Skip navigation links

weblogic.management.security
Interface RealmMBean

All Superinterfaces:

DescriptorBean, SettableBean, StandardInterface

public interface RealmMBean

extends StandardInterface, DescriptorBean

The MBean that represents configuration attributes for the security realm.

A security realm contains a set of security configuration settings, including the list of security providers to use (for example, for authentication and authorization).

Code using security can either use the default security realm for the domain or refer to a particular security realm by name (by using the JMX display name of the security realm).

One security realm in the WebLogic domain must have the DefaultRealm attribute set to true. The security realm with the DefaultRealm attribute set to true is used as the default security realm for the WebLogic domain. Note that other available security realms must have the DefaultRealm attribute set to false.

When WebLogic Server boots, it locates and uses the default security realm. The security realm is considered active since it is used when WebLogic Server runs. Any security realm that is not used when WebLogic Server runs is considered inactive. All active security realms must be configured before WebLogic Server is boots.

Since security providers are scoped by realm, the Realm attribute on a security provider must be set to the realm that uses the provider.

Method Summary

abstract AdjudicatorMBean	createAdjudicator(String type) Creates an Adjudication provider in this security realm and removes this security realm's previous Adjudication provider.
abstract AdjudicatorMBean	createAdjudicator(String name, String type) Creates an Adjudication provider in this security realm and removes this security realm's previous Adjudication provider.
abstract AuditorMBean	createAuditor(String type) Creates an Auditing provider in this security realm.
abstract AuditorMBean	createAuditor(String name, String type) Creates an Auditing provider in this security realm.
abstract AuthenticationProviderMBean	createAuthenticationProvider(String type) Creates an Authentication provider in this security realm.
abstract AuthenticationProviderMBean	createAuthenticationProvider(String name, String type) Creates an Authentication provider in this security realm.
abstract AuthorizerMBean	createAuthorizer(String type) Creates an Authorization provider in this security realm.
abstract AuthorizerMBean	createAuthorizer(String name, String type) Creates an Authorization provider in this security realm.
abstract CertPathProviderMBean	createCertPathProvider(String type) Creates a Certification Path provider in this security realm.
abstract CertPathProviderMBean	createCertPathProvider(String name, String type) Creates a Certification Path provider in this security realm.
abstract CredentialMapperMBean	createCredentialMapper(String type) Creates a Credential Mapping provider in this security realm.
abstract CredentialMapperMBean	createCredentialMapper(String name, String type) Creates a Credential Mapping provider in this security realm.
abstract PasswordValidatorMBean	createPasswordValidator(String type) Creates a Password Validator provider in this security realm.
abstract PasswordValidatorMBean	createPasswordValidator(String name, String type) Creates a Password Validator provider in this security realm.
abstract RDBMSSecurityStoreMBean	createRDBMSSecurityStore() Creates configuration for the RDBMS security store.
abstract RDBMSSecurityStoreMBean	createRDBMSSecurityStore(String name) Creates configuration for the RDBMS security store with the specified name.
abstract RoleMapperMBean	createRoleMapper(String type) Creates a Role Mapping provider in this security realm.
abstract RoleMapperMBean	createRoleMapper(String name, String type) Creates a Role Mapping provider in this security realm.
abstract void	destroyAdjudicator() Removes the configuration this security realm's Adjudication provider (if there is one).
abstract void	destroyAuditor(AuditorMBean auditor) Removes the configuration for an Auditing provider in this security realm.
abstract void	destroyAuthenticationProvider(AuthenticationProviderMBean authenticationProvider) Removes the configuration for an Authentication provider in this security realm.
abstract void	destroyAuthorizer(AuthorizerMBean authorizer) Removes the configuration for an Authorization provider in this security realm.
abstract void	destroyCertPathProvider(CertPathProviderMBean certPathProvider) Removes the configuration for a Certification Path provider in this security realm.
abstract void	destroyCredentialMapper(CredentialMapperMBean credentialMapper) Removes the configuration for a Credential Mapping provider in this security realm.
abstract void	destroyPasswordValidator(PasswordValidatorMBean provider) Removes the configuration for a Password Validator provider in this security realm.
abstract void	destroyRDBMSSecurityStore() Destroys and removes the existing RDBMS security store which is a child of this realm.
abstract void	destroyRoleMapper(RoleMapperMBean roleMapper) Removes the configuration for a Role Mapping provider in this security realm.
abstract AdjudicatorMBean	getAdjudicator() Returns the Adjudication provider for this security realm.
abstract String[]	getAdjudicatorTypes() Returns the types of Adjudication providers that may be created in this security realm, for example, weblogic.security.providers.authorization.DefaultAdjudicator.
abstract AuditorMBean[]	getAuditors() Returns the Auditing providers for this security realm (in invocation order).
abstract String[]	getAuditorTypes() Returns the types of Auditing providers that may be created in this security realm, for example, weblogic.security.providers.audit.DefaultAuditor.
abstract AuthenticationProviderMBean[]	getAuthenticationProviders() Returns the Authentication providers for this security realm (in invocation order).
abstract String[]	getAuthenticationProviderTypes() Returns the types of Authentication providers that may be created in this security realm, for example, weblogic.security.providers.authentication.DefaultAuthenticator.
abstract String	getAuthMethods() Returns a comma separated string of authentication methods that should be used when the Web application specifies "REALM" as its auth-method.
abstract AuthorizerMBean[]	getAuthorizers() Returns the Authorization providers for this security realm (in invocation order).
abstract String[]	getAuthorizerTypes() Returns the types of Authorization providers that may be created in this security realm, for example, weblogic.security.providers.authorization.DefaultAuthorizer.
abstract CertPathBuilderMBean	getCertPathBuilder() Returns the CertPath Builder provider in this security realm that will be used by the security system to build certification paths.
abstract CertPathProviderMBean[]	getCertPathProviders() Returns the Certification Path providers for this security realm (in invocation order).
abstract String[]	getCertPathProviderTypes() Returns the types of Certification Path providers that may be created in this security realm, for example, weblogic.security.providers.pk.WebLogicCertPathProvider.
abstract CredentialMapperMBean[]	getCredentialMappers() Returns the Credential Mapping providers for this security realm (in invocation order).
abstract String[]	getCredentialMapperTypes() Returns the types of Credential Mapping providers that may be created in this security realm, for example, weblogic.security.providers.credentials.DefaultCredentialMapper.
abstract Integer	getDeployableProviderSynchronizationTimeout() Returns the timeout value, in milliseconds, for the deployable security provider synchronization operation.
abstract Integer	getMaxWebLogicPrincipalsInCache() Returns the maximum size of the LRU cache for holding WebLogic Principal signatures.
abstract String	getName() The name of this configuration.
abstract PasswordValidatorMBean[]	getPasswordValidators() Returns the Password Validator providers for this security realm (in invocation order).
abstract String[]	getPasswordValidatorTypes() Returns the types of Password Validator providers that may be created in this security realm, for example, com.bea.security.providers.authentication.passwordvalidator.SystemPasswordValidator.
abstract RDBMSSecurityStoreMBean	getRDBMSSecurityStore() Returns RDBMSSecurityStoreMBean for this realm, which is a singleton MBean describing RDBMS security store configuration.
abstract int	getRetireTimeoutSeconds() Specifies the retire timeout for a realm that is restarted.
abstract RoleMapperMBean[]	getRoleMappers() Returns the Role Mapping providers for this security realm (in invocation order).
abstract String[]	getRoleMapperTypes() Returns the types of Role Mapping providers that may be created in this security realm, for example, weblogic.security.providers.authorization.DefaultRoleMapper.
abstract String	getSecurityDDModel() Specifies the default security model for Web applications or EJBs that are secured by this security realm.
abstract UserLockoutManagerMBean	getUserLockoutManager() Returns the User Lockout Manager for this security realm.
abstract boolean	isAutoRestartOnNonDynamicChanges() Specifies whether the Realm will be auto-restarted if non-dynamic changes are made to the realm or providers within the realm.
abstract boolean	isCombinedRoleMappingEnabled() Determines how the role mappings in the Enterprise Application, Web application, and EJB containers interact.
abstract boolean	isDefaultRealm() Deprecated. 9.0.0.0 Replaced by SecurityConfigurationMBean.getDefaultRealm()
abstract boolean	isDelegateMBeanAuthorization() Configures the WebLogic Server MBean servers to use the security realm's Authorization providers to determine whether a JMX client has permission to access an MBean attribute or invoke an MBean operation.
abstract boolean	isDeployableProviderSynchronizationEnabled() Specifies whether synchronization for deployable Authorization and Role Mapping providers is enabled.
abstract boolean	isDeployCredentialMappingIgnored() Deprecated. 9.0.0.0
abstract boolean	isDeployPolicyIgnored() Deprecated. 9.0.0.0
abstract boolean	isDeployRoleIgnored() Deprecated. 9.0.0.0
abstract boolean	isEnableWebLogicPrincipalValidatorCache() Returns whether the WebLogic Principal Validator caching is enabled.
abstract boolean	isFullyDelegateAuthorization() Deprecated. 9.0.0.0
abstract boolean	isValidateDDSecurityData() Not used in this release.
abstract AuditorMBean	lookupAuditor(String name) Finds an Auditing provider in this security realm.
abstract AuthenticationProviderMBean	lookupAuthenticationProvider(String name) Finds an Authentication provider in this security realm.
abstract AuthorizerMBean	lookupAuthorizer(String name) Finds an Authorization provider in this security realm.
abstract CertPathProviderMBean	lookupCertPathProvider(String name) Finds a Certification Path provider in this security realm.
abstract CredentialMapperMBean	lookupCredentialMapper(String name) Finds a Credential Mapping provider in this security realm.
abstract PasswordValidatorMBean	lookupPasswordValidator(String name) Finds an Password Validator provider in this security realm.
abstract RoleMapperMBean	lookupRoleMapper(String name) Finds a Role Mapping provider in this security realm.
abstract void	setAuditors(AuditorMBean[] auditors) Changes the invocation order of this security realm's Auditing providers.
abstract void	setAuthenticationProviders(AuthenticationProviderMBean[] authenticationProviders) Changes the invocation order of this security realm's Authentication providers.
abstract void	setAuthMethods(String methods) Set the authentication methods that should be used when the Web application specifies "REALM" as its auth-method.
abstract void	setAuthorizers(AuthorizerMBean[] authorizers) Changes the invocation order of this security realm's Authorization providers.
abstract void	setAutoRestartOnNonDynamicChanges(boolean autorestart) Sets the value of the AutoRestartOnNonDynamicChanges attribute.
abstract void	setCertPathBuilder(CertPathBuilderMBean certPathBuilder) Determines which of this security realm's CertPathProviders will be used by the security system to build certification paths.
abstract void	setCertPathProviders(CertPathProviderMBean[] certPathProviders) Changes the invocation order of this security realm's Certification Path providers.
abstract void	setCombinedRoleMappingEnabled(boolean combined) Sets whether application role mappings are combined by the J2EE containers.
abstract void	setCredentialMappers(CredentialMapperMBean[] credentialMappers) Changes the invocation order of this security realm's Credential Mapping providers.
abstract void	setDefaultRealm(boolean isDefault) Deprecated. 9.0.0.0 Replaced by SecurityConfigurationMBean.setDefaultRealm(weblogic.management.security.RealmMBean)
abstract void	setDelegateMBeanAuthorization(boolean deleteMBeanAuthorization) Sets the value of the DelegateMBeanAuthorization attribute.
abstract void	setDeployableProviderSynchronizationEnabled(boolean enabled) Specifies whether synchronization for deployable Authorization and Role Mapping providers is enabled.
abstract void	setDeployableProviderSynchronizationTimeout(Integer timeout) Specifies the timeout value, in milliseconds, for the deployable security provider synchronization operation.
abstract void	setDeployCredentialMappingIgnored(boolean ignored) Deprecated. 9.0.0.0
abstract void	setDeployPolicyIgnored(boolean ignored) Deprecated. 9.0.0.0
abstract void	setDeployRoleIgnored(boolean ignored) Deprecated. 9.0.0.0
abstract void	setEnableWebLogicPrincipalValidatorCache(boolean enabled) Sets whether the WebLogic Principal Validator caching is enabled.
abstract void	setFullyDelegateAuthorization(boolean fullyDelegate) Deprecated. 9.0.0.0
abstract void	setMaxWebLogicPrincipalsInCache(Integer size) Sets the maximum size of the LRU cache for holding WebLogic Principal signatures.
abstract void	setPasswordValidators(PasswordValidatorMBean[] passwordvalidators) Sets the Password Validator providers for this security realm (in invocation order).
abstract void	setRetireTimeoutSeconds(int timeout) Sets the value of the RetireTimeoutSeconds attribute.
abstract void	setRoleMappers(RoleMapperMBean[] roleMappers) Changes the invocation order of this security realm's Role Mapping providers.
abstract void	setSecurityDDModel(String model) Sets the default security deployment model for applications deployed in this security realm.
abstract void	setValidateDDSecurityData(boolean validate) Sets whether security data in the deployment descriptor is validated.
abstract void	validate() Deprecated. 9.0.0.0 This method is no longer required since activating a configuration transaction does this check automatically on the default realm, and will not allow the configuration to be saved if the domain does not have a valid default realm configured.

Methods inherited from interface weblogic.descriptor.DescriptorBean

addPropertyChangeListener, createChildCopyIncludingObsolete, getParentBean, isEditable, removePropertyChangeListener

Method Detail

getAuditors

AuditorMBean[] getAuditors()

Returns the Auditing providers for this security realm (in invocation order).

setAuditors

void setAuditors(AuditorMBean[] auditors)
                 throws InvalidAttributeValueException

Changes the invocation order of this security realm's Auditing providers.

Parameters:

auditors - - The new invocation order for this security realm's Auditing providers. It should contain exactly the same Auditing providers that getAuditors() returns, except in a different order. Note: For the purpose of backward compatibility with previous releases of WebLogic Server, auditors may also contain Auditing providers that do not already belong to this security realm and are not contained by another security realm. In this circumstance, these Auditing providers will be moved to this security realm. Similarly, auditors can be missing some of this security realm's current Auditing providers. All missing Auditing providers will be removed from this security realm. These behaviors are deprecated in this release of WebLogic Server and will be removed in a future release.

Throws:

InvalidAttributeValueException

getAuditorTypes

String[] getAuditorTypes()

Returns the types of Auditing providers that may be created in this security realm, for example, weblogic.security.providers.audit.DefaultAuditor. Use this method to find the available types to pass to createAuditor

createAuditor

AuditorMBean createAuditor(String name,
                           String type)
                           throws ClassNotFoundException,
                                  JMException

Creates an Auditing provider in this security realm. The new Auditing provider is added to the end of the list of Auditing providers configured in this security realm.

Parameters:

name - - The name of this Auditing provider, for example, DefaultAuditor

type - - The type of this Auditing provider, for example, weblogic.security.providers.audit.DefaultAuditor Use getAuditorTypes to find the list of types that may be specified.

Throws:

ClassNotFoundException - is thrown if an invalid type is specified.

JMException

createAuditor

AuditorMBean createAuditor(String type)
                           throws ClassNotFoundException,
                                  JMException

Creates an Auditing provider in this security realm. The new Auditing provider is added to the end of the list of Auditing providers configured in this security realm.

Parameters:

type - - The type of this Auditing provider, for example, weblogic.security.providers.audit.DefaultAuditor Use getAuditorTypes to find the list of types that may be specified.

Throws:

ClassNotFoundException - is thrown if an invalid type is specified.

JMException

destroyAuditor

void destroyAuditor(AuditorMBean auditor)

Removes the configuration for an Auditing provider in this security realm. It does not remove any persistent data for the Auditing provider (such as databases or files). weblogic.management.configuration.SecurityConfigurationMBean.destroyRealm automatically removes the security realm's Auditing providers.

Parameters:

auditor - - The Auditing provider to remove.

lookupAuditor

AuditorMBean lookupAuditor(String name)

Finds an Auditing provider in this security realm. Returns null if this security realm has no Auditing provider of the specified name.

Parameters:

name -

getAuthenticationProviders

AuthenticationProviderMBean[] getAuthenticationProviders()

Returns the Authentication providers for this security realm (in invocation order).

setAuthenticationProviders

void setAuthenticationProviders(AuthenticationProviderMBean[] authenticationProviders)
                                throws InvalidAttributeValueException

Changes the invocation order of this security realm's Authentication providers.

Parameters:

authenticationProviders - - The new invocation order for this security realm's Authentication providers. It should contain exactly the same Authentication providers that getAuthenticationProviders() returns, except in a different order. Note: For the purpose of backward compatibility with previous releases of WebLogic Server, authenticationProviders may also contain Authentication providers that do not already belong to this security realm and are not contained by another security realm. In this circumstance, these Authentication providers will be moved to this security realm. Similarly, authenticationProviders can be missing some of this security realm's current Authentication providers. All missing Authentication providers will be removed from this security realm. These behaviors are deprecated in this release of WebLogic Server and will be removed in a future release.

Throws:

InvalidAttributeValueException

getAuthenticationProviderTypes

String[] getAuthenticationProviderTypes()

Returns the types of Authentication providers that may be created in this security realm, for example, weblogic.security.providers.authentication.DefaultAuthenticator. Use this method to find the available types to pass to createAuthenticationProvider

createAuthenticationProvider

AuthenticationProviderMBean createAuthenticationProvider(String name,
                                                         String type)
                                                         throws ClassNotFoundException,
                                                                JMException

Creates an Authentication provider in this security realm. The new Authentication provider is added to the end of the list of Authentication providers configured in this security realm.

Parameters:

name - - The name of this Authentication provider, for example, DefaultAuthenticator

type - - The type of this Authentication provider, for example, weblogic.security.providers.authentication.DefaultAuthenticator Use getAuthenticationProviderTypes to find the list of types that may be specified.

Throws:

ClassNotFoundException - is thrown if an invalid type is specified.

JMException

createAuthenticationProvider

AuthenticationProviderMBean createAuthenticationProvider(String type)
                                                         throws ClassNotFoundException,
                                                                JMException

Creates an Authentication provider in this security realm. The new Authentication provider is added to the end of the list of Authentication providers configured in this security realm.

Parameters:

type - - The type of this Authentication provider, for example, weblogic.security.providers.authentication.DefaultAuthenticator Use getAuthenticationProviderTypes to find the list of types that may be specified.

Throws:

ClassNotFoundException - is thrown if an invalid type is specified.

JMException

destroyAuthenticationProvider

void destroyAuthenticationProvider(AuthenticationProviderMBean authenticationProvider)

Removes the configuration for an Authentication provider in this security realm. It does not remove any persistent data for the Authentication provider (such as databases or files). weblogic.management.configuration.SecurityConfigurationMBean.destroyRealm automatically removes the security realm's Authentication providers.

Parameters:

authenticationProvider - - The Authentication provider to remove.

lookupAuthenticationProvider

AuthenticationProviderMBean lookupAuthenticationProvider(String name)

Finds an Authentication provider in this security realm. Returns null if this security realm has no Authentication provider of the specified name.

Parameters:

name -

getRoleMappers

RoleMapperMBean[] getRoleMappers()

Returns the Role Mapping providers for this security realm (in invocation order).

setRoleMappers

void setRoleMappers(RoleMapperMBean[] roleMappers)
                    throws InvalidAttributeValueException

Changes the invocation order of this security realm's Role Mapping providers.

Parameters:

roleMappers - - The new invocation order for this security realm's Role Mapping providers. It should contain exactly the same Role Mapping providers that getRoleMappers() returns, except in a different order. Note: For the purpose of backward compatibility with previous releases of WebLogic Server, roleMappers may also contain Role Mapping providers that do not already belong to this security realm and are not contained by another security realm. In this circumstance, these Role Mapping providers will be moved to this security realm. Similarly, roleMappers can be missing some of this security realm's current Role Mapping providers. All missing Role Mapping providers will be removed from this security realm. These behaviors are deprecated in this release of WebLogic Server and will be removed in a future release.

Throws:

InvalidAttributeValueException

getRoleMapperTypes

String[] getRoleMapperTypes()

Returns the types of Role Mapping providers that may be created in this security realm, for example, weblogic.security.providers.authorization.DefaultRoleMapper. Use this method to find the available types to pass to createRoleMapper

createRoleMapper

RoleMapperMBean createRoleMapper(String name,
                                 String type)
                                 throws ClassNotFoundException,
                                        JMException

Creates a Role Mapping provider in this security realm. The new Role Mapping provider is added to the end of the list of Role Mapping providers configured in this security realm.

Parameters:

name - - The name of this Role Mapping provider, for example, DefaultRoleMapper

type - - The type of this Role Mapping provider, for example, weblogic.security.providers.authorization.DefaultRoleMapper Use getRoleMapperTypes to find the list of types that may be specified.

Throws:

ClassNotFoundException - is thrown if an invalid type is specified.

JMException

createRoleMapper

RoleMapperMBean createRoleMapper(String type)
                                 throws ClassNotFoundException,
                                        JMException

Creates a Role Mapping provider in this security realm. The new Role Mapping provider is added to the end of the list of Role Mapping providers configured in this security realm.

Parameters:

type - - The type of this Role Mapping provider, for example, weblogic.security.providers.authorization.DefaultRoleMapper Use getRoleMapperTypes to find the list of types that may be specified.

Throws:

ClassNotFoundException - is thrown if an invalid type is specified.

JMException

destroyRoleMapper

void destroyRoleMapper(RoleMapperMBean roleMapper)

Removes the configuration for a Role Mapping provider in this security realm. It does not remove any persistent data for the Role Mapping provider (such as databases or files). weblogic.management.configuration.SecurityConfigurationMBean.destroyRealm automatically removes the security realm's Role Mapping providers.

Parameters:

roleMapper - - The Role Mapping provider to remove.

lookupRoleMapper

RoleMapperMBean lookupRoleMapper(String name)

Finds a Role Mapping provider in this security realm. Returns null if this security realm has no Role Mapping provider of the specified name.

Parameters:

name -

getAuthorizers

AuthorizerMBean[] getAuthorizers()

Returns the Authorization providers for this security realm (in invocation order).

setAuthorizers

void setAuthorizers(AuthorizerMBean[] authorizers)
                    throws InvalidAttributeValueException

Changes the invocation order of this security realm's Authorization providers.

Parameters:

authorizers - - The new invocation order for this security realm's Authorization providers. It should contain exactly the same Authorization providers that getAuthorizers() returns, except in a different order. Note: For the purpose of backward compatibility with previous releases of WebLogic Server, authorizers may also contain Authorization providers that do not already belong to this security realm and are not contained by another security realm. In this circumstance, these Authorization providers will be moved to this security realm. Similarly, authorizers can be missing some of this security realm's current Authorization providers. All missing Authorization providers will be removed from this security realm. These behaviors are deprecated in this release of WebLogic Server and will be removed in a future release.

Throws:

InvalidAttributeValueException

getAuthorizerTypes

String[] getAuthorizerTypes()

Returns the types of Authorization providers that may be created in this security realm, for example, weblogic.security.providers.authorization.DefaultAuthorizer. Use this method to find the available types to pass to createAuthorizer

createAuthorizer

AuthorizerMBean createAuthorizer(String name,
                                 String type)
                                 throws ClassNotFoundException,
                                        JMException

Creates an Authorization provider in this security realm. The new Authorization provider is added to the end of the list of Authorization providers configured in this security realm.

Parameters:

name - - The name of this Authorization provider, for example, DefaultAuthorizer

type - - The type of this Authorization provider, for example, weblogic.security.providers.authorization.DefaultAuthorizer Use getAuthorizerTypes to find the list of types that may be specified.

Throws:

ClassNotFoundException - is thrown if an invalid type is specified.

JMException

createAuthorizer

AuthorizerMBean createAuthorizer(String type)
                                 throws ClassNotFoundException,
                                        JMException

Creates an Authorization provider in this security realm. The new Authorization provider is added to the end of the list of Authorization providers configured in this security realm.

Parameters:

type - - The type of this Authorization provider, for example, weblogic.security.providers.authorization.DefaultAuthorizer Use getAuthorizerTypes to find the list of types that may be specified.

Throws:

ClassNotFoundException - is thrown if an invalid type is specified.

JMException

destroyAuthorizer

void destroyAuthorizer(AuthorizerMBean authorizer)

Removes the configuration for an Authorization provider in this security realm. It does not remove any persistent data for the Authorization provider (such as databases or files). weblogic.management.configuration.SecurityConfigurationMBean.destroyRealm automatically removes the security realm's Authorization providers.

Parameters:

authorizer - - The Authorization provider to remove.

lookupAuthorizer

AuthorizerMBean lookupAuthorizer(String name)

Finds an Authorization provider in this security realm. Returns null if this security realm has no Authorization provider of the specified name.

Parameters:

name -

getAdjudicator

AdjudicatorMBean getAdjudicator()

Returns the Adjudication provider for this security realm.

getAdjudicatorTypes

String[] getAdjudicatorTypes()

Returns the types of Adjudication providers that may be created in this security realm, for example, weblogic.security.providers.authorization.DefaultAdjudicator. Use this method to find the available types to pass to createAdjudicator

createAdjudicator

AdjudicatorMBean createAdjudicator(String name,
                                   String type)
                                   throws ClassNotFoundException,
                                          JMException

Creates an Adjudication provider in this security realm and removes this security realm's previous Adjudication provider.

Parameters:

name - - The name of this Adjudication provider, for example, DefaultAdjudicator

type - - The type of this Adjudication provider, for example, weblogic.security.providers.authorization.DefaultAdjudicator Use getAdjudicatorTypes to find the list of types that may be specified.

Throws:

ClassNotFoundException - is thrown if an invalid type is specified.

JMException

createAdjudicator

AdjudicatorMBean createAdjudicator(String type)
                                   throws ClassNotFoundException,
                                          JMException

Creates an Adjudication provider in this security realm and removes this security realm's previous Adjudication provider.

Parameters:

type - - The type of this Adjudication provider, for example, weblogic.security.providers.authorization.DefaultAdjudicator Use getAdjudicatorTypes to find the list of types that may be specified.

Throws:

ClassNotFoundException - is thrown if an invalid type is specified.

JMException

destroyAdjudicator

void destroyAdjudicator()

Removes the configuration this security realm's Adjudication provider (if there is one). It does not remove any persistent data for the Adjudication provider (such as databases or files). weblogic.management.configuration.SecurityConfigurationMBean.destroyRealm automatically removes the security realm's Adjudication provider.

getCredentialMappers

CredentialMapperMBean[] getCredentialMappers()

Returns the Credential Mapping providers for this security realm (in invocation order).

setCredentialMappers

void setCredentialMappers(CredentialMapperMBean[] credentialMappers)
                          throws InvalidAttributeValueException

Changes the invocation order of this security realm's Credential Mapping providers.

Parameters:

credentialMappers - - The new invocation order for this security realm's Credential Mapping providers. It should contain exactly the same Credential Mapping providers that getCredentialMappers() returns, except in a different order. Note: For the purpose of backward compatibility with previous releases of WebLogic Server, credentialMappers may also contain Credential Mapping providers that do not already belong to this security realm and are not contained by another security realm. In this circumstance, these Credential Mapping providers will be moved to this security realm. Similarly, credentialMappers can be missing some of this security realm's current Credential Mapping providers. All missing Credential Mapping providers will be removed from this security realm. These behaviors are deprecated in this release of WebLogic Server and will be removed in a future release.

Throws:

InvalidAttributeValueException

getCredentialMapperTypes

String[] getCredentialMapperTypes()

Returns the types of Credential Mapping providers that may be created in this security realm, for example, weblogic.security.providers.credentials.DefaultCredentialMapper. Use this method to find the available types to pass to createCredentialMapper

createCredentialMapper

CredentialMapperMBean createCredentialMapper(String name,
                                             String type)
                                             throws ClassNotFoundException,
                                                    JMException

Creates a Credential Mapping provider in this security realm. The new Credential Mapping provider is added to the end of the list of Credential Mapping providers configured in this security realm.

Parameters:

name - - The name of this Credential Mapping provider, for example, DefaultCredentialMapper

type - - The type of this Credential Mapping provider, for example, weblogic.security.providers.credentials.DefaultCredentialMapper Use getCredentialMapperTypes to find the list of types that may be specified.

Throws:

ClassNotFoundException - is thrown if an invalid type is specified.

JMException

createCredentialMapper

CredentialMapperMBean createCredentialMapper(String type)
                                             throws ClassNotFoundException,
                                                    JMException

Creates a Credential Mapping provider in this security realm. The new Credential Mapping provider is added to the end of the list of Credential Mapping providers configured in this security realm.

Parameters:

type - - The type of this Credential Mapping provider, for example, weblogic.security.providers.credentials.DefaultCredentialMapper Use getCredentialMapperTypes to find the list of types that may be specified.

Throws:

ClassNotFoundException - is thrown if an invalid type is specified.

JMException

destroyCredentialMapper

void destroyCredentialMapper(CredentialMapperMBean credentialMapper)

Removes the configuration for a Credential Mapping provider in this security realm. It does not remove any persistent data for the Credential Mapping provider (such as databases or files). weblogic.management.configuration.SecurityConfigurationMBean.destroyRealm automatically removes the security realm's Credential Mapping providers.

Parameters:

credentialMapper - - The Credential Mapping provider to remove.

lookupCredentialMapper

CredentialMapperMBean lookupCredentialMapper(String name)

Finds a Credential Mapping provider in this security realm. Returns null if this security realm has no Credential Mapping provider of the specified name.

Parameters:

name -

getCertPathProviders

CertPathProviderMBean[] getCertPathProviders()

Returns the Certification Path providers for this security realm (in invocation order).

setCertPathProviders

void setCertPathProviders(CertPathProviderMBean[] certPathProviders)
                          throws InvalidAttributeValueException

Changes the invocation order of this security realm's Certification Path providers.

Parameters:

certPathProviders - - The new invocation order for this security realm's Certification Path providers. It should contain exactly the same Certification Path providers that getCertPathProviders() returns, except in a different order.

Throws:

InvalidAttributeValueException

getCertPathProviderTypes

String[] getCertPathProviderTypes()

Returns the types of Certification Path providers that may be created in this security realm, for example, weblogic.security.providers.pk.WebLogicCertPathProvider. Use this method to find the available types to pass to createCertPathProvider

createCertPathProvider

CertPathProviderMBean createCertPathProvider(String name,
                                             String type)
                                             throws ClassNotFoundException,
                                                    JMException

Creates a Certification Path provider in this security realm. The new Certification Path provider is added to the end of the list of Certification Path providers configured in this security realm. The active security realm must contain at least one Certification Path provider that is a CertPath Builder provider and at least one Certificate Path provider that is a CertPath Validator provider.

Parameters:

name - - The name of this Certification Path provider, for example, WebLogicCertPathProvider

type - - The type of this Certification Path provider, for example, weblogic.security.providers.pk.WebLogicCertPathProvider Use getCertPathProviderTypes to find the list of types that may be specified.

Throws:

ClassNotFoundException - is thrown if an invalid type is specified.

JMException

createCertPathProvider

CertPathProviderMBean createCertPathProvider(String type)
                                             throws ClassNotFoundException,
                                                    JMException

Creates a Certification Path provider in this security realm. The new Certification Path provider is added to the end of the list of Certification Path providers configured in this security realm.

The active security realm must contain at least one Certification Path provider that is a CertPath Builder provider and at least one Certificate Path provider that is a CertPath Validator provider.

Parameters:

type - - The type of this Certification Path provider, for example, weblogic.security.providers.pk.WebLogicCertPathProvider Use getCertPathProviderTypes to find the list of types that may be specified.

Throws:

ClassNotFoundException - is thrown if an invalid type is specified.

JMException

destroyCertPathProvider

void destroyCertPathProvider(CertPathProviderMBean certPathProvider)

Removes the configuration for a Certification Path provider in this security realm. It does not remove any persistent data for the Certification Path provider (such as databases or files). weblogic.management.configuration.SecurityConfigurationMBean.destroyRealm automatically removes the security realm's Certification Path providers.

If certPathProvider has been selected as this security realm's CertPathBuilder, then this security realm's will have no CertPathBuilder.

Parameters:

certPathProvider - - The Certification Path provider to remove.

lookupCertPathProvider

CertPathProviderMBean lookupCertPathProvider(String name)

Finds a Certification Path provider in this security realm. Returns null if this security realm has no Certification Path provider of the specified name.

Parameters:

name -

getCertPathBuilder

CertPathBuilderMBean getCertPathBuilder()

Returns the CertPath Builder provider in this security realm that will be used by the security system to build certification paths. Returns null if none has been selected. The provider will be one of this security realm's CertPathProviders.

setCertPathBuilder

void setCertPathBuilder(CertPathBuilderMBean certPathBuilder)
                        throws InvalidAttributeValueException

Determines which of this security realm's CertPathProviders will be used by the security system to build certification paths. The provider must implement weblogic.management.security.pk.CertPathBuilder.

Parameters:

certPathBuilder - - The new CertPath Builder for this security realm. If null, this security realm will have no configured CertPathBuilder.

Throws:

InvalidAttributeValueException

See Also:

RealmMBean.getCertPathBuilder()

getUserLockoutManager

UserLockoutManagerMBean getUserLockoutManager()

Returns the User Lockout Manager for this security realm.

isDeployRoleIgnored

boolean isDeployRoleIgnored()

Deprecated. 9.0.0.0

Returns whether role deployment calls on the security system are ignored or passed to the configured Role Mapping providers.

setDeployRoleIgnored

void setDeployRoleIgnored(boolean ignored)
                          throws InvalidAttributeValueException

Deprecated. 9.0.0.0

Sets whether role deployment calls on the security system are ignored or passed to the configured Role Mapping providers.

Parameters:

ignored - - the new deploy role ignored value

Throws:

InvalidAttributeValueException

See Also:

RealmMBean.isDeployRoleIgnored()

isDeployPolicyIgnored

boolean isDeployPolicyIgnored()

Deprecated. 9.0.0.0

Returns whether policy deployment calls on the security system are ignored or passed to the configured Authorization providers.

setDeployPolicyIgnored

void setDeployPolicyIgnored(boolean ignored)
                            throws InvalidAttributeValueException

Deprecated. 9.0.0.0

Sets whether policy deployment calls on the security system are ignored or passed to the configured Authorization providers.

Parameters:

ignored - - the new deploy policy ignored value

Throws:

InvalidAttributeValueException

See Also:

RealmMBean.isDeployPolicyIgnored()

isDeployCredentialMappingIgnored

boolean isDeployCredentialMappingIgnored()

Deprecated. 9.0.0.0

Returns whether credential mapping deployment calls on the security system are ignored or passed to the configured Credential Mapping providers.

setDeployCredentialMappingIgnored

void setDeployCredentialMappingIgnored(boolean ignored)
                                       throws InvalidAttributeValueException

Deprecated. 9.0.0.0

Sets whether credential mapping deployment calls on the security system are ignored or passed to the configured Credential Mapping providers.

Parameters:

ignored - - the new deploy credential mapping ignored value.

Throws:

InvalidAttributeValueException

See Also:

RealmMBean.isDeployCredentialMappingIgnored()

isFullyDelegateAuthorization

boolean isFullyDelegateAuthorization()

Deprecated. 9.0.0.0

Returns whether the Web and EJB containers should call the security framework on every access.

If false the containers are free to only call the security framework when security is set in the deployment descriptors.

setFullyDelegateAuthorization

void setFullyDelegateAuthorization(boolean fullyDelegate)
                                   throws InvalidAttributeValueException

Deprecated. 9.0.0.0

Sets whether the Web and EJB containers should call the security framework on every access.

Parameters:

fullyDelegate - - the new fully delegate authorization value.

Throws:

InvalidAttributeValueException

See Also:

RealmMBean.isFullyDelegateAuthorization()

isValidateDDSecurityData

boolean isValidateDDSecurityData()

Not used in this release.

setValidateDDSecurityData

void setValidateDDSecurityData(boolean validate)
                               throws InvalidAttributeValueException

Sets whether security data in the deployment descriptor is validated. This setting establishes the default value for applications deployed using the realm.

Parameters:

validate - - the new validate deployment descriptor security data value.

Throws:

InvalidAttributeValueException

See Also:

RealmMBean.isValidateDDSecurityData()

getSecurityDDModel

String getSecurityDDModel()

Specifies the default security model for Web applications or EJBs that are secured by this security realm. You can override this default during deployment.

Note: If you deploy a module by modifying the domain's config.xml file and restarting the server, and if you do not specify a security model value for the module in config.xml, the module is secured with the default value of the AppDeploymentMBean SecurityDDModel attribute (see getSecurityDDModel).

Choose one of these security models:

• Deployment Descriptors Only (DDOnly)
  • For EJBs and URL patterns, this model uses only the roles and policies in the J2EE deployment descriptors (DD); the Administration Console allows only read access for this data. With this model, EJBs and URL patterns are not protected by roles and policies of a broader scope (such as a policy scoped to an entire Web application). If an EJB or URL pattern is not protected by a role or policy in the DD, then it is unprotected: anyone can access it.
  • For application-scoped roles in an EAR, this model uses only the roles defined in the WebLogic Server DD; the Administration Console allows only read access for this data. If the WebLogic Server DD does not define roles, then there will be no such scoped roles defined for this EAR.
  • For all other types of resources, you can use the Administration Console to create roles or policies. For example, with this model, you can use the Administration Console to create application-scoped policies for an EAR.
  • Applies for the life of the deployment. If you want to use a different model, you must delete the deployment and reinstall it.
• Customize Roles Only (CustomRoles)
  • For EJBs and URL patterns, this model uses only the policies in the J2EE deployment descriptors (DD). EJBs and URL patterns are not protected by policies of a broader scope (such as a policy scoped to an entire Web application). This model ignores any roles defined in the DDs; an administrator completes the role mappings using the Administration Console.
  • For all other types of resources, you can use the Administration Console to create roles or policies. For example, with this model, you can use the Administration Console to create application-scoped policies or roles for an EAR.
  • Applies for the life of the deployment. If you want to use a different model, you must delete the deployment and reinstall it.
• Customize Roles and Policies (CustomRolesAndPolicies)
  • Ignores any roles and policies defined in deployment descriptors. An administrator uses the Administration Console to secure the resources.
  • Performs security checks for all URLs or EJB methods in the module.
  • Applies for the life of the deployment. If you want to use a different model, you must delete the deployment and reinstall it.
• Advanced (Advanced)

  You configure how this model behaves by setting values for the following options:

  • When Deploying Web Applications or EJBs

    Note: When using the WebLogic Scripting Tool or JMX APIs, there is no single MBean attribute for this setting. Instead, you must set the values for the DeployPolicyIgnored and DeployRoleIgnored attributes of RealmMBean.

  • Check Roles and Policies (FullyDelegateAuthorization)
  • Combined Role Mapping Enabled (CombinedRoleMappingEnabled)

  You can change the configuration of this model. Any changes immediately apply to all modules that use the Advanced model. For example, you can specify that all modules using this model will copy roles and policies from their deployment descriptors into the appropriate provider databases upon deployment. After you deploy all of your modules, you can change this behavior to ignore roles and policies in deployment descriptors so that when you redeploy modules they will not re-copy roles and policies.

  Note: Prior to WebLogic Server version 9.0 the Advanced model was the only security model available. Use this model if you want to continue to secure EJBs and Web Applications as in releases prior to 9.0.

See Also:

RealmMBean.isDeployPolicyIgnored(), RealmMBean.isDeployRoleIgnored(), RealmMBean.isFullyDelegateAuthorization(), RealmMBean.isCombinedRoleMappingEnabled()

setSecurityDDModel

void setSecurityDDModel(String model)
                        throws InvalidAttributeValueException

Sets the default security deployment model for applications deployed in this security realm.

Parameters:

model - - the new default security deployment model.

Throws:

InvalidAttributeValueException

See Also:

RealmMBean.getSecurityDDModel()

isCombinedRoleMappingEnabled

boolean isCombinedRoleMappingEnabled()

Determines how the role mappings in the Enterprise Application, Web application, and EJB containers interact. This setting is valid only for Web applications and EJBs that use the Advanced security model and that initialize roles from deployment descriptors.

When enabled:

• Application role mappings are combined with EJB and Web application mappings so that all principal mappings are included. The Security Service combines the role mappings with a logical OR operator.
• If one or more policies in the web.xml file specify a role for which no mapping exists in the weblogic.xml file, the Web application container creates an empty map for the undefined role (that is, the role is explicitly defined as containing no principal). Therefore, no one can access URL patterns that are secured by such policies.
• If one or more policies in the ejb-jar.xml file specify a role for which no mapping exists in the weblogic-ejb-jar.xml file, the EJB container creates an empty map for the undefined role (that is, the role is explicitly defined as containing no principal). Therefore, no one can access methods that are secured by such policies.

When disabled:

• Role mappings for each container are exclusive to other containers unless defined by the <externally-defined> descriptor element.

• If one or more policies in the web.xml file specify a role for which no role mapping exists in the weblogic.xml file, the Web application container assumes that the undefined role is the name of a principal. It therefore maps the assumed principal to the role name. For example, if the web.xml file contains the following stanza in one of its policies:

  <auth-constraint>
<role-name>PrivilegedUser</role-name>
</auth-constraint>

  but, if the weblogic.xml file has no role mapping for PrivilegedUser, then the Web application container creates an in-memory mapping that is equivalent to the following stanza:

  <security-role-assignment>
<role-name>PrivilegedUser</role-name>
<principal-name>PrivilegedUser</principal-name>
</security-role-assignment>

• Role mappings for EJB methods must be defined in the weblogic-ejb-jar.xml file. Role mappings defined in the other containers are not used unless defined by the <externally-defined> descriptor element.

Note:

For all applications previously deployed in version 8.1 and upgraded to version 9.x, the combining role mapping is disabled by default.

Since:

9.0.0.0

setCombinedRoleMappingEnabled

void setCombinedRoleMappingEnabled(boolean combined)
                                   throws InvalidAttributeValueException

Sets whether application role mappings are combined by the J2EE containers.

If false the containers need enternally defined mappings to use application role mappings.

Parameters:

combined - - the new combined role mapping value.

Throws:

InvalidAttributeValueException

Since:

9.0.0.0

See Also:

RealmMBean.isCombinedRoleMappingEnabled()

validate

void validate()
              throws ErrorCollectionException

Deprecated. 9.0.0.0 This method is no longer required since activating a configuration transaction does this check automatically on the default realm, and will not allow the configuration to be saved if the domain does not have a valid default realm configured.

Checks that the realm is valid.

Throws:

ErrorCollectionException - if this security realm is not valid. The exception contains a list of <code?java.lang.Exception, one for each reason this security realm is not valid. The text of each exception describes the problem.

isDefaultRealm

boolean isDefaultRealm()

Deprecated. 9.0.0.0 Replaced by SecurityConfigurationMBean.getDefaultRealm()

Returns whether this security realm is the Default realm for the WebLogic domain. Deprecated in this release of WebLogic Server and replaced by weblogic.management.configuration.SecurityConfigurationMBean.getDefaultRealm.

setDefaultRealm

void setDefaultRealm(boolean isDefault)
                     throws InvalidAttributeValueException

Deprecated. 9.0.0.0 Replaced by SecurityConfigurationMBean.setDefaultRealm(weblogic.management.security.RealmMBean)

Determines whether is security realm is the Default realm for the WebLogic domain. Deprecated in this release of WebLogic Server and replaced by weblogic.management.configuration.SecurityConfigurationMBean.setDefautlRealm.

Parameters:

isDefault - - whether or not this security realm is the Default realm for the WebLogic domain.

Throws:

InvalidAttributeValueException

isEnableWebLogicPrincipalValidatorCache

boolean isEnableWebLogicPrincipalValidatorCache()

Returns whether the WebLogic Principal Validator caching is enabled.

The Principal Validator is used by Oracle supplied authentication providers and may be used by custom authentication providers. If enabled, the default principal validator will cache WebLogic Principal signatures.

setEnableWebLogicPrincipalValidatorCache

void setEnableWebLogicPrincipalValidatorCache(boolean enabled)
                                              throws InvalidAttributeValueException

Sets whether the WebLogic Principal Validator caching is enabled.

Parameters:

enabled - - the new enable weblogic principal validator cache value.

Throws:

InvalidAttributeValueException

See Also:

RealmMBean.isEnableWebLogicPrincipalValidatorCache()

getMaxWebLogicPrincipalsInCache

Integer getMaxWebLogicPrincipalsInCache()

Returns the maximum size of the LRU cache for holding WebLogic Principal signatures. This value is only used if EnableWebLogicPrincipalValidatorCache is set to true

setMaxWebLogicPrincipalsInCache

void setMaxWebLogicPrincipalsInCache(Integer size)
                                     throws InvalidAttributeValueException

Sets the maximum size of the LRU cache for holding WebLogic Principal signatures.

Parameters:

size - - the new weblogic principals maximum cache size

Throws:

InvalidAttributeValueException

See Also:

RealmMBean.getMaxWebLogicPrincipalsInCache()

getName

String getName()

The name of this configuration. WebLogic Server uses an MBean to implement and persist the configuration.

Specified by:

getName in interface StandardInterface

isDelegateMBeanAuthorization

boolean isDelegateMBeanAuthorization()

Configures the WebLogic Server MBean servers to use the security realm's Authorization providers to determine whether a JMX client has permission to access an MBean attribute or invoke an MBean operation.

You can continue to use WebLogic Server's default security settings or modify the defaults to suit your needs.

If you do not delegate authorization to the realm's Authorization providers, the WebLogic MBean servers allow access only to the four default security roles (Admin, Deployer, Operator, and Monitor) and only as specified by WebLogic Server's default security settings.

Since:

9.1.0.0

setDelegateMBeanAuthorization

void setDelegateMBeanAuthorization(boolean deleteMBeanAuthorization)
                                   throws InvalidAttributeValueException

Sets the value of the DelegateMBeanAuthorization attribute.

Parameters:

deleteMBeanAuthorization - - the new delegate MBean authorization value.

Throws:

InvalidAttributeValueException

Since:

9.1.0.0

See Also:

RealmMBean.isDelegateMBeanAuthorization()

getAuthMethods

String getAuthMethods()

Returns a comma separated string of authentication methods that should be used when the Web application specifies "REALM" as its auth-method. The authentication methods will be applied in order in which they appear in the list.

Since:

9.2.0.0

setAuthMethods

void setAuthMethods(String methods)

Set the authentication methods that should be used when the Web application specifies "REALM" as its auth-method.

getRDBMSSecurityStore

RDBMSSecurityStoreMBean getRDBMSSecurityStore()

Returns RDBMSSecurityStoreMBean for this realm, which is a singleton MBean describing RDBMS security store configuration.

Returns:

the reference to RDBMSSecurityStoreMBean or null if the RDBMS security store is not configured in this realm

See Also:

RealmMBean.createRDBMSSecurityStore()

createRDBMSSecurityStore

RDBMSSecurityStoreMBean createRDBMSSecurityStore()
                                                 throws JMException

Creates configuration for the RDBMS security store. This can be called only once unless the existing instance is destroyed by invoking destroyRDBMSSecurityStore operation. The new security store MBean will have this realm as its parent.

Returns:

a RDBMS security store instance.

Throws:

JMException - if an error occurs when creating a RDBMS security store

See Also:

RealmMBean.destroyRDBMSSecurityStore()

createRDBMSSecurityStore

RDBMSSecurityStoreMBean createRDBMSSecurityStore(String name)
                                                 throws JMException

Creates configuration for the RDBMS security store with the specified name. This can be called only once unless the existing instance is destroyed by invoking destroyRDBMSSecurityStore operation. The new security store MBean will have this realm as its parent.

Parameters:

name - the name of this RDBMS security store

Returns:

a RDBMS security store instance.

Throws:

JMException - if an error occurs when creating a RDBMS security store

See Also:

RealmMBean.destroyRDBMSSecurityStore()

destroyRDBMSSecurityStore

void destroyRDBMSSecurityStore()

Destroys and removes the existing RDBMS security store which is a child of this realm. It only removes the security store configuration, not any data persisted in the store.

See Also:

RealmMBean.createRDBMSSecurityStore()

createPasswordValidator

PasswordValidatorMBean createPasswordValidator(String name,
                                               String type)
                                               throws ClassNotFoundException,
                                                      JMException

Creates a Password Validator provider in this security realm. The new Password Validator provider is added to the end of the list of Password Validator providers configured in this security realm.

Parameters:

name - String The name for the given Password Validator provider MBean

type - String The type of a Password Validator provider, all available types are in method getPasswordValidatorTypes

Returns:

PasswordValidatorMBean

Throws:

ClassNotFoundException

JMException

Since:

10.0

createPasswordValidator

PasswordValidatorMBean createPasswordValidator(String type)
                                               throws ClassNotFoundException,
                                                      JMException

Creates a Password Validator provider in this security realm. The new Password Validator provider is added to the end of the list of Password Validator providers configured in this security realm.

Parameters:

type - String The type of a Password Validator provider, all available types are in method getPasswordValidatorTypes

Returns:

PasswordValidatorMBean

Throws:

ClassNotFoundException

JMException

Since:

10.0

getPasswordValidatorTypes

String[] getPasswordValidatorTypes()

Returns the types of Password Validator providers that may be created in this security realm, for example, com.bea.security.providers.authentication.passwordvalidator.SystemPasswordValidator. Use this method to find the available types to pass to createPasswordValidator

Since:

10.0

getPasswordValidators

PasswordValidatorMBean[] getPasswordValidators()

Returns the Password Validator providers for this security realm (in invocation order).

Since:

10.0

setPasswordValidators

void setPasswordValidators(PasswordValidatorMBean[] passwordvalidators)
                           throws InvalidAttributeValueException

Sets the Password Validator providers for this security realm (in invocation order).

Parameters:

passwordvalidators - - The password validator providers to be set for this security realm.

Throws:

InvalidAttributeValueException

lookupPasswordValidator

PasswordValidatorMBean lookupPasswordValidator(String name)

Finds an Password Validator provider in this security realm. Returns null if this security realm has no Password Validator provider with the specified name.

Parameters:

name - String The name of a Password Validator provider MBean

Returns:

PasswordValidatorMBean

Since:

10.0

destroyPasswordValidator

void destroyPasswordValidator(PasswordValidatorMBean provider)

Removes the configuration for a Password Validator provider in this security realm.

Parameters:

provider - PasswordValidatorMBean The Password Validator provider to remove

Since:

10.0

isDeployableProviderSynchronizationEnabled

boolean isDeployableProviderSynchronizationEnabled()

Specifies whether synchronization for deployable Authorization and Role Mapping providers is enabled.

The Authorization and Role Mapping providers may or may not support parallel security policy and role modification, respectively, in the security provider database. If the security providers do not support parallel modification, the WebLogic Security Framework enforces a synchronization mechanism that results in each application and module being placed in a queue and deployed sequentially.

Since:

10.3

setDeployableProviderSynchronizationEnabled

void setDeployableProviderSynchronizationEnabled(boolean enabled)
                                                 throws InvalidAttributeValueException

Specifies whether synchronization for deployable Authorization and Role Mapping providers is enabled.

Parameters:

enabled - - the new value indicating whether the synchronization for deployable Authorization and Role Mapping providers is enabled

Throws:

InvalidAttributeValueException

Since:

10.3

See Also:

RealmMBean.isDeployableProviderSynchronizationEnabled()

getDeployableProviderSynchronizationTimeout

Integer getDeployableProviderSynchronizationTimeout()

Returns the timeout value, in milliseconds, for the deployable security provider synchronization operation. This value is only used if DeployableProviderSynchronizationEnabled is set to true

Since:

10.3

setDeployableProviderSynchronizationTimeout

void setDeployableProviderSynchronizationTimeout(Integer timeout)
                                                 throws InvalidAttributeValueException

Specifies the timeout value, in milliseconds, for the deployable security provider synchronization operation.

Parameters:

timeout - - the new timeout value (in milliseconds)

Throws:

InvalidAttributeValueException

Since:

10.3

See Also:

RealmMBean.getDeployableProviderSynchronizationTimeout()

isAutoRestartOnNonDynamicChanges

boolean isAutoRestartOnNonDynamicChanges()

Specifies whether the Realm will be auto-restarted if non-dynamic changes are made to the realm or providers within the realm.

Returns:

The AutoRestartOnNonDynamicChanges value

Since:

12.2.1.0

setAutoRestartOnNonDynamicChanges

void setAutoRestartOnNonDynamicChanges(boolean autorestart)

Sets the value of the AutoRestartOnNonDynamicChanges attribute.

Parameters:

autorestart - The new AutoRestartOnNonDynamicChanges value

See Also:

RealmMBean.isAutoRestartOnNonDynamicChanges()

getRetireTimeoutSeconds

int getRetireTimeoutSeconds()

Specifies the retire timeout for a realm that is restarted. The old realm will be shutdown after the specified timeout period has elapsed.

Returns:

The RealmRestartRetireTimeoutSeconds value

Since:

12.2.1.0

setRetireTimeoutSeconds

void setRetireTimeoutSeconds(int timeout)

Sets the value of the RetireTimeoutSeconds attribute.

Parameters:

timeout - The new Retire Timeout Seconds value

See Also:

RealmMBean.getRetireTimeoutSeconds()

Skip navigation links