weblogic.security.providers.authentication
Interface OracleVirtualDirectoryAuthenticatorMBean

All Superinterfaces:

AuthenticationProviderMBean, AuthenticatorMBean, GroupMemberListerMBean, GroupMembershipHierarchyCacheMBean, GroupReaderMBean, LDAPAuthenticatorMBean, LDAPServerMBean, ListerMBean, LoginExceptionPropagatorMBean, MemberGroupListerMBean, NameListerMBean, ProviderMBean, UserPasswordEditorMBean, UserReaderMBean

public interface OracleVirtualDirectoryAuthenticatorMBean
extends LDAPAuthenticatorMBean

This MBean specifies the LDAP schema definitions for the Oracle Virtual Directory Authentication provider.

Deprecation of MBeanHome and Type-Safe Interfaces

This is a type-safe interface for a WebLogic Server MBean, which you can import into your client classes and access through weblogic.management.MBeanHome. As of 9.0, the MBeanHome interface and all type-safe interfaces for WebLogic Server MBeans are deprecated. Instead, client classes that interact with WebLogic Server MBeans should use standard JMX design patterns in which clients use the javax.management.MBeanServerConnection interface to discover MBeans, attributes, and attribute types at runtime.

Method Summary

String	getAllGroupsFilter() An LDAP search filter for finding all groups beneath the base group distinguished name (DN).
String	getAllUsersFilter() An LDAP search filter for finding all users beneath the base user distinguished name (DN).
String	getDynamicGroupNameAttribute() The attribute of a dynamic LDAP group object that specifies the name of the group.
String	getDynamicGroupObjectClass() The LDAP object class that stores dynamic groups.
String	getDynamicMemberURLAttribute() The attribute of the dynamic LDAP group object that specifies the URLs of the members of the dynamic group.
String	getGroupFromNameFilter() An LDAP search filter for finding a group given the name of the group.
String	getGuidAttribute() Specifies the name of the GUID attribute defined in the Oracle Virtual Directory LDAP server.
String	getName() The name of this configuration.
String	getUserFromNameFilter() An LDAP search filter for finding a user given the name of the user.
String	getUserNameAttribute() No description provided.
void	setAllGroupsFilter(String newValue) An LDAP search filter for finding all groups beneath the base group distinguished name (DN).
void	setAllUsersFilter(String newValue) An LDAP search filter for finding all users beneath the base user distinguished name (DN).
void	setDynamicGroupNameAttribute(String newValue) The attribute of a dynamic LDAP group object that specifies the name of the group.
void	setDynamicGroupObjectClass(String newValue) The LDAP object class that stores dynamic groups.
void	setDynamicMemberURLAttribute(String newValue) The attribute of the dynamic LDAP group object that specifies the URLs of the members of the dynamic group.
void	setGroupFromNameFilter(String newValue) An LDAP search filter for finding a group given the name of the group.
void	setGuidAttribute(String newValue) Specifies the name of the GUID attribute defined in the Oracle Virtual Directory LDAP server.
void	setUserFromNameFilter(String newValue) An LDAP search filter for finding a user given the name of the user.
void	setUserNameAttribute(String newValue) No description provided.

Methods inherited from interface weblogic.security.providers.authentication.LDAPAuthenticatorMBean

getCredential, getCredentialEncrypted, getDescription, getEnableGroupMembershipLookupHierarchyCaching, getGroupBaseDN, getGroupMembershipSearching, getGroupSearchScope, getIgnoreDuplicateMembership, getMaxGroupMembershipSearchLevel, getProviderClassName, getStaticGroupDNsfromMemberDNFilter, getStaticGroupNameAttribute, getStaticGroupObjectClass, getStaticMemberDNAttribute, getUserBaseDN, getUserDynamicGroupDNAttribute, getUseRetrievedUserNameAsPrincipal, getUserObjectClass, getUserSearchScope, getVersion, isKeepAliveEnabled, setCredential, setCredentialEncrypted, setEnableGroupMembershipLookupHierarchyCaching, setGroupBaseDN, setGroupMembershipSearching, setGroupSearchScope, setIgnoreDuplicateMembership, setKeepAliveEnabled, setMaxGroupMembershipSearchLevel, setStaticGroupDNsfromMemberDNFilter, setStaticGroupNameAttribute, setStaticGroupObjectClass, setStaticMemberDNAttribute, setUserBaseDN, setUserDynamicGroupDNAttribute, setUseRetrievedUserNameAsPrincipal, setUserObjectClass, setUserSearchScope

Methods inherited from interface weblogic.security.providers.authentication.LoginExceptionPropagatorMBean

getPropagateCauseForLoginException, setPropagateCauseForLoginException

Methods inherited from interface weblogic.management.security.authentication.AuthenticatorMBean

getControlFlag, setControlFlag

Methods inherited from interface weblogic.management.security.ProviderMBean

getRealm

Methods inherited from interface weblogic.management.utils.LDAPServerMBean

getCacheSize, getCacheTTL, getConnectionPoolSize, getConnectionRetryLimit, getConnectTimeout, getHost, getParallelConnectDelay, getPort, getPrincipal, getResultsTimeLimit, isBindAnonymouslyOnReferrals, isCacheEnabled, isFollowReferrals, isSSLEnabled, setBindAnonymouslyOnReferrals, setCacheEnabled, setCacheSize, setCacheTTL, setConnectionPoolSize, setConnectionRetryLimit, setConnectTimeout, setFollowReferrals, setHost, setParallelConnectDelay, setPort, setPrincipal, setResultsTimeLimit, setSSLEnabled

Methods inherited from interface weblogic.management.security.authentication.UserReaderMBean

getUserDescription, listUsers, userExists

Methods inherited from interface weblogic.management.utils.NameListerMBean

getCurrentName

Methods inherited from interface weblogic.management.utils.ListerMBean

advance, close, haveCurrent

Methods inherited from interface weblogic.management.security.authentication.GroupReaderMBean

getGroupDescription, groupExists, isMember, listGroups

Methods inherited from interface weblogic.management.utils.NameListerMBean

getCurrentName

Methods inherited from interface weblogic.management.utils.ListerMBean

advance, close, haveCurrent

Methods inherited from interface weblogic.management.security.authentication.GroupMemberListerMBean

listGroupMembers

Methods inherited from interface weblogic.management.security.authentication.GroupReaderMBean

getGroupDescription, groupExists, isMember, listGroups

Methods inherited from interface weblogic.management.utils.NameListerMBean

getCurrentName

Methods inherited from interface weblogic.management.utils.ListerMBean

advance, close, haveCurrent

Methods inherited from interface weblogic.management.security.authentication.MemberGroupListerMBean

listMemberGroups

Methods inherited from interface weblogic.management.security.authentication.GroupReaderMBean

getGroupDescription, groupExists, isMember, listGroups

Methods inherited from interface weblogic.management.utils.NameListerMBean

getCurrentName

Methods inherited from interface weblogic.management.utils.ListerMBean

advance, close, haveCurrent

Methods inherited from interface weblogic.management.security.authentication.UserPasswordEditorMBean

changeUserPassword, resetUserPassword

Methods inherited from interface weblogic.management.security.authentication.GroupMembershipHierarchyCacheMBean

getGroupHierarchyCacheTTL, getMaxGroupHierarchiesInCache, setGroupHierarchyCacheTTL, setMaxGroupHierarchiesInCache

Method Detail

getUserNameAttribute

String getUserNameAttribute()

No description provided.

Specified by:

getUserNameAttribute in interface LDAPAuthenticatorMBean

Default Value:

"cn"

setUserNameAttribute

void setUserNameAttribute(String newValue)
                          throws InvalidAttributeValueException

No description provided.

Specified by:

setUserNameAttribute in interface LDAPAuthenticatorMBean

Parameters:

newValue - - new value for attribute UserNameAttribute

Throws:

InvalidAttributeValueException

Default Value:

"cn"

getAllUsersFilter

String getAllUsersFilter()

An LDAP search filter for finding all users beneath the base user distinguished name (DN). Note: If you change the user name attribute to a type other than cn, you must duplicate that change in the UserFromNameFilter and UserNameAttribute attributes.

For example, to change the user name attribute to uid, specify (uid=*) in the search filter. If the attribute is not specified (that is, if the attribute is null or empty), a default search filter is created based on the user schema.

Specified by:

getAllUsersFilter in interface LDAPAuthenticatorMBean

Default Value:

"(&(cn=*)(objectclass=person))"

setAllUsersFilter

void setAllUsersFilter(String newValue)
                       throws InvalidAttributeValueException

An LDAP search filter for finding all users beneath the base user distinguished name (DN). Note: If you change the user name attribute to a type other than cn, you must duplicate that change in the UserFromNameFilter and UserNameAttribute attributes.

For example, to change the user name attribute to uid, specify (uid=*) in the search filter. If the attribute is not specified (that is, if the attribute is null or empty), a default search filter is created based on the user schema.

Specified by:

setAllUsersFilter in interface LDAPAuthenticatorMBean

Parameters:

newValue - - new value for attribute AllUsersFilter

Throws:

InvalidAttributeValueException

Default Value:

"(&(cn=*)(objectclass=person))"

getUserFromNameFilter

String getUserFromNameFilter()

An LDAP search filter for finding a user given the name of the user. The user name attribute type specified in this filter must match the one specified in the AllUsersFilter and UserNameAttribute attributes.

For example, if the user name attribute is changed from type cn to uid, revise (cn=%u) to (uid=%u).

If the attribute (user name attribute and user object class) is not specified (that is, if the attribute is null or empty), a default search filter is created based on the user schema.

Specified by:

getUserFromNameFilter in interface LDAPAuthenticatorMBean

Default Value:

"(&(cn=%u)(objectclass=person))"

setUserFromNameFilter

void setUserFromNameFilter(String newValue)
                           throws InvalidAttributeValueException

An LDAP search filter for finding a user given the name of the user. The user name attribute type specified in this filter must match the one specified in the AllUsersFilter and UserNameAttribute attributes.

For example, if the user name attribute is changed from type cn to uid, revise (cn=%u) to (uid=%u).

If the attribute (user name attribute and user object class) is not specified (that is, if the attribute is null or empty), a default search filter is created based on the user schema.

Specified by:

setUserFromNameFilter in interface LDAPAuthenticatorMBean

Parameters:

newValue - - new value for attribute UserFromNameFilter

Throws:

InvalidAttributeValueException

Default Value:

"(&(cn=%u)(objectclass=person))"

getAllGroupsFilter

String getAllGroupsFilter()

An LDAP search filter for finding all groups beneath the base group distinguished name (DN). Note the following:

• The static group object class should be modified, as necessary, based on the settings for the StaticGroupObjectClass and StaticMemberDNAttribute attributes.
  
  For example, if the setting for the StaticGroupObjectClass is set to groupofnames, the objectclass element in the search filter should be set to groupofnames.
• If the name attribute type of a static group object or dynamic group object is changed, this search filter must be revised accordingly. For example, if the group name in the StaticGroupNameAttribute attribute is changed from type cn to uid, this filter should also specify (uid=*) as the group name type.
• If the attribute is not specified (that is, if the attribute is null or empty), a default search filter is created based on the Group schema.

Specified by:

getAllGroupsFilter in interface LDAPAuthenticatorMBean

Default Value:

"(&(cn=*)(|(objectclass=groupofUniqueNames)(objectclass=groupofurls)))"

setAllGroupsFilter

void setAllGroupsFilter(String newValue)
                        throws InvalidAttributeValueException

An LDAP search filter for finding all groups beneath the base group distinguished name (DN). Note the following:

• The static group object class should be modified, as necessary, based on the settings for the StaticGroupObjectClass and StaticMemberDNAttribute attributes.
  
  For example, if the setting for the StaticGroupObjectClass is set to groupofnames, the objectclass element in the search filter should be set to groupofnames.
• If the name attribute type of a static group object or dynamic group object is changed, this search filter must be revised accordingly. For example, if the group name in the StaticGroupNameAttribute attribute is changed from type cn to uid, this filter should also specify (uid=*) as the group name type.
• If the attribute is not specified (that is, if the attribute is null or empty), a default search filter is created based on the Group schema.

Specified by:

setAllGroupsFilter in interface LDAPAuthenticatorMBean

Parameters:

newValue - - new value for attribute AllGroupsFilter

Throws:

InvalidAttributeValueException

Default Value:

"(&(cn=*)(|(objectclass=groupofUniqueNames)(objectclass=groupofurls)))"

getGroupFromNameFilter

String getGroupFromNameFilter()

An LDAP search filter for finding a group given the name of the group. Note the following:

• The static group object class should be modified, as necessary, based on the settings for the StaticGroupObjectClass and StaticMemberDNAttribute attributes.
  
  For example, if the setting for the StaticGroupObjectClass is set to groupofnames, the objectclass element in the search filter should be set to groupofnames.
• If the name attribute type of a static group object or dynamic group object is changed, this filter must be revised accordingly. For example, if the group name in the DynamicGroupNameAttribute attribute is changed from type cn to uid, this filter should also specify (uid=*) as the group name type.
• If this attribute is not specified (that is, if the attribute is null or empty), a default search filter is created based on the group schema.

Specified by:

getGroupFromNameFilter in interface LDAPAuthenticatorMBean

Default Value:

"(|(&(cn=%g)(objectclass=groupofUniqueNames))(&(cn=%g)(objectclass=groupofurls)))"

setGroupFromNameFilter

void setGroupFromNameFilter(String newValue)
                            throws InvalidAttributeValueException

An LDAP search filter for finding a group given the name of the group. Note the following:

• The static group object class should be modified, as necessary, based on the settings for the StaticGroupObjectClass and StaticMemberDNAttribute attributes.
  
  For example, if the setting for the StaticGroupObjectClass is set to groupofnames, the objectclass element in the search filter should be set to groupofnames.
• If the name attribute type of a static group object or dynamic group object is changed, this filter must be revised accordingly. For example, if the group name in the DynamicGroupNameAttribute attribute is changed from type cn to uid, this filter should also specify (uid=*) as the group name type.
• If this attribute is not specified (that is, if the attribute is null or empty), a default search filter is created based on the group schema.

Specified by:

setGroupFromNameFilter in interface LDAPAuthenticatorMBean

Parameters:

newValue - - new value for attribute GroupFromNameFilter

Throws:

InvalidAttributeValueException

Default Value:

"(|(&(cn=%g)(objectclass=groupofUniqueNames))(&(cn=%g)(objectclass=groupofurls)))"

getDynamicGroupNameAttribute

String getDynamicGroupNameAttribute()

The attribute of a dynamic LDAP group object that specifies the name of the group. If the name attribute type of the dynamic LDAP group object is changed -- for example, from cn to uid -- this change must be duplicated in the AllGroupsFilter and GroupFromNameFilter attributes.

Specified by:

getDynamicGroupNameAttribute in interface LDAPAuthenticatorMBean

Default Value:

"cn"

setDynamicGroupNameAttribute

void setDynamicGroupNameAttribute(String newValue)
                                  throws InvalidAttributeValueException

The attribute of a dynamic LDAP group object that specifies the name of the group. If the name attribute type of the dynamic LDAP group object is changed -- for example, from cn to uid -- this change must be duplicated in the AllGroupsFilter and GroupFromNameFilter attributes.

Specified by:

setDynamicGroupNameAttribute in interface LDAPAuthenticatorMBean

Parameters:

newValue - - new value for attribute DynamicGroupNameAttribute

Throws:

InvalidAttributeValueException

Default Value:

"cn"

getDynamicGroupObjectClass

String getDynamicGroupObjectClass()

The LDAP object class that stores dynamic groups.

Specified by:

getDynamicGroupObjectClass in interface LDAPAuthenticatorMBean

Default Value:

"groupofurls"

setDynamicGroupObjectClass

void setDynamicGroupObjectClass(String newValue)
                                throws InvalidAttributeValueException

The LDAP object class that stores dynamic groups.

Specified by:

setDynamicGroupObjectClass in interface LDAPAuthenticatorMBean

Parameters:

newValue - - new value for attribute DynamicGroupObjectClass

Throws:

InvalidAttributeValueException

Default Value:

"groupofurls"

getDynamicMemberURLAttribute

String getDynamicMemberURLAttribute()

The attribute of the dynamic LDAP group object that specifies the URLs of the members of the dynamic group.

Specified by:

getDynamicMemberURLAttribute in interface LDAPAuthenticatorMBean

Default Value:

"memberurl"

setDynamicMemberURLAttribute

void setDynamicMemberURLAttribute(String newValue)
                                  throws InvalidAttributeValueException

The attribute of the dynamic LDAP group object that specifies the URLs of the members of the dynamic group.

Specified by:

setDynamicMemberURLAttribute in interface LDAPAuthenticatorMBean

Parameters:

newValue - - new value for attribute DynamicMemberURLAttribute

Throws:

InvalidAttributeValueException

Default Value:

"memberurl"

getGuidAttribute

String getGuidAttribute()

Specifies the name of the GUID attribute defined in the Oracle Virtual Directory LDAP server. The default value is orclguid.

Specified by:

getGuidAttribute in interface LDAPAuthenticatorMBean

Default Value:

"orclguid"

setGuidAttribute

void setGuidAttribute(String newValue)
                      throws InvalidAttributeValueException

Specifies the name of the GUID attribute defined in the Oracle Virtual Directory LDAP server. The default value is orclguid.

Specified by:

setGuidAttribute in interface LDAPAuthenticatorMBean

Parameters:

newValue - - new value for attribute GuidAttribute

Throws:

InvalidAttributeValueException

Default Value:

"orclguid"

getName

String getName()

Description copied from interface: ProviderMBean

The name of this configuration. WebLogic Server uses an MBean to implement and persist the configuration.

Specified by:

getName in interface LDAPAuthenticatorMBean

Specified by:

getName in interface LoginExceptionPropagatorMBean

Specified by:

getName in interface ProviderMBean

Default Value:

"OracleVirtualDirectoryAuthenticator"