Resetting security policies

If you need to reset the security policies (permissions, roles, and access collections) to their default state, you can do so by replacing two files. However, resetting security policies requires that you delete and re-create all users.

About this task

The security policies are stored in the following two files in the $COLLATION_HOME/var/policy directory, and these files are used to initialize the security policies:
  • AuthorizationPolicy.xml
  • AuthorizationRoles.xml
After the security policies are initialized, these files are renamed and stored in the same directory. For example, the following files have been renamed:
  • AuthorizationPolicy.backup.xml
  • AuthorizationRoles.backup.xml

Default versions of the files, which contain the supplied security policies, are also located in the same directory. The following files are the default versions:

  • DefaultPolicy.xml
  • DefaultRoles.xml

Procedure

To restore the default security policies, complete the following steps:

  1. To save the current policy files, rename them, or move them to a different directory.
  2. Delete any users that you created.
  3. Delete the $COLLATION_HOME/var/ibmsecauthz directory.
  4. Create a copy of the DefaultPolicy.xml file, and name it AuthorizationPolicy.xml.
  5. Create a copy of the DefaultRoles.xml file, and name it AuthorizationRoles.xml.
  6. Restart the server.
  7. As needed, create users.