This chapter provides descriptions of custom WebLogic Scripting Tool (WLST) commands for Oracle Access Management Security Token Service, including command syntax, arguments and examples.
The following section lists the Security Token Service WLST commands and contains links to the command reference details.
The Oracle Access Management Security Token Service (Security Token Service) WLST commands are divided into the following categories.
Partner Commands are related to tasks involving partners.
WS-Prefix to Relying Party Partner Mapping Commands are used to map a service URL, specified in the AppliesTo field of a WS-Trust RST request, to a partner of type Relying Party. The WS prefix string can be an exact service URL, or a URL with a parent path to the service URL. For example, if a mapping is defined to map a WS Prefix (http://test.com/service) to a Relying Party (RelyingPartyPartnerTest), then the following service URLs would be mapped to the Relying Party: http://test.com/service, http://test.com/service/calculatorService, http://test.com/service/shop/cart...
Partner Profiles Commands are related to tasks involving partner profiles.
Issuance Templates Commands are related to tasks involving issuance templates.
Validation Templates Commands are related to tasks involving validation templates.
Table 8-1 is divided into five sections and describes the various WLST commands in each of these categories. Use the WLST commands listed to manage the Security Token Service.
Table 8-1 WLST Commands for Security Token Service
Use this command... | To... | Use with WLST... |
---|---|---|
Partner Commands |
||
Retrieve a partner and print result. |
Online |
|
Retrieve the names of Requester partners. |
Online |
|
Retrieve the names of all Relying Party partners. |
Online |
|
Retrieve the names of all Issuing Authority partners. |
Online |
|
Query Security Token Service to determine whether or not the partner exists in the Partner store. |
Online |
|
Create a new Partner entry. |
Online |
|
Update an existing Partner entry based on the provided information. |
Online |
|
Delete a partner entry. |
Online |
|
Retrieve the partner's username value. |
Online |
|
Retrieve the partner's password value. |
Online |
|
Set the username and password values of a partner entry. |
Online |
|
Remove the username and password values from a partner entry. |
Online |
|
Retrieve the Base64 encoded signing certificate for the partner. |
Online |
|
Retrieve the Base64 encoded encryption certificate for the partner. |
Online |
|
Upload the signing certificate to the partner entry. |
Online |
|
Upload the encryption certificate to the partner entry. |
Online |
|
Remove the signing certificate from the partner entry. |
Online Offline |
|
Remove the encryption certificate from the partner entry. |
Online Offline |
|
Retrieve and display all Identity mapping attributes used to map a token to a requester partner. |
Online Offline |
|
Retrieve and display the identity mapping attribute. |
Online Offline |
|
Set the identity mapping attribute for a requester partner. |
Online Offline |
|
Delete the identity mapping attribute for a requester partner. |
Online Offline |
|
Relying Party Partner Mapping Commands |
||
Retrieve and display all WS Prefixes. |
Online Offline |
|
Retrieve and display the Relying Party Partner mapped to the specified wsprefix parameter. |
Online Offline |
|
Create a new WS Prefix mapping to a Relying Partner. |
Online Offline |
|
Delete an existing WS Prefix mapping to a Relying Partner. |
Online Offline |
|
Partner Profiles Commands |
||
Retrieve the names of all the existing partner profiles. |
Online |
|
Retrieve partner profile configuration data. |
Online |
|
Create a new Requester Partner profile with default configuration data. |
Online |
|
Create a new Relying Party Partner profile with default configuration data. |
Online |
|
Create a new Issuing Authority Partner profile with default configuration data. |
Online |
|
Delete an existing partner profile. |
Online |
|
Issuance Template Commands |
||
Retrieve the names of all the existing Issuance Templates. |
Online Offline |
|
Retrieve configuration data of a specific Issuance Template. |
Online |
|
Create a new Issuance Template with default configuration data. |
Online |
|
Delete an existing Issuance Template. |
Online Offline |
|
Validation Template Commands |
||
Retrieve the names of all the existing Validation Templates. |
Online Offline |
|
Retrieve configuration data of a specific Validation Template. |
Online Offline |
|
Create a new WS Security Validation Template with default configuration data. |
Online Offline |
|
Create a new WS Trust Validation Template with default configuration data. |
Online Offline |
|
Delete an existing Issuance Template. |
Online Offline |
|
Modify configuration to allows MSAS/OWSM policies to work |
Online |
Online command that retrieves the Partner entry and prints out the configuration for this partner.
getPartner(partnerId)
Argument | Definition |
---|---|
partnerId
|
Specifies the partnerId: the ID of the partner. |
Online command that retrieves Requester type partners.
Online command that retrieves Relying Party partners.
Online command that retrieves Issuing Authority partners and prints out the result.
Online command that queries the Security Token Service to determine whether or not the specified partner exists in the Partner store.
Queries the Security Token Service to determine whether or not the specified partner exists in the Partner store, and prints out the result.
Online command that creates a new Partner entry.
Creates a new Partner entry based on provided information. Displays a message indicating the result of the operation.
createPartner(partnerId, partnerType, partnerProfileId, description, bIsTrusted)
Argument | Definition |
---|---|
partnerId
|
Specifies the ID of the new partner to be created. |
partnerType
|
Specifies the type of partner. Values can be one of the following:
|
partnerProfileId
|
Specifies the profile ID to be attached to this partner. It must reference an existing partner profile, and the type of the partner profile must be compliant with the type of the new partner entry. |
description
|
Specifies the optional description of this new partner entry. |
bIsTrusted
|
A value that indicates whether or not this new partner is trusted. Value can be either:
|
The following invocation creates STS_Requestor partner, customPartner, custom-partnerprofile
with a description (custom requester
), with a trust value of true
, displays a message indicating the result of the operation:
createPartner(partnerId="customPartner", partnerType="STS_REQUESTER", partnerProfileId="custom-partnerprofile", description="custom requester", bIsTrusted="true")
Online command that updates an existing Partner entry.
Updates an existing Partner entry based on the provided information. Displays a message indicating the result of the operation.
updatePartner(partnerId, partnerProfileId, description, bIsTrusted)
Argument | Definition |
---|---|
partnerId
|
Specifies the ID of the new partner to be updated. |
partnerProfileId
|
Specifies the partner profile ID. It must reference an existing partner profile, and the type of the partner profile must be compliant with the type of the new partner entry. |
description
|
Specifies the optional description f this new partner entry. |
bIsTrusted
|
A value that indicates whether or not this new partner is trusted. Value can be either:
|
The following invocation updates customPartner
with a new profile ID, (x509-wss-validtemp
), description (custom requester with new profile id
), and a trust value of false
. A message indicates the result of the operation:
updatePartner(partnerId="customPartner", partnerProfileId="x509-wss-validtemp", description="custom requester with new profile id", bIsTrusted="false")
Online command that deletes a partner entry from the Security Token Service.
Deletes an existing Partner entry referenced by the partnerId
parameter from the Security Token Service, and prints out the result of the operation.
deletePartner(partnerId)
Argument | Definition |
---|---|
partnerId
|
Specifies the ID of the partner to be deleted. |
Online command that retrieves a partner's username value that will be used for UNT credentials partner validation or mapping operation.
Retrieves a partner's username value that will be used for UNT credentials partner validation or mapping operation, and displays the value.
getPartnerUsernameTokenUsername(partnerId)
Argument | Definition |
---|---|
partnerId
|
Specifies the ID of the partner. |
Online command that retrieves a partner's password value that will be used for UNT credentials partner validation or mapping operation.
Retrieves a partner password value that will be used for UNT credentials partner validation or mapping operation, and displays the value.
getPartnerUsernameTokenPassword(partnerId)
Argument | Definition |
---|---|
partnerId
|
Specifies the ID of the partner. |
Online command that sets the username and password values of a partner entry, that will be used for UNT credentials partner validation or mapping operation.
Sets the username and password values of a partner entry, that will be used for UNT credentials partner validation or mapping operation. Displays the result of the operation.
setPartnerUsernameTokenCredential(partnerId, UTUsername, UTPassword)
Argument | Definition |
---|---|
partnerId
|
Specifies the ID of the partner. |
UTUsername
|
Specifies the username value used for UNT credentials validation or mapping operations. |
UTPassword
|
Specifies the username value used for UNT credentials validation or mapping operations. |
Online command that removes the username and password values from a partner entry that are used for UNT credentials partner validation or mapping operation, and displays the result of the operation.
Removes the username and password values from a partner entry that are used for UNT credentials partner validation or mapping operation, and displays the result of the operation.
deletePartnerUsernameTokenCredential(partnerId)
Argument | Definition |
---|---|
partnerId
|
Specifies the ID of the partner to be deleted. |
Online command that retrieves the Base64 encoded signing certificate for the partner referenced by the partnerId parameter, and displays its value, as a Base64 encoded string.
Retrieves the Base64 encoded signing certificate for the partner referenced by the partnerId parameter, and displays its value, as a Base64 encoded string.
getPartnerSigningCert(partnerId)
Argument | Definition |
---|---|
partnerId
|
Specifies the ID of the partner. |
Online command that retrieves the Base64 encoded encryption certificate, and displays its value as a Base64 encoded string.
Retrieves the Base64 encoded encryption certificate for the partner referenced by the partnerId parameter, and displays its value as a Base64 encoded string.
getPartnerEncryptionCert(partnerId)
Argument | Definition |
---|---|
partnerId
|
Specifies the ID of the partner. |
Online command that Uploads the provided certificate to the partner entry as the signing certificate. Displays the result of the operation.
Uploads the provided certificate to the partner entry (referenced by the partnerId parameter) as the signing certificate. The supported formats of the certificate are DER and PEM. Displays the result of the operation.
setPartnerSigningCert(partnerId, certFile)
Argument | Definition |
---|---|
partnerId
|
Specifies the ID of the partner. |
certFile
|
Specifies the location of the certificate on the local file system. Supported formats of the certificate are DER and PEM. |
Online command that Uploads the provided certificate to the partner entry as the encryption certificate. Displays the result of the operation.
Uploads the provided certificate to the partner entry (referenced by the partnerId parameter) as the encryption certificate. Displays the result of the operation.
setPartnerEncryptionCert(partnerId, certFile)
Argument | Definition |
---|---|
partnerId
|
Specifies the ID of the partner. |
certFile
|
Specifies the location of the certificate on the local filesystem. Supported formats of the certificate are DER and PEM. |
Online command that removes the encryption certificate from the partner entry and displays the result of the operation.
Removes the encryption certificate from the partner entry, referenced by the partnerId parameter, and displays the result of the operation.
deletePartnerSigningCert(partnerId)
Argument | Definition |
---|---|
partnerId
|
Specifies the ID of the partner. |
Online command that removes the signing certificate from the partner entry and displays the result of the operation.
Removes the signing certificate from the partner entry, referenced by the partnerId parameter, and displays the result of the operation.
deletePartnerEncryptionCert(partnerId)
Argument | Definition |
---|---|
partnerId
|
Specifies the ID of the partner. |
Online command that retrieves and displays all the identity mapping attributes used to map a token to a requester partner, or to map binding data (SSL Client certificate or HTTP Basic Username) to a requester partner.
Retrieves and displays all the identity mapping attributes used to map a token to a requester partner, or to map binding data (SSL Client certificate or HTTP Basic Username) to a requester partner.
The identity mapping attributes only exist for partners of type Requester.
getPartnerAllIdentityAttributes(partnerId)
Argument | Definition |
---|---|
partnerId
|
Specifies the ID of the Requester partner. Identity mapping attributes only exist for partners of type Requester |
The following invocation retrieves and displays all the identity mapping attributes used to map a token to a requester partner, or to map binding data (SSL Client certificate or HTTP Basic Username) to a requester partner: customPartner
.
getPartnerAllIdentityAttributes(partnerId="customPartner")
Online command that retrieves and displays identity mapping attributes used to map a token or to map binding data to a requester partner.
Retrieves and displays an identity mapping attribute used to map a token to a requester partner, or to map binding data (SSL Client certificate or HTTP Basic Username) to a requester partner.
The identity mapping attributes only exist for partners of type Requester.
getPartnerIdentityAttribute(partnerId, identityAttributeName)
Argument | Definition |
---|---|
partnerId
|
Specifies the ID of the Requester partner. |
IdentityAttributeName
|
Specifies the name of the identity mapping attribute to retrieve and display. For example: httpbasicusername . |
Online command that sets the identity mapping attribute for the Requester partner.
Set the identity mapping attribute specified by identityAttributeName
for the partner of type requester specified by the partnerId parameter. These identity mapping attributes only exist for Requester partners. Displays the result of the operation.
setPartnerIdentityAttribute(partnerId, identityAttributeName, identityAttributeValue)
Argument | Definition |
---|---|
partnerId
|
Specifies the ID of the partner of type Requester. |
identityAttributeName
|
Specifies the name of the identity mapping attribute to retrieve and display. |
identityAttributeValue
|
Specifies the value of the identity mapping attribute to set. |
The following invocation sets the identity mapping attribute specified by identityAttributeName
for the Requester partner of type requester specified by the partnerId parameter. Displays the result of the operation.
setPartnerIdentityAttribute(partnerId="customPartner", identityAttributeName="httpbasicusername",identityAttributeValue="test")
Online command that deletes the identity mapping attribute.
Deletes the identity mapping attribute specified by identityAttributeName
.
The identity mapping attributes used to map a token to a requester partner, or to map binding data (SSL Client certificate or HTTP Basic Username) to a requester partner, and they only exist for Requester partners.
deletePartnerIdentityAttribute(partnerId, identityAttributeName)
Argument | Definition |
---|---|
partnerId
|
Specifies the ID of the partner. |
identityAttributeName
|
Specifies the name of the identity mapping attribute to delete. |
Online command that retrieves and displays all WS Prefixes to Relying Party Partner mappings.
Online command that retrieves and displays the Relying Party Partner mapped to the specified wsprefix parameter, if a mapping for that WS Prefix exists.
Retrieves and displays the Relying Party Partner mapped to the specified wsprefix parameter, if a mapping for that WS Prefix exists.
getWSPrefixAndPartnerMapping(wsprefix)
Argument | Definition |
---|---|
wsprefix
|
Specifies the WS Prefix entry to retrieve and display. The path is optional. If specified, it should take the following form:
http_protocol://hostname_ip/path |
Online command that creates a new WS Prefix mapping to a Relying Partner.
Creates a new WS Prefix mapping to a Relying Partner referenced by the partnerid parameter, and displays the result of the operation.
createWSPrefixAndPartnerMapping(wsprefix, partnerid, description)
Argument | Definition |
---|---|
wsprefix
|
Specifies the WS Prefix entry to retrieve and display. The path is optional. If specified, it should take the following form:
http_protocol://hostname_ip/path |
partnerId
|
Specifies the ID of the partner. |
description
|
Specifies an optional description. |
The following invocation creates a new WS Prefix mapping to a Relying Partner Partner referenced by the partnerid parameter, and displays the result of the operation.
createWSPrefixAndPartnerMapping(wsprefix="http://host1.example.com/path", partnerid="customRPpartner", description="some description")
Online command that deletes an existing mapping of WS Prefix to a Relying Partner Partner.
Deletes an existing mapping of WS Prefix to a Relying Partner, and displays the result of the operation.
deleteWSPrefixAndPartnerMapping(wsprefix)
Argument | Definition |
---|---|
wsprefix
|
Specifies the WS Prefix entry to retrieve and display. The path is optional. If specified, it should take the following form:
http_protocol://hostname_ip/path |
Online command that retrieves the names of all the existing partner profiles and displays them.
Online command that retrieves the configuration data of a specific partner profile, and displays the content of the profile.
Retrieves the configuration data of the partner profile referenced by the partnerProfileId parameter, and displays the content of the profile.
getPartnerProfile(partnerProfileId)
Argument | Definition |
---|---|
partnerProfileId
|
Specifies the name of the partner profile. |
Online command that creates a new requester partner profile with default configuration data.
Creates a new requester partner profile with default configuration data, and displays the result of the operation.
Table 8-2 describes the default configuration created with this command.
Table 8-2 Default Configuration: createRequesterPartnerProfile
Element | Description |
---|---|
Return Error for Missing Claims
|
Default: false |
Allow Unmapped Claims
|
Default: false |
Token Type Configuration
|
The Token Type Configuration table includes the following entries. There are no mappings of token type to WS-Trust Validation Template:
Note: Token Type Configuration and token type to Validation Template mapping are both empty |
Attribute Name Mapping
|
Default: The Attribute Name Mapping table is empty by default. |
createRequesterPartnerProfile(partnerProfileId, defaultRelyingPartyPPID, description)
Argument | Definition |
---|---|
partnerProfileId
|
Specifies the name of the partner profile. |
defaultRelyingPartyPPID
|
Specifies the relying party partner profile to use, if the AppliesTo field is missing from the RST or if it could not be mapped to a Relying Party Partner. |
description
|
Specifies the optional description for this partner profile |
The following invocation creates a new requester partner profile with default configuration data, and displays the result of the operation. For default data descriptions, see Table 8-2.
createRequesterPartnerProfile(partnerProfileId="custom-partnerprofile", defaultRelyingPartyPPID="rpPartnerProfileTest", description="custom partner profile")
Online command that creates a new relying party partner profile with default configuration data.
Creates a new relying party partner profile with default configuration data, and displays the result of the operation.
Table 8-3 describes the default configuration created with this command.
Table 8-3 Default Configuration: createRelyingPartyPartnerProfile
Element | Description |
---|---|
Download Policy |
Default: false |
Allow Unmapped Claims |
Default: false |
Token Type Configuration |
The Token Type Configuration will contain a single entry, with:
Note: For the token type of the issuance template referenced by defaultIssuanceTemplateID, it will be linked to the issuance template, while the other token types will not be linked to any issuance template. If the issuance template referenced by defaultIssuanceTemplateID is of custom token type, the table will only contain one entry, with the custom token type, mapped to the custom token type as the external URI, and mapped to the issuance template referenced by defaultIssuanceTemplateID |
Attribute Name Mapping |
The Attribute Name Mapping table is empty be default. |
createRelyingPartyPartnerProfile(partnerProfileId, defaultIssuanceTemplateID, description)
Argument | Definition |
---|---|
partnerProfileId
|
Specifies the name of the partner profile. |
defaultIssuanceTemplateID
|
Specifies the default issuance template and token type to issue if no token type was specified in the RST. |
description
|
Specifies the optional description for this partner profile |
The following invocation creates a new relying party partner profile with default configuration data, and displays the result of the operation.
createRelyingPartyPartnerProfile(partnerProfileId="custom-partnerprofile", defaultIssuanceTemplateID="saml11-issuance-template", description="custom partner profile")
Online command that creates a new issuing authority partner profile with default configuration data.
Creates a new issuing authority partner profile with the default configuration data in Table 8-4, and displays the result of the operation.
Table 8-4 Default Configuration: createIssuingAuthorityPartnerProfile
Element | Description |
---|---|
Server Clockdrift |
Default: 600 seconds |
Token Mapping |
The Token Mapping Section will be configured as follows:
Empty fields
|
Partner NameID Mapping |
The Partner NameID Mapping table will be provisioned with the following entries as NameID format. However, without any data in the datastore column the issuance template referenced by defaultIssuanceTemplateID is of token type SAML 1.1, SAML 2.0, or Username. The table will contain the following entries:
|
User NameID Mapping |
The User NameID Mapping table will be provisioned with the following entries as NameID format:
|
Attribute Mapping |
The Attribute Value Mapping and Attribute Name Mapping table is empty be default. |
createIssuingAuthorityPartnerProfile(partnerProfileId, description)
Argument | Definition |
---|---|
partnerProfileId
|
Specifies the name of the partner profile. |
description
|
Specifies the optional description for this partner profile |
Online command that deletes an partner profile referenced by the partnerProfileId parameter. (See Advanced Identity Federation Commands for information regarding SAML 1.1.)
Deletes an partner profile referenced by the partnerProfileId parameter, and displays the result of the operation.
deletePartnerProfile(partnerProfileId)
Argument | Definition |
---|---|
partnerProfileId
|
Specifies the name of the partner profile to be removed. |
Online command that retrieves the names of all the existing issuance templates.
Online command that retrieves the configuration data of a specific issuance template.
Retrieves the configuration data of the issuance template referenced by the issuanceTemplateId parameter, and displays the content of the template.
getIssuanceTemplate(issuanceTemplateId)
Argument | Definition |
---|---|
issuanceTemplateId
|
Specifies the name of the issuance template. |
Online command that creates a new issuance template with default configuration data.
Creates a new issuance template with default configuration data, and displays the result of the operation.
Table 8-5 describes the default configuration for this command.
Table 8-5 Default Configuration: createIssuanceTemplate
Token Type | Description |
---|---|
Username |
The issuance template will be created with the following default values:
|
SAML 1.1 or SAML 2.0 |
The issuance template will be created with the following default values:
Empty tables: Attribute Name Mapping, Attribute Value Mapping and Attribute Value Filter |
Custom Type |
The issuance template will be created with the following default values:
|
createIssuanceTemplate(issuanceTemplateId, tokenType, signingKeyId, description)
Argument | Definition |
---|---|
issuanceTemplateId
|
Specifies the name of the issuance template to be created. |
tokenType
|
Possible values can be:
|
signingKeyId
|
Specifies the keyID referencing the key entry (defined in the STS General Settings UI section) that will be used to sign outgoing SAML Assertions. Only required when token type is saml11 or saml20. |
description
|
An optional description. |
Online command that deletes an issuance template referenced by the issuanceTemplateId parameter, and displays the result of the operation.
Deletes an issuance template referenced by the issuanceTemplateId parameter, and displays the result of the operation.
deleteIssuanceTemplate(issuanceTemplateId)
Argument | Definition |
---|---|
issuanceTemplateId
|
Specifies the name of the existing issuance template to be removed. |
Online command that retrieves the names of all the existing validation templates.
Online command that retrieves the configuration data of a specific validation template, and displays the content of the template.
Retrieves the configuration data of the validation template referenced by the validationTemplateId parameter, and displays the content of the template.
getValidationTemplate(validationTemplateId)
Argument | Definition |
---|---|
validationTemplateId
|
Specifies the name of the existing validation template. |
Online command that creates a new validation template with default configuration data.
Creates a new WSS validation template with default configuration data, and displays the result of the operation. The validation template is created using the values in Table 8-6, depending on the token type.
Table 8-6 Default Configuration: createWSSValidationTemplate
Token Type | Description |
---|---|
Username |
The validation template will be created with the following default values:
|
SAML 1.1 or SAML 2.0 |
The validation template will be created with the following default values:
The Token Mapping section will be created with the following default values:
Empty fields: User Token Attribute, User Datastore Attribute and Attribute Based User Mapping Also:
Partner NameID Mapping table will be provisioned with the following entries as NameID format, but without any data in the datastore column:
User NameID Mapping table will be provisioned with the following entries as NameID format:
|
X.509 |
The Token Mapping section will be created with the following default values:
Empty fields: User Token Attribute, User Datastore Attribute and Attribute Based User Mapping Also:
|
Kerberos |
The Token Mapping section will be created with the following default values:
Empty fields: Partner Token Attribute, Partner Datastore Attribute and Attribute Based User Mapping Also:
|
createWSSValidationTemplate(templateId, tokenType, defaultRequesterPPID, description)
Argument | Definition |
---|---|
templateId
|
Specifies the name of the name of the validation template to be created. |
tokenType
|
Specifies the token type of the validation template. Possible values can be:
|
defaultRequesterPPID
|
Specifies the Requester partner profile to use if OSTS is configured not to map the incoming message to a requester. |
description
|
Specifies an optional description. |
The following invocation creates a new validation template with default configuration data, and displays the result of the operation.
createWSSValidationTemplate(templateId="custom-wss-validtemp", tokenType="custom", defaultRequesterPPID="requesterPartnerProfileTest", description="custom validation template")
Online command that creates a new WS-Trust validation template with default configuration data.
Creates a new WS-Trust validation template with default configuration data, and displays the result of the operation. The WS-Trust validation template is created with the values in Table 8-7, depending on the token type.
Table 8-7 Default Configuration: createWSTrustValidationTemplate
Token Type | Description |
---|---|
Username |
The WS-Trust validation template will be created with the following default values:
|
SAML 1.1 or SAML 2.0 |
The WS-Trust validation template will be created with the following default values:
The Token Mapping section will be created with the following default values:
Empty fields: User Datastore Attribute, Attribute Based User Mapping User NameID Mapping table will be provisioned with the following entries as NameID format:
|
X.509 |
The WS-Trust Token Mapping section will be created with the following default values:
|
Kerberos |
The WS-Trust Token Mapping section will be created with the following default values:
|
OAM |
The WS-Trust Token Mapping section will be created with the following default values:
|
custom |
The WS-Trust Token Mapping section will be created with the following default values:
|
createWSTrustValidationTemplate(templateId, tokenType, description)
Argument | Definition |
---|---|
templateId
|
Specifies the name of the name of the WS-Trust validation template to be created. |
tokenType
|
Specifies the token type of the WS-Trust validation template. Possible values can be:
|
description
|
Specifies an optional description. |
Online command that deletes a validation template.
Deletes a validation template referenced by the validationTemplateId parameter, and displays the result of the operation.
deleteValidationTemplate(validationTemplateId)
Argument | Definition |
---|---|
validationTemplateId
|
Specifies the name of the validation template to be removed. |
Online command required to allow custom Mobile Security Access Server (MSAS)/Oracle Web Services Manager (OWSM) policies to work.
Online command modifies the Security Token Service configuration to allow custom MSAS/OWSM policies to work.
configureOWSMAgentSTS(<type>, <server="soa_server1">)
Argument | Definition |
---|---|
type
|
The type can be 'classpath' or 'policymanager'. If OWSM policy manager service has to be seeded with STS policy, then pass in 'policymanager'. Otherwise, use 'password' and STS policies are picked from sts_policies.jar. |
server |
Optional. If type=policymanager, enter the WLS managed server name where the OWSM Document Manager MBean is deployed. |