WebLogic Server 8.1 API Reference: Interface DefaultIdentityAsserterMBean

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

BEA Systems, Inc.

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: INNER | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

WebLogic Server 8.1 API Reference

weblogic.security.providers.authentication
Interface DefaultIdentityAsserterMBean

public interface DefaultIdentityAsserterMBean
extends weblogic.management.commo.StandardInterface, IdentityAsserterMBean

The MBean that represents configuration atrributes for the WebLogic Identity Assertion provider. The WebLogic Identity Assertion provider supports identity assertion using X.509 certificates and CORBA Common Secure Interoperability version 2 (CS1 v2). The class also contains attributes for the default user name mapping class plus the list of trusted client principals.

Author:: Copyright © 2004 BEA Systems, Inc. All Rights Reserved.

Method Summary
`java.lang.String`	`getDefaultUserNameMapperAttributeDelimiter()` The delimiter that ends the attribute value when mapping from the X.509 certificate or X.500 name token to the WebLogic user name.
`java.lang.String`	`getDefaultUserNameMapperAttributeType()` The name of the attribute from the subject DN to use when mapping from the X.509 certificate or X.500 name token to the WebLogic user name.
`java.lang.String`	`getDescription()` A short description of the WebLogic Identity Assertion provider.
`java.lang.String`	`getProviderClassName()` The name of the Java class used to load the WebLogic Identity Assertion provider.
`java.lang.String[]`	`getSupportedTypes()` The token types supported by the WebLogic Identity Assertion provider.
`java.lang.String[]`	`getTrustedClientPrincipals()` The list of trusted client principals to use in CSI v2 identity assertion.
`java.lang.String`	`getUserNameMapperClassName()` The name of the Java class that maps X.509 digital certificates and X.501 distinguished names to WebLogic user names.
`java.lang.String`	`getVersion()` The version number of the WebLogic Identity Assertion provider.
`boolean`	`isUseDefaultUserNameMapper()` Uses the user name mapping class provided by WebLogic.
`void`	`setDefaultUserNameMapperAttributeDelimiter(java.lang.String newValue)` The delimiter that ends the attribute value when mapping from the X.509 certificate or X.500 name token to the WebLogic user name.
`void`	`setDefaultUserNameMapperAttributeType(java.lang.String newValue)` The name of the attribute from the subject DN to use when mapping from the X.509 certificate or X.500 name token to the WebLogic user name.
`void`	`setTrustedClientPrincipals(java.lang.String[] newValue)` The list of trusted client principals to use in CSI v2 identity assertion.
`void`	`setUseDefaultUserNameMapper(boolean newValue)` Uses the user name mapping class provided by WebLogic.
`void`	`setUserNameMapperClassName(java.lang.String newValue)` The name of the Java class that maps X.509 digital certificates and X.501 distinguished names to WebLogic user names.

Methods inherited from interface weblogic.management.security.authentication.IdentityAsserterMBean

getActiveTypes, 
getBase64DecodingRequired, 
setActiveTypes, 
setBase64DecodingRequired

Methods inherited from interface weblogic.management.security.ProviderMBean

getRealm, 
setRealm

Method Detail

getProviderClassName

public java.lang.String getProviderClassName()

The name of the Java class used to load the WebLogic Identity Assertion provider.

Default Value: "weblogic.security.providers.authentication.DefaultIdentityAsserterProviderImpl"
Legal NULL: true

getDescription

public java.lang.String getDescription()

A short description of the WebLogic Identity Assertion provider.

Default Value: "WebLogic Identity Assertion provider"
Legal NULL: true

getVersion

public java.lang.String getVersion()

The version number of the WebLogic Identity Assertion provider.

Default Value: "1.0"
Legal NULL: true

getSupportedTypes

public java.lang.String[] getSupportedTypes()

The token types supported by the WebLogic Identity Assertion provider.

Specified by:: getSupportedTypes in interface IdentityAsserterMBean
Default Value: new String[] { weblogic.security.spi.IdentityAsserter.AU_TYPE, weblogic.security.spi.IdentityAsserter.X509_TYPE, weblogic.security.spi.IdentityAsserter.CSI_PRINCIPAL_TYPE, weblogic.security.spi.IdentityAsserter.CSI_ANONYMOUS_TYPE, weblogic.security.spi.IdentityAsserter.CSI_X509_CERTCHAIN_TYPE, weblogic.security.spi.IdentityAsserter.CSI_DISTINGUISHED_NAME_TYPE }
Legal NULL: true

getUserNameMapperClassName

public java.lang.String getUserNameMapperClassName()

The name of the Java class that maps X.509 digital certificates and X.501 distinguished names to WebLogic user names.

Legal NULL: true

setUserNameMapperClassName

public void setUserNameMapperClassName(java.lang.String newValue)
                                throws javax.management.InvalidAttributeValueException

The name of the Java class that maps X.509 digital certificates and X.501 distinguished names to WebLogic user names.

Legal NULL: true
Parameters:: newValue - - new value for attribute UserNameMapperClassName
Throws:: javax.management.InvalidAttributeValueException -

getTrustedClientPrincipals

public java.lang.String[] getTrustedClientPrincipals()

The list of trusted client principals to use in CSI v2 identity assertion. The wildcard character (*) can be used to specify all principals are trusted. If a client is not listed as a trusted client principal, the CSIv2 identity assertion fails and the invoke is rejected.

Legal NULL: true

setTrustedClientPrincipals

public void setTrustedClientPrincipals(java.lang.String[] newValue)
                                throws javax.management.InvalidAttributeValueException

Legal NULL: true
Parameters:: newValue - - new value for attribute TrustedClientPrincipals
Throws:: javax.management.InvalidAttributeValueException -

isUseDefaultUserNameMapper

public boolean isUseDefaultUserNameMapper()

Uses the user name mapping class provided by WebLogic. The default user name mapping class only validates that a certificate has not expired. If you require additional validation, you need to write your own user name mapping class. Writing your own user name mapping class also allows you to specify what attribute in the subject DN of the certificate is used to map to the user name.

Default Value: new java.lang.Boolean(false)
Legal NULL: true

setUseDefaultUserNameMapper

public void setUseDefaultUserNameMapper(boolean newValue)
                                 throws javax.management.InvalidAttributeValueException

Default Value: new java.lang.Boolean(false)
Legal NULL: true
Parameters:: newValue - - new value for attribute UseDefaultUserNameMapper
Throws:: javax.management.InvalidAttributeValueException -

getDefaultUserNameMapperAttributeType

public java.lang.String getDefaultUserNameMapperAttributeType()

The name of the attribute from the subject DN to use when mapping from the X.509 certificate or X.500 name token to the WebLogic user name.

Default Value: "E"
Legal NULL: true
Legal Values: C,CN,E,L,O,OU,S,STREET

setDefaultUserNameMapperAttributeType

public void setDefaultUserNameMapperAttributeType(java.lang.String newValue)
                                           throws javax.management.InvalidAttributeValueException