PingAuthorize

About the dsconfig tool

The dsconfig tool provides a command-line interface to configure the underlying server configuration.

Use the dsconfig tool whenever you administer the server from a shell. When run without arguments, dsconfig enters an interactive mode that lets you browse and update the configuration from a menu-based interface. Use this interface to list, update, create, and delete configuration objects.

When viewing any configuration object in dsconfig, use the d command to display the command line that is necessary to recreate a configuration object. You can use a command line in this form directly from a shell or placed in a dsconfig batch file, along with other commands.

Batch files are a powerful feature that enable scripted deployments. By convention, these scripts use a file extension of dsconfig. Batch files support comments by using the # character, and they support line continuation by using the \, or backslash, character.

Example

This example dsconfig script configures the PingAuthorize Server policy service.

# Define an external  {pingauthorize}  PAP
dsconfig create-external-server \
  --server-name "{pingauthorize}  {PAP_Name}" \
  --type policy \
  --set base-url:http://localhost:4200 \
  --set user-id:admin \
  --set "branch:Default Policies"

# Configure the policy service
dsconfig set-policy-decision-service-prop \
  --type scim \
  --set pdp-mode:external \
  --set "policy-server:{pingauthorize}  PAP" \
  --set "decision-response-view:request" \
  --set "decision-response-view:decision-tree"

Example

To load a dsconfig batch file, run dsconfig with the --batch-file argument.

$  {pingauthorize}/bin/dsconfig -n --batch-file example.dsconfig

Batch file 'example.dsconfig' contains 2 commands.

Pre-validating with the local server ..... Done

Executing: create-external-server -n --server-name "{pingauthorize}  PAP" --type policy --set base-url:http://localhost:4200 --set "branch:Default Policies"

Arguments from tool properties file:  --useSSL  --hostname localhost --port 8636 --bindDN cn=root --bindPassword * --trustAll

The Policy External Server was created successfully.

Executing: set-policy-decision-service-prop -n --set pdp-mode:external --set "policy-server:{pingauthorize}  PAP" --set
decision-response-view:request --set decision-response-view:decision-tree

The Policy Decision Service was modified successfully.