Use the commands listed in Table 3-10 to manage the Oracle Infrastructure Web Services documents stored in the OWSM repository. For additional information about upgrading or migrating documents in an OWSM repository, see "Upgrading the OWSM Repository" in the Securing Web Services and Managing Policies with Oracle Web Services Manager.
Note:
The repository management commands listed in Table 3-11 have been deprecated in this release.
To manage the OWSM repository in release 12c, it is recommended that you use the new WLST commands listed in Table 3-10. For a complete list of deprecated commands, see "Deprecated Commands for Oracle Infrastructure Web Services" in Release Notes for Oracle Fusion Middleware Infrastructure.
Additional MDS WLST commands are described in Metadata Services (MDS) Custom WLST Commands.
Table 3-10 Oracle Infrastructure Web Services - WLST Commands for Repository Management
| Use this command... | To... | Use with WLST... |
|---|---|---|
|
Export a set of applications metadata from the repository into a supported ZIP archive. Note: This command is supported for Oracle Infrastructure and RESTful web services only. This command is not supported for ADF DC web service clients and Java EE web services. |
Online |
|
|
Export a set of documents from the repository into a supported ZIP archive. |
Online |
|
|
Import a set of documents from a supported ZIP archive into the repository. |
Online |
|
|
Migrate the custom roles and policies from the |
Online |
|
|
Migrates direct (local) policy attachments that are identical to the external global policy attachments that would otherwise be attached to each policy subject in the current domain. |
Online |
|
|
Delete the existing policies stored in the repository and refresh it with the latest set of predefined policies that are provided in the new installation of the Oracle Fusion Middleware software. |
Online |
|
|
Upgrade the OWSM predefined policies stored in the repository with any new predefined policies that are provided in the latest installation of the Oracle Fusion Middleware software. |
Online |
Table 3-11 list the WLST commands for managing the OWSM repository that have been deprecated in this release.
Table 3-11 Deprecated WLST Commands for Repository Management
| Use this command... | To... | Use with WLST... |
|---|---|---|
|
Export a set of documents from the repository into a supported ZIP archive. If the specified archive already exists, you can choose whether to overwrite the archive or merge the documents into the existing archive. |
Online |
|
|
Import a set of documents from a supported ZIP archive into the repository. You can provide the location of a file that describes how to map a physical information from the source environment to the target environment. |
Online |
|
|
Delete the existing policies stored in the repository and refresh it with the latest set of predefined policies that are provided in the new installation of the Oracle Fusion Middleware software. |
Online |
|
|
Upgrade the OWSM predefined policies stored in the repository with any new predefined policies that are provided in the latest installation of the Oracle Fusion Middleware software. |
Online |
Note:
This command has been deprecated. It is recommended that you use the exportWSMRepository command, as described in "exportWSMRepository". The following examples show how to migrate to use the exportWSMRepository command.
11g Release:
wls:/jrfServer_domain/serverConfig> exportRepository ("/tmp/repo.zip")
12c Release:
wls:/jrfServer_domain/serverConfig> exportWSMRepository ("/tmp/repo.zip")
Command Category: OWSM Repository Management
Use with WLST: Online
Description
Exports a set of documents from the OWSM repository into a supported ZIP archive. If the specified archive already exists, the following options are presented:
The specified archive already exists. Update existing archive? Enter "yes" to merge documents into existing archive, "no" to overwrite, or "cancel" to cancel the operation.
You can also specify a list of the documents to be exported, or use a search expression to find specific documents in the repository.
Read only documents, such as predefined policies and assertion templates, will not be included in the export.
Syntax
exportRepository(archive,[documents=None],[includeShared='false'])
| Argument | Definition |
|---|---|
|
|
Name of the archive file. If the specified archive already exists, you can choose whether to overwrite the archive or merge the documents into the existing archive. During override, the original archive is backed up and a message describes the location of the backup archive. |
|
|
Optional. The documents to be exported to the archive. If no documents are specified, then all assertion templates, intents, policies, and policy sets will be exported. You can specify a list of the documents to be exported, or use a search expression to find specific documents in the repository. |
|
|
Optional. Specifies whether the policy references should be expanded during export. |
Example
The following examples describe repository export sessions. The first example exports all OWSM documents to the policies.zip file.
wls:/wls-domain/serverConfig>exportRepository("/tmp/policies.zip")
This example exports only the MyPolicySet1, MyPolicySet2, and MyPolicySet3 policy sets to the policies.jar file, and also expands all the policy references output during the export process.
wls:/wls-domain/serverConfig>exportRepository("/tmp/policies.jar", ["/policysets/MyPolicySet1","/policysets/MyPolicySet2","/policysets/MyPolicySet3"], true)
This example exports policy sets using wildcards to the some_global_with_noreference_2 file.
wls:/wls-domain/serverConfig>exportRepository('./export/some_global_with_noreference_2', ['policysets:global/web_%','policysets:global/web_ref%', 'policysets:global/web_call%'], false)
Note:
This command is supported for Oracle Infrastructure and RESTful web services only. This command is not supported for ADF DC web service clients and Java EE web services.
Command Category: OWSM Repository Management
Use with WLST: Online
Description
Exports a set of application metadata from the repository into a supported ZIP archive. If the specified archive already exists, you are presented with a set of options: merge the documents into the existing archive, overwrite the archive, or cancel the operation. By default, all metadata for applications in the current domain is exported to the archive, or you can use a search expression to export specific metadata for applications in the repository.
Note:
Read only documents, such as predefined policies and assertion templates, will not be included in the export.
Syntax
exportWSMAppMetadata(archive,[applications=None],[includeShared='false'])
| Argument | Description |
|---|---|
|
|
Name of the archive file. If the specified archive already exists, you can choose whether to overwrite the archive or merge the documents into the existing archive. During override, the original archive is backed up and a message describes the location of the backup archive. |
|
|
Optional. The metadata of applications to be exported to the archive. If no application names are specified, then all metadata for applications in the current domain will be exported. You can specify a list of search expressions to find specific application metadata in the repository, using this syntax: /{ |
|
|
Optional. Specifies whether the shared documents (those that are specified as policy references within wsm-assembly documents) should be included during export. Because read-only documents can not be exported, only custom or cloned shared policies will be included in the export. |
Examples
The first example exports the application metadata in the repository into the applications.zip file and saves it in the tmp directory.
The second example exports the metadata of the applications whose names begin with SalesApp and TradeApp into the applications.zip file and saves it in the tmp directory.
The third example exports the metadata of the applications whose names begin with SalesApp and TradeApp into the applications.zip file and saves it in the tmp directory. Additionally, shared resources are included in this export.
wls:/wls-domain/serverConfig> exportWSMAppMetadata("/tmp/applications.zip") wls:/wls-domain/serverConfig> exportWSMAppMetadata("/tmp/applications.zip",["/WLS/base_domain/SalesApp%","WLS/base_domain/TradeApp%"]) wls:/wls-domain/serverConfig> exportWSMAppMetadata("/tmp/applications.zip",["/WLS/base_domain/SalesApp%","WLS/base_domain/TradeApp%"], true)
Note:
Use integer values 0 (false) or 1 (true) to pass Boolean types on wsadmin and ojbst because the Python version used by these scripting tools may not support Boolean types.
Command Category: OWSM Repository Management
Use with WLST: Online
Description
Exports a set of documents from the OWSM repository into a supported ZIP archive. If the specified archive already exists, the following options are presented:
The specified archive already exists. Update existing archive? Enter "yes" to merge documents into existing archive, "no" to overwrite, or "cancel" to cancel the operation.
You can also specify a list of the documents to be exported, or use a search expression to find specific documents in the repository.
Note:
Read only documents, such as predefined policies and assertion templates, will not be included in the export.
Syntax
exportWSMRepository(archive,[documents=None],[includeShared='false'])
| Argument | Definition |
|---|---|
|
|
Name of the archive file. If the specified archive already exists, you can choose whether to overwrite the archive or merge the documents into the existing archive. During override, the original archive is backed up and a message describes the location of the backup archive. |
|
|
Optional. The documents to be exported to the archive. If no documents are specified, then only shared documents that include policies and policy sets will be exported. If this argument is specified as an empty string |
|
|
Optional. Specifies whether the shared documents (those that are specified as policy references within policy sets and wsm-assembly documents) should be included during export. Because read-only documents can not be exported, only custom or cloned shared policies will be included in the export. |
Examples
The following examples describe repository export sessions. The first example exports all OWSM documents to the policies.zip archive.
wls:/wls-domain/serverConfig>exportWSMRepository("/tmp/policies.zip")
This example exports only the MyPolicySet1, MyPolicySet2, and MyPolicySet3 policy sets to the policies.jar archive, and also expands all the policy references output during the export process.
wls:/wls-domain/serverConfig>exportWSMRepository("/tmp/policies.jar", ["/policysets/MyPolicySet1","/policysets/MyPolicySet2","/policysets/MyPolicySet3"], true)
This example exports policy sets using wildcards to the some_global_with_noreference_2 archive.
wls:/wls-domain/serverConfig>exportWSMRepository('./export/some_global_with_noreference_2', ['policysets:global/web_%','policysets:global/web_ref%', 'policysets:global/web_call%'], false)
Note:
This command has been deprecated. It is recommended that you use the importWSMArchive command, as described in "importWSMArchive". The following examples show how to migrate to use the importWSMArchive command.
11g Release (for repository documents):
wls:/jrfServer_domain/serverConfig> importRepository ("/tmp/repo.zip")
12c Release (for repository documents):
wls:/jrfServer_domain/serverConfig> importWSMArchive ("/tmp/repo.zip")
Command Category: OWSM Repository Management
Use with WLST: Online
Description
Imports a set of documents from a supported ZIP archive into the OWSM repository. You can use the map argument to provide the location of a file that describes how to map physical information from the source environment to the target environment. For example, you can use the map file to ensure that the attachment expression in a policy set document is updated to match the target environment, such as Domain("foo")=Domain("bar").
Read only documents, such as predefined policies and assertion templates, will not be included in the import.
Syntax
importRepository(archive,[map=None],[generateMapFile='false'])
| Argument | Definition |
|---|---|
|
|
Path to the archive file that contains the list of documents to be imported. If a document being imported is a duplicate of the current version that already exists in the repository, then it will not be imported and a new version of the document is not created |
|
|
Optional. Location of a sample map file that describes how to map physical information from the source environment to the target environment. You can generate a new map file by setting the If you specify a map file without setting the |
|
|
Optional. Specify whether to create a sample map file at the location specified by the map argument. No documents are imported when this argument is set to After the map file is created you can edit it using any text editor. The map file contains the document names given in the archive file and their corresponding Note: When importing documents into the repository, OWSM validates the |
Example
The following examples describe repository import sessions.
The first example imports the contents of the policies.zip file into the repository.
wls:/wls-domain/serverConfig>importRepository("/tmp/policies.zip")
This example uses the generateMapFile argument to generate a map file.
wls:/wls-domain/serverConfig>importRepository("./export/some_global_with_noreference_2', map="./export/some_global_with_noreference_2_map', generateMapFile=true)
Here is an example of a generated map file:
This is an auto generated override file containing the document names given in
the archive file and their corresponding attachTo values. The attachTo value can
be updated according to the new environment details. If there is no update
required for any document name,that entry may be either deleted or commented
using the character ("#")
[Resource Scope Mappings
]
sca_component_add_1=Composite("*Async*")
sca_reference_add_1=Composite("*Basic_SOA_Client*")
sca_reference_no=Server("*")
sca_service_add_1=Composite("*Basic_SOA_service")
web_callback_add_1=Application("*")
web_client_add_1=Module("*")
web_reference_add_1=Domain("*")
web_service_add_1=Domain("*domain*") and Server("*soa*") and Application("*ADF*")
ws_service_no_1=Server("*Admin*")
This example illustrates how to import documents using a generated map file: /some_global_with_noreference_2_map.
wls:/wls-domain/serverConfig>importRepository('../export/export_all', 'export_all_map')
Command Category: OWSM Repository Management
Use with WLST: Online
Description
Imports a set of documents from a supported ZIP archive into the OWSM repository. You can use the map argument to provide the location of a file that describes how to map physical information from the source environment to the target environment. For example, you can use the map file to ensure that the attachment expression in a policy set document is updated to match the target environment, such as Domain("foo")=Domain("bar").
Read only documents, such as predefined policies and assertion templates, will not be included in the import.
Syntax
importWSMArchive(archive,[map=None],[generateMapFile='false'])
| Argument | Definition |
|---|---|
|
|
Name of the archive file. |
|
|
Optional. Location of a sample map file that describes how to map physical information from the source environment to the target environment. You can generate a new map file by setting the If you specify a map file without setting the |
|
|
Optional. Specify whether to create a sample map file at the location specified by the map argument. No documents are imported when this argument is set to After the file is created you can edit it using any text editor. The Note: When importing documents into the repository, OWSM validates the |
Examples
The following examples describe repository import sessions.
The first example imports the contents of the policies.zip file into the repository.
wls:/wls-domain/serverConfig>importWSMArchive("/tmp/policies.zip")
This example uses the generateMapFile argument to generate a map file.
wls:/wls-domain/serverConfig>importWSMArchive("./export/some_global_with_noreference_2', map="./export/some_global_with_noreference_2_map', generateMapFile=true)
Here is an example of a generated map file:
This is an auto generated override file containing the document names given in
the archive file and their corresponding attachTo values. The attachTo value can
be updated according to the new environment details. If there is no update
required for any document name,that entry may be either deleted or commented
using the character ("#")
[Resource Scope Mappings
]
sca_component_add_1=Composite("*Async*")
sca_reference_add_1=Composite("*Basic_SOA_Client*")
sca_reference_no=Server("*")
sca_service_add_1=Composite("*Basic_SOA_service")
web_callback_add_1=Application("*")
web_client_add_1=Module("*")
web_reference_add_1=Domain("*")
web_service_add_1=Domain("*domain*") and Server("*soa*") and Application("*ADF*")
ws_service_no_1=Server("*Admin*")
This example illustrates how to import documents using a generated map file: /some_global_with_noreference_2_map.
wls:/wls-domain/serverConfig>importWSMArchive('../export/export_all', 'export_all_map')
Command Category: OWSM Repository Management
Use with WLST: Online
Description
Migrates the custom roles and policies from the Plan.xml file to the wsm-pm.ear policy store. If the Plan.xml file is not used to override default security, then this command will not migrate the wsm-pm.ear policy store.
Syntax
migrateWSMPMRoles(domain)
| Arguments | Description |
|---|---|
|
domain |
Absolute path to the domain home where the |
Example
In the following example, custom roles and policies are migrated from the Plan.xml file to the wsm-pm.ear policy store that resides in '/WLS/myDomain.
wls:/wls-domain/serverConfig> migrateWSMPMRoles('/WLS/myDomain')
Command Category: OWSM Repository Management
Use with WLST: Online
Description
Migrates direct (local) policy attachments that are identical to the external global policy attachments that would otherwise be attached to each policy subject in the current domain. You can specify whether to force the migration, prompt for confirmation before each migration, or simply list the migrations that would occur. A direct policy attachment is identical if its URI is the same as one provided by a global policy attachment, and if it does not have any scoped configuration overrides.
Note:
A direct attachment with an unscoped override will be migrated but an attachment with a scoped override will not. This is because after running the migrateAttachments() command, the enforcement of the policies on all subjects remains the same, even though some policies are globally attached.
Whether forced or prompted, the command lists each direct policy attachment that is migrated. This output will identify the policy subject that was modified, the URI of the identical policy reference, and the name of the global policy attachment document that duplicated the direct attachment.
Syntax
migrateWSMAttachments([mode='prompt'])
| Argument | Definition |
|---|---|
|
|
The action to be taken for each policy attachment that can be migrated. Valid options are:
If no mode is specified, this argument defaults to |
Examples
The following examples describe how to use the repository attachment migration modes.
wls:/wls-domain/serverConfig>migrateWSMAttachments() wls:/wls-domain/serverConfig>migrateWSMAttachments('force') wls:/wls-domain/serverConfig>migrateWSMAttachments('preview') wls:/wls-domain/serverConfig>migrateWSMAttachments('prompt')
Note:
This command has been deprecated. It is recommended that you use the resetWSMRepository command, as described in "resetWSMRepository". The following examples show how to migrate to use the resetWSMRepository command.
11g Release:
wls:/jrfServer_domain/serverConfig> resetWSMPolicyRepository()
12c Release:
wls:/jrfServer_domain/serverConfig> resetWSMRepository()
Command Category: OWSM Repository Management
Use with WLST: Online
Description
Deletes the existing policies stored in the OWSM repository and refresh it with the latest set of predefined policies that are provided in the new installation of the Oracle Fusion Middleware software. You can use the clearStore argument to specify whether to delete all policies, including custom user policies, from the OWSM repository before loading the new predefined policies.
Syntax
resetWSMPolicyRepository([clearStore='false'])
| Argument | Definition |
|---|---|
|
|
Policies to be deleted. Valid values are:
|
Example
The following example deletes all the policies in the repository, including user policies, and adds the predefined policies provided in the current product installation:
wls:/wls-domain/serverConfig>resetWSMPolicyRepository(true)
Note:
Use integer values 0 (false) or 1 (true) to pass Boolean types on wsadmin and ojbst because the Python version used by these scripting tools may not support Boolean types.
Command Category: OWSM Repository Management
Use with WLST: Online
Description
Deletes the existing policies stored in the repository and refresh it with the current set of predefined policies that are provided in the latest installation of the Oracle Fusion Middleware software. You can use the clearStore argument to specify whether to delete all policies, including custom user policies, from the repository before loading the new predefined policies.
Note:
These command also updates the version number of the predefined policies and assertion templates.Syntax
resetWSMRepository([clearStore='false'])
| Argument | Definition |
|---|---|
|
|
Policies to be deleted. Valid values are:
|
Examples
The following example deletes all the policies in the repository, including user policies, and adds the predefined policies provided in the current product installation:
wls:/wls-domain/serverConfig>resetWSMRepository(true)
Note:
This command has been deprecated. It is recommended that you use the upgradeWSMRepository command, as described in "upgradeWSMRepository". The following examples show how to migrate to use the upgradeWSMRepository command.
11g Release:
wls:/jrfServer_domain/serverConfig> upgradeWSMPolicyRepository()
12c Release:
wls:/jrfServer_domain/serverConfig> upgradeWSMRepository()
Command Category: OWSM Repository Management
Use with WLST: Online
Description
Upgrades the OWSM predefined policies stored in the OWSM repository with any new predefined policies that are provided in the latest installation of the Oracle Fusion Middleware software. If the repository is empty, all of the predefined policies included in the installation are loaded into the repository.
This command does not remove any existing predefined and user-defined custom policies in the repository. If a predefined policy has been modified or discontinued in a subsequent release, one of the following occurs:
For policies that have been discontinued, a message is displayed listing the discontinued policies. In this case, Oracle recommends that you no longer reference the policies and remove them using Oracle Enterprise Manager.
For policies that have changed in the subsequent release, a message is displayed listing the changed policies. Oracle recommends that you import the latest version of the policies using Oracle Enterprise Manager.
Syntax
upgradeWSMPolicyRepository()
Example
The following example upgrades the existing installation with policies provided in the latest release:
wls:/wls-domain/serverConfig>upgradeWSMPolicyRepository()
Command Category: OWSM Repository Management
Use with WLST: Online
Description
Upgrades the OWSM predefined policies stored in the repository with any new predefined policies that are provided in the latest installation of the Oracle Fusion Middleware software. If the repository is empty, all of the predefined policies included in the installation are loaded into the repository.
This command does not remove any existing predefined and user-defined custom policies in the repository. If a predefined policy has been modified or discontinued in a subsequent release, one of the following occurs:
For policies that have been discontinued, a message is displayed listing the discontinued policies. In this case, Oracle recommends that you no longer reference the policies and remove them using Oracle Enterprise Manager.
For policies that have changed in the subsequent release, a message is displayed listing the changed policies. Oracle recommends that you import the latest version of the policies using Oracle Enterprise Manager.
Syntax
upgradeWSMRepository()
Examples
The following example upgrades the existing installation with policies provided in the latest release:
wls:/wls-domain/serverConfig>upgradeWSMRepository()