SAML2CredentialMapperMBean (WebLogic Server 10.3 API Reference)

Package

Class

Use

Tree

Deprecated

Index

Help

Oracle

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

com.bea.security.saml2.providers
Interface SAML2CredentialMapperMBean

All Superinterfaces:: weblogic.management.security.ApplicationVersionerMBean, weblogic.management.security.credentials.CredentialMapperMBean, weblogic.management.security.ExportMBean, weblogic.management.security.ImportMBean, weblogic.management.utils.ListerMBean, weblogic.management.utils.NameListerMBean, weblogic.management.security.ProviderMBean, SAML2PartnerRegistryMBean, SAML2SPPartnerRegistryMBean

public interface SAML2CredentialMapperMBean
extends weblogic.management.security.credentials.CredentialMapperMBean, SAML2SPPartnerRegistryMBean, weblogic.management.security.ImportMBean, weblogic.management.security.ExportMBean, weblogic.management.security.ApplicationVersionerMBean
extends weblogic.management.security.credentials.CredentialMapperMBean, SAML2SPPartnerRegistryMBean, weblogic.management.security.ImportMBean, weblogic.management.security.ExportMBean, weblogic.management.security.ApplicationVersionerMBean

This MBean represents configuration information for the SAML 2.0 credential mapping provider.

Deprecation of MBeanHome and Type-Safe Interfaces

This is a type-safe interface for a WebLogic Server MBean, which you can import into your client classes and access through weblogic.management.MBeanHome. As of 9.0, the MBeanHome interface and all type-safe interfaces for WebLogic Server MBeans are deprecated. Instead, client classes that interact with WebLogic Server MBeans should use standard JMX design patterns in which clients use the javax.management.MBeanServerConnection interface to discover MBeans, attributes, and attribute types at runtime. For more information, see "Developing Manageable Applications with JMX" on http://edocs.bea.com.











Method Summary



 int
getCredCacheMinViableTTL()



          The minimum time, in seconds, that assertion credentials must be viable before being eligible to be cached.



 int
getCredCacheSize()



          The size of the cache used to store assertion credentials.



 int
getDefaultTimeToLive()



          The time in seconds that, by default, an assertion should remain valid.



 int
getDefaultTimeToLiveOffset()



          The time factor you can use to allow the credential mapping provider to compensate for clock differences between the
            identity provider and service provider sites.



 String
getDescription()



          Description of the SAML 2.0 credential mapping provider.



 boolean
getGenerateAttributes()



          Whether information, in addition to the username, will be generated in the SAML 2.0 assertion.



 String
getIssuerURI()



          The Issuer URI, or name, of this SAML 2.0 credential mapping provider.



 String
getName()



          The name of this configuration.



 String
getNameMapperClassName()



          Override the default SAML 2.0 credential mapper name mapper class, which maps Subjects to 
            identity information contained in the assertion.



 String
getNameQualifier()



          The Name Qualifier value used by the Name Mapper.



 String
getProviderClassName()



          The Java class used to load the SAML 2.0 credential mapping provider.



 String
getSigningKeyAlias()



          The alias used to retrieve from the keystore the key that is used to sign assertions.



 String
getSigningKeyPassPhrase()



          The credential, or password, used to retrieve from the keystore the keys used to sign assertions.



 byte[]
getSigningKeyPassPhraseEncrypted()



           



 String[]
getSupportedExportConstraints()



          The security data that you want to be exported from this credential mapping provider's data store.



 String[]
getSupportedExportFormats()



          The format of the file to export.



 String[]
getSupportedImportConstraints()



          The security data that you want to be imported into this credential mapping provider's data store.



 String[]
getSupportedImportFormats()



          The format of the file to import.



 String
getVersion()



          The version number of the SAML 2.0 credential mapping provider.



 void
setCredCacheMinViableTTL(int newValue)



          The minimum time, in seconds, that assertion credentials must be viable before being eligible to be cached.



 void
setCredCacheSize(int newValue)



          The size of the cache used to store assertion credentials.



 void
setDefaultTimeToLive(int newValue)



          The time in seconds that, by default, an assertion should remain valid.



 void
setDefaultTimeToLiveOffset(int newValue)



          The time factor you can use to allow the credential mapping provider to compensate for clock differences between the
            identity provider and service provider sites.



 void
setGenerateAttributes(boolean newValue)



          Whether information, in addition to the username, will be generated in the SAML 2.0 assertion.



 void
setIssuerURI(String newValue)



          The Issuer URI, or name, of this SAML 2.0 credential mapping provider.



 void
setNameMapperClassName(String newValue)



          Override the default SAML 2.0 credential mapper name mapper class, which maps Subjects to 
            identity information contained in the assertion.



 void
setNameQualifier(String newValue)



          The Name Qualifier value used by the Name Mapper.



 void
setSigningKeyAlias(String newValue)



          The alias used to retrieve from the keystore the key that is used to sign assertions.



 void
setSigningKeyPassPhrase(String newValue)



          The credential, or password, used to retrieve from the keystore the keys used to sign assertions.



 void
setSigningKeyPassPhraseEncrypted(byte[] _bytes)



           


 


Methods inherited from interface weblogic.management.security.ProviderMBean


getRealm


 


Methods inherited from interface com.bea.security.saml2.providers.SAML2SPPartnerRegistryMBean


addSPPartner, consumeSPPartnerMetadata, getSPPartner, listSPPartners, newEndpoint, newIndexedEndpoint, newWebSSOSPPartner, newWSSSPPartner, removeSPPartner, spPartnerExists, updateSPPartner


 


Methods inherited from interface com.bea.security.saml2.providers.SAML2PartnerRegistryMBean


loadCertificate


 


Methods inherited from interface weblogic.management.security.ProviderMBean


getRealm


 


Methods inherited from interface weblogic.management.utils.NameListerMBean


getCurrentName


 


Methods inherited from interface weblogic.management.utils.ListerMBean


advance, close, haveCurrent


 


Methods inherited from interface weblogic.management.security.ImportMBean


importData


 


Methods inherited from interface weblogic.management.security.ExportMBean


exportData


 








Method Detail




getProviderClassName
String getProviderClassName()


The Java class used to load the SAML 2.0 credential mapping provider.





Default Value:
  "com.bea.security.saml2.providers.SAML2CredentialMapperProviderImpl"






getDescription
String getDescription()


Description of the SAML 2.0 credential mapping provider.


Specified by:
getDescription in interface weblogic.management.security.ProviderMBean


Default Value:
  "BEA SAML 2.0 credential mapping Provider. Supports Security Assertion Markup Language v2.0."






getVersion
String getVersion()


The version number of the SAML 2.0 credential mapping provider.


Specified by:
getVersion in interface weblogic.management.security.ProviderMBean


Default Value:
  "1.0"






getSupportedImportFormats
String[] getSupportedImportFormats()


The format of the file to import. The list of supported import formats
            is determined by the Credential Mapper provider from which the security data
            were originally exported.


Specified by:
getSupportedImportFormats in interface weblogic.management.security.ImportMBean


Default Value:
  "SAML2"






getSupportedImportConstraints
String[] getSupportedImportConstraints()


The security data that you want to be imported into this credential mapping provider's data store.
            A SAML 2.0 credential mapping Provider can import all partners(Partner=all), enabled partners(Partner=enabled)
            or only disabled partners(Partner=disabled).


Specified by:
getSupportedImportConstraints in interface weblogic.management.security.ImportMBean


Default Value:
  "Partner"






getSupportedExportFormats
String[] getSupportedExportFormats()


The format of the file to export. The list of supported export
            formats is determined by this Credential Mapper provider.


Specified by:
getSupportedExportFormats in interface weblogic.management.security.ExportMBean


Default Value:
  "SAML2"






getSupportedExportConstraints
String[] getSupportedExportConstraints()


The security data that you want to be exported from this credential mapping provider's data store.
            A SAML 2.0 credential mapping provider can export all partners(Partner=all), enabled partners(Partner=enabled)
            or only disabled partners(Partner=disabled). The password inlined in the exported file can be encrypted
            or plain text(Passwords=cleartext).


Specified by:
getSupportedExportConstraints in interface weblogic.management.security.ExportMBean


Default Value:
  "Partner","Passwords"






getIssuerURI
String getIssuerURI()


The Issuer URI, or name, of this SAML 2.0 credential mapping provider.
The value that you specify for Issuer URI should match the Entity ID specified in the SAML 2.0 General page
            that configures the per server SAML 2.0 properties.






Changes take effect after you redeploy the module or restart the server.

    
    
Default Value:
  ""






setIssuerURI
void setIssuerURI(String newValue)
                  throws InvalidAttributeValueException


The Issuer URI, or name, of this SAML 2.0 credential mapping provider.
The value that you specify for Issuer URI should match the Entity ID specified in the SAML 2.0 General page
            that configures the per server SAML 2.0 properties.





Parameters:
newValue - - new value for attribute IssuerURI
Throws:
InvalidAttributeValueException
Changes take effect after you redeploy the module or restart the server.

    
    
Default Value:
  ""






getNameQualifier
String getNameQualifier()


The Name Qualifier value used by the Name Mapper.
The value of the Name Qualifier is the security or administrative domain that qualifies the name of
            the subject. This provides a means to federate names from disparate user stores while avoiding the
            possibility of subject name collision.






Changes take effect after you redeploy the module or restart the server.

    
    
Default Value:
  ""






setNameQualifier
void setNameQualifier(String newValue)
                      throws InvalidAttributeValueException


The Name Qualifier value used by the Name Mapper.
The value of the Name Qualifier is the security or administrative domain that qualifies the name of
            the subject. This provides a means to federate names from disparate user stores while avoiding the
            possibility of subject name collision.





Parameters:
newValue - - new value for attribute NameQualifier
Throws:
InvalidAttributeValueException
Changes take effect after you redeploy the module or restart the server.

    
    
Default Value:
  ""






getSigningKeyAlias
String getSigningKeyAlias()


The alias used to retrieve from the keystore the key that is used to sign assertions.






Changes take effect after you redeploy the module or restart the server.

    
    
Default Value:
  ""






setSigningKeyAlias
void setSigningKeyAlias(String newValue)
                        throws InvalidAttributeValueException


The alias used to retrieve from the keystore the key that is used to sign assertions.





Parameters:
newValue - - new value for attribute SigningKeyAlias
Throws:
InvalidAttributeValueException
Changes take effect after you redeploy the module or restart the server.

    
    
Default Value:
  ""






getSigningKeyPassPhrase
String getSigningKeyPassPhrase()


The credential, or password, used to retrieve from the keystore the keys used to sign assertions.






Changes take effect after you redeploy the module or restart the server.

    
    
Default Value:
  ""






setSigningKeyPassPhrase
void setSigningKeyPassPhrase(String newValue)
                             throws InvalidAttributeValueException


The credential, or password, used to retrieve from the keystore the keys used to sign assertions.





Parameters:
newValue - - new value for attribute SigningKeyPassPhrase
Throws:
InvalidAttributeValueException
Changes take effect after you redeploy the module or restart the server.

    
    
Default Value:
  ""






getDefaultTimeToLive
int getDefaultTimeToLive()


The time in seconds that, by default, an assertion should remain valid. The default value is
            120 seconds (2 minutes).
If the value is zero, then assertions have an infinite lifetime. Using assertions with an infinite
            lifetime is not recommended, however.






Changes take effect after you redeploy the module or restart the server.

    
    
Default Value:
  120
Minimum Value:
  0






setDefaultTimeToLive
void setDefaultTimeToLive(int newValue)
                          throws InvalidAttributeValueException


The time in seconds that, by default, an assertion should remain valid. The default value is
            120 seconds (2 minutes).
If the value is zero, then assertions have an infinite lifetime. Using assertions with an infinite
            lifetime is not recommended, however.





Parameters:
newValue - - new value for attribute DefaultTimeToLive
Throws:
InvalidAttributeValueException
Changes take effect after you redeploy the module or restart the server.

    
    
Default Value:
  120
Minimum Value:
  0






getDefaultTimeToLiveOffset
int getDefaultTimeToLiveOffset()


The time factor you can use to allow the credential mapping provider to compensate for clock differences between the
            identity provider and service provider sites.
The value is a positive or negative integer representing
            seconds. Default value is -5.

         
Normally, an assertion is valid from the NotBefore time, which defaults to (roughly) the time the
            assertion was generated, until the  NotOnOrAfter time, which is calculated as (NotBefore + TimeToLive).
            This value is a positive or negative integer indicating how many seconds before or after "now" to which the
            assertion's NotBefore should be set. If you set a value for DefaultTimeToLiveOffset, then the assertion
            lifetime is still calculated as (NotBefore + TimeToLive), but the NotBefore value is set to
            (now + TimeToLiveOffset). As a result, an assertion might have a two minute (120 second) lifetime that starts
            thirty seconds ago, or starts one minute from now.






Changes take effect after you redeploy the module or restart the server.

    
    
Default Value:
  -5






setDefaultTimeToLiveOffset
void setDefaultTimeToLiveOffset(int newValue)
                                throws InvalidAttributeValueException


The time factor you can use to allow the credential mapping provider to compensate for clock differences between the
            identity provider and service provider sites.
The value is a positive or negative integer representing
            seconds. Default value is -5.

         
Normally, an assertion is valid from the NotBefore time, which defaults to (roughly) the time the
            assertion was generated, until the  NotOnOrAfter time, which is calculated as (NotBefore + TimeToLive).
            This value is a positive or negative integer indicating how many seconds before or after "now" to which the
            assertion's NotBefore should be set. If you set a value for DefaultTimeToLiveOffset, then the assertion
            lifetime is still calculated as (NotBefore + TimeToLive), but the NotBefore value is set to
            (now + TimeToLiveOffset). As a result, an assertion might have a two minute (120 second) lifetime that starts
            thirty seconds ago, or starts one minute from now.





Parameters:
newValue - - new value for attribute DefaultTimeToLiveOffset
Throws:
InvalidAttributeValueException
Changes take effect after you redeploy the module or restart the server.

    
    
Default Value:
  -5






getGenerateAttributes
boolean getGenerateAttributes()


Whether information, in addition to the username, will be generated in the SAML 2.0 assertion.  
            For example, group information.
Note that the service provider partner needs to have a SAML Authentication provider configured to be able
            to extract and use the attribute information contained in the assertion.






Changes take effect after you redeploy the module or restart the server.

    
    
Default Value:
  true






setGenerateAttributes
void setGenerateAttributes(boolean newValue)
                           throws InvalidAttributeValueException


Whether information, in addition to the username, will be generated in the SAML 2.0 assertion.  
            For example, group information.
Note that the service provider partner needs to have a SAML Authentication provider configured to be able
            to extract and use the attribute information contained in the assertion.





Parameters:
newValue - - new value for attribute GenerateAttributes
Throws:
InvalidAttributeValueException
Changes take effect after you redeploy the module or restart the server.

    
    
Default Value:
  true






getNameMapperClassName
String getNameMapperClassName()


Override the default SAML 2.0 credential mapper name mapper class, which maps Subjects to 
            identity information contained in the assertion. 






Changes take effect after you redeploy the module or restart the server.

    
    
Default Value:
  ""






setNameMapperClassName
void setNameMapperClassName(String newValue)
                            throws InvalidAttributeValueException


Override the default SAML 2.0 credential mapper name mapper class, which maps Subjects to 
            identity information contained in the assertion. 





Parameters:
newValue - - new value for attribute NameMapperClassName
Throws:
InvalidAttributeValueException
Changes take effect after you redeploy the module or restart the server.

    
    
Default Value:
  ""






getCredCacheSize
int getCredCacheSize()


The size of the cache used to store assertion credentials. If the value is not specified, or
             is not a positive number, the cache will have an unlimited size. The default value is 0.
The cache stores assertion credentials so that requests for a specific assertion return a result
            from cache, rather than generate a new assertion. This can improve performance in cases where an
            application makes multiple requests for the same assertion, for the same user, within a short
            period of time.






Changes take effect after you redeploy the module or restart the server.

    
    
Default Value:
  0
Minimum Value:
  0






setCredCacheSize
void setCredCacheSize(int newValue)
                      throws InvalidAttributeValueException


The size of the cache used to store assertion credentials. If the value is not specified, or
             is not a positive number, the cache will have an unlimited size. The default value is 0.
The cache stores assertion credentials so that requests for a specific assertion return a result
            from cache, rather than generate a new assertion. This can improve performance in cases where an
            application makes multiple requests for the same assertion, for the same user, within a short
            period of time.





Parameters:
newValue - - new value for attribute CredCacheSize
Throws:
InvalidAttributeValueException
Changes take effect after you redeploy the module or restart the server.

    
    
Default Value:
  0
Minimum Value:
  0






getCredCacheMinViableTTL
int getCredCacheMinViableTTL()


The minimum time, in seconds, that assertion credentials must be viable before being eligible to be cached.
            If an entry in the cache has less time to live than this value, the corresponding assertion is not 
            used. Instead, a new assertion is generated. The default value is 20.
This attribute prevents the situation in which an assertion is returned from the cache but expires before it
            can be evaluated at its destination. If the cached assertion's remaining time-to-live period is too short,
            the assertion is not used.






Changes take effect after you redeploy the module or restart the server.

    
    
Default Value:
  20
Minimum Value:
  0






setCredCacheMinViableTTL
void setCredCacheMinViableTTL(int newValue)
                              throws InvalidAttributeValueException


The minimum time, in seconds, that assertion credentials must be viable before being eligible to be cached.
            If an entry in the cache has less time to live than this value, the corresponding assertion is not 
            used. Instead, a new assertion is generated. The default value is 20.
This attribute prevents the situation in which an assertion is returned from the cache but expires before it
            can be evaluated at its destination. If the cached assertion's remaining time-to-live period is too short,
            the assertion is not used.





Parameters:
newValue - - new value for attribute CredCacheMinViableTTL
Throws:
InvalidAttributeValueException
Changes take effect after you redeploy the module or restart the server.

    
    
Default Value:
  20
Minimum Value:
  0






getName
String getName()

Description copied from interface: weblogic.management.security.ProviderMBean
Name of configuration. WebLogic Server uses an MBean to
 implement and persist the configuration.


Specified by:
getName in interface weblogic.management.security.ProviderMBean
Specified by:
getName in interface SAML2PartnerRegistryMBean
Specified by:
getName in interface SAML2SPPartnerRegistryMBean


Default Value:
  "SAML2CredentialMapper"






setSigningKeyPassPhraseEncrypted
void setSigningKeyPassPhraseEncrypted(byte[] _bytes)






Changes take effect after you redeploy the module or restart the server.

    
    






getSigningKeyPassPhraseEncrypted
byte[] getSigningKeyPassPhraseEncrypted()






Changes take effect after you redeploy the module or restart the server.

    
    















  
      Package 
    Class 
      Use 
      Tree 
      Deprecated 
      Index 
      Help 
  



Documentation is available at

 http://edocs.bea.com/wls/docs103
Copyright 1996,2008, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners.





 PREV CLASS 
 NEXT CLASS

  FRAMES   
 NO FRAMES   
 







  SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

Method Summary
`int`	`getCredCacheMinViableTTL()` The minimum time, in seconds, that assertion credentials must be viable before being eligible to be cached.
`int`	`getCredCacheSize()` The size of the cache used to store assertion credentials.
`int`	`getDefaultTimeToLive()` The time in seconds that, by default, an assertion should remain valid.
`int`	`getDefaultTimeToLiveOffset()` The time factor you can use to allow the credential mapping provider to compensate for clock differences between the identity provider and service provider sites.
`String`	`getDescription()` Description of the SAML 2.0 credential mapping provider.
`boolean`	`getGenerateAttributes()` Whether information, in addition to the username, will be generated in the SAML 2.0 assertion.
`String`	`getIssuerURI()` The Issuer URI, or name, of this SAML 2.0 credential mapping provider.
`String`	`getName()` The name of this configuration.
`String`	`getNameMapperClassName()` Override the default SAML 2.0 credential mapper name mapper class, which maps Subjects to identity information contained in the assertion.
`String`	`getNameQualifier()` The Name Qualifier value used by the Name Mapper.
`String`	`getProviderClassName()` The Java class used to load the SAML 2.0 credential mapping provider.
`String`	`getSigningKeyAlias()` The alias used to retrieve from the keystore the key that is used to sign assertions.
`String`	`getSigningKeyPassPhrase()` The credential, or password, used to retrieve from the keystore the keys used to sign assertions.
`byte[]`	`getSigningKeyPassPhraseEncrypted()`
`String[]`	`getSupportedExportConstraints()` The security data that you want to be exported from this credential mapping provider's data store.
`String[]`	`getSupportedExportFormats()` The format of the file to export.
`String[]`	`getSupportedImportConstraints()` The security data that you want to be imported into this credential mapping provider's data store.
`String[]`	`getSupportedImportFormats()` The format of the file to import.
`String`	`getVersion()` The version number of the SAML 2.0 credential mapping provider.
`void`	`setCredCacheMinViableTTL(int newValue)` The minimum time, in seconds, that assertion credentials must be viable before being eligible to be cached.
`void`	`setCredCacheSize(int newValue)` The size of the cache used to store assertion credentials.
`void`	`setDefaultTimeToLive(int newValue)` The time in seconds that, by default, an assertion should remain valid.
`void`	`setDefaultTimeToLiveOffset(int newValue)` The time factor you can use to allow the credential mapping provider to compensate for clock differences between the identity provider and service provider sites.
`void`	`setGenerateAttributes(boolean newValue)` Whether information, in addition to the username, will be generated in the SAML 2.0 assertion.
`void`	`setIssuerURI(String newValue)` The Issuer URI, or name, of this SAML 2.0 credential mapping provider.
`void`	`setNameMapperClassName(String newValue)` Override the default SAML 2.0 credential mapper name mapper class, which maps Subjects to identity information contained in the assertion.
`void`	`setNameQualifier(String newValue)` The Name Qualifier value used by the Name Mapper.
`void`	`setSigningKeyAlias(String newValue)` The alias used to retrieve from the keystore the key that is used to sign assertions.
`void`	`setSigningKeyPassPhrase(String newValue)` The credential, or password, used to retrieve from the keystore the keys used to sign assertions.
`void`	`setSigningKeyPassPhraseEncrypted(byte[] _bytes)`

com.bea.security.saml2.providers Interface SAML2CredentialMapperMBean

Deprecation of MBeanHome and Type-Safe Interfaces

getProviderClassName

getDescription

getVersion

getSupportedImportFormats

getSupportedImportConstraints

getSupportedExportFormats

getSupportedExportConstraints

getIssuerURI

setIssuerURI

getNameQualifier

setNameQualifier

getSigningKeyAlias

setSigningKeyAlias

getSigningKeyPassPhrase

setSigningKeyPassPhrase

getDefaultTimeToLive

setDefaultTimeToLive

getDefaultTimeToLiveOffset

setDefaultTimeToLiveOffset

getGenerateAttributes

setGenerateAttributes

getNameMapperClassName

setNameMapperClassName

getCredCacheSize

setCredCacheSize

getCredCacheMinViableTTL

setCredCacheMinViableTTL

getName

setSigningKeyPassPhraseEncrypted

getSigningKeyPassPhraseEncrypted

com.bea.security.saml2.providers
Interface SAML2CredentialMapperMBean