UserEditorMBean (Abstract)


Overview  |   Related MBeans  |   Attributes  |   Operations

Overview

Provides a set of methods for creating, editing, and removing users. An Authentication provider MBean can optionally implement this MBean. The WebLogic Server Administration Console detects when an Authentication provider implements this MBean and automatically provides a GUI for using these methods.

CSS v4 introduced a new Password Validaton Service to check password against a set of rules when doing changing password operations with authentication provider MBeans such as createUser, changeUserPassword and resetUserPassword. The rules can be specified through configuring Password Validation Provider into the security realm, for further information, see weblogic.management.security.RealmMBean.

All OOTB authentication providers in CSS will automatically call the Password Validation Service if their MBeans inherit UserPasswordEditorMBean interface. The service is also available for all those customized authentication providers whose MBeans inherit UserPasswordEditorMBean, to introduce the Password Validation Service into a customized authentication proivder, the following approach must be met:

  1. In the initialize method of a customized provider implementation, must retrieve the Password Validation Service and register the service into a helper class such as weblogic.security.provider.authentication.AuthenticationSecurityHelper, the code might like as below:

    import com.bea.common.security.service.PasswordValidationService;
    import com.bea.common.security.legacy.ExtendedSecurityServices;
    import com.bea.common.security.internal.legacy.helper.PasswordValidationServiceConfigHelper;
    import weblogic.security.provider.authentication.AuthenticationSecurityHelper;
    ......
    ExtendedSecurityServices extendedSecurityServices = (ExtendedSecurityServices)securityServices;
    PasswordValidationService serivce = (PasswordValidationService)extendedSecurityServices.getServices().getService(PasswordValidationServiceConfigHelper.getServiceName(providerMBean.getRealm()));
    AuthenticationSecurityHelper.getInstance(providerMBean).registerPasswordValidationService(service);
    ......

  2. In the createUser, changeUserPassword and(or) resetUserPassword methods of a customized authentication provider MBean, call the helper class to validate the new password to determine if the new password is valid. The code might be:

    import weblogic.security.provider.authentication.AuthenticationSecurityHelper;
    .....
    AuthenticationSecurityHelper.getInstance(providerMBean).validatePassword(userName,password);
    .....

       
Fully Qualified Interface NameIf you use the getMBeanInfo operation in MBeanTypeServiceMBean, supply the following value as this MBean's fully qualified interface name:
weblogic.management.security.authentication.UserEditorMBean
Factory Methods No factory methods. Instances of this MBean are created automatically.
Subtypes The following MBeans extend or implement this MBean type:


    Operations

    This section describes the following operations:


    advance

    Advances the list to the next element in the list.

       
    Operation Name"advance"
    ParametersObject [] {  cursor }

    where:

    • cursor is an object of type java.lang.String that specifies:

      - The cursor returned from a previous list method.

    SignatureString [] { "java.lang.String" }
    Returns void
    Exceptions
    • weblogic.management.utils.InvalidCursorException

    changeUserPassword

    Used by a user to change his or her password.

       
    Operation Name"changeUserPassword"
    ParametersObject [] {  userNameoldPasswordnewPassword }

    where:

    • userName is an object of type java.lang.String that specifies:

      - The name of an existing user.

    • oldPassword is an object of type java.lang.String that specifies:

      - The current password for the user.

    • newPassword is an object of type java.lang.String that specifies:

      - The new password for the user. The Authentication provider determines the syntax requirements for passwords.

    SignatureString [] { "java.lang.String", "java.lang.String", "java.lang.String" }
    Returns void
    Exceptions
    • weblogic.management.utils.NotFoundException
    • weblogic.management.utils.InvalidParameterException

    close

    Indicates that the caller is finished using the list, and that the resources held on behalf of the list may be released. If the caller traverses through all the elements in the list, the caller need not call this method. In other words, it is used to let the caller close the list without reading each element that is returned.

       
    Operation Name"close"
    ParametersObject [] {  cursor }

    where:

    • cursor is an object of type java.lang.String that specifies:

      - The cursor returned from a previous list method.

    SignatureString [] { "java.lang.String" }
    Returns void
    Exceptions
    • weblogic.management.utils.InvalidCursorException

    createUser

    Creates a user and sets the user's password.

       
    Operation Name"createUser"
    ParametersObject [] {  userNamepassworddescription }

    where:

    • userName is an object of type java.lang.String that specifies:

      - The name of the new user. The name cannot be the name of an existing user or group. The Authentication provider determines syntax requirements for the user name.

    • password is an object of type java.lang.String that specifies:

      - The password for the new user. The Authentication provider determines syntax requirements for passwords.

    • description is an object of type java.lang.String that specifies:

      - The description of the user.

    SignatureString [] { "java.lang.String", "java.lang.String", "java.lang.String" }
    Returns void
    Exceptions
    • weblogic.management.utils.InvalidParameterException
    • weblogic.management.utils.AlreadyExistsException

    getCurrentName

    The name of the current item in the list. Returns null if there is no current item.

       
    Operation Name"getCurrentName"
    ParametersObject [] {  cursor }

    where:

    • cursor is an object of type java.lang.String that specifies:

      - The cursor returned from a previous list method.

    SignatureString [] { "java.lang.String" }
    ReturnsString
    Exceptions
    • weblogic.management.utils.InvalidCursorException

    getUserDescription

    Gets a user's description.

       
    Operation Name"getUserDescription"
    ParametersObject [] {  userName }

    where:

    • userName is an object of type java.lang.String that specifies:

      - The name of an existing user.

    SignatureString [] { "java.lang.String" }
    ReturnsString
    Exceptions
    • weblogic.management.utils.NotFoundException
    • weblogic.management.utils.InvalidParameterException

    haveCurrent

    Returns true if there are more objects in the list, and false otherwise.

       
    Operation Name"haveCurrent"
    ParametersObject [] {  cursor }

    where:

    • cursor is an object of type java.lang.String that specifies:

      - The cursor returned from a previous list method.

    SignatureString [] { "java.lang.String" }
    Returns boolean
    Exceptions
    • weblogic.management.utils.InvalidCursorException

    isSet

    Returns true if the specified attribute has been set explicitly in this MBean instance.

       
    Operation Name"isSet"
    ParametersObject [] {  propertyName }

    where:

    • propertyName is an object of type java.lang.String that specifies:

      property to check

    SignatureString [] { "java.lang.String" }
    Returns boolean
    Exceptions
    • java.lang.IllegalArgumentException

    listUsers

    Searches for a user name that matches a pattern.

    This method returns a cursor that you can pass to the methods from weblogic.management.utils.NameListerMBean (which this MBean extends) to iterate through the returned list.

    This method does not sort the results.

       
    Operation Name"listUsers"
    ParametersObject [] {  userNameWildcardmaximumToReturn }

    where:

    • userNameWildcard is an object of type java.lang.String that specifies:

      - The pattern for which this method searches. The pattern can end with an * (asterisk) as a wildcard, which matches any string of characters. The search is not case-sensitive.

      For example, a pattern of abc matches exactly one user name that contains only abc, a pattern of ab* matches all user names that start with ab, and a pattern of * matches all user names.

    • maximumToReturn is an object of type java.lang.Integer that specifies:

      - The maximum number of user names that this method returns. If there are more matches than this maximum, then the returned results are arbitrary because this method does not sort results. If the parameter is set to 0 there is no maximum and all results are returned.

    SignatureString [] { "java.lang.String", "java.lang.Integer" }
    ReturnsString
    Exceptions
    • weblogic.management.utils.InvalidParameterException

    removeUser

    Removes a user.

       
    Operation Name"removeUser"
    ParametersObject [] {  userName }

    where:

    • userName is an object of type java.lang.String that specifies:

      - The name of an existing user.

    SignatureString [] { "java.lang.String" }
    Returns void
    Exceptions
    • weblogic.management.utils.NotFoundException
    • weblogic.management.utils.InvalidParameterException

    resetUserPassword

    Used by an administrator to change a user's password.

       
    Operation Name"resetUserPassword"
    ParametersObject [] {  userNamenewPassword }

    where:

    • userName is an object of type java.lang.String that specifies:

      - The name of an existing user.

    • newPassword is an object of type java.lang.String that specifies:

      - The new password for the user. The Authentication provider determines the syntax requirements for passwords.

    SignatureString [] { "java.lang.String", "java.lang.String" }
    Returns void
    Exceptions
    • weblogic.management.utils.NotFoundException
    • weblogic.management.utils.InvalidParameterException

    setUserDescription

    Sets the description for an existing user.

       
    Operation Name"setUserDescription"
    ParametersObject [] {  userNamedescription }

    where:

    • userName is an object of type java.lang.String that specifies:

      - The name of an existing user.

    • description is an object of type java.lang.String that specifies:

      - The description of the user.

    SignatureString [] { "java.lang.String", "java.lang.String" }
    Returns void
    Exceptions
    • weblogic.management.utils.NotFoundException
    • weblogic.management.utils.InvalidParameterException

    unSet

    Restore the given property to its default value.

       
    Operation Name"unSet"
    ParametersObject [] {  propertyName }

    where:

    • propertyName is an object of type java.lang.String that specifies:

      property to restore

    SignatureString [] { "java.lang.String" }
    Returns void
    Exceptions
    • java.lang.IllegalArgumentException
      UnsupportedOperationException if called on a runtime implementation.

    userExists

    Indicates whether the specified user exists.

       
    Operation Name"userExists"
    ParametersObject [] {  userName }

    where:

    • userName is an object of type java.lang.String that specifies:

      - The name that this method evaluates.

    SignatureString [] { "java.lang.String" }
    Returns boolean
    Exceptions
    • weblogic.management.utils.InvalidParameterException

    wls_getDisplayName

    Returns the display name of an MBean.

    Deprecated 9.0.0.0

       
    Operation Name"wls_getDisplayName"
    Parametersnull
    Signaturenull
    ReturnsString