|
Oracle Fusion Middleware Oracle WebLogic Server 10.3.1 MBean API Reference 11g Release 1 (10.3.1) Part Number E13945-01 |
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | ||||||||||
public interface SAML2CredentialMapperMBean
This MBean represents configuration information for the SAML 2.0 Credential Mapping provider.
This is a type-safe interface for a WebLogic Server MBean, which you
can import into your client classes and access through
weblogic.management.MBeanHome. As of 9.0, the
MBeanHome interface and all type-safe interfaces for
WebLogic Server MBeans are deprecated. Instead, client classes that
interact with WebLogic Server MBeans should use standard JMX design
patterns in which clients use the
javax.management.MBeanServerConnection interface to
discover MBeans, attributes, and attribute types at runtime.
| Method Summary | |
|---|---|
int |
getCredCacheMinViableTTL()
The minimum time, in seconds, that assertion credentials must be viable before being eligible to be cached. |
int |
getCredCacheSize()
The size of the cache used to store assertion credentials. |
int |
getDefaultTimeToLive()
The time in seconds that, by default, an assertion should remain valid. |
int |
getDefaultTimeToLiveOffset()
The time factor you can use to allow the Credential Mapping provider to compensate for clock differences between the Identity Provider and Service Provider sites. |
String |
getDescription()
A short description of the SAML 2.0 Credential Mapping provider. |
boolean |
getGenerateAttributes()
Specifies whether information, in addition to the username, will be generated in the SAML 2.0 assertion. |
String |
getIssuerURI()
The Issuer URI, or name, of this SAML 2.0 Credential Mapping provider. |
String |
getName()
The name of this configuration. |
String |
getNameMapperClassName()
The Java class that overrides the default SAML 2.0 credential mapper name mapper class, which maps Subjects to identity information contained in the assertion. |
String |
getNameQualifier()
The Name Qualifier value used by the Name Mapper. |
String |
getProviderClassName()
The Java class used to load the SAML 2.0 Credential Mapping provider. |
String |
getSigningKeyAlias()
The alias used to retrieve from the keystore the key that is used to sign assertions. |
String |
getSigningKeyPassPhrase()
The credential, or password, used to retrieve from the keystore the keys used to sign assertions. |
byte[] |
getSigningKeyPassPhraseEncrypted()
|
String[] |
getSupportedExportConstraints()
The security data that you want to be exported from this Credential Mapping provider's data store. |
String[] |
getSupportedExportFormats()
The format of the file to export. |
String[] |
getSupportedImportConstraints()
The security data that you want to be imported into this Credential Mapping provider's data store. |
String[] |
getSupportedImportFormats()
The format of the file to import. |
String |
getVersion()
The version number of the SAML 2.0 Credential Mapping provider. |
void |
setCredCacheMinViableTTL(int newValue)
The minimum time, in seconds, that assertion credentials must be viable before being eligible to be cached. |
void |
setCredCacheSize(int newValue)
The size of the cache used to store assertion credentials. |
void |
setDefaultTimeToLive(int newValue)
The time in seconds that, by default, an assertion should remain valid. |
void |
setDefaultTimeToLiveOffset(int newValue)
The time factor you can use to allow the Credential Mapping provider to compensate for clock differences between the Identity Provider and Service Provider sites. |
void |
setGenerateAttributes(boolean newValue)
Specifies whether information, in addition to the username, will be generated in the SAML 2.0 assertion. |
void |
setIssuerURI(String newValue)
The Issuer URI, or name, of this SAML 2.0 Credential Mapping provider. |
void |
setNameMapperClassName(String newValue)
The Java class that overrides the default SAML 2.0 credential mapper name mapper class, which maps Subjects to identity information contained in the assertion. |
void |
setNameQualifier(String newValue)
The Name Qualifier value used by the Name Mapper. |
void |
setSigningKeyAlias(String newValue)
The alias used to retrieve from the keystore the key that is used to sign assertions. |
void |
setSigningKeyPassPhrase(String newValue)
The credential, or password, used to retrieve from the keystore the keys used to sign assertions. |
void |
setSigningKeyPassPhraseEncrypted(byte[] _bytes)
|
| Methods inherited from interface weblogic.management.security.ProviderMBean |
|---|
getRealm |
| Methods inherited from interface com.bea.security.saml2.providers.SAML2SPPartnerRegistryMBean |
|---|
addSPPartner, consumeSPPartnerMetadata, getSPPartner, listSPPartners, newEndpoint, newIndexedEndpoint, newWebSSOSPPartner, newWSSSPPartner, removeSPPartner, spPartnerExists, updateSPPartner |
| Methods inherited from interface com.bea.security.saml2.providers.SAML2PartnerRegistryMBean |
|---|
loadCertificate |
| Methods inherited from interface weblogic.management.security.ProviderMBean |
|---|
getRealm |
| Methods inherited from interface weblogic.management.utils.NameListerMBean |
|---|
getCurrentName |
| Methods inherited from interface weblogic.management.utils.ListerMBean |
|---|
advance, close, haveCurrent |
| Methods inherited from interface weblogic.management.security.ImportMBean |
|---|
importData |
| Methods inherited from interface weblogic.management.security.ExportMBean |
|---|
exportData |
| Method Detail |
|---|
String getProviderClassName()
The Java class used to load the SAML 2.0 Credential Mapping provider.
String getDescription()
A short description of the SAML 2.0 Credential Mapping provider.
getDescription in interface ProviderMBeanString getVersion()
The version number of the SAML 2.0 Credential Mapping provider.
getVersion in interface ProviderMBeanString[] getSupportedImportFormats()
The format of the file to import. The list of supported import formats is determined by the Credential Mapper provider from which the security data were originally exported.
getSupportedImportFormats in interface ImportMBeanString[] getSupportedImportConstraints()
The security data that you want to be imported into this Credential Mapping provider's data store. A SAML 2.0 Credential Mapping Provider can import all partners(Partner=all), enabled partners(Partner=enabled) or only disabled partners(Partner=disabled).
getSupportedImportConstraints in interface ImportMBeanString[] getSupportedExportFormats()
The format of the file to export. The list of supported export formats is determined by this Credential Mapper provider.
getSupportedExportFormats in interface ExportMBeanString[] getSupportedExportConstraints()
The security data that you want to be exported from this Credential Mapping provider's data store. A SAML 2.0 Credential Mapping provider can export all partners(Partner=all), enabled partners(Partner=enabled) or only disabled partners(Partner=disabled). The password inlined in the exported file can be encrypted or plain text(Passwords=cleartext).
getSupportedExportConstraints in interface ExportMBeanString getIssuerURI()
The Issuer URI, or name, of this SAML 2.0 Credential Mapping provider.
The value that you specify for Issuer URI should match the Entity ID specified in the SAML 2.0 General page that configures the per server SAML 2.0 properties.
void setIssuerURI(String newValue)
throws InvalidAttributeValueException
The Issuer URI, or name, of this SAML 2.0 Credential Mapping provider.
The value that you specify for Issuer URI should match the Entity ID specified in the SAML 2.0 General page that configures the per server SAML 2.0 properties.
newValue - - new value for attribute IssuerURI
InvalidAttributeValueException
String getNameQualifier()
The Name Qualifier value used by the Name Mapper.
The value of the Name Qualifier is the security or administrative domain that qualifies the name of the subject. This provides a means to federate names from disparate user stores while avoiding the possibility of subject name collision.
void setNameQualifier(String newValue)
throws InvalidAttributeValueException
The Name Qualifier value used by the Name Mapper.
The value of the Name Qualifier is the security or administrative domain that qualifies the name of the subject. This provides a means to federate names from disparate user stores while avoiding the possibility of subject name collision.
newValue - - new value for attribute NameQualifier
InvalidAttributeValueException
String getSigningKeyAlias()
The alias used to retrieve from the keystore the key that is used to sign assertions.
void setSigningKeyAlias(String newValue)
throws InvalidAttributeValueException
The alias used to retrieve from the keystore the key that is used to sign assertions.
newValue - - new value for attribute SigningKeyAlias
InvalidAttributeValueException
String getSigningKeyPassPhrase()
The credential, or password, used to retrieve from the keystore the keys used to sign assertions.
void setSigningKeyPassPhrase(String newValue)
throws InvalidAttributeValueException
The credential, or password, used to retrieve from the keystore the keys used to sign assertions.
newValue - - new value for attribute SigningKeyPassPhrase
InvalidAttributeValueException
int getDefaultTimeToLive()
The time in seconds that, by default, an assertion should remain valid. The default value is 120 seconds (2 minutes).
If the value is zero, then assertions have an infinite lifetime. Using assertions with an infinite lifetime is not recommended, however.
void setDefaultTimeToLive(int newValue)
throws InvalidAttributeValueException
The time in seconds that, by default, an assertion should remain valid. The default value is 120 seconds (2 minutes).
If the value is zero, then assertions have an infinite lifetime. Using assertions with an infinite lifetime is not recommended, however.
newValue - - new value for attribute DefaultTimeToLive
InvalidAttributeValueException
int getDefaultTimeToLiveOffset()
The time factor you can use to allow the Credential Mapping provider to compensate for clock differences between the Identity Provider and Service Provider sites.
The value is a positive or negative integer representing seconds. Default value is -5.
Normally, an assertion is valid from the NotBefore time, which defaults to (roughly) the time the assertion was generated, until the NotOnOrAfter time, which is calculated as (NotBefore + TimeToLive). This value is a positive or negative integer indicating how many seconds before or after "now" to which the assertion's NotBefore should be set. If you set a value for DefaultTimeToLiveOffset, then the assertion lifetime is still calculated as (NotBefore + TimeToLive), but the NotBefore value is set to (now + TimeToLiveOffset). As a result, an assertion might have a two minute (120 second) lifetime that starts thirty seconds ago, or starts one minute from now.
void setDefaultTimeToLiveOffset(int newValue)
throws InvalidAttributeValueException
The time factor you can use to allow the Credential Mapping provider to compensate for clock differences between the Identity Provider and Service Provider sites.
The value is a positive or negative integer representing seconds. Default value is -5.
Normally, an assertion is valid from the NotBefore time, which defaults to (roughly) the time the assertion was generated, until the NotOnOrAfter time, which is calculated as (NotBefore + TimeToLive). This value is a positive or negative integer indicating how many seconds before or after "now" to which the assertion's NotBefore should be set. If you set a value for DefaultTimeToLiveOffset, then the assertion lifetime is still calculated as (NotBefore + TimeToLive), but the NotBefore value is set to (now + TimeToLiveOffset). As a result, an assertion might have a two minute (120 second) lifetime that starts thirty seconds ago, or starts one minute from now.
newValue - - new value for attribute DefaultTimeToLiveOffset
InvalidAttributeValueException
boolean getGenerateAttributes()
Specifies whether information, in addition to the username, will be generated in the SAML 2.0 assertion. For example, group information.
Note that the Service Provider partner needs to have a SAML Authentication provider configured to be able to extract and use the attribute information contained in the assertion.
void setGenerateAttributes(boolean newValue)
throws InvalidAttributeValueException
Specifies whether information, in addition to the username, will be generated in the SAML 2.0 assertion. For example, group information.
Note that the Service Provider partner needs to have a SAML Authentication provider configured to be able to extract and use the attribute information contained in the assertion.
newValue - - new value for attribute GenerateAttributes
InvalidAttributeValueException
String getNameMapperClassName()
The Java class that overrides the default SAML 2.0 credential mapper name mapper class, which maps Subjects to identity information contained in the assertion.
void setNameMapperClassName(String newValue)
throws InvalidAttributeValueException
The Java class that overrides the default SAML 2.0 credential mapper name mapper class, which maps Subjects to identity information contained in the assertion.
newValue - - new value for attribute NameMapperClassName
InvalidAttributeValueException
int getCredCacheSize()
The size of the cache used to store assertion credentials. If the value is not specified, or is not a positive number, the cache will have an unlimited size. The default value is 0.
The cache stores assertion credentials so that requests for a specific assertion return a result from cache, rather than generate a new assertion. This can improve performance in cases where an application makes multiple requests for the same assertion, for the same user, within a short period of time.
void setCredCacheSize(int newValue)
throws InvalidAttributeValueException
The size of the cache used to store assertion credentials. If the value is not specified, or is not a positive number, the cache will have an unlimited size. The default value is 0.
The cache stores assertion credentials so that requests for a specific assertion return a result from cache, rather than generate a new assertion. This can improve performance in cases where an application makes multiple requests for the same assertion, for the same user, within a short period of time.
newValue - - new value for attribute CredCacheSize
InvalidAttributeValueException
int getCredCacheMinViableTTL()
The minimum time, in seconds, that assertion credentials must be viable before being eligible to be cached. If an entry in the cache has less time to live than this value, the corresponding assertion is not used. Instead, a new assertion is generated. The default value is 20.
This attribute prevents the situation in which an assertion is returned from the cache but expires before it can be evaluated at its destination. If the cached assertion's remaining time-to-live period is too short, the assertion is not used.
void setCredCacheMinViableTTL(int newValue)
throws InvalidAttributeValueException
The minimum time, in seconds, that assertion credentials must be viable before being eligible to be cached. If an entry in the cache has less time to live than this value, the corresponding assertion is not used. Instead, a new assertion is generated. The default value is 20.
This attribute prevents the situation in which an assertion is returned from the cache but expires before it can be evaluated at its destination. If the cached assertion's remaining time-to-live period is too short, the assertion is not used.
newValue - - new value for attribute CredCacheMinViableTTL
InvalidAttributeValueException
String getName()
ProviderMBean
getName in interface ProviderMBeangetName in interface SAML2PartnerRegistryMBeangetName in interface SAML2SPPartnerRegistryMBeanvoid setSigningKeyPassPhraseEncrypted(byte[] _bytes)
byte[] getSigningKeyPassPhraseEncrypted()
|
Documentation is available at http://download.oracle.com/docs/cd/E12839_01/web.1111/wls.htm Copyright 1996, 2009, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Oracle Fusion Middleware Oracle WebLogic Server 10.3.1 MBean API Reference 11g Release 1 (10.3.1) Part Number E13945-01 |
|||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||