Oracle Fusion Middleware
Oracle WebLogic Server MBean Javadoc
11g Release 1 (10.3.6)

Part Number E13945-06

weblogic.management.security.authentication
Interface UserEditorMBean

All Superinterfaces:
ListerMBean, NameListerMBean, UserPasswordEditorMBean, UserReaderMBean, UserRemoverMBean
All Known Subinterfaces:
DefaultAuthenticatorMBean, SQLAuthenticatorMBean

public interface UserEditorMBean
extends UserReaderMBean, UserPasswordEditorMBean, UserRemoverMBean

Provides a set of methods for creating, editing, and removing users. An Authentication provider MBean can optionally implement this MBean. The WebLogic Server Administration Console detects when an Authentication provider implements this MBean and automatically provides a GUI for using these methods.

CSS v4 introduced a new Password Validaton Service to check password against a set of rules when doing changing password operations with authentication provider MBeans such as createUser, changeUserPassword and resetUserPassword. The rules can be specified through configuring Password Validation Provider into the security realm, for further information, see weblogic.management.security.RealmMBean.

All OOTB authentication providers in CSS will automatically call the Password Validation Service if their MBeans inherit UserPasswordEditorMBean interface. The service is also available for all those customized authentication providers whose MBeans inherit UserPasswordEditorMBean, to introduce the Password Validation Service into a customized authentication proivder, the following approach must be met:

1. In the initialize method of a customized provider implementation, must retrieve the Password Validation Service and register the service into a helper class such as weblogic.security.provider.authentication.AuthenticationSecurityHelper, the code might like as below:

 import com.bea.common.security.service.PasswordValidationService;
 import com.bea.common.security.legacy.ExtendedSecurityServices;
 import com.bea.common.security.internal.legacy.helper.PasswordValidationServiceConfigHelper;
 import weblogic.security.provider.authentication.AuthenticationSecurityHelper;
 ......
 ExtendedSecurityServices extendedSecurityServices = (ExtendedSecurityServices)securityServices;
 PasswordValidationService serivce = (PasswordValidationService)extendedSecurityServices.getServices().
                                           getService(PasswordValidationServiceConfigHelper.getServiceName(providerMBean.getRealm()));
 AuthenticationSecurityHelper.getInstance(providerMBean).registerPasswordValidationService(service);
 ......
 

2. In the createUser, changeUserPassword and(or) resetUserPassword methods of a customized authentication provider MBean, call the helper class to validate the new password to determine if the new password is valid. The code might be:

 import weblogic.security.provider.authentication.AuthenticationSecurityHelper;
 .....
 AuthenticationSecurityHelper.getInstance(providerMBean).validatePassword(userName,password);
 .....
 

Deprecation of MBeanHome and Type-Safe Interfaces

In addition to being used as a base class that provides functionality to security provider MBeans, JMX applications can use this class directly as a type-safe interface. When used as a type-safe interface, a JMX application imports this class and accesses it through weblogic.management.MBeanHome. As of 9.0, the MBeanHome interface and all type-safe interfaces for WebLogic Server MBeans are deprecated. Instead, JMX applications that interact with WebLogic Server MBeans should use standard JMX design patterns in which clients use the javax.management.MBeanServerConnection interface to discover MBeans, attributes, and attribute types at runtime.


Method Summary
 void createUser(String userName, String password, String description)
          Creates a user and sets the user's password.
 void setUserDescription(String userName, String description)
          Sets the description for an existing user.
 
Methods inherited from interface weblogic.management.security.authentication.UserReaderMBean
getUserDescription, listUsers, userExists
 
Methods inherited from interface weblogic.management.utils.NameListerMBean
getCurrentName
 
Methods inherited from interface weblogic.management.utils.ListerMBean
advance, close, haveCurrent
 
Methods inherited from interface weblogic.management.security.authentication.UserPasswordEditorMBean
changeUserPassword, resetUserPassword
 
Methods inherited from interface weblogic.management.security.authentication.UserRemoverMBean
removeUser
 

Method Detail

createUser

void createUser(String userName,
                String password,
                String description)
                throws InvalidParameterException,
                       AlreadyExistsException
Creates a user and sets the user's password.

Parameters:
userName - - The name of the new user. The name cannot be the name of an existing user or group. The Authentication provider determines syntax requirements for the user name.
password - - The password for the new user. The Authentication provider determines syntax requirements for passwords.
description - - The description of the user.
Throws:
InvalidParameterException
AlreadyExistsException

setUserDescription

void setUserDescription(String userName,
                        String description)
                        throws NotFoundException,
                               InvalidParameterException
Sets the description for an existing user.

Parameters:
userName - - The name of an existing user.
description - - The description of the user.
Throws:
weblogic.management.utils.NotFoundException
weblogic.management.utils.InvalidParameterException
NotFoundException
InvalidParameterException

Copyright 1996, 2011, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners.

Oracle Fusion Middleware
Oracle WebLogic Server MBean Javadoc
11g Release 1 (10.3.6)

Part Number E13945-06