Skip navigation links

Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

com.bea.p13n.security.management.authentication
Class AtnSecurityMgmtHelper

java.lang.Object
  extended by com.bea.p13n.security.management.authentication.AtnSecurityMgmtHelper

public class AtnSecurityMgmtHelper
extends Object

Provides helper methods for accessing security management classes, especially those used to manage SSPI providers.

Field Summary
static String ATN_PROVIDER_ID
           

 

Constructor Summary
AtnSecurityMgmtHelper()
           

 

Method Summary
static AtnProviderDescription findProviderByName(String aDisplayName)
          Returns the configured SSPI authentication provider with a matching display name.
static AtnProviderDescription findProviderByName(String aDisplayName, boolean getCachedMBean)
          Returns the configured SSPI authentication provider with a matching display name.
static AtnProviderDescription findProviderByUniqueName(String aUniqueId)
          Returns the configured SSPI authentication provider with a matching unique id which is the concatenation of display name and version number.
static AtnProviderDescription getDefaultProvider()
          Returns the default configured SSPI authentication provider.
static String getDisallowedUserPattern()
          Returns the set of characters which are disallowed in the creation of user names.
static List<AtnProviderDescription> getProviders()
          Returns the list of currently configured SSPI authentication providers.
static SortablePagedResult<AtnProviderDescription> getProviders(int pageSize, P13nContextHandler ctxHdl)
          Returns the paginated result of authentication providers that the caller at least has "View" capability
static String getProviderUniqueName(String aDisplayName, String aVersion)
          Returns unique id of the provider which is the concatenation of display name and version number.
static boolean isDeletableGroup(String aProviderDescription, String groupName)
          Checks whether the groupName specified is a protected group name or whether the groupName is a WLS special group name, neither of which will be allowed to be deleted.
static boolean isMultiAtnProviderMode()
          Returns an indication of whether multiple authentication providers have been configured.
static boolean isProtectedGroupName(String aProviderDescription, String groupName)
          Checks whether the groupName specified is an optional reserved group name or whether the groupName is a WLS special group name, neither of which will be allowed to be created by this provider.
static boolean isProtectedUserName(String aProviderDescription, String userName)
          Checks whether the userName specified is a protected user name which willnot be allowed to be created by this provider.
static boolean isReservedGroupName(String aProviderDescription, String groupName)
          Checks whether the groupName specified is an optional reserved group name which will not be allowed to be created by this provider.
static boolean isReservedUserName(String aProviderDescription, String userName)
          Checks whether the userName specified is an optional reserved user name or whether the userName is a WLS special user name, neither of which will be allowed to be created by this provider.
static void validateGroupCallerRole(String operationType, String targetUserName)
          Throws an exception if the caller is not in the proper role to perform the requested user management operation.
static void validateGroupCallerRole(String operationType, String targetUserName, ContextHandler contextHandler)
          Throws an exception if the caller is not in the proper role to perform the requested user management operation.
static void validateUserCallerRole(String operationType, String targetUserName)
          Throws an exception if the caller is not in the proper role to perform the requested user management operation.
static void validateUserCallerRole(String operationType, String targetUserName, ContextHandler contextHandler)
          Throws an exception if the caller is not in the proper role to perform the requested user management operation.

 

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

 

Field Detail

ATN_PROVIDER_ID

public static final String ATN_PROVIDER_ID
See Also
Constants Summary

Constructor Detail

AtnSecurityMgmtHelper

public AtnSecurityMgmtHelper()

Method Detail

getProviders

public static List<AtnProviderDescription> getProviders()
                                                 throws ProviderMgmtException
Returns the list of currently configured SSPI authentication providers.
Returns
List of AtnProviderDescription objects
Throws
ProviderMgmtException

getProviders

public static SortablePagedResult<AtnProviderDescription> getProviders(int pageSize,
                                                                       P13nContextHandler ctxHdl)
                                                                throws ProviderMgmtException
Returns the paginated result of authentication providers that the caller at least has "View" capability
Returns
Paged List of AtnProviderDescription objects
Throws
ProviderMgmtException

getDefaultProvider

public static AtnProviderDescription getDefaultProvider()
                                                 throws ProviderMgmtException
Returns the default configured SSPI authentication provider.
Returns
default AtnProviderDescription
Throws
ProviderMgmtException

findProviderByName

public static AtnProviderDescription findProviderByName(String aDisplayName)
                                                 throws ProviderMgmtException
Returns the configured SSPI authentication provider with a matching display name. Will return a cached reference which may be stale if the admin server has bounced.
Parameters
aDisplayName - The name entered at the WLS console when creating a new authentication provider.
Returns
AtnProviderDescription or null, if no matching provider found
Throws
ProviderMgmtException

findProviderByName

public static AtnProviderDescription findProviderByName(String aDisplayName,
                                                        boolean getCachedMBean)
                                                 throws ProviderMgmtException
Returns the configured SSPI authentication provider with a matching display name. The getCachedMBean parameter can be used to force a refreshing of the provider MBean reference contained in the returned AtnProviderDescription. This is only necessary if it has been determined the admin server is down or has been cycled.
Parameters
aDisplayName - The display name this provider is recognized by
getCachedMBean - If true, uses an existing reference to the provider
Returns
AtnProviderDescription
Throws
ProviderMgmtException

findProviderByUniqueName

public static AtnProviderDescription findProviderByUniqueName(String aUniqueId)
                                                       throws ProviderMgmtException
Returns the configured SSPI authentication provider with a matching unique id which is the concatenation of display name and version number.
Parameters
aUniqueId - Concatenation of display name and version number
Returns
AtnProviderDescription or null, if no matching provider found
Throws
ProviderMgmtException

getProviderUniqueName

public static String getProviderUniqueName(String aDisplayName,
                                           String aVersion)
Returns unique id of the provider which is the concatenation of display name and version number.
Parameters
aDisplayName - The provider name
aVersion - The provider version
Returns
unique id

getDisallowedUserPattern

public static String getDisallowedUserPattern()
Returns the set of characters which are disallowed in the creation of user names.
Returns
disallowed chars

isReservedUserName

public static boolean isReservedUserName(String aProviderDescription,
                                         String userName)
Checks whether the userName specified is an optional reserved user name or whether the userName is a WLS special user name, neither of which will be allowed to be created by this provider.
Parameters
aProviderDescription - the string identifying this authentication provider in the properties file.
userName - the user name to evaluate
Returns
true if userName is reserved by provider, else false

isReservedGroupName

public static boolean isReservedGroupName(String aProviderDescription,
                                          String groupName)
Checks whether the groupName specified is an optional reserved group name which will not be allowed to be created by this provider.
Parameters
aProviderDescription - the string identifying this authentication provider in the properties file.
groupName - the group name to evaluate
Returns
True if group name is reserved, otherwise false
Throws
IllegalArgumentException

isProtectedUserName

public static boolean isProtectedUserName(String aProviderDescription,
                                          String userName)
Checks whether the userName specified is a protected user name which willnot be allowed to be created by this provider.
Parameters
aProviderDescription - the string identifying this authentication provider in the properties file.
userName - the user name to evaluate
Returns
true if userName is protecteds by provider else false

isProtectedGroupName

public static boolean isProtectedGroupName(String aProviderDescription,
                                           String groupName)
Checks whether the groupName specified is an optional reserved group name or whether the groupName is a WLS special group name, neither of which will be allowed to be created by this provider.
Parameters
aProviderDescription - the string identifying this authentication provider in the properties file.
groupName - the group name to evaluate
Returns
List of Strings containing reserved user names

isDeletableGroup

public static boolean isDeletableGroup(String aProviderDescription,
                                       String groupName)
Checks whether the groupName specified is a protected group name or whether the groupName is a WLS special group name, neither of which will be allowed to be deleted.
Parameters
aProviderDescription - the string identifying this authentication provider in the properties file.
groupName - the group name to evaluate
Returns
true if group name can be deleted, else false

isMultiAtnProviderMode

public static boolean isMultiAtnProviderMode()
Returns an indication of whether multiple authentication providers have been configured.
Returns
True if more than one authentication provider is found, else false

validateUserCallerRole

public static void validateUserCallerRole(String operationType,
                                          String targetUserName)
Throws an exception if the caller is not in the proper role to perform the requested user management operation.
Parameters
operationType - the AtnProviderProperties defined operation type
targetUserName - the user the operation is being performed on behalf of
Throws
SecurityException

validateUserCallerRole

public static void validateUserCallerRole(String operationType,
                                          String targetUserName,
                                          ContextHandler contextHandler)
Throws an exception if the caller is not in the proper role to perform the requested user management operation.
Parameters
operationType - the AtnProviderProperties defined operation type
targetUserName - the user the operation is being performed on behalf of
contextHandler - optional context handler required if expression-based roles protects this User operation
Throws
SecurityException

validateGroupCallerRole

public static void validateGroupCallerRole(String operationType,
                                           String targetUserName)
Throws an exception if the caller is not in the proper role to perform the requested user management operation.
Parameters
operationType - the AtnProviderProperties defined operation type
targetUserName - the user the operation is being performed on behalf of
Throws
SecurityException

validateGroupCallerRole

public static void validateGroupCallerRole(String operationType,
                                           String targetUserName,
                                           ContextHandler contextHandler)
Throws an exception if the caller is not in the proper role to perform the requested user management operation.
Parameters
operationType - the AtnProviderProperties defined operation type
targetUserName - the user the operation is being performed on behalf of
contextHandler - optional context handler required if expression-based roles protects this Group operation
Throws
SecurityException

Skip navigation links

Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

Copyright © 2010, Oracle. All rights reserved.