Syntax: Security Tools
AddChannelACLEntry
Tool name:
AddChannelACLEntry
Description:
Adds an ACL entry on the specified channel for the specified user and host,
on the specified realm.
Usage:
runUMTool AddChannelACLEntry -channelname=<channelname> -rname=<rname>
-type=<type> [optional_args]
Examples:
AddChannelACLEntry -rname=nsp://localhost:8080 -channelname=channel0
-type=group -groupname=security_group0 -fullprivileges=true
AddChannelACLEntry -rname=nsp://localhost:8080 -channelname=channel0
-type=subject -user=username -host=127.0.0.1 -fullprivileges=true
Required arguments:
channelname :
Name of the channel to which the ACL entry is being applied.
rname :
URL of the server on which the channel exists.
type :
Type of ACL entry, either 'group' or 'subject'. If group is chosen,
'groupname' must be set. Otherwise 'user' and 'host' must be set.
Optional Parameters:
groupname :
Name of the group for which ACL is being updated.
user :
User for which ACL is being updated.
host :
Host for which ACL is being updated.
canlistacl :
Specify that the 'list' ACL permission should be added.
canmodifyacl :
Specify that the 'modify' ACL permission should be added.
fullprivileges :
Specify that the 'full permissions' ACL permission should be added.
cangetlasteid :
Specify that the 'get last EID' ACL permission should be added.
canread :
Specify that the 'read' ACL permission should be added.
canwrite :
Specify that the 'write' ACL permission should be added.
canpurge :
Specify that the 'purge' ACL permission should be added.
cannamed :
Specify that the 'named' ACL permission should be added.
canpop :
Specify that the 'pop' ACL permission should be added.
username :
Your Universal Messaging server username.
password :
Your Universal Messaging server password.
AddContainerACLEntry
Tool name:
AddContainerACLEntry
Description:
Adds an ACL entry on the specified container for the specified user and host.
Usage:
runUMTool AddContainerACLEntry -containername=<containername> -rname=<rname>
-type=<type> [optional_args]
Examples:
AddContainerACLEntry -rname=nsp://localhost:8080 -containername=container0
-type=group -groupname=security_group0 -fullprivileges=true
AddContainerACLEntry -rname=nsp://localhost:8080 -containername=container0
-type=subject -user=username -host=127.0.0.1 -fullprivileges=true
Required arguments:
containername :
Name of the container to which the ACL entry is being applied.
rname :
URL of the server from which to start searching for the container.
type :
Type of ACL entry, either 'group' or 'subject'. If group is chosen,
'groupname' must be set. Otherwise 'user' and 'host' must be set.
Optional Parameters:
groupname :
Name of the group for which ACL is being updated.
user :
User for which ACL is being updated.
host :
Host for which ACL is being updated.
canlistacl :
Specify that the 'list' ACL permission should be added.
canmodifyacl :
Specify that the 'modify' ACL permission should be added.
fullprivileges :
Specify that the 'full permissions' ACL permission should be added.
cangetlasteid :
Specify that the 'get last EID' ACL permission should be added.
canread :
Specify that the 'read' ACL permission should be added.
canwrite :
Specify that the 'write' ACL permission should be added.
canpurge :
Specify that the 'purge' ACL permission should be added.
cannamed :
Specify that the 'named' ACL permission should be added.
canpop :
Specify that the 'pop' ACL permission should be added.
username :
Your Universal Messaging server username.
password :
Your Universal Messaging server password.
AddQueueACLEntry
Tool name:
AddQueueACLEntry
Description:
Adds an ACL entry on the specified queue for the specified user and host,
on the specified realm.
Usage:
runUMTool AddQueueACLEntry -queuename=<queuename> -rname=<rname> -type=<type>
[optional_args]
Examples:
AddQueueACLEntry -rname=nsp://localhost:8080 -queuename=queue0 -type=group
-groupname=security_group0 -fullprivileges=true
AddQueueACLEntry -rname=nsp://localhost:8080 -queuename=queue0 -type=subject
-user=username -host=127.0.0.1 -fullprivileges=true
Required arguments:
queuename :
Name of the queue to which the ACL entry is being applied.
rname :
URL of the server on which the queue exists.
type :
Type of ACL entry, either 'group' or 'subject'. If group is chosen,
'groupname' must be set. Otherwise 'user' and 'host' must be set.
Optional Parameters:
groupname :
Name of the group for which ACL is being updated.
user :
User for which ACL is being updated.
host :
Host for which ACL is being updated.
canlistacl :
Specify that the 'list' ACL permission should be added.
canmodifyacl :
Specify that the 'modify' ACL permission should be added.
fullprivileges :
Specify that the 'full permissions' ACL permission should
be added.
canread :
Specify that the 'read' ACL permission should be added.
canwrite :
Specify that the 'write' ACL permission should be added.
canpurge :
Specify that the 'purge' ACL permission should be added.
canpop :
Specify that the 'pop' ACL permission should be added.
username :
Your Universal Messaging server username.
password :
Your Universal Messaging server password.
AddRealmACLEntry
Tool name:
AddRealmACLEntry
Description:
Adds an ACL entry on the specified realm for the specified user and host.
Usage:
runUMTool AddRealmACLEntry -rname=<rname> -type=<type> [optional_args]
Examples:
AddRealmACLEntry -rname=nsp://localhost:8080 -type=group
-groupname=security_group0 -fullprivileges=true
AddRealmACLEntry -rname=nsp://localhost:8080 -type=subject -user=username
-host=127.0.0.1 -fullprivileges=true
Required arguments:
rname :
URL of the realm to which the ACL entry is being applied.
type :
Type of ACL entry, either 'group' or 'subject'. If group is chosen,
'groupname' must be set. Otherwise 'user' and 'host' must be set.
Optional Parameters:
groupname :
Name of the group for which ACL is being updated.
user :
User for which ACL is being updated.
host :
Host for which ACL is being updated.
canlistacl :
Specify that the 'list' ACL permission should be added.
canmodifyacl :
Specify that the 'modify' ACL permission should be added.
fullprivileges :
Specify that the 'full permissions' ACL permission should be added.
canuseadminapi :
Specify that the 'use admin api' ACL permission should be added.
canmanagerealms :
Specify that the 'manage realms' ACL permission should be added.
canmanagejoins :
Specify that the 'manage joins' ACL permission should be added.
canmanagechannels :
Specify that the 'manage channels' ACL permission should be added.
canaccess :
Specify that the 'access' ACL permission should be added.
canoverrideconnectioncount :
Specify that the 'override connection count' ACL permission should be added.
canconfigure :
Specify that the 'configuration' ACL permission should be added.
canmanagedatagroups :
Specify that the 'manage data groups' ACL permission should be added.
canpublishglobaldatagroups :
Specify that the 'publish global data groups' ACL permission should
be added.
cantakeownershipdatagroups :
Specify that the 'take ownership of data groups' ACL permission should
be added.
username :
Your Universal Messaging server username.
password :
Your Universal Messaging server password.
AddSecurityGroup
Tool name:
AddSecurityGroup
Description:
Adds a security group to the specified realm with the specified name.
Usage:
runUMTool AddSecurityGroup -rname=<rname> -groupname=<groupname> [optional_args]
Examples:
AddSecurityGroup -rname=nsp://localhost:8080 -groupname=security_group0
Required arguments:
rname :
URL of the realm to which the security group is being added.
groupname :
Name of the security group to be added.
Optional Parameters:
username :
Your Universal Messaging server username.
password :
Your Universal Messaging server password.
AddUserToSecurityGroup
Tool name:
AddUserToSecurityGroup
Description:
Adds a specified user and host subject to a given security group on a
specified realm.
Usage:
runUMTool AddUserToSecurityGroup -rname=<rname> -groupname=<groupname>
-user=<user> -host=<host> [optional_args]
Examples:
AddUserToSecurityGroup -rname=nsp://localhost:8080 -groupname=security_group0
-user=username -host=127.0.0.1
Required arguments:
rname :
URL of the realm on which is the security group.
groupname :
Name of the security group to which the user is being added.
user :
User of the subject being added to security group.
host :
Host of the subject being added to security group.
Optional Parameters:
username :
Your Universal Messaging server username.
password :
Your Universal Messaging server password.
DeleteChannelACLEntry
Tool name:
DeleteChannelACLEntry
Description:
Deletes the ACL entry from the specified channel with the specified user
and host.
Usage:
runUMTool DeleteChannelACLEntry -channelname=<channelname> -rname=<rname>
-type=<type> [optional_args]
Examples:
DeleteChannelACLEntry -rname=nsp://localhost:8080 -channelname=channel0
-type=group -groupname=security_group0
DeleteChannelACLEntry -rname=nsp://localhost:8080 -channelname=channel0
-type=subject -user=username -host=127.0.0.1
Required arguments:
channelname :
Name of the channel from which the ACL entry is being removed.
rname :
URL of the server on which the channel exists.
type :
Type of ACL entry, either 'group' or 'subject'. If group is chosen,
'groupname' must be set. Otherwise 'user' and 'host' must be set.
Optional Parameters:
groupname :
Name of the group for which the ACL entry is being removed.
user :
User for which the ACL entry is being removed.
host :
Host for which the ACL entry is being removed.
username :
Your Universal Messaging server username.
password :
Your Universal Messaging server password.
DeleteContainerACLEntry
Tool name:
DeleteContainerACLEntry
Description:
Removes an ACL entry from the specified container with the specified user
and host.
Usage:
runUMTool DeleteContainerACLEntry -containername=<containername> -rname=<rname>
-type=<type> [optional_args]
Examples:
DeleteContainerACLEntry -rname=nsp://localhost:8080 -containername=container0
-type=group -groupname=security_group0
DeleteContainerACLEntry -rname=nsp://localhost:8080 -containername=container0
-type=subject -user=username -host=127.0.0.1
Required arguments:
containername :
Name of the container from which the ACL entry is being removed.
rname :
URL of the server from which to start searching for the container.
type :
Type of ACL entry, either 'group' or 'subject'. If group is chosen,
'groupname' must be set. Otherwise 'user' and 'host' must be set.
Optional Parameters:
groupname :
Name of the group for which the ACL entry is being removed.
user :
User for which the ACL entry is being removed.
host :
Host for which the ACL entry is being removed.
username :
Your Universal Messaging server username.
password :
Your Universal Messaging server password.
DeleteQueueACLEntry
Tool name:
DeleteQueueACLEntry
Description:
Deletes the ACL entry from the specified queue with the specified user and host.
Usage:
runUMTool DeleteQueueACLEntry -queuename=<queuename> -rname=<rname>
-type=<type> [optional_args]
Examples:
DeleteQueueACLEntry -rname=nsp://localhost:8080 -queuename=queue0
-type=group -groupname=security_group0
DeleteQueueACLEntry -rname=nsp://localhost:8080 -queuename=queue0
-type=subject -user=username -host=127.0.0.1
Required arguments:
queuename :
Name of the queue from which the ACL entry is being removed.
rname :
URL of the server on which the queue exists.
type :
Type of ACL entry, either 'group' or 'subject'. If group is chosen,
'groupname' must be set. Otherwise 'user' and 'host' must be set.
Optional Parameters:
groupname :
Name of the group for which the ACL entry is being removed.
user :
User for which the ACL entry is being removed.
host :
Host for which the ACL entry is being removed.
username :
Your Universal Messaging server username.
password :
Your Universal Messaging server password.
DeleteRealmACLEntry
Tool name:
DeleteRealmACLEntry
Description:
Removes an ACL entry from the specified realm with the specified user and host.
Usage:
runUMTool DeleteRealmACLEntry -rname=<rname> -type=<type> [optional_args]
Examples:
DeleteRealmACLEntry -rname=nsp://localhost:8080 -type=group
-groupname=security_group0
DeleteRealmACLEntry -rname=nsp://localhost:8080 -type=subject -user=username
-host=127.0.0.1
Required arguments:
rname :
URL of the realm from which the ACL entry is being removed.
type :
Type of ACL entry, either 'group' or 'subject'. If group is chosen,
'groupname' must be set. Otherwise 'user' and 'host' must be set.
Optional Parameters:
groupname :
Name of the group for which the ACL entry is being removed.
user :
User for which the ACL entry is being removed.
host :
Host for which the ACL entry is being removed.
username :
Your Universal Messaging server username.
password :
Your Universal Messaging server password.
DeleteSecurityGroup
Tool name:
DeleteSecurityGroup
Description:
Removes a security group from the specified realm with the specified name.
Usage:
runUMTool DeleteSecurityGroup -rname=<rname> -groupname=<groupname>
[optional_args]
Examples:
DeleteSecurityGroup -rname=nsp://localhost:8080 -groupname=security_groupp
Required arguments:
rname :
URL of the realm from which the security group is being removed.
groupname :
Name of the security group to be removed.
Optional Parameters:
username :
Your Universal Messaging server username.
password :
Your Universal Messaging server password.
DumpACL
Note:
If you have only the Universal Messaging template applications installed, this tool can print output in plaintext and xml format. To print output in json format, you must have the realm server component installed.
Tool name:
DumpACL
Description:
Dumps all the ACL data for a realm.
Usage:
runUMTool DumpACL -rname=<rname> [optional_args]
Examples:
DumpACL -rname=nsp://localhost:8080
DumpACL -rname=nsp://localhost:8080 -format=XML
DumpACL -rname=nsp://localhost:8080 -format=JSON
Required arguments:
rname :
URL of the realm for which to dump the ACL data.
Optional Parameters:
format :
Which format to output ACL data. Defaults to plaintext, other
options are: plaintext, xml, json.
username :
Your Universal Messaging server username.
password :
Your Universal Messaging server password.
ModifyChannelACLEntry
Tool name:
ModifyChannelACLEntry
Description:
Updates an ACL entry on the specified channel for the specified user and
host, on the specified realm.
Usage:
runUMTool ModifyChannelACLEntry -channelname=<channelname> -rname=<rname>
-type=<type> [optional_args]
Examples:
ModifyChannelACLEntry -rname=nsp://localhost:8080 -channelname=channel0
-type=group -groupname=security_group0 -fullprivileges=true
ModifyChannelACLEntry -rname=nsp://localhost:8080 -channelname=channel0
-type=subject -user=username -host=127.0.0.1 -fullprivileges=true
Required arguments:
channelname :
Name of the channel on which the ACL entry is being updated.
rname :
URL of the server on which the channel exists.
type :
Type of ACL entry, either 'group' or 'subject'. If group is chosen,
'groupname' must be set. Otherwise 'user' and 'host' must be set.
Optional Parameters:
groupname :
Name of the group for which ACL is being updated.
user :
User for which ACL is being updated.
host :
Host for which ACL is being updated.
canlistacl :
Specify that the 'list' ACL permission should be added.
canmodifyacl :
Specify that the 'modify' ACL permission should be added.
fullprivileges :
Specify that the 'full permissions' ACL permission should be added.
cangetlasteid :
Specify that the 'get last EID' ACL permission should be added.
canread :
Specify that the 'read' ACL permission should be added.
canwrite :
Specify that the 'write' ACL permission should be added.
canpurge :
Specify that the 'purge' ACL permission should be added.
cannamed :
Specify that the 'named' ACL permission should be added.
username :
Your Universal Messaging server username.
password :
Your Universal Messaging server password.
ModifyContainerACLEntry
Tool name:
ModifyContainerACLEntry
Description:
AddContainerACLEntry adds an ACL entry on the specified container for the
specified user and host.
Usage:
runUMTool ModifyContainerACLEntry -containername=<containername> -rname=<rname>
-type=<type> [optional_args]
Examples:
ModifyContainerACLEntry -rname=nsp://localhost:8080 -containername=container0
-type=group -groupname=security_group0 -fullprivileges=true
ModifyContainerACLEntry -rname=nsp://localhost:8080 -containername=container0
-type=subject -user=username -host=127.0.0.1 -fullprivileges=true
Required arguments:
containername :
Name of the container to which the ACL entry is being applied.
rname :
URL of the server from which to start searching for the container.
type :
Type of ACL entry, either 'group' or 'subject'. If group is chosen,
'groupname' must be set. Otherwise 'user' and 'host' must be set.
Optional Parameters:
groupname :
Name of the group for which ACL is being updated.
user :
User for which ACL is being updated.
host :
Host for which ACL is being updated.
canlistacl :
Specify that the 'list' ACL permission should be added.
canmodifyacl :
Specify that the 'modify' ACL permission should be added.
fullprivileges :
Specify that the 'full permissions' ACL permission should be added.
cangetlasteid :
Specify that the 'get last EID' ACL permission should be added.
canread :
Specify that the 'read' ACL permission should be added.
canwrite :
Specify that the 'write' ACL permission should be added.
canpurge :
Specify that the 'purge' ACL permission should be added.
cannamed :
Specify that the 'named' ACL permission should be added.
canpop :
Specify that the 'pop' ACL permission should be added.
username :
Your Universal Messaging server username.
password :
Your Universal Messaging server password.
ModifyQueueACLEntry
Tool name:
ModifyQueueACLEntry
Description:
Updates an ACL entry on the specified queue for the specified user and host,
on the specified realm.
Usage:
runUMTool ModifyQueueACLEntry -queuename=<queuename> -rname=<rname> -type=<type>
[optional_args]
Examples:
ModifyQueueACLEntry -rname=nsp://localhost:8080 -queuename=queue0 -type=group
-groupname=security_group0 -fullprivileges=true
ModifyQueueACLEntry -rname=nsp://localhost:8080 -queuename=queue0 -type=subject
-user=username -host=127.0.0.1 -fullprivileges=true
Required arguments:
queuename :
Name of the queue on which the ACL entry is being updated.
rname :
URL of the server on which the queue exists.
type :
Type of ACL entry, either 'group' or 'subject'. If group is chosen,
'groupname' must be set. Otherwise 'user' and 'host' must be set.
Optional Parameters:
groupname :
Name of the group for which ACL is being updated.
user :
User for which ACL is being updated.
host :
Host for which ACL is being updated.
canlistacl :
Specify that the 'list' ACL permission should be added.
canmodifyacl :
Specify that the 'modify' ACL permission should be added.
fullprivileges :
Specify that the 'full permissions' ACL permission should be added.
canread :
Specify that the 'read' ACL permission should be added.
canwrite :
Specify that the 'write' ACL permission should be added.
canpurge :
Specify that the 'purge' ACL permission should be added.
canpop :
Specify that the 'pop' ACL permission should be added.
username :
Your Universal Messaging server username.
password : Your Universal Messaging server password.
ModifyRealmACLEntry
Tool name:
ModifyRealmACLEntry
Description:
Modifies an ACL entry on the specified realm for the specified user and host.
Usage:
runUMTool ModifyRealmACLEntry -rname=<rname> -type=<type> [optional_args]
Examples:
ModifyRealmACLEntry -rname=nsp://localhost:8080 -type=group
-groupname=security_group0 -fullprivileges=true
ModifyRealmACLEntry -rname=nsp://localhost:8080 -type=subject -user=username
-host=127.0.0.1 -fullprivileges=true
Required arguments:
rname :
URL of the realm on which ACL is being updated.
type :
Type of ACL entry, either 'group' or 'subject'. If group is chosen,
'groupname' must be set. Otherwise 'user' and 'host' must be set.
Optional Parameters:
groupname :
Name of the group for which ACL is being updated.
user :
User for which ACL is being updated.
host :
Host for which ACL is being updated.
canlistacl :
Specify that the 'list' ACL permission should be added.
canmodifyacl :
Specify that the 'modify' ACL permission should be added.
fullprivileges :
Specify that the 'full permissions' ACL permission should be added.
canuseadminapi :
Specify that the 'use admin api' ACL permission should be added.
canmanagerealms :
Specify that the 'manage realms' ACL permission should be added.
canmanagejoins :
Specify that the 'manage joins' ACL permission should be added.
canmanagechannels :
Specify that the 'manage channels' ACL permission should be added.
canaccess :
Specify that the 'access' ACL permission should be added.
canoverrideconnectioncount :
Specify that the 'override connection count' ACL permission should be added.
canconfigure :
Specify that the 'configuration' ACL permission should be added.
canmanagedatagroups :
Specify that the 'manage data groups' ACL permission should be added.
canpublishglobaldatagroups :
Specify that the 'publish global data groups' ACL permission should be added.
cantakeownershipdatagroups :
Specify that the 'take ownership of data groups' ACL permission should be added.
username :
Your Universal Messaging server username.
password :
Your Universal Messaging server password.
RemoveUserFromSecurityGroup
Tool name:
RemoveUserFromSecurityGroup
Description:
Removes a specified user from a given security group on the specified realm.
Usage:
runUMTool RemoveUserFromSecurityGroup -rname=<rname> -groupname=<groupname>
-user=<user> -host=<host> [optional_args]
Examples:
RemoveUserFromSecurityGroup -rname=nsp://localhost:8080
-groupname=security_group0 -user=username -host=127.0.0.1
Required arguments:
rname :
URL of the realm on which the security group resides.
groupname :
Name of the security group user is being removed from.
user :
User being removed from security group.
host :
Host of subject being removed from security group.
Optional Parameters:
username :
Your Universal Messaging server username.
password :
Your Universal Messaging server password.