Creating a Security Policy File

You can create a security policy file to specify security settings across metaspaces, and bind metaspaces to security domains.

1. Start the as-admin utility:

   as-admin

2. At the as-admin command prompt, enter:

   create security_policy policy_name "mypolicy/mydomain"
[encrypt <boolean>][validity_days <integer>] 
   policy_file <policy_filename>

   For example

   create security_policy policy_name "mypolicy/mydomain" encrypt true 
   validity_days 100 policy_file "acme_policy.txt"

   where:

   policy_name

    Is an optional parameter that specifies the name of the security policy and security domain that is created. If you do not specify this parameter, a policy named AS-POLICY and a domain named AS-DOMAIN are created.

   encrypt

    Is an optional parameter that indicates whether the identity for the domain is to be encrypted. Each policy can have one or more domains.The default is encrypt true.

   validity_days 

   An integer that specifies how long the domain ID that the command creates remains valid. The default value is 365 days.

   policy_filename

    Specifies the name of the policy file that is created.

3. You are prompted to enter a domain password:

   New domain password [mydomain]:

4. Enter a password for the domain.
5. You are prompted to verify the domain password.

   Verifying - New domain password [mydomain]:

6. Re-enter the password to confirm it.

   A message appears indicating that the policy was created; for example:

   Policy created at: acme_policy.txt

   Attention: When using security, the Discovery URL is set on both, the policy and token files. Members using either the policy or the token file should not explicitly specify the Discovery URL in the command line parameters of the as-admin agent.