is there some way (other than the recording using admin console) to find the Path to a mbean in the namespace in order to navigate to it using cd() wlst command.
Eg)
connect(adminUserName, adminPassword, adminURL)
serverConfig()
authenticatorPath= '/SecurityConfiguration/' + domainName + '/Realms/' + realmName + '/AuthenticationProviders/DefaultAuthenticator'
print authenticatorPath
cd(authenticatorPath)
how to determine the path to be used for the navigation
Please try to use the lookup() command given in WLST. You must know the type of the MBean that should be as second argument.
Ref: Oracle Documentation
Related
I am trying to set up some monitoring for my host. I know that I can access it via the macro $HOSTADDRESS$, but how can I actually append the correct string to it? The $HOSTADDRESS$ won't return anything on just the root (so nothing on /), but I want it rather to check on /health-check. Is it possible to append the /health-check to $HOSTADDRESS$ somehow?
Using Opsview 6, which is based on Nagios.
You can pass the change to check_http in your service description
check_http --help
...
-u, --url=PATH
URL to GET or POST (default: /)
...
check_command check_http!--url=/health-check
I have nearly a hundred data sources in a WebSphere Application Server (WAS) and due to office relocation, the IP of the database servers have changed and I need to update the datasource IP addresses in my WAS too.
Considering it error-prone to update hundred IPs through admin console.
Is there any way that I can make the change by updating config files or running a script? My version of WAS is 7.0.
You should be able to use the WAS Admin Console's built-in "command assistance" to capture simple code snippets for listing datasources and changing them by just completing those operations in the UI once.
Take those snippets and create a new jython script to list and update all of them.
More info on command assistance:
http://www.ibm.com/developerworks/websphere/library/techarticles/0812_rhodes/0812_rhodes.html
wsadmin scripting library:
https://github.com/wsadminlib/wsadminlib
You can achieve this using wsadmin scripting. Covener has the right idea with using the admin console's command assistance to do the update once manually (to get the code) and then dump that into a script that you can automate.
The basic idea is that a datasource has a set of properties nested under it, one of which is the ip address. So you want to write a script that will query for the datasource, find its nested property set, and iterate over the property set looking for the 'ipAddress' property to update.
Here is a function that will update the value of the "ipAddress" property.
import sys
def updateDataSourceIP(dsName, newIP):
ds = AdminConfig.getid('/Server:myServer/JDBCProvider:myProvider/DataSource:' + dsName + '/')
propertySet = AdminConfig.showAttribute(ds, 'propertySet')
propertyList = AdminConfig.list('J2EEResourceProperty', propertySet).splitlines()
for prop in propertyList:
print AdminConfig.showAttribute(prop, 'name')
if (AdminConfig.showAttribute(prop, 'name') == 'ipAddress'):
AdminConfig.modify(prop, '[[value '" + newIP + "']]')
AdminConfig.save();
# Call the function using command line args
updateDataSourceIP(sys.argv[0], sys.argv[1])
To run this script you would invoke the following from the command line:
$WAS_HOME/bin/wsadmin.sh -lang jython -f /path/to/script.py myDataSource 127.0.0.1
**Disclaimer: untested script. I don't know the name of the "ipAddress" property off the top of my head, but if you run this once it will print out all the properties on your ds, so you can get it there
Some useful links:
Basics about jython scripting
Modifying config objects using wsadmin
As an improvement to aguibert's script, to avoid having to provide all 100 datasource names and to update it to correct the containment path of the configuration id, consider this script which will update all datasources, regardless of the scope at which they're defined. As always, backup your configuration before beginning and once you're satisified the script is working as expected, replace the AdminConfig.reset() with save(). Note, these scripts will likely not work properly if you're using connection URLs in your configuration.
import sys
def updateDataSourceIP(newIP):
datasources = AdminConfig.getid('/DataSource:/').splitlines()
for datasource in datasources:
propertySet = AdminConfig.showAttribute(datasource, 'propertySet')
propertyList = AdminConfig.list('J2EEResourceProperty', propertySet).splitlines()
for prop in propertyList:
if (AdminConfig.showAttribute(prop, 'name') == 'serverName'):
oldip = AdminConfig.showAttribute(prop, 'value')
print "Updating serverName attribute of datasource '" + datasource + "' from " + oldip + " to " + sys.argv[0]
AdminConfig.modify(prop, '[[value ' + newIP + ']]')
AdminConfig.reset();
# Call the function using command line arg
updateDataSourceIP(sys.argv[0])
The script should be invoked similarly to the above, but without the datasource parameter, the only parameter is the new hostname or ip address:
$WAS_HOME/bin/wsadmin.sh -lang jython -f /path/to/script.py 127.0.0.1
I am working on developing a efficient tool for source code security testing.I have looked into OWASP's Orizon project. It looked interesting. But I am not able to get proper example implementations and documentation for the same. Can any one help me in doing it??
The source code of last version of OWASP Orizon (currently 1.39) is available on github but you will need to tweak the ant build.xml to build it. You can also download the binary version (1.19) on sourceforge. You then just have to extract the tar.gz and run the orizon.sh that will give you a command prompt.
The available commands are the following:
* open directory_name: opens directory_name for scanning.
* model: creates an application model from the opened directory.
* stat: prints out some statistics coming from orizon engines
* crawl: performs a code crawling
* set option [value]: sets the option telling orizon how to behave
valid option are:
+ mirage [trace|notrace]: trace and notrace to put the engine in
trace or in no trace mode.
+ quiet: says orizon to run quietly
+ store_output: says orizon not to use standard output to
print informations (valuable only for development team)
+ orl_root directory: specifies an alternative root for security
library overriding lib/orizon-library-1.19.jar
+ report_format [txt|html|xml|console]: specifies the output
format. Using console, output onto disk
will be disabled.
+ report_name filename: write report in filename, stored in the
directory you launch osh from.
* report: prints out the findings report
* version: prints the version number
* info: prints the version number and the available engines signature
I am trying to install the AEM CQ as windows service in publish mode. But it is getting installed as an author.
I have changed the variable to publish in instsrv.bat
D:\AdobeAEM\crx-quickstart\opt\helpers\instsrv.bat
:: runmode(s)
set cq_runmode="publish"
:: HTTP port
set cq_port=4503
Still, it is opening in author mode.
I have not configured author in this server
Am I missing something?
if you are working con CQ5.5 It's ok, but in AEM(5.6) It's impossible to install it as publish mode if you installed it as author before.
Based on what you described it sounds like you added JVM parameters to the jvm_options variable without separating the values with the # character. If you don't separate them with '#' or ';' then the runmode will not get included in the --JvmOptions= parameter passed to prunsrv. See the section code below from instsrv.bat which shows this.
:: default JVM options
:: separate multiple entries by ";" or "#"
:: if you need these chars put them inside single quotes
set jvm_options=-XX:MaxPermSize=256M
::* ------------------------------------------------------------------------------
::* do not configure below this point
::* ------------------------------------------------------------------------------
set main_class=org.apache.sling.launchpad.app.Main
set start_param=start#-c#.#-i#launchpad
if defined cq_runmode (set jvm_options=%jvm_options%#-Dsling.run.modes=%cq_runmode%)
Part of script that calls prunsrv:
:run_install
chdir /D %~dp0
prunsrv //IS//%service_name% --Description="%service_description%" --DisplayName="%service_name%" --Startup="%service_startmode%" --StartPath=%context% --Classpath=%CQ_JARFILE% --JvmMx=%jvm_mx% --JvmOptions=%jvm_options% --StdOutput=%context%\logs\startup.log --StdError=%context%\logs\startup.log --LogPath=%context%\logs --PidFile=..\conf\cq.pid --StartMode jvm --StartClass=%main_class% --StartParams=%start_param% --StopMode=jvm --StopClass=%main_class% --StopParams=%stop_param% --Jvm=%jvm_path%
if defined start (net start %service_name%)
goto exit
I'm having a few problems breaking out an MsBuild package+deploy command into two separate commands. (I need to do this to pass additional parameters to MsDeploy).
The command that works fine looks like this:
msbuild "src\Solution.sln"
/P:Configuration=Deploy-Staging
/P:DeployOnBuild=True
/P:DeployTarget=MSDeployPublish
/P:MsDeployServiceUrl=https://192.168.0.1:8172/MsDeploy.axd
/P:DeployIISAppPath=staging.website.com
/P:AllowUntrustedCertificate=True
/P:MSDeployPublishMethod=WmSvc
/P:CreatePackageOnPublish=True
/P:UserName=staging-deploy
/P:Password=xyz
The separated packaging command looks like this:
msbuild "src\Solution.sln"
/P:Configuration=Deploy-Staging
/P:DeployOnBuild=True
/P:DeployTarget=Package
/P:_PackageTempDir=C:\temp\web
which works fine. But then the MsDeploy portion:
msdeploy
-verb:sync
-allowUntrusted
-usechecksum
-source:manifest=
'src\WebProject\obj\Deploy-Staging\Package\WebProject.SourceManifest.xml'
-dest:auto,ComputerName=
'https://192.168.0.1:8172/MsDeploy.axd?site=staging.website.com',
username='staging-deploy',password='xyz',authType='basic',includeAcls='false'
-enableRule:DoNotDeleteRule
fails, with the following error in WmSvc.log
wmsvc.exe Error: 0 : Attempted to perform an unauthorized operation.
setAcl/C:\temp\web (Read)
ProcessId=15784
ThreadId=31
DateTime=2011-03-30T14:57:02.4867689Z
Timestamp=3802908721815
wmsvc.exe Error: 0 : Not authorized.
Details: No rule was found that could authorize user 'staging-deploy',
provider 'setAcl', operation 'Read', path 'C:\temp\web'.
(and several more Read/Write operations)
Something is clearly going wrong with the paths it's trying to access (as it works fine with the other method) - I'm not sure it's even trying to use the iisApp targeting correctly, and at the moment I don't think the correct web.config's will be deployed either.
I've got this fixed now - I needed a different command to the one the automatically generated .cmd file was using, but comparing the two allowed me to fix it up (thanks #Vishal R. Joshi)
The differences I needed was:
basic authentication
allow untrusted certificates
?site=staging.webserver on the end of the MsBuild.axd path, as with my original command
override the IIS Web App name that is set in the params file
enable the do not delete rule
The winning command is as follows:
msdeploy
-verb:sync
-allowUntrusted
-source:package='src\WebProject\obj\Deploy-Staging\Package\WebProject.zip'
-dest:auto,ComputerName=
'https://192.168.0.1:8172/MsDeploy.axd?site=staging.website.com',
username='staging-deploy',password='xyz',authType='basic',includeAcls='false'
setParamFile:
"src\WebProject\obj\Deploy-Staging\Package\WebProject.SetParameters.xml"
-setParam:name='IIS Web Application Name',value='staging.website.com'
-enableRule:DoNotDeleteRule
-disableLink:AppPoolExtension -disableLink:ContentExtension
-disableLink:CertificateExtension
Hope this helps someone!
Add a delegation rule on the server using inetmgr to allow staging-deploy to carry out set-Acl operations.
Inetmgr -> Click on server node -> Management Service Delegation (in Management) -> Click Add rule to the right -> Choose the template labelled "Set Permissions for Applications" -> Accept defaults and click OK.
This should let you deploy any package or manifest with setAcl as long as the user you are deploying as, has permissions to the site you are deploying to.
You are able to specify the -setParam:name='',value='' flag when calling the MyProject.deploy.cmd file that is created when you generate a Package from a web project. The cmd is a friendly wrapper around msdeploy.exe, so you have no need to specify all the rest of the defaults.
Here's the details: http://evolutionarydeveloper.blogspot.co.uk/2013/05/specifying-environment-variables-at.html