Skip navigation links

Oracle Fusion Middleware
Java API Reference for Oracle WebLogic Server
12c (12.2.1)

Part Number E55141-01
P4 Change 1723563 on 2015/10/09


weblogic.security.spi
Interface CredentialMapperV2


public interface CredentialMapperV2

The CredentialMapperV2 interface defines the security service provider interface (SSPI) for objects capable of obtaining the appropriate set of credentials for a particular resource that is scoped within an application.

An implementation of the CredentialMapperV2 interface is the part of a Credential Mapping provider that must return at least two specific credential formats:

Credential Mapping providers may implement other types of objects that represent other types of credentials in addition to the ones listed above.


Field Summary
static String GSS_KERBEROS_V5_AP_REQ
          The GSS_KERBEROS_V5_AP_REQ token is a base64 encoded string of GSS API wrapped Kerberos V5 AP_REQUEST.
static String GSS_KERBEROS_V5_AP_REQ_1510
          The GSS_KERBEROS_V5_AP_REQ_1510 token is a base64 encoded string of GSS API wrapped Kerberos V5 AP_REQUEST for RFC1510.
static String GSS_KERBEROS_V5_AP_REQ_4120
          The GSS_KERBEROS_V5_AP_REQ_4120 token is a base64 encoded string of GSS API wrapped Kerberos V5 AP_REQUEST for RFC4120.
static String KERBEROS_V5_AP_REQ
          The KERBEROS_V5_AP_REQ token is a base64 encoded string of raw Kerberos V5 AP_REQUEST.
static String KERBEROS_V5_AP_REQ_1510
          The KERBEROS_V5_AP_REQ_1510 token is a base64 encoded string of raw Kerberos V5 AP_REQUEST for RFC1510.
static String KERBEROS_V5_AP_REQ_4120
          The KERBEROS_V5_AP_REQ_4120 token is a base64 encoded string of raw Kerberos V5 AP_REQUEST for RFC4120.
static String PASSWORD_TYPE
          The static credentials type identifier that is used by the WebLogic Security Framework and passed to the WebLogic Credential Mapping provider through the Credential Manager in the getCredential methods.
static String PKI_KEY_PAIR_TYPE
          The static credentials type identifier that is used by the WebLogic Security Framework and passed to the WebLogic Credential Mapping provider through the Credential Manager in the getCredential methods.
static String PKI_TRUSTED_CERTIFICATE_TYPE
          The static credentials type identifier that is used by the WebLogic Security Framework and passed to the WebLogic Credential Mapping provider through the Credential Manager in the getCredential methods.
static String SAML_ASSERTION_B64_TYPE
          The SAML.Assertion64 token is used to identify a SAML token that is a Base64 encoded SAML.Assertion.
static String SAML_ASSERTION_DOM_TYPE
          The SAML.Assertion.DOM token is used to identify a SAML token that is a DOM Element representation of a SAML.Assertion.
static String SAML_ASSERTION_TYPE
          The SAML.Assertion token is used to identify a SAML token in string XML form.
static String SAML2_ASSERTION_DOM_TYPE
          The SAML2.Assertion.DOM token is used to identify a SAML 2.0 token that is a DOM Element representation of a SAML.Assertion.
static String SAML2_ASSERTION_TYPE
          The SAML2.Assertion token is used to identify a SAML 2.0 token in string XML form.
static String SPNEGO_TOKEN_TYPE
          The static credentials type used for acquiring SPNEGO token with credential mapping provider.
static String USER_PASSWORD_TYPE
          The static credentials type identifier that is used by the WebLogic Security Framework and passed to the WebLogic Credential Mapping provider through the Credential Manager in the getCredential methods.
static String WEBLOGIC_OAUTH2_JWT_ACCESS_TOKEN_TYPE
          The static credentials type used for acquiring OAuth2 style JWT access token with credential mapping provider.

 

Method Summary
abstract  Object getCredential(Subject requestor, String initiator, Resource resource, ContextHandler handler, String credType)
          Returns credential of the specified type from the target resource associated with the specified initiator.
abstract  Object[] getCredentials(Subject requestor, Subject initiator, Resource resource, ContextHandler handler, String credType)
          Returns credentials of the specified type from the target resource associated with the specified initiator.

 

Field Detail

PASSWORD_TYPE

static final String PASSWORD_TYPE
The static credentials type identifier that is used by the WebLogic Security Framework and passed to the WebLogic Credential Mapping provider through the Credential Manager in the getCredential methods. It is associated with credentials of type char[]
See Also:
Constant Field Values

USER_PASSWORD_TYPE

static final String USER_PASSWORD_TYPE
The static credentials type identifier that is used by the WebLogic Security Framework and passed to the WebLogic Credential Mapping provider through the Credential Manager in the getCredential methods. It is associated with credentials of type javax.resource.spi.security.PasswordCredential
See Also:
Constant Field Values

PKI_KEY_PAIR_TYPE

static final String PKI_KEY_PAIR_TYPE
The static credentials type identifier that is used by the WebLogic Security Framework and passed to the WebLogic Credential Mapping provider through the Credential Manager in the getCredential methods. It is associated with credentials of type PKICredential to retrieve the key pair.
See Also:
Constant Field Values

PKI_TRUSTED_CERTIFICATE_TYPE

static final String PKI_TRUSTED_CERTIFICATE_TYPE
The static credentials type identifier that is used by the WebLogic Security Framework and passed to the WebLogic Credential Mapping provider through the Credential Manager in the getCredential methods. It is associated with credentials of type PKICredential to retrieve the trusted certificate.
See Also:
Constant Field Values

SPNEGO_TOKEN_TYPE

static final String SPNEGO_TOKEN_TYPE
The static credentials type used for acquiring SPNEGO token with credential mapping provider.
See Also:
Constant Field Values

SAML_ASSERTION_TYPE

static final String SAML_ASSERTION_TYPE
The SAML.Assertion token is used to identify a SAML token in string XML form.
See Also:
Constant Field Values

SAML_ASSERTION_B64_TYPE

static final String SAML_ASSERTION_B64_TYPE
The SAML.Assertion64 token is used to identify a SAML token that is a Base64 encoded SAML.Assertion.
See Also:
Constant Field Values

SAML_ASSERTION_DOM_TYPE

static final String SAML_ASSERTION_DOM_TYPE
The SAML.Assertion.DOM token is used to identify a SAML token that is a DOM Element representation of a SAML.Assertion.
See Also:
Constant Field Values

SAML2_ASSERTION_TYPE

static final String SAML2_ASSERTION_TYPE
The SAML2.Assertion token is used to identify a SAML 2.0 token in string XML form.
See Also:
Constant Field Values

SAML2_ASSERTION_DOM_TYPE

static final String SAML2_ASSERTION_DOM_TYPE
The SAML2.Assertion.DOM token is used to identify a SAML 2.0 token that is a DOM Element representation of a SAML.Assertion.
See Also:
Constant Field Values

KERBEROS_V5_AP_REQ

static final String KERBEROS_V5_AP_REQ
The KERBEROS_V5_AP_REQ token is a base64 encoded string of raw Kerberos V5 AP_REQUEST.
See Also:
Constant Field Values

GSS_KERBEROS_V5_AP_REQ

static final String GSS_KERBEROS_V5_AP_REQ
The GSS_KERBEROS_V5_AP_REQ token is a base64 encoded string of GSS API wrapped Kerberos V5 AP_REQUEST.
See Also:
Constant Field Values

KERBEROS_V5_AP_REQ_1510

static final String KERBEROS_V5_AP_REQ_1510
The KERBEROS_V5_AP_REQ_1510 token is a base64 encoded string of raw Kerberos V5 AP_REQUEST for RFC1510.
See Also:
Constant Field Values

GSS_KERBEROS_V5_AP_REQ_1510

static final String GSS_KERBEROS_V5_AP_REQ_1510
The GSS_KERBEROS_V5_AP_REQ_1510 token is a base64 encoded string of GSS API wrapped Kerberos V5 AP_REQUEST for RFC1510.
See Also:
Constant Field Values

KERBEROS_V5_AP_REQ_4120

static final String KERBEROS_V5_AP_REQ_4120
The KERBEROS_V5_AP_REQ_4120 token is a base64 encoded string of raw Kerberos V5 AP_REQUEST for RFC4120.
See Also:
Constant Field Values

GSS_KERBEROS_V5_AP_REQ_4120

static final String GSS_KERBEROS_V5_AP_REQ_4120
The GSS_KERBEROS_V5_AP_REQ_4120 token is a base64 encoded string of GSS API wrapped Kerberos V5 AP_REQUEST for RFC4120.
See Also:
Constant Field Values

WEBLOGIC_OAUTH2_JWT_ACCESS_TOKEN_TYPE

static final String WEBLOGIC_OAUTH2_JWT_ACCESS_TOKEN_TYPE
The static credentials type used for acquiring OAuth2 style JWT access token with credential mapping provider.
See Also:
Constant Field Values

Method Detail

getCredential

Object getCredential(Subject requestor,
                     String initiator,
                     Resource resource,
                     ContextHandler handler,
                     String credType)
Returns credential of the specified type from the target resource associated with the specified initiator. Returns null if no credentials were found.

This method will be called when the initiator identity is a an alias or symbolic name, including when the identity is an external user.

Parameters:
requestor - subject requesting credentials
initiator - the identity for which credentials are retrieved
resource - the resource for which credentials are requested
handler - a ContextHandler with optional extra data
credType - credential type
Returns:
Credential of the specified type from the target resource associated with the specified subject

getCredentials

Object[] getCredentials(Subject requestor,
                        Subject initiator,
                        Resource resource,
                        ContextHandler handler,
                        String credType)
Returns credentials of the specified type from the target resource associated with the specified initiator. Returns null if no credentials were found.

This method will be called when the initiator identity is a WebLogic user or group in order that the (optional) identity domain information is available from principals that implement IdentityDomainPrincipal.

Parameters:
requestor - Subject requesting credentials
initiator - the identity for which credentials are retrieved
resource - the resource for which credentials are requested
handler - a ContextHandler with optional extra data
credType - credential type
Returns:
Credentials of the specified type from the target resource associated with the specified subject

Skip navigation links

Copyright 1996, 2015, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners.

Oracle Fusion Middleware
Java API Reference for Oracle WebLogic Server
12c (12.2.1)

Part Number E55141-01
P4 Change 1723563 on 2015/10/09