Oracle Fusion Middleware
Oracle WebLogic Server 10.3.1 MBean API Reference
11g Release 1 (10.3.1)

Part Number E13945-02

weblogic.management.security.authentication
Interface UserLockoutManagerMBean


public interface UserLockoutManagerMBean

Lists and manages lockouts on user accounts.

Deprecation of MBeanHome and Type-Safe Interfaces

In addition to being used as a base class that provides functionality to security provider MBeans, JMX applications can use this class directly as a type-safe interface. When used as a type-safe interface, a JMX application imports this class and accesses it through weblogic.management.MBeanHome. As of 9.0, the MBeanHome interface and all type-safe interfaces for WebLogic Server MBeans are deprecated. Instead, JMX applications that interact with WebLogic Server MBeans should use standard JMX design patterns in which clients use the javax.management.MBeanServerConnection interface to discover MBeans, attributes, and attribute types at runtime.


Method Summary
 void clearLockout(String userName)
          Deprecated. 9.0.0.0 Replaced by runtime.UserLockoutManagerRuntimeMBean
 long getInvalidLoginAttemptsTotalCount()
          Deprecated. 9.0.0.0 Replaced by runtime.UserLockoutManagerRuntimeMBean
 long getInvalidLoginUsersHighCount()
          Deprecated. 9.0.0.0 Replaced by runtime.UserLockoutManagerRuntimeMBean
 long getLastLoginFailure(String userName)
          Deprecated. 9.0.0.0 Replaced by runtime.UserLockoutManagerRuntimeMBean
 long getLockedUsersCurrentCount()
          Deprecated. 9.0.0.0 Replaced by runtime.UserLockoutManagerRuntimeMBean
 long getLockoutCacheSize()
          Returns the number of invalid login records that the server places in a cache.
 long getLockoutDuration()
          Returns the number of minutes that a user account is locked out.
 long getLockoutGCThreshold()
          Returns the maximum number of invalid login records that the server keeps in memory.
 long getLockoutResetDuration()
          The number of minutes within which consecutive invalid login attempts cause the user account to be locked out.
 long getLockoutThreshold()
          Returns the maximum number of consecutive invalid login attempts before account is locked out.
 long getLoginAttemptsWhileLockedTotalCount()
          Deprecated. 9.0.0.0 Replaced by runtime.UserLockoutManagerRuntimeMBean
 long getLoginFailureCount(String userName)
          Deprecated. 9.0.0.0 Replaced by runtime.UserLockoutManagerRuntimeMBean
 String getName()
          The name of this configuration.
 RealmMBean getRealm()
          Returns the realm that contains this user lockout manager.
 long getUnlockedUsersTotalCount()
          Deprecated. 9.0.0.0 Replaced by runtime.UserLockoutManagerRuntimeMBean
 long getUserLockoutTotalCount()
          Deprecated. 9.0.0.0 Replaced by runtime.UserLockoutManagerRuntimeMBean
 boolean isLockedOut(String userName)
          Deprecated. 9.0.0.0 Replaced by runtime.UserLockoutManagerRuntimeMBean
 boolean isLockoutEnabled()
          Returns whether the server locks out users when there are invalid login attempts.
 void setLockoutCacheSize(long lockoutCacheSize)
          Sets the number of invalid login records that the server places in a cache.
 void setLockoutDuration(long lockoutDuration)
          Sets the number of minutes that a user account is locked out.
 void setLockoutEnabled(boolean lockoutEnabled)
          Sets whether the server locks out users when there are invalid login attempts.
 void setLockoutGCThreshold(long lockoutGCThreshold)
          Sets the maximum number of invalid login records that the server keeps in memory.
 void setLockoutResetDuration(long newValue)
          The number of minutes within which consecutive invalid login attempts cause the user account to be locked out.
 void setLockoutThreshold(long lockoutThreshold)
          Sets the maximum number of consecutive invalid login attempts before account is locked out.
 

Method Detail

getUserLockoutTotalCount

long getUserLockoutTotalCount()
Deprecated. 9.0.0.0 Replaced by runtime.UserLockoutManagerRuntimeMBean

Returns the number of user lockouts that have occured since this server has been started. In a cluster, this method returns the number of user lockouts that have occured since the cluster has been started because all servers share login failure information.


getInvalidLoginAttemptsTotalCount

long getInvalidLoginAttemptsTotalCount()
Deprecated. 9.0.0.0 Replaced by runtime.UserLockoutManagerRuntimeMBean

Returns the number of invalid logins attempted since this server has been started and lockouts have been enabled. In a cluster, this method returns the number of invalid logins attempted that have occured since the cluster has been started because all servers share login failure information.


getLoginAttemptsWhileLockedTotalCount

long getLoginAttemptsWhileLockedTotalCount()
Deprecated. 9.0.0.0 Replaced by runtime.UserLockoutManagerRuntimeMBean

Returns the number of invalid logins attempted since this server has been started and lockouts have been enabled.


getInvalidLoginUsersHighCount

long getInvalidLoginUsersHighCount()
Deprecated. 9.0.0.0 Replaced by runtime.UserLockoutManagerRuntimeMBean

Returns the highest number of users with concurrent unexpired or uncleared invalid login attempts. Invalid login attempts expire as specified by LockoutResetDuration. This count is useful in determining whether the LockoutCacheSize needs to be modified.


getUnlockedUsersTotalCount

long getUnlockedUsersTotalCount()
Deprecated. 9.0.0.0 Replaced by runtime.UserLockoutManagerRuntimeMBean

Returns the number times users have been unlocked since this server has been started.


getLockedUsersCurrentCount

long getLockedUsersCurrentCount()
Deprecated. 9.0.0.0 Replaced by runtime.UserLockoutManagerRuntimeMBean

Returns the number of users that are currently locked out of this server.


getRealm

RealmMBean getRealm()
Returns the realm that contains this user lockout manager. Returns null if this security provider is not contained by a realm.


isLockoutEnabled

boolean isLockoutEnabled()
Returns whether the server locks out users when there are invalid login attempts. A true value for this attribute causes the server to consider the other attributes of this MBean. A false value causes the server to ignore the other attributes of this MBean."

Default Value:
true

setLockoutEnabled

void setLockoutEnabled(boolean lockoutEnabled)
                       throws InvalidAttributeValueException
Sets whether the server locks out users when there are invalid login attempts.

Parameters:
lockoutEnabled - - the new lockout enabled value
Throws:
InvalidAttributeValueException
See Also:
UserLockoutManagerMBean.isLockoutEnabled()

getLockoutThreshold

long getLockoutThreshold()
Returns the maximum number of consecutive invalid login attempts before account is locked out. When the number of invalid logins within a specified period of time is greater than LockoutThresholdvalue, the user is locked out. For example, with the default setting of 1, the user is locked out on the second consecutive invalid login. With a setting of 2, the user is locked out on the third consecutive invalid login.

Default Value:
5
Minimum Value:
1

setLockoutThreshold

void setLockoutThreshold(long lockoutThreshold)
                         throws InvalidAttributeValueException
Sets the maximum number of consecutive invalid login attempts before account is locked out.

Parameters:
lockoutThreshold - - the new lockout threshold
Throws:
InvalidAttributeValueException
See Also:
UserLockoutManagerMBean.getLockoutThreshold()

getLockoutDuration

long getLockoutDuration()
Returns the number of minutes that a user account is locked out.

Default Value:
30
Minimum Value:
0

setLockoutDuration

void setLockoutDuration(long lockoutDuration)
                        throws InvalidAttributeValueException
Sets the number of minutes that a user account is locked out.

Parameters:
lockoutDuration - - the new lockout duration in minutes
Throws:
InvalidAttributeValueException
See Also:
UserLockoutManagerMBean.getLockoutDuration()

getLockoutResetDuration

long getLockoutResetDuration()
The number of minutes within which consecutive invalid login attempts cause the user account to be locked out.

Default Value:
5
Minimum Value:
1

setLockoutResetDuration

void setLockoutResetDuration(long newValue)
                             throws InvalidAttributeValueException
The number of minutes within which consecutive invalid login attempts cause the user account to be locked out.

Parameters:
newValue - - new value for attribute LockoutResetDuration
Throws:
InvalidAttributeValueException
See Also:
UserLockoutManagerMBean.getLockoutResetDuration()

getLockoutCacheSize

long getLockoutCacheSize()
Returns the number of invalid login records that the server places in a cache. The server creates one record for each invalid login.

Default Value:
5
Minimum Value:
0

setLockoutCacheSize

void setLockoutCacheSize(long lockoutCacheSize)
                         throws InvalidAttributeValueException
Sets the number of invalid login records that the server places in a cache.

Parameters:
lockoutCacheSize - - the new lockout cache size
Throws:
InvalidAttributeValueException
See Also:
UserLockoutManagerMBean.getLockoutCacheSize()

getLockoutGCThreshold

long getLockoutGCThreshold()
Returns the maximum number of invalid login records that the server keeps in memory. If the number of invalid login records is equal to or greater than this value, the server's garbage collection purges the records that have expired. A record expires when the user associated with the record has been locked out.

The lower the threshold, the more often the server uses its resources to collect garbage.

Default Value:
400
Minimum Value:
0

setLockoutGCThreshold

void setLockoutGCThreshold(long lockoutGCThreshold)
                           throws InvalidAttributeValueException
Sets the maximum number of invalid login records that the server keeps in memory.

Parameters:
lockoutGCThreshold - - the new lockout garbage collection threshold
Throws:
InvalidAttributeValueException
See Also:
UserLockoutManagerMBean.getLockoutGCThreshold()

isLockedOut

boolean isLockedOut(String userName)
Deprecated. 9.0.0.0 Replaced by runtime.UserLockoutManagerRuntimeMBean

Indicates whether a user is locked out.

Parameters:
userName - - A user name. If the user does not exist, this method returns false.

clearLockout

void clearLockout(String userName)
Deprecated. 9.0.0.0 Replaced by runtime.UserLockoutManagerRuntimeMBean

Unlocks a user account.

Parameters:
userName - - A user name. If the user does not exist, this method returns false.

getLastLoginFailure

long getLastLoginFailure(String userName)
Deprecated. 9.0.0.0 Replaced by runtime.UserLockoutManagerRuntimeMBean

Returns a string that indicates the time of the last invalid login for this user.

Parameters:
userName - - A user name. If the user does not exist, this method returns false.

getLoginFailureCount

long getLoginFailureCount(String userName)
Deprecated. 9.0.0.0 Replaced by runtime.UserLockoutManagerRuntimeMBean

Returns the current count of login failures for a specific user. This value returns to

Parameters:
userName - - A user name. If the user does not exist, this method returns false.

getName

String getName()
The name of this configuration. WebLogic Server uses an MBean to implement and persist the configuration.

Default Value:
"UserLockoutManager"

Documentation is available at
http://download.oracle.com/docs/cd/E12839_01/web.1111/wls.htm
Copyright 1996, 2009, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners.

Oracle Fusion Middleware
Oracle WebLogic Server 10.3.1 MBean API Reference
11g Release 1 (10.3.1)

Part Number E13945-02