|
BEA Systems, Inc. | |||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
The MBean that represents configuration attributes for the security realm.
A security realm contains a set of security configuration settings, including the list of security providers to use (for example, for authentication and authorization).
Code using security can either use the default security realm for the domain or refer to a particular security realm by name (by using the JMX display name of the security realm).
One security realm in the WebLogic domain must have the DefaultRealm
attribute set to true. The security realm with the DefaultRealm
attribute set to true is used as the default
security realm for the WebLogic domain. Note that other available security realms
must have the DefaultRealm
attribute set to false.
When WebLogic Server boots, it locates and uses the default security realm. The security realm is considered active since it is used when WebLogic Server runs. Any security realm that is not used when WebLogic Server runs is considered inactive. All active security realms must be configured before WebLogic Server is boots.
Since security providers are scoped by realm, the
Realm
attribute on a security provider
must be set to the realm that uses the provider.
In addition to being used as
a base class that provides functionality to security provider
MBeans, JMX applications can use this class directly as a type-safe
interface. When used as a type-safe interface, a JMX application
imports this class and accesses it through
weblogic.management.MBeanHome
. As of 9.0, the
MBeanHome
interface and all type-safe interfaces for
WebLogic Server MBeans are deprecated. Instead, JMX applications that
interact with WebLogic Server MBeans should use standard JMX design
patterns in which clients use the
javax.management.MBeanServerConnection
interface to
discover MBeans, attributes, and attribute types at runtime. For
more information, see "Developing Manageable Applications with JMX"
on http://www.oracle.com/technology/documentation/index.html.
Method Summary | |
AdjudicatorMBean |
createAdjudicator(String type)
Creates an Adjudication provider in this security realm and removes this security realm's previous Adjudication provider. |
AdjudicatorMBean |
createAdjudicator(String name,
String type)
Creates an Adjudication provider in this security realm and removes this security realm's previous Adjudication provider. |
AuditorMBean |
createAuditor(String type)
Creates an Auditing provider in this security realm. |
AuditorMBean |
createAuditor(String name,
String type)
Creates an Auditing provider in this security realm. |
AuthenticationProviderMBean |
createAuthenticationProvider(String type)
Creates an Authentication provider in this security realm. |
AuthenticationProviderMBean |
createAuthenticationProvider(String name,
String type)
Creates an Authentication provider in this security realm. |
AuthorizerMBean |
createAuthorizer(String type)
Creates an Authorization provider in this security realm. |
AuthorizerMBean |
createAuthorizer(String name,
String type)
Creates an Authorization provider in this security realm. |
CertPathProviderMBean |
createCertPathProvider(String type)
Creates a Certification Path provider in this security realm. |
CertPathProviderMBean |
createCertPathProvider(String name,
String type)
Creates a Certification Path provider in this security realm. |
CredentialMapperMBean |
createCredentialMapper(String type)
Creates a Credential Mapping provider in this security realm. |
CredentialMapperMBean |
createCredentialMapper(String name,
String type)
Creates a Credential Mapping provider in this security realm. |
KeyStoreMBean |
createKeyStore(String type)
Deprecated. 8.1.0.0 |
KeyStoreMBean |
createKeyStore(String name,
String type)
Deprecated. 8.1.0.0 |
RoleMapperMBean |
createRoleMapper(String type)
Creates a Role Mapping provider in this security realm. |
RoleMapperMBean |
createRoleMapper(String name,
String type)
Creates a Role Mapping provider in this security realm. |
void |
destroyAdjudicator()
Removes the configuration this security realm's Adjudication provider (if there is one). |
void |
destroyAuditor(AuditorMBean auditor)
Removes the configuration for an Auditing provider in this security realm. |
void |
destroyAuthenticationProvider(AuthenticationProviderMBean authenticationProvider)
Removes the configuration for an Authentication provider in this security realm. |
void |
destroyAuthorizer(AuthorizerMBean authorizer)
Removes the configuration for an Authorization provider in this security realm. |
void |
destroyCertPathProvider(CertPathProviderMBean certPathProvider)
Removes the configuration for a Certification Path provider in this security realm. |
void |
destroyCredentialMapper(CredentialMapperMBean credentialMapper)
Removes the configuration for a Credential Mapping provider in this security realm. |
void |
destroyKeyStore(KeyStoreMBean keystore)
Deprecated. 8.1.0.0 |
void |
destroyRoleMapper(RoleMapperMBean roleMapper)
Removes the configuration for a Role Mapping provider in this security realm. |
AdjudicatorMBean |
getAdjudicator()
Returns the Adjudication provider for this security realm. |
String[] |
getAdjudicatorTypes()
Returns the types of Adjudication providers that may be created in this security realm, for example, weblogic.security.providers.authorization.DefaultAdjudicator . |
AuditorMBean[] |
getAuditors()
Returns the Auditing providers for this security realm (in invocation order). |
String[] |
getAuditorTypes()
Returns the types of Auditing providers that may be created in this security realm, for example, weblogic.security.providers.audit.DefaultAuditor . |
AuthenticationProviderMBean[] |
getAuthenticationProviders()
Returns the Authentication providers for this security realm (in invocation order). |
String[] |
getAuthenticationProviderTypes()
Returns the types of Authentication providers that may be created in this security realm, for example, weblogic.security.providers.authentication.DefaultAuthenticator . |
AuthorizerMBean[] |
getAuthorizers()
Returns the Authorization providers for this security realm (in invocation order). |
String[] |
getAuthorizerTypes()
Returns the types of Authorization providers that may be created in this security realm, for example, weblogic.security.providers.authorization.DefaultAuthorizer . |
CertPathBuilderMBean |
getCertPathBuilder()
Returns the CertPath Builder provider in this security realm that will be used by the security system to build certification paths. |
CertPathProviderMBean[] |
getCertPathProviders()
Returns the Certification Path providers for this security realm (in invocation order). |
String[] |
getCertPathProviderTypes()
Returns the types of Certification Path providers that may be created in this security realm, for example, weblogic.security.providers.pk.WebLogicCertPathProvider . |
CredentialMapperMBean[] |
getCredentialMappers()
Returns the Credential Mapping providers for this security realm (in invocation order). |
String[] |
getCredentialMapperTypes()
Returns the types of Credential Mapping providers that may be created in this security realm, for example, weblogic.security.providers.credentials.DefaultCredentialMapper . |
KeyStoreMBean[] |
getKeyStores()
Deprecated. 8.1.0.0 |
String[] |
getKeyStoreTypes()
Deprecated. 8.1.0.0 |
Integer |
getMaxWebLogicPrincipalsInCache()
Returns the maximum size of the LRU cache for holding WebLogic Principal signatures. |
String |
getName()
The name of this configuration. |
RoleMapperMBean[] |
getRoleMappers()
Returns the Role Mapping providers for this security realm (in invocation order). |
String[] |
getRoleMapperTypes()
Returns the types of Role Mapping providers that may be created in this security realm, for example, weblogic.security.providers.authorization.DefaultRoleMapper . |
String |
getSecurityDDModel()
Specifies the default security model for Web applications or EJBs that are secured by this security realm. |
UserLockoutManagerMBean |
getUserLockoutManager()
Returns the User Lockout Manager for this security realm. |
boolean |
isCombinedRoleMappingEnabled()
Determines how the role mappings in the Enterprise Application, Web application, and EJB containers interact. |
boolean |
isDefaultRealm()
Deprecated. 9.0.0.0 Replaced by SecurityConfigurationMBean.getDefaultRealm() |
boolean |
isDeployCredentialMappingIgnored()
Deprecated. 9.0.0.0 |
boolean |
isDeployPolicyIgnored()
Deprecated. 9.0.0.0 |
boolean |
isDeployRoleIgnored()
Deprecated. 9.0.0.0 |
boolean |
isEnableWebLogicPrincipalValidatorCache()
Returns whether the WebLogic Principal Validator caching is enabled. |
boolean |
isFullyDelegateAuthorization()
Deprecated. 9.0.0.0 |
boolean |
isValidateDDSecurityData()
Returns whether security data in the deployment descriptor is validated. |
AuditorMBean |
lookupAuditor(String name)
Finds an Auditing provider in this security realm. |
AuthenticationProviderMBean |
lookupAuthenticationProvider(String name)
Finds an Authentication provider in this security realm. |
AuthorizerMBean |
lookupAuthorizer(String name)
Finds an Authorization provider in this security realm. |
CertPathProviderMBean |
lookupCertPathProvider(String name)
Finds a Certification Path provider in this security realm. |
CredentialMapperMBean |
lookupCredentialMapper(String name)
Finds a Credential Mapping provider in this security realm. |
KeyStoreMBean |
lookupKeyStore(String name)
Deprecated. 8.1.0.0 |
RoleMapperMBean |
lookupRoleMapper(String name)
Finds a Role Mapping provider in this security realm. |
void |
setAuditors(AuditorMBean[] auditors)
Changes the invocation order of this security realm's Auditing providers. |
void |
setAuthenticationProviders(AuthenticationProviderMBean[] authenticationProviders)
Changes the invocation order of this security realm's Authentication providers. |
void |
setAuthorizers(AuthorizerMBean[] authorizers)
Changes the invocation order of this security realm's Authorization providers. |
void |
setCertPathBuilder(CertPathBuilderMBean certPathBuilder)
Determines which of this security realm's CertPathProviders will be used
by the security system to build certification paths. |
void |
setCertPathProviders(CertPathProviderMBean[] certPathProviders)
Changes the invocation order of this security realm's Certification Path providers. |
void |
setCombinedRoleMappingEnabled(boolean combined)
Sets whether application role mappings are combined by the J2EE containers. |
void |
setCredentialMappers(CredentialMapperMBean[] credentialMappers)
Changes the invocation order of this security realm's Credential Mapping providers. |
void |
setDefaultRealm(boolean isDefault)
Deprecated. 9.0.0.0 Replaced by SecurityConfigurationMBean.setDefaultRealm(weblogic.management.security.RealmMBean) |
void |
setDelegateMBeanAuthorization(boolean deleteMBeanAuthorization)
Sets whether the JMX subsystem should call the security framework on every MBean access. |
void |
setDeployCredentialMappingIgnored(boolean ignored)
Deprecated. 9.0.0.0 |
void |
setDeployPolicyIgnored(boolean ignored)
Deprecated. 9.0.0.0 |
void |
setDeployRoleIgnored(boolean ignored)
Deprecated. 9.0.0.0 |
void |
setEnableWebLogicPrincipalValidatorCache(boolean enabled)
Sets whether the WebLogic Principal Validator caching is enabled. |
void |
setFullyDelegateAuthorization(boolean fullyDelegate)
Deprecated. 9.0.0.0 |
void |
setKeyStores(KeyStoreMBean[] keystores)
Deprecated. 8.1.0.0 |
void |
setMaxWebLogicPrincipalsInCache(Integer size)
Sets the maximum size of the LRU cache for holding WebLogic Principal signatures. |
void |
setRoleMappers(RoleMapperMBean[] roleMappers)
Changes the invocation order of this security realm's Role Mapping providers. |
void |
setSecurityDDModel(String model)
Sets the default security deployment model for applications deployed in this security realm. |
void |
setValidateDDSecurityData(boolean validate)
Sets whether security data in the deployment descriptor is validated. |
void |
validate()
Deprecated. 9.0.0.0 This method is no longer required since activating a configuration transaction does this check automatically on the default realm, and will not allow the configuration to be saved if the domain does not have a valid default realm configured. |
Methods inherited from interface weblogic.management.commo.StandardInterface |
setName, wls_getDisplayName, wls_getInterfaceClassName, wls_getObjectName |
Methods inherited from interface weblogic.descriptor.DescriptorBean |
addBeanUpdateListener, addPropertyChangeListener, createChildCopy, createChildCopyIncludingObsolete, getDescriptor, getParentBean, isEditable, removeBeanUpdateListener, removePropertyChangeListener |
Methods inherited from interface weblogic.descriptor.SettableBean |
isSet, unSet |
Method Detail |
public AdjudicatorMBean createAdjudicator(String type) throws ClassNotFoundException, JMException
type
- - The type of this Adjudication provider, for example,
weblogic.security.providers.authorization.DefaultAdjudicator
Use getAdjudicatorTypes
to find the list of types that may be specified.
ClassNotFoundException
- is thrown if an invalid type is specified.
JMException
public AdjudicatorMBean createAdjudicator(String name, String type) throws ClassNotFoundException, JMException
name
- - The name of this Adjudication provider, for example, DefaultAdjudicator
type
- - The type of this Adjudication provider, for example,
weblogic.security.providers.authorization.DefaultAdjudicator
Use getAdjudicatorTypes
to find the list of types that may be specified.
ClassNotFoundException
- is thrown if an invalid type is specified.
JMException
public AuditorMBean createAuditor(String type) throws ClassNotFoundException, JMException
type
- - The type of this Auditing provider, for example,
weblogic.security.providers.audit.DefaultAuditor
Use getAuditorTypes
to find the list of types that may be specified.
ClassNotFoundException
- is thrown if an invalid type is specified.
JMException
public AuditorMBean createAuditor(String name, String type) throws ClassNotFoundException, JMException
name
- - The name of this Auditing provider, for example, DefaultAuditor
type
- - The type of this Auditing provider, for example,
weblogic.security.providers.audit.DefaultAuditor
Use getAuditorTypes
to find the list of types that may be specified.
ClassNotFoundException
- is thrown if an invalid type is specified.
JMException
public AuthenticationProviderMBean createAuthenticationProvider(String type) throws ClassNotFoundException, JMException
type
- - The type of this Authentication provider, for example,
weblogic.security.providers.authentication.DefaultAuthenticator
Use getAuthenticationProviderTypes
to find the list of types that may be specified.
ClassNotFoundException
- is thrown if an invalid type is specified.
JMException
public AuthenticationProviderMBean createAuthenticationProvider(String name, String type) throws ClassNotFoundException, JMException
name
- - The name of this Authentication provider, for example, DefaultAuthenticator
type
- - The type of this Authentication provider, for example,
weblogic.security.providers.authentication.DefaultAuthenticator
Use getAuthenticationProviderTypes
to find the list of types that may be specified.
ClassNotFoundException
- is thrown if an invalid type is specified.
JMException
public AuthorizerMBean createAuthorizer(String type) throws ClassNotFoundException, JMException
type
- - The type of this Authorization provider, for example,
weblogic.security.providers.authorization.DefaultAuthorizer
Use getAuthorizerTypes
to find the list of types that may be specified.
ClassNotFoundException
- is thrown if an invalid type is specified.
JMException
public AuthorizerMBean createAuthorizer(String name, String type) throws ClassNotFoundException, JMException
name
- - The name of this Authorization provider, for example, DefaultAuthorizer
type
- - The type of this Authorization provider, for example,
weblogic.security.providers.authorization.DefaultAuthorizer
Use getAuthorizerTypes
to find the list of types that may be specified.
ClassNotFoundException
- is thrown if an invalid type is specified.
JMException
public CertPathProviderMBean createCertPathProvider(String type) throws ClassNotFoundException, JMException
The active security realm must contain at least one Certification Path provider that is a CertPath Builder provider and at least one Certificate Path provider that is a CertPath Validator provider.
type
- - The type of this Certification Path provider, for example,
weblogic.security.providers.pk.WebLogicCertPathProvider
Use getCertPathProviderTypes
to find the list of types that may be specified.
ClassNotFoundException
- is thrown if an invalid type is specified.
JMException
public CertPathProviderMBean createCertPathProvider(String name, String type) throws ClassNotFoundException, JMException
name
- - The name of this Certification Path provider, for example, WebLogicCertPathProvider
type
- - The type of this Certification Path provider, for example,
weblogic.security.providers.pk.WebLogicCertPathProvider
Use getCertPathProviderTypes
to find the list of types that may be specified.
ClassNotFoundException
- is thrown if an invalid type is specified.
JMException
public CredentialMapperMBean createCredentialMapper(String type) throws ClassNotFoundException, JMException
type
- - The type of this Credential Mapping provider, for example,
weblogic.security.providers.credentials.DefaultCredentialMapper
Use getCredentialMapperTypes
to find the list of types that may be specified.
ClassNotFoundException
- is thrown if an invalid type is specified.
JMException
public CredentialMapperMBean createCredentialMapper(String name, String type) throws ClassNotFoundException, JMException
name
- - The name of this Credential Mapping provider, for example, DefaultCredentialMapper
type
- - The type of this Credential Mapping provider, for example,
weblogic.security.providers.credentials.DefaultCredentialMapper
Use getCredentialMapperTypes
to find the list of types that may be specified.
ClassNotFoundException
- is thrown if an invalid type is specified.
JMException
public KeyStoreMBean createKeyStore(String type) throws ClassNotFoundException, JMException
type
- - The type of this KeyStore provider, for example,
weblogic.security.providers.pk.DefaultKeyStore
Use getKeyStoreTypes
to find the list of types that may be specified.
ClassNotFoundException
- is thrown if an invalid type is specified.
JMException
public KeyStoreMBean createKeyStore(String name, String type) throws ClassNotFoundException, JMException
name
- - The name of this KeyStore provider, for example, DefaultKeyStore
type
- - The type of this KeyStore provider, for example,
weblogic.security.providers.pk.DefaultKeyStore
Use getKeyStoreTypes
to find the list of types that may be specified.
ClassNotFoundException
- is thrown if an invalid type is specified.
JMException
public RoleMapperMBean createRoleMapper(String type) throws ClassNotFoundException, JMException
type
- - The type of this Role Mapping provider, for example,
weblogic.security.providers.authorization.DefaultRoleMapper
Use getRoleMapperTypes
to find the list of types that may be specified.
ClassNotFoundException
- is thrown if an invalid type is specified.
JMException
public RoleMapperMBean createRoleMapper(String name, String type) throws ClassNotFoundException, JMException
name
- - The name of this Role Mapping provider, for example, DefaultRoleMapper
type
- - The type of this Role Mapping provider, for example,
weblogic.security.providers.authorization.DefaultRoleMapper
Use getRoleMapperTypes
to find the list of types that may be specified.
ClassNotFoundException
- is thrown if an invalid type is specified.
JMException
public void destroyAdjudicator()
weblogic.management.configuration.SecurityConfigurationMBean.destroyRealm
automatically removes the security realm's Adjudication provider.
public void destroyAuditor(AuditorMBean auditor)
weblogic.management.configuration.SecurityConfigurationMBean.destroyRealm
automatically removes the security realm's Auditing providers.
auditor
- - The Auditing provider to remove.public void destroyAuthenticationProvider(AuthenticationProviderMBean authenticationProvider)
weblogic.management.configuration.SecurityConfigurationMBean.destroyRealm
automatically removes the security realm's Authentication providers.
authenticationProvider
- - The Authentication provider to remove.public void destroyAuthorizer(AuthorizerMBean authorizer)
weblogic.management.configuration.SecurityConfigurationMBean.destroyRealm
automatically removes the security realm's Authorization providers.
authorizer
- - The Authorization provider to remove.public void destroyCertPathProvider(CertPathProviderMBean certPathProvider)
weblogic.management.configuration.SecurityConfigurationMBean.destroyRealm
automatically removes the security realm's Certification Path providers.
If certPathProvider
has been selected as this security realm's
CertPathBuilder
, then this security realm's will have no
CertPathBuilder
.
certPathProvider
- - The Certification Path provider to remove.public void destroyCredentialMapper(CredentialMapperMBean credentialMapper)
weblogic.management.configuration.SecurityConfigurationMBean.destroyRealm
automatically removes the security realm's Credential Mapping providers.
credentialMapper
- - The Credential Mapping provider to remove.public void destroyKeyStore(KeyStoreMBean keystore)
weblogic.management.configuration.SecurityConfigurationMBean.destroyRealm
automatically removes the security realm's KeyStore providers.
keystore
- - The KeyStore provider to remove.public void destroyRoleMapper(RoleMapperMBean roleMapper)
weblogic.management.configuration.SecurityConfigurationMBean.destroyRealm
automatically removes the security realm's Role Mapping providers.
roleMapper
- - The Role Mapping provider to remove.public AdjudicatorMBean getAdjudicator()
public String[] getAdjudicatorTypes()
weblogic.security.providers.authorization.DefaultAdjudicator
.
Use this method to find the available types to pass to createAdjudicator
public AuditorMBean[] getAuditors()
public String[] getAuditorTypes()
weblogic.security.providers.audit.DefaultAuditor
.
Use this method to find the available types to pass to createAuditor
public AuthenticationProviderMBean[] getAuthenticationProviders()
public String[] getAuthenticationProviderTypes()
weblogic.security.providers.authentication.DefaultAuthenticator
.
Use this method to find the available types to pass to createAuthenticationProvider
public AuthorizerMBean[] getAuthorizers()
public String[] getAuthorizerTypes()
weblogic.security.providers.authorization.DefaultAuthorizer
.
Use this method to find the available types to pass to createAuthorizer
public CertPathBuilderMBean getCertPathBuilder()
CertPathProviders
.
public CertPathProviderMBean[] getCertPathProviders()
public String[] getCertPathProviderTypes()
weblogic.security.providers.pk.WebLogicCertPathProvider
.
Use this method to find the available types to pass to createCertPathProvider
public CredentialMapperMBean[] getCredentialMappers()
public String[] getCredentialMapperTypes()
weblogic.security.providers.credentials.DefaultCredentialMapper
.
Use this method to find the available types to pass to createCredentialMapper
public KeyStoreMBean[] getKeyStores()
public String[] getKeyStoreTypes()
weblogic.security.providers.pk.DefaultKeyStore
.
Use this method to find the available types to pass to createKeyStore
public Integer getMaxWebLogicPrincipalsInCache()
EnableWebLogicPrincipalValidatorCache
is set
to true
public String getName()
getName
in interface weblogic.management.commo.StandardInterface
public RoleMapperMBean[] getRoleMappers()
public String[] getRoleMapperTypes()
weblogic.security.providers.authorization.DefaultRoleMapper
.
Use this method to find the available types to pass to createRoleMapper
public String getSecurityDDModel()
Specifies the default security model for Web applications or EJBs that are secured by this security realm. You can override this default during deployment.
Choose one of these security models:
Deployment Descriptors Only (DDOnly)
Customize Roles Only (CustomRoles)
Customize Roles and Policies (CustomRolesAndPolicies)
Advanced (Advanced)
You configure how this model behaves by setting values for the following options:
When Deploying Web Applications or EJBs
DeployPolicyIgnored
and
DeployRoleIgnored
attributes of RealmMBean
.Check Roles and Policies (FullyDelegateAuthorization)
Combined Role Mapping Enabled (CombinedRoleMappingEnabled)
isDeployPolicyIgnored()
,
isDeployRoleIgnored()
,
isFullyDelegateAuthorization()
,
isCombinedRoleMappingEnabled()
public UserLockoutManagerMBean getUserLockoutManager()
public boolean isCombinedRoleMappingEnabled()
Determines how the role mappings in the Enterprise Application, Web application, and EJB containers interact. This setting is valid only for Web applications and EJBs that use the Advanced security model and that initialize roles from deployment descriptors.
When enabled:
OR
operator.web.xml
file
specifies a role for which no mapping exists in the
weblogic.xml
file, the Web application container
creates an empty map for the undefined role (that is, the role is
explicitly defined as containing no principal). Therefore, no one
can access URL patterns that are secured by such policies.ejb-jar.xml
file
specifies a role for which no mapping exists in the
weblogic-ejb-jar.xml
file, the EJB container creates an
empty map for the undefined role (that is, the role is explicitly
defined as containing no principal). Therefore, no one can access
methods that are secured by such policies.When disabled:
<externally-defined>
descriptor element.web.xml
file
specifies a role for which no role mapping exists in the
weblogic.xml
file, the Web application container
assumes that the undefined role is the name of a principal. It
therefore maps the assumed principal to the role name. For example,
if the web.xml
file contains the following stanza in
one of its policies:<auth-constraint>
<role-name>PrivilegedUser</role-name>
</auth-constraint>
weblogic.xml
file has no role mapping for
PrivilegedUser
, then the Web application container
creates an in-memory mapping that is equivalent to the following
stanza:<security-role-assignment>
<role-name>PrivilegedUser</role-name>
<principal-name>PrivilegedUser</principal-name>
</security-role-assignment>
weblogic-ejb-jar.xml
file. Role mappings defined in the
other containers are not used unless defined by the
<externally-defined>
descriptor element.
public boolean isDefaultRealm()
SecurityConfigurationMBean.getDefaultRealm()
weblogic.management.configuration.SecurityConfigurationMBean.getDefaultRealm
.
public boolean isDeployCredentialMappingIgnored()
public boolean isDeployPolicyIgnored()
public boolean isDeployRoleIgnored()
public boolean isEnableWebLogicPrincipalValidatorCache()
The Principal Validator is used by BEA supplied authentication providers and may be used by custom authentication providers. If enabled, the default principal validator will cache WebLogic Principal signatures.
public boolean isFullyDelegateAuthorization()
If false the containers are free to only call the security framework when security is set in the deployment descriptors.
public boolean isValidateDDSecurityData()
public AuditorMBean lookupAuditor(String name)
public AuthenticationProviderMBean lookupAuthenticationProvider(String name)
public AuthorizerMBean lookupAuthorizer(String name)
public CertPathProviderMBean lookupCertPathProvider(String name)
public CredentialMapperMBean lookupCredentialMapper(String name)
public KeyStoreMBean lookupKeyStore(String name)
public RoleMapperMBean lookupRoleMapper(String name)
public void setAuditors(AuditorMBean[] auditors) throws InvalidAttributeValueException
auditors
- - The new invocation order for this security realm's
Auditing providers. It should contain exactly the same Auditing providers
that getAuditors()
returns, except in a different order.
Note: For the purpose of backward compatibility with previous releases of WebLogic Server,
auditors
may also contain Auditing providers that do
not already belong to this security realm and are not contained by another
security realm. In this circumstance, these Auditing providers will be moved to this
security realm. Similarly, auditors
can be missing
some of this security realm's current Auditing providers. All
missing Auditing providers will be removed from this security realm.
These behaviors are deprecated in this release of WebLogic Server and will be removed in
a future release.
InvalidAttributeValueException
public void setAuthenticationProviders(AuthenticationProviderMBean[] authenticationProviders) throws InvalidAttributeValueException
authenticationProviders
- - The new invocation order for this security realm's
Authentication providers. It should contain exactly the same Authentication providers
that getAuthenticationProviders()
returns, except in a different order.
Note: For the purpose of backward compatibility with previous releases of WebLogic Server,
authenticationProviders
may also contain Authentication providers that do
not already belong to this security realm and are not contained by another
security realm. In this circumstance, these Authentication providers will be moved to this
security realm. Similarly, authenticationProviders
can be missing
some of this security realm's current Authentication providers. All
missing Authentication providers will be removed from this security realm.
These behaviors are deprecated in this release of WebLogic Server and will be removed in
a future release.
InvalidAttributeValueException
public void setAuthorizers(AuthorizerMBean[] authorizers) throws InvalidAttributeValueException
authorizers
- - The new invocation order for this security realm's
Authorization providers. It should contain exactly the same Authorization providers
that getAuthorizers()
returns, except in a different order.
Note: For the purpose of backward compatibility with previous releases of WebLogic Server,
authorizers
may also contain Authorization providers that do
not already belong to this security realm and are not contained by another
security realm. In this circumstance, these Authorization providers will be moved to this
security realm. Similarly, authorizers
can be missing
some of this security realm's current Authorization providers. All
missing Authorization providers will be removed from this security realm.
These behaviors are deprecated in this release of WebLogic Server and will be removed in
a future release.
InvalidAttributeValueException
public void setCertPathBuilder(CertPathBuilderMBean certPathBuilder) throws InvalidAttributeValueException
CertPathProviders
will be used
by the security system to build certification paths. The provider must implement
weblogic.management.security.pk.CertPathBuilder
.
certPathBuilder
- - The new CertPath Builder for this security realm.
If null, this security realm will have no configured CertPathBuilder
.
InvalidAttributeValueException
getCertPathBuilder()
public void setCertPathProviders(CertPathProviderMBean[] certPathProviders) throws InvalidAttributeValueException
certPathProviders
- - The new invocation order for this security realm's
Certification Path providers. It should contain exactly the same Certification Path providers
that getCertPathProviders()
returns, except in a different order.
InvalidAttributeValueException
public void setCombinedRoleMappingEnabled(boolean combined) throws InvalidAttributeValueException
If false the containers need enternally defined mappings to use application role mappings.
combined
- - the new combined role mapping value.
InvalidAttributeValueException
isCombinedRoleMappingEnabled()
public void setCredentialMappers(CredentialMapperMBean[] credentialMappers) throws InvalidAttributeValueException
credentialMappers
- - The new invocation order for this security realm's
Credential Mapping providers. It should contain exactly the same Credential Mapping providers
that getCredentialMappers()
returns, except in a different order.
Note: For the purpose of backward compatibility with previous releases of WebLogic Server,
credentialMappers
may also contain Credential Mapping providers that do
not already belong to this security realm and are not contained by another
security realm. In this circumstance, these Credential Mapping providers will be moved to this
security realm. Similarly, credentialMappers
can be missing
some of this security realm's current Credential Mapping providers. All
missing Credential Mapping providers will be removed from this security realm.
These behaviors are deprecated in this release of WebLogic Server and will be removed in
a future release.
InvalidAttributeValueException
public void setDefaultRealm(boolean isDefault) throws InvalidAttributeValueException
SecurityConfigurationMBean.setDefaultRealm(weblogic.management.security.RealmMBean)
weblogic.management.configuration.SecurityConfigurationMBean.setDefautlRealm
.
isDefault
- - whether or not this security realm is the Default realm
for the WebLogic domain.
InvalidAttributeValueException
public void setDelegateMBeanAuthorization(boolean deleteMBeanAuthorization) throws InvalidAttributeValueException
InvalidAttributeValueException
isDelegateMBeanAuthorization()
public void setDeployCredentialMappingIgnored(boolean ignored) throws InvalidAttributeValueException
ignored
- - the new deploy credential mapping ignored value.
InvalidAttributeValueException
isDeployCredentialMappingIgnored()
public void setDeployPolicyIgnored(boolean ignored) throws InvalidAttributeValueException
ignored
- - the new deploy policy ignored value
InvalidAttributeValueException
isDeployPolicyIgnored()
public void setDeployRoleIgnored(boolean ignored) throws InvalidAttributeValueException
ignored
- - the new deploy role ignored value
InvalidAttributeValueException
isDeployRoleIgnored()
public void setEnableWebLogicPrincipalValidatorCache(boolean enabled) throws InvalidAttributeValueException
enabled
- - the new enable weblogic principal validator cache value.
InvalidAttributeValueException
isEnableWebLogicPrincipalValidatorCache()
public void setFullyDelegateAuthorization(boolean fullyDelegate) throws InvalidAttributeValueException
fullyDelegate
- - the new fully delegate authorization value.
InvalidAttributeValueException
isFullyDelegateAuthorization()
public void setKeyStores(KeyStoreMBean[] keystores) throws InvalidAttributeValueException
keystores
- - The new invocation order for this security realm's
KeyStore providers. It should contain exactly the same KeyStore providers
that getKeyStores()
returns, except in a different order.
Note: For the purpose of backward compatibility with previous releases of WebLogic Server,
keystores
may also contain KeyStore providers that do
not already belong to this security realm and are not contained by another
security realm. In this circumstance, these KeyStore providers will be moved to this
security realm. Similarly, keystores
can be missing
some of this security realm's current KeyStore providers. All
missing KeyStore providers will be removed from this security realm.
These behaviors are deprecated in this release of WebLogic Server and will be removed in
a future release.
InvalidAttributeValueException
public void setMaxWebLogicPrincipalsInCache(Integer size) throws InvalidAttributeValueException
size
- - the new weblogic principals maximum cache size
InvalidAttributeValueException
getMaxWebLogicPrincipalsInCache()
public void setRoleMappers(RoleMapperMBean[] roleMappers) throws InvalidAttributeValueException
roleMappers
- - The new invocation order for this security realm's
Role Mapping providers. It should contain exactly the same Role Mapping providers
that getRoleMappers()
returns, except in a different order.
Note: For the purpose of backward compatibility with previous releases of WebLogic Server,
roleMappers
may also contain Role Mapping providers that do
not already belong to this security realm and are not contained by another
security realm. In this circumstance, these Role Mapping providers will be moved to this
security realm. Similarly, roleMappers
can be missing
some of this security realm's current Role Mapping providers. All
missing Role Mapping providers will be removed from this security realm.
These behaviors are deprecated in this release of WebLogic Server and will be removed in
a future release.
InvalidAttributeValueException
public void setSecurityDDModel(String model) throws InvalidAttributeValueException
model
- - the new default security deployment model.
InvalidAttributeValueException
getSecurityDDModel()
public void setValidateDDSecurityData(boolean validate) throws InvalidAttributeValueException
validate
- - the new validate deployment descriptor security data value.
InvalidAttributeValueException
isValidateDDSecurityData()
public void validate() throws ErrorCollectionException
ErrorCollectionException
- if this security realm is not valid.
The exception contains a list of ,
one for each reason this security realm is not valid. The text
of each exception describes the problem.
|
Documentation is available at http://download.oracle.com/docs/cd/E13222_01/wls/docs91 Copyright 2005 BEA Systems Inc. |
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |