DefaultIdentityAsserterMBean (BEA WebLogic Server 9.1 API Reference)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

BEA Systems, Inc.

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

Type-Safe Access to BEA WebLogic Server 9.1 MBeans (Deprecated)

(Methods marked with @since 9.0.0.0 or later are not available through the deprecated `MBeanHome` interface.)

weblogic.security.providers.authentication
Interface DefaultIdentityAsserterMBean

All Superinterfaces:: AuthenticationProviderMBean, weblogic.descriptor.DescriptorBean, IdentityAsserterMBean, ProviderMBean, weblogic.descriptor.SettableBean, weblogic.management.commo.StandardInterface

public interface DefaultIdentityAsserterMBean
extends weblogic.management.commo.StandardInterface, weblogic.descriptor.DescriptorBean, IdentityAsserterMBean

The MBean that represents configuration atrributes for the WebLogic Identity Assertion provider. The WebLogic Identity Assertion provider supports identity assertion using X.509 certificates and CORBA Common Secure Interoperability version 2 (CS1 v2). The class also contains attributes for the default user name mapping class plus the list of trusted client principals.Deprecation of MBeanHome and Type-Safe InterfacesThis is a type-safe interface for a WebLogic Server MBean, which you can import into your client classes and access through weblogic.management.MBeanHome. As of 9.0, the MBeanHome interface and all type-safe interfaces for WebLogic Server MBeans are deprecated. Instead, client classes that interact with WebLogic Server MBeans should use standard JMX design patterns in which clients use the javax.management.MBeanServerConnection interface to discover MBeans, attributes, and attribute types at runtime. For more information, see "Developing Manageable Applications with JMX" on http://www.oracle.com/technology/documentation/index.html.

Method Summary
`String`	`getDefaultUserNameMapperAttributeDelimiter()` The delimiter that ends the attribute value when mapping from the X.509 certificate or X.500 name token to the WebLogic user name.
`String`	`getDefaultUserNameMapperAttributeType()` The name of the attribute from the subject DN to use when mapping from the X.509 certificate or X.500 name token to the WebLogic user name.
`String`	`getDescription()` A short description of the Identity Assertion provider.
`String`	`getProviderClassName()` The name of the Java class used to load the Identity Assertion provider.
`String[]`	`getSupportedTypes()` The token types supported by the Identity Assertion provider.
`String[]`	`getTrustedClientPrincipals()` The list of trusted client principals to use in CSI v2 identity assertion.
`String`	`getUserNameMapperClassName()` The name of the Java class that maps X.509 digital certificates and X.501 distinguished names to WebLogic user names.
`String`	`getVersion()` The version number of the Identity Assertion provider.
`boolean`	`isUseDefaultUserNameMapper()` Uses the user name mapping class provided by WebLogic Server.
`void`	`setDefaultUserNameMapperAttributeDelimiter(String newValue)` The delimiter that ends the attribute value when mapping from the X.509 certificate or X.500 name token to the WebLogic user name.
`void`	`setDefaultUserNameMapperAttributeType(String newValue)` The name of the attribute from the subject DN to use when mapping from the X.509 certificate or X.500 name token to the WebLogic user name.
`void`	`setTrustedClientPrincipals(String[] newValue)` The list of trusted client principals to use in CSI v2 identity assertion.
`void`	`setUseDefaultUserNameMapper(boolean newValue)` Uses the user name mapping class provided by WebLogic Server.
`void`	`setUserNameMapperClassName(String newValue)` The name of the Java class that maps X.509 digital certificates and X.501 distinguished names to WebLogic user names.

Methods inherited from interface weblogic.management.commo.StandardInterface

setName, wls_getDisplayName, wls_getInterfaceClassName, wls_getObjectName

Methods inherited from interface weblogic.descriptor.DescriptorBean

addBeanUpdateListener, addPropertyChangeListener, createChildCopy, createChildCopyIncludingObsolete, getDescriptor, getParentBean, isEditable, removeBeanUpdateListener, removePropertyChangeListener

Methods inherited from interface weblogic.descriptor.SettableBean

isSet, unSet

Methods inherited from interface weblogic.management.security.authentication.IdentityAsserterMBean

getActiveTypes, getBase64DecodingRequired, setActiveTypes, setBase64DecodingRequired

Methods inherited from interface weblogic.management.security.ProviderMBean

getRealm

Method Detail

getDefaultUserNameMapperAttributeDelimiter

public String getDefaultUserNameMapperAttributeDelimiter()

The delimiter that ends the attribute value when mapping from the X.509 certificate or X.500 name token to the WebLogic user name.

Default value:: "@"
A dynamic MBean attribute.: false

getDefaultUserNameMapperAttributeType

public String getDefaultUserNameMapperAttributeType()

The name of the attribute from the subject DN to use when mapping from the X.509 certificate or X.500 name token to the WebLogic user name.

Default value:: "E"
Legal values:: "C","CN","E","L","O","OU","S","STREET"
A dynamic MBean attribute.: false

getDescription

public String getDescription()

A short description of the Identity Assertion provider.

Specified by:: getDescription in interface ProviderMBean

Default value:: "WebLogic Identity Assertion provider"
A dynamic MBean attribute.: false
A non-configurable MBean attribute.

getProviderClassName

public String getProviderClassName()

The name of the Java class used to load the Identity Assertion provider.

Specified by:: getProviderClassName in interface ProviderMBean

Default value:: "weblogic.security.providers.authentication.DefaultIdentityAsserterProviderImpl"
A dynamic MBean attribute.: false
A non-configurable MBean attribute.
Excluded: Should not appear in public javadocs
Internal: Should not appear in public javadocs

getSupportedTypes

public String[] getSupportedTypes()

The token types supported by the Identity Assertion provider.

Specified by:: getSupportedTypes in interface IdentityAsserterMBean

Default value:: weblogic.security.spi.IdentityAsserter.AU_TYPE,weblogic.security.spi.IdentityAsserter.X509_TYPE,weblogic.security.spi.IdentityAsserter.CSI_PRINCIPAL_TYPE,weblogic.security.spi.IdentityAsserter.CSI_ANONYMOUS_TYPE,weblogic.security.spi.IdentityAsserter.CSI_X509_CERTCHAIN_TYPE,weblogic.security.spi.IdentityAsserter.CSI_DISTINGUISHED_NAME_TYPE,weblogic.security.spi.IdentityAsserter.WSSE_PASSWORD_DIGEST_TYPE
A dynamic MBean attribute.: false
A non-configurable MBean attribute.

getTrustedClientPrincipals

public String[] getTrustedClientPrincipals()

The list of trusted client principals to use in CSI v2 identity assertion. The wildcard character (*) can be used to specify all principals are trusted. If a client is not listed as a trusted client principal, the CSIv2 identity assertion fails and the invoke is rejected.

A dynamic MBean attribute.: false

getUserNameMapperClassName

public String getUserNameMapperClassName()

The name of the Java class that maps X.509 digital certificates and X.501 distinguished names to WebLogic user names.

A dynamic MBean attribute.: false

getVersion

public String getVersion()

The version number of the Identity Assertion provider.

Specified by:: getVersion in interface ProviderMBean

Default value:: "1.0"
A dynamic MBean attribute.: false
A non-configurable MBean attribute.

isUseDefaultUserNameMapper

public boolean isUseDefaultUserNameMapper()

Uses the user name mapping class provided by WebLogic Server. The default user name mapping class only validates that a certificate has not expired. If you require additional validation, you need to write your own user name mapping class. Writing your own user name mapping class also allows you to specify what attribute in the subject DN of the certificate is used to map to the user name.

Default value:: false
A dynamic MBean attribute.: false

setDefaultUserNameMapperAttributeDelimiter

public void setDefaultUserNameMapperAttributeDelimiter(String newValue)
                                                throws InvalidAttributeValueException