wls jms security policy
Overview
This resource allows you to manage security authorization policies in an WebLogic Security Realm.
Experience the Power of Puppet for WebLogic
If you want to play and experiment with Puppet and WebLogic, please take a look at our playgrounds. At our playgrounds, we provide you with a pre-installed environment, where you experiment fast and easy.
Attributes
Attribute Name | Short Description |
---|---|
action | action to apply authorization policy on for a queue or topic |
authorizationprovider | The security authorization providers of the domain |
destinationtype | The destination type of a jms resource (queue or topic) |
disable_autorequire | Puppet supports automatic ordering of resources by autorequire. |
disable_corrective_change | Disable the modification of a resource when Puppet decides it is a corrective change. |
disable_corrective_ensure | Disable the creation or removal of a resource when Puppet decides is a corrective change. |
domain | With this parameter, you identify the domain, where your objects is in. |
ensure | The basic property that the resource should be in. |
jmsmodule | The JMS module name. |
name | The name. |
policyexpression | A string representation of an security authorization policy |
provider | resource. |
resourcename | The name of the jms resource |
timeout | Timeout for applying a resource. |
action
action to apply authorization policy on for a queue or topic
Valid values are send
, receive
, browse
, all
.
Back to overview of wls_jms_security_policy
authorizationprovider
The security authorization providers of the domain
Back to overview of wls_jms_security_policy
destinationtype
The destination type of a jms resource (queue or topic)
Valid values are queue
, topic
.
Back to overview of wls_jms_security_policy
disable_autorequire
Puppet supports automatic ordering of resources by autorequire. Sometimes, however, this causes issues. Setting this parameter to true
, disables autorequiring for this specific resource.
USE WITH CAUTION!!
Here is an example on hopw to use this:
...{'domain_name/...':
disableautorequire => true,
...
}
Back to overview of wls_jms_security_policy
disable_corrective_change
Disable the modification of a resource when Puppet decides it is a corrective change.
(requires easy_type V2.11.0 or higher)
When using a Puppet Server, Puppet knows about adaptive and corrective changes. A corrective change is when Puppet notices that the resource has changed, but the catalog has not changed. This can occur for example, when a user, by accident or willingly, changed something on the system that Puppet is managing. The normal Puppet process then repairs this and puts the resource back in the state as defined in the catalog. This process is precisely what you want most of the time, but not always. This can sometimes also occur when a hardware or network error occurs. Then Puppet cannot correctly determine the current state of the system and thinks the resource is changed, while in fact, it is not. Letting Puppet recreate remove or change the resource in these cases, is NOT wat you want.
Using the disable_corrective_change
parameter, you can disable corrective changes on the current resource.
Here is an example of this:
crucial_resource {'be_carefull':
...
disable_corrective_change => true,
...
}
When a corrective ensure does happen on the resource Puppet will not modify the resource and signal an error:
Error: Corrective change present requested by catalog, but disabled by parameter disable_corrective_change
Error: /Stage[main]/Main/Crucial_resource[be_carefull]/parameter: change from '10' to '20' failed: Corrective change present requested by catalog, but disabled by parameter disable_corrective_change. (corrective)
Back to overview of wls_jms_security_policy
disable_corrective_ensure
Disable the creation or removal of a resource when Puppet decides is a corrective change.
(requires easy_type V2.11.0 or higher)
When using a Puppet Server, Puppet knows about adaptive and corrective changes. A corrective change is when Puppet notices that the resource has changed, but the catalog has not changed. This can occur for example, when a user, by accident or willingly, changed something on the system that Puppet is managing. The normal Puppet process then repairs this and puts the resource back in the state as defined in the catalog. This process is precisely what you want most of the time, but not always. This can sometimes also occur when a hardware or network error occurs. Then Puppet cannot correctly determine the current state of the system and thinks the resource is changed, while in fact, it is not. Letting Puppet recreate remove or change the resource in these cases, is NOT wat you want.
Using the disable_corrective_ensure
parameter, you can disable corrective ensure present or ensure absent actions on the current resource.
Here is an example of this:
crucial_resource {'be_carefull':
ensure => 'present',
...
disable_corrective_ensure => true,
...
}
When a corrective ensure does happen on the resource Puppet will not create or remove the resource and signal an error:
Error: Corrective ensure present requested by catalog, but disabled by parameter disable_corrective_ensure.
Error: /Stage[main]/Main/Crucial_resource[be_carefull]/ensure: change from 'absent' to 'present' failed: Corrective ensure present requested by catalog, but disabled by parameter disable_corrective_ensure. (corrective)
Back to overview of wls_jms_security_policy
domain
With this parameter, you identify the domain, where your objects is in.
The domain name is part of the full qualified name of any WebLogic object on a system. Let’s say we want to describe a WebLogic server. The full qualified name is:
wls_server{'domain_name/server_name':
ensure => present,
...
}
When you don’t specify a domain name, Puppet will use default
as domain name. For every domain you want to manage, you’ll have to put a wls_settings
in your manifest.
Back to overview of wls_jms_security_policy
ensure
The basic property that the resource should be in.
Valid values are present
, absent
.
Back to overview of wls_jms_security_policy
jmsmodule
The JMS module name.
Back to overview of wls_jms_security_policy
name
The name.
Back to overview of wls_jms_security_policy
policyexpression
A string representation of an security authorization policy
Back to overview of wls_jms_security_policy
provider
The specific backend to use for this wls_jms_security_policy
resource. You will seldom need to specify this — Puppet will usually discover the appropriate provider for your platform.Available providers are:
- simple
Back to overview of wls_jms_security_policy
resourcename
The name of the jms resource
Back to overview of wls_jms_security_policy
timeout
Timeout for applying a resource.
To be sure no Puppet operation, hangs a Puppet daemon, all operations have a timeout. When this timeout expires, Puppet will abort the current operation and signal an error in the Puppet run.
With this parameter, you can specify the length of the timeout. The value is specified in seconds. In this example, the timeout
is set to 600
seconds.
wls_server{'my_server':
...
timeout => 600,
}
The default value for timeout
is 120 seconds.