Oracle

weblogic.security.acl
Class AbstractListableRealm

java.lang.Object
  extended by weblogic.security.acl.AbstractListableRealm
All Implemented Interfaces:
FlatGroup.Source, ListableRealm
Direct Known Subclasses:
AbstractManageableRealm

Deprecated. Deprecated in WebLogic Server 7.0. Replaced by a Pluggable Security Infrastructure that includes Authentication, Authorization, and Auditing providers.

public abstract class AbstractListableRealm
extends Object
implements ListableRealm, FlatGroup.Source

The Abstract Listable realm class is used to write custom security realms.

To implement a custom realm, you should only override the methods your realm knows about. For example, if your realm does not manage ACLs, you should not provide your own implementations of the ACL methods.

This class maintains a contract with the FlatGroup class for performance and correctness. If your realm provides a group abstraction, we recommend (but do not require) that your Group objects inherit from FlatGroup.

See Also:
FlatGroup

Constructor Summary
protected AbstractListableRealm(String auditName)
          Deprecated. Constructor to be called by public constructors in subclasses.
 
Method Summary
protected  User authCertificates(String userName, Vector certificates)
          Deprecated. Attempt authentication based on any X.509 certificates the user has presented.
 User authenticate(UserInfo userInfo)
          Deprecated. Check whether some User matches the presented UserInfo and accept its credentials.
protected  User authInternal(UserInfo userInfo)
          Deprecated. The authentication dispatcher.
protected  User authSSLCertificates(String userName, Vector certificates)
          Deprecated. Attempt authentication based on any SSL certificates the remote client has presented.
protected  User authUserPassword(String userName, String password)
          Deprecated. Attempt authentication based on a user name and password.
 Acl getAcl(String name)
          Deprecated. Retrieves an Access Control List (Acl) of that name, or null.
 Acl getAcl(String name, char separator)
          Deprecated. Retrieves an Access Control List (Acl) with the best matching name, or null.
 Principal getAclOwner(Object credential)
          Deprecated. Retrieves the owner of all ACLs in a BasicRealm, or null, depending on the validity of the passed credential.
 Enumeration getAcls()
          Deprecated. Gets an Enumeration of the Acls in a ListableRealm.
 Object getDelegator()
          Deprecated. Return the object that is delegating to this object.
 Group getGroup(String name)
          Deprecated. Retrieves a group of that name or null.
 Hashtable getGroupMembers(String name)
          Deprecated. This is not a public method.
protected  Hashtable getGroupMembersInternal(String name)
          Deprecated. Obtain the set of members of this group.
 Enumeration getGroups()
          Deprecated. Gets an Enumeration of the Groups in a ListableRealm.
 String getName()
          Deprecated. Gets the name of a BasicRealm.
 Permission getPermission(String name)
          Deprecated. Retrieves a permission object of that name or, if null is passed in, returns null.
 Enumeration getPermissions()
          Deprecated. Gets an Enumeration of the Permissions in a ListableRealm.
 User getUser(String name)
          Deprecated. Retrieves a User by the specified name, or null.
 User getUser(UserInfo userInfo)
          Deprecated. Deprecated in WebLogic Server 7.0.
 Enumeration getUsers()
          Deprecated. Gets an Enumeration of the in a ListableRealm.
 void init(String name, Object ownerCredential)
          Deprecated. Initializes a realm implementation.
 void load(String name, Object credential)
          Deprecated. Loads a BasicRealm from some persistent state identified in the name.
 void save(String name)
          Deprecated. Saves the realm to some persistent state identified in the name.
 void setDelegator(Object obj)
          Deprecated. Set the object that is delegating to this object.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

AbstractListableRealm

protected AbstractListableRealm(String auditName)
Deprecated. 
Constructor to be called by public constructors in subclasses. If you extend this class, you must provide a public no-arg constructor that calls this constructor.

Parameters:
auditName - the name of your realm, to be used when generating audit log events
Method Detail

init

public void init(String name,
                 Object ownerCredential)
          throws NotOwnerException
Deprecated. 
Initializes a realm implementation. Throws NotOwnerException on reinitialization if the owner credential is invalid.

Parameters:
name - Name of Realm
ownerCredential - Credentialed owner of a BasicRealm
Throws:
NotOwnerException - if the owner credential is invalid

getName

public String getName()
Deprecated. 
Gets the name of a BasicRealm.

Returns:
Name

getUser

public User getUser(String name)
Deprecated. 
Retrieves a User by the specified name, or null.

Parameters:
name - User name
Returns:
User object

getUser

public User getUser(UserInfo userInfo)
Deprecated. Deprecated in WebLogic Server 7.0.

Checks whether some User matches the presented UserInfo and accepts its credentials.

Parameters:
userInfo - Credentials to check against
Returns:
Authenticated User or null

authenticate

public User authenticate(UserInfo userInfo)
Deprecated. 
Check whether some User matches the presented UserInfo and accept its credentials.

By default, this implementation calls the authInternal method, and performs an audit log of the result.

Parameters:
userInfo - Credentials to check against
Returns:
Authenticated User or null
See Also:
AbstractListableRealm.authInternal(UserInfo userInfo)

authInternal

protected User authInternal(UserInfo userInfo)
Deprecated. 
The authentication dispatcher. This method is provided to allow realm implementors to change the order in which authentication steps take place. The default order is as follows:

For example, to give precedence to an SSL client's certificates, you can simply reimplement this method and change the order in which it calls the above methods.

Parameters:
userInfo - authentication information
Returns:
authenticated user, or null if authentication failed
See Also:
AbstractListableRealm.authCertificates(java.lang.String, java.util.Vector), AbstractListableRealm.authUserPassword(java.lang.String, java.lang.String), AbstractListableRealm.authSSLCertificates(java.lang.String, java.util.Vector)

authCertificates

protected User authCertificates(String userName,
                                Vector certificates)
Deprecated. 
Attempt authentication based on any X.509 certificates the user has presented. Each element in the vector is an X509 object.

The default implementation of this method calls CertAuthentication.authenticate.

Parameters:
userName - the name of the user
certificates - a vector containing X509 objects
Returns:
authenticated user, or null if authentication failed
See Also:
CertAuthentication.authenticate(java.lang.String, java.util.Vector, boolean)

authSSLCertificates

protected User authSSLCertificates(String userName,
                                   Vector certificates)
Deprecated. 
Attempt authentication based on any SSL certificates the remote client has presented. Each element in the vector is an X509 object. If the connection was not established using two-way SSL authentication, this method will not be called.

The default implementation of this method calls CertAuthentication.authenticate.

Parameters:
userName - the name of the user
certificates - a vector containing X509 objects
Returns:
authenticated user, or null if authentication failed
See Also:
AbstractListableRealm.authCertificates(java.lang.String, java.util.Vector)

authUserPassword

protected User authUserPassword(String userName,
                                String password)
Deprecated. 
Attempt authentication based on a user name and password. The password is usually presented as plain text.

The default implementation of this method always returns null.

Parameters:
userName - the name of the user
password - the user's plain text password
Returns:
authenticated user, or null if authentication failed

getAclOwner

public Principal getAclOwner(Object credential)
Deprecated. 
Retrieves the owner of all ACLs in a BasicRealm, or null, depending on the validity of the passed credential.

Parameters:
credential - Credentials of an owner
Returns:
Principal that is a BasicRealm owner

getGroupMembers

public Hashtable getGroupMembers(String name)
Deprecated. 
This is not a public method. It is provided to manage the contract between FlatGroup and classes that inherit from AbstractListableRealm. It is called if the membership cache of a FlatGroup object expires.

This method tries to look for a cached Group object that has the given name. If it finds it and the object has a set of members, it returns those members. Otherwise, it calls the getGroupMembersInternal method.

Specified by:
getGroupMembers in interface FlatGroup.Source
Parameters:
name - the group for which to obtain membership information
Returns:
table mapping principal names to Principal objects
See Also:
FlatGroup, AbstractListableRealm.getGroupMembersInternal(String name)

getGroupMembersInternal

protected Hashtable getGroupMembersInternal(String name)
Deprecated. 
Obtain the set of members of this group. This method is called if the membership cache of a FlatGroup object expires. It should return a Hashtable mapping from principal names to Principal objects. If the group being requested no longer exists, it should return null.

See Also:
Principal

getGroup

public Group getGroup(String name)
Deprecated. 
Retrieves a group of that name or null.

Parameters:
name - Name of group
Returns:
Group that matches name

getAcl

public Acl getAcl(String name)
Deprecated. 
Retrieves an Access Control List (Acl) of that name, or null.

Parameters:
name - Name of ACL associated with a BasicRealm
Returns:
Acl object

getAcl

public Acl getAcl(String name,
                  char separator)
Deprecated. 
Retrieves an Access Control List (Acl) with the best matching name, or null. A name matches if it is a prefix. The longer the prefix, the better the match. The only prefixes considered are up to, but excluding the separator character. For example: getAcl("/files/personal/bill", '.') looks for Acls named files.personal.bill, files.personal, and files and returns the one with the longest name.

Parameters:
name - Name of the Acl to retrieve
separator - Character separator
Returns:
Acl object

getPermission

public Permission getPermission(String name)
Deprecated. 
Retrieves a permission object of that name or, if null is passed in, returns null. If the named permission does not exist, then it will be created and put in the list of permissions. If you pass in null, null will be returned.

Parameters:
name - Name of permission to retrieve
Returns:
Permission object

load

public void load(String name,
                 Object credential)
          throws ClassNotFoundException,
                 IOException,
                 NotOwnerException
Deprecated. 
Loads a BasicRealm from some persistent state identified in the name. Different implementations differ in how they are stored persistently and how they interpret the name.

Parameters:
name - Name of BasicRealm to load
credential - Credentialed owner of a BasicRealm
Throws:
ClassNotFoundException - if the BasicRealm cannot be found
IOException - if there is an I/O error
NotOwnerException - if the credential does not match an owner

save

public void save(String name)
          throws IOException
Deprecated. 
Saves the realm to some persistent state identified in the name. Different implementations differ in how they are stored persistently and how they interpret the name.

Parameters:
name - Name to save under
Throws:
IOException - if there is an I/O error

getUsers

public Enumeration getUsers()
Deprecated. 
Gets an Enumeration of the in a ListableRealm. The enumerated objects are of instance User.

Specified by:
getUsers in interface ListableRealm
Returns:
Enumeration of User objects

getGroups

public Enumeration getGroups()
Deprecated. 
Gets an Enumeration of the Groups in a ListableRealm. The enumerated objects are of instance Group.

Specified by:
getGroups in interface ListableRealm
Returns:
Enumeration of Group objects

getAcls

public Enumeration getAcls()
Deprecated. 
Gets an Enumeration of the Acls in a ListableRealm. The enumerated objects are of instance Acl.

Specified by:
getAcls in interface ListableRealm
Returns:
Enumeration of Acl objects

getPermissions

public Enumeration getPermissions()
Deprecated. 
Gets an Enumeration of the Permissions in a ListableRealm. The enumerated objects are of instance Permission.

Specified by:
getPermissions in interface ListableRealm
Returns:
Enumeration of Permission objects

setDelegator

public void setDelegator(Object obj)
Deprecated. 
Set the object that is delegating to this object. A realm that delegates to this realm for some functions should call this method so that this realm knows it is being delegated to.


getDelegator

public Object getDelegator()
Deprecated. 
Return the object that is delegating to this object. If there is no delegator, null is returned.


Documentation is available at
http://download.oracle.com/docs/cd/E12839_01/web.1111
Copyright 1996,2009, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners.

Part Number E13941-01
Oracle WebLogic Server 10.3.1 API Reference