Example: User revocation from a cache

In WebSphere Application Server, V5.0.2 and later, revocation of a user from the security cache using an MBean interface is supported. The following Java Command Language (JACL) revokes a user when given the realm and user ID, and cycles through all security administration MBean instances returned for the entire cell when run from the Deployment Manager WSADMIN. The command also purges the user from the cache during each process.

Note: This procedure can be called from another JACL script. Attention: In some of the following lines of code, the lines have been split onto two or more lines.

proc revokeUser {realm userid} {
global AdminControl AdminConfig

if {[catch {$AdminControl queryNames WebSphere:type=SecurityAdmin,*}
result]} {
puts stdout "\$AdminControl queryNames WebSphere:type=SecurityAdmin,*
caught an exception $result\n"
return
} else {
if {$result != {}} {
foreach secBean $result {
if {$secBean != {} || $secBean != "null"} {
if {[catch {$AdminControl invoke $secBean
purgeUserFromAuthCache "$realm $userid"} result]} {
puts stdout "\$AdminControl invoke $secBean
purgeUserFromAuthCache $realm $userid caught an
exception $result\n"
return
} else {
puts stdout "\nUser $userid has been purged from the
cache of process $secBean\n"
}
} else {
puts stdout "unable to get securityAdmin Mbean, user
$userid not revoked"
}
}
} else {
puts stdout "Security Mbean was not found\n"
return
}
}
return true
}

---

 

See Also

Programmatic login

 

---