BEA WebLogic Server 9.1 Security Schema Reference

namespace http://www.bea.com/ns/weblogic/90/security

 

Complex Type Summary
adjudicatorType

The SSPI MBean that all Adjudication providers must extend.

 
adjudicatorType/name

The name of this configuration.

 
application-versionerType

The SSPI MBean that security providers extend to indicate that the provider supports versionable applications.

 
application-versionerType/name

The name of this configuration.

 
auditorType

The SSPI MBean that all Audit providers must extend.

 
auditorType/name

The name of this configuration.

 
authentication-providerType

The SSPI MBean that all Authentication providers with login services must extend.

 
authentication-providerType/name

The name of this configuration.

 
authenticatorType

The SSPI MBean that all Authentication providers with login services must extend.

 
authenticatorType/name

The name of this configuration.

 
authenticatorType/control-flag

Returns how the login sequence uses the Authentication provider.

 
authorizerType

The base MBean for Authorization providers.

 
authorizerType/name

The name of this configuration.

 
cert-path-builderType

The SSPI MBean that all certification path providers with CertPathBuilder services must extend.

 
cert-path-builderType/name

The name of this configuration.

 
cert-path-providerType

The SSPI MBean that all certification path providers with CertPathBuilder services must extend.

 
cert-path-providerType/name

The name of this configuration.

 
cert-path-validatorType

The SSPI MBean that all certification path providers with CertPathValidator services must extend.

 
cert-path-validatorType/name

The name of this configuration.

 
context-handlerType

Provides a set of attributes for ContextHandler support.

 
context-handlerType/active-context-handler-entry

Returns the ContextHandler entries that the Audit provider is currently configured to process.

 
credential-cacheType

Defines methods used to get/set the configuration attributes that are required to support the credential cache.

 
credential-cacheType/credential-caching-enabled

Defines methods used to get/set the configuration attributes that are required to support the credential cache.

 
credential-cacheType/credentials-cache-size

Returns the maximum size of the LRU cache for holding credentials if caching is enabled.

 
credential-cacheType/credential-cache-ttl

Returns the maximum number of seconds a credential entry is valid in the LRU cache.

 
credential-mapperType

The SSPI MBean that all Credential Mapping providers must extend.

 
credential-mapperType/name

The name of this configuration.

 
deployable-authorizerType

The SSPI MBean that must be extended by all Authorization providers that can store policies created while deploying a Web application or EJB.

 
deployable-authorizerType/name

The name of this configuration.

 
deployable-authorizerType/policy-deployment-enabled

The SSPI MBean that must be extended by all Authorization providers that can store policies created while deploying a Web application or EJB.

 
deployable-credential-mapperType

The SSPI MBean that must be extended by all Credential Mapper providers that can store credential maps created while deploying a component.

 
deployable-credential-mapperType/name

The name of this configuration.

 
deployable-credential-mapperType/credential-mapping-deployment-enabled

The SSPI MBean that must be extended by all Credential Mapper providers that can store credential maps created while deploying a component.

 
deployable-role-mapperType

The SSPI MBean that must be extended by Role Mapping providers that can store roles created while deploying a Web application or EJB.

 
deployable-role-mapperType/name

The name of this configuration.

 
deployable-role-mapperType/role-deployment-enabled

The SSPI MBean that must be extended by Role Mapping providers that can store roles created while deploying a Web application or EJB.

 
exportType

Provides a set of methods for exporting provider specific data.

 
group-editorType

Provides a set of methods for creating, editing, and removing groups.

 
group-member-listerType

Provides a method for listing a group's members.

 
group-membership-hierarchy-cacheType

Defines methods used to get/set the configuration attributes that are required to support the Group Membership Hierarchy Cache.

 
group-membership-hierarchy-cacheType/enable-group-membership-lookup-hierarchy-caching

Returns whether group membership hierarchies found during recursive membership lookup will be cached.

 
group-membership-hierarchy-cacheType/max-group-hierarchies-in-cache

Returns the maximum size of the LRU cache for holding group membership hierarchies if caching is enabled.

 
group-membership-hierarchy-cacheType/group-hierarchy-cache-ttl

Returns the maximum number of seconds a group membership hierarchy entry is valid in the LRU cache.

 
group-readerType

Provides a method for listing the groups that contain a member.

 
group-removerType

Provides a method for removing groups.

 
identity-asserterType

The SSPI MBean that all Identity Assertion providers must extend.

 
identity-asserterType/name

The name of this configuration.

 
identity-asserterType/active-type

Returns the token types that the Identity Assertion provider is currently configured to process.

 
identity-asserterType/base64-decoding-required

Returns whether the tokens that are passed to the Identity Assertion provider will be will base64 decoded first.

 
importType

Provides a set of methods for importing provider specific data.

 
key-storeType

The SSPI MBean that all Keystore providers must extend.

 
key-storeType/name

The name of this configuration.

 
key-storeType/private-key-store-pass-phrase-encrypted

Returns the passphrase used to access the keystore specified by the PrivateKeyStoreLocation attribute.

 
key-storeType/root-ca-key-store-pass-phrase-encrypted

Returns the passphrase used to access the keystore specified by the RootCAKeyStoreLocation attribute.

 
key-storeType/private-key-store-location

Returns the location of the keystore used to store identities - that is, certificate and private key pairs.

 
key-storeType/root-ca-key-store-location

Returns the location of the keystore used to store trusted certificate authority certificates.

 
ldap-serverType

The LDAPServerMBean interface defines methods used to get/set the configuration attributes that are required to communicate with an external LDAP server.

 
ldap-serverType/host

Returns the host name or IP address of the LDAP server.

 
ldap-serverType/port

Returns the port number on which the LDAP server is listening.

 
ldap-serverType/ssl-enabled

The LDAPServerMBean interface defines methods used to get/set the configuration attributes that are required to communicate with an external LDAP server.

 
ldap-serverType/principal

Returns the Distinguished Name (DN) of the LDAP user that is used by WebLogic Server to connect to the LDAP server.

 
ldap-serverType/credential-encrypted

Returns the credential (generally a password) used to authenticate the LDAP user that is defined in the Principal attribute.

 
ldap-serverType/cache-enabled

The LDAPServerMBean interface defines methods used to get/set the configuration attributes that are required to communicate with an external LDAP server.

 
ldap-serverType/cache-size

Returns the size of the cache in K.

 
ldap-serverType/cache-ttl

Returns the time-to-live (TTL) of the cache in seconds.

 
ldap-serverType/follow-referrals

The LDAPServerMBean interface defines methods used to get/set the configuration attributes that are required to communicate with an external LDAP server.

 
ldap-serverType/bind-anonymously-on-referrals

The LDAPServerMBean interface defines methods used to get/set the configuration attributes that are required to communicate with an external LDAP server.

 
ldap-serverType/results-time-limit

Returns the maximum number of milliseconds to wait for results before timing out.

 
ldap-serverType/connect-timeout

Returns the maximum number of seconds to wait for the LDAP connection to be established.

 
ldap-serverType/parallel-connect-delay

Returns the number of seconds to delay when making concurrent attempts to connect to multiple servers.

 
ldap-serverType/connection-retry-limit

Specifies the number of times to attempt to connect to the LDAP server if the initial connection failed.

 
listerType

Provides a method for listing the groups that contain a member.

 
member-group-listerType

Provides a method for listing the groups that contain a member.

 
name-listerType

Provides a method for listing the groups that contain a member.

 
pki-credential-map-editorType

Provides a set of methods for creating, editing, and removing a credential map that matches users, resources and credential action to keystore aliases and the corresponding passwords.

 
pki-credential-map-readerType

Provides a set of methods for creating, editing, and removing a credential map that matches users, resources and credential action to keystore aliases and the corresponding passwords.

 
policy-auxiliaryType 
policy-consumerType 
policy-editorType 
policy-listerType

Provides a set of methods for listing data about policies.

 
policy-readerType 
policy-storeType 
predicate-editorType

This MBean edits data about predicates and their arguments.

 
predicate-readerType

This MBean reads data about predicates and their arguments.

 
properties-listerType

Provides a set of methods for listing data about roles.

 
providerType

The SSPI MBean that security providers extend to indicate that the provider supports versionable applications.

 
providerType/name

The name of this configuration.

 
realmType

The MBean that represents configuration attributes for the security realm.

 
realmType/auditor

Returns the Auditing providers for this security realm (in invocation order).

 
realmType/authentication-provider

Returns the Authentication providers for this security realm (in invocation order).

 
realmType/role-mapper

Returns the Role Mapping providers for this security realm (in invocation order).

 
realmType/authorizer

Returns the Authorization providers for this security realm (in invocation order).

 
realmType/adjudicator

Returns the Adjudication provider for this security realm.

 
realmType/credential-mapper

Returns the Credential Mapping providers for this security realm (in invocation order).

 
realmType/cert-path-provider

Returns the Certification Path providers for this security realm (in invocation order).

 
realmType/cert-path-builder

Privileges:

Redeploy or Restart required: Changes take effect after you redeploy the module or restart the server.

 
realmType/key-store

Returns the KeyStore providers for this security realm (in invocation order).

 
realmType/user-lockout-manager

Returns the User Lockout Manager for this security realm.

 
realmType/deploy-role-ignored

The MBean that represents configuration attributes for the security realm.

 
realmType/deploy-policy-ignored

The MBean that represents configuration attributes for the security realm.

 
realmType/deploy-credential-mapping-ignored

The MBean that represents configuration attributes for the security realm.

 
realmType/fully-delegate-authorization

The MBean that represents configuration attributes for the security realm.

 
realmType/validate-dd-security-data

The MBean that represents configuration attributes for the security realm.

 
realmType/security-dd-model

Specifies the default security model for Web applications or EJBs that are secured by this security realm.

 
realmType/combined-role-mapping-enabled

The MBean that represents configuration attributes for the security realm.

 
realmType/enable-web-logic-principal-validator-cache

The MBean that represents configuration attributes for the security realm.

 
realmType/max-web-logic-principals-in-cache

Returns the maximum size of the LRU cache for holding WebLogic Principal signatures.

 
realmType/name

The name of this configuration.

 
realmType/delegate-m-bean-authorization

The MBean that represents configuration attributes for the security realm.

 
role-auxiliaryType 
role-editorType 
role-listerType

Provides a set of methods for listing data about roles.

 
role-mapperType

The SSPI MBean that must be extended by Role Mapping providers that can store roles created while deploying a Web application or EJB.

 
role-mapperType/name

The name of this configuration.

 
role-readerType

Provides a set of methods for reading policies.

 
servlet-authentication-filterType

The SSPI MBean that all Servlet Authentication Filter providers must extend.

 
servlet-authentication-filterType/name

The name of this configuration.

 
user-editorType

Provides a set of methods for creating, editing, and removing users.

 
user-lockout-managerType

Lists and manages lockouts on user accounts.

 
user-lockout-managerType/lockout-enabled

Lists and manages lockouts on user accounts.

 
user-lockout-managerType/lockout-threshold

Returns the maximum number of consecutive invalid login attempts before account is locked out.

 
user-lockout-managerType/lockout-duration

Returns the number of minutes that a user account is locked out.

 
user-lockout-managerType/lockout-reset-duration

The number of minutes within which consecutive invalid login attempts cause the user account to be locked out.

 
user-lockout-managerType/lockout-cache-size

Returns the number of invalid login records that the server places in a cache.

 
user-lockout-managerType/lockout-gc-threshold

Returns the maximum number of invalid login records that the server keeps in memory.

 
user-lockout-managerType/name

The name of this configuration.

 
user-password-credential-map-editorType

Provides a set of methods for creating, editing, and removing a credential map that matches WebLogic users to remote usernames and their corresponding passwords.

 
user-password-credential-map-extended-readerType

Provides a set of methods for reading the credential mappings.

 
user-password-credential-map-readerType

Provides a set of methods for creating, editing, and removing a credential map that matches WebLogic users to remote usernames and their corresponding passwords.

 
user-password-editorType

Provides two methods for changing a user's password.

 
user-readerType

Provides a set of methods for creating, editing, and removing users.

 
user-removerType

Provides a method for removing users.

 

BEA WebLogic Server 9.1 Security Schema Reference