Working with JAAS configuration entry properties files

You can use properties files to create, modify, or delete Java Authentication and Authorization Service (JAAS) configuration entry properties.

Before you begin

Determine the changes that you want to make to your JAAS configuration entry object or its properties.

Start the wsadmin scripting tool. To start wsadmin using the Jython language, run the wsadmin -lang Jython command from the bin directory of the server profile.

About this task

Using a properties file, you can create, modify, or delete a JAAS configuration entry object.

Run administrative commands using wsadmin to create or change a properties file for a JAAS configuration entry, validate the properties, and apply them to your configuration.

Table 1. Actions for JAAS configuration entry properties files. You can create, modify, and delete JAAS properties.
Action Procedure
create Set required properties and then run the applyConfigProperties command.
modify Edit required properties and then run the applyConfigProperties command..
delete Run the deleteConfigProperties command to delete a property. If the deleted property has a default value, the property is set to the default value. To delete the entire JAASConfigurationEntry object, uncomment #DELETE=true and then run the deleteConfigProperties command.
create Property Not applicable
delete Property Not applicable

Optionally, you can use interactive mode with the commands:

AdminTask.command_name('-interactive')

Procedure

  1. Create a JAASConfigurationEntry properties file.
    1. Set JAASConfigurationEntry properties as needed.

      You can add a new JAAS configuration entry under either systemLoginConfiguration or applicationLoginConfiguration.

      Open an editor and create a properties file for a JAASConfigurationEntry object. The following example uses systemLoginConfiguration to add a new JAAS configuration entry:

      #
      # Header 
      #
      ResourceType=JAASConfigurationEntry
      ImplementingResourceType=Security
      ResourceId=Cell=!{cellName}:Security=:JAASConfiguration=systemLoginConfig#:JAASConfigurationEntry=
      alias#myJAAS
      #DELETE=true
      #
      
      #
      #Properties
      #
      alias=myJAAS #required
      
      
      #
      # Header JAASLoginModule
      #
      ResourceType=JAASLoginModule
      ImplementingResourceType=Security
      ResourceId=Cell=!{cellName}:Security=:JAASConfiguration=systemLoginConfig#:JAASConfigurationEntry=
      alias#myJAAS:JAASLoginModule=moduleClassName#com.acme.myLoginModule
      AttributeInfo=loginModules
      #DELETE=true
      #
      
      #
      #Properties
      #
      callbackHandlerClassName=null
      moduleClassName=com.acme.myLoginModule #required
      authenticationStrategy=REQUIRED #ENUM(OPTIONAL|REQUISITE|REQUIRED|SUFFICIENT),de
      fault(REQUIRED)
      
      
      #
      # Header JAASLoginModule options
      #
      ResourceType=JAASLoginModule
      ImplementingResourceType=Security
      ResourceId=Cell=!{cellName}:Security=:JAASConfiguration=systemLoginConfig#:JAASConfigurationEntry=
      alias#myJAAS:JAASLoginModule=moduleClassName#com.acme.myLoginModule
      AttributeInfo=options(name,value)
      #
      
      #
      #Properties
      #
      myProp=myValue
      
      #
      # Header JAASLoginModule Another module
      #
      ResourceType=JAASLoginModule
      ImplementingResourceType=Security
      ResourceId=Cell=!{cellName}:Security=:JAASConfiguration=systemLoginConfig#:JAASConfigurationEntry=
      alias#myJAAS:JAASLoginModule=moduleClassName#com.acme.myAnotherLoginModule
      AttributeInfo=loginModules
      #DELETE=true
      #
      
      #
      #Properties
      #
      callbackHandlerClassName=null
      moduleClassName=com.acme.myAnotherLoginModule #required
      authenticationStrategy=REQUIRED #ENUM(OPTIONAL|REQUISITE|REQUIRED|SUFFICIENT),de
      fault(REQUIRED)
      
      
      #
      # Header JAASLoginModule options
      #
      ResourceType=JAASLoginModule
      ImplementingResourceType=Security
      ResourceId=Cell=!{cellName}:Security=:JAASConfiguration=systemLoginConfig#:JAASConfigurationEntry=
      alias#myJAAS:JAASLoginModule=moduleClassName#com.acme.myAnotherLoginModule
      AttributeInfo=options(name,value)
      #
      
      #
      #Properties
      #
      myProp=myValue
      
      EnvironmentVariablesSection
      #Environment Variables
      cellName=myCell
    2. Run the applyConfigProperties command to create or change a JAAS configuration entry.

      Running the applyConfigProperties command applies the properties file to the configuration. In this Jython example, the optional -reportFileName parameter produces a report named report.txt:

      AdminTask.applyConfigProperties(['-propertiesFileName myObjectType.props -reportFileName report.txt '])
  2. Modify an existing properties file.
    1. Obtain a properties file for the JAASConfigurationEntry that you want to change.

      You can extract a properties file for a JAASConfigurationEntry object using the extractConfigProperties command.

    2. Open the properties file in an editor and change the properties as needed.

      Ensure that the environment variables in the properties file match your system.

    3. Run the applyConfigProperties command.
  3. If you no longer need the JAAS configuration entry object or an existing property, you can delete the entire JAAS object or one or more properties.
    • To delete the entire object, specify DELETE=true in the header section of the properties file and run the deleteConfigProperties command; for example:
      AdminTask.deleteConfigProperties('[-propertiesFileName myObjectType.props -reportFileName report.txt]') 
    • To delete one or more properties, specify only the properties to be deleted in the properties file and then run the deleteConfigProperties command.

Results

You can use the properties file to configure and manage the JAAS configuration entry object and its properties.

What to do next

Save the changes to your configuration.

Task topic    

Terms and conditions for information centers | Feedback

Last updated: April 17, 2014 10:32 PM CDT
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=phil&product=was-express-iseries&topic=txml_config_prop_sec_jaas
File name: txml_config_prop_sec_jaas.html