SAML2IdentityAsserterMBean

Overview  |   Related MBeans  |   Attributes  |   Operations

Overview

This MBean represents configuration information for the SAML2 Identity Assertion provider.

Deprecation of MBeanHome and Type-Safe Interfaces

This is a type-safe interface for a WebLogic Server MBean, which you can import into your client classes and access through weblogic.management.MBeanHome. As of 9.0, the MBeanHome interface and all type-safe interfaces for WebLogic Server MBeans are deprecated. Instead, client classes that interact with WebLogic Server MBeans should use standard JMX design patterns in which clients use the javax.management.MBeanServerConnection interface to discover MBeans, attributes, and attribute types at runtime.

   
Fully Qualified Interface NameIf you use the getMBeanInfo operation in MBeanTypeServiceMBean, supply the following value as this MBean's fully qualified interface name:
com.bea.security.saml2.providers.SAML2IdentityAsserterMBean
Factory Methods No factory methods. Instances of this MBean are created automatically.
Access Points Inherited from AuthenticationProviderMBean Because this MBean extends or implements AuthenticationProviderMBean, you can also access this MBean by retrieving AuthenticationProviderMBeans. The following attributes contain AuthenticationProviderMBeans and its subtypes:

    Related MBeans

    This section describes attributes that provide access to other MBeans.

      Realm

      Returns the realm that contains this security provider. Returns null if this security provider is not contained by a realm.

             
      Privileges Read only
      TypeRealmMBean
      Relationship type: Reference.

      Attributes

      This section describes the following attributes:

      ActiveTypes

      The token types active for this SAML2 Identity Assertion provider.

             
      Privileges Read only
      Typeclass java.lang.String[]
      Default Value SAML2.Assertion SAML2.Assertion.DOM
      Redeploy or Restart required Changes take effect after you redeploy the module or restart the server.

      Base64DecodingRequired

      Base64 decoding is not required for SAML2 Identity Assertion providers.

             
      Privileges Read only
      Typeboolean
      Redeploy or Restart required Changes take effect after you redeploy the module or restart the server.

      Description

      A short description of the SAML2 Identity Assertion provider.

             
      Privileges Read only
      Typejava.lang.String
      Default ValueSAML 2.0 Identity Assertion Provider. Supports Security Assertion Markup Language v2.0.
      Redeploy or Restart required Changes take effect after you redeploy the module or restart the server.

      Name

             
      Privileges Read only
      Typejava.lang.String
      Default ValueSAML2IdentityAsserter
      Redeploy or Restart required Changes take effect after you redeploy the module or restart the server.

      NameMapperClassName

      The qualified name of the Java class that maps SAML Assertion name information to local Subjects. When no mapper is supplied the default mapper implementation is used.

             
      Privileges Read/Write
      Typejava.lang.String
      Default Value

      ProviderClassName

      The Java class used to load the SAML2 Identity Assertion provider.

             
      Privileges Read only
      Typejava.lang.String
      Default Valuecom.bea.security.saml2.providers.SAML2IdentityAsserterProviderImpl
      Redeploy or Restart required Changes take effect after you redeploy the module or restart the server.

      ReplicatedCacheEnabled

      Flag that indicates whether the replicated cache is used or not. To support cluster, this flag must be set to true.

             
      Privileges Read/Write
      Typeboolean

      SupportedExportConstraints

      The security data that you want to be exported from this Identity Assertion provider's data store. A SAML2 Identity Assertion provider can export all partners(Partner=all), enabled partners(Partner=enabled), or only disabled partners(Partner=disabled). The password inlined in the exported file can be encrypted or plain text(Passwords=cleartext).

             
      Privileges Read only
      Typeclass java.lang.String[]
      Default Value Partner Passwords
      Redeploy or Restart required Changes take effect after you redeploy the module or restart the server.

      SupportedExportFormats

      The format of the file to export. The list of supported export formats is determined by this Identity Asserter provider.

             
      Privileges Read only
      Typeclass java.lang.String[]
      Default Value SAML2
      Redeploy or Restart required Changes take effect after you redeploy the module or restart the server.

      SupportedImportConstraints

      The security data that you want to be imported into this Identity Assertion provider's data store. A SAML2 Identity Assertion Provider can import all partners(Partner=all), enabled partners(Partner=enabled) or only disabled partners(Partner=disabled).

             
      Privileges Read only
      Typeclass java.lang.String[]
      Default Value Partner
      Redeploy or Restart required Changes take effect after you redeploy the module or restart the server.

      SupportedImportFormats

      The format of the file to import. The list of supported import formats is determined by the Identity Asserter provider from which the security data were originally exported.

             
      Privileges Read only
      Typeclass java.lang.String[]
      Default Value SAML2
      Redeploy or Restart required Changes take effect after you redeploy the module or restart the server.

      SupportedTypes

      The token types supported by this SAML2 Identity Assertion provider.

             
      Privileges Read only
      Typeclass java.lang.String[]
      Default Value SAML2.Assertion SAML2.Assertion.DOM
      Redeploy or Restart required Changes take effect after you redeploy the module or restart the server.

      Version

      The version number of the SAML2 Identity Assertion provider.

             
      Privileges Read only
      Typejava.lang.String
      Default Value1.0
      Redeploy or Restart required Changes take effect after you redeploy the module or restart the server.

      Operations

      This section describes the following operations:

      addIdPPartner

      Adds a new IdPPartner to the registry. <p> Throws InvalidParameterException if the partner object fails validation. Throws CreateException if an error occurs during creation of the object.

         
      Operation Name"addIdPPartner"
      ParametersObject [] {  partner }

      where:

      • partner is an object of type com.bea.security.saml2.providers.registry.IdPPartner that specifies:

        - The new partner to add.
      SignatureString [] { "com.bea.security.saml2.providers.registry.IdPPartner" }
      Returns void
      Exceptions
      • weblogic.management.utils.InvalidParameterException
      • weblogic.management.utils.AlreadyExistsException
      • weblogic.management.utils.CreateException

      advance

      Advances the list to the next element in the list.

         
      Operation Name"advance"
      ParametersObject [] {  cursor }

      where:

      • cursor is an object of type java.lang.String that specifies:

        - The cursor returned from a previous list method.
      SignatureString [] { "java.lang.String" }
      Returns void
      Exceptions
      • weblogic.management.utils.InvalidCursorException

      close

      Indicates that the caller is finished using the list, and that the resources held on behalf of the list may be released. If the caller traverses through all the elements in the list, the caller need not call this method. In other words, it is used to let the caller close the list without reading each element that is returned.

         
      Operation Name"close"
      ParametersObject [] {  cursor }

      where:

      • cursor is an object of type java.lang.String that specifies:

        - The cursor returned from a previous list method.
      SignatureString [] { "java.lang.String" }
      Returns void
      Exceptions
      • weblogic.management.utils.InvalidCursorException

      consumeIdPPartnerMetadata

      Returns an imported IdP partner object. Caller can set the fields of this object and then call addIdPPartner() to add the new partner to the registry.

         
      Operation Name"consumeIdPPartnerMetadata"
      ParametersObject [] {  fileName }

      where:

      • fileName is an object of type java.lang.String that specifies:

        - The file name containing the partner meta-data to consume.
      SignatureString [] { "java.lang.String" }
      ReturnsMetadataPartner
      Exceptions
      • weblogic.management.utils.CreateException
      • weblogic.management.utils.InvalidParameterException

      exportData

      Exports provider specific data in a specified format. When errors occur, the MBean throws an ErrorCollectionException containing a list of java.lang.Exceptions, where the text of each exception describes the error.

         
      Operation Name"exportData"
      ParametersObject [] {  formatfilenameconstraints }

      where:

      • format is an object of type java.lang.String that specifies:

        - The format for exporting provider specific data.

      • filename is an object of type java.lang.String that specifies:

        - The full path to the filename used to write data.

      • constraints is an object of type java.util.Properties that specifies:

        - The constraints to be used when exporting data. A null value indicates that all data will be exported.
      SignatureString [] { "java.lang.String", "java.lang.String", "java.util.Properties" }
      Returns void
      Exceptions
      • weblogic.management.utils.InvalidParameterException
      • weblogic.management.utils.ErrorCollectionException

      getCurrentName

      The name of the current item in the list. Returns null if there is no current item.

         
      Operation Name"getCurrentName"
      ParametersObject [] {  cursor }

      where:

      • cursor is an object of type java.lang.String that specifies:

        - The cursor returned from a previous list method.
      SignatureString [] { "java.lang.String" }
      ReturnsString
      Exceptions
      • weblogic.management.utils.InvalidCursorException

      getIdPPartner

      Gets the IdPPartner corresponding to a partner name. <p> Throws NotFoundException if the partner is not found. Throws InvalidParameterException if partnerName is empty or null.

         
      Operation Name"getIdPPartner"
      ParametersObject [] {  partnerName }

      where:

      • partnerName is an object of type java.lang.String that specifies:

        - The partnerName of the partner to return.
      SignatureString [] { "java.lang.String" }
      ReturnsIdPPartner
      Exceptions
      • weblogic.management.utils.NotFoundException
      • weblogic.management.utils.InvalidParameterException

      haveCurrent

      Returns true if there are more objects in the list, and false otherwise.

         
      Operation Name"haveCurrent"
      ParametersObject [] {  cursor }

      where:

      • cursor is an object of type java.lang.String that specifies:

        - The cursor returned from a previous list method.
      SignatureString [] { "java.lang.String" }
      Returns boolean
      Exceptions
      • weblogic.management.utils.InvalidCursorException

      idPPartnerExists

      Determines whether or not an IdP partner exists for the given partner name. <p> Returns true if the partner is found, false if not. <p> Throws InvalidParameterException if partnerName is empty or null.

         
      Operation Name"idPPartnerExists"
      ParametersObject [] {  partnerName }

      where:

      • partnerName is an object of type java.lang.String that specifies:

        - The partnerName of the IdP partner.
      SignatureString [] { "java.lang.String" }
      Returns boolean
      Exceptions
      • weblogic.management.utils.InvalidParameterException

      importData

      Imports provider specific data from a specified format. When errors occur, the MBean throws an ErrorCollectionException containing a list of java.lang.Exceptions, where the text of each exception describes the error.

         
      Operation Name"importData"
      ParametersObject [] {  formatfilenameconstraints }

      where:

      • format is an object of type java.lang.String that specifies:

        - The format for importing provider specific data.

      • filename is an object of type java.lang.String that specifies:

        - The full path to the filename used to read data.

      • constraints is an object of type java.util.Properties that specifies:

        - The constraints to be used when importing data. A null value indicates that all data will be imported.
      SignatureString [] { "java.lang.String", "java.lang.String", "java.util.Properties" }
      Returns void
      Exceptions
      • weblogic.management.utils.InvalidParameterException
      • weblogic.management.utils.ErrorCollectionException

      isSet

      Returns true if the specified attribute has been set explicitly in this MBean instance.

         
      Operation Name"isSet"
      ParametersObject [] {  propertyName }

      where:

      • propertyName is an object of type java.lang.String that specifies:

        property to check
      SignatureString [] { "java.lang.String" }
      Returns boolean
      Exceptions
      • java.lang.IllegalArgumentException

      listIdPPartners

      Lists the registered partner names that match a wild card. <p> It follows the NameListerMBean cursor pattern. The results are not sorted. <p> Returns a String containing a cursor that may be passed into the NameListerMBean methods to read the list. The getCurrentName method returns the current alias on the list. <p> Throws InvalidParameterException if partnerIdWildcard is empty or null or if maxToReturn is less than zero.

         
      Operation Name"listIdPPartners"
      ParametersObject [] {  partnerNameWildcardmaxToReturn }

      where:

      • partnerNameWildcard is an object of type java.lang.String that specifies:

        - A wild card used to select partner names. It supports three formats: "*" matches all partner naes. "foo*" matches all partner namess starting with the string "foo". "foo" matches the partner name "foo" only. The matches are case-insensitive.

      • maxToReturn is an object of type java.lang.Integer that specifies:

        - The maximum number of partner namess this method may return. If there are more matches than this maximum, then the returned results are arbitrary because this method does not sort the results. Set this parameter to zero to return all matching aliases.
      SignatureString [] { "java.lang.String", "java.lang.Integer" }
      ReturnsString
      Exceptions
      • weblogic.management.utils.InvalidCursorException
      • weblogic.management.utils.InvalidParameterException

      loadCertificate

      Loads a certificate from file so that it may be applied to partner configurations. <p> Throws InvalidParameterException if the certificateFile parameter is empty or null, or if the file cannot be read or does not contain a valid certificate.

         
      Operation Name"loadCertificate"
      ParametersObject [] {  certificateFile }

      where:

      • certificateFile is an object of type java.lang.String that specifies:

        - The pathname (relative to the directory the admin server is booted from) of a PEM or DER file containing the certificate.
      SignatureString [] { "java.lang.String" }
      ReturnsX509Certificate
      Exceptions
      • weblogic.management.utils.InvalidParameterException

      newEndpoint

      Returns a new Endpoint object.

         
      Operation Name"newEndpoint"
      Parametersnull
      Signaturenull
      ReturnsEndpoint

      newIndexedEndpoint

      Returns a new IndexedEndpoint object.

         
      Operation Name"newIndexedEndpoint"
      Parametersnull
      Signaturenull
      ReturnsIndexedEndpoint

      newWebSSOIdPPartner

      Returns a new Web SSO profile IdP partner object. Caller can set the fields of this object and then call addIdPPartner() to add the new partner to the registry. <p> Partner objects obtained from this method should not be passed to updateIdPPartner() -- call getIdPPartner() to fetch an existing asserting party for update.

         
      Operation Name"newWebSSOIdPPartner"
      Parametersnull
      Signaturenull
      ReturnsWebSSOIdPPartner

      newWSSIdPPartner

      Returns a new WSS token profile IdP partner object. Caller can set the fields of this object and then call addIdPPartner() to add the new partner to the registry. <p> Partner objects obtained from this method should not be passed to updateIdPPartner() -- call getIdPPartner() to fetch an existing asserting party for update.

         
      Operation Name"newWSSIdPPartner"
      Parametersnull
      Signaturenull
      ReturnsWSSIdPPartner

      removeIdPPartner

      Removes an IdPPartner from the registry. <p> Throws NotFoundException if the partner does not exist. Throws InvalidParameterException if the partnerName is empty or null.

         
      Operation Name"removeIdPPartner"
      ParametersObject [] {  partnerName }

      where:

      • partnerName is an object of type java.lang.String that specifies:

        - The partnerName of the partner to remove.
      SignatureString [] { "java.lang.String" }
      Returns void
      Exceptions
      • weblogic.management.utils.NotFoundException
      • weblogic.management.utils.InvalidParameterException

      unSet

      Restore the given property to its default value.

         
      Operation Name"unSet"
      ParametersObject [] {  propertyName }

      where:

      • propertyName is an object of type java.lang.String that specifies:

        property to restore
      SignatureString [] { "java.lang.String" }
      Returns void
      Exceptions
      • java.lang.IllegalArgumentException
        UnsupportedOperationException if called on a runtime implementation.

      updateIdPPartner

      Updates an IdPPartner in the registry. <p> Throws NotFoundException if the partner does not exist. Throws InvalidParameterException if the partner object fails validation.

         
      Operation Name"updateIdPPartner"
      ParametersObject [] {  partner }

      where:

      • partner is an object of type com.bea.security.saml2.providers.registry.IdPPartner that specifies:

        - The asserting party to update.
      SignatureString [] { "com.bea.security.saml2.providers.registry.IdPPartner" }
      Returns void
      Exceptions
      • weblogic.management.utils.NotFoundException
      • weblogic.management.utils.InvalidParameterException

      wls_getDisplayName

      Returns the display name of an MBean.

      Deprecated 9.0.0.0

         
      Operation Name"wls_getDisplayName"
      Parametersnull
      Signaturenull
      ReturnsString