Skip navigation links

Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
Oracle Fusion Middleware
Java API Reference for Oracle WebLogic Server
12c (12.2.1)

Part Number E55141-01
P4 Change 1723563 on 2015/10/09
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

weblogic.management.configuration
Interface FederationServicesMBean

All Superinterfaces:
ConfigurationMBean, DescriptorBean, DynamicMBean, MBeanRegistration, NotificationBroadcaster, SettableBean, WebLogicMBean
public interface FederationServicesMBean
extends ConfigurationMBean

This MBean represents configuration for SAML 1.1-based Federation Services, including the intersite transfer service, assertion consumer service, and assertion retrieval service.

Since:
9.1.0.0

Field Summary

 

Fields inherited from interface weblogic.management.configuration.ConfigurationMBean
DEFAULT_EMPTY_BYTE_ARRAY

 

Method Summary
abstract  String[] getAssertionConsumerURIs()
          The Assertion Consumer URIs.
abstract  String[] getAssertionRetrievalURIs()
          One or more URIs on which to listen for incoming assertion retrieval requests.
abstract  String getAssertionStoreClassName()
          The class that provides persistent storage for assertions, if you use an Assertion Store class other than the default class.
abstract  Properties getAssertionStoreProperties()
          Properties passed to Assertion Store class initStore() method.
abstract  String[] getIntersiteTransferURIs()
          The Intersite Transfer URIs.
abstract  String getSigningKeyAlias()
          The alias used to store and retrieve the Source Site's signing key in the keystore.
abstract  String getSigningKeyPassPhrase()
          The passphrase used to retrieve the Source Site's signing key from the keystore.
abstract  byte[] getSigningKeyPassPhraseEncrypted()
          The encrypted passphrase used to retrieve the Source Site's signing key from the keystore.
abstract  String getSourceIdBase64()
          The Source Site ID base64-encoded.
abstract  String getSourceIdHex()
          The Source Site ID in hexadecimal.
abstract  String getSourceSiteURL()
          The URL for the Source Site.
abstract  String getSSLClientIdentityAlias()
          The alias used to store and retrieve the Destination Site's SSL client identity in the keystore.
abstract  String getSSLClientIdentityPassPhrase()
          The passphrase used to retrieve the Destination Site's SSL client identity from the keystore.
abstract  byte[] getSSLClientIdentityPassPhraseEncrypted()
          The encrypted passphrase used to retrieve the Destination Site's SSL client identity from the keystore.
abstract  String getUsedAssertionCacheClassName()
          The class used as the persistent store for the Used Assertion Cache.
abstract  Properties getUsedAssertionCacheProperties()
          Properties to be passed to the Used Assertion Cache class.
abstract  boolean isACSRequiresSSL()
          Specifies whether the Assertion Consumer Service requires SSL.
abstract  boolean isARSRequiresSSL()
          Specifies whether the Assertion Retrieval Service requires SSL.
abstract  boolean isARSRequiresTwoWaySSL()
          Specifies whether the Assertion Retrieval Service requires two-way SSL authentication.
abstract  boolean isDestinationSiteEnabled()
          Specifies whether the Destination Site is enabled.
abstract  boolean isITSRequiresSSL()
          Specifies whether the Intersite Transfer Service requires SSL.
abstract  boolean isPOSTOneUseCheckEnabled()
          Specifies whether the POST one-use check is enabled.
abstract  boolean isPOSTRecipientCheckEnabled()
          Specifies whether the POST recipient check is enabled.
abstract  boolean isSourceSiteEnabled()
          Indicates whether the Source Site is enabled.
abstract  void setACSRequiresSSL(boolean acsRequiresSSL)
          Set the ACS requires SSL value.
abstract  void setARSRequiresSSL(boolean arsRequiresSSL)
          Set the ARS requires SSL value.
abstract  void setARSRequiresTwoWaySSL(boolean arsRequiresTwoWaySSL)
          Set the ARS requires two-way SSL authentication value.
abstract  void setAssertionConsumerURIs(String[] assertionConsumerURIs)
          Set the Assertion Consumer URIs.
abstract  void setAssertionRetrievalURIs(String[] assertionRetrievalURIs)
          Set the Assertion Retrieval URIs.
abstract  void setAssertionStoreClassName(String assertionStoreClassName)
          Set the (non-default) Assertion Store class name.
abstract  void setAssertionStoreProperties(Properties assertionStoreProperties)
          Set the Assertion Store properties.
abstract  void setDestinationSiteEnabled(boolean destinationSiteEnabled)
          Set the Destination Site enabled value.
abstract  void setIntersiteTransferURIs(String[] intersiteTransferURIs)
          Set the Intersite Transfer URIs.
abstract  void setITSRequiresSSL(boolean itsRequiresSSL)
          Set the ITS requires SSL value.
abstract  void setPOSTOneUseCheckEnabled(boolean postOneUseCheckEnabled)
          Set the POST one-use check enabled value.
abstract  void setPOSTRecipientCheckEnabled(boolean postRecipientCheckEnabled)
          Set the POST recipient check enabled value.
abstract  void setSigningKeyAlias(String signingKeyAlias)
          Sets the value of the SigningKeyAlias attribute.
abstract  void setSigningKeyPassPhrase(String signingKeyPassPhrase)
          Sets the value of the SigningKeyPassPhrase attribute.
abstract  void setSigningKeyPassPhraseEncrypted(byte[] signingKeyPassPhraseEncrypted)
          Sets the value of the SigningKeyPassPhraseEncrypted attribute.
abstract  void setSourceSiteEnabled(boolean sourceSiteEnabled)
          Set the Source Site enabled value.
abstract  void setSourceSiteURL(String sourceSiteURL)
          Set the Source Site URL.
abstract  void setSSLClientIdentityAlias(String sslClientIdentityAlias)
          Sets the value of the SSLClientIdentityAlias attribute.
abstract  void setSSLClientIdentityPassPhrase(String sslClientIdentityPassPhrase)
          Sets the value of the SSLClientIdentityPassPhrase attribute.
abstract  void setSSLClientIdentityPassPhraseEncrypted(byte[] sslClientIdentityPassPhraseEncrypted)
          Sets the value of the SSLClientIdentityPassPhraseEncrypted attribute.
abstract  void setUsedAssertionCacheClassName(String usedAssertionCacheClassName)
          Set the (non-default) Used Assertion Cache class name.
abstract  void setUsedAssertionCacheProperties(Properties usedAssertionCacheProperties)
          Set the Used Assertion Cache properties.

 

Methods inherited from interface weblogic.management.configuration.ConfigurationMBean
freezeCurrentValue, getId, getInheritedProperties, getName, getNotes, isDynamicallyCreated, isInherited, isSet, restoreDefaultValue, setComments, setDefaultedMBean, setName, setNotes, setPersistenceEnabled, unSet

 

Methods inherited from interface weblogic.management.WebLogicMBean
getMBeanInfo, getObjectName, getParent, getType, isCachingDisabled, isRegistered, setParent

 

Methods inherited from interface javax.management.DynamicMBean
getAttribute, getAttributes, invoke, setAttribute, setAttributes

 

Methods inherited from interface javax.management.MBeanRegistration
postDeregister, postRegister, preDeregister, preRegister

 

Methods inherited from interface javax.management.NotificationBroadcaster
addNotificationListener, getNotificationInfo, removeNotificationListener

 

Methods inherited from interface weblogic.descriptor.DescriptorBean
addPropertyChangeListener, createChildCopyIncludingObsolete, getParentBean, isEditable, removePropertyChangeListener

 

Method Detail

isSourceSiteEnabled

boolean isSourceSiteEnabled()

Indicates whether the Source Site is enabled.

Returns:
This Source Site enabled value.

setSourceSiteEnabled

void setSourceSiteEnabled(boolean sourceSiteEnabled)
                          throws InvalidAttributeValueException

Set the Source Site enabled value.

Parameters:
sourceSiteEnabled - The Source Site enabled setting.
Throws:
InvalidAttributeValueException

getSourceSiteURL

String getSourceSiteURL()

The URL for the Source Site.

Returns:
The Source Site URL.

setSourceSiteURL

void setSourceSiteURL(String sourceSiteURL)
                      throws InvalidAttributeValueException

Set the Source Site URL.

Parameters:
sourceSiteURL - The Source Site URL to set.
Throws:
InvalidAttributeValueException

getSourceIdHex

String getSourceIdHex()

The Source Site ID in hexadecimal.

This read-only value is a hexadecimal representation of a 20-byte binary value that is calculated from the SourceSiteURL. If you want to configure ARTIFACT profile with another site, you will need to give a SourceId value to the other site. This value is automatically updated when the SourceSiteURL changes.

Returns:
The Source Site ID.

getSourceIdBase64

String getSourceIdBase64()

The Source Site ID base64-encoded.

This read-only value is a Base64 representation of a 20-byte binary value that is calculated from the SourceSiteURL. If you want to configure ARTIFACT profile with another site, you will need to give a SourceId value to the other site. This value is automatically updated when the SourceSiteURL changes.

Returns:
The Source Site ID.

getIntersiteTransferURIs

String[] getIntersiteTransferURIs()

The Intersite Transfer URIs.

Returns:
The Intersite Transfer URIs.

setIntersiteTransferURIs

void setIntersiteTransferURIs(String[] intersiteTransferURIs)
                              throws InvalidAttributeValueException

Set the Intersite Transfer URIs.

Parameters:
intersiteTransferURIs - The Intersite Transfer URIs to set.
Throws:
InvalidAttributeValueException

isITSRequiresSSL

boolean isITSRequiresSSL()

Specifies whether the Intersite Transfer Service requires SSL.

Returns:
The ITS requires SSL value.

setITSRequiresSSL

void setITSRequiresSSL(boolean itsRequiresSSL)
                       throws InvalidAttributeValueException

Set the ITS requires SSL value.

Parameters:
itsRequiresSSL - The ITS requires SSL value to set.
Throws:
InvalidAttributeValueException

getAssertionRetrievalURIs

String[] getAssertionRetrievalURIs()

One or more URIs on which to listen for incoming assertion retrieval requests.

For artifact profile, the destination site receives a SAML artifact that represents a source site (why we need the source site ID values) and an assertion ID. The destination site sends a request containing the artifact to the source site's assertion retrieval URL, and the source site responds with the corresponding assertion. You may configure multiple URIs here, although typically one will be sufficient. The URI includes the application context, followed by the resource context. For example:

/my_application/saml/ars

which would be accessible from the outside as https://my.example.com/my_application/saml/ars

Returns:
The Assertion Retrieval URIs.

setAssertionRetrievalURIs

void setAssertionRetrievalURIs(String[] assertionRetrievalURIs)
                               throws InvalidAttributeValueException

Set the Assertion Retrieval URIs.

Parameters:
assertionRetrievalURIs - The Assertion Retrieval URIs to set.
Throws:
InvalidAttributeValueException

isARSRequiresSSL

boolean isARSRequiresSSL()

Specifies whether the Assertion Retrieval Service requires SSL.

Returns:
The ARS requires SSL value.

setARSRequiresSSL

void setARSRequiresSSL(boolean arsRequiresSSL)
                       throws InvalidAttributeValueException

Set the ARS requires SSL value.

Parameters:
arsRequiresSSL - The ARS requires SSL value to set.
Throws:
InvalidAttributeValueException

isARSRequiresTwoWaySSL

boolean isARSRequiresTwoWaySSL()

Specifies whether the Assertion Retrieval Service requires two-way SSL authentication.

Returns:
The ARS requires two-way SSL authentication value.

setARSRequiresTwoWaySSL

void setARSRequiresTwoWaySSL(boolean arsRequiresTwoWaySSL)
                             throws InvalidAttributeValueException

Set the ARS requires two-way SSL authentication value.

Parameters:
arsRequiresTwoWaySSL - The ARS requires two-way SSL authentication value to set.
Throws:
InvalidAttributeValueException

getAssertionStoreClassName

String getAssertionStoreClassName()

The class that provides persistent storage for assertions, if you use an Assertion Store class other than the default class.

Returns:
The Assertion Store class name.

setAssertionStoreClassName

void setAssertionStoreClassName(String assertionStoreClassName)
                                throws InvalidAttributeValueException

Set the (non-default) Assertion Store class name.

Parameters:
assertionStoreClassName - The Assertion Store class name to set.
Throws:
InvalidAttributeValueException

getAssertionStoreProperties

Properties getAssertionStoreProperties()

Properties passed to Assertion Store class initStore() method.

This may be useful if you have implemented a custom Assertion Store class.

Returns:
The Assertion Store properties.

setAssertionStoreProperties

void setAssertionStoreProperties(Properties assertionStoreProperties)
                                 throws InvalidAttributeValueException

Set the Assertion Store properties.

Parameters:
assertionStoreProperties - The Assertion Store properties to set.
Throws:
InvalidAttributeValueException

getSigningKeyAlias

String getSigningKeyAlias()

The alias used to store and retrieve the Source Site's signing key in the keystore. This key is used to sign POST profile responses.

Returns:
The signingKeyAlias.

setSigningKeyAlias

void setSigningKeyAlias(String signingKeyAlias)
                        throws InvalidAttributeValueException

Sets the value of the SigningKeyAlias attribute.

Parameters:
signingKeyAlias - The signingKeyAlias to set.
Throws:
InvalidAttributeValueException

getSigningKeyPassPhrase

String getSigningKeyPassPhrase()

The passphrase used to retrieve the Source Site's signing key from the keystore.

Returns:
The signingKeyPassPhrase.

setSigningKeyPassPhrase

void setSigningKeyPassPhrase(String signingKeyPassPhrase)
                             throws InvalidAttributeValueException

Sets the value of the SigningKeyPassPhrase attribute.

When you get the value of this attribute, WebLogic Server does the following:

  1. Retrieves the value of the SigningKeyPassPhraseEncrypted attribute.
  2. Decrypts the value and returns the unencrypted passphrase as a String.

When you set the value of this attribute, WebLogic Server does the following:

  1. Encrypts the value.
  2. Sets the value of the SigningKeyPassPhraseEncrypted attribute to the encrypted value.

Using this attribute (SigningKeyPassPhrase) is a potential security risk because the String object (which contains the unencrypted passphrase) remains in the JVM's memory until garbage collection removes it and the memory is reallocated. Depending on how memory is allocated in the JVM, a significant amount of time could pass before this unencrypted data is removed from memory.

Instead of using this attribute, use getSigningKeyPassPhraseEncrypted.

Parameters:
signingKeyPassPhrase - The signingKeyPassPhrase to set.
Throws:
InvalidAttributeValueException

getSigningKeyPassPhraseEncrypted

byte[] getSigningKeyPassPhraseEncrypted()

The encrypted passphrase used to retrieve the Source Site's signing key from the keystore.

To set this attribute, use weblogic.management.EncryptionHelper.encrypt() to encrypt the value. Then set this attribute to the output of the encrypt() method.

To compare a password that a user enters with the encrypted value of this attribute, go to the same WebLogic Server instance that you used to set and encrypt this attribute and use weblogic.management.EncryptionHelper.encrypt() to encrypt the user-supplied password. Then compare the encrypted values.

Returns:
The encrypted signingKeyPassPhrase.

setSigningKeyPassPhraseEncrypted

void setSigningKeyPassPhraseEncrypted(byte[] signingKeyPassPhraseEncrypted)
                                      throws InvalidAttributeValueException

Sets the value of the SigningKeyPassPhraseEncrypted attribute.

Parameters:
signingKeyPassPhraseEncrypted - The signingKeyPassPhraseEncrypted value to set.
Throws:
InvalidAttributeValueException

isDestinationSiteEnabled

boolean isDestinationSiteEnabled()

Specifies whether the Destination Site is enabled.

setDestinationSiteEnabled

void setDestinationSiteEnabled(boolean destinationSiteEnabled)
                               throws InvalidAttributeValueException

Set the Destination Site enabled value.

Parameters:
destinationSiteEnabled - The Destination Site enabled setting.
Throws:
InvalidAttributeValueException

getAssertionConsumerURIs

String[] getAssertionConsumerURIs()

The Assertion Consumer URIs.

Returns:
The Assertion Consumer URIs.

setAssertionConsumerURIs

void setAssertionConsumerURIs(String[] assertionConsumerURIs)
                              throws InvalidAttributeValueException

Set the Assertion Consumer URIs.

Parameters:
assertionConsumerURIs - The ASsertion Consumer URIs to set.
Throws:
InvalidAttributeValueException

isACSRequiresSSL

boolean isACSRequiresSSL()

Specifies whether the Assertion Consumer Service requires SSL.

Returns:
The ACS requires SSL value.

setACSRequiresSSL

void setACSRequiresSSL(boolean acsRequiresSSL)
                       throws InvalidAttributeValueException

Set the ACS requires SSL value.

Parameters:
acsRequiresSSL - The ACS requires SSL value to set.
Throws:
InvalidAttributeValueException

isPOSTRecipientCheckEnabled

boolean isPOSTRecipientCheckEnabled()

Specifies whether the POST recipient check is enabled. When true, the recipient of the SAML Response must match the URL in the HTTP Request.

Returns:
The POST recipient check enabled value.

setPOSTRecipientCheckEnabled

void setPOSTRecipientCheckEnabled(boolean postRecipientCheckEnabled)
                                  throws InvalidAttributeValueException

Set the POST recipient check enabled value.

Parameters:
postRecipientCheckEnabled - The POST recipient check enabled value to set.
Throws:
InvalidAttributeValueException

isPOSTOneUseCheckEnabled

boolean isPOSTOneUseCheckEnabled()

Specifies whether the POST one-use check is enabled.

Returns:
The POST one-use check enabled value.

setPOSTOneUseCheckEnabled

void setPOSTOneUseCheckEnabled(boolean postOneUseCheckEnabled)
                               throws InvalidAttributeValueException

Set the POST one-use check enabled value.

Parameters:
postOneUseCheckEnabled - The POST one-use check enabled value to set.
Throws:
InvalidAttributeValueException

getUsedAssertionCacheClassName

String getUsedAssertionCacheClassName()

The class used as the persistent store for the Used Assertion Cache. When no class is specified, the default Used Assertion Cache implementation is used.

Returns:
The Used Assertion Cache class name.

setUsedAssertionCacheClassName

void setUsedAssertionCacheClassName(String usedAssertionCacheClassName)
                                    throws InvalidAttributeValueException

Set the (non-default) Used Assertion Cache class name.

Parameters:
usedAssertionCacheClassName - The Used Assertion Cache class name to set.
Throws:
InvalidAttributeValueException

getUsedAssertionCacheProperties

Properties getUsedAssertionCacheProperties()

Properties to be passed to the Used Assertion Cache class.

Returns:
The Used Assertion Cache properties.

setUsedAssertionCacheProperties

void setUsedAssertionCacheProperties(Properties usedAssertionCacheProperties)
                                     throws InvalidAttributeValueException

Set the Used Assertion Cache properties.

Parameters:
usedAssertionCacheProperties - The Used Assertion Cache properties to set.
Throws:
InvalidAttributeValueException

getSSLClientIdentityAlias

String getSSLClientIdentityAlias()

The alias used to store and retrieve the Destination Site's SSL client identity in the keystore.

Returns:
The sslClientIdentityAlias.

setSSLClientIdentityAlias

void setSSLClientIdentityAlias(String sslClientIdentityAlias)
                               throws InvalidAttributeValueException

Sets the value of the SSLClientIdentityAlias attribute.

Parameters:
sslClientIdentityAlias - The sslClientIdentityAlias to set.
Throws:
InvalidAttributeValueException

getSSLClientIdentityPassPhrase

String getSSLClientIdentityPassPhrase()

The passphrase used to retrieve the Destination Site's SSL client identity from the keystore.

Returns:
The sslClientIdentityPassPhrase.

setSSLClientIdentityPassPhrase

void setSSLClientIdentityPassPhrase(String sslClientIdentityPassPhrase)
                                    throws InvalidAttributeValueException

Sets the value of the SSLClientIdentityPassPhrase attribute.

When you get the value of this attribute, WebLogic Server does the following:

  1. Retrieves the value of the SSLClientIdentityPassPhraseEncrypted attribute.
  2. Decrypts the value and returns the unencrypted passphrase as a String.

When you set the value of this attribute, WebLogic Server does the following:

  1. Encrypts the value.
  2. Sets the value of the SSLClientIdentityPassPhraseEncrypted attribute to the encrypted value.

Using this attribute (SSLClientIdentityPassPhrase) is a potential security risk because the String object (which contains the unencrypted passphrase) remains in the JVM's memory until garbage collection removes it and the memory is reallocated. Depending on how memory is allocated in the JVM, a significant amount of time could pass before this unencrypted data is removed from memory.

Instead of using this attribute, use getSSLClientIdentityPassPhraseEncrypted.

Parameters:
sslClientIdentityPassPhrase - The sslClientIdentityPassPhrase to set.
Throws:
InvalidAttributeValueException

getSSLClientIdentityPassPhraseEncrypted

byte[] getSSLClientIdentityPassPhraseEncrypted()

The encrypted passphrase used to retrieve the Destination Site's SSL client identity from the keystore.

To set this attribute, use weblogic.management.EncryptionHelper.encrypt() to encrypt the value. Then set this attribute to the output of the encrypt() method.

To compare a password that a user enters with the encrypted value of this attribute, go to the same WebLogic Server instance that you used to set and encrypt this attribute and use weblogic.management.EncryptionHelper.encrypt() to encrypt the user-supplied password. Then compare the encrypted values.

Returns:
The encrypted sslClientIdentityPassPhrase.

setSSLClientIdentityPassPhraseEncrypted

void setSSLClientIdentityPassPhraseEncrypted(byte[] sslClientIdentityPassPhraseEncrypted)
                                             throws InvalidAttributeValueException

Sets the value of the SSLClientIdentityPassPhraseEncrypted attribute.

Parameters:
sslClientIdentityPassPhraseEncrypted - The sslClientIdentityPassPhraseEncrypted value to set.
Throws:
InvalidAttributeValueException

Skip navigation links

Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
Copyright 1996, 2015, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners.

Oracle Fusion Middleware
Java API Reference for Oracle WebLogic Server
12c (12.2.1)

Part Number E55141-01
P4 Change 1723563 on 2015/10/09
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD