I am often asking myself how to automatize something I am doing in the Webshpere console into Jython script so I could script it. Instead of looking for it over and over on the internet, since apparently I can’t remember something more than a week, I thought I would write all equivalences here. Who knows, maybe it can help you too.
Contents
Servers
Java and Process Management – Process definition
Java Virtual Machine
Set a server heap size
Console:
Servers >Server types > WebSphere application servers > server_name > Java and Process Management > Process definition > Java Virtual Machine
Jython:
AdminTask.setJVMInitialHeapSize( "[ -nodeName P8Node01 -serverName server1 -initialHeapSize 512 ]" ) AdminTask.setJVMMaxHeapSize( "[ -nodeName P8Node01 -serverName server1 -maximumHeapSize 2048 ]" ) AdminConfig.save()
Session Management
Custom properties
Console:
Servers > Server Types > WebSphere application servers > server_name > Session management > Custom properties
Delete a custom properties
Jython:
propertyName = 'com.ibm.ws.security.addHttpOnlyAttributeToCookies'
server = AdminConfig.getid('/Server:server1/')
wc = AdminConfig.list('WebContainer',server)
services = AdminConfig.list('Service',wc).splitlines()
for service in services:
props = AdminConfig.list('Property',service).splitlines()
for prop in props:
if propertyName == AdminConfig.showAttribute(prop, "name"):
AdminConfig.remove(prop)
AdminConfig.save()
Update an existing custom properties
Jython:
propertyName = 'com.ibm.ws.security.addHttpOnlyAttributeToCookies'
propertyValue = 'false'
server = AdminConfig.getid('/Server:server1/')
wc = AdminConfig.list('WebContainer',server)
services = AdminConfig.list('Service',wc).splitlines()
for service in services:
props = AdminConfig.list('Property',service).splitlines()
for prop in props:
if propertyName == AdminConfig.showAttribute(prop, "name"):
AdminConfig.modify(prop, [['value', propertyValue]])
AdminConfig.save()
Set a new custom properties
Jython:
propertyName = 'com.ibm.ws.security.addHttpOnlyAttributeToCookies'
propertyValue = 'false'
server = AdminConfig.getid('/Server:server1/')
wc = AdminConfig.list('WebContainer',server)
props = AdminConfig.list('Property',wc).splitlines()
services = AdminConfig.list('Service',wc).splitlines()
attr = [['name',propertyName],['value',propertyValue]]
for service in services:
AdminConfig.create('Property', service, attr)
AdminConfig.save()
Cookies configuration
Enable – Disable
Console:
Servers > Server Types > WebSphere application servers > server_name > Session management > Enable cookies
Jython:
value = 'false'
server = AdminConfig.getid('/Server:server1/')
wc = AdminConfig.list('WebContainer',server)
services = AdminConfig.list('Service',wc).splitlines()
for service in services:
AdminConfig.modify(service,[['enableCookies',value]])
AdminConfig.save()
Console:
Servers > Server Types > WebSphere application servers > server_name > Session management > Enable cookies (click link)
Jython:
value = 'false'
server = AdminConfig.getid('/Server:server1/')
wc = AdminConfig.list('WebContainer',server)
services = AdminConfig.list('Service',wc).splitlines()
for service in services:
dcs = AdminConfig.showAttribute(service, 'defaultCookieSettings');
AdminConfig.modify(dcs,[['httpOnly',value]])
AdminConfig.save()
Web Container Settings
Custom properties
Console:
Server > Server Types > WebSphere application servers > server_name > Web Container Settings > Web Container > Custom properties
Set a new custom property
Jython:
propertyName = 'com.ibm.ws.security.addHttpOnlyAttributeToCookies'
propertyValue = 'true'
server = AdminConfig.getid('/Server:server1/')
wc = AdminConfig.list('WebContainer',server)
attr = [['name',propertyName],['value',propertyValue]]
AdminConfig.create('Property', wc, attr)
AdminConfig.save()
Delete a custom property
Jython:
propertyName = 'com.ibm.ws.security.addHttpOnlyAttributeToCookies'
server = AdminConfig.getid('/Server:server1/')
wc = AdminConfig.list('WebContainer',server)
props = toList(AdminConfig.showAttribute(wc, 'properties'))
for prop in props:
if propertyName == AdminConfig.showAttribute(prop, "name"):
AdminConfig.remove(prop)
AdminConfig.save()
Update an existing custom property
Jython:
propertyName = 'com.ibm.ws.security.addHttpOnlyAttributeToCookies'
propertyValue = 'true'
server = AdminConfig.getid('/Server:server1/')
wc = AdminConfig.list('WebContainer',server)
props = toList(AdminConfig.showAttribute(wc, 'properties'))
for prop in props:
if propertyName == AdminConfig.showAttribute(prop, "name"):
AdminConfig.modify(prop, [['value', propertyValue]])
AdminConfig.save()
Applications
Set a web application ClassLoader settings
Console:
Application > Application Types > WebSphere enterprise applications > application_name > Class loading and update detection
Jython (example is with a web application called WorkplaceXT but adapt to fit your need):
dep = AdminConfig.getid('/Deployment:WorkplaceXT/')
depObject = AdminConfig.showAttribute(dep, 'deployedObject')
classldr = AdminConfig.showAttribute(depObject, 'classloader')
AdminConfig.modify(classldr, [['mode', 'PARENT_LAST']])
AdminConfig.save()
Set a web application’s modules ClassLoader settings
Console:
Application > Application Types > WebSphere enterprise applications > application_name > Manage Modules > module_name > Class loader order
Jython:
deployments = AdminConfig.getid('/Deployment:WorkplaceXT/')
deploymentObject = AdminConfig.showAttribute(deployments, 'deployedObject')
myModules = AdminConfig.showAttribute(deploymentObject, 'modules')
myModules = myModules[1:len(myModules)-1].split(" ")
for module in myModules:
if (module.find('WebModuleDeployment')!= -1):
AdminConfig.modify(module, [['classloaderMode', 'PARENT_LAST']])
AdminConfig.save()
Security
Global security
Configure a LDAP Directory as current
Console:
Security > Global Security > Available realm definitions > Configure…/Set as Current
Jython:
hostname='bluepages.ibm.com'
port='389'
baseDN='o=ibm.com'
primaryAdminId='uid=a16640693,c=sk,ou=bluepages,o=ibm.com'
hosts=[[['host', hostname],['port', port]]]
searchfilterValue=[['certificateFilter', []],['certificateMapMode', 'EXACT_DN'],['groupFilter', '(&(cn=%v)(|(objectclass=groupOfNames)(objectclass=groupOfUniqueNames)(objectclass=groupOfURLs)))'],['groupIdMap', '*:cn'],['groupMemberIdMap', 'ibm-allGroups:member;ibm-allGroups:uniqueMember'],['krbUserFilter', '(&(krbPrincipalName=%v)(objectclass=ePerson))'],['userFilter', '(&(|(mail=%v)(uid=%v))(objectclass=ePerson))'],['userIdMap', '*:uid']]
activeUserRegistry=[['baseDN', baseDN],['bindDN', []],['bindPassword', ''],['hosts', hosts],['ignoreCase', 'true'],['limit', '0'],['monitorInterval', '0'],['primaryAdminId', primaryAdminId],['properties', []],['realm', hostname+':'+port],['reuseConnection', 'true'],['searchFilter', searchfilterValue],['searchTimeout', '120'],['serverId', []],['serverPassword', ''],['sslConfig', []],['sslEnabled', 'false'],['type', 'IBM_DIRECTORY_SERVER'],['useRegistryRealm', 'true'],['useRegistryServerId', 'false']]
security = AdminConfig.getid('/Security:/')
userRegistries=AdminConfig.showAttribute(security,'userRegistries')
userRegistries=userRegistries[1:len(userRegistries)-1].split(' ')
for userRegistry in userRegistries:
if (userRegistry.find('LDAPUserRegistry')!= -1):
AdminConfig.modify(userRegistry, activeUserRegistry)
AdminConfig.modify(security, [['activeUserRegistry', userRegistry],['enabled', 'true']])
AdminConfig.save()
Custom properties
Console:
Security > Global Security > custom properties
Delete a custom property
Jython:
propertyName = 'com.ibm.ws.security.addHttpOnlyAttributeToCookies'
security = AdminConfig.getid('/Security:/')
secprops = AdminConfig.list('Property',security).splitlines()
for prop in secprops:
if propertyName == AdminConfig.showAttribute(prop, "name"):
AdminConfig.remove(prop)
AdminConfig.save()
Set a new or existing custom property
Jython:
propertyName = 'com.ibm.ws.security.addHttpOnlyAttributeToCookies'
propertValue = 'true'
security = AdminConfig.getid('/Security:/')
prop = AdminConfig.getid('/Security:/Property:'+propertyName+'/')
if prop:
AdminConfig.modify(prop, [['value', propertyValue]])
else:
AdminConfig.create('Property', security, [['name',propertyName], ['value',propertyValue]])
AdminConfig.save()
Console:
Security > Global security > Authentication > Web and SIP security > Single sign-on (SSO)
Jython:
propertyName = 'com.ibm.ws.security.addHttpOnlyAttributeToCookies'
propertyValue = 'false'
security = AdminConfig.getid('/Security:/')
prop = AdminConfig.getid('/Security:/Property:'+propertyName+'/')
if prop:
AdminConfig.modify(prop, [['value', propertyValue]])
else:
AdminConfig.create('Property', security, [['name',propertyName], ['value',propertyValue]])
AdminConfig.save()setSecurityProperty('', 'false')
Environment
WebSphere variables
Console:
Environment > WebSphere variables
Jython (example with ORACLE_JDBC_DRIVER_PATH but to be changed to fit your need):
varName = "ORACLE_JDBC_DRIVER_PATH"
newVarValue = "/opt/jars"
node = AdminConfig.getid("/Node:MYNODEVALUE/")
varSubstitutions = AdminConfig.list("VariableSubstitutionEntry",node).split(java.lang.System.getProperty("line.separator"))
for varSubst in varSubstitutions:
getVarName = AdminConfig.showAttribute(varSubst, "symbolicName")
if getVarName == varName:
AdminConfig.modify(varSubst,[["value", newVarValue]])
print getVarName+" changed to "+newVarValue
break
AdminConfig.save()
deployments = AdminConfig.getid(‘/Deployment:WorkplaceXT/’)
deploymentObject = AdminConfig.showAttribute(deployments, ‘deployedObject’)
myModules = AdminConfig.showAttribute(deploymentObject, ‘modules’)
myModules = myModules[1:len(myModules)-1].split(” “)
for module in myModules:
if (module.find(‘WebModuleDeployment’)!= -1):
AdminConfig.modify(module, [[‘classloaderMode’, ‘PARENT_LAST’]])
AdminConfig.save()
Above script is working but it is for static applications.(/Deployment:WorkplaceXT)
but how can i perform in dynamic time or run time select application .
can anyone please let me know the jython script for “Set session cookies to HTTPOnly to help prevent cross-site scripting attacks” at webmodule level and set session timeout at webmodule level?