|
Copyright © 2000, 2009, Oracle and/or its affiliates. All rights reserved. | ||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
public interface CredentialVaultService
The Credential Vault service interface allows management of credentials
Each credential and its optional metadata are stored in a credential entry. Credentials are stored in encrypted format,
while its metadata (name value pairs of String
type) are stored in plaintext.
There are 3 types of credential entry:
Credential.CredentialType
.
and manages storing and retrival credential entries to/from its persistence layer.
The default CredentialVaultService implementation currently support USERNAME_PASSWORD_CREDENTIAL. It can be accessed via service factory:
CredentialVaultService cvs = com.bea.wlp.services.Services.getService(com.bea.p13n.security.management.credentials.CredentialVaultService.class)
Credential.CredentialType
,
CredentialEntry.EntryType
Method Summary | |
---|---|
boolean |
cleanupResourceCredentialEntries(ResourceKey requestResource,
String entryName)
Delete credential entries associated with specified resource for all users |
CredentialEntry |
createCredentialEntry(String entryName,
CredentialEntry.EntryType type,
String description,
ResourceKey requestResource)
Reserve an entry to store credential. |
CredentialEntry |
fetchCredentialEntry(String entryName,
CredentialEntry.EntryType type,
ResourceKey requestResource)
Retrieve an entry from credential vault For USER_TYPE or SYSTEM_TYPE entries, if there are more than one entries with same name but in different scope, the one with closest scope to requesting resource will be retrieved. |
Iterator<? extends CredentialEntry> |
listAccessibleCredentialEntries(ResourceKey requestResource)
Retrieve all credential entries visible to requesting resource and requester, including RESOURCE_TYPE entries bound to request resource, USER_TYPE entries created by requester, and SYSTEM_TYPE entries. |
boolean |
removeCredentialEntry(String entryName,
CredentialEntry.EntryType type,
ResourceKey requestResource)
Delete credential entry from vault |
Method Detail |
---|
CredentialEntry createCredentialEntry(String entryName, CredentialEntry.EntryType type, String description, ResourceKey requestResource) throws AlreadyExistsException, CredentialAccessException, CredentialVaultException, IllegalArgumentException
entryName
- name to identify entrytype
- predefined value in CredentialEntry.EntryType
description
- optional description of the credential entryrequestResource
- the resource requesting a credential entry
AlreadyExistsException
- If the entry already exists in vault
CredentialAccessException
- If user doesn't have privilidge to create the credential entry
CredentialVaultException
- persistenct error during credential entry creation
IllegalArgumentException
- if entryName is null
or emptyCredentialEntry fetchCredentialEntry(String entryName, CredentialEntry.EntryType type, ResourceKey requestResource) throws CredentialVaultException
entryName
- name to identify entrytype
- predefined value in CredentialEntry.EntryType
requestResource
- the resource requesting a credential entry
CredentialVaultException
- Error during credential entry retrievalIterator<? extends CredentialEntry> listAccessibleCredentialEntries(ResourceKey requestResource) throws CredentialVaultException
requestResource
- the resource requesting credential entries
CredentialVaultException
- Error during credential entries retrievalboolean removeCredentialEntry(String entryName, CredentialEntry.EntryType type, ResourceKey requestResource) throws CredentialAccessException, CredentialVaultException
NOTE: Delete a non-exists credential entry does not fail in this method
entryName
- name to identify entrytype
- predefined value in CredentialEntry.EntryType
requestResource
- the resource requesting to delete a credential entry
true
if the specified credential entry is removed from vaultfalse
if the entry is not found in system
CredentialAccessException
- If user doesn't have privilidge to remove the credential entry
CredentialVaultException
- Error during delete a credential entryboolean cleanupResourceCredentialEntries(ResourceKey requestResource, String entryName) throws CredentialAccessException, CredentialVaultException
NOTE: Only user with administrive privildge can do this cleanup operation.
Delete non-existing credential entries do not fail in this method
requestResource
- the resource requesting to delete credential entries for all usersentryName
- name to identify entry. If null
, all entries associated with requestResource will
be deleted.
true
if any user customized credential entry associated with resource is removed from vaultfalse
if entry is not found in system
CredentialAccessException
- If user doesn't have administrative privilidge to remove credential entries
CredentialVaultException
- Error during delete credential entries
|
Copyright © 2000, 2009, Oracle and/or its affiliates. All rights reserved. | ||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |