ReadOnlySQLAuthenticatorMBean

Overview | Child MBeans | Attributes | Operations

Overview

This MBean contains configuration information for the Read-Only SQL Authentication provider.Deprecation of MBeanHome and Type-Safe InterfacesThis is a type-safe interface for a WebLogic Server MBean, which you can import into your client classes and access through weblogic.management.MBeanHome. As of 9.0, the MBeanHome interface and all type-safe interfaces for WebLogic Server MBeans are deprecated. Instead, client classes that interact with WebLogic Server MBeans should use standard JMX design patterns in which clients use the javax.management.MBeanServerConnection interface to discover MBeans, attributes, and attribute types at runtime. For more information, see "Developing Manageable Applications with JMX" on http://www.oracle.com/technology/documentation/index.html.

Fully Qualified Interface Name

If you use the getMBeanInfo operation in MBeanTypeServiceMBean, supply the following value as this MBean's fully qualified interface name:
weblogic.security.providers.authentication.ReadOnlySQLAuthenticatorMBean

Factory Methods

No factory methods. Instances of this MBean are created automatically.

Access Points Inherited from AuthenticationProviderMBean

Because this MBean extends or implements AuthenticationProviderMBean, you can also access this MBean by retrieving AuthenticationProviderMBeans. The following attributes contain AuthenticationProviderMBeans and its subtypes:

RealmMBean.AuthenticationProviders

Subtypes

The following MBeans extend or implement this MBean type:

SQLAuthenticatorMBean

Child MBeans

This section describes attributes that contain child MBeans. For more information about the MBean hierarchy, refer to WebLogic Server MBean Data Model.

Realm

Realm

Returns the realm that contains this security provider. Returns null if this security provider is not contained by a realm.

Factory Methods	No explicit creator method. The child shares the lifecycle of its parent.
Privileges	Read only
Type	RealmMBean

Attributes

This section describes the following attributes:

ControlFlag
DataSourceName
Description
DescriptionsSupported
EnableGroupMembershipLookupHierarchyCaching
GroupHierarchyCacheTTL
GroupMembershipSearching
MaxGroupHierarchiesInCache
MaxGroupMembershipSearchLevel
Name
PlaintextPasswordsEnabled
ProviderClassName

SQLGetGroupDescription
SQLGetUserDescription
SQLGetUsersPassword
SQLGroupExists
SQLIsMember
SQLListGroups
SQLListMemberGroups
SQLListUsers
SQLUserExists
Version

ControlFlag

Returns how the login sequence uses the Authentication provider.

A REQUIRED value specifies this LoginModule must succeed. Even if it fails, authentication proceeds down the list of LoginModules for the configured Authentication providers. This setting is the default.

A REQUISITE value specifies this LoginModule must succeed. If other Authentication providers are configured and this LoginModule succeeds, authentication proceeds down the list of LoginModules. Otherwise, control is return to the application.

A SUFFICIENT value specifies this LoginModule need not succeed. If it does succeed, return control to the application. If it fails and other Authentication providers are configured, authentication proceeds down the LoginModule list.

An OPTIONAL value specifies this LoginModule need not succeed. Whether it succeeds or fails, authentication proceeds down the LoginModule list.

Privileges	Read/Write
Type	java.lang.String
Default Value	REQUIRED
Legal Values	REQUIRED REQUISITE SUFFICIENT OPTIONAL
Redeploy or Restart required	Changes take effect after you redeploy the module or restart the server.

DataSourceName

The name of the JDBC data source used for database access.

Privileges	Read/Write
Type	java.lang.String

Description

A short description of the DBMS Authentication provider.

Privileges	Read only
Type	java.lang.String
Default Value	Provider that performs DBMS authentication
Redeploy or Restart required	Changes take effect after you redeploy the module or restart the server.

DescriptionsSupported

Indicates whether user and group descriptions are supported by the database used by the authentication provider.

Privileges	Read/Write
Type	boolean
Default Value	true

EnableGroupMembershipLookupHierarchyCaching

Returns whether group membership hierachies found during recursive membership lookup will be cached. Ie: each subtree found will be cached.

Privileges	Read/Write
Type	java.lang.Boolean
Redeploy or Restart required	Changes take effect after you redeploy the module or restart the server.

GroupHierarchyCacheTTL

Returns the maximum number of seconds a group membership hierarchy entry is valid in the LRU cache.

Privileges	Read/Write
Type	java.lang.Integer
Default Value	60
Redeploy or Restart required	Changes take effect after you redeploy the module or restart the server.

GroupMembershipSearching

Specifies whether recursive group membership searching is unlimited or limited. Valid values are unlimited and limited.

Privileges	Read/Write
Type	java.lang.String
Default Value	unlimited
Legal Values	unlimited limited

MaxGroupHierarchiesInCache

Returns the maximum size of the LRU cache for holding group membership hierarchies if caching is enabled.

Privileges	Read/Write
Type	java.lang.Integer
Default Value	100
Redeploy or Restart required	Changes take effect after you redeploy the module or restart the server.

MaxGroupMembershipSearchLevel

This specifies how many levels of group membership can be searched. This setting is valid only if Group Membership Searching is set to limited. Valid values are 0 and positive integers. For example, 0 indicates only direct group memberships will be found, a positive number indicates the number of levels to go down.

Privileges	Read/Write
Type	java.lang.Integer
Default Value	0

Name

Privileges	Read only
Type	java.lang.String
Default Value	ReadOnlySQLAuthenticator
Redeploy or Restart required	Changes take effect after you redeploy the module or restart the server.

PlaintextPasswordsEnabled

No description provided.

Privileges	Read/Write
Type	boolean

ProviderClassName

The name of the Java class for the Read-Only DBMS Authentication Provider.

Privileges	Read only
Type	java.lang.String
Default Value	weblogic.security.providers.authentication.DBMSSQLReadOnlyAuthenticationProviderImpl
Redeploy or Restart required	Changes take effect after you redeploy the module or restart the server.

SQLGetGroupDescription

The SQL statement used to retrieve the description of a group. Only valid if Descriptions Supported is enabled. The SQL statement requires a single parameter for the group name and must return a resultSet containing at most a single record containing the group description.

Privileges	Read/Write
Type	java.lang.String
Default Value	SELECT G_DESCRIPTION FROM GROUPS WHERE G_NAME = ?

SQLGetUserDescription

The SQL statement used to retrieve the description of a specific user. Only valid if Descriptions Supported is enabled. The SQL statement requires a single parameter for the username and must return a resultSet containing at most a single record containing the user description.

Privileges	Read/Write
Type	java.lang.String
Default Value	SELECT U_DESCRIPTION FROM USERS WHERE U_NAME = ?

SQLGetUsersPassword

The SQL statement used to look up a user's password. The SQL statement requires a single parameter for the username and must return a resultSet containing at most a single record containing the password.

Privileges	Read/Write
Type	java.lang.String
Default Value	SELECT U_PASSWORD FROM USERS WHERE U_NAME = ?

SQLGroupExists

The SQL statement used to look up a group. The SQL statement requires a single parameter for the group name and must return a resultSet containing at most a single record containing the group

Privileges	Read/Write
Type	java.lang.String
Default Value	SELECT G_NAME FROM GROUPS WHERE G_NAME = ?

SQLIsMember

The SQL statement used to look up members of a group. The SQL statement requires two parameters: a group name and a member or group name. It must return a resultSet containing the group names that matched

Privileges	Read/Write
Type	java.lang.String
Default Value	SELECT G_MEMBER FROM GROUPMEMBERS WHERE G_NAME = ? AND G_MEMBER = ?

SQLListGroups

The SQL statement used to retrieve group names that match a wildcard The SQL statement requires a single parameter for the wildcarded group name and return a resultSet containing matching group names

Privileges	Read/Write
Type	java.lang.String
Default Value	SELECT G_NAME FROM GROUPS WHERE G_NAME LIKE ?

SQLListMemberGroups

The SQL statement used to look up the groups a user or group is a member of. The SQL statement requires a single parameter for the username or group name and returns a resultSet containing the names of the groups that matched.

Privileges	Read/Write
Type	java.lang.String
Default Value	SELECT G_NAME FROM GROUPMEMBERS WHERE G_MEMBER = ?

SQLListUsers

The SQL statement used to retrieve users that match a particular wildcard search The SQL statement requires a single parameter for the wildcarded usernames and returns a resultSet containing matching usernames

Privileges	Read/Write
Type	java.lang.String
Default Value	SELECT U_NAME FROM USERS WHERE U_NAME LIKE ?

SQLUserExists

The SQL statement used to look up a user. The SQL statement requires a single parameter for the username and must return a resultSet containing at most a single record containing the user.

Privileges	Read/Write
Type	java.lang.String
Default Value	SELECT U_NAME FROM USERS WHERE U_NAME = ?

Version

The version number of the DBMS Authentication provider.

Privileges	Read only
Type	java.lang.String
Default Value	1.0
Redeploy or Restart required	Changes take effect after you redeploy the module or restart the server.

Operations

This section describes the following operations:

advance
close
getCurrentName
getGroupDescription
getUserDescription
groupExists
haveCurrent

isMember
listGroups
listUsers
userExists
wls_getDisplayName

advance

Advances the list to the next element in the list.

Operation Name	`"advance"`
Parameters	`Object [] { cursor }` where: `cursor` is an object of type `java.lang.String` that specifies: - The cursor returned from a previous list method.
Signature	`String [] { "java.lang.String" }`
Returns	`void`

Exceptions

weblogic.management.utils.InvalidCursorException

close

Indicates that the caller is finished using the list, and that the resources held on behalf of the list may be released. If the caller traverses through all the elements in the list, the caller need not call this method. In other words, it is used to let the caller close the list without reading each element that is returned.

Operation Name	`"close"`
Parameters	`Object [] { cursor }` where: `cursor` is an object of type `java.lang.String` that specifies: - The cursor returned from a previous list method.
Signature	`String [] { "java.lang.String" }`
Returns	`void`

Exceptions

weblogic.management.utils.InvalidCursorException

getCurrentName

The name of the current item in the list. Returns null if there is no current item.

Operation Name	`"getCurrentName"`
Parameters	`Object [] { cursor }` where: `cursor` is an object of type `java.lang.String` that specifies: - The cursor returned from a previous list method.
Signature	`String [] { "java.lang.String" }`
Returns	`String`

Exceptions

weblogic.management.utils.InvalidCursorException

getGroupDescription

Gets a group's description.

Operation Name	`"getGroupDescription"`
Parameters	`Object [] { groupName }` where: `groupName` is an object of type `java.lang.String` that specifies: - The name of an existing group.
Signature	`String [] { "java.lang.String" }`
Returns	`String`

Exceptions

weblogic.management.utils.NotFoundException
weblogic.management.utils.InvalidParameterException

getUserDescription

Gets a user's description.

Operation Name	`"getUserDescription"`
Parameters	`Object [] { userName }` where: `userName` is an object of type `java.lang.String` that specifies: - The name of an existing user.
Signature	`String [] { "java.lang.String" }`
Returns	`String`

Exceptions

weblogic.management.utils.NotFoundException
weblogic.management.utils.InvalidParameterException

groupExists

Indicates whether the specified group exists.

Operation Name	`"groupExists"`
Parameters	`Object [] { groupName }` where: `groupName` is an object of type `java.lang.String` that specifies: - The name that this method evaluates.
Signature	`String [] { "java.lang.String" }`
Returns	`boolean`

Exceptions

weblogic.management.utils.InvalidParameterException

haveCurrent

Returns true if there are more objects in the list, and false otherwise.

Operation Name	`"haveCurrent"`
Parameters	`Object [] { cursor }` where: `cursor` is an object of type `java.lang.String` that specifies: - The cursor returned from a previous list method.
Signature	`String [] { "java.lang.String" }`
Returns	`boolean`

Exceptions

weblogic.management.utils.InvalidCursorException

isMember

Indicates whether a user or group is a member of the group that you specify. A recursive search returns true if the member belongs to the group that you specify or to any of the groups contained within that group."

Operation Name	`"isMember"`
Parameters	`Object [] { parentGroupName, memberUserOrGroupName, recursive }` where: `parentGroupName` is an object of type `java.lang.String` that specifies: - The existing group within which this method searches for membership. `memberUserOrGroupName` is an object of type `java.lang.String` that specifies: - The user or group name for which this method searches. `recursive` is an object of type `java.lang.Boolean` that specifies: - If set to `true`, the criteria for membership extends to any groups within the group that is specified by `parentGroupName`. If this argument is set to `false`, then this method checks only for direct membership within the `parentGroupName`.
Signature	`String [] { "java.lang.String", "java.lang.String", "java.lang.Boolean" }`
Returns	`boolean`

Exceptions

weblogic.management.utils.NotFoundException
weblogic.management.utils.InvalidParameterException

listGroups

Searches for a user name that matches a pattern.

This method returns a cursor that you can pass to the methods from weblogic.management.utils.NameListerMBean (which this MBean extends) to iterate through the returned list.

This method does not sort the results.

Operation Name	`"listGroups"`
Parameters	`Object [] { groupNameWildcard, maximumToReturn }` where: `groupNameWildcard` is an object of type `java.lang.String` that specifies: - The pattern for which this method searches. The pattern can end with an `` (asterisk) as a wildcard, which matches any string of characters. The search is not case-sensitive. For example, a pattern of `abc` matches exactly one group name that contains only `abc`, a pattern of `ab` matches all group names that start with `ab`, and a pattern of `*` matches all group names. `maximumToReturn` is an object of type `java.lang.Integer` that specifies: - The maximum number of group names that this method returns. If there are more matches than this maximum, then the returned results are arbitrary because this method does not sort results. If the parameter is set to 0 there is no maximum and all results are returned.
Signature	`String [] { "java.lang.String", "java.lang.Integer" }`
Returns	`String`

Exceptions

weblogic.management.utils.InvalidParameterException

listUsers

Searches for a user name that matches a pattern.

This method returns a cursor that you can pass to the methods from weblogic.management.utils.NameListerMBean (which this MBean extends) to iterate through the returned list.

This method does not sort the results.

Operation Name	`"listUsers"`
Parameters	`Object [] { userNameWildcard, maximumToReturn }` where: `userNameWildcard` is an object of type `java.lang.String` that specifies: - The pattern for which this method searches. The pattern can end with an `` (asterisk) as a wildcard, which matches any string of characters. The search is not case-sensitive. For example, a pattern of `abc` matches exactly one user name that contains only `abc`, a pattern of `ab` matches all user names that start with `ab`, and a pattern of `*` matches all user names. `maximumToReturn` is an object of type `java.lang.Integer` that specifies: - The maximum number of user names that this method returns. If there are more matches than this maximum, then the returned results are arbitrary because this method does not sort results. If the parameter is set to 0 there is no maximum and all results are returned.
Signature	`String [] { "java.lang.String", "java.lang.Integer" }`
Returns	`String`

Exceptions

weblogic.management.utils.InvalidParameterException

userExists

Indicates whether the specified user exists.

Operation Name	`"userExists"`
Parameters	`Object [] { userName }` where: `userName` is an object of type `java.lang.String` that specifies: - The name that this method evaluates.
Signature	`String [] { "java.lang.String" }`
Returns	`boolean`

Exceptions

weblogic.management.utils.InvalidParameterException

wls_getDisplayName

Operation Name	`"wls_getDisplayName"`
Parameters	`null`
Signature	`null`
Returns	`String`