.createPolicySetAttachment ('[-interactive]')
AdminTask.createPolicySetAttachment (['-interactive'])
The updatePolicySetAttachment command updates the resources that apply to a policy set attachment.
Target object
None.
Required parameters
Optional parameters
Return value
A success or failure message.
Batch mode example usage
AdminTask.updatePolicySetAttachment('[-attachmentId 123 -resources "WebService:/"]')
AdminTask.updatePolicySetAttachment(['-attachmentId 123 -resources "WebService:/"'])
Interactive mode example usage
AdminTask.updatePolicySetAttachment ('[-interactive]')
AdminTask.updatePolicySetAttachment (['-interactive'])
The addToPolicySetAttachment command adds additional resources that apply to a policy set attachment.
Target object
None.
Required parameters
Optional parameters
Return value
A success or failure message.
Batch mode example usage
AdminTask.addToPolicySetAttachment('[-attachmentId 123 -resources "WebService:/webapp1.war:{http://www.ibm.com}myService"]')
AdminTask.addToPolicySetAttachment(['-attachmentId 123 -resources "WebService:/webapp1.war:{http://www.ibm.com}myService"'])
Interactive mode example usage
AdminTask.addToPolicySetAttachment ('[-interactive]')
AdminTask.addToPolicySetAttachment (['-interactive'])
The removeFromPolicySetAttachment command removes resources that apply to a policy set attachment.
Target object
None.
Required parameters
Optional parameters
Return value
A success or failure message.
Batch mode example usage
AdminTask.removeFromPolicySetAttachment('[-attachmentId 123 -resources "WebService:/webapp1.war:{http://www.ibm.com}myService"]')
AdminTask.removeFromPolicySetAttachment(['-attachmentId 123 -resources "WebService:/webapp1.war:{http://www.ibm.com}myService"'])
Interactive mode example usage
AdminTask.removeFromPolicySetAttachment ('[-interactive]')
AdminTask.removeFromPolicySetAttachment (['-interactive'])
The deletePolicySetAttachment command removes a policy set attachment from an application.
Target object
None.
Required parameters
Optional parameters
Return value
A success or failure message.
Batch mode example usage
AdminTask.deletePolicySetAttachment('[-attachmentId 123]')
AdminTask.deletePolicySetAttachment(['-attachmentId 123'])
Interactive mode example usage
AdminTask.deletePolicySetAttachment ('[-interactive]')
AdminTask.deletePolicySetAttachment (['-interactive'])
The listAttachmentsForPolicySet command lists the applications to which a specific policy set is attached.
Target object
None.
Required parameters
Optional parameters
Return value
A list of application names.
Batch mode example usage
AdminTask.listAttachmentsForPolicySet('[-policySet SecureConversation]')
AdminTask.listAttachmentsForPolicySet(['-policySet SecureConversation'])
Interactive mode example usage
AdminTask.listAttachmentsForPolicySet ('[-interactive]')
AdminTask.listAttachmentsForPolicySet (['-interactive'])
The deleteAttachmentsForPolicySet command removes all attachments for a specific policy set.
Target object
None.
Required parameters
Optional parameters
Return value
A success or failure message.
Batch mode example usage
AdminTask.deleteAttachmentsForPolicySet('[-policySet customSecureConversation -applicationName newApp1]')
AdminTask.deleteAttachmentsForPolicySet(['-policySet customSecureConversation -applicationName newApp1'])
Interactive mode example usage
AdminTask.deleteAttachmentsForPolicySet ('[-interactive]')
AdminTask.deleteAttachmentsForPolicySet (['-interactive'])
The transferAttachmentsForPolicySet command transfers all attachments from one policy set to another policy set.
Target object
None.
Required parameters
Optional parameters
Return value
A success or failure message.
Batch mode example usage
AdminTask.transferAttachmentsForPolicySet('[-sourcePolicySet SecureConversation -destinationPolicySet customSecureConversation -applicationName newApp1]')
AdminTask.transferAttachmentsForPolicySet(['-sourcePolicySet SecureConversation -destinationPolicySet -customSecureConversation -applicationName newApp1'])
Interactive mode example usage
AdminTask.transferAttachmentsForPolicySet ('[-interactive]')
AdminTask.transferAttachmentsForPolicySet (['-interactive'])
The getBinding command returns the binding configuration for a specified policy and scope. You can use the getBinding command to return a list of available custom bindings, which includes bindings that are and are not referenced by attachments.
Target object
None.
Required parameters
Optional parameters
Return value
A properties object that contains the requested configuration attributes for the policy binding.
Batch mode example usage
AdminTask.getBinding('[-policyType WSAddressing -attachmentType application -bindingLocation "[[application application_name] [attachmentId *]]"]')
AdminTask.getBinding('[-policyType WSAddressing -attachmentType client -bindingLocation "[[application application_name] [attachmentId *]]"]')
AdminTask.getBinding('[-policyType WSAddressing -attachmentType system/trust -bindingLocation "[[application application_name] [attachmentId *]]"]')
AdminTask.getBinding(['-policyType WSAddressing -bindingLocation ""'])
Interactive mode example usage
AdminTask.getBinding('[-interactive]')
AdminTask.getBinding(['-interactive'])
The setBinding command updates the binding configuration for a specified policy. Use this command to add a server-specific binding, update an attachment to use a custom binding, edit binding attributes, or to remove a binding configuration.
Target object
None.
Required parameters
Optional parameters
Return value
A success or failure message.
Batch mode example usage
AdminTask.setBinding('[-policyType WSAddressing -bindingLocation "[ [application myApplication] [attachmentId 123] ]" -attributes "[preventWLM false]" -attachmentType application]')
AdminTask.setBinding(['-policyType WSAddressing -bindingLocation "[ [application myApplication] [attachmentId 123] ]" -attributes "[preventWLM false]" -attachmentType application'])
Interactive mode example usage
AdminTask.setBinding('[-interactive]')
AdminTask.setBinding(['-interactive'])