The extraction process reads the access control policy and access group information in
the database and generates files that capture the information in XML format. The extraction utility
uses an input filter XML file to specify which data to extract from the database. You can extract
all access group and policy data, all access group data, or all access group and policy data that is
owned by a particular organization.
About this task
Maintain consistency between the XML files and the access control information in the database. By
maintaining this consistency:
- When you create an instance of HCL Commerce, the policy and access group definitions
are loaded from the XML files.
- The XML files offer a convenient way to directly view and edit your policies and their component
parts so keeping the files up-to-date is essential.
When you finalize and test your policy changes, update the XML files to keep them in sync with
policy information in the databases. For a description of the different XML files that are related
to access control policies and access groups, see Defining
access control policy elements using XML. Explanations on how to extract policy changes from
the databases into the XML files and how to load the policy information from the XML files into the
databases are also included.
To extract data, use the appropriate filter file:
Procedure
-
If you are extracting access group and policy data for a particular organization, edit the
OrganizationPoliciesFilter.xml filter file to specify the organization ID. The
OrganizationPoliciesFilter.xml is in the following directory:
-
WCDE_installdir/xml/policies/xml
Search for all instances of "member_id" and modify the associated value to the organizational ID
for which you want to extract the policies.
-
To run the utility:
You must log in as a user that has the following
permissions:
-
From the utilities_root/bin directory, type the
following command.
acpextract.sh database_name
database_user
database_user_password
filter_file
schema_name
where:
- database_name
- (Mandatory). Name of the database in which to load the policy.
- database_user
- (Mandatory). Name of the database user who can connect to the database.
- database_user_password
- (Mandatory). The associated password for the database user.
- filter_file
- (Mandatory).
- ACPoliciesfilter.xml
- Extracts all access group and policy data.
- ACUserGroupsFilter.xml
- Extract all access group data.
- OrganizationPoliciesFilter.xml
- Extract all access group and policy data for a particular organization. Before you use this
file, ensure that it is edited to specify the organization ID. The policy data that is owned by this
organization ID is extracted.
- schema_name
- The name of target database schema. This name is normally the same as
database_user. If you have a single schema, this parameter is optional. If you
have multiple schemas, such as a base and workspace schema, this parameter is mandatory. Run the
access control policy extraction utility from the base schema.
For example:
./acpextract.sh mall dbuser dbusrpwd
ACPoliciesfilter.xml
-
Check for errors in the log files. Errors might not display on the command line.
- Check the acpextract.log and
messages.txt files in the following directory:
utilities_root/logs
- Any error files that are generated in
utilities_root/xml/policies/xml directory.
The following files are created
utilities_root/xml/policies/xml directory.
- ExtractedACPolicies.xml
- Contains data that is extracted by the acpextract utility for the filter criteria.
- ExtractedACPolicies.dtd
- The DTD for the ExtractedACPolicies.xml file.
- AccessControlUserGroups.xml
- The file that contains the access group definitions.
- AccessControlPolicies.xml
- The file that contains the language-independent access control policy information.
- AccessControlPolicies_ locale.xml
- The language-dependent access control policies file that contains the display names and
descriptions.