DescriptorBean
, ListerMBean
, NameListerMBean
, SettableBean
, StandardInterface
, UserPasswordEditorMBean
, UserReaderMBean
, UserRemoverMBean
public interface UserEditorMBean extends UserReaderMBean, UserPasswordEditorMBean, UserRemoverMBean
Provides a set of methods for creating, editing, and removing users. An Authentication provider MBean can optionally implement this MBean. The WebLogic Server Administration Console detects when an Authentication provider implements this MBean and automatically provides a GUI for using these methods.
CSS v4 introduced a new Password Validaton Service to check password against a set of rules when doing
changing password operations with authentication provider MBeans such as createUser
, changeUserPassword
and resetUserPassword
. The rules can be specified through configuring Password Validation Provider into the
security realm, for further information, see weblogic.management.security.RealmMBean
.
All OOTB authentication providers in CSS will automatically call the Password Validation Service if their MBeans inherit
UserPasswordEditorMBean
interface. The service is also available for all those customized authentication
providers whose MBeans inherit UserPasswordEditorMBean
, to introduce the Password Validation Service into a
customized authentication proivder, the following approach must be met:
In the initialize
method of a customized provider implementation, must retrieve the Password Validation
Service and register the service into a helper class such as weblogic.security.provider.authentication.AuthenticationSecurityHelper
,
the code might like as below:
import com.bea.common.security.service.PasswordValidationService;
import com.bea.common.security.legacy.ExtendedSecurityServices;
import com.bea.common.security.internal.legacy.helper.PasswordValidationServiceConfigHelper;
import weblogic.security.provider.authentication.AuthenticationSecurityHelper;
......
ExtendedSecurityServices extendedSecurityServices = (ExtendedSecurityServices)securityServices;
PasswordValidationService serivce = (PasswordValidationService)extendedSecurityServices.getServices().getService(PasswordValidationServiceConfigHelper.getServiceName(providerMBean.getRealm()));
AuthenticationSecurityHelper.getInstance(providerMBean).registerPasswordValidationService(service);
......
In the createUser
, changeUserPassword
and(or) resetUserPassword
methods of a customized authentication
provider MBean, call the helper class to validate the new password to determine if the new password is valid. The code might be:
import weblogic.security.provider.authentication.AuthenticationSecurityHelper;
.....
AuthenticationSecurityHelper.getInstance(providerMBean).validatePassword(userName,password);
.....
Modifier and Type | Method | Description |
---|---|---|
void |
createUser(java.lang.String userName,
java.lang.String password,
java.lang.String description) |
Creates a user and sets the user's password.
|
void |
setUserDescription(java.lang.String userName,
java.lang.String description) |
Sets the description for an existing user.
|
addPropertyChangeListener, createChildCopyIncludingObsolete, getParentBean, isEditable, removePropertyChangeListener
advance, close, haveCurrent
getCurrentName
getName
changeUserPassword, resetUserPassword
getUserDescription, listUsers, userExists
removeUser
void createUser(java.lang.String userName, java.lang.String password, java.lang.String description) throws InvalidParameterException, AlreadyExistsException
userName
- - The name of the new user. The name cannot be the name of an existing user or group.
The Authentication provider determines syntax requirements for the user name.password
- - The password for the new user.
The Authentication provider determines syntax requirements for passwords.description
- - The description of the user.InvalidParameterException
AlreadyExistsException
void setUserDescription(java.lang.String userName, java.lang.String description) throws NotFoundException, InvalidParameterException
userName
- - The name of an existing user.description
- - The description of the user.NotFoundException
InvalidParameterException