I've been scouring the IBM docs to try to find this but I keep coming up empty. Does anyone know the related script/command using wsadmin to configure the 'Web authentication behavior' for a WAS 7.0 setup?
The setting I'm looking at can be reached from the console from Security > Global Security > Web and SIP security > General Settings > Authenticate only when the URI is protected > Use available authentication data when an unprotected URI is accessed
Update:
Based on comments I toggled the setting and found the config that changed in {profile}/security.xml.
This is what it looked like with the "Use available authentication data when an unprotected URI is accessed" check-box unchecked:
<webAuthAttrs xmi:id="DescriptiveProperty_8" name="com.ibm.wsspi.security.web.webAuthReq" value="lazy" type="String" displayNameKey="" nlsRangeKey="" hoverHelpKey="" range="lazy,persisting,always" inclusive="false" firstClass="false"/>
and here is what it looked like once I checked it (which is what I'm trying to do with wsadmin):
<webAuthAttrs xmi:id="DescriptiveProperty_8" name="com.ibm.wsspi.security.web.webAuthReq" value="persisting" type="String" displayNameKey="" nlsRangeKey="" hoverHelpKey="" range="lazy,persisting,always" inclusive="false" firstClass="false"/>
So the question now is, how do I update this specific property using wsadmin?
Try this:
set sec [$AdminConfig getid /Security:/]
foreach descProp [$AdminConfig list DescriptiveProperty $sec] {
set name [$AdminConfig showAttribute $descProp name]
if {$name == "com.ibm.wsspi.security.web.webAuthReq"} {
puts "Updating $descProp"
$AdminConfig modify $descProp {{value persisting}}
}
}
Execute with bin/wsadmin -f webAuthReq.jacl