Application role migration from DEV to UAT
Deva
1) To migrate security there is a WLST method called as MigrateSecurityStore which can move the roles from one system-jazn-data.xml to the other. To do that, we need to first copy the system-jazn-data.xml from Dev instance to the Prod instance (to a temporary directory). In the same way copy the system-jazn-data.xml from the Prod instance to the temporary directory.
2) Take a backup of all these files before doing the migration. Now, copy the jps-config.xml from any one of the instances (Dev or Prod) to the temporary Directory. And rename the file to jps-config-policy.xml.
3) Open up the jps-config-policy.xml. You will notice that this file contains all the details about all the stores in the environment. Now, for policy migration, we need to basically use this file to point to the locations of the Dev and Prod (source & target) system-jazn-data.xml files. Also, since we are doing only policy migration, we do not need the other store related tags within this file. Remember that we are modifying only a copy of the jps-config.xml. This copy file will be used only for migration.
You will need the following lines for migration:
<!-- JPS XML Policy Store Service Instance -->
<serviceInstance name="policystore.xml" provider="policystore.xml.provider" location="c:/temp/dev/system-jazn-data.xml">
<description>File Based Policy Store Service Instance</description>
</serviceInstance>
<serviceInstance name="policystore.xml" provider="policystore.xml.provider" location="c:/temp/prod/system-jazn-data.xml">
<description>File Based Policy Store Service Instance</description>
</serviceInstance>
4) Now that we have our jps-config file ready, navigate to the temporary directory from command prompt and initialize the WLST using the following command.
In WLST, application role migration can be done even in offline mode. So, effectively there is no need for us to connect to the weblogic admin server. In offline interactive mode, fire the following command
migrateSecurityStore(type=”appPolicies”, srcApp=”obi”, configFile=”C:/SecurityMigration/jps-config-policy.xml”, src=”sourceFileStore”, dst=”targetFileStore”, overWrite=”false”)
2) Take a backup of all these files before doing the migration. Now, copy the jps-config.xml from any one of the instances (Dev or Prod) to the temporary Directory. And rename the file to jps-config-policy.xml.
3) Open up the jps-config-policy.xml. You will notice that this file contains all the details about all the stores in the environment. Now, for policy migration, we need to basically use this file to point to the locations of the Dev and Prod (source & target) system-jazn-data.xml files. Also, since we are doing only policy migration, we do not need the other store related tags within this file. Remember that we are modifying only a copy of the jps-config.xml. This copy file will be used only for migration.
You will need the following lines for migration:
<!-- JPS XML Policy Store Service Instance -->
<serviceInstance name="policystore.xml" provider="policystore.xml.provider" location="c:/temp/dev/system-jazn-data.xml">
<description>File Based Policy Store Service Instance</description>
</serviceInstance>
<serviceInstance name="policystore.xml" provider="policystore.xml.provider" location="c:/temp/prod/system-jazn-data.xml">
<description>File Based Policy Store Service Instance</description>
</serviceInstance>
4) Now that we have our jps-config file ready, navigate to the temporary directory from command prompt and initialize the WLST using the following command.
In WLST, application role migration can be done even in offline mode. So, effectively there is no need for us to connect to the weblogic admin server. In offline interactive mode, fire the following command
migrateSecurityStore(type=”appPolicies”, srcApp=”obi”, configFile=”C:/SecurityMigration/jps-config-policy.xml”, src=”sourceFileStore”, dst=”targetFileStore”, overWrite=”false”)
Thanks
Deva
No comments:
Post a Comment