This MBean contains configuration information for the SQL Authentication Provider.
Fully Qualified Interface Name | If you use the getMBeanInfo operation in MBeanTypeServiceMBean, supply the following value as this MBean's fully qualified interface name:weblogic.security.providers.authentication.SQLAuthenticatorMBean
|
||
Factory Methods | No factory methods. Instances of this MBean are created automatically. | ||
Access Points Inherited from AuthenticationProviderMBean |
Because this MBean extends or implements AuthenticationProviderMBean, you can also access this MBean by retrieving AuthenticationProviderMBeans. The following attributes contain AuthenticationProviderMBeans and its subtypes:
|
This section describes attributes that provide access to other MBeans.
|
Returns the realm that contains this security provider. Returns null if this security provider is not contained by a realm.
Privileges | Read only |
Type | RealmMBean |
Relationship type: | Reference. |
This section describes the following attributes:
Returns how the login sequence uses the Authentication provider.
A REQUIRED
value specifies this LoginModule must
succeed. Even if it fails, authentication proceeds down the list of
LoginModules for the configured Authentication providers. This
setting is the default.
A REQUISITE
value specifies this LoginModule must
succeed. If other Authentication providers are configured and this
LoginModule succeeds, authentication proceeds down the list of
LoginModules. Otherwise, control is return to the application.
A SUFFICIENT
value specifies this LoginModule need
not succeed. If it does succeed, return control to the application.
If it fails and other Authentication providers are configured,
authentication proceeds down the LoginModule list.
An OPTIONAL
value specifies this LoginModule need
not succeed. Whether it succeeds or fails, authentication proceeds
down the LoginModule list.
Privileges | Read/Write |
Type | java.lang.String |
Default Value | REQUIRED |
Legal Values |
|
The name of the JDBC data source used for database access.
Privileges | Read/Write |
Type | java.lang.String |
A short description of the DBMS Authentication provider.
Privileges | Read only |
Type | java.lang.String |
Default Value | Provider that performs DBMS authentication |
Redeploy or Restart required | Changes take effect after you redeploy the module or restart the server. |
Indicates whether user and group descriptions are supported by the database used by the authentication provider.
Privileges | Read/Write |
Type | boolean |
Default Value | true |
Returns whether group membership hierarchies found during recursive membership lookup will be cached. If true, each subtree found will be cached.
Privileges | Read/Write |
Type | java.lang.Boolean |
Returns the maximum number of seconds a group membership hierarchy entry is valid in the LRU cache.
Privileges | Read/Write |
Type | java.lang.Integer |
Default Value | 60 |
Specifies whether recursive group membership searching is
unlimited or limited. Valid values are unlimited
and
limited
.
Privileges | Read/Write |
Type | java.lang.String |
Default Value | unlimited |
Legal Values |
|
Returns the name of the identity domain.
Privileges | Read/Write |
Type | java.lang.String |
Returns the maximum size of the LRU cache for holding group membership hierarchies if caching is enabled.
Privileges | Read/Write |
Type | java.lang.Integer |
Default Value | 100 |
This specifies how many levels of group membership can be
searched. This setting is valid only if Group Membership Searching
is set to limited
. Valid values are 0 and positive
integers. For example, 0 indicates only direct group memberships
will be found, a positive number indicates the number of levels to
go down.
Privileges | Read/Write |
Type | java.lang.Integer |
Default Value | 0 |
Privileges | Read only |
Type | java.lang.String |
Default Value | SQLAuthenticator |
Redeploy or Restart required | Changes take effect after you redeploy the module or restart the server. |
The message digest algorithm used to hash passwords for storage. The name is a standard algorithm name and must be recognized by a Java Cryptography Extension (JCE) provider that is available at runtime.
The Java Cryptography Architecture (JCA) defines the standard algorithm specifications, described at http://java.sun.com/javase/6/docs/technotes/guides/security/StandardNames.html#algspec.
Privileges | Read/Write |
Type | java.lang.String |
Default Value | SHA-1 |
Indicates the password style that is used when storing passwords for users that are created and for changing the user's password if Password Style Retained is disabled.
Privileges | Read/Write |
Type | java.lang.String |
Default Value | SALTEDHASHED |
Legal Values |
|
Controls how a password is stored in the database when updating an existing user's password.
True indicates the password style and algorithm that were used for the original password in the database should be used for the new password. This setting is the default.
False indicates the settings for Password Algorithm and Password Style will be used for the new password.
Privileges | Read/Write |
Type | boolean |
Default Value | true |
Indicates whether plaintext passwords are allowed to be used.
Privileges | Read/Write |
Type | boolean |
The name of the Java class for the SQL Authentication provider.
Privileges | Read only |
Type | java.lang.String |
Default Value | weblogic.security.providers.authentication.DBMSSQLAuthenticationProviderImpl |
Redeploy or Restart required | Changes take effect after you redeploy the module or restart the server. |
The SQL statement used to add a specific member to a group. The SQL statement requires two parameters: the group name and the group member being added.
Privileges | Read/Write |
Type | java.lang.String |
Default Value | INSERT INTO GROUPMEMBERS VALUES( ?, ?) |
The SQL statement used to create a new group. The SQL statement requirements depend on the value of Descriptions Supported. There is a minimum of one parameter, the group name. If Descriptions Supported is true, the group's description is required. The default SQL is based on the default setting of Descriptions Supported. The setting of Create Group must be updated manually if the setting of Descriptions Supported changes.
Privileges | Read/Write |
Type | java.lang.String |
Default Value | INSERT INTO GROUPS VALUES ( ? , ? ) |
The SQL statement used to create a new user record. The SQL statement requirements depend on the value of Descriptions Supported. There is a minimum of two parameters: a username and its associated password. If Descriptions Supported is true, the user's description is required. The default SQL is based on the default setting of Descriptions Supported. The setting of Create User must be updated manually if the setting of Descriptions Supported changes.
Privileges | Read/Write |
Type | java.lang.String |
Default Value | INSERT INTO USERS VALUES ( ? , ? , ? ) |
The SQL statement used to retrieve the description of a group. Only valid if Descriptions Supported is enabled. The SQL statement requires a single parameter for the group name and must return a resultSet containing at most a single record containing the group description.
Privileges | Read/Write |
Type | java.lang.String |
Default Value | SELECT G_DESCRIPTION FROM GROUPS WHERE G_NAME = ? |
The SQL statement used to retrieve the description of a specific user. Only valid if Descriptions Supported is enabled. The SQL statement requires a single parameter for the username and must return a resultSet containing at most a single record containing the user description.
Privileges | Read/Write |
Type | java.lang.String |
Default Value | SELECT U_DESCRIPTION FROM USERS WHERE U_NAME = ? |
The SQL statement used to look up a user's password. The SQL statement requires a single parameter for the username and must return a resultSet containing at most a single record containing the password.
Privileges | Read/Write |
Type | java.lang.String |
Default Value | SELECT U_PASSWORD FROM USERS WHERE U_NAME = ? |
The SQL statement used to look up a group. The SQL statement requires a single parameter for the group name and must return a resultSet containing at most a single record containing the group
Privileges | Read/Write |
Type | java.lang.String |
Default Value | SELECT G_NAME FROM GROUPS WHERE G_NAME = ? |
The SQL statement used to look up members of a group. The SQL statement requires two parameters: a group name and a member or group name. It must return a resultSet containing the group names that matched
Privileges | Read/Write |
Type | java.lang.String |
Default Value | SELECT G_MEMBER FROM GROUPMEMBERS WHERE G_NAME = ? AND G_MEMBER = ? |
The SQL statement used to list groups that have a group name with a list of wildcarded member names. The SQL statement requires two parameters: the group name and the wildcarded member name.
Privileges | Read/Write |
Type | java.lang.String |
Default Value | SELECT G_MEMBER FROM GROUPMEMBERS WHERE G_NAME = ? AND G_MEMBER LIKE ? |
The SQL statement used to retrieve group names that match a wildcard The SQL statement requires a single parameter for the wildcarded group name and return a resultSet containing matching group names
Privileges | Read/Write |
Type | java.lang.String |
Default Value | SELECT G_NAME FROM GROUPS WHERE G_NAME LIKE ? |
The SQL statement used to look up the groups a user or group is a member of. The SQL statement requires a single parameter for the username or group name and returns a resultSet containing the names of the groups that matched.
Privileges | Read/Write |
Type | java.lang.String |
Default Value | SELECT G_NAME FROM GROUPMEMBERS WHERE G_MEMBER = ? |
The SQL statement used to retrieve users that match a particular wildcard search The SQL statement requires a single parameter for the wildcarded usernames and returns a resultSet containing matching usernames
Privileges | Read/Write |
Type | java.lang.String |
Default Value | SELECT U_NAME FROM USERS WHERE U_NAME LIKE ? |
The SQL statement used to remove a member from a group. The SQL statement requires a single parameter: the group name being removed.
Privileges | Read/Write |
Type | java.lang.String |
Default Value | DELETE FROM GROUPS WHERE G_NAME = ? |
The SQL statement used to remove a member from a group. The SQL statement requires a single parameter: the username or group name being removed.
Privileges | Read/Write |
Type | java.lang.String |
Default Value | DELETE FROM GROUPMEMBERS WHERE G_NAME = ? |
The SQL statement used to delete a group member (either a user or group) from all groups to which it belongs. The SQL statement requires 2 parameters. Both parameters refer to the specific username or group name being removed.
Privileges | Read/Write |
Type | java.lang.String |
Default Value | DELETE FROM GROUPMEMBERS WHERE G_MEMBER = ? OR G_NAME = ? |
The SQL statement used to remove a member from a group. The SQL statement requires two parameters: the group name and the group member being deleted from the group.
Privileges | Read/Write |
Type | java.lang.String |
Default Value | DELETE FROM GROUPMEMBERS WHERE G_NAME = ? AND G_MEMBER = ? |
The SQL statement used for deleting a user. The SQL statement requires a single parameter, the username.
Privileges | Read/Write |
Type | java.lang.String |
Default Value | DELETE FROM USERS WHERE U_NAME = ? |
The SQL statement used to specify a description for a group. Only valid if Descriptions Supported attribute is enabled. The SQL statement requires two parameters: the group description and the group name.
Privileges | Read/Write |
Type | java.lang.String |
Default Value | UPDATE GROUPS SET G_DESCRIPTION = ? WHERE G_NAME = ? |
The SQL statement used to specify description for a user. Only valid if Descriptions Supported is true. The SQL statement requires two parameters: the username description and the username.
Privileges | Read/Write |
Type | java.lang.String |
Default Value | UPDATE USERS SET U_DESCRIPTION = ? WHERE U_NAME = ? |
The SQL statement used to set the password for a user. The SQL statement requires two parameters: the password for the user and the username.
Privileges | Read/Write |
Type | java.lang.String |
Default Value | UPDATE USERS SET U_PASSWORD = ? WHERE U_NAME = ? |
The SQL statement used to look up a user. The SQL statement requires a single parameter for the username and must return a resultSet containing at most a single record containing the user.
Privileges | Read/Write |
Type | java.lang.String |
Default Value | SELECT U_NAME FROM USERS WHERE U_NAME = ? |
The version number of the DBMS Authentication provider.
Privileges | Read only |
Type | java.lang.String |
Default Value | 1.0 |
Redeploy or Restart required | Changes take effect after you redeploy the module or restart the server. |
This section describes the following operations:
Adds a user or group (member) to a group. If the member already belongs to the group, this method does nothing.
Operation Name | "addMemberToGroup" |
Parameters | Object [] { groupName, memberUserOrGroupName }
where:
|
Signature | String [] {
"java.lang.String",
"java.lang.String" } |
Returns |
void
|
Exceptions |
|
Advances the list to the next element in the list.
Operation Name | "advance" |
Parameters | Object [] { cursor }
where:
|
Signature | String [] {
"java.lang.String" } |
Returns |
void
|
Exceptions |
|
Used by a user to change his or her password.
Operation Name | "changeUserPassword" |
Parameters | Object [] { userName, oldPassword, newPassword }
where:
|
Signature | String [] {
"java.lang.String",
"java.lang.String",
"java.lang.String" } |
Returns |
void
|
Exceptions |
|
Indicates that the caller is finished using the list, and that the resources held on behalf of the list may be released. If the caller traverses through all the elements in the list, the caller need not call this method. In other words, it is used to let the caller close the list without reading each element that is returned.
Operation Name | "close" |
Parameters | Object [] { cursor }
where:
|
Signature | String [] {
"java.lang.String" } |
Returns |
void
|
Exceptions |
|
Creates a group.
Operation Name | "createGroup" |
Parameters | Object [] { groupName, description }
where:
|
Signature | String [] {
"java.lang.String",
"java.lang.String" } |
Returns |
void
|
Exceptions |
|
Creates a user and sets the user's password.
Operation Name | "createUser" |
Parameters | Object [] { userName, password, description }
where:
|
Signature | String [] {
"java.lang.String",
"java.lang.String",
"java.lang.String" } |
Returns |
void
|
Exceptions |
|
The name of the current item in the list. Returns null if there is no current item.
Operation Name | "getCurrentName" |
Parameters | Object [] { cursor }
where:
|
Signature | String [] {
"java.lang.String" } |
Returns | String
|
Exceptions |
|
Gets a group's description.
Operation Name | "getGroupDescription" |
Parameters | Object [] { groupName }
where:
|
Signature | String [] {
"java.lang.String" } |
Returns | String
|
Exceptions |
|
Gets a user's description.
Operation Name | "getUserDescription" |
Parameters | Object [] { userName }
where:
|
Signature | String [] {
"java.lang.String" } |
Returns | String
|
Exceptions |
|
Indicates whether the specified group exists.
Operation Name | "groupExists" |
Parameters | Object [] { groupName }
where:
|
Signature | String [] {
"java.lang.String" } |
Returns |
boolean
|
Exceptions |
|
Returns true if there are more objects in the list, and false otherwise.
Operation Name | "haveCurrent" |
Parameters | Object [] { cursor }
where:
|
Signature | String [] {
"java.lang.String" } |
Returns |
boolean
|
Exceptions |
|
Indicates whether a user or group is a member of the group that you specify. A recursive search returns true if the member belongs to the group that you specify or to any of the groups contained within that group."
Operation Name | "isMember" |
Parameters | Object [] { parentGroupName, memberUserOrGroupName, recursive }
where:
|
Signature | String [] {
"java.lang.String",
"java.lang.String",
"java.lang.Boolean" } |
Returns |
boolean
|
Exceptions |
|
Returns true if the specified attribute has been set explicitly in this MBean instance.
Operation Name | "isSet" |
Parameters | Object [] { propertyName }
where:
|
Signature | String [] {
"java.lang.String" } |
Returns |
boolean
|
Exceptions |
|
Searches within a group for user and group (member) names that
match a pattern. Returns a cursor (string). You can use methods
from weblogic.management.utils.NameLister
(which this
MBean extends) to iterate through the returned list.
This method does not sort the results or distinguish user and
group names. You can use the groupExists
method to
determine whether a name refers to an existing group.
Operation Name | "listGroupMembers" |
Parameters | Object [] { groupName, memberUserOrGroupNameWildcard, maximumToReturn }
where:
|
Signature | String [] {
"java.lang.String",
"java.lang.String",
"java.lang.Integer" } |
Returns | String
|
Exceptions |
|
Searches for a user name that matches a pattern.
This method returns a cursor that you can pass to the methods
from weblogic.management.utils.NameListerMBean
(which
this MBean extends) to iterate through the returned list.
This method does not sort the results.
Operation Name | "listGroups" |
Parameters | Object [] { groupNameWildcard, maximumToReturn }
where:
|
Signature | String [] {
"java.lang.String",
"java.lang.Integer" } |
Returns | String
|
Exceptions |
|
Lists the groups that directly contain a user or a group.
Returns a cursor (string).You can use methods from
weblogic.management.utils.NameLister
(which this MBean
extends) to iterate through the returned list.
Operation Name | "listMemberGroups" |
Parameters | Object [] { memberUserOrGroupName }
where:
|
Signature | String [] {
"java.lang.String" } |
Returns | String
|
Exceptions |
|
Searches for a user name that matches a pattern.
This method returns a cursor that you can pass to the methods
from weblogic.management.utils.NameListerMBean
(which
this MBean extends) to iterate through the returned list.
This method does not sort the results.
Operation Name | "listUsers" |
Parameters | Object [] { userNameWildcard, maximumToReturn }
where:
|
Signature | String [] {
"java.lang.String",
"java.lang.Integer" } |
Returns | String
|
Exceptions |
|
Removes a group. If the group contains members, the members are not removed.
Operation Name | "removeGroup" |
Parameters | Object [] { groupName }
where:
|
Signature | String [] {
"java.lang.String" } |
Returns |
void
|
Exceptions |
|
Removes a user or group (member) from a group. If the member is not in the group, this method does nothing.
Operation Name | "removeMemberFromGroup" |
Parameters | Object [] { groupName, memberUserOrGroupName }
where:
|
Signature | String [] {
"java.lang.String",
"java.lang.String" } |
Returns |
void
|
Exceptions |
|
Removes a user.
Operation Name | "removeUser" |
Parameters | Object [] { userName }
where:
|
Signature | String [] {
"java.lang.String" } |
Returns |
void
|
Exceptions |
|
Used by an administrator to change a user's password.
Operation Name | "resetUserPassword" |
Parameters | Object [] { userName, newPassword }
where:
|
Signature | String [] {
"java.lang.String",
"java.lang.String" } |
Returns |
void
|
Exceptions |
|
Sets the description for an existing group.
Operation Name | "setGroupDescription" |
Parameters | Object [] { groupName, description }
where:
|
Signature | String [] {
"java.lang.String",
"java.lang.String" } |
Returns |
void
|
Exceptions |
|
Sets the description for an existing user.
Operation Name | "setUserDescription" |
Parameters | Object [] { userName, description }
where:
|
Signature | String [] {
"java.lang.String",
"java.lang.String" } |
Returns |
void
|
Exceptions |
|
Restore the given property to its default value.
Operation Name | "unSet" |
Parameters | Object [] { propertyName }
where:
|
Signature | String [] {
"java.lang.String" } |
Returns |
void
|
Exceptions |
|
Indicates whether the specified user exists.
Operation Name | "userExists" |
Parameters | Object [] { userName }
where:
|
Signature | String [] {
"java.lang.String" } |
Returns |
boolean
|
Exceptions |
|
Returns the display name of an MBean.
Deprecated 9.0.0.0
Operation Name | "wls_getDisplayName" |
Parameters | null |
Signature | null |
Returns | String
|