You can use the wsadmin
command-line utility to delete the Security
Assertion Markup Language (SAML) trust association interceptor (TAI) in the security configuration
of the WebSphere Application Server.
Procedure
- Start the WebSphere Application Server.
- Start the
wsadmin
command utility from the
app_server_root/bin directory by entering the command: wsadmin -lang
jython
.
- At the
wsadmin
prompt, enter the following command:
AdminTask.deleteSAMLTAISSO()
You can use the following parameters with this command:
Table 1. deleteSAMLTAISSO parameters
Parameter |
Description |
-ssoId |
This parameter is optional if you have only one SSO service provider partner.
If you have more than one SSO service provider partner, this parameter is required. It is the
identifier for the group of custom properties that are associated with the SSO service provider
partner. This parameter is specified as an integer. |
-securityDomainName |
This parameter specifies the name of the security domain of interest. If a
value for this parameter is not specified, the command uses the global security configuration. This
parameter is specified as a String. |
-deleteSigningCert |
This parameter is optional. Specify true if you want to
delete the signing certificate from the truststore whose alias is the value for the
sso_(ssoId).sp.trustedAlias property. This alias is not deleted from the truststore
if it is referenced by another service provider. This parameter is specified as a Boolean. |
Results
The SAML TAI SSO service provider partner properties have been deleted for this WebSphere
Application Server.
Example
The following example deletes the SAML TAI SSO service provider partner 1 from the global
security SAML TAI
configuration:AdminTask.deleteSAMLTAISSO('-ssoId 1')
The
following example deletes the SAML TAI SSO service provider partner 1 from the security domain
myDomain1
. The example also deletes the signing certificate that is associated with
sso_1.sp.trustedAlias
from the truststore:
AdminTask.deleteSAMLTAISSO('-ssoId 1 -deleteSigningCert true -securityDomainName myDomain1')