jacl or jython script to create Administrative group roles and assign them

Something like this perhaps?

# role     is the name of the role
# everyone is yes or no to say if everyone has the role
# allAuth  is yes or no to say if every authenticated
#          user has the role
# users    is a LIST of strings, one for each user
# groups   is a LIST of strings, one for each group
 
# create a single role mapping
roleMapping = [role, everyone, allAuth, '|'.join(users), '|'.join(groups)]
 
# The construct '|'.join(list) converts the list of Strings
# into the single '|' separated string we need.
 
# put that role within a list.
roleMappings = [rolemapping]
 
# If we had multiple roles, we would create
# additional roleMapping values, and append
# them to roleMappings, e.g.,
# roleMappings = [role1Mapping role2mapping & roleNmapping]
 
# finally, create the list the defines the task
options=["-MapRolesToUsers", roleMappings]
 
# All that remains is to apply this to the application
AdminApp.edit(application, options)

Select allOpen in new window

Wonderful....Thanks for the prompt response.

This is exactly i'm looking for...will it be possible to send the full script,it would greatly help.

Thanks

I haven't written a "full script", at least not yet.

the above is from an upcoming book...

http://www.amazon.com/dp/0137009526

I can't do it right now... maybe later today...

Thank you ...would be reallyl great and surely helpful ...if you can..

Thanks in advance.

I'm working on it.  :-)

Sorry it is taking so long.

Thank you..Its fine..If you could script.

Thanks

I presume that you need the MapRolesToUsers setting, right?

http://publib.boulder.ibm.com/infocenter/wasinfo/v6r1/index.jsp?topic=/com.ibm.websphere.base.doc/info/aes/ae/rxml_taskoptions.html

Yes..need to create user group ,map roles and map to user roles.

http://publib.boulder.ibm.com/infocenter/wasinfo/v6r1/index.jsp?topic=/com.ibm.websphere.wsfep.multiplatform.doc/info/ae/ae/usec_congroup.html

Something like this perhaps?

To execute it:
- Open a command prompt
- "cd" to the appropriate bin directory
  e.g., > cd /d D:\IBM\WebSphere\AppServer\profiles\AppSrv00\bin
- Specify this file on the wsadmin command prompt
  e.g., > wsadmin -lang jython -modifyAppRoles.py

  This will display the program usage information.
modifyAppRoles.py.txt

Thank you and really appreciate for the script.

But i'm sorry that i could not explain the question propery.

What i'm looking for is .....to createAuthorizationGroup , mapGroupsToRoles and then mapUsersToRole.

http://publib.boulder.ibm.com/infocenter/wasinfo/v7r0/index.jsp?topic=/com.ibm.websphere.express.doc/info/exp/ae/rxml_7libsecurity.html

All this is done..when we enable the global security in admin console...and need to give access to users with different authorisation roles.

Apolizise for the confusion..if i could get help in this,it would be really helpful.

Ah.  I'll see what I can do...  Sorry for the misunderstanding.

Thanks a lot

Here's a script that can be used to create, list, or delete authorization groups.

Usage information is displayed if no parameters are provided.

wsadmin -lang jython -f AuthGroups.py

I'll have to take a look at mapGroupsToRoles next.
AuthGroups.py.txt

Wonderful.....Thanks you.

Please explain the grade of B.  I'm confused.

By my oppinion HonorGod should at least receive grade A, or better to be additionally rewarded - he provided the complete solution!

Yes..i agree..Apolizise for my innosence.

Thank you.

ahobalrao9 - Thanks, and good luck.

I'll be around if you have more questions.

Thanks

Hi ..I'm also tring the same and able to do that.

The issue i have is..
Even before creating the group roles and user roles...i need to perform a check in the external file, if the roles defined are valid or not (say if there are any typing errors)....if so the script should exit even without creating the group roles also.
Say i'm using the same code as above and WAS 6.1.23
Any suggestion please

open a new (related) question, and provide complete details.