uCosminexus Application Server, Security Management Guide
![[Contents]](FIGURE/CONTENT.GIF)
![[Index]](FIGURE/INDEX.GIF)
![[Back]](FIGURE/FRONT.GIF)
![[Next]](FIGURE/AFTER.GIF)
ssoimport (Registering the single sign-on information repository)
Format
ssoimport {-a|-m|-d|-x} [-p] [-scramble] csvfile_name useradmin_configfile
Function
This registers the CSV file obtained from the application that manages users (or the CSV file that is obtained from the application and then edited) in the single sign-on information repository. The actual data in the item ID "SECRETDATA" is encrypted when it is registered in the single sign-on information repository.
This command can be executed by the users with root privilege or permissions to execute the command. To learn more about how to grant permissions to execute the command to specific users, see mngenvsetup (Configuring management groups) in the uCosminexus Application Server Command Reference Guide.
Arguments
- -a
- This adds the file content specified by <csvfile_name> to the single sign-on information repository. When the user entry already exists in the single sign-on information repository, it outputs a warning message without adding the user entry, and then it continues the next process.
- -m
- This overwrites the single sign-on information repository with the file content specified by <csvfile_name>. When the user entry is not present in the single sign-on information repository, it adds the user entry.
- -d
- This deletes the file content specified by <csvfile_name> from the single sign-on information repository. When the user entry is not present in the single sign-on information repository, it outputs a warning message and continues the next process.
- -x
- This updates the single sign-on information repository according to the line operation instruction. For details about the line operation of CSV single sign-on authentication information files, see 14.4 CSV files containing single sign-on authentication information.
- -p
- This outputs the list of realm and user names that are added, changed, or updated in the standard output.
- -scramble
- Use this argument when passwords are scrambled by using the password change command (uachpw).
- <csvfile_name>
- This specifies the CSV file to be registered in the single sign-on information repository.
- <useradmin_configfile>
- This specifies the integrated user management configuration file (ua.conf).
Input
In the following example, userdata.csv is the CSV file to be registered, and ua.conf is the single sign-on configuration file.
- To add the CSV file content to the single sign-on information repository:
ssoimport -a userdata.csv ua.conf
- To delete the CSV file content from the single sign-on information repository:
ssoimport -d userdata.csv ua.conf
- To register the CSV file content in the single sign-on information repository in accordance with the operation specified in the actual data under OPERATION:
ssoimport -x userdata.csv ua.conf
Output messages
The ssoimport command reads each line of the CSV file specified by the option and registers (changes or deletes) it in the single sign-on information repository. When the command is executed with the -p option, it outputs the information regarding the execution in the standard output. Note that warning and error messages occurred at the execution are output in the standard error output.
When the command is executed without the -p option, it outputs "results" only.
The following figure shows an example of output.
Figure 13-1 Example of the "ssoimport" command output (in Windows)
![[Figure]](FIGURE/ZU130100.GIF)
Figure 13-2 Example of the "ssoimport" command output (in UNIX)
![[Figure]](FIGURE/ZU130200.GIF)
The information about the execution is shown under OPERATION, REALMNAME, and USERID.
- Information about the execution
- The corresponding information under the OPERATION, REALMNAME, and USERID headers are displayed together with the warning and error messages generated during the execution.
- OPERATION
- One of the operation types listed in the following table is displayed.
Table 13-3 ssoimport command operation types
| Item |
Description |
| add |
The information has been added. |
| modify |
The information has been changed (overwritten). |
| delete |
The information has been deleted. |
- REALMNAME
- The target realm name is displayed. The value is specified in "REALMNAME" of the CSV file.
- USERID
- The target user ID is displayed. The value is specified in "USERID" of the CSV file.
- Execution results
- The following table lists the execution results to be displayed.
Table 13-4 ssoimport command execution results
| Item |
Description |
| Total |
This indicates the number of target lines. |
| ADD |
This indicates the number of entries added to the single sign-on information repository. |
| MODIFY |
This indicates the number of entries changed in the single sign-on information repository. |
| DELETE |
This indicates the number of entries deleted from the single sign-on information repository. |
| WARNING |
This indicates the number of warning messages generated during the execution. |
Notes
- When deleting the user information of the JAAS user management application, execute ssoexport to obtain the user information, delete the users of the application that manages users, and then update the information with the -m option.
- Do not execute the ssoexport and ssoimport commands simultaneously.
- Integrity is not ensured for the application that manages users at the destination registered by the ssoimport command. In other words, no error occurs even when the corresponding realm entry (or user entry) is not present in the single sign-on information repository. Be aware that no information is output when the ssoexport command is executed to reference the information. For the application that manages users at the destination, the ssoexport command outputs the value that corresponds to the realm entry immediately below the base DN.
All Rights Reserved. Copyright (C) 2013, Hitachi, Ltd