| 
 | Oracle Fusion Middleware Java API Reference for Oracle WebLogic Server 12c (12.1.3) Part Number E41849-02 | ||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | ||||||||||
public interface RealmMBean
The MBean that represents configuration attributes for the security realm.
A security realm contains a set of security configuration settings, including the list of security providers to use (for example, for authentication and authorization).
Code using security can either use the default security realm for the domain or refer to a particular security realm by name (by using the JMX display name of the security realm).
 One security realm in the WebLogic domain must have the DefaultRealm
 attribute set to true. The security realm with the DefaultRealm
 attribute set to true is used as the default
 security realm for the WebLogic domain. Note that other available security realms
 must have the DefaultRealm attribute set to false.
 
When WebLogic Server boots, it locates and uses the default security realm. The security realm is considered active since it is used when WebLogic Server runs. Any security realm that is not used when WebLogic Server runs is considered inactive. All active security realms must be configured before WebLogic Server is boots.
 Since security providers are scoped by realm, the
 Realm attribute on a security provider
 must be set to the realm that uses the provider.
| Method Summary | |
|---|---|
|  AdjudicatorMBean | createAdjudicator(String type)Creates an Adjudication provider in this security realm and removes this security realm's previous Adjudication provider. | 
|  AdjudicatorMBean | createAdjudicator(String name,
                  String type)Creates an Adjudication provider in this security realm and removes this security realm's previous Adjudication provider. | 
|  AuditorMBean | createAuditor(String type)Creates an Auditing provider in this security realm. | 
|  AuditorMBean | createAuditor(String name,
              String type)Creates an Auditing provider in this security realm. | 
|  AuthenticationProviderMBean | createAuthenticationProvider(String type)Creates an Authentication provider in this security realm. | 
|  AuthenticationProviderMBean | createAuthenticationProvider(String name,
                             String type)Creates an Authentication provider in this security realm. | 
|  AuthorizerMBean | createAuthorizer(String type)Creates an Authorization provider in this security realm. | 
|  AuthorizerMBean | createAuthorizer(String name,
                 String type)Creates an Authorization provider in this security realm. | 
|  CertPathProviderMBean | createCertPathProvider(String type)Creates a Certification Path provider in this security realm. | 
|  CertPathProviderMBean | createCertPathProvider(String name,
                       String type)Creates a Certification Path provider in this security realm. | 
|  CredentialMapperMBean | createCredentialMapper(String type)Creates a Credential Mapping provider in this security realm. | 
|  CredentialMapperMBean | createCredentialMapper(String name,
                       String type)Creates a Credential Mapping provider in this security realm. | 
|  KeyStoreMBean | createKeyStore(String type)Deprecated. 8.1.0.0 | 
|  KeyStoreMBean | createKeyStore(String name,
               String type)Deprecated. 8.1.0.0 | 
|  PasswordValidatorMBean | createPasswordValidator(Class subClass,
                        String name)Creates a Password Validator provider in this security realm. | 
|  PasswordValidatorMBean | createPasswordValidator(String type)Creates a Password Validator provider in this security realm. | 
|  PasswordValidatorMBean | createPasswordValidator(String name,
                        String type)Creates a Password Validator provider in this security realm. | 
|  RDBMSSecurityStoreMBean | createRDBMSSecurityStore()Creates configuration for the RDBMS security store. | 
|  RDBMSSecurityStoreMBean | createRDBMSSecurityStore(String name)Creates configuration for the RDBMS security store with the specified name. | 
|  RoleMapperMBean | createRoleMapper(String type)Creates a Role Mapping provider in this security realm. | 
|  RoleMapperMBean | createRoleMapper(String name,
                 String type)Creates a Role Mapping provider in this security realm. | 
|  void | destroyAdjudicator()Removes the configuration this security realm's Adjudication provider (if there is one). | 
|  void | destroyAuditor(AuditorMBean auditor)Removes the configuration for an Auditing provider in this security realm. | 
|  void | destroyAuthenticationProvider(AuthenticationProviderMBean authenticationProvider)Removes the configuration for an Authentication provider in this security realm. | 
|  void | destroyAuthorizer(AuthorizerMBean authorizer)Removes the configuration for an Authorization provider in this security realm. | 
|  void | destroyCertPathProvider(CertPathProviderMBean certPathProvider)Removes the configuration for a Certification Path provider in this security realm. | 
|  void | destroyCredentialMapper(CredentialMapperMBean credentialMapper)Removes the configuration for a Credential Mapping provider in this security realm. | 
|  void | destroyKeyStore(KeyStoreMBean keystore)Deprecated. 8.1.0.0 | 
|  void | destroyPasswordValidator(PasswordValidatorMBean provider)Removes the configuration for a Password Validator provider in this security realm. | 
|  void | destroyRDBMSSecurityStore()Destroys and removes the existing RDBMS security store which is a child of this realm. | 
|  void | destroyRoleMapper(RoleMapperMBean roleMapper)Removes the configuration for a Role Mapping provider in this security realm. | 
|  AdjudicatorMBean | getAdjudicator()Returns the Adjudication provider for this security realm. | 
|  String[] | getAdjudicatorTypes()Returns the types of Adjudication providers that may be created in this security realm, for example, weblogic.security.providers.authorization.DefaultAdjudicator. | 
|  AuditorMBean[] | getAuditors()Returns the Auditing providers for this security realm (in invocation order). | 
|  String[] | getAuditorTypes()Returns the types of Auditing providers that may be created in this security realm, for example, weblogic.security.providers.audit.DefaultAuditor. | 
|  AuthenticationProviderMBean[] | getAuthenticationProviders()Returns the Authentication providers for this security realm (in invocation order). | 
|  String[] | getAuthenticationProviderTypes()Returns the types of Authentication providers that may be created in this security realm, for example, weblogic.security.providers.authentication.DefaultAuthenticator. | 
|  String | getAuthMethods()Returns a comma separated string of authentication methods that should be used when the Web application specifies "REALM" as its auth-method. | 
|  AuthorizerMBean[] | getAuthorizers()Returns the Authorization providers for this security realm (in invocation order). | 
|  String[] | getAuthorizerTypes()Returns the types of Authorization providers that may be created in this security realm, for example, weblogic.security.providers.authorization.DefaultAuthorizer. | 
|  CertPathBuilderMBean | getCertPathBuilder()Returns the CertPath Builder provider in this security realm that will be used by the security system to build certification paths. | 
|  CertPathProviderMBean[] | getCertPathProviders()Returns the Certification Path providers for this security realm (in invocation order). | 
|  String[] | getCertPathProviderTypes()Returns the types of Certification Path providers that may be created in this security realm, for example, weblogic.security.providers.pk.WebLogicCertPathProvider. | 
|  CredentialMapperMBean[] | getCredentialMappers()Returns the Credential Mapping providers for this security realm (in invocation order). | 
|  String[] | getCredentialMapperTypes()Returns the types of Credential Mapping providers that may be created in this security realm, for example, weblogic.security.providers.credentials.DefaultCredentialMapper. | 
|  Integer | getDeployableProviderSynchronizationTimeout()Returns the timeout value, in milliseconds, for the deployable security provider synchronization operation. | 
|  KeyStoreMBean[] | getKeyStores()Deprecated. 8.1.0.0 | 
|  String[] | getKeyStoreTypes()Deprecated. 8.1.0.0 | 
|  Integer | getMaxWebLogicPrincipalsInCache()Returns the maximum size of the LRU cache for holding WebLogic Principal signatures. | 
|  String | getName()The name of this configuration. | 
|  PasswordValidatorMBean[] | getPasswordValidators()Returns the Password Validator providers for this security realm (in invocation order). | 
|  String[] | getPasswordValidatorTypes()Returns the types of Password Validator providers that may be created in this security realm, for example, com.bea.security.providers.authentication.passwordvalidator.SystemPasswordValidator. | 
|  RDBMSSecurityStoreMBean | getRDBMSSecurityStore()Returns RDBMSSecurityStoreMBean for this realm, which is a singleton MBean describing RDBMS security store configuration. | 
|  RoleMapperMBean[] | getRoleMappers()Returns the Role Mapping providers for this security realm (in invocation order). | 
|  String[] | getRoleMapperTypes()Returns the types of Role Mapping providers that may be created in this security realm, for example, weblogic.security.providers.authorization.DefaultRoleMapper. | 
|  String | getSecurityDDModel()Specifies the default security model for Web applications or EJBs that are secured by this security realm. | 
|  UserLockoutManagerMBean | getUserLockoutManager()Returns the User Lockout Manager for this security realm. | 
|  boolean | isCombinedRoleMappingEnabled()Determines how the role mappings in the Enterprise Application, Web application, and EJB containers interact. | 
|  boolean | isDefaultRealm()Deprecated. 9.0.0.0 Replaced by SecurityConfigurationMBean.getDefaultRealm() | 
|  boolean | isDelegateMBeanAuthorization()Configures the WebLogic Server MBean servers to use the security realm's Authorization providers to determine whether a JMX client has permission to access an MBean attribute or invoke an MBean operation. | 
|  boolean | isDeployableProviderSynchronizationEnabled()Specifies whether synchronization for deployable Authorization and Role Mapping providers is enabled. | 
|  boolean | isDeployCredentialMappingIgnored()Deprecated. 9.0.0.0 | 
|  boolean | isDeployPolicyIgnored()Deprecated. 9.0.0.0 | 
|  boolean | isDeployRoleIgnored()Deprecated. 9.0.0.0 | 
|  boolean | isEnableWebLogicPrincipalValidatorCache()Returns whether the WebLogic Principal Validator caching is enabled. | 
|  boolean | isFullyDelegateAuthorization()Deprecated. 9.0.0.0 | 
|  boolean | isValidateDDSecurityData()Not used in this release. | 
|  AuditorMBean | lookupAuditor(String name)Finds an Auditing provider in this security realm. | 
|  AuthenticationProviderMBean | lookupAuthenticationProvider(String name)Finds an Authentication provider in this security realm. | 
|  AuthorizerMBean | lookupAuthorizer(String name)Finds an Authorization provider in this security realm. | 
|  CertPathProviderMBean | lookupCertPathProvider(String name)Finds a Certification Path provider in this security realm. | 
|  CredentialMapperMBean | lookupCredentialMapper(String name)Finds a Credential Mapping provider in this security realm. | 
|  KeyStoreMBean | lookupKeyStore(String name)Deprecated. 8.1.0.0 | 
|  PasswordValidatorMBean | lookupPasswordValidator(String name)Finds an Password Validator provider in this security realm. | 
|  RoleMapperMBean | lookupRoleMapper(String name)Finds a Role Mapping provider in this security realm. | 
|  void | setAuditors(AuditorMBean[] auditors)Changes the invocation order of this security realm's Auditing providers. | 
|  void | setAuthenticationProviders(AuthenticationProviderMBean[] authenticationProviders)Changes the invocation order of this security realm's Authentication providers. | 
|  void | setAuthMethods(String methods)Set the authentication methods that should be used when the Web application specifies "REALM" as its auth-method. | 
|  void | setAuthorizers(AuthorizerMBean[] authorizers)Changes the invocation order of this security realm's Authorization providers. | 
|  void | setCertPathBuilder(CertPathBuilderMBean certPathBuilder)Determines which of this security realm's CertPathProviderswill be used
 by the security system to build certification paths. | 
|  void | setCertPathProviders(CertPathProviderMBean[] certPathProviders)Changes the invocation order of this security realm's Certification Path providers. | 
|  void | setCombinedRoleMappingEnabled(boolean combined)Sets whether application role mappings are combined by the Java EE containers. | 
|  void | setCredentialMappers(CredentialMapperMBean[] credentialMappers)Changes the invocation order of this security realm's Credential Mapping providers. | 
|  void | setDefaultRealm(boolean isDefault)Deprecated. 9.0.0.0 Replaced by SecurityConfigurationMBean.setDefaultRealm(weblogic.management.security.RealmMBean) | 
|  void | setDelegateMBeanAuthorization(boolean deleteMBeanAuthorization)Sets the value of the DelegateMBeanAuthorization attribute. | 
|  void | setDeployableProviderSynchronizationEnabled(boolean enabled)Specifies whether synchronization for deployable Authorization and Role Mapping providers is enabled. | 
|  void | setDeployableProviderSynchronizationTimeout(Integer timeout)Specifies the timeout value, in milliseconds, for the deployable security provider synchronization operation. | 
|  void | setDeployCredentialMappingIgnored(boolean ignored)Deprecated. 9.0.0.0 | 
|  void | setDeployPolicyIgnored(boolean ignored)Deprecated. 9.0.0.0 | 
|  void | setDeployRoleIgnored(boolean ignored)Deprecated. 9.0.0.0 | 
|  void | setEnableWebLogicPrincipalValidatorCache(boolean enabled)Sets whether the WebLogic Principal Validator caching is enabled. | 
|  void | setFullyDelegateAuthorization(boolean fullyDelegate)Deprecated. 9.0.0.0 | 
|  void | setKeyStores(KeyStoreMBean[] keystores)Deprecated. 8.1.0.0 | 
|  void | setMaxWebLogicPrincipalsInCache(Integer size)Sets the maximum size of the LRU cache for holding WebLogic Principal signatures. | 
|  void | setPasswordValidators(PasswordValidatorMBean[] passwordvalidators)Sets the Password Validator providers for this security realm (in invocation order). | 
|  void | setRoleMappers(RoleMapperMBean[] roleMappers)Changes the invocation order of this security realm's Role Mapping providers. | 
|  void | setSecurityDDModel(String model)Sets the default security deployment model for applications deployed in this security realm. | 
|  void | setValidateDDSecurityData(boolean validate)Sets whether security data in the deployment descriptor is validated. | 
|  void | validate()Deprecated. 9.0.0.0 This method is no longer required since activating a configuration transaction does this check automatically on the default realm, and will not allow the configuration to be saved if the domain does not have a valid default realm configured. | 
| Methods inherited from interface weblogic.descriptor.DescriptorBean | 
|---|
| addPropertyChangeListener, createChildCopyIncludingObsolete, getParentBean, isEditable, removePropertyChangeListener | 
| Methods inherited from interface weblogic.descriptor.SettableBean | 
|---|
| isSet, unSet | 
| Method Detail | 
|---|
AuditorMBean[] getAuditors()
void setAuditors(AuditorMBean[] auditors)
                 throws InvalidAttributeValueException
auditors - - The new invocation order for this security realm's
  Auditing providers.  It should contain exactly the same Auditing providers
  that getAuditors() returns, except in a different order.
  Note: For  the purpose of backward   compatibility with previous  releases of  WebLogic Server,
  auditors may also contain Auditing providers that do
  not already belong to this security realm and are not contained by another
  security realm.   In this circumstance, these Auditing providers will be moved to this
  security realm.  Similarly, auditors can be missing
  some of this security realm's current Auditing providers.  All
  missing Auditing providers will be removed from this security realm.
  These behaviors are deprecated in  this release of WebLogic Server and will be removed in
  a future release.
InvalidAttributeValueExceptionString[] getAuditorTypes()
weblogic.security.providers.audit.DefaultAuditor.
 Use this method to find the available types to pass to createAuditor
AuditorMBean createAuditor(String name,
                           String type)
                           throws ClassNotFoundException,
                                  JMException
name - - The name of this Auditing provider, for example, DefaultAuditortype - - The type of this Auditing provider, for example,
  weblogic.security.providers.audit.DefaultAuditor
  Use getAuditorTypes to find the list of types that may be specified.
ClassNotFoundException - is thrown if an invalid type is specified.
JMException
AuditorMBean createAuditor(String type)
                           throws ClassNotFoundException,
                                  JMException
type - - The type of this Auditing provider, for example,
  weblogic.security.providers.audit.DefaultAuditor
  Use getAuditorTypes to find the list of types that may be specified.
ClassNotFoundException - is thrown if an invalid type is specified.
JMExceptionvoid destroyAuditor(AuditorMBean auditor)
weblogic.management.configuration.SecurityConfigurationMBean.destroyRealm
 automatically removes the security realm's Auditing providers.
auditor - - The Auditing provider to remove.AuditorMBean lookupAuditor(String name)
AuthenticationProviderMBean[] getAuthenticationProviders()
void setAuthenticationProviders(AuthenticationProviderMBean[] authenticationProviders)
                                throws InvalidAttributeValueException
authenticationProviders - - The new invocation order for this security realm's
  Authentication providers.  It should contain exactly the same Authentication providers
  that getAuthenticationProviders() returns, except in a different order.
  Note: For  the purpose of backward   compatibility with previous  releases of  WebLogic Server,
  authenticationProviders may also contain Authentication providers that do
  not already belong to this security realm and are not contained by another
  security realm.   In this circumstance, these Authentication providers will be moved to this
  security realm.  Similarly, authenticationProviders can be missing
  some of this security realm's current Authentication providers.  All
  missing Authentication providers will be removed from this security realm.
  These behaviors are deprecated in  this release of WebLogic Server and will be removed in
  a future release.
InvalidAttributeValueExceptionString[] getAuthenticationProviderTypes()
weblogic.security.providers.authentication.DefaultAuthenticator.
 Use this method to find the available types to pass to createAuthenticationProvider
AuthenticationProviderMBean createAuthenticationProvider(String name,
                                                         String type)
                                                         throws ClassNotFoundException,
                                                                JMException
name - - The name of this Authentication provider, for example, DefaultAuthenticatortype - - The type of this Authentication provider, for example,
  weblogic.security.providers.authentication.DefaultAuthenticator
  Use getAuthenticationProviderTypes to find the list of types that may be specified.
ClassNotFoundException - is thrown if an invalid type is specified.
JMException
AuthenticationProviderMBean createAuthenticationProvider(String type)
                                                         throws ClassNotFoundException,
                                                                JMException
type - - The type of this Authentication provider, for example,
  weblogic.security.providers.authentication.DefaultAuthenticator
  Use getAuthenticationProviderTypes to find the list of types that may be specified.
ClassNotFoundException - is thrown if an invalid type is specified.
JMExceptionvoid destroyAuthenticationProvider(AuthenticationProviderMBean authenticationProvider)
weblogic.management.configuration.SecurityConfigurationMBean.destroyRealm
 automatically removes the security realm's Authentication providers.
authenticationProvider - - The Authentication provider to remove.AuthenticationProviderMBean lookupAuthenticationProvider(String name)
RoleMapperMBean[] getRoleMappers()
void setRoleMappers(RoleMapperMBean[] roleMappers)
                    throws InvalidAttributeValueException
roleMappers - - The new invocation order for this security realm's
  Role Mapping providers.  It should contain exactly the same Role Mapping providers
  that getRoleMappers() returns, except in a different order.
  Note: For  the purpose of backward   compatibility with previous  releases of  WebLogic Server,
  roleMappers may also contain Role Mapping providers that do
  not already belong to this security realm and are not contained by another
  security realm.   In this circumstance, these Role Mapping providers will be moved to this
  security realm.  Similarly, roleMappers can be missing
  some of this security realm's current Role Mapping providers.  All
  missing Role Mapping providers will be removed from this security realm.
  These behaviors are deprecated in  this release of WebLogic Server and will be removed in
  a future release.
InvalidAttributeValueExceptionString[] getRoleMapperTypes()
weblogic.security.providers.authorization.DefaultRoleMapper.
 Use this method to find the available types to pass to createRoleMapper
RoleMapperMBean createRoleMapper(String name,
                                 String type)
                                 throws ClassNotFoundException,
                                        JMException
name - - The name of this Role Mapping provider, for example, DefaultRoleMappertype - - The type of this Role Mapping provider, for example,
  weblogic.security.providers.authorization.DefaultRoleMapper
  Use getRoleMapperTypes to find the list of types that may be specified.
ClassNotFoundException - is thrown if an invalid type is specified.
JMException
RoleMapperMBean createRoleMapper(String type)
                                 throws ClassNotFoundException,
                                        JMException
type - - The type of this Role Mapping provider, for example,
  weblogic.security.providers.authorization.DefaultRoleMapper
  Use getRoleMapperTypes to find the list of types that may be specified.
ClassNotFoundException - is thrown if an invalid type is specified.
JMExceptionvoid destroyRoleMapper(RoleMapperMBean roleMapper)
weblogic.management.configuration.SecurityConfigurationMBean.destroyRealm
 automatically removes the security realm's Role Mapping providers.
roleMapper - - The Role Mapping provider to remove.RoleMapperMBean lookupRoleMapper(String name)
AuthorizerMBean[] getAuthorizers()
void setAuthorizers(AuthorizerMBean[] authorizers)
                    throws InvalidAttributeValueException
authorizers - - The new invocation order for this security realm's
  Authorization providers.  It should contain exactly the same Authorization providers
  that getAuthorizers() returns, except in a different order.
  Note: For  the purpose of backward   compatibility with previous  releases of  WebLogic Server,
  authorizers may also contain Authorization providers that do
  not already belong to this security realm and are not contained by another
  security realm.   In this circumstance, these Authorization providers will be moved to this
  security realm.  Similarly, authorizers can be missing
  some of this security realm's current Authorization providers.  All
  missing Authorization providers will be removed from this security realm.
  These behaviors are deprecated in  this release of WebLogic Server and will be removed in
  a future release.
InvalidAttributeValueExceptionString[] getAuthorizerTypes()
weblogic.security.providers.authorization.DefaultAuthorizer.
 Use this method to find the available types to pass to createAuthorizer
AuthorizerMBean createAuthorizer(String name,
                                 String type)
                                 throws ClassNotFoundException,
                                        JMException
name - - The name of this Authorization provider, for example, DefaultAuthorizertype - - The type of this Authorization provider, for example,
  weblogic.security.providers.authorization.DefaultAuthorizer
  Use getAuthorizerTypes to find the list of types that may be specified.
ClassNotFoundException - is thrown if an invalid type is specified.
JMException
AuthorizerMBean createAuthorizer(String type)
                                 throws ClassNotFoundException,
                                        JMException
type - - The type of this Authorization provider, for example,
  weblogic.security.providers.authorization.DefaultAuthorizer
  Use getAuthorizerTypes to find the list of types that may be specified.
ClassNotFoundException - is thrown if an invalid type is specified.
JMExceptionvoid destroyAuthorizer(AuthorizerMBean authorizer)
weblogic.management.configuration.SecurityConfigurationMBean.destroyRealm
 automatically removes the security realm's Authorization providers.
authorizer - - The Authorization provider to remove.AuthorizerMBean lookupAuthorizer(String name)
AdjudicatorMBean getAdjudicator()
String[] getAdjudicatorTypes()
weblogic.security.providers.authorization.DefaultAdjudicator.
 Use this method to find the available types to pass to createAdjudicator
AdjudicatorMBean createAdjudicator(String name,
                                   String type)
                                   throws ClassNotFoundException,
                                          JMException
name - - The name of this Adjudication provider, for example, DefaultAdjudicatortype - - The type of this Adjudication provider, for example,
  weblogic.security.providers.authorization.DefaultAdjudicator
  Use getAdjudicatorTypes to find the list of types that may be specified.
ClassNotFoundException - is thrown if an invalid type is specified.
JMException
AdjudicatorMBean createAdjudicator(String type)
                                   throws ClassNotFoundException,
                                          JMException
type - - The type of this Adjudication provider, for example,
  weblogic.security.providers.authorization.DefaultAdjudicator
  Use getAdjudicatorTypes to find the list of types that may be specified.
ClassNotFoundException - is thrown if an invalid type is specified.
JMExceptionvoid destroyAdjudicator()
weblogic.management.configuration.SecurityConfigurationMBean.destroyRealm
 automatically removes the security realm's Adjudication provider.
CredentialMapperMBean[] getCredentialMappers()
void setCredentialMappers(CredentialMapperMBean[] credentialMappers)
                          throws InvalidAttributeValueException
credentialMappers - - The new invocation order for this security realm's
  Credential Mapping providers.  It should contain exactly the same Credential Mapping providers
  that getCredentialMappers() returns, except in a different order.
  Note: For  the purpose of backward   compatibility with previous  releases of  WebLogic Server,
  credentialMappers may also contain Credential Mapping providers that do
  not already belong to this security realm and are not contained by another
  security realm.   In this circumstance, these Credential Mapping providers will be moved to this
  security realm.  Similarly, credentialMappers can be missing
  some of this security realm's current Credential Mapping providers.  All
  missing Credential Mapping providers will be removed from this security realm.
  These behaviors are deprecated in  this release of WebLogic Server and will be removed in
  a future release.
InvalidAttributeValueExceptionString[] getCredentialMapperTypes()
weblogic.security.providers.credentials.DefaultCredentialMapper.
 Use this method to find the available types to pass to createCredentialMapper
CredentialMapperMBean createCredentialMapper(String name,
                                             String type)
                                             throws ClassNotFoundException,
                                                    JMException
name - - The name of this Credential Mapping provider, for example, DefaultCredentialMappertype - - The type of this Credential Mapping provider, for example,
  weblogic.security.providers.credentials.DefaultCredentialMapper
  Use getCredentialMapperTypes to find the list of types that may be specified.
ClassNotFoundException - is thrown if an invalid type is specified.
JMException
CredentialMapperMBean createCredentialMapper(String type)
                                             throws ClassNotFoundException,
                                                    JMException
type - - The type of this Credential Mapping provider, for example,
  weblogic.security.providers.credentials.DefaultCredentialMapper
  Use getCredentialMapperTypes to find the list of types that may be specified.
ClassNotFoundException - is thrown if an invalid type is specified.
JMExceptionvoid destroyCredentialMapper(CredentialMapperMBean credentialMapper)
weblogic.management.configuration.SecurityConfigurationMBean.destroyRealm
 automatically removes the security realm's Credential Mapping providers.
credentialMapper - - The Credential Mapping provider to remove.CredentialMapperMBean lookupCredentialMapper(String name)
CertPathProviderMBean[] getCertPathProviders()
void setCertPathProviders(CertPathProviderMBean[] certPathProviders)
                          throws InvalidAttributeValueException
certPathProviders - - The new invocation order for this security realm's
  Certification Path providers.  It should contain exactly the same Certification Path providers
  that getCertPathProviders() returns, except in a different order.
InvalidAttributeValueExceptionString[] getCertPathProviderTypes()
weblogic.security.providers.pk.WebLogicCertPathProvider.
 Use this method to find the available types to pass to createCertPathProvider
CertPathProviderMBean createCertPathProvider(String name,
                                             String type)
                                             throws ClassNotFoundException,
                                                    JMException
name - - The name of this Certification Path provider, for example, WebLogicCertPathProvidertype - - The type of this Certification Path provider, for example,
  weblogic.security.providers.pk.WebLogicCertPathProvider
  Use getCertPathProviderTypes to find the list of types that may be specified.
ClassNotFoundException - is thrown if an invalid type is specified.
JMException
CertPathProviderMBean createCertPathProvider(String type)
                                             throws ClassNotFoundException,
                                                    JMException
The active security realm must contain at least one Certification Path provider that is a CertPath Builder provider and at least one Certificate Path provider that is a CertPath Validator provider.
type - - The type of this Certification Path provider, for example,
  weblogic.security.providers.pk.WebLogicCertPathProvider
  Use getCertPathProviderTypes to find the list of types that may be specified.
ClassNotFoundException - is thrown if an invalid type is specified.
JMExceptionvoid destroyCertPathProvider(CertPathProviderMBean certPathProvider)
weblogic.management.configuration.SecurityConfigurationMBean.destroyRealm
 automatically removes the security realm's Certification Path providers.
 
 If certPathProvider has been selected as this security realm's
 CertPathBuilder, then this security realm's will have no
 CertPathBuilder.
certPathProvider - - The Certification Path provider to remove.CertPathProviderMBean lookupCertPathProvider(String name)
CertPathBuilderMBean getCertPathBuilder()
CertPathProviders.
void setCertPathBuilder(CertPathBuilderMBean certPathBuilder)
                        throws InvalidAttributeValueException
CertPathProviders will be used
 by the security system to build certification paths.  The provider must implement
 weblogic.management.security.pk.CertPathBuilder.
certPathBuilder - - The new CertPath Builder for this security realm.
  If null, this security realm will have no configured CertPathBuilder.
InvalidAttributeValueExceptionRealmMBean.getCertPathBuilder()KeyStoreMBean[] getKeyStores()
void setKeyStores(KeyStoreMBean[] keystores)
                  throws InvalidAttributeValueException
keystores - - The new invocation order for this security realm's
  KeyStore providers.  It should contain exactly the same KeyStore providers
  that getKeyStores() returns, except in a different order.
  Note: For  the purpose of backward   compatibility with previous  releases of  WebLogic Server,
  keystores may also contain KeyStore providers that do
  not already belong to this security realm and are not contained by another
  security realm.   In this circumstance, these KeyStore providers will be moved to this
  security realm.  Similarly, keystores can be missing
  some of this security realm's current KeyStore providers.  All
  missing KeyStore providers will be removed from this security realm.
  These behaviors are deprecated in  this release of WebLogic Server and will be removed in
  a future release.
InvalidAttributeValueExceptionString[] getKeyStoreTypes()
weblogic.security.providers.pk.DefaultKeyStore.
 Use this method to find the available types to pass to createKeyStore
KeyStoreMBean createKeyStore(String name,
                             String type)
                             throws ClassNotFoundException,
                                    JMException
name - - The name of this KeyStore provider, for example, DefaultKeyStoretype - - The type of this KeyStore provider, for example,
  weblogic.security.providers.pk.DefaultKeyStore
  Use getKeyStoreTypes to find the list of types that may be specified.
ClassNotFoundException - is thrown if an invalid type is specified.
JMException
KeyStoreMBean createKeyStore(String type)
                             throws ClassNotFoundException,
                                    JMException
type - - The type of this KeyStore provider, for example,
  weblogic.security.providers.pk.DefaultKeyStore
  Use getKeyStoreTypes to find the list of types that may be specified.
ClassNotFoundException - is thrown if an invalid type is specified.
JMExceptionvoid destroyKeyStore(KeyStoreMBean keystore)
weblogic.management.configuration.SecurityConfigurationMBean.destroyRealm
 automatically removes the security realm's KeyStore providers.
keystore - - The KeyStore provider to remove.KeyStoreMBean lookupKeyStore(String name)
UserLockoutManagerMBean getUserLockoutManager()
boolean isDeployRoleIgnored()
void setDeployRoleIgnored(boolean ignored)
                          throws InvalidAttributeValueException
ignored - - the new deploy role ignored value
InvalidAttributeValueExceptionRealmMBean.isDeployRoleIgnored()boolean isDeployPolicyIgnored()
void setDeployPolicyIgnored(boolean ignored)
                            throws InvalidAttributeValueException
ignored - - the new deploy policy ignored value
InvalidAttributeValueExceptionRealmMBean.isDeployPolicyIgnored()boolean isDeployCredentialMappingIgnored()
void setDeployCredentialMappingIgnored(boolean ignored)
                                       throws InvalidAttributeValueException
ignored - - the new deploy credential mapping ignored value.
InvalidAttributeValueExceptionRealmMBean.isDeployCredentialMappingIgnored()boolean isFullyDelegateAuthorization()
If false the containers are free to only call the security framework when security is set in the deployment descriptors.
void setFullyDelegateAuthorization(boolean fullyDelegate)
                                   throws InvalidAttributeValueException
fullyDelegate - - the new fully delegate authorization value.
InvalidAttributeValueExceptionRealmMBean.isFullyDelegateAuthorization()boolean isValidateDDSecurityData()
Not used in this release.
void setValidateDDSecurityData(boolean validate)
                               throws InvalidAttributeValueException
validate - - the new validate deployment descriptor security data value.
InvalidAttributeValueExceptionRealmMBean.isValidateDDSecurityData()String getSecurityDDModel()
Specifies the default security model for Web applications or EJBs that are secured by this security realm. You can override this default during deployment.
config.xml file
 and restarting the server, and if you do not specify a security model value
 for the module in config.xml, the module is secured with the default
 value of the AppDeploymentMBean SecurityDDModel  attribute
 (see getSecurityDDModel).
 Choose one of these security models:
Deployment Descriptors Only (DDOnly)
       Customize Roles Only (CustomRoles)
       Customize Roles and Policies (CustomRolesAndPolicies)
       Advanced (Advanced)
       You configure how this model behaves by setting values for the following options:
When Deploying Web Applications or EJBs
           DeployPolicyIgnored and
            DeployRoleIgnored attributes of RealmMBean.Check Roles and Policies (FullyDelegateAuthorization)Combined Role Mapping Enabled (CombinedRoleMappingEnabled)
RealmMBean.isDeployPolicyIgnored(), 
RealmMBean.isDeployRoleIgnored(), 
RealmMBean.isFullyDelegateAuthorization(), 
RealmMBean.isCombinedRoleMappingEnabled()
void setSecurityDDModel(String model)
                        throws InvalidAttributeValueException
model - - the new default security deployment model.
InvalidAttributeValueExceptionRealmMBean.getSecurityDDModel()boolean isCombinedRoleMappingEnabled()
Determines how the role mappings in the Enterprise Application, Web application, and EJB containers interact. This setting is valid only for Web applications and EJBs that use the Advanced security model and that initialize roles from deployment descriptors.
When enabled:
OR operator.web.xml file
       specify a role for which no mapping exists in the
       weblogic.xml file, the Web application container
       creates an empty map for the undefined role (that is, the role is
       explicitly defined as containing no principal). Therefore, no one
       can access URL patterns that are secured by such policies.ejb-jar.xml file
       specify a role for which no mapping exists in the
       weblogic-ejb-jar.xml file, the EJB container creates an
       empty map for the undefined role (that is, the role is explicitly
       defined as containing no principal). Therefore, no one can access
       methods that are secured by such policies.When disabled:
<externally-defined> descriptor element.web.xml file
       specify a role for which no role mapping exists in the
       weblogic.xml file, the Web application container
       assumes that the undefined role is the name of a principal. It
       therefore maps the assumed principal to the role name. For example,
       if the web.xml file contains the following stanza in
       one of its policies:<auth-constraint>
       <role-name>PrivilegedUser</role-name>
       </auth-constraint>weblogic.xml file has no role mapping for
       PrivilegedUser, then the Web application container
       creates an in-memory mapping that is equivalent to the following
       stanza:<security-role-assignment>
      <role-name>PrivilegedUser</role-name>
       <principal-name>PrivilegedUser</principal-name>
       </security-role-assignment>weblogic-ejb-jar.xml file. Role mappings defined in the
       other containers are not used unless defined by the
       <externally-defined> descriptor element.
void setCombinedRoleMappingEnabled(boolean combined)
                                   throws InvalidAttributeValueException
If false the containers need enternally defined mappings to use application role mappings.
combined - - the new combined role mapping value.
InvalidAttributeValueExceptionRealmMBean.isCombinedRoleMappingEnabled()
void validate()
              throws ErrorCollectionException
ErrorCollectionException - if this security realm is not valid.
  The exception contains a list of ,
  one for each reason this security realm is not valid.  The text
  of each exception describes the problem.boolean isDefaultRealm()
SecurityConfigurationMBean.getDefaultRealm()
weblogic.management.configuration.SecurityConfigurationMBean.getDefaultRealm.
void setDefaultRealm(boolean isDefault)
                     throws InvalidAttributeValueException
SecurityConfigurationMBean.setDefaultRealm(weblogic.management.security.RealmMBean)
weblogic.management.configuration.SecurityConfigurationMBean.setDefautlRealm.
isDefault - - whether or not this security realm is the Default realm
  for the WebLogic domain.
InvalidAttributeValueExceptionboolean isEnableWebLogicPrincipalValidatorCache()
The Principal Validator is used by Oracle supplied authentication providers and may be used by custom authentication providers. If enabled, the default principal validator will cache WebLogic Principal signatures.
void setEnableWebLogicPrincipalValidatorCache(boolean enabled)
                                              throws InvalidAttributeValueException
enabled - - the new enable weblogic principal validator cache value.
InvalidAttributeValueExceptionRealmMBean.isEnableWebLogicPrincipalValidatorCache()Integer getMaxWebLogicPrincipalsInCache()
EnableWebLogicPrincipalValidatorCache is set
 to true
void setMaxWebLogicPrincipalsInCache(Integer size)
                                     throws InvalidAttributeValueException
size - - the new weblogic principals maximum cache size
InvalidAttributeValueExceptionRealmMBean.getMaxWebLogicPrincipalsInCache()String getName()
getName in interface StandardInterfaceboolean isDelegateMBeanAuthorization()
Configures the WebLogic Server MBean servers to use the security realm's Authorization providers to determine whether a JMX client has permission to access an MBean attribute or invoke an MBean operation.
You can continue to use WebLogic Server's default security settings or modify the defaults to suit your needs.
If you do not delegate authorization to the realm's Authorization providers, the WebLogic MBean servers allow access only to the four default security roles (Admin, Deployer, Operator, and Monitor) and only as specified by WebLogic Server's default security settings.
void setDelegateMBeanAuthorization(boolean deleteMBeanAuthorization)
                                   throws InvalidAttributeValueException
deleteMBeanAuthorization - - the new delegate MBean authorization value.
InvalidAttributeValueExceptionRealmMBean.isDelegateMBeanAuthorization()String getAuthMethods()
void setAuthMethods(String methods)
RDBMSSecurityStoreMBean getRDBMSSecurityStore()
RealmMBean.createRDBMSSecurityStore()
RDBMSSecurityStoreMBean createRDBMSSecurityStore()
                                                 throws JMException
destroyRDBMSSecurityStore operation. The new security store MBean
 will have this realm as its parent.
JMException - if an error occurs when creating a RDBMS security storeRealmMBean.destroyRDBMSSecurityStore()
RDBMSSecurityStoreMBean createRDBMSSecurityStore(String name)
                                                 throws JMException
destroyRDBMSSecurityStore operation. The new security
 store MBean will have this realm as its parent.
name - the name of this RDBMS security store
JMException - if an error occurs when creating a RDBMS security storeRealmMBean.destroyRDBMSSecurityStore()void destroyRDBMSSecurityStore()
RealmMBean.createRDBMSSecurityStore()
PasswordValidatorMBean createPasswordValidator(Class subClass,
                                               String name)
                                               throws JMException
subClass - Class The class of a Password Validator provider MBean implementationname - String The name for the given Password Validator provider MBean
JMException
PasswordValidatorMBean createPasswordValidator(String name,
                                               String type)
                                               throws ClassNotFoundException,
                                                      JMException
name - String The name for the given Password Validator provider MBeantype - String The type of a Password Validator provider, all available types are in method getPasswordValidatorTypes
ClassNotFoundException
JMException
PasswordValidatorMBean createPasswordValidator(String type)
                                               throws ClassNotFoundException,
                                                      JMException
type - String The type of a Password Validator provider, all available types are in method getPasswordValidatorTypes
ClassNotFoundException
JMExceptionString[] getPasswordValidatorTypes()
com.bea.security.providers.authentication.passwordvalidator.SystemPasswordValidator.
 Use this method to find the available types to pass to createPasswordValidator
PasswordValidatorMBean[] getPasswordValidators()
void setPasswordValidators(PasswordValidatorMBean[] passwordvalidators)
                           throws InvalidAttributeValueException
passwordvalidators - - The password validator providers to be set for this security realm.
InvalidAttributeValueExceptionPasswordValidatorMBean lookupPasswordValidator(String name)
name - String The name of a Password Validator provider MBean
void destroyPasswordValidator(PasswordValidatorMBean provider)
provider - PasswordValidatorMBean The Password Validator provider to removeboolean isDeployableProviderSynchronizationEnabled()
The Authorization and Role Mapping providers may or may not support parallel security policy and role modification, respectively, in the security provider database. If the security providers do not support parallel modification, the WebLogic Security Framework enforces a synchronization mechanism that results in each application and module being placed in a queue and deployed sequentially.
void setDeployableProviderSynchronizationEnabled(boolean enabled)
                                                 throws InvalidAttributeValueException
enabled - - the new value indicating whether the synchronization for deployable Authorization and Role Mapping providers is enabled
InvalidAttributeValueExceptionRealmMBean.isDeployableProviderSynchronizationEnabled()Integer getDeployableProviderSynchronizationTimeout()
DeployableProviderSynchronizationEnabled is set
 to true
void setDeployableProviderSynchronizationTimeout(Integer timeout)
                                                 throws InvalidAttributeValueException
timeout - - the new timeout value (in milliseconds)
InvalidAttributeValueExceptionRealmMBean.getDeployableProviderSynchronizationTimeout()| 
 | Copyright 1996, 2014, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Oracle Fusion Middleware Java API Reference for Oracle WebLogic Server 12c (12.1.3) Part Number E41849-02 | |||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||