I am often asking myself how to automatize something I am doing in the Webshpere console into Jython script so I could script it. Instead of looking for it over and over on the internet, since apparently I can’t remember something more than a week, I thought I would write all equivalences here. Who knows, maybe it can help you too.
Contents
Servers
Java and Process Management – Process definition
Java Virtual Machine
Set a server heap size
Console:
Servers >Server types > WebSphere application servers > server_name > Java and Process Management > Process definition > Java Virtual Machine
Jython:
AdminTask.setJVMInitialHeapSize( "[ -nodeName P8Node01 -serverName server1 -initialHeapSize 512 ]" ) AdminTask.setJVMMaxHeapSize( "[ -nodeName P8Node01 -serverName server1 -maximumHeapSize 2048 ]" ) AdminConfig.save()
Session Management
Custom properties
Console:
Servers > Server Types > WebSphere application servers > server_name > Session management > Custom properties
Delete a custom properties
Jython:
propertyName = 'com.ibm.ws.security.addHttpOnlyAttributeToCookies' server = AdminConfig.getid('/Server:server1/') wc = AdminConfig.list('WebContainer',server) services = AdminConfig.list('Service',wc).splitlines() for service in services: props = AdminConfig.list('Property',service).splitlines() for prop in props: if propertyName == AdminConfig.showAttribute(prop, "name"): AdminConfig.remove(prop) AdminConfig.save()
Update an existing custom properties
Jython:
propertyName = 'com.ibm.ws.security.addHttpOnlyAttributeToCookies' propertyValue = 'false' server = AdminConfig.getid('/Server:server1/') wc = AdminConfig.list('WebContainer',server) services = AdminConfig.list('Service',wc).splitlines() for service in services: props = AdminConfig.list('Property',service).splitlines() for prop in props: if propertyName == AdminConfig.showAttribute(prop, "name"): AdminConfig.modify(prop, [['value', propertyValue]]) AdminConfig.save()
Set a new custom properties
Jython:
propertyName = 'com.ibm.ws.security.addHttpOnlyAttributeToCookies' propertyValue = 'false' server = AdminConfig.getid('/Server:server1/') wc = AdminConfig.list('WebContainer',server) props = AdminConfig.list('Property',wc).splitlines() services = AdminConfig.list('Service',wc).splitlines() attr = [['name',propertyName],['value',propertyValue]] for service in services: AdminConfig.create('Property', service, attr) AdminConfig.save()
Cookies configuration
Enable – Disable
Console:
Servers > Server Types > WebSphere application servers > server_name > Session management > Enable cookies
Jython:
value = 'false' server = AdminConfig.getid('/Server:server1/') wc = AdminConfig.list('WebContainer',server) services = AdminConfig.list('Service',wc).splitlines() for service in services: AdminConfig.modify(service,[['enableCookies',value]]) AdminConfig.save()
Console:
Servers > Server Types > WebSphere application servers > server_name > Session management > Enable cookies (click link)
Jython:
value = 'false' server = AdminConfig.getid('/Server:server1/') wc = AdminConfig.list('WebContainer',server) services = AdminConfig.list('Service',wc).splitlines() for service in services: dcs = AdminConfig.showAttribute(service, 'defaultCookieSettings'); AdminConfig.modify(dcs,[['httpOnly',value]]) AdminConfig.save()
Web Container Settings
Custom properties
Console:
Server > Server Types > WebSphere application servers > server_name > Web Container Settings > Web Container > Custom properties
Set a new custom property
Jython:
propertyName = 'com.ibm.ws.security.addHttpOnlyAttributeToCookies' propertyValue = 'true' server = AdminConfig.getid('/Server:server1/') wc = AdminConfig.list('WebContainer',server) attr = [['name',propertyName],['value',propertyValue]] AdminConfig.create('Property', wc, attr) AdminConfig.save()
Delete a custom property
Jython:
propertyName = 'com.ibm.ws.security.addHttpOnlyAttributeToCookies' server = AdminConfig.getid('/Server:server1/') wc = AdminConfig.list('WebContainer',server) props = toList(AdminConfig.showAttribute(wc, 'properties')) for prop in props: if propertyName == AdminConfig.showAttribute(prop, "name"): AdminConfig.remove(prop) AdminConfig.save()
Update an existing custom property
Jython:
propertyName = 'com.ibm.ws.security.addHttpOnlyAttributeToCookies' propertyValue = 'true' server = AdminConfig.getid('/Server:server1/') wc = AdminConfig.list('WebContainer',server) props = toList(AdminConfig.showAttribute(wc, 'properties')) for prop in props: if propertyName == AdminConfig.showAttribute(prop, "name"): AdminConfig.modify(prop, [['value', propertyValue]]) AdminConfig.save()
Applications
Set a web application ClassLoader settings
Console:
Application > Application Types > WebSphere enterprise applications > application_name > Class loading and update detection
Jython (example is with a web application called WorkplaceXT but adapt to fit your need):
dep = AdminConfig.getid('/Deployment:WorkplaceXT/') depObject = AdminConfig.showAttribute(dep, 'deployedObject') classldr = AdminConfig.showAttribute(depObject, 'classloader') AdminConfig.modify(classldr, [['mode', 'PARENT_LAST']]) AdminConfig.save()
Set a web application’s modules ClassLoader settings
Console:
Application > Application Types > WebSphere enterprise applications > application_name > Manage Modules > module_name > Class loader order
Jython:
deployments = AdminConfig.getid('/Deployment:WorkplaceXT/') deploymentObject = AdminConfig.showAttribute(deployments, 'deployedObject') myModules = AdminConfig.showAttribute(deploymentObject, 'modules') myModules = myModules[1:len(myModules)-1].split(" ") for module in myModules: if (module.find('WebModuleDeployment')!= -1): AdminConfig.modify(module, [['classloaderMode', 'PARENT_LAST']]) AdminConfig.save()
Security
Global security
Configure a LDAP Directory as current
Console:
Security > Global Security > Available realm definitions > Configure…/Set as Current
Jython:
hostname='bluepages.ibm.com' port='389' baseDN='o=ibm.com' primaryAdminId='uid=a16640693,c=sk,ou=bluepages,o=ibm.com' hosts=[[['host', hostname],['port', port]]] searchfilterValue=[['certificateFilter', []],['certificateMapMode', 'EXACT_DN'],['groupFilter', '(&(cn=%v)(|(objectclass=groupOfNames)(objectclass=groupOfUniqueNames)(objectclass=groupOfURLs)))'],['groupIdMap', '*:cn'],['groupMemberIdMap', 'ibm-allGroups:member;ibm-allGroups:uniqueMember'],['krbUserFilter', '(&(krbPrincipalName=%v)(objectclass=ePerson))'],['userFilter', '(&(|(mail=%v)(uid=%v))(objectclass=ePerson))'],['userIdMap', '*:uid']] activeUserRegistry=[['baseDN', baseDN],['bindDN', []],['bindPassword', ''],['hosts', hosts],['ignoreCase', 'true'],['limit', '0'],['monitorInterval', '0'],['primaryAdminId', primaryAdminId],['properties', []],['realm', hostname+':'+port],['reuseConnection', 'true'],['searchFilter', searchfilterValue],['searchTimeout', '120'],['serverId', []],['serverPassword', ''],['sslConfig', []],['sslEnabled', 'false'],['type', 'IBM_DIRECTORY_SERVER'],['useRegistryRealm', 'true'],['useRegistryServerId', 'false']] security = AdminConfig.getid('/Security:/') userRegistries=AdminConfig.showAttribute(security,'userRegistries') userRegistries=userRegistries[1:len(userRegistries)-1].split(' ') for userRegistry in userRegistries: if (userRegistry.find('LDAPUserRegistry')!= -1): AdminConfig.modify(userRegistry, activeUserRegistry) AdminConfig.modify(security, [['activeUserRegistry', userRegistry],['enabled', 'true']]) AdminConfig.save()
Custom properties
Console:
Security > Global Security > custom properties
Delete a custom property
Jython:
propertyName = 'com.ibm.ws.security.addHttpOnlyAttributeToCookies' security = AdminConfig.getid('/Security:/') secprops = AdminConfig.list('Property',security).splitlines() for prop in secprops: if propertyName == AdminConfig.showAttribute(prop, "name"): AdminConfig.remove(prop) AdminConfig.save()
Set a new or existing custom property
Jython:
propertyName = 'com.ibm.ws.security.addHttpOnlyAttributeToCookies' propertValue = 'true' security = AdminConfig.getid('/Security:/') prop = AdminConfig.getid('/Security:/Property:'+propertyName+'/') if prop: AdminConfig.modify(prop, [['value', propertyValue]]) else: AdminConfig.create('Property', security, [['name',propertyName], ['value',propertyValue]]) AdminConfig.save()
Console:
Security > Global security > Authentication > Web and SIP security > Single sign-on (SSO)
Jython:
propertyName = 'com.ibm.ws.security.addHttpOnlyAttributeToCookies' propertyValue = 'false' security = AdminConfig.getid('/Security:/') prop = AdminConfig.getid('/Security:/Property:'+propertyName+'/') if prop: AdminConfig.modify(prop, [['value', propertyValue]]) else: AdminConfig.create('Property', security, [['name',propertyName], ['value',propertyValue]]) AdminConfig.save()setSecurityProperty('', 'false')
Environment
WebSphere variables
Console:
Environment > WebSphere variables
Jython (example with ORACLE_JDBC_DRIVER_PATH but to be changed to fit your need):
varName = "ORACLE_JDBC_DRIVER_PATH" newVarValue = "/opt/jars" node = AdminConfig.getid("/Node:MYNODEVALUE/") varSubstitutions = AdminConfig.list("VariableSubstitutionEntry",node).split(java.lang.System.getProperty("line.separator")) for varSubst in varSubstitutions: getVarName = AdminConfig.showAttribute(varSubst, "symbolicName") if getVarName == varName: AdminConfig.modify(varSubst,[["value", newVarValue]]) print getVarName+" changed to "+newVarValue break AdminConfig.save()
deployments = AdminConfig.getid(‘/Deployment:WorkplaceXT/’)
deploymentObject = AdminConfig.showAttribute(deployments, ‘deployedObject’)
myModules = AdminConfig.showAttribute(deploymentObject, ‘modules’)
myModules = myModules[1:len(myModules)-1].split(” “)
for module in myModules:
if (module.find(‘WebModuleDeployment’)!= -1):
AdminConfig.modify(module, [[‘classloaderMode’, ‘PARENT_LAST’]])
AdminConfig.save()
Above script is working but it is for static applications.(/Deployment:WorkplaceXT)
but how can i perform in dynamic time or run time select application .
can anyone please let me know the jython script for “Set session cookies to HTTPOnly to help prevent cross-site scripting attacks” at webmodule level and set session timeout at webmodule level?