Configuring security authorization for Liberty servers on IBM i
iAdmin GRANTAUTH command, you can authorize the QEJBSVR user
profile to access the required resources for running the Liberty server.
Before you begin
- The Liberty environment was installed as a feature of a product offering using the IBM® Installation Manager.
- The Job Manager was used to install the Liberty environment and the Run optional installation scripts on IBM i targets option is selected. See Installing Liberty resources using the job manager for more information.
iAdmin POSTINSTALLcommand was called after Installing Liberty by extracting an archive file.
Also, QEJBSVR is granted authorization to files in the
$WLP_OUTPUT_DIR locations in all of these installation scenarios. Additionally,
when servers are created, QEJBSVR is granted authorization to server definition files and the
About this task
- Creating files manually or modifying the authorities on shared resources and server definitions files.
- Configuring a server to access resources the QEJBSVR user profile is not yet authorized to.
- Granting the server role to the QEJBSVR user profile for the shared resources, server
definitions and output locations configured for the Liberty environment installed at
/WAS/wlp/lib/native/os400/bin/iAdmin GRANTAUTH -rolename server -userprofilename QEJBSVR
- Granting the server role to the QEJBSVR user profile for shared resources and server definitions
in /WAS/myWlpServers/usr, and for any server output locations defined by the
WLP_OUTPUT_DIR variable in files matching the definition in the
/WAS/wlp/lib/native/os400/bin/iAdmin GRANTAUTH -rolename server -userprofilename QEJBSVR -userdir /WAS/myWlpServers/usr
- Granting the server role to the QEJBSVR user profile for output location
/WAS/wlp/lib/native/os400/bin/iAdmin GRANTAUTH -rolename server -userprofilename QEJBSVR -outputdir /WAS/myWlpOutput/servers