The MBean that represents configuration attributes for the WebLogic Authentication provider. The WebLogic Authentication provider has methods to edit, list, and manage users, groups, and group membership. User and group information is stored in an embedded LDAP server. Currently, the only configuration attribute that can be set is Minimum Password Length.Deprecation of MBeanHome and Type-Safe InterfacesThis is a type-safe interface for a WebLogic Server MBean, which you can import into your client classes and access through weblogic.management.MBeanHome. As of 9.0, the MBeanHome interface and all type-safe interfaces for WebLogic Server MBeans are deprecated. Instead, client classes that interact with WebLogic Server MBeans should use standard JMX design patterns in which clients use the javax.management.MBeanServerConnection interface to discover MBeans, attributes, and attribute types at runtime. For more information, see "Developing Manageable Applications with JMX" on http://www.oracle.com/technology/documentation/index.html.
If you use the getMBeanInfo
operation in MBeanTypeServiceMBean, supply the following value as this MBean's fully qualified interface name:
weblogic.security.providers.authentication.DefaultAuthenticatorMBean
No factory methods. Instances of this MBean are created automatically.
Because this MBean extends or implements AuthenticationProviderMBean, you can also access this MBean by retrieving AuthenticationProviderMBeans. The following attributes contain AuthenticationProviderMBeans and its subtypes:
|
This section describes attributes that contain child MBeans. For more information about the MBean hierarchy, refer to WebLogic Server MBean Data Model.
|
Returns the realm that contains this security provider. Returns null if this security provider is not contained by a realm.
Factory Methods | No explicit creator method. The child shares the lifecycle of its parent. |
Privileges | Read only |
Type | RealmMBean |
This section describes the following attributes:
Returns how the login sequence uses the Authentication provider.
A REQUIRED
value specifies this LoginModule must
succeed. Even if it fails, authentication proceeds down the list of
LoginModules for the configured Authentication providers. This
setting is the default.
A REQUISITE
value specifies this LoginModule must
succeed. If other Authentication providers are configured and this
LoginModule succeeds, authentication proceeds down the list of
LoginModules. Otherwise, control is return to the application.
A SUFFICIENT
value specifies this LoginModule need
not succeed. If it does succeed, return control to the application.
If it fails and other Authentication providers are configured,
authentication proceeds down the LoginModule list.
An OPTIONAL
value specifies this LoginModule need
not succeed. Whether it succeeds or fails, authentication proceeds
down the LoginModule list.
Privileges | Read/Write |
Type | java.lang.String |
Default Value | REQUIRED |
Legal Values |
|
Redeploy or Restart required | Changes take effect after you redeploy the module or restart the server. |
A short description of the Authentication provider.
Privileges | Read only |
Type | java.lang.String |
Default Value | WebLogic Authentication Provider |
Redeploy or Restart required | Changes take effect after you redeploy the module or restart the server. |
Returns whether group membership hierachies found during recursive membership lookup will be cached. Ie: each subtree found will be cached.
Privileges | Read/Write |
Type | java.lang.Boolean |
Redeploy or Restart required | Changes take effect after you redeploy the module or restart the server. |
Returns the maximum number of seconds a group membership hierarchy entry is valid in the LRU cache.
Privileges | Read/Write |
Type | java.lang.Integer |
Default Value | 60 |
Redeploy or Restart required | Changes take effect after you redeploy the module or restart the server. |
Specifies whether recursive group membership searching is unlimited or limited. Valid values are unlimited and limited.
Privileges | Read/Write |
Type | java.lang.String |
Default Value | unlimited |
Legal Values |
|
Redeploy or Restart required | Changes take effect after you redeploy the module or restart the server. |
Returns the maximum size of the LRU cache for holding group membership hierarchies if caching is enabled.
Privileges | Read/Write |
Type | java.lang.Integer |
Default Value | 100 |
Redeploy or Restart required | Changes take effect after you redeploy the module or restart the server. |
Specifies how many levels of group membership can be searched. This setting is valid only if GroupMemberShipSearching is set to limited. Valid values are 0, and positive numbers. For example, 0 indicates only direct group memberships will be found, a positive number indicates the number of levels to go down.
Privileges | Read/Write |
Type | java.lang.Integer |
Default Value | 0 |
Redeploy or Restart required | Changes take effect after you redeploy the module or restart the server. |
The minimum number of characters required in a password.
Privileges | Read/Write |
Type | int |
Default Value | 8 |
Minimum value | 0 |
Redeploy or Restart required | Changes take effect after you redeploy the module or restart the server. |
Privileges | Read only |
Type | java.lang.String |
Default Value | DefaultAuthenticator |
Redeploy or Restart required | Changes take effect after you redeploy the module or restart the server. |
Enables the storage of password information required to support Web Services Security Password Digest and other digest authentication algorithms. If set to true, the WebLogic Authentication provider stores the user password in a 2-way encrypted form. The original password can then be retrieved and used for digest authentication.
Privileges | Read/Write |
Type | boolean |
Redeploy or Restart required | Changes take effect after you redeploy the module or restart the server. |
No description provided.
Privileges | Read/Write |
Type | boolean |
Redeploy or Restart required | Changes take effect after you redeploy the module or restart the server. |
The name of the Java class used to load the Authentication provider.
Privileges | Read only |
Type | java.lang.String |
Default Value | weblogic.security.providers.authentication.DefaultAuthenticationProviderImpl |
Redeploy or Restart required | Changes take effect after you redeploy the module or restart the server. |
The users and groups that you want to be exported from this Authentication provider's database. If none are specified, all are exported. If EnablePasswordDigestInformation is set to true, then 2 way encrypted passwords can be exported via the passwords=cleartext constraint.
Privileges | Read only |
Type | class java.lang.String[] |
Default Value | users groups passwords |
Redeploy or Restart required | Changes take effect after you redeploy the module or restart the server. |
The format of the file to export. The list of supported export formats is determined by this Authentication provider.
Privileges | Read only |
Type | class java.lang.String[] |
Default Value | DefaultAtn |
Redeploy or Restart required | Changes take effect after you redeploy the module or restart the server. |
The users and groups that you want to be imported into this Authentication provider's database. If none are specified, all are imported.
Privileges | Read only |
Type | class java.lang.String[] |
Default Value | |
Redeploy or Restart required | Changes take effect after you redeploy the module or restart the server. |
The format of the file to import. The list of supported import formats is determined by the Authentication provider from which the users and groups were originally exported.
Privileges | Read only |
Type | class java.lang.String[] |
Default Value | DefaultAtn |
Redeploy or Restart required | Changes take effect after you redeploy the module or restart the server. |
No description provided.
Privileges | Read/Write |
Type | java.lang.Boolean |
Redeploy or Restart required | Changes take effect after you redeploy the module or restart the server. |
The version number of the Authentication provider.
Privileges | Read only |
Type | java.lang.String |
Default Value | 1.0 |
Redeploy or Restart required | Changes take effect after you redeploy the module or restart the server. |
This section describes the following operations:
Adds a user or group (member) to a group. If the member already belongs to the group, this method does nothing.
Operation Name | "addMemberToGroup" |
Parameters | Object [] {
groupName, memberUserOrGroupName }
where:
|
Signature | String [] {
"java.lang.String",
"java.lang.String" } |
Returns |
void
|
weblogic.management.utils.NotFoundException
weblogic.management.utils.InvalidParameterException
Advances the list to the next element in the list.
Operation Name | "advance" |
Parameters | Object [] {
cursor }
where:
|
Signature | String [] {
"java.lang.String" } |
Returns |
void
|
weblogic.management.utils.InvalidCursorException
Used by a user to change his or her password.
Operation Name | "changeUserPassword" |
Parameters | Object [] {
userName, oldPassword, newPassword }
where:
|
Signature | String [] {
"java.lang.String",
"java.lang.String",
"java.lang.String" } |
Returns |
void
|
weblogic.management.utils.NotFoundException
weblogic.management.utils.InvalidParameterException
Indicates that the caller is finished using the list, and that the resources held on behalf of the list may be released. If the caller traverses through all the elements in the list, the caller need not call this method. In other words, it is used to let the caller close the list without reading each element that is returned.
Operation Name | "close" |
Parameters | Object [] {
cursor }
where:
|
Signature | String [] {
"java.lang.String" } |
Returns |
void
|
weblogic.management.utils.InvalidCursorException
Creates a group.
Operation Name | "createGroup" |
Parameters | Object [] {
groupName, description }
where:
|
Signature | String [] {
"java.lang.String",
"java.lang.String" } |
Returns |
void
|
weblogic.management.utils.AlreadyExistsException
weblogic.management.utils.InvalidParameterException
Creates a user and sets the user's password.
Operation Name | "createUser" |
Parameters | Object [] {
userName, password, description }
where:
|
Signature | String [] {
"java.lang.String",
"java.lang.String",
"java.lang.String" } |
Returns |
void
|
weblogic.management.utils.InvalidParameterException
weblogic.management.utils.AlreadyExistsException
Exports provider specific data in a specified format. When
errors occur, the MBean throws an ErrorCollectionException
containing a list of java.lang.Exceptions
, where the
text of each exception describes the error.
Operation Name | "exportData" |
Parameters | Object [] {
format, filename, constraints }
where:
|
Signature | String [] {
"java.lang.String",
"java.lang.String",
"java.util.Properties" } |
Returns |
void
|
weblogic.management.utils.InvalidParameterException
weblogic.management.utils.ErrorCollectionException
The name of the current item in the list. Returns null if there is no current item.
Operation Name | "getCurrentName" |
Parameters | Object [] {
cursor }
where:
|
Signature | String [] {
"java.lang.String" } |
Returns | String
|
weblogic.management.utils.InvalidCursorException
Gets a group's description.
Operation Name | "getGroupDescription" |
Parameters | Object [] {
groupName }
where:
|
Signature | String [] {
"java.lang.String" } |
Returns | String
|
weblogic.management.utils.NotFoundException
weblogic.management.utils.InvalidParameterException
Gets a user's description.
Operation Name | "getUserDescription" |
Parameters | Object [] {
userName }
where:
|
Signature | String [] {
"java.lang.String" } |
Returns | String
|
weblogic.management.utils.NotFoundException
weblogic.management.utils.InvalidParameterException
Indicates whether the specified group exists.
Operation Name | "groupExists" |
Parameters | Object [] {
groupName }
where:
|
Signature | String [] {
"java.lang.String" } |
Returns |
boolean
|
weblogic.management.utils.InvalidParameterException
Returns true if there are more objects in the list, and false otherwise.
Operation Name | "haveCurrent" |
Parameters | Object [] {
cursor }
where:
|
Signature | String [] {
"java.lang.String" } |
Returns |
boolean
|
weblogic.management.utils.InvalidCursorException
Imports provider specific data from a specified format. When
errors occur, the MBean throws an ErrorCollectionException
containing a list of java.lang.Exceptions
, where the
text of each exception describes the error.
Operation Name | "importData" |
Parameters | Object [] {
format, filename, constraints }
where:
|
Signature | String [] {
"java.lang.String",
"java.lang.String",
"java.util.Properties" } |
Returns |
void
|
weblogic.management.utils.InvalidParameterException
weblogic.management.utils.ErrorCollectionException
Indicates whether a user or group is a member of the group that you specify. A recursive search returns true if the member belongs to the group that you specify or to any of the groups contained within that group."
Operation Name | "isMember" |
Parameters | Object [] {
parentGroupName, memberUserOrGroupName, recursive }
where:
|
Signature | String [] {
"java.lang.String",
"java.lang.String",
"java.lang.Boolean" } |
Returns |
boolean
|
weblogic.management.utils.NotFoundException
weblogic.management.utils.InvalidParameterException
Searches within a group for user and group (member) names that
match a pattern. Returns a cursor (string). You can use methods
from weblogic.management.utils.NameLister
(which this
MBean extends) to iterate through the returned list.
This method does not sort the results or distinguish user and
group names. You can use the groupExists
method to
determine whether a name refers to an existing group.
Operation Name | "listGroupMembers" |
Parameters | Object [] {
groupName, memberUserOrGroupNameWildcard, maximumToReturn }
where:
|
Signature | String [] {
"java.lang.String",
"java.lang.String",
"java.lang.Integer" } |
Returns | String
|
weblogic.management.utils.NotFoundException
weblogic.management.utils.InvalidParameterException
Searches for a user name that matches a pattern.
This method returns a cursor that you can pass to the methods
from weblogic.management.utils.NameListerMBean
(which
this MBean extends) to iterate through the returned list.
This method does not sort the results.
Operation Name | "listGroups" |
Parameters | Object [] {
groupNameWildcard, maximumToReturn }
where:
|
Signature | String [] {
"java.lang.String",
"java.lang.Integer" } |
Returns | String
|
weblogic.management.utils.InvalidParameterException
Lists the groups that directly contain a user or a group.
Returns a cursor (string).You can use methods from
weblogic.management.utils.NameLister
(which this MBean
extends) to iterate through the returned list.
Operation Name | "listMemberGroups" |
Parameters | Object [] {
memberUserOrGroupName }
where:
|
Signature | String [] {
"java.lang.String" } |
Returns | String
|
weblogic.management.utils.NotFoundException
weblogic.management.utils.InvalidParameterException
Searches for a user name that matches a pattern.
This method returns a cursor that you can pass to the methods
from weblogic.management.utils.NameListerMBean
(which
this MBean extends) to iterate through the returned list.
This method does not sort the results.
Operation Name | "listUsers" |
Parameters | Object [] {
userNameWildcard, maximumToReturn }
where:
|
Signature | String [] {
"java.lang.String",
"java.lang.Integer" } |
Returns | String
|
weblogic.management.utils.InvalidParameterException
Removes a group. If the group contains members, the members are not removed.
Operation Name | "removeGroup" |
Parameters | Object [] {
groupName }
where:
|
Signature | String [] {
"java.lang.String" } |
Returns |
void
|
weblogic.management.utils.NotFoundException
weblogic.management.utils.InvalidParameterException
Removes a user or group (member) from a group. If the member is not in the group, this method does nothing.
Operation Name | "removeMemberFromGroup" |
Parameters | Object [] {
groupName, memberUserOrGroupName }
where:
|
Signature | String [] {
"java.lang.String",
"java.lang.String" } |
Returns |
void
|
weblogic.management.utils.NotFoundException
weblogic.management.utils.InvalidParameterException
Removes a user.
Operation Name | "removeUser" |
Parameters | Object [] {
userName }
where:
|
Signature | String [] {
"java.lang.String" } |
Returns |
void
|
weblogic.management.utils.NotFoundException
weblogic.management.utils.InvalidParameterException
Used by an administrator to change a user's password.
Operation Name | "resetUserPassword" |
Parameters | Object [] {
userName, newPassword }
where:
|
Signature | String [] {
"java.lang.String",
"java.lang.String" } |
Returns |
void
|
weblogic.management.utils.NotFoundException
weblogic.management.utils.InvalidParameterException
Sets the description for an existing group.
Operation Name | "setGroupDescription" |
Parameters | Object [] {
groupName, description }
where:
|
Signature | String [] {
"java.lang.String",
"java.lang.String" } |
Returns |
void
|
weblogic.management.utils.NotFoundException
weblogic.management.utils.InvalidParameterException
Sets the description for an existing user.
Operation Name | "setUserDescription" |
Parameters | Object [] {
userName, description }
where:
|
Signature | String [] {
"java.lang.String",
"java.lang.String" } |
Returns |
void
|
weblogic.management.utils.NotFoundException
weblogic.management.utils.InvalidParameterException
Indicates whether the specified user exists.
Operation Name | "userExists" |
Parameters | Object [] {
userName }
where:
|
Signature | String [] {
"java.lang.String" } |
Returns |
boolean
|
weblogic.management.utils.InvalidParameterException
Operation Name | "wls_getDisplayName" |
Parameters | null |
Signature | null |
Returns | String
|