Websphere console – wsadmin Jython equivalence

I am often asking myself how to automatize something I am doing in the Webshpere console into Jython script so I could script it. Instead of looking for it over and over on the internet, since apparently I can’t remember something more than a week, I thought I would write all equivalences here. Who knows, maybe it can help you too.


Servers

Java and Process Management – Process definition

Java Virtual Machine

Set a server heap size

Console:

Servers >Server types > WebSphere application servers > server_name > Java and Process Management > Process definition > Java Virtual Machine

Jython:

AdminTask.setJVMInitialHeapSize( "[ -nodeName P8Node01 -serverName server1 -initialHeapSize 512 ]" )
AdminTask.setJVMMaxHeapSize( "[ -nodeName P8Node01 -serverName server1 -maximumHeapSize 2048 ]" )
AdminConfig.save()

Session Management

Custom properties

Console:

Servers > Server Types > WebSphere application servers > server_name > Session management > Custom properties

Delete a custom properties

Jython:

propertyName = 'com.ibm.ws.security.addHttpOnlyAttributeToCookies'

server = AdminConfig.getid('/Server:server1/')
wc = AdminConfig.list('WebContainer',server)
services = AdminConfig.list('Service',wc).splitlines()

for service in services:
    props = AdminConfig.list('Property',service).splitlines()
    for prop in props:
        if propertyName == AdminConfig.showAttribute(prop, "name"):
            AdminConfig.remove(prop)
AdminConfig.save()

Update an existing custom properties

Jython:

propertyName = 'com.ibm.ws.security.addHttpOnlyAttributeToCookies'
propertyValue = 'false'
server = AdminConfig.getid('/Server:server1/')
wc = AdminConfig.list('WebContainer',server)
services = AdminConfig.list('Service',wc).splitlines()
for service in services:
    props = AdminConfig.list('Property',service).splitlines()
    for prop in props:
        if propertyName == AdminConfig.showAttribute(prop, "name"):
            AdminConfig.modify(prop, [['value', propertyValue]])
AdminConfig.save()

Set a new custom properties

Jython:

propertyName = 'com.ibm.ws.security.addHttpOnlyAttributeToCookies'
propertyValue = 'false'

server = AdminConfig.getid('/Server:server1/')
wc = AdminConfig.list('WebContainer',server)
props = AdminConfig.list('Property',wc).splitlines()
services = AdminConfig.list('Service',wc).splitlines()
attr = [['name',propertyName],['value',propertyValue]]

for service in services:
 AdminConfig.create('Property', service, attr)

AdminConfig.save()

Cookies configuration

Enable – Disable

Console:

Servers > Server Types > WebSphere application servers > server_name > Session management > Enable cookies

Jython:

value = 'false'
server = AdminConfig.getid('/Server:server1/')
wc = AdminConfig.list('WebContainer',server)
services = AdminConfig.list('Service',wc).splitlines()
for service in services:
 AdminConfig.modify(service,[['enableCookies',value]])
AdminConfig.save()

Set session cookies to HTTPOnly to help prevent cross-site scripting attacks

Console:

Servers > Server Types > WebSphere application servers > server_name > Session management > Enable cookies (click link)

Jython:

value = 'false'
server = AdminConfig.getid('/Server:server1/')

wc = AdminConfig.list('WebContainer',server)
services = AdminConfig.list('Service',wc).splitlines()
for service in services:
    dcs = AdminConfig.showAttribute(service, 'defaultCookieSettings');
    AdminConfig.modify(dcs,[['httpOnly',value]])

AdminConfig.save()

Web Container Settings

Custom properties

Console:

Server > Server Types > WebSphere application servers > server_name > Web Container Settings > Web Container > Custom properties

Set a new custom property

Jython:

propertyName = 'com.ibm.ws.security.addHttpOnlyAttributeToCookies'
propertyValue = 'true'

server = AdminConfig.getid('/Server:server1/')
wc = AdminConfig.list('WebContainer',server)
attr = [['name',propertyName],['value',propertyValue]]
AdminConfig.create('Property', wc, attr)
AdminConfig.save()

Delete a custom property

Jython:

propertyName = 'com.ibm.ws.security.addHttpOnlyAttributeToCookies'

server = AdminConfig.getid('/Server:server1/')
wc = AdminConfig.list('WebContainer',server)
props = toList(AdminConfig.showAttribute(wc, 'properties'))
for prop in props:
    if propertyName == AdminConfig.showAttribute(prop, "name"):
        AdminConfig.remove(prop)
AdminConfig.save()

Update an existing custom property

Jython:

propertyName = 'com.ibm.ws.security.addHttpOnlyAttributeToCookies'
propertyValue = 'true'

server = AdminConfig.getid('/Server:server1/')
wc = AdminConfig.list('WebContainer',server)
props = toList(AdminConfig.showAttribute(wc, 'properties'))
for prop in props:
    if propertyName == AdminConfig.showAttribute(prop, "name"):
        AdminConfig.modify(prop, [['value', propertyValue]])
AdminConfig.save()

Applications

Set a web application ClassLoader settings

Console:

Application > Application Types > WebSphere enterprise applications > application_name > Class loading and update detection

Jython (example is with a web application called WorkplaceXT but adapt to fit your need):

dep = AdminConfig.getid('/Deployment:WorkplaceXT/')
depObject = AdminConfig.showAttribute(dep, 'deployedObject')
classldr = AdminConfig.showAttribute(depObject, 'classloader')
AdminConfig.modify(classldr, [['mode', 'PARENT_LAST']])
AdminConfig.save()

Set a web application’s modules ClassLoader settings

Console:

Application > Application Types > WebSphere enterprise applications > application_name > Manage Modules > module_name > Class loader order

Jython:

deployments = AdminConfig.getid('/Deployment:WorkplaceXT/')
deploymentObject = AdminConfig.showAttribute(deployments, 'deployedObject')
myModules = AdminConfig.showAttribute(deploymentObject, 'modules')
myModules = myModules[1:len(myModules)-1].split(" ")
for module in myModules:
    if (module.find('WebModuleDeployment')!= -1):
        AdminConfig.modify(module, [['classloaderMode', 'PARENT_LAST']])
AdminConfig.save()

Security

Global security

Configure a LDAP Directory as current

Console:
Security > Global Security > Available realm definitions > Configure…/Set as Current

Jython:

hostname='bluepages.ibm.com'
port='389'
baseDN='o=ibm.com'
primaryAdminId='uid=a16640693,c=sk,ou=bluepages,o=ibm.com'

hosts=[[['host', hostname],['port', port]]]
searchfilterValue=[['certificateFilter', []],['certificateMapMode', 'EXACT_DN'],['groupFilter', '(&(cn=%v)(|(objectclass=groupOfNames)(objectclass=groupOfUniqueNames)(objectclass=groupOfURLs)))'],['groupIdMap', '*:cn'],['groupMemberIdMap', 'ibm-allGroups:member;ibm-allGroups:uniqueMember'],['krbUserFilter', '(&(krbPrincipalName=%v)(objectclass=ePerson))'],['userFilter', '(&(|(mail=%v)(uid=%v))(objectclass=ePerson))'],['userIdMap', '*:uid']]
activeUserRegistry=[['baseDN', baseDN],['bindDN', []],['bindPassword', ''],['hosts', hosts],['ignoreCase', 'true'],['limit', '0'],['monitorInterval', '0'],['primaryAdminId', primaryAdminId],['properties', []],['realm', hostname+':'+port],['reuseConnection', 'true'],['searchFilter', searchfilterValue],['searchTimeout', '120'],['serverId', []],['serverPassword', ''],['sslConfig', []],['sslEnabled', 'false'],['type', 'IBM_DIRECTORY_SERVER'],['useRegistryRealm', 'true'],['useRegistryServerId', 'false']]

security = AdminConfig.getid('/Security:/')

userRegistries=AdminConfig.showAttribute(security,'userRegistries')
userRegistries=userRegistries[1:len(userRegistries)-1].split(' ')
for userRegistry in userRegistries:
    if (userRegistry.find('LDAPUserRegistry')!= -1):
        AdminConfig.modify(userRegistry, activeUserRegistry)
        AdminConfig.modify(security, [['activeUserRegistry', userRegistry],['enabled', 'true']])
        AdminConfig.save()

Custom properties

Console:

Security > Global Security > custom properties

Delete a  custom property

Jython:

propertyName = 'com.ibm.ws.security.addHttpOnlyAttributeToCookies'

security = AdminConfig.getid('/Security:/')
secprops = AdminConfig.list('Property',security).splitlines()

for prop in secprops:
    if propertyName == AdminConfig.showAttribute(prop, "name"):
        AdminConfig.remove(prop)

AdminConfig.save()

Set a new or existing custom property

Jython:

propertyName = 'com.ibm.ws.security.addHttpOnlyAttributeToCookies'
propertValue = 'true'

security = AdminConfig.getid('/Security:/')
prop = AdminConfig.getid('/Security:/Property:'+propertyName+'/')
if prop:
    AdminConfig.modify(prop, [['value', propertyValue]])
else:
    AdminConfig.create('Property', security, [['name',propertyName], ['value',propertyValue]])
AdminConfig.save()

Security Single Sign On – Set security cookies to HTTPOnly

Console:

Security > Global security > Authentication > Web and SIP security > Single sign-on (SSO)

Jython:

propertyName = 'com.ibm.ws.security.addHttpOnlyAttributeToCookies'
propertyValue = 'false'

security = AdminConfig.getid('/Security:/')
prop = AdminConfig.getid('/Security:/Property:'+propertyName+'/')
if prop:
    AdminConfig.modify(prop, [['value', propertyValue]])
else:
    AdminConfig.create('Property', security, [['name',propertyName], ['value',propertyValue]])
AdminConfig.save()setSecurityProperty('', 'false')

Environment

WebSphere variables

Console:

Environment > WebSphere variables

Jython (example with ORACLE_JDBC_DRIVER_PATH but to be changed to fit your need):

varName = "ORACLE_JDBC_DRIVER_PATH"
newVarValue = "/opt/jars"

node = AdminConfig.getid("/Node:MYNODEVALUE/")

varSubstitutions = AdminConfig.list("VariableSubstitutionEntry",node).split(java.lang.System.getProperty("line.separator"))

for varSubst in varSubstitutions:
    getVarName = AdminConfig.showAttribute(varSubst, "symbolicName")
    if getVarName == varName:
        AdminConfig.modify(varSubst,[["value", newVarValue]])
        print getVarName+" changed to "+newVarValue
        break

AdminConfig.save()

 

 

2 thoughts on “Websphere console – wsadmin Jython equivalence

  1. akash thakur

    deployments = AdminConfig.getid(‘/Deployment:WorkplaceXT/’)
    deploymentObject = AdminConfig.showAttribute(deployments, ‘deployedObject’)
    myModules = AdminConfig.showAttribute(deploymentObject, ‘modules’)
    myModules = myModules[1:len(myModules)-1].split(” “)
    for module in myModules:
    if (module.find(‘WebModuleDeployment’)!= -1):
    AdminConfig.modify(module, [[‘classloaderMode’, ‘PARENT_LAST’]])
    AdminConfig.save()

    Above script is working but it is for static applications.(/Deployment:WorkplaceXT)
    but how can i perform in dynamic time or run time select application .

    Reply
  2. Dhivya

    can anyone please let me know the jython script for “Set session cookies to HTTPOnly to help prevent cross-site scripting attacks” at webmodule level and set session timeout at webmodule level?

    Reply

Leave a Reply to Dhivya Cancel reply