Oracle Fusion Middleware
Oracle WebLogic Server API Reference
11g Release 1 (10.3.4)

Part Number E13941-04

Package weblogic.security.spi

This package includes interfaces, classes, and exceptions you use to develop security providers.

See:
          Description

Interface Summary
AccessDecision The AccessDecision interface defines the security service provider interface (SSPI) for policy enforcement points (PEP) that can be plugged into WebLogic Server.
AdjudicationProvider Deprecated.  
AdjudicationProviderV2 The AdjudicationProviderV2 interface exposes the services provided by an Adjudication provider to the WebLogic Security Framework.
Adjudicator Deprecated.  
AdjudicatorV2 The AdjudicatorV2 interface defines the security service provider interface (SSPI) for an object that is responsible for making the final decision as to whether the processing of the requested method should be permitted to proceed or should be denied.
ApplicationInfo An ApplicationInfo passes data about an application deployment to a security provider and is used in the DeployableAuthorizationProviderV2 and DeployableRoleProviderV2 interfaces.
AuditApplicationVersionEvent The AuditApplicationVersionEvent interface is used to post VersionableApplicationProvider events.
AuditAtnEvent Deprecated.  
AuditAtnEventV2 The AuditAtnEventV2 interface is used to post authentication audit events.
AuditAtzEvent The AuditAtzEvent interface is used to post authorization audit events.
AuditCertPathBuilderEvent This interface is used to post audit events for CertPathBuilder providers.
AuditCertPathValidatorEvent This interface is used to post audit events for CertPathValidator providers.
AuditChannel The AuditChannel interface defines the security service provider interface (SSPI) for objects capable of logging security-related events for auditing purposes.
AuditChannelV2 The AuditChannelV2 interface defines the security service provider interface (SSPI) for objects capable of logging security-related events for auditing purposes.
AuditConfigurationEvent The AuditConfigurationEvent interface is used to post configuration change audit events.
AuditContext The AuditContext interface can be extended by AuditEvent implementations to indicate that the implementation has context information.
AuditCreateConfigurationEvent The AuditCreateConfigurationEvent interface is used to post a specific configuration change audit event that identifies that a request has been made to create a new configuration artifact.
AuditCredentialMappingEvent The AuditCredentialMappingEvent interface is used to post credential mapping audit events.
AuditDeleteConfigurationEvent The AuditDeleteConfigurationEvent interface is used to post a specific configuration change audit event that identifies that a request has been made to delete an existing configuration artifact.
AuditEvent The AuditEvent interface provides a mechanism for passing audit information to Auditing providers during a writeEvent operation.
AuditInvokeConfigurationEvent The AuditInvokeConfigurationEvent interface is used to post a specific configuration change audit event that identifies that a request has been made to invoke an operation on an existing configuration artifact.
AuditLifecycleEvent The AuditLifecycleEvent interface is used to post audit lifecycle events.
AuditMgmtEvent The AuditMgmtEvent interface is used to post security provider management audit events.
AuditorService The AuditorService interface provides security providers with access to the Auditor object, which resides in the WebLogic Security Framework and is limited to the writing of audit records.
AuditPolicyEvent The AuditPolicyEvent interface is used to post security policy audit events.
AuditProvider The AuditProvider interface exposes the services provided by an Auditing provider to the WebLogic Security Framework.
AuditProviderV2 The AuditProviderV2 interface exposes the services provided by an Auditing provider to the WebLogic Security Framework.
AuditRoleDeploymentEvent The AuditRoleDeploymentEvent interface is used to post security role deployment audit events.
AuditRoleEvent The AuditRoleEvent interface is used to post security role audit events.
AuditSetAttributeConfigurationEvent The AuditSetAttributeConfigurationEvent interface is used to post a specific configuration change audit event that identifies that a request has been made to modify an existing configuration artifact.
AuthenticationProvider The AuthenticationProvider interface exposes the services provided by an Authentication provider to the WebLogic Security Framework.
AuthenticationProviderV2 The AuthenticationProviderV2 interface exposes the services provided by an Authentication provider to the WebLogic Security Framework.
AuthorizationProvider The AuthorizationProvider interface exposes the services provided by an Authorization provider to the WebLogic Security Framework.
BulkAccessDecision The BulkAccessDecisionV2 security service provider (SSPI) interface for policy enforcement points (PEP) allows support for bulk runtime authorization queries.
BulkAdjudicationProvider The AdjudicationProviderV2 interface exposes the services provided by an Adjudication provider to the WebLogic Security Framework.
BulkAdjudicator The BulkAdjudicator interface defines the security service provider interface (SSPI) for an object that is responsible for making the final decision as to whether the processing of the requested method should be permitted to proceed or should be denied as part of a bulk access decision.
BulkAuthorizationProvider The AuthorizationProvider interface exposes the services provided by an Authorization provider to the WebLogic Security Framework.
BulkRoleMapper The BulkRoleMapper interface defines the security service provider interface (SSPI) for providers capable of obtaining the appropriate set of roles, for a list of resources, that have been granted to a specific subject.
BulkRoleProvider The BulkRoleProvider interface exposes the services provided by an bulk Role provider to the WebLogic Security Framework.
CertPathBuilderParametersSpi This class contains the CertPathParameters that the CLV framework passes to the provider's JDK CertPathBuilderSpi implementation.
CertPathProvider The CertPathProvider interface exposes the services provided by a CertPath provider to the WebLogic Security Framework.
CertPathValidatorParametersSpi This class contains the CertPathParameters that the CLV framework passes to the provider's JDK CertPathValidatorSpi implementation.
ChallengeIdentityAsserter Deprecated. WLS 9.0 (12/2003) Replaced with ChallengeIdentityAsserterV2
ChallengeIdentityAsserterV2 The ChallengeIdentityAsserterV2 interface allows Identity Assertion providers to support authentication protocols such as Microsoft's Windows NT Challenge/Response (NTLM), Simple and Protected GSS-API Negotiation Mechanism (SPNEGO), and other challenge/response authentication mechanisms.
CredentialMapper Deprecated. WLS 9.0 (10/2003) Replaced with CredentialMapperV2
CredentialMapperV2 The CredentialMapperV2 interface defines the security service provider interface (SSPI) for objects capable of obtaining the appropriate set of credentials for a particular resource that is scoped within an application.
CredentialProvider Deprecated. WLS 9.0 (10/2003) Replaced with CredentialProviderV2
CredentialProviderV2 The CredentialProviderV2 interface exposes the services provided by a Credential Mapping provider to the WebLogic Security Framework.
DeployableAuthorizationProvider Deprecated. 9.0.0.0 Replaced by DeployableAuthorizationProviderV2
DeployableAuthorizationProviderV2 An Authorization provider that supports deploying policies on behalf of Web application and EJB deployments is required to implement this interface.
DeployableCredentialProvider Deprecated. WLS 9.0 (10/2003) Deprecating the feature
DeployableRoleProvider Deprecated. 9.0.0.0 Replaced by DeployableRoleProviderV2
DeployableRoleProviderV2 A Role Mapping provider that supports deploying roles on behalf of Web application and EJB deployments is required to implement this interface.
DeployPolicyHandle The DeployPolicyHandle interface is a marker interface used to signify that an Object represents security provider specific information about an application policy deployment.
DeployRoleHandle The DeployRoleHandle interface is a marker interface used to signify that an Object represents security provider specific information about an application role deployment.
IdentityAsserter The IdentityAsserter interface exposes the methods that custom Identity Assertion providers need to implement in order to provide token-based client identity assertion.
IdentityAsserterV2 The IdentityAsserter interface exposes the methods that custom Identity Assertion providers need to implement in order to provide token-based client identity assertion.
JDBCConnectionService Interface used to obtain a database connection from a JDBC data source.
PasswordDigest The getPasswordDigest interface allows an authentication provider to return a digest for a specified user's password.
PolicyCollectionHandler An authorization provider that wishes to consume policy sets implements the PolicyCollectionHandler interface.
PolicyCollectionInfo A PolicyCollectionInfo passes data about a policy set to a security provider and is used by the the PolicyConsumer interface.
PolicyConsumer An authorization provider that wishes to consume policy implements the PolicyConsumer interface.
PolicyConsumerFactory An authorization provider that wishes to consume policy implements the PolicyConsumerFactory interface so that an instance of a PolicyConsumer is availble to the WebLogic Security Framework.
PrincipalValidator The PrincipalValidator interface defines the methods that custom Principal Validation providers must implement to support principal trust relationships within the context of the Weblogic Server environment.
ProviderChallengeContext The ProviderChallengeContext interface allows a Challenge Identity Assertion providers to return an object that contains state and is used for subsequent steps in a multi-step challenge/response process.
Resource The Resource interface provides the definition for an object that represents a resource that may be protected from unauthorized access.
RoleCollectionHandler A role provider that wishes to consume roles implements the RoleCollectionHandler interface.
RoleCollectionInfo A RoleCollectionInfo passes data about a role set to a security provider and is used by the the RoleConsumer interface.
RoleConsumer A role provider that wishes to consume roles implements the RoleConsumer interface.
RoleConsumerFactory A role provider that wishes to consume role policy implements the RoleConsumerFactory interface so that an instance of a RoleConsumer is availble to the WebLogic Security Framework.
RoleMapper The RoleMapper interface defines the security service provider interface (SSPI) for objects capable of obtaining the appropriate set of roles for a particular resource that has been granted to a specific subject.
RoleProvider The RoleProvider interface exposes the services provided by a Role Mapping provider to the WebLogic Security Framework.
SecurityProvider The SecurityProvider interface is required of all security providers (WebLogic and custom) because it provides basic methods for their use in the WebLogic Server environment.
SecurityServices The SecurityServices interface is used by the WebLogic Security Framework to create security service implementations such as the AuditorService, which security providers can then use.
SecurityServicesJDBC The SecurityServicesJDBC interface is used by the WebLogic Security Framework to create security service implementations such as the JDBCConnectionService.
SelfDescribingResource The SelfDescribingResource class adds added query methods to the Resource class.
SelfDescribingResourceV2 The SelfDescribingResourceV2 class adds more query methods to the SelfDescribingResource class.
ServletAuthenticationFilter An Authentication provider implements this interface to signal that it has authentication filters that it wants the Servlet container to include during the authentication process.
VersionableApplicationProvider All authorization, role mapping, and credential mapping providers for the security realm must support application versioning for an application to be deployed using versions.
WLSGroup The WLSGroup interface is a marker interface used to signify that a principal represents a WebLogic Server group.
WLSUser The WLSUser interface is a marker interface used to signify that a principal represents a WebLogic Server user.
WSPasswordDigest  
 

Class Summary
ApplicationInfo.ComponentType A ComponentType represents the component type for the application that is being deployed and is used within an ApplicationInfo interface.
ApplicationRemovalException The ApplicationRemovalException is thrown if a security provider encounters a problem while handling the deletion of an application.
ApplicationVersionCreationException The ApplicationVersionCreationException is thrown if a security provider encounters a problem while handling the creation of a new application version.
ApplicationVersionRemovalException The ApplicationVersionRemovalException is thrown if a security provider encounters a problem while handling the deletion of an application version.
AuditAtnEvent.AtnEventType The AtnEventType class describes the authentication event types that are supported.
AuditAtnEventV2.AtnEventTypeV2 The AtnEventType class describes the authentication event types that are supported.
AuditLifecycleEvent.AuditLifecycleEventType The AuditLifecycleEventType class describes the audit service lifecycle event types that are supported.
AuditSeverity The AuditSeverity class provides audit severity levels as both numeric and text values to an Auditing provider.
DeployHandleCreationException The DeployHandleCreationException is thrown if a security provider encounters a problem while creating a DeployPolicyHandle or DeployRoleHandle.
Direction The Direction class is used to represent when the authorization check is to be performed by an Access Decision (either before a resource is accessed or after access has been allowed).
JDBCConnectionServiceException The JDBCConnectionServiceException exception is thrown if a named JDBC data source is not found.
ProviderDecisionException Deprecated. Deprecated in Weblogic 10.3.
ResourceCreationException The ResourceCreationException exception is thrown if a security provider encounters a problem while creating a resource.
ResourceNotFoundException Deprecated. Deprecated in Weblogic 10.3.
ResourceRemovalException The ResourceRemovalException exception is thrown if a security provider is unable to remove a resource.
Result The Result class contains the result of calling the isAccessAllowed method on an AccessDecision.
RoleCreationException A RoleCreationException exception is thrown if a Role Mapping provider has a problem creating a role.
RoleNotFoundException Deprecated. Deprecated in Weblogic 10.3.
RoleRemovalException The RoleRemovalException exception is thrown if a Role Mapping provider is unable to remove a role.
SecuritySpiException The SecuritySpiException exception is the base interface implemented by all security provider exceptions.
 

Exception Summary
DigestNotAvailableException The DigestNotAvailableException exception is thrown by a security provider if the password digest for the specified user can not be retrieved.
IdentityAssertionException The IdentityAssertionException exception is thrown if an Identity Assertion provider attempts to assert an identity based on token identity information, and that attempt fails.
InvalidPrincipalException The InvalidPrincipalException exception is thrown by a security provider if the principal that was generated for a user has become invalid.
ProviderInitializationException The ProviderInitializationException exception is a generic exception thrown by a security provider if it encounters problems during initialization.
 

Package weblogic.security.spi Description

This package includes interfaces, classes, and exceptions you use to develop security providers. In many cases, these interfaces, classes, and exceptions should be used in conjunction with those in the weblogic.security.service package.

Each security service provider interface (SSPI) that ends in the suffix "Provider". For example, RoleProvider exposes the services of a security provider to the WebLogic Security Framework. This allows the security provider to be manipulated (initialized, started, stopped). These "Provider" SSPIs can also be thought of as factories for the classes used at runtime by the system. For example, RoleProvider.getRoleMapper() creates, initializes and returns the Role Mapper that will actually perform the role mapping operations.

The WLSUser and WLSGroup interfaces are marker interfaces that extend java.security.Principal. They should be used to designate that a principal contains the name of the user, or the name of a group to which the user belongs.

See Also:
weblogic.security.service, Developing Security Providers for Oracle WebLogic Server

Copyright 1996, 2010, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners.

Oracle Fusion Middleware
Oracle WebLogic Server API Reference
11g Release 1 (10.3.4)

Part Number E13941-04