Type-Safe Access to BEA WebLogic Server 9.2 MBeans (Deprecated)

(Methods marked with @since 9.0.0.0 are not available through the deprecated MBeanHome interface.)

weblogic.security.providers.authentication
Interface WindowsNTAuthenticatorMBean

All Superinterfaces:

AuthenticationProviderMBean, AuthenticatorMBean, weblogic.descriptor.DescriptorBean, GroupReaderMBean, ListerMBean, NameListerMBean, ProviderMBean, weblogic.descriptor.SettableBean, weblogic.management.commo.StandardInterface, UserReaderMBean

public interface WindowsNTAuthenticatorMBean

extends weblogic.management.commo.StandardInterface, weblogic.descriptor.DescriptorBean, AuthenticatorMBean, UserReaderMBean, GroupReaderMBean

This MBean contains configuration information for the Windows NT Authetication Provider

Deprecation of MBeanHome and Type-Safe Interfaces

This is a type-safe interface for a WebLogic Server MBean, which you can import into your client classes and access through weblogic.management.MBeanHome. As of 9.0, the MBeanHome interface and all type-safe interfaces for WebLogic Server MBeans are deprecated. Instead, client classes that interact with WebLogic Server MBeans should use standard JMX design patterns in which clients use the javax.management.MBeanServerConnection interface to discover MBeans, attributes, and attribute types at runtime. For more information, see "Developing Manageable Applications with JMX" on http://www.oracle.com/technology/documentation/index.html.

Method Summary

String	getBadDomainControllerRetry() Determines how the provider reacts when a bad domain controller name is found.
Integer	getBadDomainControllerRetryInterval() This time to wait when a bad domain controller name is found before trying to use the domain controller again.
String	getDescription() The Windows NT Authentication provider enables Windows NT users and groups to be used for authentication purposes.
String[]	getDomainControllerList() A list of the domain controllers used for locating unscoped usernames during authentication, listing users/groups, and handling unscoped names.Use if the Domain Controllers is set to List.
String	getDomainControllers() The domain controllers used for locating unscoped usernames during authentication, listing users/groups, and handling unscoped names.
String	getLogonType() Specfies whether the logon process should use Network or Interactive logon.
String	getMapNTDomainName() Specifies whether the Windows NT domain information should be placed into principal names during authentication.
String	getMapUPNNames() Indicates how the Windows NT Authentication provider should map UPN-style names for authentication (meaning will username@domain be used).
String	getName() The name of this configuration.
String	getProviderClassName() The name of the Java class used to load the Windows NT Authentication provider.
String	getVersion() The version number of the Windows NT Authentication provider.
void	setBadDomainControllerRetry(String newValue) Determines how the provider reacts when a bad domain controller name is found.
void	setBadDomainControllerRetryInterval(Integer newValue) This time to wait when a bad domain controller name is found before trying to use the domain controller again.
void	setDomainControllerList(String[] newValue) A list of the domain controllers used for locating unscoped usernames during authentication, listing users/groups, and handling unscoped names.Use if the Domain Controllers is set to List.
void	setDomainControllers(String newValue) The domain controllers used for locating unscoped usernames during authentication, listing users/groups, and handling unscoped names.
void	setLogonType(String newValue) Specfies whether the logon process should use Network or Interactive logon.
void	setMapNTDomainName(String newValue) Specifies whether the Windows NT domain information should be placed into principal names during authentication.
void	setMapUPNNames(String newValue) Indicates how the Windows NT Authentication provider should map UPN-style names for authentication (meaning will username@domain be used).

Methods inherited from interface weblogic.management.commo.StandardInterface

setName, wls_getDisplayName, wls_getInterfaceClassName, wls_getObjectName

Methods inherited from interface weblogic.descriptor.DescriptorBean

addBeanUpdateListener, addPropertyChangeListener, createChildCopy, createChildCopyIncludingObsolete, getDescriptor, getParentBean, isEditable, removeBeanUpdateListener, removePropertyChangeListener

Methods inherited from interface weblogic.descriptor.SettableBean

isSet, unSet

Methods inherited from interface weblogic.management.security.authentication.AuthenticatorMBean

getControlFlag, setControlFlag

Methods inherited from interface weblogic.management.security.ProviderMBean

getRealm

Methods inherited from interface weblogic.management.security.authentication.UserReaderMBean

getUserDescription, listUsers, userExists

Methods inherited from interface weblogic.management.utils.NameListerMBean

getCurrentName

Methods inherited from interface weblogic.management.utils.ListerMBean

advance, close, haveCurrent

Methods inherited from interface weblogic.management.security.authentication.GroupReaderMBean

getGroupDescription, groupExists, isMember, listGroups

Method Detail

getBadDomainControllerRetry

public String getBadDomainControllerRetry()

Determines how the provider reacts when a bad domain controller name is found.

Possible settings:

• Delay indicates the domain controller can be used again only after a certain amount of time has elapsed since it was last tried unsuccessfully.
• Never indicates a bad domain controller is never retried.
• Always indicates a bad domain controller is always retried.

getBadDomainControllerRetryInterval

public Integer getBadDomainControllerRetryInterval()

This time to wait when a bad domain controller name is found before trying to use the domain controller again. Use if the BadDomainControllerRetry is set to Delay. This setting helps reduces performance hits when a domain controller in the list of controllers is temporarily unavailable

getDescription

public String getDescription()

The Windows NT Authentication provider enables Windows NT users and groups to be used for authentication purposes.

Specified by:

getDescription in interface ProviderMBean

getDomainControllerList

public String[] getDomainControllerList()

A list of the domain controllers used for locating unscoped usernames during authentication, listing users/groups, and handling unscoped names.Use if the Domain Controllers is set to List.

The specified list should contain the domain controller names in trusted domains. Placeholders are supported and will expand if specified. Supported placeholders are [Local],[LocalAndDomain], [Domain].

getDomainControllers

public String getDomainControllers()

The domain controllers used for locating unscoped usernames during authentication, listing users/groups, and handling unscoped names.

Possible settings:

• Local--local machine only.
• LocalAndDomain--the local machine and the domain that the machine is a member of (if it is not standalone).
• Domain--the domain that the machine is a member.
• List--Use the domain constrollers specified in the Domain Controller List setting.

getLogonType

public String getLogonType()

Specfies whether the logon process should use Network or Interactive logon.

getMapNTDomainName

public String getMapNTDomainName()

Specifies whether the Windows NT domain information should be placed into principal names during authentication.

Possible settings:

• Never--the Windows NT domain name is not placed in the principal names.
• OldUPN--the Windows NT domain name is placed in the principal names as domain\\name.
• UPN-- the Windows NT domain name is placed in the principal names as name@domain.

getMapUPNNames

public String getMapUPNNames()

Indicates how the Windows NT Authentication provider should map UPN-style names for authentication (meaning will username@domain be used).

Possible settings:

• First--names which match the UPN format should be treated as a UPN name first. If the name isn't a UPN name, the name will be treated as an unscoped name.
• Last--names which match the UPN format should be treated as a UPN name only if the name failed to be matched as an unscoped name.
• Always--names which match the UPN format will always be treated as a UPN name.

This setting should only be used when there are no usernames with @. domain\\username is not ambiguous and is always allowed.

getName

public String getName()

Description copied from interface: ProviderMBean

The name of this configuration. WebLogic Server uses an MBean to implement and persist the configuration.

Specified by:

getName in interface weblogic.management.commo.StandardInterface

getProviderClassName

public String getProviderClassName()

The name of the Java class used to load the Windows NT Authentication provider.

Specified by:

getProviderClassName in interface ProviderMBean

Excluded: Should not appear in public javadocs

Internal: Should not appear in public javadocs

getVersion

public String getVersion()

The version number of the Windows NT Authentication provider.

Specified by:

getVersion in interface ProviderMBean

setBadDomainControllerRetry

public void setBadDomainControllerRetry(String newValue)
                                 throws InvalidAttributeValueException

Determines how the provider reacts when a bad domain controller name is found.

Possible settings:

• Delay indicates the domain controller can be used again only after a certain amount of time has elapsed since it was last tried unsuccessfully.
• Never indicates a bad domain controller is never retried.
• Always indicates a bad domain controller is always retried.

Parameters:

newValue - - new value for attribute BadDomainControllerRetry

Throws:

InvalidAttributeValueException

setBadDomainControllerRetryInterval

public void setBadDomainControllerRetryInterval(Integer newValue)
                                         throws InvalidAttributeValueException

This time to wait when a bad domain controller name is found before trying to use the domain controller again. Use if the BadDomainControllerRetry is set to Delay. This setting helps reduces performance hits when a domain controller in the list of controllers is temporarily unavailable

Parameters:

newValue - - new value for attribute BadDomainControllerRetryInterval

Throws:

InvalidAttributeValueException

setDomainControllerList

public void setDomainControllerList(String[] newValue)
                             throws InvalidAttributeValueException

A list of the domain controllers used for locating unscoped usernames during authentication, listing users/groups, and handling unscoped names.Use if the Domain Controllers is set to List.

The specified list should contain the domain controller names in trusted domains. Placeholders are supported and will expand if specified. Supported placeholders are [Local],[LocalAndDomain], [Domain].

Parameters:

newValue - - new value for attribute DomainControllerList

Throws:

InvalidAttributeValueException

setDomainControllers

public void setDomainControllers(String newValue)
                          throws InvalidAttributeValueException

The domain controllers used for locating unscoped usernames during authentication, listing users/groups, and handling unscoped names.

Possible settings:

• Local--local machine only.
• LocalAndDomain--the local machine and the domain that the machine is a member of (if it is not standalone).
• Domain--the domain that the machine is a member.
• List--Use the domain constrollers specified in the Domain Controller List setting.

Parameters:

newValue - - new value for attribute DomainControllers

Throws:

InvalidAttributeValueException

setLogonType

public void setLogonType(String newValue)
                  throws InvalidAttributeValueException

Specfies whether the logon process should use Network or Interactive logon.

Parameters:

newValue - - new value for attribute LogonType

Throws:

InvalidAttributeValueException

setMapNTDomainName

public void setMapNTDomainName(String newValue)
                        throws InvalidAttributeValueException

Specifies whether the Windows NT domain information should be placed into principal names during authentication.

Possible settings:

• Never--the Windows NT domain name is not placed in the principal names.
• OldUPN--the Windows NT domain name is placed in the principal names as domain\\name.
• UPN-- the Windows NT domain name is placed in the principal names as name@domain.

Parameters:

newValue - - new value for attribute MapNTDomainName

Throws:

InvalidAttributeValueException

setMapUPNNames

public void setMapUPNNames(String newValue)
                    throws InvalidAttributeValueException

Indicates how the Windows NT Authentication provider should map UPN-style names for authentication (meaning will username@domain be used).

Possible settings:

• First--names which match the UPN format should be treated as a UPN name first. If the name isn't a UPN name, the name will be treated as an unscoped name.
• Last--names which match the UPN format should be treated as a UPN name only if the name failed to be matched as an unscoped name.
• Always--names which match the UPN format will always be treated as a UPN name.

This setting should only be used when there are no usernames with @. domain\\username is not ambiguous and is always allowed.

Parameters:

newValue - - new value for attribute MapUPNNames

Throws:

InvalidAttributeValueException