Type-Safe Access to BEA WebLogic Server 9.0 MBeans (Deprecated)

(Methods marked with @since 9.0.0.0 are not available through the deprecated MBeanHome interface.)

weblogic.management.security
Interface RealmMBean

All Superinterfaces:

weblogic.descriptor.DescriptorBean, weblogic.descriptor.SettableBean, weblogic.management.commo.StandardInterface

public interface RealmMBean

extends weblogic.management.commo.StandardInterface, weblogic.descriptor.DescriptorBean

The MBean that represents configuration attributes for the security realm.

A security realm contains a set of security configuration settings, including the list of security providers to use (for example, for authentication and authorization).

Code using security can either use the default security realm for the domain or refer to a particular security realm by name (by using the JMX display name of the security realm).

One security realm in the WebLogic domain must have the DefaultRealm attribute set to true. The security realm with the DefaultRealm attribute set to true is used as the default security realm for the WebLogic domain. Note that other available security realms must have the DefaultRealm attribute set to false.

When WebLogic Server boots, it locates and uses the default security realm. The security realm is considered active since it is used when WebLogic Server runs. Any security realm that is not used when WebLogic Server runs is considered inactive. All active security realms must be configured before WebLogic Server is boots.

Since security providers are scoped by realm, the Realm attribute on a security provider must be set to the realm that uses the provider.

Deprecation of MBeanHome and Type-Safe Interfaces

In addition to being used as a base class that provides functionality to security provider MBeans, JMX applications can use this class directly as a type-safe interface. When used as a type-safe interface, a JMX application imports this class and accesses it through weblogic.management.MBeanHome. As of 9.0, the MBeanHome interface and all type-safe interfaces for WebLogic Server MBeans are deprecated. Instead, JMX applications that interact with WebLogic Server MBeans should use standard JMX design patterns in which clients use the javax.management.MBeanServerConnection interface to discover MBeans, attributes, and attribute types at runtime. For more information, see "Developing Manageable Applications with JMX" on http://www.oracle.com/technology/documentation/index.html.

Copyright © 2005 BEA Systems, Inc. All Rights Reserved.

Method Summary

AdjudicatorMBean	createAdjudicator(String type) Creates an Adjudication provider in this security realm and removes this security realm's previous Adjudication provider.
AdjudicatorMBean	createAdjudicator(String name, String type) Creates an Adjudication provider in this security realm and removes this security realm's previous Adjudication provider.
AuditorMBean	createAuditor(String type) Creates an Auditing provider in this security realm.
AuditorMBean	createAuditor(String name, String type) Creates an Auditing provider in this security realm.
AuthenticationProviderMBean	createAuthenticationProvider(String type) Creates an Authentication provider in this security realm.
AuthenticationProviderMBean	createAuthenticationProvider(String name, String type) Creates an Authentication provider in this security realm.
AuthorizerMBean	createAuthorizer(String type) Creates an Authorization provider in this security realm.
AuthorizerMBean	createAuthorizer(String name, String type) Creates an Authorization provider in this security realm.
CertPathProviderMBean	createCertPathProvider(String type) Creates a Certification Path provider in this security realm.
CertPathProviderMBean	createCertPathProvider(String name, String type) Creates a Certification Path provider in this security realm.
CredentialMapperMBean	createCredentialMapper(String type) Creates a Credential Mapping provider in this security realm.
CredentialMapperMBean	createCredentialMapper(String name, String type) Creates a Credential Mapping provider in this security realm.
KeyStoreMBean	createKeyStore(String type) Deprecated. 8.1.0.0
KeyStoreMBean	createKeyStore(String name, String type) Deprecated. 8.1.0.0
RoleMapperMBean	createRoleMapper(String type) Creates a Role Mapping provider in this security realm.
RoleMapperMBean	createRoleMapper(String name, String type) Creates a Role Mapping provider in this security realm.
void	destroyAdjudicator() Removes the configuration this security realm's Adjudication provider (if there is one).
void	destroyAuditor(AuditorMBean auditor) Removes the configuration for an Auditing provider in this security realm.
void	destroyAuthenticationProvider(AuthenticationProviderMBean authenticationProvider) Removes the configuration for an Authentication provider in this security realm.
void	destroyAuthorizer(AuthorizerMBean authorizer) Removes the configuration for an Authorization provider in this security realm.
void	destroyCertPathProvider(CertPathProviderMBean certPathProvider) Removes the configuration for a Certification Path provider in this security realm.
void	destroyCredentialMapper(CredentialMapperMBean credentialMapper) Removes the configuration for a Credential Mapping provider in this security realm.
void	destroyKeyStore(KeyStoreMBean keystore) Deprecated. 8.1.0.0
void	destroyRoleMapper(RoleMapperMBean roleMapper) Removes the configuration for a Role Mapping provider in this security realm.
AdjudicatorMBean	getAdjudicator() Returns the Adjudication provider for this security realm.
String[]	getAdjudicatorTypes() Returns the types of Adjudication providers that may be created in this security realm, for example, weblogic.security.providers.authorization.DefaultAdjudicator.
AuditorMBean[]	getAuditors() Returns the Auditing providers for this security realm (in invocation order).
String[]	getAuditorTypes() Returns the types of Auditing providers that may be created in this security realm, for example, weblogic.security.providers.audit.DefaultAuditor.
AuthenticationProviderMBean[]	getAuthenticationProviders() Returns the Authentication providers for this security realm (in invocation order).
String[]	getAuthenticationProviderTypes() Returns the types of Authentication providers that may be created in this security realm, for example, weblogic.security.providers.authentication.DefaultAuthenticator.
AuthorizerMBean[]	getAuthorizers() Returns the Authorization providers for this security realm (in invocation order).
String[]	getAuthorizerTypes() Returns the types of Authorization providers that may be created in this security realm, for example, weblogic.security.providers.authorization.DefaultAuthorizer.
CertPathBuilderMBean	getCertPathBuilder() Returns the CertPath Builder provider in this security realm that will be used by the security system to build certification paths.
CertPathProviderMBean[]	getCertPathProviders() Returns the Certification Path providers for this security realm (in invocation order).
String[]	getCertPathProviderTypes() Returns the types of Certification Path providers that may be created in this security realm, for example, weblogic.security.providers.pk.WebLogicCertPathProvider.
CredentialMapperMBean[]	getCredentialMappers() Returns the Credential Mapping providers for this security realm (in invocation order).
String[]	getCredentialMapperTypes() Returns the types of Credential Mapping providers that may be created in this security realm, for example, weblogic.security.providers.credentials.DefaultCredentialMapper.
KeyStoreMBean[]	getKeyStores() Deprecated. 8.1.0.0
String[]	getKeyStoreTypes() Deprecated. 8.1.0.0
Integer	getMaxWebLogicPrincipalsInCache() Returns the maximum size of the LRU cache for holding WebLogic Principal signatures.
String	getName() The name of this configuration.
RoleMapperMBean[]	getRoleMappers() Returns the Role Mapping providers for this security realm (in invocation order).
String[]	getRoleMapperTypes() Returns the types of Role Mapping providers that may be created in this security realm, for example, weblogic.security.providers.authorization.DefaultRoleMapper.
String	getSecurityDDModel() Returns the default security deployment model for applications deployed in this security realm.
UserLockoutManagerMBean	getUserLockoutManager() Returns the User Lockout Manager for this security realm.
boolean	isCombinedRoleMappingEnabled() Returns whether application role mappings are combined by the J2EE containers.
boolean	isDefaultRealm() Deprecated. 9.0.0.0 Replaced by SecurityConfigurationMBean.getDefaultRealm()
boolean	isDeployCredentialMappingIgnored() Deprecated. 9.0.0.0
boolean	isDeployPolicyIgnored() Deprecated. 9.0.0.0
boolean	isDeployRoleIgnored() Deprecated. 9.0.0.0
boolean	isEnableWebLogicPrincipalValidatorCache() Returns whether the WebLogic Principal Validator caching is enabled.
boolean	isFullyDelegateAuthorization() Deprecated. 9.0.0.0
boolean	isValidateDDSecurityData() Returns whether security data in the deployment descriptor is validated.
AuditorMBean	lookupAuditor(String name) Finds an Auditing provider in this security realm.
AuthenticationProviderMBean	lookupAuthenticationProvider(String name) Finds an Authentication provider in this security realm.
AuthorizerMBean	lookupAuthorizer(String name) Finds an Authorization provider in this security realm.
CertPathProviderMBean	lookupCertPathProvider(String name) Finds a Certification Path provider in this security realm.
CredentialMapperMBean	lookupCredentialMapper(String name) Finds a Credential Mapping provider in this security realm.
KeyStoreMBean	lookupKeyStore(String name) Deprecated. 8.1.0.0
RoleMapperMBean	lookupRoleMapper(String name) Finds a Role Mapping provider in this security realm.
void	setAuditors(AuditorMBean[] auditors) Changes the invocation order of this security realm's Auditing providers.
void	setAuthenticationProviders(AuthenticationProviderMBean[] authenticationProviders) Changes the invocation order of this security realm's Authentication providers.
void	setAuthorizers(AuthorizerMBean[] authorizers) Changes the invocation order of this security realm's Authorization providers.
void	setCertPathBuilder(CertPathBuilderMBean certPathBuilder) Determines which of this security realm's CertPathProviders will be used by the security system to build certification paths.
void	setCertPathProviders(CertPathProviderMBean[] certPathProviders) Changes the invocation order of this security realm's Certification Path providers.
void	setCombinedRoleMappingEnabled(boolean combined) Sets whether application role mappings are combined by the J2EE containers.
void	setCredentialMappers(CredentialMapperMBean[] credentialMappers) Changes the invocation order of this security realm's Credential Mapping providers.
void	setDefaultRealm(boolean isDefault) Deprecated. 9.0.0.0 Replaced by SecurityConfigurationMBean.setDefaultRealm(weblogic.management.security.RealmMBean)
void	setDeployCredentialMappingIgnored(boolean ignored) Deprecated. 9.0.0.0
void	setDeployPolicyIgnored(boolean ignored) Deprecated. 9.0.0.0
void	setDeployRoleIgnored(boolean ignored) Deprecated. 9.0.0.0
void	setEnableWebLogicPrincipalValidatorCache(boolean enabled) Sets whether the WebLogic Principal Validator caching is enabled.
void	setFullyDelegateAuthorization(boolean fullyDelegate) Deprecated. 9.0.0.0
void	setKeyStores(KeyStoreMBean[] keystores) Deprecated. 8.1.0.0
void	setMaxWebLogicPrincipalsInCache(Integer size) Sets the maximum size of the LRU cache for holding WebLogic Principal signatures.
void	setRoleMappers(RoleMapperMBean[] roleMappers) Changes the invocation order of this security realm's Role Mapping providers.
void	setSecurityDDModel(String model) Sets the default security deployment model for applications deployed in this security realm.
void	setValidateDDSecurityData(boolean validate) Sets whether security data in the deployment descriptor is validated.
void	validate() Deprecated. 9.0.0.0 This method is no longer required since activating a configuration transaction does this check automatically on the default realm, and will not allow the configuration to be saved if the domain does not have a valid default realm configured.

Methods inherited from interface weblogic.management.commo.StandardInterface

setName, wls_getDisplayName, wls_getInterfaceClassName, wls_getObjectName

Methods inherited from interface weblogic.descriptor.DescriptorBean

addBeanUpdateListener, addPropertyChangeListener, createChildCopy, createChildCopyIncludingObsolete, getDescriptor, getParentBean, isEditable, removeBeanUpdateListener, removePropertyChangeListener

Methods inherited from interface weblogic.descriptor.SettableBean

isSet, unSet

Method Detail

createAdjudicator

public AdjudicatorMBean createAdjudicator(String type)
                                   throws ClassNotFoundException,
                                          JMException

Creates an Adjudication provider in this security realm and removes this security realm's previous Adjudication provider.

Parameters:

type - - The type of this Adjudication provider, for example, weblogic.security.providers.authorization.DefaultAdjudicator Use getAdjudicatorTypes to find the list of types that may be specified.

Throws:

ClassNotFoundException - is thrown if an invalid type is specified.

JMException

createAdjudicator

public AdjudicatorMBean createAdjudicator(String name,
                                          String type)
                                   throws ClassNotFoundException,
                                          JMException

Creates an Adjudication provider in this security realm and removes this security realm's previous Adjudication provider.

Parameters:

name - - The name of this Adjudication provider, for example, DefaultAdjudicator

type - - The type of this Adjudication provider, for example, weblogic.security.providers.authorization.DefaultAdjudicator Use getAdjudicatorTypes to find the list of types that may be specified.

Throws:

ClassNotFoundException - is thrown if an invalid type is specified.

JMException

createAuditor

public AuditorMBean createAuditor(String type)
                           throws ClassNotFoundException,
                                  JMException

Creates an Auditing provider in this security realm. The new Auditing provider is added to the end of the list of Auditing providers configured in this security realm.

Parameters:

type - - The type of this Auditing provider, for example, weblogic.security.providers.audit.DefaultAuditor Use getAuditorTypes to find the list of types that may be specified.

Throws:

ClassNotFoundException - is thrown if an invalid type is specified.

JMException

createAuditor

public AuditorMBean createAuditor(String name,
                                  String type)
                           throws ClassNotFoundException,
                                  JMException

Creates an Auditing provider in this security realm. The new Auditing provider is added to the end of the list of Auditing providers configured in this security realm.

Parameters:

name - - The name of this Auditing provider, for example, DefaultAuditor

type - - The type of this Auditing provider, for example, weblogic.security.providers.audit.DefaultAuditor Use getAuditorTypes to find the list of types that may be specified.

Throws:

ClassNotFoundException - is thrown if an invalid type is specified.

JMException

createAuthenticationProvider

public AuthenticationProviderMBean createAuthenticationProvider(String type)
                                                         throws ClassNotFoundException,
                                                                JMException

Creates an Authentication provider in this security realm. The new Authentication provider is added to the end of the list of Authentication providers configured in this security realm.

Parameters:

type - - The type of this Authentication provider, for example, weblogic.security.providers.authentication.DefaultAuthenticator Use getAuthenticationProviderTypes to find the list of types that may be specified.

Throws:

ClassNotFoundException - is thrown if an invalid type is specified.

JMException

createAuthenticationProvider

public AuthenticationProviderMBean createAuthenticationProvider(String name,
                                                                String type)
                                                         throws ClassNotFoundException,
                                                                JMException

Creates an Authentication provider in this security realm. The new Authentication provider is added to the end of the list of Authentication providers configured in this security realm.

Parameters:

name - - The name of this Authentication provider, for example, DefaultAuthenticator

type - - The type of this Authentication provider, for example, weblogic.security.providers.authentication.DefaultAuthenticator Use getAuthenticationProviderTypes to find the list of types that may be specified.

Throws:

ClassNotFoundException - is thrown if an invalid type is specified.

JMException

createAuthorizer

public AuthorizerMBean createAuthorizer(String type)
                                 throws ClassNotFoundException,
                                        JMException

Creates an Authorization provider in this security realm. The new Authorization provider is added to the end of the list of Authorization providers configured in this security realm.

Parameters:

type - - The type of this Authorization provider, for example, weblogic.security.providers.authorization.DefaultAuthorizer Use getAuthorizerTypes to find the list of types that may be specified.

Throws:

ClassNotFoundException - is thrown if an invalid type is specified.

JMException

createAuthorizer

public AuthorizerMBean createAuthorizer(String name,
                                        String type)
                                 throws ClassNotFoundException,
                                        JMException

Creates an Authorization provider in this security realm. The new Authorization provider is added to the end of the list of Authorization providers configured in this security realm.

Parameters:

name - - The name of this Authorization provider, for example, DefaultAuthorizer

type - - The type of this Authorization provider, for example, weblogic.security.providers.authorization.DefaultAuthorizer Use getAuthorizerTypes to find the list of types that may be specified.

Throws:

ClassNotFoundException - is thrown if an invalid type is specified.

JMException

createCertPathProvider

public CertPathProviderMBean createCertPathProvider(String type)
                                             throws ClassNotFoundException,
                                                    JMException

Creates a Certification Path provider in this security realm. The new Certification Path provider is added to the end of the list of Certification Path providers configured in this security realm.

The active security realm must contain at least one Certification Path provider that is a CertPath Builder provider and at least one Certificate Path provider that is a CertPath Validator provider.

Parameters:

type - - The type of this Certification Path provider, for example, weblogic.security.providers.pk.WebLogicCertPathProvider Use getCertPathProviderTypes to find the list of types that may be specified.

Throws:

ClassNotFoundException - is thrown if an invalid type is specified.

JMException

createCertPathProvider

public CertPathProviderMBean createCertPathProvider(String name,
                                                    String type)
                                             throws ClassNotFoundException,
                                                    JMException

Creates a Certification Path provider in this security realm. The new Certification Path provider is added to the end of the list of Certification Path providers configured in this security realm. The active security realm must contain at least one Certification Path provider that is a CertPath Builder provider and at least one Certificate Path provider that is a CertPath Validator provider.

Parameters:

name - - The name of this Certification Path provider, for example, WebLogicCertPathProvider

type - - The type of this Certification Path provider, for example, weblogic.security.providers.pk.WebLogicCertPathProvider Use getCertPathProviderTypes to find the list of types that may be specified.

Throws:

ClassNotFoundException - is thrown if an invalid type is specified.

JMException

createCredentialMapper

public CredentialMapperMBean createCredentialMapper(String type)
                                             throws ClassNotFoundException,
                                                    JMException

Creates a Credential Mapping provider in this security realm. The new Credential Mapping provider is added to the end of the list of Credential Mapping providers configured in this security realm.

Parameters:

type - - The type of this Credential Mapping provider, for example, weblogic.security.providers.credentials.DefaultCredentialMapper Use getCredentialMapperTypes to find the list of types that may be specified.

Throws:

ClassNotFoundException - is thrown if an invalid type is specified.

JMException

createCredentialMapper

public CredentialMapperMBean createCredentialMapper(String name,
                                                    String type)
                                             throws ClassNotFoundException,
                                                    JMException

Creates a Credential Mapping provider in this security realm. The new Credential Mapping provider is added to the end of the list of Credential Mapping providers configured in this security realm.

Parameters:

name - - The name of this Credential Mapping provider, for example, DefaultCredentialMapper

type - - The type of this Credential Mapping provider, for example, weblogic.security.providers.credentials.DefaultCredentialMapper Use getCredentialMapperTypes to find the list of types that may be specified.

Throws:

ClassNotFoundException - is thrown if an invalid type is specified.

JMException

createKeyStore

public KeyStoreMBean createKeyStore(String type)
                             throws ClassNotFoundException,
                                    JMException

Deprecated. 8.1.0.0

Creates a KeyStore provider in this security realm. The new KeyStore provider is added to the end of the list of KeyStore providers configured in this security realm.

Parameters:

type - - The type of this KeyStore provider, for example, weblogic.security.providers.pk.DefaultKeyStore Use getKeyStoreTypes to find the list of types that may be specified.

Throws:

ClassNotFoundException - is thrown if an invalid type is specified.

JMException

createKeyStore

public KeyStoreMBean createKeyStore(String name,
                                    String type)
                             throws ClassNotFoundException,
                                    JMException

Deprecated. 8.1.0.0

Creates a KeyStore provider in this security realm. The new KeyStore provider is added to the end of the list of KeyStore providers configured in this security realm.

Parameters:

name - - The name of this KeyStore provider, for example, DefaultKeyStore

type - - The type of this KeyStore provider, for example, weblogic.security.providers.pk.DefaultKeyStore Use getKeyStoreTypes to find the list of types that may be specified.

Throws:

ClassNotFoundException - is thrown if an invalid type is specified.

JMException

createRoleMapper

public RoleMapperMBean createRoleMapper(String type)
                                 throws ClassNotFoundException,
                                        JMException

Creates a Role Mapping provider in this security realm. The new Role Mapping provider is added to the end of the list of Role Mapping providers configured in this security realm.

Parameters:

type - - The type of this Role Mapping provider, for example, weblogic.security.providers.authorization.DefaultRoleMapper Use getRoleMapperTypes to find the list of types that may be specified.

Throws:

ClassNotFoundException - is thrown if an invalid type is specified.

JMException

createRoleMapper

public RoleMapperMBean createRoleMapper(String name,
                                        String type)
                                 throws ClassNotFoundException,
                                        JMException

Creates a Role Mapping provider in this security realm. The new Role Mapping provider is added to the end of the list of Role Mapping providers configured in this security realm.

Parameters:

name - - The name of this Role Mapping provider, for example, DefaultRoleMapper

type - - The type of this Role Mapping provider, for example, weblogic.security.providers.authorization.DefaultRoleMapper Use getRoleMapperTypes to find the list of types that may be specified.

Throws:

ClassNotFoundException - is thrown if an invalid type is specified.

JMException

destroyAdjudicator

public void destroyAdjudicator()

Removes the configuration this security realm's Adjudication provider (if there is one). It does not remove any persistent data for the Adjudication provider (such as databases or files). weblogic.management.configuration.SecurityConfigurationMBean.destroyRealm automatically removes the security realm's Adjudication provider.

destroyAuditor

public void destroyAuditor(AuditorMBean auditor)

Removes the configuration for an Auditing provider in this security realm. It does not remove any persistent data for the Auditing provider (such as databases or files). weblogic.management.configuration.SecurityConfigurationMBean.destroyRealm automatically removes the security realm's Auditing providers.

Parameters:

auditor - - The Auditing provider to remove.

destroyAuthenticationProvider

public void destroyAuthenticationProvider(AuthenticationProviderMBean authenticationProvider)

Removes the configuration for an Authentication provider in this security realm. It does not remove any persistent data for the Authentication provider (such as databases or files). weblogic.management.configuration.SecurityConfigurationMBean.destroyRealm automatically removes the security realm's Authentication providers.

Parameters:

authenticationProvider - - The Authentication provider to remove.

destroyAuthorizer

public void destroyAuthorizer(AuthorizerMBean authorizer)

Removes the configuration for an Authorization provider in this security realm. It does not remove any persistent data for the Authorization provider (such as databases or files). weblogic.management.configuration.SecurityConfigurationMBean.destroyRealm automatically removes the security realm's Authorization providers.

Parameters:

authorizer - - The Authorization provider to remove.

destroyCertPathProvider

public void destroyCertPathProvider(CertPathProviderMBean certPathProvider)

Removes the configuration for a Certification Path provider in this security realm. It does not remove any persistent data for the Certification Path provider (such as databases or files). weblogic.management.configuration.SecurityConfigurationMBean.destroyRealm automatically removes the security realm's Certification Path providers.

If certPathProvider has been selected as this security realm's CertPathBuilder, then this security realm's will have no CertPathBuilder.

Parameters:

certPathProvider - - The Certification Path provider to remove.

destroyCredentialMapper

public void destroyCredentialMapper(CredentialMapperMBean credentialMapper)

Removes the configuration for a Credential Mapping provider in this security realm. It does not remove any persistent data for the Credential Mapping provider (such as databases or files). weblogic.management.configuration.SecurityConfigurationMBean.destroyRealm automatically removes the security realm's Credential Mapping providers.

Parameters:

credentialMapper - - The Credential Mapping provider to remove.

destroyKeyStore

public void destroyKeyStore(KeyStoreMBean keystore)

Deprecated. 8.1.0.0

Removes the configuration for a KeyStore provider in this security realm. It does not remove any persistent data for the KeyStore provider (such as databases or files). weblogic.management.configuration.SecurityConfigurationMBean.destroyRealm automatically removes the security realm's KeyStore providers.

Parameters:

keystore - - The KeyStore provider to remove.

destroyRoleMapper

public void destroyRoleMapper(RoleMapperMBean roleMapper)

Removes the configuration for a Role Mapping provider in this security realm. It does not remove any persistent data for the Role Mapping provider (such as databases or files). weblogic.management.configuration.SecurityConfigurationMBean.destroyRealm automatically removes the security realm's Role Mapping providers.

Parameters:

roleMapper - - The Role Mapping provider to remove.

getAdjudicator

public AdjudicatorMBean getAdjudicator()

Returns the Adjudication provider for this security realm.

A dynamic MBean attribute.

false

getAdjudicatorTypes

public String[] getAdjudicatorTypes()

Returns the types of Adjudication providers that may be created in this security realm, for example, weblogic.security.providers.authorization.DefaultAdjudicator. Use this method to find the available types to pass to createAdjudicator

A dynamic MBean attribute.

false

getAuditors

public AuditorMBean[] getAuditors()

Returns the Auditing providers for this security realm (in invocation order).

A dynamic MBean attribute.

false

getAuditorTypes

public String[] getAuditorTypes()

Returns the types of Auditing providers that may be created in this security realm, for example, weblogic.security.providers.audit.DefaultAuditor. Use this method to find the available types to pass to createAuditor

A dynamic MBean attribute.

false

getAuthenticationProviders

public AuthenticationProviderMBean[] getAuthenticationProviders()

Returns the Authentication providers for this security realm (in invocation order).

A dynamic MBean attribute.

false

getAuthenticationProviderTypes

public String[] getAuthenticationProviderTypes()

Returns the types of Authentication providers that may be created in this security realm, for example, weblogic.security.providers.authentication.DefaultAuthenticator. Use this method to find the available types to pass to createAuthenticationProvider

A dynamic MBean attribute.

false

getAuthorizers

public AuthorizerMBean[] getAuthorizers()

Returns the Authorization providers for this security realm (in invocation order).

A dynamic MBean attribute.

false

getAuthorizerTypes

public String[] getAuthorizerTypes()

Returns the types of Authorization providers that may be created in this security realm, for example, weblogic.security.providers.authorization.DefaultAuthorizer. Use this method to find the available types to pass to createAuthorizer

A dynamic MBean attribute.

false

getCertPathBuilder

public CertPathBuilderMBean getCertPathBuilder()

Returns the CertPath Builder provider in this security realm that will be used by the security system to build certification paths. Returns null if none has been selected. The provider will be one of this security realm's CertPathProviders.

A dynamic MBean attribute.

false

getCertPathProviders

public CertPathProviderMBean[] getCertPathProviders()

Returns the Certification Path providers for this security realm (in invocation order).

A dynamic MBean attribute.

false

getCertPathProviderTypes

public String[] getCertPathProviderTypes()

Returns the types of Certification Path providers that may be created in this security realm, for example, weblogic.security.providers.pk.WebLogicCertPathProvider. Use this method to find the available types to pass to createCertPathProvider

A dynamic MBean attribute.

false

getCredentialMappers

public CredentialMapperMBean[] getCredentialMappers()

Returns the Credential Mapping providers for this security realm (in invocation order).

A dynamic MBean attribute.

false

getCredentialMapperTypes

public String[] getCredentialMapperTypes()

Returns the types of Credential Mapping providers that may be created in this security realm, for example, weblogic.security.providers.credentials.DefaultCredentialMapper. Use this method to find the available types to pass to createCredentialMapper

A dynamic MBean attribute.

false

getKeyStores

public KeyStoreMBean[] getKeyStores()

Deprecated. 8.1.0.0

Returns the KeyStore providers for this security realm (in invocation order).

A dynamic MBean attribute.

false

getKeyStoreTypes

public String[] getKeyStoreTypes()

Deprecated. 8.1.0.0

Returns the types of KeyStore providers that may be created in this security realm, for example, weblogic.security.providers.pk.DefaultKeyStore. Use this method to find the available types to pass to createKeyStore

A dynamic MBean attribute.

false

getMaxWebLogicPrincipalsInCache

public Integer getMaxWebLogicPrincipalsInCache()

Returns the maximum size of the LRU cache for holding WebLogic Principal signatures. This value is only used if EnableWebLogicPrincipalValidatorCache is set to true

Default value:

new Integer(500)

A dynamic MBean attribute.

false

getName

public String getName()

The name of this configuration. WebLogic Server uses an MBean to implement and persist the configuration.

Specified by:

getName in interface weblogic.management.commo.StandardInterface

Default value:

"Realm"

A dynamic MBean attribute.

false

getRoleMappers

public RoleMapperMBean[] getRoleMappers()

Returns the Role Mapping providers for this security realm (in invocation order).

A dynamic MBean attribute.

false

getRoleMapperTypes

public String[] getRoleMapperTypes()

Returns the types of Role Mapping providers that may be created in this security realm, for example, weblogic.security.providers.authorization.DefaultRoleMapper. Use this method to find the available types to pass to createRoleMapper

A dynamic MBean attribute.

false

getSecurityDDModel

public String getSecurityDDModel()

Returns the default security deployment model for applications deployed in this security realm.

Default value:

DeploymentModel.DD_ONLY

Legal values:

DeploymentModel.DD_ONLY, DeploymentModel.CUSTOM_ROLES, DeploymentModel.CUSTOM_ROLES_POLICIES, DeploymentModel.ADVANCED

A dynamic MBean attribute.

true

getUserLockoutManager

public UserLockoutManagerMBean getUserLockoutManager()

Returns the User Lockout Manager for this security realm.

A dynamic MBean attribute.

false

isCombinedRoleMappingEnabled

public boolean isCombinedRoleMappingEnabled()

Returns whether application role mappings are combined by the J2EE containers.

Since:

9.0.0.0

Default value:

true

A dynamic MBean attribute.

true

isDefaultRealm

public boolean isDefaultRealm()

Deprecated. 9.0.0.0 Replaced by SecurityConfigurationMBean.getDefaultRealm()

Returns whether this security realm is the Default realm for the WebLogic domain. Deprecated in this release of WebLogic Server and replaced by weblogic.management.configuration.SecurityConfigurationMBean.getDefaultRealm.

A dynamic MBean attribute.

false

isDeployCredentialMappingIgnored

public boolean isDeployCredentialMappingIgnored()

Deprecated. 9.0.0.0

Returns whether credential mapping deployment calls on the security system are ignored or passed to the configured Credential Mapping providers.

Default value:

false

A dynamic MBean attribute.

true

isDeployPolicyIgnored

public boolean isDeployPolicyIgnored()

Deprecated. 9.0.0.0

Returns whether policy deployment calls on the security system are ignored or passed to the configured Authorization providers.

Default value:

false

A dynamic MBean attribute.

true

isDeployRoleIgnored

public boolean isDeployRoleIgnored()

Deprecated. 9.0.0.0

Returns whether role deployment calls on the security system are ignored or passed to the configured Role Mapping providers.

Default value:

false

A dynamic MBean attribute.

true

isEnableWebLogicPrincipalValidatorCache

public boolean isEnableWebLogicPrincipalValidatorCache()

Returns whether the WebLogic Principal Validator caching is enabled.

The Principal Validator is used by BEA supplied authentication providers and may be used by custom authentication providers. If enabled, the default principal validator will cache WebLogic Principal signatures.

Default value:

true

A dynamic MBean attribute.

false

isFullyDelegateAuthorization

public boolean isFullyDelegateAuthorization()

Deprecated. 9.0.0.0

Returns whether the Web and EJB containers should call the security framework on every access.

If false the containers are free to only call the security framework when security is set in the deployment descriptors.

Default value:

false

A dynamic MBean attribute.

false

isValidateDDSecurityData

public boolean isValidateDDSecurityData()

Returns whether security data in the deployment descriptor is validated. This setting establishes the default value for applications deployed using the realm.

Default value:

false

A dynamic MBean attribute.

true

lookupAuditor

public AuditorMBean lookupAuditor(String name)

Finds an Auditing provider in this security realm. Returns null if this security realm has no Auditing provider of the specified name.

lookupAuthenticationProvider

public AuthenticationProviderMBean lookupAuthenticationProvider(String name)

Finds an Authentication provider in this security realm. Returns null if this security realm has no Authentication provider of the specified name.

lookupAuthorizer

public AuthorizerMBean lookupAuthorizer(String name)

Finds an Authorization provider in this security realm. Returns null if this security realm has no Authorization provider of the specified name.

lookupCertPathProvider

public CertPathProviderMBean lookupCertPathProvider(String name)

Finds a Certification Path provider in this security realm. Returns null if this security realm has no Certification Path provider of the specified name.

lookupCredentialMapper

public CredentialMapperMBean lookupCredentialMapper(String name)

Finds a Credential Mapping provider in this security realm. Returns null if this security realm has no Credential Mapping provider of the specified name.

lookupKeyStore

public KeyStoreMBean lookupKeyStore(String name)

Deprecated. 8.1.0.0

Finds a KeyStore provider in this security realm. Returns null if this security realm has no KeyStore provider of the specified name.

lookupRoleMapper

public RoleMapperMBean lookupRoleMapper(String name)

Finds a Role Mapping provider in this security realm. Returns null if this security realm has no Role Mapping provider of the specified name.

setAuditors

public void setAuditors(AuditorMBean[] auditors)
                 throws InvalidAttributeValueException

Changes the invocation order of this security realm's Auditing providers.

Parameters:

auditors - - The new invocation order for this security realm's Auditing providers. It should contain exactly the same Auditing providers that getAuditors() returns, except in a different order. Note: For the purpose of backward compatibility with previous releases of WebLogic Server, auditors may also contain Auditing providers that do not already belong to this security realm and are not contained by another security realm. In this circumstance, these Auditing providers will be moved to this security realm. Similarly, auditors can be missing some of this security realm's current Auditing providers. All missing Auditing providers will be removed from this security realm. These behaviors are deprecated in this release of WebLogic Server and will be removed in a future release.

Throws:

InvalidAttributeValueException

setAuthenticationProviders

public void setAuthenticationProviders(AuthenticationProviderMBean[] authenticationProviders)
                                throws InvalidAttributeValueException

Changes the invocation order of this security realm's Authentication providers.

Parameters:

authenticationProviders - - The new invocation order for this security realm's Authentication providers. It should contain exactly the same Authentication providers that getAuthenticationProviders() returns, except in a different order. Note: For the purpose of backward compatibility with previous releases of WebLogic Server, authenticationProviders may also contain Authentication providers that do not already belong to this security realm and are not contained by another security realm. In this circumstance, these Authentication providers will be moved to this security realm. Similarly, authenticationProviders can be missing some of this security realm's current Authentication providers. All missing Authentication providers will be removed from this security realm. These behaviors are deprecated in this release of WebLogic Server and will be removed in a future release.

Throws:

InvalidAttributeValueException

setAuthorizers

public void setAuthorizers(AuthorizerMBean[] authorizers)
                    throws InvalidAttributeValueException

Changes the invocation order of this security realm's Authorization providers.

Parameters:

authorizers - - The new invocation order for this security realm's Authorization providers. It should contain exactly the same Authorization providers that getAuthorizers() returns, except in a different order. Note: For the purpose of backward compatibility with previous releases of WebLogic Server, authorizers may also contain Authorization providers that do not already belong to this security realm and are not contained by another security realm. In this circumstance, these Authorization providers will be moved to this security realm. Similarly, authorizers can be missing some of this security realm's current Authorization providers. All missing Authorization providers will be removed from this security realm. These behaviors are deprecated in this release of WebLogic Server and will be removed in a future release.

Throws:

InvalidAttributeValueException

setCertPathBuilder

public void setCertPathBuilder(CertPathBuilderMBean certPathBuilder)
                        throws InvalidAttributeValueException

Determines which of this security realm's CertPathProviders will be used by the security system to build certification paths. The provider must implement weblogic.management.security.pk.CertPathBuilder.

Parameters:

certPathBuilder - - The new CertPath Builder for this security realm. If null, this security realm will have no configured CertPathBuilder.

Throws:

InvalidAttributeValueException

See Also:

getCertPathBuilder()

setCertPathProviders

public void setCertPathProviders(CertPathProviderMBean[] certPathProviders)
                          throws InvalidAttributeValueException

Changes the invocation order of this security realm's Certification Path providers.

Parameters:

certPathProviders - - The new invocation order for this security realm's Certification Path providers. It should contain exactly the same Certification Path providers that getCertPathProviders() returns, except in a different order.

Throws:

InvalidAttributeValueException

setCombinedRoleMappingEnabled

public void setCombinedRoleMappingEnabled(boolean combined)
                                   throws InvalidAttributeValueException

Sets whether application role mappings are combined by the J2EE containers.

If false the containers need enternally defined mappings to use application role mappings.

Parameters:

combined - - the new combined role mapping value.

Throws:

InvalidAttributeValueException

Since:

9.0.0.0

See Also:

isCombinedRoleMappingEnabled()

setCredentialMappers

public void setCredentialMappers(CredentialMapperMBean[] credentialMappers)
                          throws InvalidAttributeValueException

Changes the invocation order of this security realm's Credential Mapping providers.

Parameters:

credentialMappers - - The new invocation order for this security realm's Credential Mapping providers. It should contain exactly the same Credential Mapping providers that getCredentialMappers() returns, except in a different order. Note: For the purpose of backward compatibility with previous releases of WebLogic Server, credentialMappers may also contain Credential Mapping providers that do not already belong to this security realm and are not contained by another security realm. In this circumstance, these Credential Mapping providers will be moved to this security realm. Similarly, credentialMappers can be missing some of this security realm's current Credential Mapping providers. All missing Credential Mapping providers will be removed from this security realm. These behaviors are deprecated in this release of WebLogic Server and will be removed in a future release.

Throws:

InvalidAttributeValueException

setDefaultRealm

public void setDefaultRealm(boolean isDefault)
                     throws InvalidAttributeValueException

Deprecated. 9.0.0.0 Replaced by SecurityConfigurationMBean.setDefaultRealm(weblogic.management.security.RealmMBean)

Determines whether is security realm is the Default realm for the WebLogic domain. Deprecated in this release of WebLogic Server and replaced by weblogic.management.configuration.SecurityConfigurationMBean.setDefautlRealm.

Parameters:

isDefault - - whether or not this security realm is the Default realm for the WebLogic domain.

Throws:

InvalidAttributeValueException

Default value:

false

setDeployCredentialMappingIgnored

public void setDeployCredentialMappingIgnored(boolean ignored)
                                       throws InvalidAttributeValueException

Deprecated. 9.0.0.0

Sets whether credential mapping deployment calls on the security system are ignored or passed to the configured Credential Mapping providers.

Parameters:

ignored - - the new deploy credential mapping ignored value.

Throws:

InvalidAttributeValueException

See Also:

isDeployCredentialMappingIgnored()

setDeployPolicyIgnored

public void setDeployPolicyIgnored(boolean ignored)
                            throws InvalidAttributeValueException

Deprecated. 9.0.0.0

Sets whether policy deployment calls on the security system are ignored or passed to the configured Authorization providers.

Parameters:

ignored - - the new deploy policy ignored value

Throws:

InvalidAttributeValueException

See Also:

isDeployPolicyIgnored()

setDeployRoleIgnored

public void setDeployRoleIgnored(boolean ignored)
                          throws InvalidAttributeValueException

Deprecated. 9.0.0.0

Sets whether role deployment calls on the security system are ignored or passed to the configured Role Mapping providers.

Parameters:

ignored - - the new deploy role ignored value

Throws:

InvalidAttributeValueException

See Also:

isDeployRoleIgnored()

setEnableWebLogicPrincipalValidatorCache

public void setEnableWebLogicPrincipalValidatorCache(boolean enabled)
                                              throws InvalidAttributeValueException

Sets whether the WebLogic Principal Validator caching is enabled.

Parameters:

enabled - - the new enable weblogic principal validator cache value.

Throws:

InvalidAttributeValueException

See Also:

isEnableWebLogicPrincipalValidatorCache()

setFullyDelegateAuthorization

public void setFullyDelegateAuthorization(boolean fullyDelegate)
                                   throws InvalidAttributeValueException

Deprecated. 9.0.0.0

Sets whether the Web and EJB containers should call the security framework on every access.

Parameters:

fullyDelegate - - the new fully delegate authorization value.

Throws:

InvalidAttributeValueException

See Also:

isFullyDelegateAuthorization()

setKeyStores

public void setKeyStores(KeyStoreMBean[] keystores)
                  throws InvalidAttributeValueException

Deprecated. 8.1.0.0

Changes the invocation order of this security realm's KeyStore providers.

Parameters:

keystores - - The new invocation order for this security realm's KeyStore providers. It should contain exactly the same KeyStore providers that getKeyStores() returns, except in a different order. Note: For the purpose of backward compatibility with previous releases of WebLogic Server, keystores may also contain KeyStore providers that do not already belong to this security realm and are not contained by another security realm. In this circumstance, these KeyStore providers will be moved to this security realm. Similarly, keystores can be missing some of this security realm's current KeyStore providers. All missing KeyStore providers will be removed from this security realm. These behaviors are deprecated in this release of WebLogic Server and will be removed in a future release.

Throws:

InvalidAttributeValueException

setMaxWebLogicPrincipalsInCache

public void setMaxWebLogicPrincipalsInCache(Integer size)
                                     throws InvalidAttributeValueException

Sets the maximum size of the LRU cache for holding WebLogic Principal signatures.

Parameters:

size - - the new weblogic principals maximum cache size

Throws:

InvalidAttributeValueException

See Also:

getMaxWebLogicPrincipalsInCache()

setRoleMappers

public void setRoleMappers(RoleMapperMBean[] roleMappers)
                    throws InvalidAttributeValueException

Changes the invocation order of this security realm's Role Mapping providers.

Parameters:

roleMappers - - The new invocation order for this security realm's Role Mapping providers. It should contain exactly the same Role Mapping providers that getRoleMappers() returns, except in a different order. Note: For the purpose of backward compatibility with previous releases of WebLogic Server, roleMappers may also contain Role Mapping providers that do not already belong to this security realm and are not contained by another security realm. In this circumstance, these Role Mapping providers will be moved to this security realm. Similarly, roleMappers can be missing some of this security realm's current Role Mapping providers. All missing Role Mapping providers will be removed from this security realm. These behaviors are deprecated in this release of WebLogic Server and will be removed in a future release.

Throws:

InvalidAttributeValueException

setSecurityDDModel

public void setSecurityDDModel(String model)
                        throws InvalidAttributeValueException

Sets the default security deployment model for applications deployed in this security realm.

Parameters:

model - - the new default security deployment model.

Throws:

InvalidAttributeValueException

See Also:

getSecurityDDModel()

setValidateDDSecurityData

public void setValidateDDSecurityData(boolean validate)
                               throws InvalidAttributeValueException

Sets whether security data in the deployment descriptor is validated. This setting establishes the default value for applications deployed using the realm.

Parameters:

validate - - the new validate deployment descriptor security data value.

Throws:

InvalidAttributeValueException

See Also:

isValidateDDSecurityData()

validate

public void validate()
              throws weblogic.management.utils.ErrorCollectionException

Deprecated. 9.0.0.0 This method is no longer required since activating a configuration transaction does this check automatically on the default realm, and will not allow the configuration to be saved if the domain does not have a valid default realm configured.

Checks that the realm is valid.

Throws:

weblogic.management.utils.ErrorCollectionException - if this security realm is not valid. The exception contains a list of , one for each reason this security realm is not valid. The text of each exception describes the problem.