Developing Security Providers

     Previous  Next    Open TOC in new window    View as PDF - New Window  Get Adobe Reader - New Window
Content starts here

Introduction to Developing Security Providers

This section cover the following topics:

 

Overview of the Development Process

To develop a custom security provider, you perform the following tasks:

  1. Make security provider design decisions.
  2. Write an MBean Definition File for each security provider you want to develop.
  3. Run each MBean Definition File file through the WebLogic MBean Maker.
  4. Create the runtime classes for each security provider you want to develop.
  5. Create the auditing event classes for each security provider from which events are audited (optional).
  6. Run the files generated by the MBean Maker and the runtime class files through the WebLogic MBean Maker to produce an MBean JAR file (MJF).
    7. Note: An MBean JAR file can contain multiple security providers. Therefore you only need to run the MBean Maker once to produce the MBean JAR file.
  7. Deploy the MJF file to the Oracle Entitlements Server systems from which you want to use the providers:

    For WebLogic Server version 8.1 providers, this includes copying the JAR file to both the Administration Application and the Security Service Module provider directories.

    For providers created with the WebLogic Server 9.x\10.0 WebLogicMBeanMaker, this includes copying the JAR file to the WebLogic Server deployment directory.
  8. For WebLogic Server 8.1 providers, use the Oracle Entitlements Server Administration Console to configure the security providers.

    For providers created with the WebLogic Server 9.x\10.0 WebLogicMBeanMaker, use the WebLogic Server Administration Console to configure the security providers, as described in Security Provider Management Concepts.
  9. Initialize the security provider databases.

Figure 2-1 illustrates the security provider development process. For detailed instructions for each of the development tasks, see Developing Custom Security Providers.

Figure 2-1 Developing Custom Security Provider Tasks

Developing Custom Security Provider Tasks

 

Types of Providers

You use the SSPI provided with the product to create runtime classes for custom security providers, which are located in the weblogic.security.spi package. For more information about this package, see Javadocs for Security Service Provider Interfaces.

Note: You can use the WebLogic Server 9.x\10.0 WebLogicMBeanMaker to create any of the security provider types described in Developing WebLogic Security Providers. However, doing so affects how you then manage that provider, as described in Security Provider Management Concepts.

Table 2-1 maps the types of security providers and their components with the SSPI and other interfaces you use to develop them. Table 2-1 includes the WebLogic Server 9.x\10.0 providers.

Table 2-1 Security Providers, Components, and Corresponding SSPI
Type/Component
Interface
Identity Assertion provider
AuthenticationProvider
AuthenticationProviderV2
     Identity Asserter
  IdentityAsserter
  IdentityAsserterV2
Principal Validation provider
PrincipalValidator
Authorization
AuthorizationProvider
DeployableAuthorizationProviderV2
     Access Decision
  AccessDecision
Adjudication provider
AdjudicationProvider
AdjudicationProviderV2
     Adjudicator
  Adjudicator
  AdjudicatorV2
Role Mapping provider
RoleProvider
DeployableRoleProviderV2
     Role Mapper
  RoleMapper
Auditing provider
AuditProvider
     Audit Channel
   AuditChannel
Credential Mapping provider
CredentialProvider
CredentialProviderV2
     Credential Mapper
   CredentialMapper
   CredentialMapperV2
Cert Path Provider
CertPathProvider
Versionable Application Provider
VersionableApplicationProvider
Servlet Authentican Filter
ServletAuthenticationFilter


  Back to Top       Previous  Next