SAMLIdentityAsserterV2MBean


Overview  |   Related MBeans  |   Attributes  |   Operations

Overview

This MBean represents configuration information for the SAML Identity Assertion V2 provider.

Deprecation of MBeanHome and Type-Safe Interfaces

This is a type-safe interface for a WebLogic Server MBean, which you can import into your client classes and access through weblogic.management.MBeanHome. As of 9.0, the MBeanHome interface and all type-safe interfaces for WebLogic Server MBeans are deprecated. Instead, client classes that interact with WebLogic Server MBeans should use standard JMX design patterns in which clients use the javax.management.MBeanServerConnection interface to discover MBeans, attributes, and attribute types at runtime. For more information, see "Developing Manageable Applications with JMX" on http://edocs.bea.com.

   
Fully Qualified Interface NameIf you use the getMBeanInfo operation in MBeanTypeServiceMBean, supply the following value as this MBean's fully qualified interface name:
weblogic.security.providers.saml.SAMLIdentityAsserterV2MBean
Factory Methods No factory methods. Instances of this MBean are created automatically.
Access Points Inherited from AuthenticationProviderMBean Because this MBean extends or implements AuthenticationProviderMBean, you can also access this MBean by retrieving AuthenticationProviderMBeans. The following attributes contain AuthenticationProviderMBeans and its subtypes:


    Related MBeans

    This section describes attributes that provide access to other MBeans.


      Realm

      Returns the realm that contains this security provider. Returns null if this security provider is not contained by a realm.

             
      Privileges Read only
      TypeRealmMBean
      Relationship type: Reference.


      Attributes

      This section describes the following attributes:


      ActiveTypes

      The token types active for this SAML Identity Assertion V2 provider.

             
      Privileges Read/Write
      Typeclass java.lang.String[]
      Default Value SAML.Assertion SAML.Assertion64 SAML.Assertion.DOM

      Base64DecodingRequired

      Base64 decoding is not required for the WebLogic SAML Identity Assertion V2 provider.

             
      Privileges Read/Write
      Typeboolean

      Description

      A short description of this SAML Identity Assertion V2 provider.

             
      Privileges Read only
      Typejava.lang.String
      Default ValueWebLogic SAML Identity Assertion Provider. Supports Security Assertion Markup Language v1.1.
      Redeploy or Restart required Changes take effect after you redeploy the module or restart the server.

      MinimumParserPoolSize

      The minimum number of parsers to maintain in the parser pool.

             
      Privileges Read/Write
      Typeint
      Default Value5
      Minimum value0

      Name

             
      Privileges Read only
      Typejava.lang.String
      Default ValueSAMLIdentityAsserterV2
      Redeploy or Restart required Changes take effect after you redeploy the module or restart the server.

      NameMapperClassName

      The name of the Java class that maps SAML Assertion name information to local Subjects. When no mapper is supplied the default mapper implemention is used.

             
      Privileges Read/Write
      Typejava.lang.String
      Default Value

      ProviderClassName

      The name of the Java class used to load the SAML Identity Assertion V2 provider.

             
      Privileges Read only
      Typejava.lang.String
      Default Valueweblogic.security.providers.saml.SAMLIdentityAsserterV2ProviderImpl
      Redeploy or Restart required Changes take effect after you redeploy the module or restart the server.

      SupportedExportConstraints

      A SAML Partner Registry can export all partners, no partners, only enabled partners, only disabled partners or a list of partners. It can export all certificates, no certificates, only certificates referenced by partners, or a list of certificates.

             
      Privileges Read only
      Typeclass java.lang.String[]
      Default Value Partners Certificates Passwords
      Redeploy or Restart required Changes take effect after you redeploy the module or restart the server.

      SupportedExportFormats

      A SAML Partner Registry may be exported as an XML document.

             
      Privileges Read only
      Typeclass java.lang.String[]
      Default Value XML Partner Registry JKS KeyStore LDIF Template
      Redeploy or Restart required Changes take effect after you redeploy the module or restart the server.

      SupportedImportConstraints

      A SAML Partner Registry can import all partners, no partners, only enabled partners, only disabled partners or a list of partners. It can import all certificates, no certificates, only certificates referenced by partners, or a list of certificates. The import mode can be rename, replace or fail for conflict resolution.

             
      Privileges Read only
      Typeclass java.lang.String[]
      Default Value Partners Certificates ImportMode
      Redeploy or Restart required Changes take effect after you redeploy the module or restart the server.

      SupportedImportFormats

      A SAML Partner Registry can import partner information and certificates from an XML document.

             
      Privileges Read only
      Typeclass java.lang.String[]
      Default Value XML Partner Registry JKS KeyStore
      Redeploy or Restart required Changes take effect after you redeploy the module or restart the server.

      SupportedTypes

      The token types supported by this SAML Identity Assertion V2 provider.

             
      Privileges Read only
      Typeclass java.lang.String[]
      Default Value SAML.Assertion SAML.Assertion64 SAML.Assertion.DOM
      Redeploy or Restart required Changes take effect after you redeploy the module or restart the server.

      Version

      The version number of this SAML Identity Assertion V2 provider.

             
      Privileges Read only
      Typejava.lang.String
      Default Value2.0
      Redeploy or Restart required Changes take effect after you redeploy the module or restart the server.


      Operations

      This section describes the following operations:


      addAssertingParty

      Adds a new SAMLAssertingParty to the registry. <p> Throws InvalidParameterException if the partner object fails validation. Throws CreateException if an error occurs during creation of the object.

         
      Operation Name"addAssertingParty"
      ParametersObject [] {  assertingParty }

      where:

      • assertingParty is an object of type weblogic.security.providers.saml.registry.SAMLAssertingParty that specifies:

        - The new asserting party to add.

      SignatureString [] { "weblogic.security.providers.saml.registry.SAMLAssertingParty" }
      Returns void
      Exceptions
      • weblogic.management.utils.InvalidParameterException
      • weblogic.management.utils.CreateException

      advance

      Advances the list to the next element in the list.

         
      Operation Name"advance"
      ParametersObject [] {  cursor }

      where:

      • cursor is an object of type java.lang.String that specifies:

        - The cursor returned from a previous list method.

      SignatureString [] { "java.lang.String" }
      Returns void
      Exceptions
      • weblogic.management.utils.InvalidCursorException

      assertingPartyExists

      Determines whether or not a asserting party exists for the given partnerId. <p> Returns true if the asserting party is found, false if not. <p> Throws InvalidParameterException if partnerId is empty or null.

         
      Operation Name"assertingPartyExists"
      ParametersObject [] {  partnerId }

      where:

      • partnerId is an object of type java.lang.String that specifies:

        - The partnerId of the asserting party.

      SignatureString [] { "java.lang.String" }
      Returns boolean
      Exceptions
      • weblogic.management.utils.InvalidParameterException

      certificateExists

      Determines whether or not a certificate has been registered under the given alias. <p> Returns true if a certificate is registered under that alias, false if not. <p> Throws InvalidParameterException if alias is empty or null.

         
      Operation Name"certificateExists"
      ParametersObject [] {  alias }

      where:

      • alias is an object of type java.lang.String that specifies:

        - The alias the certificate is registered under. It must not be empty or null. Aliases are case-insensitive.

      SignatureString [] { "java.lang.String" }
      Returns boolean
      Exceptions
      • weblogic.management.utils.InvalidParameterException

      close

      Indicates that the caller is finished using the list, and that the resources held on behalf of the list may be released. If the caller traverses through all the elements in the list, the caller need not call this method. In other words, it is used to let the caller close the list without reading each element that is returned.

         
      Operation Name"close"
      ParametersObject [] {  cursor }

      where:

      • cursor is an object of type java.lang.String that specifies:

        - The cursor returned from a previous list method.

      SignatureString [] { "java.lang.String" }
      Returns void
      Exceptions
      • weblogic.management.utils.InvalidCursorException

      copyToDER

      Writes a certificate in the registry to a file in DER binary format. <p> Throws NotFoundException if the alias does not exist in the registry. <p> Throws InvalidParameterException if alias or certificateFile is empty or null or if the file cannot be written to.

         
      Operation Name"copyToDER"
      ParametersObject [] {  aliascertificateFile }

      where:

      • alias is an object of type java.lang.String that specifies:

        - The alias the certificate is registered under. It must not be empty or null. Aliases are case-insensitive.

      • certificateFile is an object of type java.lang.String that specifies:

        - The pathname (relative to the directory the admin server is booted from) of the file to write the certificate to.

      SignatureString [] { "java.lang.String", "java.lang.String" }
      Returns void
      Exceptions
      • weblogic.management.utils.NotFoundException
      • weblogic.management.utils.InvalidParameterException

      copyToPEM

      Writes a certificate in the registry to a file in PEM base64 encoded format. <p> Throws NotFoundException if the alias does not exist in the registry. <p> Throws InvalidParameterException if alias or certificateFile is empty or null or if the file cannot be written to.

         
      Operation Name"copyToPEM"
      ParametersObject [] {  aliascertificateFile }

      where:

      • alias is an object of type java.lang.String that specifies:

        - The alias the certificate is registered under. It must not be empty or null. Aliases are case-insensitive.

      • certificateFile is an object of type java.lang.String that specifies:

        - The pathname (relative to the directory the admin server is booted from) of the file to write the certificate to.

      SignatureString [] { "java.lang.String", "java.lang.String" }
      Returns void
      Exceptions
      • weblogic.management.utils.NotFoundException
      • weblogic.management.utils.InvalidParameterException

      exportData

      Exports provider specific data in a specified format. When errors occur, the MBean throws an ErrorCollectionException containing a list of java.lang.Exceptions, where the text of each exception describes the error.

         
      Operation Name"exportData"
      ParametersObject [] {  formatfilenameconstraints }

      where:

      • format is an object of type java.lang.String that specifies:

        - The format for exporting provider specific data.

      • filename is an object of type java.lang.String that specifies:

        - The full path to the filename used to write data.

      • constraints is an object of type java.util.Properties that specifies:

        - The constraints to be used when exporting data. A null value indicates that all data will be exported.

      SignatureString [] { "java.lang.String", "java.lang.String", "java.util.Properties" }
      Returns void
      Exceptions
      • weblogic.management.utils.InvalidParameterException
      • weblogic.management.utils.ErrorCollectionException

      getAssertingParty

      Gets the SAMLAssertingParty corresponding to a partnerId. <p> Throws NotFoundException if the asserting party is not found. Throws InvalidParameterException if partnerId is empty or null.

         
      Operation Name"getAssertingParty"
      ParametersObject [] {  partnerId }

      where:

      • partnerId is an object of type java.lang.String that specifies:

        - The partnerId of the asserting party to return.

      SignatureString [] { "java.lang.String" }
      ReturnsSAMLAssertingParty
      Exceptions
      • weblogic.management.utils.NotFoundException
      • weblogic.management.utils.InvalidParameterException

      getCertificate

      Retrieves a certificate from the registry. <p> Returns the certificate. <p> Throws NotFoundException if alias does not exist in the registry. <p> Throws InvalidParameterException if alias is empty or null.

         
      Operation Name"getCertificate"
      ParametersObject [] {  alias }

      where:

      • alias is an object of type java.lang.String that specifies:

        - The alias the certificate is registered under. It must not be empty or null. Aliases are case-insensitive.

      SignatureString [] { "java.lang.String" }
      ReturnsX509Certificate
      Exceptions
      • weblogic.management.utils.NotFoundException
      • weblogic.management.utils.InvalidParameterException

      getCurrentName

      The name of the current item in the list. Returns null if there is no current item.

         
      Operation Name"getCurrentName"
      ParametersObject [] {  cursor }

      where:

      • cursor is an object of type java.lang.String that specifies:

        - The cursor returned from a previous list method.

      SignatureString [] { "java.lang.String" }
      ReturnsString
      Exceptions
      • weblogic.management.utils.InvalidCursorException

      haveCurrent

      Returns true if there are more objects in the list, and false otherwise.

         
      Operation Name"haveCurrent"
      ParametersObject [] {  cursor }

      where:

      • cursor is an object of type java.lang.String that specifies:

        - The cursor returned from a previous list method.

      SignatureString [] { "java.lang.String" }
      Returns boolean
      Exceptions
      • weblogic.management.utils.InvalidCursorException

      importData

      Imports provider specific data from a specified format. When errors occur, the MBean throws an ErrorCollectionException containing a list of java.lang.Exceptions, where the text of each exception describes the error.

         
      Operation Name"importData"
      ParametersObject [] {  formatfilenameconstraints }

      where:

      • format is an object of type java.lang.String that specifies:

        - The format for importing provider specific data.

      • filename is an object of type java.lang.String that specifies:

        - The full path to the filename used to read data.

      • constraints is an object of type java.util.Properties that specifies:

        - The constraints to be used when importing data. A null value indicates that all data will be imported.

      SignatureString [] { "java.lang.String", "java.lang.String", "java.util.Properties" }
      Returns void
      Exceptions
      • weblogic.management.utils.InvalidParameterException
      • weblogic.management.utils.ErrorCollectionException

      isSet

      Returns true if the specified attribute has been set explicitly in this MBean instance.

         
      Operation Name"isSet"
      ParametersObject [] {  propertyName }

      where:

      • propertyName is an object of type java.lang.String that specifies:

        property to check

      SignatureString [] { "java.lang.String" }
      Returns boolean
      Exceptions
      • java.lang.IllegalArgumentException

      listAssertingParties

      Lists the registered partnerIds that match a wild card. <p> It follows the NameListerMBean cursor pattern. The results are not sorted. <p> Returns a String containing a cursor that may be passed into the NameListerMBean methods to read the list. The getCurrentName method returns the current alias on the list. <p> Throws InvalidParameterException if partnerIdWildcard is empty or null or if maxToReturn is less than zero.

         
      Operation Name"listAssertingParties"
      ParametersObject [] {  partnerIdWildcardmaxToReturn }

      where:

      • partnerIdWildcard is an object of type java.lang.String that specifies:

        - A wild card used to select partnerIds. It supports three formats: "*" matches all partnerIds. "foo*" matches all partnerIds starting with the string "foo". "foo" matches the partnerId "foo" only. The matches are case-insensitive.

      • maxToReturn is an object of type java.lang.Integer that specifies:

        - The maximum number of partnerIds this method may return. If there are more matches than this maximum, then the returned results are arbitrary because this method does not sort the results. Set this parameter to zero to return all matching aliases.

      SignatureString [] { "java.lang.String", "java.lang.Integer" }
      ReturnsString
      Exceptions
      • weblogic.management.utils.InvalidCursorException
      • weblogic.management.utils.InvalidParameterException

      listCertificates

      Lists the registered certificate aliases that match a wild card. <p> It follows the NameListerMBean cursor pattern. The results are not sorted. <p> Returns a String containing a cursor that may be passed into the NameListerMBean methods to read the list. The getCurrentName method returns the current alias on the list. <p> Throws InvalidParameterException if aliasWildcard is empty or null or if maxToReturn is less than zero.

         
      Operation Name"listCertificates"
      ParametersObject [] {  aliasWildcardmaxToReturn }

      where:

      • aliasWildcard is an object of type java.lang.String that specifies:

        - A wild card used to select aliases. It supports three formats: "*" matches all aliases. "foo*" matches all aliases starting with the string "foo". "foo" matches the alias "foo" only. The matches are case-insensitive.

      • maxToReturn is an object of type java.lang.Integer that specifies:

        - The maximum number of aliases this method may return. If there are more matches than this maximum, then the returned results are arbitrary because this method does not sort the results. Set this parameter to zero to return all matching aliases.

      SignatureString [] { "java.lang.String", "java.lang.Integer" }
      ReturnsString
      Exceptions
      • weblogic.management.utils.InvalidCursorException
      • weblogic.management.utils.InvalidParameterException

      newAssertingParty

      Returns a new SAMLAssertingParty object. Caller can set the fields of this object and then call addAssertingParty() to add the new asserting party to the registry. <p> Asserting party objects obtained from this method should not be passed to updateAssertingParty() -- call getAssertingParty() to fetch an existing asserting party for update.

         
      Operation Name"newAssertingParty"
      Parametersnull
      Signaturenull
      ReturnsSAMLAssertingParty

      registerCertificate

      Registers an end certificate in the registry under an alias. <p> Throws AlreadyExistsException if the alias is already in the registry or if another certificate with the same subject dn, or issuer dn + serial number, or subject key identifier is already in the registry. <p> Throws InvalidParameterException if the alias or certificateFile is empty or null or if the file does not exist or cannot be read.

         
      Operation Name"registerCertificate"
      ParametersObject [] {  aliascertificateFile }

      where:

      • alias is an object of type java.lang.String that specifies:

        - The alias to register the certificate under. It must not be empty or null. Aliases are case-insensitive.

      • certificateFile is an object of type java.lang.String that specifies:

        - The pathname (relative to the directory the admin server is booted from) of a PEM or DER file containing the certificate to be registered.

      SignatureString [] { "java.lang.String", "java.lang.String" }
      Returns void
      Exceptions
      • weblogic.management.utils.AlreadyExistsException
      • weblogic.management.utils.InvalidParameterException

      removeAssertingParty

      Removes a SAMLAssertingParty from the registry. <p> Throws NotFoundException if the asserting party does not exist. Throws InvalidParameterException if the partnerId is empty or null.

         
      Operation Name"removeAssertingParty"
      ParametersObject [] {  partnerId }

      where:

      • partnerId is an object of type java.lang.String that specifies:

        - The partnerId of the asserting party to remove.

      SignatureString [] { "java.lang.String" }
      Returns void
      Exceptions
      • weblogic.management.utils.NotFoundException
      • weblogic.management.utils.InvalidParameterException

      unregisterCertificate

      Unregisters an end certificate from the registry. <p> Throws NotFoundException if alias does not exist in the registry. <p> Throws InvalidParameterException if alias is empty or null.

         
      Operation Name"unregisterCertificate"
      ParametersObject [] {  alias }

      where:

      • alias is an object of type java.lang.String that specifies:

        - The alias the certificate is registered under. It must not be empty or null. Aliases are case-insensitive.

      SignatureString [] { "java.lang.String" }
      Returns void
      Exceptions
      • weblogic.management.utils.NotFoundException
      • weblogic.management.utils.InvalidParameterException

      unSet

      Restore the given property to its default value.

         
      Operation Name"unSet"
      ParametersObject [] {  propertyName }

      where:

      • propertyName is an object of type java.lang.String that specifies:

        property to restore

      SignatureString [] { "java.lang.String" }
      Returns void
      Exceptions
      • java.lang.IllegalArgumentException
        UnsupportedOperationException if called on a runtime implementation.

      updateAssertingParty

      Updates a SAMLAssertingParty in the registry. <p> Throws NotFoundException if the asserting party does not exist. Throws InvalidParameterException if the partner object fails validation.

         
      Operation Name"updateAssertingParty"
      ParametersObject [] {  assertingParty }

      where:

      • assertingParty is an object of type weblogic.security.providers.saml.registry.SAMLAssertingParty that specifies:

        - The asserting party to update.

      SignatureString [] { "weblogic.security.providers.saml.registry.SAMLAssertingParty" }
      Returns void
      Exceptions
      • weblogic.management.utils.NotFoundException
      • weblogic.management.utils.InvalidParameterException

      wls_getDisplayName

         
      Operation Name"wls_getDisplayName"
      Parametersnull
      Signaturenull
      ReturnsString