Container bound authentication authenticator with DataSource using jython script

Question

Container bound authentication authenticator with DataSource using jython script

I am using WebSphere 8.5

I found out how to create JAASAuthData with username and password using jython script:

objServerAttrs = AdminControl.completeObjectName ('WebSphere: type = Server, *')

cellName = AdminControl.getAttribute(objServerAttrs, 'cellName')
sec = AdminConfig.getid('/Cell:%s/Security:/' % cellName)
jaasAttr = [['alias', jaasAlias],['userId', jaasUser],['password', jaasPass]]
jaasAuthData = AdminConfig.create('JAASAuthData', sec, jaasAttr)

and how to create dataSource:

dsAttrs = [['name', 'myDS1'], ['jndiName','jdbc/MY/DS1']]    
newDs = AdminConfig.create('DataSource', provider, dsAttrs)

Now I need to bind this JAASAuthData to my DataSource as a "container managed authentication alias", unfortunately I can't find anything in the API checking the attributes of the existing DataSources or any example for this task. How do I create such a binding?

+1

jython websphere wsadmin

Danubian Sailor Sep 30 At 14:14

source to share

2 answers

fnt · Answer 1 · 2013-09-30T19:46:34+0000

You need to specify the attribute authDataAlias

:

dsAttrs = [['name', 'myDS1'], ['jndiName','jdbc/MY/DS1'], ['authDataAlias',jaasAlias]]    
newDs = AdminConfig.create('DataSource', provider, dsAttrs)

Marcin Płonka · Answer 2 · 2013-09-30T21:07:20+0000

The recommended way to configure a container-managed authentication alias is to set it to a resource link during your application deployment.

It is still allowed (albeit deprecated) to configure it at the DataSource level:

newDs = AdminConfig.create('DataSource', provider, dsAttrs)
mapping = AdminConfig.showAttribute(newDs, 'mapping')
AdminConfig.modify(mapping, [['mappingConfigAlias', jaasAlias], ['authDataAlias', jaasAlias]])

By the way: your script would be more maintainable if you were using the WDR library http://wdr.github.io/WDR/ (I'm one of the main contributors).

jaasAlias = 'TheAuthAliasName'
provider = getid1('/JDBCProvider:TheProviderName/')
security = getid1('/Cell:/Security:/')
security.assure('JAASAuthData', {'alias':jaasAlias}, userId = 'user', password = 'password')
ds = provider.assure('DataSource', {'name':'myDS1'}, jndiName = 'jdbc/MY/DS1')
# component-managed authentication:
ds.authDataAlias = jaasAlias
# ... and container-managed authentication:
ds.mapping.mappingConfigAlias = jaasAlias
ds.mapping.authDataAlias = jaasAlias
save()
sync()

The above script can be safely restarted without crashing or duplicate objects.

Container bound authentication authenticator with DataSource using jython script

More articles: