Updating the security schema

This section describes an example of the process to update the security schema of a deployment in a Docker environment. To update the security schema in a deployment, you need to update the Information Store database and restart the application server.

Updating the security schema includes the following high-level steps:

• Removing the Liberty containers
• Modifying the security schema file
• Starting Liberty containers
  • When you start Liberty, the security schema that it caches from the database is updated
• Updating the Information Store
• Running the Liberty containers
• Validating database consistency

The examples/pre-prod/walkthroughs/configuration-changes/updateSecuritySchemaWalkthrough.sh script is a worked example that demonstrates how to update the security schema in a containerized environment.

Note: Before you complete this walkthrough, reset your environment to the base configuration. For more information, see Resetting your environment.

Removing the Liberty containers

Before you update the security schema in the Information Store, you remove the Liberty containers. To remove the containers, run the following docker commands:

docker stop liberty1 liberty2
docker rm liberty1 liberty2

See the Removing the Liberty containers section of the walkthrough script.

Modifying your security schema

In the examples/pre-prod/walkthroughs/configuration-changes/updateSecuritySchemaWalkthrough.sh script, the updateSecuritySchemaFile function copies a modified security-schema.xml from the walkthroughs/configuration-changes directory to the configuration/fragments/common/WEB-INF/classes/ directory. For more information about the structure of the security schema, see The i2 Analyze security schema.

The build_liberty_configured_image_for_pre_prod server function builds the configured Liberty image. For more information, see Building a configured Liberty image. See the Modifying the security schema section of the walkthrough script.

Validating your schema

After you modify the security schema, you can use the validateSchemaAndSecuritySchema.sh tool to validate it. If the security schema is invalid, errors are reported. See the Validating the security schema section of the walkthrough script.

The run_i2_analyze_tool client function is used to run the validateSchemaAndSecuritySchema.sh tool.

• run_i2_analyze_tool
• validateSchemaAndSecuritySchema

Updating the Information Store

See the Updating the Information Store section of the walkthrough script.

The run_i2_analyze_tool client function is used to run the updateSecuritySchema.sh tool.

• run_i2_analyze_tool
• updateSecuritySchema

Running the Liberty containers

The run_liberty server function runs a Liberty container. For more information about running a Liberty container, see Liberty.
See the Running the Liberty containers section of the walkthrough script.

Note: You must run both Liberty containers.

The wait_for_i2_analyze_service_to_be_live common function ensures that Liberty is running.

Validating database consistency

After the system has started, the dbConsistencyCheckScript.sh tool is used to check the state of the database after the Information Store tables are modified. See the Validating database consistency section of the walkthrough script.

The run_i2_analyze_tool client function is used to run the db_consistency_check_script.sh tool.

• run_i2_analyze_tool
• dbConsistencyCheckScript