Creating custom policy set bindings using the wsadmin tool

You can use the Jython or Jacl scripting language to create a custom binding to match your installation environment or requirements.

Before you begin

Before you use the commands in this topic, verify that you are using the most recent version of the wsadmin tool. The policy set management commands that accept a properties object as the value for the attributes or bindingLocation parameters are not supported on previous versions of the wsadmin tool. For example, the commands do not run on a Version 6.1.0.x node.

About this task

Policy set bindings specify the details about how your quality of service (QoS) is configured. For example, a policy set attachment determines that sign, encrypt, or reliable messaging should be enabled. The policy set binding specifies how the protection is configured, for example, the path of the keystore file, the class name of the token generator, or the JAAS configuration name.

For application policy sets, you can specify the policy set bindings at the cell-level and server-level using default binding configurations, or at the application level using custom binding configurations. If no binding information is specified during policy set attachment, the policy set inherits the default binding.

For system policy sets, you can specify the bindings at the cell-level and the server-level. The available bindings for system policy sets are the TrustServiceSymmetricDefault and TrustServiceSecurityDefault bindings. If no custom binding information is specified by the attachment, the resources inherit the TrustServiceSymmetricDefault or TrustServiceSecurityDefault binding.

Note: Default binding should only be used for development and testing. You must customize the signing and encryption keys in your binding configurations for a production environment.
Use the following procedure to create a new custom binding for your environment and requirements.

Procedure

  1. Launch the wsadmin scripting tool.
  2. Determine the type of binding to create.

    You can create application policy set bindings at the cell-level, server-level, or application-level, and trust service policy set bindings at the cell-level or server-level.

  3. Retrieve the current binding configuration for the policy of interest.
    Use the getBinding command to display a Properties object containing all configuration attributes for a specific binding. Specify the location of the binding by passing a properties object using the -bindingLocation parameter and the following reference table:
    Type of binding What to specify for the -bindingLocation parameter
    Cell-level -bindingLocation ""
    Server-level -bindingLocation "[[node node1][server server1]]"
    Application -bindingLocation "[[application application1][attachmentId 123]]"
    Trust service -bindingLocation "[[attachmentId 123]]"
    For this example, the command displays the current binding configuration for the WSAddressing policy, with the 123 attachmentId, for the application1 application:
    AdminTask.getBinding('-policyType WSAddressing -bindingLocation "[[application application1][attachmentId 123]]"')
    To return a specific configuration attribute for the policy, use the -attributes parameter. For example, enter this command to determine if workload management is enabled:
    AdminTask.getBinding('-policyType WSaddressing -bindingLocation 
    "[[application application1][attachmentId 123]]" -attributes "[preventWLM]"')
    The command returns a properties object which contains the value of the requested attribute, preventWLM. You may receive an error message if the binding does not exist in your configuration.
  4. Create a new custom binding for the policy of interest.
    Use the setBinding command to create a binding configuration for a policy. To specify that you are creating an application-specific binding, set the -bindingLocation parameter by passing the application and attachmentId property names in a Properties object. If you are creating a system policy set binding for the trust service, you only need to specify the attachmentId property name. You can further customize your binding with the following parameters:
    Parameter: Description: Data type:
    -policyType Specifies the policy of interest. String, required.
    -attachmentType Specifies the type of policy set attachment: application, client, or system/trust. If the attachment is for an application, you do not need to specify this parameter. String, optional.
    -attributes Specifies the attribute values to update. This parameter can include all binding attributes for the policy or a subset of attributes. Properties, required.
    -bindingName Specifies the name for your new custom binding. A name is generated if it is not specified. String, optional.

    The following example creates the WSAddressing1234binding attachment-specific binding for the WSAddressing policy, assigned to the application1 application attachment 123, and enables workload management:

    AdminTask.setBinding('-policyType WSAddressing -bindingName 
    WSAddressing123binding -bindingLocation "[ [application application1] 
    [attachmentId 123] ]" -attributes "[preventWLM false]"')
  5. Optional: Add custom binding properties.
    Use the setBinding command to add any additional custom properties for your custom binding. The application server provides custom properties that are specific to each quality of service. Use the following format to specify custom properties for the binding:
    AdminTask.setBinding('[-bindingLocation "" -policyType WSAddressing 
    -attributes "[[properties_x:name key_value] [properties_x:value value]"]')
  6. Save your configuration changes.
    AdminConfig.save()



In this information ...


IBM Redbooks, demos, education, and more

(Index)

Use IBM Suggests to retrieve related content from ibm.com and beyond, identified for your convenience.

This feature requires Internet access.

Task topic Task topic    

Terms and conditions for information centers | Feedback

Last updatedLast updated: Aug 31, 2013 1:23:07 AM CDT
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=pix&product=was-nd-dist&topic=txml_wsfpcreatebinding
File name: txml_wsfpcreatebinding.html