This chapter provides descriptions of custom WebLogic Scripting Tool (WLST) commands for Oracle Access Management Mobile and Social, including command syntax, arguments and examples.
The following section lists the Mobile and Social WLST commands and contains links to the command reference details.
Use the WLST commands listed in Table 6-1 to manage Oracle Access Management Mobile and Social (Mobile and Social) configuration objects.
Table 6-1 WLST Mobile and Social Commands for Mobile Services and Social Identity
Use this command... | To... | Use with WLST... |
---|---|---|
System Configuration Commands |
||
Retrieve system configuration data. |
Online |
|
Update system configuration data. |
Online |
|
RPApplication Commands |
||
Retrieves the RPApplication objects. |
Online |
|
Deletes the specified RPApplication object. |
Online |
|
Displays the specified RPApplication object. |
Online |
|
Creates a new RPApplication object. |
Online |
|
Updates values for a defined RPApplication object. |
Online |
|
ServiceProviderInterface Commands |
||
Retrieves the RPApplication objects. |
Online |
|
Deletes the specified RPApplication object. |
Online |
|
Displays the specified RPApplication object. |
Online |
|
Creates a new RPApplication object. |
Online |
|
Updates values for a defined RPApplication object. |
Online |
|
Social Identity Provider Commands |
||
Retrieves the Social Identity Provider objects. |
Online |
|
Deletes the specified Social Identity Provider object. |
Online |
|
Displays the specified Social Identity Provider object. |
Online |
|
Creates a new Social Identity Provider object. |
Online |
|
Updates values for a defined Social Identity Provider object. |
Online |
|
User Attribute Mapping Commands |
||
Retrieves the User Attribute Mapping objects. |
Online |
|
Deletes the specified User Attribute Mapping object. |
Online |
|
Displays the specified User Attribute Mapping object. |
Online |
|
Updates values for a defined User Attribute Mapping object. |
Online |
|
ServiceProvider Commands |
||
Create a ServiceProvider. |
Online |
|
Update a ServiceProvider |
Online |
|
Add a Relationship To a Service Provider. |
Online |
|
Remove a Relationship from a Service Provider. |
Online |
|
Get a ServiceProvider. |
Online |
|
Remove a ServiceProvider object. |
Online |
|
Display a ServiceProvider object. |
Online |
|
ServiceProfile Commands |
||
Create a service object. |
Online |
|
Update a service object. |
Online |
|
Remove a service object. |
Online |
|
Display a service object. |
Online |
|
Retrieve all the service objects. |
Online |
|
ApplicationProfile Commands |
||
List all ApplicationProfile objects. |
Online |
|
Create an ApplicationProfile. |
Online |
|
Update an ApplicationProfile. |
Online |
|
Remove an ApplicationProfile. |
Online |
|
Display an ApplicationProfile. |
Online |
|
ServiceDomain Commands |
||
Create a ServiceDomain. |
Online |
|
Update a ServiceDomain. |
Online |
|
Retrieve a ServiceDomain. |
Online |
|
Remove a ServiceDomain. |
Online |
|
Display a ServiceDomain. |
Online |
|
SecurityHandler Commands |
||
Create a SecurityHandlerPlugin. |
Online |
|
Update a SecurityHandlerPlugin. |
Online |
|
Retrieve a SecurityHandlerPlugin. |
Online |
|
Remove a SecurityHandlerPlugin. |
Online |
|
Display a SecurityHandlerPlugin. |
Online |
|
JailBreakingDetectionPolicy Commands |
||
Create a JailBreakingDetectionPolicy. |
Online |
|
Update a JailBreakingDetectionPolicy. |
Online |
|
Retrieve a JailBreakingDetectionPolicy. |
Online |
|
Remove a JailBreakingDetectionPolicy. |
Online |
|
Display a JailBreakingDetectionPolicy. |
Online |
getRPSystemConfig
replaceRPSystemConfig
replaceRPSystemConfig(hostURL, proxyProtocol, proxyHost, proxyPort, proxyUsername, proxyPassword, attributeList)
Argument | Definition |
---|---|
hostURL |
The URL of the machine hosting the Mobile and Social server. |
proxyProtocol |
The proxy protocol (HTTP/HTTPS ). |
proxyHost |
The URL of the proxy machine. |
proxyPort |
The port of the proxy machine. |
proxyUsername |
Name of the user accessing the proxy. |
proxyPassword |
Password of the user accessing the proxy. |
attributeList |
List of attributes in the JSON format.
[{idp:[{name:value},{name:value}],idp2:[{name:value},{name:value}]}] |
getRPApplications
removeRPApplication
displayRPApplication
createRPApplication
createRPApplication(identityProviderNameList, sharedSecret, returnUrl, SPIBindingName, applicationAttributesList, userAttributeMappings, attributeList, mobileApplicationReturnUrl, name, description)
Argument | Definition |
---|---|
identityProviderNameList |
A list of Identity Providers |
sharedSecret |
The shared secret. |
returnUrl |
The return URL. |
SPIBindingName |
The SPI binding name. |
applicationAttributesList |
List of RPApplication attributes specified in the JSON format.
[{name1:value1},{name2:value2}] |
userAttributeMappings |
List of User Attribute Mappings specified in the JSON format.
[{idp:[{name:value},{name:value}],idp2:[{name:value},{name:value}]}] |
attributeList |
List of attributes specified in the JSON format.
[{name1:value1},{name2:value2}] |
mobileApplicationReturnUrl |
The return URL of the mobile application. |
name |
Name of the object to be created. |
description |
Description of the object to be created. |
createRPApplication('Yahoo,Facebook','mySecret','http://me.com', 'OAMServiceProviderInterface','[{pratname1:atval1},{pratname2:atval2}]', '[{Yahoo:[{uid:email},{mail:email},{zip:postalCode},{country:country}]}, {Facebook:[{uid:email},{mail:email},{zip:postalCode},{country:country}]}]', '[{atname1:atval2},{atname2:atval2}]','/oam/server','myApp','new Application')
updateRPApplication
updateRPApplication(identityProviderNameList, sharedSecret, returnUrl, SPIBindingName, applicationAttributesList, userAttributeMappings, attributeList, mobileApplicationReturnUrl, name, description)
Argument | Definition |
---|---|
identityProviderNameList |
A list of Identity Providers |
sharedSecret |
The shared secret. |
returnUrl |
The return URL. |
SPIBindingName |
The SPI binding name. |
applicationAttributesList |
List of RPApplication attributes specified in the JSON format.
[{name1:value1},{name2:value2}] |
userAttributeMappings |
List of User Attribute Mappings specified in the JSON format.
[{idp:[{name:value},{name:value}],idp2:[{name:value},{name:value}]}] |
attributeList |
List of attributes specified in the JSON format.
[{name1:value1},{name2:value2}] |
mobileApplicationReturnUrl |
The return URL of the mobile application. |
name |
Name of the object to be created. |
description |
Description of the object to be created. |
getServiceProviderInterfaces
removeServiceProviderInterface
removeServiceProviderInterface(name)
where name is the name of the Service Provider interface object.
displayServiceProviderInterface
displayServiceProviderInterface(name)
where name is the name of the Service Provider interface object.
createServiceProviderInterface
createServiceProviderInterface(idpSelectorImpl, postIDPSelectorImpl, idpInteractionProviderImpl, registrationStatusCheckImpl, registrationTaskFlowProviderImpl, sessionCreationProviderImpl, attributeList, name, description)
Argument | Definition |
---|---|
idpSelectorImpl |
|
postIDPSelectorImpl |
|
idpInteractionProviderImpl |
|
registrationStatusCheckImpl |
|
registrationTaskFlowProviderImpl |
|
sessionCreationProviderImpl |
|
attributeList |
List of attributes in JSON format.
[{idp:[{name:value},{name:value}],idp2:[{name:value},{name:value}]}] |
name |
Name of the object to be created. |
description |
Description of the object to be created. |
updateServiceProviderInterface
updateServiceProviderInterface(idpSelectorImpl, postIDPSelectorImpl, idpInteractionProviderImpl, registrationStatusCheckImpl, registrationTaskFlowProviderImpl, sessionCreationProviderImpl, attributeList, name, description)
Argument | Definition |
---|---|
idpSelectorImpl |
|
postIDPSelectorImpl |
|
idpInteractionProviderImpl |
|
registrationStatusCheckImpl |
|
registrationTaskFlowProviderImpl |
|
sessionCreationProviderImpl |
|
attributeList |
List of attributes in JSON format.
[{idp:[{name:value},{name:value}],idp2:[{name:value},{name:value}]}] |
name |
Name of the object to be created. |
description |
Description of the object to be created. |
getInternetIdentityProviders
removeInternetIdentityProvider
removeInternetIdentityProvider(name)
where name is the name of the Social Identity Provider object.
displayInternetIdentityProvider
displayInternetIdentityProvider(name)
where name is the name of the Social Identity Provider object.
createInternetIdentityProvider
createInternetIdentityProvider(icon, protocolType, protocolAttributeList, providerImplClass, attributeList, name, description)
Argument | Definition |
---|---|
icon |
Name of the icon. |
protocolType |
The protocol type is either OpenID , OAuth or Custom . |
protocolAttributeList |
A list of protocol attributes specified in JSON format.
[{name1:value1},{name2:value2}] |
providerImplClass |
Implementation class for the provider. |
attributeList |
List of attributes specified in JSON format.
[{name1:value1},{name2:value2}] |
name |
Name of the provider to be created. |
description |
Description of the provider to be created. |
createInternetIdentityProvider('myIcon','myType','[{pratname1:atval1}, {pratname2:atval2}]','[{atname1:atval1},{atname2:atval2}]','class','myProvider', 'new Identity Provider')
Note:
createInternetIdentityProvider
can also be used within a script to create the provider configuration for Foursquare and Windows Live. The following example is a script for Foursquare. Update the username and password used to connect to the WebLogic Server and the consumer's key and secret values (between the quotes) before executing:
url = 't3://localhost:7001' username='xxxxxx' password='xxxxxx' connect(username,password,url) domainRuntime() print "Foursquare OAuth" print "---------------------" createInternetIdentityProvider( 'Foursquare.gif', 'OAuth', '[{oauth.authorization.url: "https://foursquare.com/oauth2/authorize"}, {oauth.accesstoken.url: "https://foursquare.com/oauth2/access_token"}, {oauth.profile.url: "https://api.foursquare.com/v2/users/self"}, {oauth.consumer.key:""}, {oauth.consumer.secret:""}, {oauth.rpinstance.name:""}, {oauth.rpinstance.url:""}]', '[{id:id}, {firstname:firstname}, {lastname:lastname}, {contact.email:contact.email}, {homecity:homecity}, {gender:gender}, {photo:photo}]', 'oracle.security.idaas.rp.oauth.provider.FoursquareImpl', 'Foursquare', 'Foursquare OAuth Provider') disconnect() exit()
updateInternetIdentityProvider
updateInternetIdentityProvider(icon, protocolType, protocolAttributeList, attributeList, providerImplClass, name, description)
Argument | Definition |
---|---|
icon |
Name of the icon. |
protocolType |
The protocol type is either OpenID , OAuth or Custom . |
protocolAttributeList |
A list of protocol attributes specified in JSON format.
[{name1:value1},{name2:value2}] |
providerImplClass |
Implementation class for the provider. |
attributeList |
List of attributes specified in JSON format.
[{name1:value1},{name2:value2}] |
name |
Name of the provider to be updated. |
description |
Description of the provider to be updated. |
getUserAttributeMappings
removeUserAttributeMapping
removeUserAttributeMapping(name)
where name is the name of the User Attribute Mapping object.
displayUserAttributeMapping
displayUserAttributeMapping(name)
where name is the name of the User Attribute Mapping object.
updateUserAttributeMapping
updateUserAttributeMapping(application, idp, name, appProtocolAttributeList)
Argument | Definition |
---|---|
application |
Name of the application. |
idp |
Name of the identity provider. |
name |
Name of the object to be created. |
appProtocolAttributeList |
List of protocol attributes in JSON format.
[{idp:[{name:value},{name:value}],idp2:[{name:value},{name:value}]}] |
createServiceProvider
createServiceProvider(serviceProviderImpl, serviceProviderType, relationshipList, paramList, name, description)
Argument | Definition |
---|---|
serviceProviderImpl |
The service provider implementation. |
serviceProviderType |
The type of service provider. Acceptable values include either Authorization , Authentication , or UserProfile . |
relationshipList |
The relationship for this Service Provider specified in JSON format:[{relationship:relname,description:descrip,directional1:{name:dirname,description:descrip,providerRelation:relname,entityURIAttrName:uri,scopeAllLevelAttrName:toTop},directional2:{name:dirname,description:descrip,providerRelation:relname,entityURIAttrName:uri,scopeAllLevelAttrName:toTop}}] |
paramList |
The parameters for this Service Provider specified in JSON format:[{name1:value1},{name2:value2}...] |
name |
Name of the service provider. |
description |
Description of the service provider. |
createServiceProvider('oracle.security.idaas.rest.provider.token.MobileOAMTokenSer viceProvider', 'Authentication', '[]','[{OAM_VERSION:OAM_11G},{WEBGATE_ ID:accessgate-oic},{ENCRYPTED_PASSWORD:"password"},{DEBUG_VALUE:0},{TRANSPORT_ SECURITY:OPEN},{OAM_SERVER_1:"localhost:5575"},{OAM_SERVER_1_MAX_CONN:4},{OAM_ SERVER_2:"oam_server_2:5575"},{OAM_SERVER_2_MAX_CONN:4}]', 'MobileOAMAuthentication', 'Out Of The Box Mobile Oracle Access Manager (OAM) Authentication Service Provider')
updateServiceProvider
updateServiceProvider(serviceProviderImpl, serviceProviderType, relationshipList, paramList, name, description)
Argument | Definition |
---|---|
serviceProviderImpl |
The service provider implementation |
serviceProviderType |
The type of service provider - either Authorization, Authentication or UserProfile. |
relationshipList |
The relationship for this service provider specified in JSON format:
[{relationship:relname,description:descrip, directional1:{name:dirname,description:descrip,provider Relation:relname,entityURIAttrName:uri,scopeAllLevelAtt rName:toTop},directional2:{name:dirname,description:des crip,providerRelation:relname,entityURIAttrName:uri,sco peAllLevelAttrName:toTop}}] |
paramList |
The parameters for this Service Provider specified in JSON format:
|
name |
Name of the service provider. |
description |
Description of the service provider. |
updateServiceProvider('oracle.security.idaas.rest.provider.cruds.ids. IDSCRUDSServiceProvider', 'UserProfile', '[{relationship:people_groups, directional1:{name:memberOf, providerRelation:user_memberOfGroup, entityURIAttrName:person-uri}, directional2:{name:members, providerRelation:groupMember_user,entityURIAttrName:group-uri }}, {relationship:people_manager, directional1:{name:manager,providerRelation:manager, entityURIAttrName:report-uri,scopeAllLevelAttrName:toTop}, directional2:{name:reports , providerRelation:reportee, qntityURIAttrName:manager-uri, scopeAllLevelAttrName:all}}, {relationship:groupMemberOf_groupMembers , directional1:{name:groupMemberOf, providerRelation:group_memberOfGroup,entityURIAttrName:member-uri}, directional2:{name:groupMembers, providerRelation:groupMember _group,entityURIAttrName:group-uri }},{relationship:personOwner_ownerOf, directional1:{name:ownerOf, providerRelation:user_ ownerOfGroup,entityURIAttrName:owner-uri}, directional2:{name:personOwner,providerRelation:groupOwner_ user,entityURIAttrName:group-uri}},{relationship:groupOwner_groupOwnerOf, directional1:{name:groupOwner, providerRelation:group_ ownerOfGroup,entityURIAttrName:group-uri}, directional2:{name:groupOwnerOf, providerRelation:groupOwner_group,entityURIAttrName:owner-uri }}]','[{oracle.ids.name:userrole},{accessControl:false}]', 'UserProfile', 'Out Of The Box User Profile Service Provider')
addRelationshipToServiceProvider
addRelationshipToServiceProvider(name, relationshipList)
Argument | Definition |
---|---|
name |
Name of the service provider. |
relationshipList |
The relationship for this Service Provider specified in JSON format:
[{relationship:relname,description:descrip,directional1: {name:dirname,description:descrip,providerRelation:relname, entityURIAttrName:uri,scopeAllLevelAttrName:toTop}, directional2:{name:dirname,description:descrip, providerRelation:relname,entityURIAttrName:uri, scopeAllLevelAttrName:toTop}}] |
addRelationshipToServiceProvider('idsprovider1','[{relationship:relname, description:descrip, directional1:{name:dirname,description:descrip, providerRelation:relname,entityURIAttrName:uri,scopeAllLevelAttrName:toTop}, directional2:{name:dirname,description:descrip, providerRelation:relname,entityURIAttrName:uri,scopeAllLevelAttrName:toTop}}]
removeRelationshipFromServiceProvider
removeRelationshipFromServiceProvider
Argument | Definition |
---|---|
name |
Name of the service domain. |
relationshipList |
The relationship name for this Service Provider. |
getServiceProviders
getServiceProviders()
The following lines show sample output:
ServiceProvider: UserProfile1 ServiceProvider: JWTAuthentication ServiceProvider: UserProfile ServiceProvider: MobileOAMAuthentication ServiceProvider: OAMAuthentication ServiceProvider: MobileJWTAuthentication ServiceProvider: sampleauthzserviceprovider ServiceProvider: InternetIdentityAuthentication ServiceProvider: OAMAuthorization
removeServiceProvider
displayServiceProvider
displayServiceProvider('OAMAuthentication')
The following lines show sample output:
Displaying: ServiceProvider : OAMAuthentication ReadOnly = 0 Description = Out Of The Box Oracle Access Manager (OAM) Authentication Token Service Provider Param = ... eventProvider = 1 objectName = com.oracle.idaas:name=OAMAuthentication,type=Xml.ServiceProvider,Xml=MobileService SystemMBean = 0 ServiceProviderType = Authentication Name = OAMAuthentication ConfigMBean = 1 ServiceProviderImpl = oracle.security.idaas.rest.provider.token.OAMSDKTokenServiceProvider Relationship = array(javax.management.openmbean.CompositeData,[]) eventTypes = array(java.lang.String,['jmx.attribute.change']) RestartNeeded = 0
createServiceProfile
createServiceProfile(serviceProvider, supportedTokenList, paramList, endPoint, name, description, enabled)
Argument | Definition |
---|---|
serviceProvider |
Name of the service provider. |
supportedTokenList |
A list of supported tokens specified in JSON format:
where |
paramList |
A list of parameters for this Service specified in JSON format:
|
endPoint |
The service endpoint. |
name |
Name of the service. |
description |
Description of the service. |
enabled |
Indicates if the service should be enabled or disabled. Boolean flag. |
updateServiceProfile
updateServiceProfile(serviceProvider, supportedTokenList, paramList, endPoint, name, description, enabled)
Argument | Definition |
---|---|
serviceProvider |
Name of the service provider. |
supportedTokenList |
A list of supported tokens specified in JSON format:
where |
paramList |
A list of parameters for this Service specified in JSON format:
|
endPoint |
The service endpoint. |
name |
Name of the service. |
description |
Description of the service. |
enabled |
Indicates if the service should be enabled or disabled. Boolean flag. |
removeServiceProfile
displayServiceProfile
displayServiceProfile('OAMAuthorization')
The following lines show sample output:
Displaying: ServiceProfile : OAMAuthorization ReadOnly = 0 Enabled = 1 Description = Out Of The Box Oracle Access Manager (OAM) Authorization Service Provider Param = array(javax.management.openmbean.CompositeData,[]) eventProvider = 1 SystemMBean = 0 objectName = com.oracle.idaas:name=OAMAuthorization,type=Xml.ServiceProfile,Xml=MobileService SupportedToken = array(java.lang.String,[]) ServiceProviderType = Authorization ServiceProviderName = OAMAuthorization Name = OAMAuthorization ConfigMBean = 1 ServiceEndPoint = /oamauthorization eventTypes = array(java.lang.String,['jmx.attribute.change']) RestartNeeded = 0
getServiceProfiles
getServiceProfiles()
The following lines show sample output:
ServiceProfile: UserProfile1 ServiceProfile: OAMAuthenticatio ServiceProfile: sampleauthzservice ServiceProfile: JWTAuthentication ServiceProfile: UserProfile ServiceProfile: MobileOAMAuthentication ServiceProfile: OAMAuthentication ServiceProfile: MobileJWTAuthentication ServiceProfile: InternetIdentityAuthentication ServiceProfile: OAMAuthorization ServiceProfile: JWTAuthentication1
getApplicationProfiles
createApplicationProfile
createApplicationProfile(paramList, mobileAppProfileStr, name, description)
Argument | Definition |
---|---|
paramList |
A list of parameters for this Service specified in JSON format:
|
mobileAppProfileStr |
The mobile app profile string specified in JSON format:
[{clientAppConfigParam:[{name:value},{name:value}], jailBreakingDetectionPolicyName:name}] |
name |
Name of the IDaaS Client. |
description |
Description of the IDaaS Client. |
createApplicationProfile('[{Mobile.clientRegHandle.baseSecret:welcome1},]', '[{clientAppConfigParam:[{Mobileparam1:Mobileparam1Value}, {IOSURLScheme:"samplemobileapp1://"}, {AndroidPackage:oracle.android.samplemobileapp1}, {AndroidAppSignature:samplemobileapp1signature}], jailBreakingDetectionPolicyName:defaultJailBreakingDetectionPolicy}]', 'samplemobileapp1','Sample Mobile App 1')
createApplicationProfile('[{userId4BasicAuth:rest_client1}, {sharedSecret4BasicAuth:"9Qo9olLIl5gDwESYR0hOgw=="}, {signatureAlgorithm:SHA-1}]','','profileid1','OIC Application Profile 1')
updateApplicationProfile
updateApplicationProfile(paramList, mobileAppProfileStr, name, description)
Argument | Definition |
---|---|
paramList |
A list of parameters for this Service specified in JSON format:
|
mobileAppProfileStr |
The mobile app profile string specified in JSON format:
[{clientAppConfigParam:[{name:value},{name:value}], jailBreakingDetectionPolicyName:name}] The value of clientAppConfigParam should match what is defined in the Administration Console on the "Application Profile Configuration Page." Items specified under the 'Configuration Settings' heading are set with the WLST 'clientAppConfigParam'. |
name |
Name of the IDaaS (Identity as a Service) Client. |
description |
Description of the IDaaS (Identity as a Service) Client. |
updateApplicationProfile('[{Mobile.clientRegHandle.baseSecret:welcome1}]',' [{clientAppConfigParam:[{ProfileCacheDuration:60}, {AuthenticationRetryCount:3},{AllowOfflineAuthentication:false}, {ClaimAttributes:"oracle:idm:claims:client:geolocation, oracle:idm:claims:client:imei,oracle:idm:claims:client:jailbroken, oracle:idm:claims:client:locale,oracle:idm:claims:client:macaddress, oracle:idm:claims:client:networktype,oracle:idm:claims:client:ostype, oracle:idm:claims:client:osversion,oracle:idm:claims:client:phonecarriername, oracle:idm:claims:client:phonenumber,oracle:idm:claims:client:sdkversion, oracle:idm:claims:client:udid,oracle:idm:claims:client:vpnenabled"}, {RPWebView:Embedded},{URLScheme:"exp://"}, {IOSBundleID:com.oraclecorp.internal.ExpenseReportApp}, {AndroidAppSignature:"xmlns:xsi=\ 'http://www.w3.org/2001/XMLSchema-instance\' xsi:nil=\'true\'"},{AndroidPackage:"xmlns:xsi=\' http://www.w3.org/2001/XMLSchema-instance\' xsi:nil=\'true\'"}], jailBreakingDetectionPolicyName:DefaultJailBreakingDetectionPolicy}]', 'ExpenseApp','OIC Test Expense Sample App')
removeApplicationProfile
removeApplicationProfile(name)
where name
is the name of the ApplicationProfile to be removed.
displayApplicationProfile
dislayApplicationProfile(name)
where name is the name
of the ApplicationProfile to be removed.
displayApplicationProfile('MobileAgent1')
The following lines show sample output:
Displaying: ApplicationProfile : MobileAgent1 ReadOnly = 0 ConfigMBean = 1 Name = MobileAgent1 MobileAppProfile = None Description = Mobile Agent App 1 Param = array(javax.management.openmbean.CompositeData,[javax.management.openmbean.Composi teDataSupport(compositeType=javax.management.openmbean.CompositeType(name=com.orac le.xmlns.idm.idaas.idaas_config_11_1_2_0_0.Attribute,items=((itemName=name, itemType=javax.management.openmbean.SimpleType(name=java.lang.String)), (itemName=secretValue,itemType=javax.management.openmbean.ArrayType(name=[Ljava. lang.Character;,dimension=1,elementType=javax.management.openmbean.SimpleType(name =java.lang.Character),primitiveArray=false)),(itemName=value,itemType=javax.manage ment.openmbean.SimpleType(name=java.lang.String)))),contents={name=Mobile.reauthnF orRegNewClientApp, secretValue=null, value=true}), javax.management.openmbean.CompositeDataSupport(compositeType=javax.management.ope nmbean.CompositeType(name=com.oracle.xmlns.idm.idaas.idaas_config_11_1_2_0_0. Attribute,items=((itemName=name,itemType=javax.management.openmbean.SimpleType(nam e=java.lang.String)),(itemName=secretValue,itemType=javax.management.openmbean.Arr ayType(name=[Ljava.lang.Character;,dimension=1,elementType=javax.management.openmb ean.SimpleType(name=java.lang.Character),primitiveArray=false)),(itemName=value,it emType=javax.management.openmbean.SimpleType(name=java.lang.String)))),contents={n ame=Mobile.clientRegHandle.baseSecret, secretValue=[Ljava.lang.Character;@11910bd, value=idaas.ApplicationProfile[MobileAgent1].param[Mobile.clientRegHandle.baseSecr et]})]) eventProvider = 1 SystemMBean = 0 objectName = com.oracle.idaas:name=MobileAgent1,type=Xml.ApplicationProfile,Xml=MobileService eventTypes = array(java.lang.String,['jmx.attribute.change']) RestartNeeded = 0
createServiceDomain
createServiceDomain(securityHandlerPlugin,serviceBindingList, clientAppBindingList,mobileAuthStyle,serviceDomainType,name,description)
Argument | Definition |
---|---|
securityHandlerPlugin |
The name of the securityHandlerPlugin. |
serviceBindingList |
A list of the ServiceBinding objects in the format:
[{serviceName:UserProfile,allowRead:true, allowWrite:true},{serviceName:UserProfile1, allowRead:true,allowWrite:true, requiredToken:[{tokenService:JWTAuthentication, tokenType:{ACCESSTOKEN}}]}, {serviceName:usertokenserviceformobile, requiredToken:[{tokenService:mobilesecurityservice1, tokenType:{ACCESSTOKEN,CLIENTTOKEN}}]}, {serviceName:mobilesecurityservice1}, {serviceName:JWTAuthentication1}, {serviceName:OAMAuthorization}] |
clientAppBindingList |
A list of client applications specified in the format:
[{appName:UserProfile,mobileBinding: [{SSOinclusion:true,SSOpriority:4}] |
mobileAuthStyle |
Mobile Authentication Style. |
serviceDomainType |
The type of service domain. |
name |
Name of the ServiceDomain. |
description |
Description of the ServiceDomain. |
createServiceDomain('JunitDebugSecurityHandlerPlugin','[{serviceName:UserProfile, allowRead:true,allowWrite:true},{serviceName:UserProfile1,allowRead:true, allowWrite:true,requiredToken:[{tokenService:JWTAuthentication1, tokenType:ACCESSTOKEN}]},{serviceName:JWTAuthentication}, {serviceName:OAMAuthentication},{serviceName:JWTAuthentication1}, {serviceName:OAMAuthorization, allowRead:true,allowWrite:false,requiredToken:[{tokenService:OAMAuthentication, tokenType:USERTOKEN}]}]','[{appName:MobileAgent1,mobileBinding: [{SSOinclusion:true,SSOpriority:1}]},{appName:MobileBusinessTestApp01, mobileBinding:[{SSOinclusion:true}]},{appName:MobileAgent2,mobileBinding: [{SSOinclusion:true,SSOpriority:2}]},{appName:MobileExpenseReport1, mobileBinding:[{SSOinclusion:false}]},{appName:profileid1}]','','DESKTOP', 'Default','DefaultService Domain ServiceBinding without any requiredToken')
updateServiceDomain
updateServiceDomain(securityHandlerPlugin, serviceBindingList, clientAppBindingList, mobileAuthStyle, serviceDomainType, name, description)
Argument | Definition |
---|---|
securityHandlerPlugin |
The name of the SecurityHandlerPlugin.
|
serviceBindingList |
A list of the ServiceBinding objects in the format:
[{serviceName:UserProfile,allowRead:true, allowWrite:true},{serviceName:UserProfile1, allowRead:true,allowWrite:true, requiredToken:[{tokenService:JWTAuthentication, tokenType:{ACCESSTOKEN}}]}, {serviceName:usertokenserviceformobile, requiredToken:[{tokenService:mobilesecurityservice1, tokenType:{ACCESSTOKEN,CLIENTTOKEN}}]}, {serviceName:mobilesecurityservice1}, {serviceName:JWTAuthentication1}, {serviceName:OAMAuthorization}] |
clientAppBindingList |
A list of client applications specified in the format:
[{appName:UserProfile,mobileBinding: [{SSOinclusion:true,SSOpriority:4}] |
mobileAuthStyle |
Mobile Authentication Style. |
serviceDomainType |
The type of Service Domain. |
name |
Name of the ServiceDomain. |
description |
Description of the ServiceDomain. |
updateServiceDomain('JunitDebugSecurityHandlerPlugin','[{serviceName:UserProfile, allowRead:true,allowWrite:true},{serviceName:UserProfile1,allowRead:true, allowWrite:true,requiredToken:[{tokenService:JWTAuthentication1, tokenType:ACCESSTOKEN}]},{serviceName:JWTAuthentication}, {serviceName:OAMAuthentication},{serviceName:JWTAuthentication1}, {serviceName:OAMAuthorization,allowRead:true,allowWrite:false, requiredToken:[{tokenService:OAMAuthentication,tokenType:USERTOKEN}]}]', '[{appName:MobileAgent1,mobileBinding:[{SSOinclusion:true,SSOpriority:1}]}, {appName:MobileBusinessTestApp01,mobileBinding:[{SSOinclusion:true}]}, {appName:MobileAgent2,mobileBinding:[{SSOinclusion:true,SSOpriority:2}]}, {appName:MobileExpenseReport1,mobileBinding:[{SSOinclusion:false}]}, {appName:profileid1}]','','DESKTOP','Default', 'Default Service Domain ServiceBinding without any requiredToken')
getServiceDomains
getServiceDomain()
The following lines show sample output:
ServiceDomain: MobileServiceDomainUTReg ServiceDomain: MobileRPServiceDomain ServiceDomain: Contract1 ServiceDomain: MobileJWTServiceDomain ServiceDomain: MobileRPServiceDomainUTReg ServiceDomain: MobileContract ServiceDomain: Default ServiceDomain: MobileServiceDomain
removeServiceDomain
displayServiceDomain
displayServiceDomain('name')
The following lines show sample output:
Displaying: ServiceDomain : Contract1 ReadOnly = 0 Description = Service Domain 1 using HTTPBasic or Token based Client Token eventProvider = 1 SystemMBean = 0 objectName = com.oracle.idaas:name=Contract1,type=Xml.ServiceDomain,Xml=MobileService MobileAuthStyle = None ServiceBinding = array(javax.management.openmbean.CompositeData,[javax.management.openmbean. CompositeDataSupport(compositeType=javax.management.openmbean.CompositeType(name= com.oracle.xmlns.idm.idaas.idaas_config_11_1_2_0_0.TServiceBinding, items=((itemName=allowRead,itemType=javax.management.openmbean.SimpleType(name= java.lang.Boolean)),(itemName=allowWrite,itemType=javax.management.openmbean. SimpleType(name=java.lang.Boolean)),(itemName=requiredToken,itemType=javax.managem ent.openmbean.CompositeType(name=com.oracle.xmlns.idm.idaas.idaas_config_11_1_2_0_ 0.TRequiredToken,items=((itemName=tokenService,itemType=javax.management.openmbean .SimpleType(name=java.lang.String)),(itemName=tokenType,itemType=javax.management. openmbean.ArrayType(name=[Ljava.lang.String;,dimension=1,elementType=javax.managem ent.openmbean.SimpleType(name=java.lang.String),primitiveArray=false))))),(itemNam e=serviceName,itemType=javax.management.openmbean.SimpleType(name=java.lang.String )))),contents={allowRead=true, allowWrite=true, requiredToken=javax.management.openmbean.CompositeDataSupport(compositeType=javax. management.openmbean.CompositeType(name=com.oracle.xmlns.idm.idaas.idaas_config_ 11_1_2_0_0.TRequiredToken, items=((itemName=tokenService,itemType=javax.management.openmbean.SimpleType(name= java.lang.String)),(itemName=tokenType,itemType=javax.management.openmbean. ArrayType(name=[Ljava.lang.String;,dimension=1,elementType=javax.management. openmbean.SimpleType(name=java.lang.String),primitiveArray=false)))), contents={tokenService=JWTAuthentication, tokenType=[Ljava.lang.String;@d0fbf2}), serviceName=UserProfile}), javax.management.openmbean.CompositeDataSupport(compositeType=javax.management. openmbean.CompositeType(name= com.oracle.xmlns.idm.idaas.idaas_config_11_1_2_0_0.TServiceBinding, items=((itemName=allowRead,itemType=javax.management.openmbean.SimpleType(name= java.lang.Boolean)),(itemName=allowWrite,itemType=javax.management.openmbean. SimpleType(name=java.lang.Boolean)),(itemName=requiredToken,itemType= javax.management.openmbean.CompositeType(name=com.oracle.xmlns.idm.idaas.idaas_ config_11_1_2_0_0.TRequiredToken, items=((itemName=tokenService,itemType=javax.management.openmbean.SimpleType(name= java.lang.String)),(itemName=tokenType,itemType=javax.management.openmbean. ArrayType(name=[Ljava.lang.String;,dimension=1,elementType=javax.management. openmbean.SimpleType(name=java.lang.String),primitiveArray=false))))), (itemName=serviceName,itemType=javax.management.openmbean.SimpleType(name= java.lang.String)))),contents={allowRead=null, allowWrite=null, requiredToken=null, serviceName=JWTAuthentication})]) MobileCredLevelForRegApp = None ServiceDomainType = DESKTOP Name = Contract1 ConfigMBean = 1 ClientAppBinding = array(javax.management.openmbean.CompositeData, [javax.management.openmbean.CompositeDataSupport(compositeType=javax.management. openmbean.CompositeType(name=com.oracle.xmlns.idm.idaas.idaas_config_11_1_2_0_0 TApplicationBinding,items=((itemName=appName,itemType=javax.management.openmbean. SimpleType(name=java.lang.String)),(itemName=mobileBinding,itemType=javax. management.openmbean.CompositeType(name=com.oracle.xmlns.idm.idaas. idaas_config_11_1_2_0_0.TMobileBinding,items=((itemName=SSOinclusion, itemType=javax.management.openmbean.SimpleType(name=java.lang.Boolean)), (itemName=SSOpriority,itemType=javax.management.openmbean.SimpleType(name= java.lang.Short))))))),contents={appName=profileid1, mobileBinding=null}), javax.management.openmbean.CompositeDataSupport(compositeType=javax.management. openmbean.CompositeType(name=com.oracle.xmlns.idm.idaas.idaas_config_11_1_2_0_0 .TApplicationBinding,items=((itemName=appName,itemType=javax.management.openmbean .SimpleType(name=java.lang.String)),(itemName=mobileBinding,itemType=javax.manage ment.openmbean.CompositeType(name=com.oracle.xmlns.idm.idaas .idaas_config_11_1_2_0_0.TMobileBinding,items= ((itemName=SSOinclusion,itemType=javax.management.openmbean.SimpleType(name= java.lang.Boolean)),(itemName=SSOpriority,itemType=javax.management.openmbean. SimpleType(name=java.lang.Short))))))),contents={appName=profileid2, mobileBinding=null})])SecurityHandlerPluginName = None eventTypes = array(java.lang.String,['jmx.attribute.change']) RestartNeeded = 0
createSecurityHandlerPlugin
createSecurityHandlerPlugin(securityHandlerClass, paramList, name, description)
Argument | Definition |
---|---|
securityHandlerClass |
Name of the security handler class. |
paramList |
A list of parameters. |
name |
Name of the SecurityHandlerPlugin. |
description |
Description of the SecurityHandlerPlugin. |
createSecurityHandlerPlugin( 'oracle.security.idaas.rest.provider.plugin.impl. DefaultMobileSecurityHandlerImpl',' [{allowJailBrokenDevices:false},{requiredHardwareIds:MAC_ADDRESS}, {requiredDeviceProfileAttrs:OSType OSVersion isJailBroken clientSDKVersion}]', 'DefaultSecurityHandlerPlugin','')
updateSecurityHandlerPlugin
updateSecurityHandlerPlugin(securityHandlerClass, paramList, name, description)
Argument | Definition |
---|---|
securityHandlerClass |
Name of the security handler class. |
paramList |
A list of parameters. |
name |
Name of the SecurityHandlerPlugin. |
description |
Description of the SecurityHandlerPlugin. |
getSecurityHandlerPlugins
removeSecurityHandlerPlugin
removeSecurityHandlerPlugin(name)
where name
is the name of the SecurityHandlerPlugin to be removed.
displaySecurityHandlerPlugin
displaySecrityHandlerPlugin(name)
where name
is the name of the SecurityHandlerPlugin to be displayed.
createJailBreakingDetectionPolicy
createJailBreakingDetectionPolicy(enabled, statementList, name)
Argument | Definition |
---|---|
enabled |
Enabled. |
statementList |
A list of parameters. |
name |
Name of the JailBreakingDetectionPolicy. |
createJailBreakingDetectionPolicy(true, '[{minOSVersion:3.5,maxOSVersion:5.0,minClientSDKVersion:1.0, maxClientSDKVersion:1.0,policyExpirationDurationInSec:3600, autoCheckPeriodInMin:60, detectionLocation:[{filePath:"/root",success:true,action:exists}, {filePath:"/opt",success:true,action:exists}]}]', 'defaultJailBreakingDetectionPolicy')
updateJailBreakingDetectionPolicy
updateJailBreakingDetectionPolicy(enabled, statementList, name)
Argument | Definition |
---|---|
enabled |
Enabled. |
statementList |
A list of parameters. |
name |
Name of the JailBreakingDetectionPolicy. |
updateJailBreakingDetectionPolicy(true,'[{minOSVersion:3.5,maxOSVersion:5.0,minClientSDKVersion:1.0,maxClientSDKVersion:1.0,policyExpirationDurationInSec:3600,autoCheckPeriodInMin:60,detectionLocation:[{filePath:"/root",success:true,action:exists},{filePath:"/opt",success:true,action:exists}]}]','defaultJailBreakingDetectionPolicy')
getJailBreakingDetectionPolicys
removeJailBreakingDetectionPolicy
removeJailBreakingDetectionPolicy(name)
where name
is the name of the JailBreakingDetectionPolicy.
displayJailBreakingDetectionPolicy
displayJailBreakingDetectionPolicy(name)
where name
is the name of the JailBreakingDetectionPolicy.
displayJailBreakingDetectionPolicy('DefaultJailBreakingDetectionPolicy')
The following lines show sample output:
Displaying: JailBreakingDetectionPolicy : DefaultJailBreakingDetectionPolicy ReadOnly = 0 ConfigMBean = 1 Name = DefaultJailBreakingDetectionPolicy eventProvider = 1 SystemMBean = 0 objectName = com.oracle.idaas:name=DefaultJailBreakingDetectionPolicy,type=Xml.JailBreakingDetectionPolicy,Xml=MobileService Enable = 1 JailBreakingDetectionPolicyStatement = array(javax.management.openmbean.CompositeData,[javax.management.openmbean. CompositeDataSupport(compositeType=javax.management.openmbean.CompositeType(name= com.oracle.xmlns.idm.idaas.idaas_config_11_1_2_0_0. TJailBreakingDetectionPolicyStatement,items=((itemName=autoCheckPeriodInMin, itemType=javax.management.openmbean.SimpleType(name=java.lang.Long)), (itemName=detectionLocation,itemType=javax.management.openmbean.ArrayType(name= [Ljavax.management.openmbean.CompositeData;,dimension=1,elementType= javax.management.openmbean.CompositeType(name=com.oracle.xmlns.idm.idaas. idaas_config_11_1_2_0_0. TDetectionLocation,items=((itemName=action,itemType=javax.management.openmbean. SimpleType(name=java.lang.String)),(itemName=filePath,itemType=javax.management. openmbean.SimpleType(name=java.lang.String)),(itemName=success,itemType=javax. management.openmbean.SimpleType(name=java.lang.Boolean)))),primitiveArray=false)), (itemName=enable,itemType=javax.management.openmbean.SimpleType(name=java.lang. Boolean)),(itemName=maxClientSDKVersion,itemType=javax.management.openmbean. SimpleType(name=java.lang.String)),(itemName=maxOSVersion,itemType=javax. management.openmbean.SimpleType(name=java.lang.String)),(itemName= minClientSDKVersion,itemType=javax.management.openmbean.SimpleType(name= java.lang.String)), (itemName=minOSVersion,itemType=javax.management.openmbean.SimpleType(name= java.lang.String)),(itemName=policyExpirationDurationInSec,itemType=javax. management.openmbean.SimpleType(name=java.lang.Long)))),contents= {autoCheckPeriodInMin=60,detectionLocation=[Ljavax.management.openmbean. CompositeData;@2dc906,enable=true,maxClientSDKVersion=11.1.2.0.0, maxOSVersion=null, minClientSDKVersion=11.1.2.0.0, minOSVersion=1.0, policyExpirationDurationInSec=3600})]) eventTypes = array(java.lang.String,['jmx.attribute.change']) RestartNeeded = 0