LDAPX509IdentityAsserterMBean


Overview  |   Related MBeans  |   Attributes  |   Operations

Overview

The MBean that represents configuration atrributes for the WebLogic LDAP X509 Identity Assertion provider. The WebLogic LDAP X509 Identity Assertion provider supports certificate authentication.

   
Fully Qualified Interface NameIf you use the getMBeanInfo operation in MBeanTypeServiceMBean, supply the following value as this MBean's fully qualified interface name:
weblogic.security.providers.authentication.LDAPX509IdentityAsserterMBean
Factory Methods No factory methods. Instances of this MBean are created automatically.
Access Points Inherited from AuthenticationProviderMBean Because this MBean extends or implements AuthenticationProviderMBean, you can also access this MBean by retrieving AuthenticationProviderMBeans. The following attributes contain AuthenticationProviderMBeans and its subtypes:


    Related MBeans

    This section describes attributes that provide access to other MBeans.


      Realm

      Returns the realm that contains this security provider. Returns null if this security provider is not contained by a realm.

             
      Privileges Read only
      TypeRealmMBean
      Relationship type: Reference.


      Attributes

      This section describes the following attributes:


      ActiveTypes

      The token types that are currently active.

             
      Privileges Read/Write
      Typeclass java.lang.String[]
      Default Value X.509

      Base64DecodingRequired

      Returns whether the tokens that are passed to the Identity Assertion provider will be base64 decoded first. If false then the server will not base64 decode the token before passing it to the identity asserter. This defaults to true for backwards compatibility but most providers will probably want to set this to false.

             
      Privileges Read/Write
      Typeboolean
      Default Valuetrue

      BindAnonymouslyOnReferrals

      Returns whether to anonymously bind when following referrals within the LDAP directory. If set to false, then the current Principal and Credential will be used.

             
      Privileges Read/Write
      Typeboolean

      CacheEnabled

      Returns whether to cache LDAP requests with the LDAP server.

             
      Privileges Read/Write
      Typeboolean
      Default Valuetrue

      CacheSize

      Returns the size of the cache in K.

             
      Privileges Read/Write
      Typeint
      Default Value32
      Minimum value0

      CacheTTL

      Returns the time-to-live (TTL) of the cache in seconds.

             
      Privileges Read/Write
      Typeint
      Default Value60
      Minimum value0

      CertificateAttribute

      The name of the LDAP attribute representing the user's identity.

             
      Privileges Read/Write
      Typejava.lang.String
      Default ValueuserCertificate;binary

      CertificateMapping

      Mapping of certificate attributes to directory attributes.

             
      Privileges Read/Write
      Typejava.lang.String
      Default Valueou=people,ou=$subj.ou,o=$subj.o,c=$subj.c

      ConnectionPoolSize

      The LDAP connection pool size. Default is 6.

             
      Privileges Read/Write
      Typeint
      Default Value6

      ConnectionRetryLimit

      Specifies the number of times to attempt to connect to the LDAP server if the initial connection failed.

             
      Privileges Read/Write
      Typeint
      Default Value1

      ConnectTimeout

      Returns the maximum number of seconds to wait for the LDAP connection to be established. If set to 0, there is no maximum time limit.

             
      Privileges Read/Write
      Typeint
      Default Value0

      Credential

      The credential (generally a password) used to authenticate the LDAP user that is defined in the Principal attribute.

             
      Privileges Read/Write
      Typejava.lang.String
      Encryptedtrue

      CredentialEncrypted

             
      Privileges Read/Write
      Typebyte[]
      Encryptedtrue

      Description

      A short description of the WebLogic LDAP X509 Identity Assertion provider.

             
      Privileges Read only
      Typejava.lang.String
      Default ValueProvider that performs identity assertion for X.509 certificates
      Redeploy or Restart required Changes take effect after you redeploy the module or restart the server.

      FollowReferrals

      Returns whether referrals will automatically be followed within the LDAP Directory. If set to false, then a Referral exception will be thrown when referrals are encountered during LDAP requests.

             
      Privileges Read/Write
      Typeboolean
      Default Valuetrue

      Host

      Returns the host name or IP address of the LDAP server.

             
      Privileges Read/Write
      Typejava.lang.String
      Default Valuelocalhost

      Name

             
      Privileges Read only
      Typejava.lang.String
      Default ValueLDAPX509IdentityAsserter
      Redeploy or Restart required Changes take effect after you redeploy the module or restart the server.

      ParallelConnectDelay

      Returns the number of seconds to delay when making concurrent attempts to connect to multiple servers.

      If set to 0, connection attempts are serialized. An attempt is made to connect to the first server in the list. The next entry in the list is tried only if the attempt to connect to the current host fails. This might cause your application to block for unacceptably long time if a host is down. If set to greater than 0, another connection setup thread is started after this number of delay seconds has passed.

             
      Privileges Read/Write
      Typeint
      Default Value0

      Port

      Returns the port number on which the LDAP server is listening.

             
      Privileges Read/Write
      Typeint
      Default Value389
      Minimum value1
      Maximum value65534

      Principal

      Returns the Distinguished Name (DN) of the LDAP user that is used by WebLogic Server to connect to the LDAP server.

             
      Privileges Read/Write
      Typejava.lang.String

      ProviderClassName

      The name of the Java class used to load the WebLogic LDAP X509 Identity Assertion provider.

             
      Privileges Read only
      Typejava.lang.String
      Default Valueweblogic.security.providers.authentication.LDAPX509IdentityAsserterProviderImpl
      Redeploy or Restart required Changes take effect after you redeploy the module or restart the server.

      ResultsTimeLimit

      Returns the maximum number of milliseconds to wait for results before timing out. If set to 0, there is no maximum time limit.

             
      Privileges Read/Write
      Typeint
      Default Value0

      SSLEnabled

      Returns whether SSL will be used to connect to the LDAP server.

             
      Privileges Read/Write
      Typeboolean

      SupportedTypes

      The token types supported by the WebLogic LDAP X509 Identity Assertion provider.

             
      Privileges Read only
      Typeclass java.lang.String[]
      Default Value X.509
      Redeploy or Restart required Changes take effect after you redeploy the module or restart the server.

      UserFilterAttributes

      The name of the certificate attribute from the subject DN used to find the user in the directory.

             
      Privileges Read/Write
      Typeclass java.lang.String[]
      Default Value cn=$subj.cn

      UsernameAttribute

      The name of the LDAP attribute used to assert the user's identity.

             
      Privileges Read/Write
      Typejava.lang.String
      Default Valuecn

      Version

      The version number of the WebLogic LDAP X509 Identity Assertion provider.

             
      Privileges Read only
      Typejava.lang.String
      Default Value1.0
      Redeploy or Restart required Changes take effect after you redeploy the module or restart the server.


      Operations

      This section describes the following operations:


      isSet

      Returns true if the specified attribute has been set explicitly in this MBean instance.

         
      Operation Name"isSet"
      ParametersObject [] {  propertyName }

      where:

      • propertyName is an object of type java.lang.String that specifies:

        property to check

      SignatureString [] { "java.lang.String" }
      Returns boolean
      Exceptions
      • java.lang.IllegalArgumentException

      unSet

      Restore the given property to its default value.

         
      Operation Name"unSet"
      ParametersObject [] {  propertyName }

      where:

      • propertyName is an object of type java.lang.String that specifies:

        property to restore

      SignatureString [] { "java.lang.String" }
      Returns void
      Exceptions
      • java.lang.IllegalArgumentException
        UnsupportedOperationException if called on a runtime implementation.

      wls_getDisplayName

      Returns the display name of an MBean.

      Deprecated 9.0.0.0

         
      Operation Name"wls_getDisplayName"
      Parametersnull
      Signaturenull
      ReturnsString