Loading access control policy definitions and other policy-related elements

To load access control policy definitions, run the acpload script. This script loads the following elements: <Action>, <ActionGroup>, <Attribute>, <ResourceCategory>, <ResourceGroup>, <Relation>, <RelationGroup>, <Policy>, <PolicyGroup>.

  1. To load the access groups and access control policies, you need to run the following related utilities in this sequence:
    1. acugload (loads the user access group definitions)
    2. acpload (loads the main access control policy)
    3. acpnlsload (loads the display names and descriptions)
  2. If you create customized XML files, you need to copy them into the following directory to have them loaded into the databases.
    • Linuxutilities_root /xml/policies/xml
    • HCL Commerce DeveloperWCDE_installdir \xml\policies\xml
  3. When creating a custom policy, do not alter the defaultAccessControlPolicies.xml file. Use this file as a reference to see the structure when creating a custom policy.

Procedure

  1. Ensure that you have loaded the user access group definitions.
  2. Copy your customized access control policy files to the following directory:
    • Linuxutilities_root /xml/policies/xml
    • HCL Commerce DeveloperWCDE_installdir \xml\policies\xml

    The customized XML files must conform to the accesscontrolpolicies.dtd file in the following directory:

    • Linuxutilities_root /xml/policies/dtd
    • HCL Commerce DeveloperWCDE_installdir \xml\policies\dtd
  3. To run the utility:

    You must login as a user which has the following permissions:

    • Read/write/execute authority to these directories, subdirectories, and files.
      • Linuxutilities_root/xml/policies and utilities_root/logs
      • HCL Commerce DeveloperWCDE_installdir\xml\policies and WCDE_installdir\logs
    • Read/execute authority to the following directory and its files.
      • Linuxutilities_root /bin
      • HCL Commerce DeveloperWCDE_installdir \bin

      If the user does not have the required authority, you need to grant this authority using the chmod command.

  4. From the Linuxutilities_root/bin or HCL Commerce DeveloperWCDE_installdir\bin directory, type the following:
    • Linux./acpload.sh policies_xml_file
    • HCL Commerce Developer.\acpload.sh policies_xml_file

    where:

    policies_xml_file
    Required: The input policy XML file that specifies what policy data to load into the database.
    • For example: Linux
      ./acpload.sh opt/WebSphere/CommerceServer90/xml/policies/xml/defaultAccessControlPolicies.xml
  5. Check for errors in the log files. Note that errors might not appear on the command line.
    1. Check the wc-acTransform.log and wc-acLoad.log files in the following directory:
      • Linux utilities_root/logs
      • HCL Commerce DeveloperWCDE_installdir\logs
    2. Any error files generated in the Linuxutilities_root/xml/policies/xml or HCL Commerce DeveloperWCDE_installdir\xml\policies\xml directory.
  6. Update the registries: Access Control Policies and Access Control Policy Groups.