public interface CredentialMapperV2
CredentialMapperV2
interface defines the security service
provider interface (SSPI) for objects capable of obtaining the appropriate
set of credentials for a particular resource that is scoped within an
application.
An implementation of the CredentialMapperV2
interface is
the part of a Credential Mapping provider that must return at least
two specific credential formats:
javax.resource.spi.security.PasswordCredential
class.
Credential Mapping providers may implement other types of objects that represent other types of credentials in addition to the ones listed above.
Modifier and Type | Field and Description |
---|---|
static String |
GSS_KERBEROS_V5_AP_REQ
The
GSS_KERBEROS_V5_AP_REQ token is a base64 encoded string of
GSS API wrapped Kerberos V5 AP_REQUEST. |
static String |
GSS_KERBEROS_V5_AP_REQ_1510
The
GSS_KERBEROS_V5_AP_REQ_1510 token is a base64 encoded string of
GSS API wrapped Kerberos V5 AP_REQUEST for RFC1510. |
static String |
GSS_KERBEROS_V5_AP_REQ_4120
The
GSS_KERBEROS_V5_AP_REQ_4120 token is a base64 encoded string of
GSS API wrapped Kerberos V5 AP_REQUEST for RFC4120. |
static String |
KERBEROS_V5_AP_REQ
The
KERBEROS_V5_AP_REQ token is a base64 encoded string of raw
Kerberos V5 AP_REQUEST. |
static String |
KERBEROS_V5_AP_REQ_1510
The
KERBEROS_V5_AP_REQ_1510 token is a base64 encoded string of raw
Kerberos V5 AP_REQUEST for RFC1510. |
static String |
KERBEROS_V5_AP_REQ_4120
The
KERBEROS_V5_AP_REQ_4120 token is a base64 encoded string of raw
Kerberos V5 AP_REQUEST for RFC4120. |
static String |
PASSWORD_TYPE
The static credentials type identifier that is used by the
WebLogic Security Framework and passed to the WebLogic Credential Mapping
provider through the Credential Manager in the
getCredential methods. |
static String |
PKI_KEY_PAIR_TYPE
The static credentials type identifier that is used by the
WebLogic Security Framework and passed to the WebLogic Credential Mapping
provider through the Credential Manager in the
getCredential methods. |
static String |
PKI_TRUSTED_CERTIFICATE_TYPE
The static credentials type identifier that is used by the
WebLogic Security Framework and passed to the WebLogic Credential Mapping
provider through the Credential Manager in the
getCredential methods. |
static String |
SAML_ASSERTION_B64_TYPE
The
SAML.Assertion64 token is used to identify a SAML token
that is a Base64 encoded SAML.Assertion . |
static String |
SAML_ASSERTION_DOM_TYPE
The
SAML.Assertion.DOM token is used to identify a SAML token
that is a DOM Element representation of a SAML.Assertion . |
static String |
SAML_ASSERTION_TYPE
The
SAML.Assertion token is used to identify a SAML token
in string XML form. |
static String |
SAML2_ASSERTION_DOM_TYPE
The
SAML2.Assertion.DOM token is used to identify a SAML 2.0 token
that is a DOM Element representation of a SAML.Assertion . |
static String |
SAML2_ASSERTION_TYPE
The
SAML2.Assertion token is used to identify a SAML 2.0 token
in string XML form. |
static String |
SPNEGO_TOKEN_TYPE
The static credentials type used for acquiring SPNEGO token with credential mapping provider.
|
static String |
USER_PASSWORD_TYPE
The static credentials type identifier that is used by the
WebLogic Security Framework and passed to the WebLogic Credential Mapping
provider through the Credential Manager in the
getCredential methods. |
static String |
WEBLOGIC_OAUTH2_JWT_ACCESS_TOKEN_TYPE
The static credentials type used for acquiring OAuth2 style JWT access token with credential mapping provider.
|
Modifier and Type | Method and Description |
---|---|
Object |
getCredential(Subject requestor,
String initiator,
Resource resource,
ContextHandler handler,
String credType)
Returns credential of the specified type from the target resource
associated with the specified initiator.
|
Object[] |
getCredentials(Subject requestor,
Subject initiator,
Resource resource,
ContextHandler handler,
String credType)
Returns credentials of the specified type from the target resource
associated with the specified initiator.
|
static final String PASSWORD_TYPE
getCredential
methods.
It is associated with credentials of type char[]
static final String USER_PASSWORD_TYPE
getCredential
methods.
It is associated with credentials of type
javax.resource.spi.security.PasswordCredential
static final String PKI_KEY_PAIR_TYPE
getCredential
methods.
It is associated with credentials of type PKICredential
to retrieve the key pair.static final String PKI_TRUSTED_CERTIFICATE_TYPE
getCredential
methods.
It is associated with credentials of type
PKICredential
to retrieve the trusted certificate.static final String SPNEGO_TOKEN_TYPE
static final String SAML_ASSERTION_TYPE
SAML.Assertion
token is used to identify a SAML token
in string XML form.static final String SAML_ASSERTION_B64_TYPE
SAML.Assertion64
token is used to identify a SAML token
that is a Base64 encoded SAML.Assertion
.static final String SAML_ASSERTION_DOM_TYPE
SAML.Assertion.DOM
token is used to identify a SAML token
that is a DOM Element representation of a SAML.Assertion
.static final String SAML2_ASSERTION_TYPE
SAML2.Assertion
token is used to identify a SAML 2.0 token
in string XML form.static final String SAML2_ASSERTION_DOM_TYPE
SAML2.Assertion.DOM
token is used to identify a SAML 2.0 token
that is a DOM Element representation of a SAML.Assertion
.static final String KERBEROS_V5_AP_REQ
KERBEROS_V5_AP_REQ
token is a base64 encoded string of raw
Kerberos V5 AP_REQUEST.static final String GSS_KERBEROS_V5_AP_REQ
GSS_KERBEROS_V5_AP_REQ
token is a base64 encoded string of
GSS API wrapped Kerberos V5 AP_REQUEST.static final String KERBEROS_V5_AP_REQ_1510
KERBEROS_V5_AP_REQ_1510
token is a base64 encoded string of raw
Kerberos V5 AP_REQUEST for RFC1510.static final String GSS_KERBEROS_V5_AP_REQ_1510
GSS_KERBEROS_V5_AP_REQ_1510
token is a base64 encoded string of
GSS API wrapped Kerberos V5 AP_REQUEST for RFC1510.static final String KERBEROS_V5_AP_REQ_4120
KERBEROS_V5_AP_REQ_4120
token is a base64 encoded string of raw
Kerberos V5 AP_REQUEST for RFC4120.static final String GSS_KERBEROS_V5_AP_REQ_4120
GSS_KERBEROS_V5_AP_REQ_4120
token is a base64 encoded string of
GSS API wrapped Kerberos V5 AP_REQUEST for RFC4120.static final String WEBLOGIC_OAUTH2_JWT_ACCESS_TOKEN_TYPE
Object getCredential(Subject requestor, String initiator, Resource resource, ContextHandler handler, String credType)
null
if
no credentials were found.
This method will be called when the initiator identity is a an alias or symbolic name, including when the identity is an external user.
requestor
- subject requesting credentialsinitiator
- the identity for which credentials are retrievedresource
- the resource for which credentials are requestedhandler
- a ContextHandler with optional extra datacredType
- credential typeObject[] getCredentials(Subject requestor, Subject initiator, Resource resource, ContextHandler handler, String credType)
This method will be called when the initiator identity is a
WebLogic user or group in order that the (optional) identity domain information
is available from principals that implement IdentityDomainPrincipal
.
requestor
- Subject requesting credentialsinitiator
- the identity for which credentials are retrievedresource
- the resource for which credentials are requestedhandler
- a ContextHandler with optional extra datacredType
- credential type