Oracle Fusion Middleware
Oracle WebLogic Server API Reference
11g Release 1 (10.3.6)

Part Number E13941-07

weblogic.security.acl
Class Security

java.lang.Object
  extended by weblogic.security.acl.Security

Deprecated. Deprecated in WebLogic Server 7.0. Replaced by Pluggable Security Infrastructure and JAAS based authentication.

public final class Security
extends Object

The Security class groups static functions for accessing the default realm and authentication contexts for threads. For security reasons, the methods in this class may only be executed from within WebLogic's VM. Each method requires access to a realm and its ACLs, users, and groups, none of which a client application can access.


Constructor Summary
Security()
          Deprecated.  
 
Method Summary
static void checkPermission(Principal principal, String aclName, Permission permission, char sep)
          Deprecated. Determines whether the specified Principal has the specified permission, according to Acls in the WebLogic realm.
static void checkPermission(Principal principal, String aclName, Permission permission, char sep, Acl dflt)
          Deprecated. Determines whether the specified Principal has the specified permission, according to Acls in the WebLogic realm.
static void checkPermission(String aclName, Permission permission, char sep)
          Deprecated. Determines whether the current user has the specified permission, according to Acls in the WebLogic realm.
static void checkPermission(String subsystem, Principal principal, String aclName, Permission permission, char sep)
          Deprecated.  
static void checkPermission(String subsystem, Principal principal, String aclName, Permission permission, char sep, Acl dflt)
          Deprecated.  
static void checkPermission(String subsystem, String aclName, Permission permission, char sep)
          Deprecated.  
static Object doAsPrivileged(UserInfo newUser, PrivilegedAction action)
          Deprecated. Set a new user to the thread for the running of the input action.
static Object doAsPrivileged(UserInfo newUser, PrivilegedExceptionAction action)
          Deprecated. Set a new user to the thread for running of the input action.
static User getCurrentUser()
          Deprecated. Returns the current user, which is either user information associated with the thread or the special user "guest." if no user has been set.
static long getInvalidLoginAttemptsTotalCount()
          Deprecated. Returns the cumulative number of invalid logins attempted on this server
static long getInvalidLoginUsersHighCount()
          Deprecated. Gets the highwater number of users with outstanding invalid login attempts for this server
static long getLockedUsersCurrentCount()
          Deprecated. Returnss the number of currently locked users on this server
static long getLoginAttemptsWhileLockedTotalCount()
          Deprecated. Returns the cumulative number of invalid logins attempted on this server attempted while the user was locked
static PasswordGuessing getPasswordGuessing()
          Deprecated. Return the PasswordGuessing object used to protect against Dictionary attacks.
static BasicRealm getRealm()
          Deprecated. If you are using Compatibility Security in WebLogic Server 7.0 or later, returns the WebLogic realm; otherwise, returns Null.
static String getThreadCurrentUserName()
          Deprecated. Returns this thread's current user's name if there is a current user, null otherwise
static long getUnlockedUsersTotalCount()
          Deprecated. Returns the number times we have unlocked a user on this server
static User getUser(String name, Object credential)
          Deprecated. Gets the User for the specified username and credential.
static UserInfo getUserInfo(String name, Object credential)
          Deprecated. Gets the UserInfo for the specified username and credential.
static long getUserLockoutTotalCount()
          Deprecated. Returns the cumulative number of user lockouts done on this server
static boolean hasPermission(Principal principal, String aclName, Permission permission, char sep)
          Deprecated. Determines whether the specified Principal has the specified permission, according to Acls in the WebLogic realm.
static boolean hasPermission(Principal principal, String aclName, Permission permission, char sep, Acl dflt)
          Deprecated. Determines whether the specified Principal has the specified permission, according to Acls in the WebLogic realm.
static boolean hasPermission(Principal principal, String aclName, String permission, char sep)
          Deprecated. Determines whether the specified Principal has a permission of the specified name, according to Acls in the WebLogic realm.
static boolean hasPermission(String aclName, Permission permission, char sep)
          Deprecated. Determines whether the current user has the specified permission, according to Acls in the WebLogic realm.
static boolean hasPermission(String aclName, Permission permission, char sep, Acl dflt)
          Deprecated. Determines whether the current user has the specified permission, according to Acls in the WebLogic realm.
static boolean hasPermission(String subsystem, Principal principal, String aclName, Permission permission, char sep)
          Deprecated.  
static boolean hasPermission(String subsystem, Principal principal, String aclName, Permission permission, char sep, Acl dflt)
          Deprecated.  
static boolean hasPermission(String subsystem, Principal principal, String aclName, String permission, char sep)
          Deprecated.  
static void init(BasicRealm aRealm)
          Deprecated. Initializes the specified BasicRealm.
static void logAndThrow(String msg)
          Deprecated. Makes an entry in the security log and throws an exception.
static void receiveSecurityMessage(weblogic.rmi.spi.HostID sender, SecurityMessage sm)
          Deprecated. Processes a SecurityLoginState message from a remote server.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

Security

public Security()
Deprecated. 
Method Detail

getRealm

public static BasicRealm getRealm()
Deprecated. 
If you are using Compatibility Security in WebLogic Server 7.0 or later, returns the WebLogic realm; otherwise, returns Null.


hasPermission

public static boolean hasPermission(Principal principal,
                                    String aclName,
                                    String permission,
                                    char sep)
Deprecated. 
Determines whether the specified Principal has a permission of the specified name, according to Acls in the WebLogic realm. The Acl is determined by searching for Acls in the WebLogic realm whose names are prefixes of the argument "aclName," delimited by the character specified in the argument "sep."

Parameters:
principal - Principal to be checked
aclName - ACL to be matched
permission - Permission to be matched
sep - Character delimiter for ACL
Returns:
True if Principal has permission

hasPermission

public static boolean hasPermission(String subsystem,
                                    Principal principal,
                                    String aclName,
                                    String permission,
                                    char sep)
Deprecated. 

hasPermission

public static boolean hasPermission(Principal principal,
                                    String aclName,
                                    Permission permission,
                                    char sep)
Deprecated. 
Determines whether the specified Principal has the specified permission, according to Acls in the WebLogic realm. The Acl is determined by searching for Acls in the WebLogic realm whose names are prefixes of the argument "aclName," delimited by the character specified in the argument "sep."

Parameters:
principal - Principal to be checked
aclName - ACL to be matched
permission - Permission object
sep - Character delimiter for ACL
Returns:
True if Principal has permission

hasPermission

public static boolean hasPermission(String subsystem,
                                    Principal principal,
                                    String aclName,
                                    Permission permission,
                                    char sep)
Deprecated. 

hasPermission

public static boolean hasPermission(Principal principal,
                                    String aclName,
                                    Permission permission,
                                    char sep,
                                    Acl dflt)
Deprecated. 
Determines whether the specified Principal has the specified permission, according to Acls in the WebLogic realm. The Acl is determined by searching for Acls in the WebLogic realm whose names are prefixes of the argument "aclName," delimited by the character specified in the argument "sep." If no Acl is found, the Acl defined by the "dflt" argument is used. If null is supplied as the "dflt" argument, it is equivalent to but faster than providing an Acl that grants all permissions to everyone.

Parameters:
principal - Principal to be checked
aclName - ACL to be matched
permission - Permission object
sep - Character delimiter for ACL
dflt - Default ACL to be used if no ACL is found
Returns:
True if Principal has permission

hasPermission

public static boolean hasPermission(String subsystem,
                                    Principal principal,
                                    String aclName,
                                    Permission permission,
                                    char sep,
                                    Acl dflt)
Deprecated. 

hasPermission

public static boolean hasPermission(String aclName,
                                    Permission permission,
                                    char sep)
Deprecated. 
Determines whether the current user has the specified permission, according to Acls in the WebLogic realm. The Acl is determined by searching for Acls in the WebLogic realm whose names are prefixes of the argument "aclName," delimited by the character specified in the argument "sep."

Parameters:
aclName - ACL to be matched
permission - Permission object
sep - Character delimiter for ACL
Returns:
True if current user has permission

hasPermission

public static boolean hasPermission(String aclName,
                                    Permission permission,
                                    char sep,
                                    Acl dflt)
Deprecated. 
Determines whether the current user has the specified permission, according to Acls in the WebLogic realm. The Acl is determined by searching for Acls in the WebLogic realm whose names are prefixes of the argument "aclName," delimited by the character specified in the argument "sep." If no Acl is found, the Acl defined by the "dflt" argument is used. If null is supplied as the "dflt" argument, it is equivalent to but faster than providing an Acl that grants all permissions to everyone.

Parameters:
aclName - ACL to be matched
permission - Permission object
sep - Character delimiter for ACL
dflt - Default ACL to be used if no ACL is found
Returns:
True if current user has permission

getThreadCurrentUserName

public static String getThreadCurrentUserName()
Deprecated. 
Returns this thread's current user's name if there is a current user, null otherwise

Returns:
String

getCurrentUser

public static User getCurrentUser()
Deprecated. 
Returns the current user, which is either user information associated with the thread or the special user "guest." if no user has been set.

Returns:
User

checkPermission

public static void checkPermission(Principal principal,
                                   String aclName,
                                   Permission permission,
                                   char sep,
                                   Acl dflt)
                            throws SecurityException
Deprecated. 
Determines whether the specified Principal has the specified permission, according to Acls in the WebLogic realm. The Acl is determined by searching for Acls in the WebLogic realm whose names are prefixes of the argument "aclName," delimited by the character specified in the argument "sep." If no Acl is found, the Acl defined by the "dflt" argument is used. If null is supplied as the "dflt" argument, it is equivalent to but faster than providing an Acl that grants all permissions to everyone.

Makes an entry in the security log and throws an exception on failure.

Parameters:
principal - Principal to be checked
aclName - ACL to be matched
permission - Permission object
sep - Character delimiter for ACL
dflt - Default ACL to be used if no ACL is found
Throws:
SecurityException - if the permission check fails

checkPermission

public static void checkPermission(String subsystem,
                                   Principal principal,
                                   String aclName,
                                   Permission permission,
                                   char sep,
                                   Acl dflt)
                            throws SecurityException
Deprecated. 
Throws:
SecurityException

checkPermission

public static void checkPermission(Principal principal,
                                   String aclName,
                                   Permission permission,
                                   char sep)
                            throws SecurityException
Deprecated. 
Determines whether the specified Principal has the specified permission, according to Acls in the WebLogic realm. The Acl is determined by searching for Acls in the WebLogic realm whose names are prefixes of the argument "aclName," delimited by the character specified in the argument "sep." If no Acl is found, the permission check fails. Unless the configuration knob getLogAllUsageProp has been set to false, the exception is written to the server log.

Makes an entry in the security log and throws an exception on failure.

Parameters:
principal - Principal to be checked
aclName - ACL to be matched
permission - Permission object
sep - Character delimiter for ACL
Throws:
SecurityException - if the permission check fails

checkPermission

public static void checkPermission(String subsystem,
                                   Principal principal,
                                   String aclName,
                                   Permission permission,
                                   char sep)
                            throws SecurityException
Deprecated. 
Throws:
SecurityException

checkPermission

public static void checkPermission(String aclName,
                                   Permission permission,
                                   char sep)
                            throws SecurityException
Deprecated. 
Determines whether the current user has the specified permission, according to Acls in the WebLogic realm. The Acl is determined by searching for Acls in the WebLogic realm whose names are prefixes of the argument "aclName," delimited by the character specified in the argument "sep." If no Acl is found, the permission check fails. Unless the class variable getLogAllUsageProp has been set to false, the exception is written to the server log.

Makes an entry in the security log and throws an exception on failure.

Parameters:
aclName - ACL to be matched
permission - Permission object
sep - Character delimiter for ACL
Throws:
SecurityException - if the permission check fails

checkPermission

public static void checkPermission(String subsystem,
                                   String aclName,
                                   Permission permission,
                                   char sep)
                            throws SecurityException
Deprecated. 
Throws:
SecurityException

getUserInfo

public static UserInfo getUserInfo(String name,
                                   Object credential)
Deprecated. 
Gets the UserInfo for the specified username and credential.

Parameters:
name - Name of user
credential - Credential of user
Returns:
UserInfo object

getUser

public static User getUser(String name,
                           Object credential)
Deprecated. 
Gets the User for the specified username and credential.

Parameters:
name - Name of user
credential - Credential of user
Returns:
User object

logAndThrow

public static void logAndThrow(String msg)
                        throws SecurityException
Deprecated. 
Makes an entry in the security log and throws an exception.

Parameters:
msg - Security-related msg to add to the exception
Throws:
SecurityException - if the log cannot be accessed

init

public static void init(BasicRealm aRealm)
Deprecated. 
Initializes the specified BasicRealm.

Parameters:
aRealm - Realm to be initialized

doAsPrivileged

public static Object doAsPrivileged(UserInfo newUser,
                                    PrivilegedAction action)
Deprecated. 
Set a new user to the thread for the running of the input action. User will be popped back off the stack and identity of original caller reinstated at the end of the run.

Parameters:
newUser - UserInfo of the user to be set to the thread
action - runnable action to take on behalf of the user
Returns:
Object object returned by the action's run method

doAsPrivileged

public static Object doAsPrivileged(UserInfo newUser,
                                    PrivilegedExceptionAction action)
                             throws Exception
Deprecated. 
Set a new user to the thread for running of the input action. User will be popped back off the stack and identity of original caller will be reinstated at the end of the run.

Parameters:
newUser - UserInfo of the user to be set to the thread
action - runnable action to execute on behalf of the user
Returns:
Object returned by the action's run method
Throws:
Exception
SecurityException - if unable to authenticate the new User

getUserLockoutTotalCount

public static long getUserLockoutTotalCount()
Deprecated. 
Returns the cumulative number of user lockouts done on this server


getInvalidLoginAttemptsTotalCount

public static long getInvalidLoginAttemptsTotalCount()
Deprecated. 
Returns the cumulative number of invalid logins attempted on this server


getLoginAttemptsWhileLockedTotalCount

public static long getLoginAttemptsWhileLockedTotalCount()
Deprecated. 
Returns the cumulative number of invalid logins attempted on this server attempted while the user was locked


getInvalidLoginUsersHighCount

public static long getInvalidLoginUsersHighCount()
Deprecated. 
Gets the highwater number of users with outstanding invalid login attempts for this server


getUnlockedUsersTotalCount

public static long getUnlockedUsersTotalCount()
Deprecated. 
Returns the number times we have unlocked a user on this server


getLockedUsersCurrentCount

public static long getLockedUsersCurrentCount()
Deprecated. 
Returnss the number of currently locked users on this server


getPasswordGuessing

public static PasswordGuessing getPasswordGuessing()
Deprecated. 
Return the PasswordGuessing object used to protect against Dictionary attacks.


receiveSecurityMessage

public static void receiveSecurityMessage(weblogic.rmi.spi.HostID sender,
                                          SecurityMessage sm)
Deprecated. 
Processes a SecurityLoginState message from a remote server. Called when a LoginState GroupMessage arrives.


Copyright 1996, 2015, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners.

Oracle Fusion Middleware
Oracle WebLogic Server API Reference
11g Release 1 (10.3.6)

Part Number E13941-07