Network Deployment (Distributed operating systems), v8.0 > Scripting the application serving environment (wsadmin) > Scripting for security > Configure security with scripting > Configure multiple security domains using scripting

Map resources to security domains using scripting

Use this topic to assign management resources to security domains. Set management resources to the security domains to customize the security configuration for a cell, server, or cluster.

Users assigned to the administrator role can configure security domains. Verify that we have the appropriate administrative role before configuring security domains. Also, create a security domain, or copy an existing security domain before assigning resources to a security domain.

After creating a security domain, you can map management resources to the security domain. We can assign resources to a security domain at the server, cell, and cluster level. Use the following steps to assign a resource to a security domain:

Procedure

1. Launch wsadmin.sh using the Jython scripting language. See the Starting the wsadmin scripting client article for more information.
2. Determine which security domain to map a resource.

   Use the listSecurityDomains command to view a list of security domains in the configuration. Specify true for the optional -listDescription parameter to list the description for each security domain, as the following Jython example demonstrates:

   print AdminTask.listSecurityDomains('-listDescription true')
   

   The command returns the following example attribute list output:

   {{name myDomain}
   {description {security domain for administrative applications}}}
   {{name domain2}
   {description {new domain for cell123}}}
   

3. Assign a resource to a security domain.

   Use the mapResourceToSecurityDomain command to assign a management resource to the security domain. For example, use the following Jython command to secure all applications on the server1 cell with the security attributes in the domain2 security domain:

   AdminTask.mapResourceToSecurityDomain('-securityDomainName domain2 -resourceName Cell=myCell:Node=myNode:Server=server1')
   

4. Save the configuration changes.

   Save the configuration changes:

   AdminConfig.save()
   

Results

Your security domain is updated in the configuration. All applications in the specified resource use the security attributes specified by the security domain. If the security domain does not contain all security attributes, then the missing attributes are obtained from the global security configuration.

What to do next

Restart each resource that you assigned to a security domain.
Configure security domains using scripting
Manage servers and nodes with scripting
Start the wsadmin scripting client using wsadmin.sh

+

Search Tips   |   Advanced Search