ConfigurationMBean
, DescriptorBean
, javax.management.DynamicMBean
, javax.management.MBeanRegistration
, javax.management.NotificationBroadcaster
, SettableBean
, WebLogicMBean
public interface FederationServicesMBean extends ConfigurationMBean
DEFAULT_EMPTY_BYTE_ARRAY
Modifier and Type | Method | Description |
---|---|---|
java.lang.String[] |
getAllowedTargetHosts() |
List of hosts to compare against the host in the SAML SP target redirect URL.
|
java.lang.String[] |
getAssertionConsumerURIs() |
The Assertion Consumer URIs.
|
java.lang.String[] |
getAssertionRetrievalURIs() |
One or more URIs on which to listen
for incoming assertion retrieval requests.
|
java.lang.String |
getAssertionStoreClassName() |
The class that provides persistent storage for assertions, if you use an Assertion Store class other than the default class.
|
java.util.Properties |
getAssertionStoreProperties() |
Properties passed to Assertion Store class initStore() method.
|
java.lang.String[] |
getIntersiteTransferURIs() |
The Intersite Transfer URIs.
|
java.lang.String |
getSigningKeyAlias() |
The alias used to store and retrieve the Source Site's signing key
in the keystore.
|
java.lang.String |
getSigningKeyPassPhrase() |
The passphrase used to retrieve the Source Site's signing key from
the keystore.
|
byte[] |
getSigningKeyPassPhraseEncrypted() |
The encrypted passphrase used to retrieve the Source Site's signing key from
the keystore.
|
java.lang.String |
getSourceIdBase64() |
The Source Site ID base64-encoded.
|
java.lang.String |
getSourceIdHex() |
The Source Site ID in hexadecimal.
|
java.lang.String |
getSourceSiteURL() |
The URL for the Source Site.
|
java.lang.String |
getSSLClientIdentityAlias() |
The alias used to store and retrieve the Destination Site's SSL client identity
in the keystore.
|
java.lang.String |
getSSLClientIdentityPassPhrase() |
The passphrase used to retrieve the Destination Site's SSL client identity from
the keystore.
|
byte[] |
getSSLClientIdentityPassPhraseEncrypted() |
The encrypted passphrase used to retrieve the Destination Site's SSL client identity from
the keystore.
|
java.lang.String |
getUsedAssertionCacheClassName() |
The class used as the persistent store for the Used Assertion Cache.
|
java.util.Properties |
getUsedAssertionCacheProperties() |
Properties to be passed to the Used Assertion Cache class.
|
boolean |
isACSRequiresSSL() |
Specifies whether the Assertion Consumer Service requires SSL.
|
boolean |
isARSRequiresSSL() |
Specifies whether the Assertion Retrieval Service requires SSL.
|
boolean |
isARSRequiresTwoWaySSL() |
Specifies whether the Assertion Retrieval Service requires two-way SSL authentication.
|
boolean |
isDestinationSiteEnabled() |
Specifies whether the Destination Site is enabled.
|
boolean |
isITSRequiresSSL() |
Specifies whether the Intersite Transfer Service requires SSL.
|
boolean |
isPOSTOneUseCheckEnabled() |
Specifies whether the POST one-use check is enabled.
|
boolean |
isPOSTRecipientCheckEnabled() |
Specifies whether the POST recipient check is enabled.
|
boolean |
isSourceSiteEnabled() |
Indicates whether the Source Site is enabled.
|
void |
setACSRequiresSSL(boolean acsRequiresSSL) |
Set the ACS requires SSL value.
|
void |
setAllowedTargetHosts(java.lang.String[] allowedTargetHosts) |
Set the allowed target hosts for url redirection
|
void |
setARSRequiresSSL(boolean arsRequiresSSL) |
Set the ARS requires SSL value.
|
void |
setARSRequiresTwoWaySSL(boolean arsRequiresTwoWaySSL) |
Set the ARS requires two-way SSL authentication value.
|
void |
setAssertionConsumerURIs(java.lang.String[] assertionConsumerURIs) |
Set the Assertion Consumer URIs.
|
void |
setAssertionRetrievalURIs(java.lang.String[] assertionRetrievalURIs) |
Set the Assertion Retrieval URIs.
|
void |
setAssertionStoreClassName(java.lang.String assertionStoreClassName) |
Set the (non-default) Assertion Store class name.
|
void |
setAssertionStoreProperties(java.util.Properties assertionStoreProperties) |
Set the Assertion Store properties.
|
void |
setDestinationSiteEnabled(boolean destinationSiteEnabled) |
Set the Destination Site enabled value.
|
void |
setIntersiteTransferURIs(java.lang.String[] intersiteTransferURIs) |
Set the Intersite Transfer URIs.
|
void |
setITSRequiresSSL(boolean itsRequiresSSL) |
Set the ITS requires SSL value.
|
void |
setPOSTOneUseCheckEnabled(boolean postOneUseCheckEnabled) |
Set the POST one-use check enabled value.
|
void |
setPOSTRecipientCheckEnabled(boolean postRecipientCheckEnabled) |
Set the POST recipient check enabled value.
|
void |
setSigningKeyAlias(java.lang.String signingKeyAlias) |
Sets the value of the SigningKeyAlias attribute.
|
void |
setSigningKeyPassPhrase(java.lang.String signingKeyPassPhrase) |
Sets the value of the SigningKeyPassPhrase attribute.
|
void |
setSigningKeyPassPhraseEncrypted(byte[] signingKeyPassPhraseEncrypted) |
Sets the value of the SigningKeyPassPhraseEncrypted attribute.
|
void |
setSourceSiteEnabled(boolean sourceSiteEnabled) |
Set the Source Site enabled value.
|
void |
setSourceSiteURL(java.lang.String sourceSiteURL) |
Set the Source Site URL.
|
void |
setSSLClientIdentityAlias(java.lang.String sslClientIdentityAlias) |
Sets the value of the SSLClientIdentityAlias attribute.
|
void |
setSSLClientIdentityPassPhrase(java.lang.String sslClientIdentityPassPhrase) |
Sets the value of the SSLClientIdentityPassPhrase attribute.
|
void |
setSSLClientIdentityPassPhraseEncrypted(byte[] sslClientIdentityPassPhraseEncrypted) |
Sets the value of the SSLClientIdentityPassPhraseEncrypted attribute.
|
void |
setUsedAssertionCacheClassName(java.lang.String usedAssertionCacheClassName) |
Set the (non-default) Used Assertion Cache class name.
|
void |
setUsedAssertionCacheProperties(java.util.Properties usedAssertionCacheProperties) |
Set the Used Assertion Cache properties.
|
freezeCurrentValue, getId, getInheritedProperties, getName, getNotes, isDynamicallyCreated, isInherited, isSet, restoreDefaultValue, setComments, setDefaultedMBean, setName, setNotes, setPersistenceEnabled, unSet
addPropertyChangeListener, createChildCopyIncludingObsolete, getParentBean, isEditable, removePropertyChangeListener
getAttribute, getAttributes, invoke, setAttribute, setAttributes
postDeregister, postRegister, preDeregister, preRegister
addNotificationListener, getNotificationInfo, removeNotificationListener
getMBeanInfo, getObjectName, getParent, getType, isCachingDisabled, isRegistered, setParent
boolean isSourceSiteEnabled()
Indicates whether the Source Site is enabled.
void setSourceSiteEnabled(boolean sourceSiteEnabled) throws javax.management.InvalidAttributeValueException
Set the Source Site enabled value.
sourceSiteEnabled
- The Source Site enabled setting.javax.management.InvalidAttributeValueException
java.lang.String getSourceSiteURL()
The URL for the Source Site.
void setSourceSiteURL(java.lang.String sourceSiteURL) throws javax.management.InvalidAttributeValueException
Set the Source Site URL.
sourceSiteURL
- The Source Site URL to set.javax.management.InvalidAttributeValueException
java.lang.String getSourceIdHex()
The Source Site ID in hexadecimal.
This read-only value is a hexadecimal representation of a 20-byte
binary value that is calculated from the SourceSiteURL
.
If you want to configure ARTIFACT profile with another site, you will
need to give a SourceId
value to the other site. This
value is automatically updated when the SourceSiteURL
changes.
java.lang.String getSourceIdBase64()
The Source Site ID base64-encoded.
This read-only value is a Base64 representation of a 20-byte binary
value that is calculated from the SourceSiteURL
. If you
want to configure ARTIFACT profile with another site, you will need to
give a SourceId
value to the other site. This value is
automatically updated when the SourceSiteURL
changes.
java.lang.String[] getIntersiteTransferURIs()
The Intersite Transfer URIs.
void setIntersiteTransferURIs(java.lang.String[] intersiteTransferURIs) throws javax.management.InvalidAttributeValueException
Set the Intersite Transfer URIs.
intersiteTransferURIs
- The Intersite Transfer URIs to set.javax.management.InvalidAttributeValueException
boolean isITSRequiresSSL()
Specifies whether the Intersite Transfer Service requires SSL.
void setITSRequiresSSL(boolean itsRequiresSSL) throws javax.management.InvalidAttributeValueException
Set the ITS requires SSL value.
itsRequiresSSL
- The ITS requires SSL value to set.javax.management.InvalidAttributeValueException
java.lang.String[] getAssertionRetrievalURIs()
One or more URIs on which to listen for incoming assertion retrieval requests.
For artifact profile, the destination site receives a SAML artifact that represents a source site (why we need the source site ID values) and an assertion ID. The destination site sends a request containing the artifact to the source site's assertion retrieval URL, and the source site responds with the corresponding assertion. You may configure multiple URIs here, although typically one will be sufficient. The URI includes the application context, followed by the resource context. For example:
/my_application/saml/ars
which would be accessible from the outside as
https://my.example.com/my_application/saml/ars
void setAssertionRetrievalURIs(java.lang.String[] assertionRetrievalURIs) throws javax.management.InvalidAttributeValueException
Set the Assertion Retrieval URIs.
assertionRetrievalURIs
- The Assertion Retrieval URIs to set.javax.management.InvalidAttributeValueException
boolean isARSRequiresSSL()
Specifies whether the Assertion Retrieval Service requires SSL.
void setARSRequiresSSL(boolean arsRequiresSSL) throws javax.management.InvalidAttributeValueException
Set the ARS requires SSL value.
arsRequiresSSL
- The ARS requires SSL value to set.javax.management.InvalidAttributeValueException
boolean isARSRequiresTwoWaySSL()
Specifies whether the Assertion Retrieval Service requires two-way SSL authentication.
void setARSRequiresTwoWaySSL(boolean arsRequiresTwoWaySSL) throws javax.management.InvalidAttributeValueException
Set the ARS requires two-way SSL authentication value.
arsRequiresTwoWaySSL
- The ARS requires two-way SSL authentication value to set.javax.management.InvalidAttributeValueException
java.lang.String getAssertionStoreClassName()
The class that provides persistent storage for assertions, if you use an Assertion Store class other than the default class.
void setAssertionStoreClassName(java.lang.String assertionStoreClassName) throws javax.management.InvalidAttributeValueException
Set the (non-default) Assertion Store class name.
assertionStoreClassName
- The Assertion Store class name to set.javax.management.InvalidAttributeValueException
java.util.Properties getAssertionStoreProperties()
Properties passed to Assertion Store class initStore() method.
This may be useful if you have implemented a custom Assertion Store class.
void setAssertionStoreProperties(java.util.Properties assertionStoreProperties) throws javax.management.InvalidAttributeValueException
Set the Assertion Store properties.
assertionStoreProperties
- The Assertion Store properties to set.javax.management.InvalidAttributeValueException
java.lang.String getSigningKeyAlias()
The alias used to store and retrieve the Source Site's signing key in the keystore. This key is used to sign POST profile responses.
void setSigningKeyAlias(java.lang.String signingKeyAlias) throws javax.management.InvalidAttributeValueException
Sets the value of the SigningKeyAlias attribute.
signingKeyAlias
- The signingKeyAlias to set.javax.management.InvalidAttributeValueException
java.lang.String getSigningKeyPassPhrase()
The passphrase used to retrieve the Source Site's signing key from the keystore.
void setSigningKeyPassPhrase(java.lang.String signingKeyPassPhrase) throws javax.management.InvalidAttributeValueException
Sets the value of the SigningKeyPassPhrase attribute.
When you get the value of this attribute, WebLogic Server does the following:
SigningKeyPassPhraseEncrypted
attribute.
When you set the value of this attribute, WebLogic Server does the following:
SigningKeyPassPhraseEncrypted
attribute to the
encrypted value.Using this attribute (SigningKeyPassPhrase
) is a potential
security risk because
the String object (which contains the unencrypted passphrase) remains in
the JVM's memory until garbage collection removes it and the memory is reallocated. Depending on how
memory is allocated in the JVM, a significant amount of time could pass
before this unencrypted data is removed from memory.
Instead of using this attribute, use
getSigningKeyPassPhraseEncrypted
.
signingKeyPassPhrase
- The signingKeyPassPhrase to set.javax.management.InvalidAttributeValueException
byte[] getSigningKeyPassPhraseEncrypted()
The encrypted passphrase used to retrieve the Source Site's signing key from the keystore.
To set this attribute, use weblogic.management.EncryptionHelper.encrypt()
to encrypt the value. Then set this attribute to the output of the encrypt() method.
To compare a password that a user enters with the encrypted
value of this attribute, go to the same WebLogic Server instance
that you used to set and encrypt this attribute
and use weblogic.management.EncryptionHelper.encrypt()
to encrypt the user-supplied password. Then compare the encrypted values.
void setSigningKeyPassPhraseEncrypted(byte[] signingKeyPassPhraseEncrypted) throws javax.management.InvalidAttributeValueException
Sets the value of the SigningKeyPassPhraseEncrypted attribute.
signingKeyPassPhraseEncrypted
- The signingKeyPassPhraseEncrypted value to set.javax.management.InvalidAttributeValueException
boolean isDestinationSiteEnabled()
Specifies whether the Destination Site is enabled.
void setDestinationSiteEnabled(boolean destinationSiteEnabled) throws javax.management.InvalidAttributeValueException
Set the Destination Site enabled value.
destinationSiteEnabled
- The Destination Site enabled setting.javax.management.InvalidAttributeValueException
java.lang.String[] getAssertionConsumerURIs()
The Assertion Consumer URIs.
void setAssertionConsumerURIs(java.lang.String[] assertionConsumerURIs) throws javax.management.InvalidAttributeValueException
Set the Assertion Consumer URIs.
assertionConsumerURIs
- The ASsertion Consumer URIs to set.javax.management.InvalidAttributeValueException
boolean isACSRequiresSSL()
Specifies whether the Assertion Consumer Service requires SSL.
void setACSRequiresSSL(boolean acsRequiresSSL) throws javax.management.InvalidAttributeValueException
Set the ACS requires SSL value.
acsRequiresSSL
- The ACS requires SSL value to set.javax.management.InvalidAttributeValueException
boolean isPOSTRecipientCheckEnabled()
Specifies whether the POST recipient check is enabled. When true, the recipient of the SAML Response must match the URL in the HTTP Request.
void setPOSTRecipientCheckEnabled(boolean postRecipientCheckEnabled) throws javax.management.InvalidAttributeValueException
Set the POST recipient check enabled value.
postRecipientCheckEnabled
- The POST recipient check enabled value to set.javax.management.InvalidAttributeValueException
boolean isPOSTOneUseCheckEnabled()
Specifies whether the POST one-use check is enabled.
void setPOSTOneUseCheckEnabled(boolean postOneUseCheckEnabled) throws javax.management.InvalidAttributeValueException
Set the POST one-use check enabled value.
postOneUseCheckEnabled
- The POST one-use check enabled value to set.javax.management.InvalidAttributeValueException
java.lang.String getUsedAssertionCacheClassName()
The class used as the persistent store for the Used Assertion Cache. When no class is specified, the default Used Assertion Cache implementation is used.
void setUsedAssertionCacheClassName(java.lang.String usedAssertionCacheClassName) throws javax.management.InvalidAttributeValueException
Set the (non-default) Used Assertion Cache class name.
usedAssertionCacheClassName
- The Used Assertion Cache class name to set.javax.management.InvalidAttributeValueException
java.util.Properties getUsedAssertionCacheProperties()
Properties to be passed to the Used Assertion Cache class.
void setUsedAssertionCacheProperties(java.util.Properties usedAssertionCacheProperties) throws javax.management.InvalidAttributeValueException
Set the Used Assertion Cache properties.
usedAssertionCacheProperties
- The Used Assertion Cache properties to set.javax.management.InvalidAttributeValueException
java.lang.String getSSLClientIdentityAlias()
The alias used to store and retrieve the Destination Site's SSL client identity in the keystore.
void setSSLClientIdentityAlias(java.lang.String sslClientIdentityAlias) throws javax.management.InvalidAttributeValueException
Sets the value of the SSLClientIdentityAlias attribute.
sslClientIdentityAlias
- The sslClientIdentityAlias to set.javax.management.InvalidAttributeValueException
java.lang.String getSSLClientIdentityPassPhrase()
The passphrase used to retrieve the Destination Site's SSL client identity from the keystore.
void setSSLClientIdentityPassPhrase(java.lang.String sslClientIdentityPassPhrase) throws javax.management.InvalidAttributeValueException
Sets the value of the SSLClientIdentityPassPhrase attribute.
When you get the value of this attribute, WebLogic Server does the following:
SSLClientIdentityPassPhraseEncrypted
attribute.
When you set the value of this attribute, WebLogic Server does the following:
SSLClientIdentityPassPhraseEncrypted
attribute to the
encrypted value.Using this attribute (SSLClientIdentityPassPhrase
) is a potential
security risk because
the String object (which contains the unencrypted passphrase) remains in
the JVM's memory until garbage collection removes it and the memory is reallocated. Depending on how
memory is allocated in the JVM, a significant amount of time could pass
before this unencrypted data is removed from memory.
Instead of using this attribute, use
getSSLClientIdentityPassPhraseEncrypted
.
sslClientIdentityPassPhrase
- The sslClientIdentityPassPhrase to set.javax.management.InvalidAttributeValueException
byte[] getSSLClientIdentityPassPhraseEncrypted()
The encrypted passphrase used to retrieve the Destination Site's SSL client identity from the keystore.
To set this attribute, use weblogic.management.EncryptionHelper.encrypt()
to encrypt the value. Then set this attribute to the output of the encrypt() method.
To compare a password that a user enters with the encrypted
value of this attribute, go to the same WebLogic Server instance
that you used to set and encrypt this attribute
and use weblogic.management.EncryptionHelper.encrypt()
to encrypt the user-supplied password. Then compare the encrypted values.
void setSSLClientIdentityPassPhraseEncrypted(byte[] sslClientIdentityPassPhraseEncrypted) throws javax.management.InvalidAttributeValueException
Sets the value of the SSLClientIdentityPassPhraseEncrypted attribute.
sslClientIdentityPassPhraseEncrypted
- The sslClientIdentityPassPhraseEncrypted value to set.javax.management.InvalidAttributeValueException
java.lang.String[] getAllowedTargetHosts()
void setAllowedTargetHosts(java.lang.String[] allowedTargetHosts) throws javax.management.InvalidAttributeValueException
allowedTargetHosts
- array of allowed target hostsjavax.management.InvalidAttributeValueException