Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
Oracle Fusion Middleware
Java API Reference for Oracle WebLogic Server
12c (12.1.2)

Part Number E27170-02
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

weblogic.management.security.authentication
Interface UserPasswordEditorMBean

All Superinterfaces:
DescriptorBean, SettableBean, StandardInterface
All Known Subinterfaces:
ActiveDirectoryAuthenticatorMBean, DefaultAuthenticatorMBean, IPlanetAuthenticatorMBean, LDAPAuthenticatorMBean, NovellAuthenticatorMBean, OpenLDAPAuthenticatorMBean, OracleInternetDirectoryAuthenticatorMBean, OracleVirtualDirectoryAuthenticatorMBean, SQLAuthenticatorMBean, UserEditorMBean
public interface UserPasswordEditorMBean
extends StandardInterface, DescriptorBean

Provides two methods for changing a user's password. An Authentication provider MBean can optionally implement this MBean. The WebLogic Server Administration Console detects when an Authentication provider implements this MBean and automatically provides a tab for using these methods.

CSS v4 introduced a new Password Validaton Service to check password against a set of rules when doing changing password operations with authentication provider MBeans such as createUser, changeUserPassword and resetUserPassword. The rules can be specified through configuring Password Validation Provider into the security realm, for further information, see weblogic.management.security.RealmMBean.

All OOTB authentication providers in CSS will automatically call the Password Validation Service if their MBeans inherit UserPasswordEditorMBean interface. The service is also available for all those customized authentication providers whose MBeans inherit UserPasswordEditorMBean, to introduce the Password Validation Service into a customized authentication proivder, the following approach must be met:

1. In the initialize method of a customized provider implementation, must retrieve the Password Validation Service and register the service into a helper class such as weblogic.security.provider.authentication.AuthenticationSecurityHelper, the code might like as below: 

 import com.bea.common.security.service.PasswordValidationService;
 import com.bea.common.security.legacy.ExtendedSecurityServices;
 import com.bea.common.security.internal.legacy.helper.PasswordValidationServiceConfigHelper;
 import weblogic.security.provider.authentication.AuthenticationSecurityHelper;
 ......
 ExtendedSecurityServices extendedSecurityServices = (ExtendedSecurityServices)securityServices;
 PasswordValidationService serivce = (PasswordValidationService)extendedSecurityServices.getServices().
                                           getService(PasswordValidationServiceConfigHelper.getServiceName(providerMBean.getRealm()));
 AuthenticationSecurityHelper.getInstance(providerMBean).registerPasswordValidationService(service);
 ......

2. In the createUser, changeUserPassword and(or) resetUserPassword methods of a customized authentication provider MBean, call the helper class to validate the new password to determine if the new password is valid. The code might be:

 import weblogic.security.provider.authentication.AuthenticationSecurityHelper;
 .....
 AuthenticationSecurityHelper.getInstance(providerMBean).validatePassword(userName,password);
 .....

Method Summary
 void changeUserPassword(String userName, String oldPassword, String newPassword)
          Used by a user to change his or her password.
 void resetUserPassword(String userName, String newPassword)
          Used by an administrator to change a user's password.
 
Methods inherited from interface weblogic.management.commo.StandardInterface
getName
 
Methods inherited from interface weblogic.descriptor.DescriptorBean
addPropertyChangeListener, createChildCopyIncludingObsolete, getParentBean, isEditable, removePropertyChangeListener
 
Methods inherited from interface weblogic.descriptor.SettableBean
isSet, unSet
 

Method Detail

changeUserPassword

void changeUserPassword(String userName,
                        String oldPassword,
                        String newPassword)
                        throws NotFoundException,
                               InvalidParameterException
Used by a user to change his or her password.

Parameters:
userName - - The name of an existing user.
oldPassword - - The current password for the user.
newPassword - - The new password for the user. The Authentication provider determines the syntax requirements for passwords.
Throws:
NotFoundException
InvalidParameterException

resetUserPassword

void resetUserPassword(String userName,
                       String newPassword)
                       throws NotFoundException,
                              InvalidParameterException
Used by an administrator to change a user's password.

Parameters:
userName - - The name of an existing user.
newPassword - - The new password for the user. The Authentication provider determines the syntax requirements for passwords.
Throws:
NotFoundException
InvalidParameterException
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
Copyright 1996, 2013, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners.

Oracle Fusion Middleware
Java API Reference for Oracle WebLogic Server
12c (12.1.2)

Part Number E27170-02
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD