Maintaining OWSM Policy Repository - Best Practices - 11g
By Prakash Yamuna-Oracle on Sep 16, 2011
OWSM provides a number of WLST commands that can help in maintaining the WSM Policy Repository. This includes upgrading the repository, rebuilding the repository, etc.
These are documented in the section "Maintaining the Oracle WSM Repository" . In this post I will briefly examine when one should consider using this based on a customer interaction.
Recently an OWSM customer ran into the issue where one of the policies we ship Out of the Box disappeared from the WSM Policy Repository in the customer installation. Unfortunately - this policy was being used to secure some of the web services in the installation.
So the first question is when may this occur?
- Well the Out of the Box policies we ship can be deleted. So somebody may have deleted it! [Side Note: I think we need to see if we need to improve our story here in future releases]. OR
- Something may have failed when we initially seed the repository with the Out of the Box policies.
In any case how do we recover from this? There are two WLST commands that you should be aware of that might be helpful:
a) upgradeWSMPolicyRepository() - the details of how to use this command are here.
b) resetWSMPolicyRepository(false) and resetWSMPolicyRepository(true) - the details of how to use this command are here.
In this case the customer ran the resetWSMPolicyRepository(true) command. The customer got the missing Out of the Box policies back but LOST all the custom policies that they had in the repository
First the customer should have used resetWSMPolicyRepository(false) command rather than resetWSMPolicyRepository(true). There is no way to undo this operation! Hence my next tip:
ALWAYS take a backup of the repository before you run these commands! How do you take a backup? There are several ways:
- You can take a database backup
- You can take a backup by exporting out the contents of the WSM Policy Repository (see this section for more details)