SSPI MBean Quick Reference
3.3.5.1 About the MBean Information File
The MBean information file contains a compiled definition of the data in the MBean Definition File in a form that JMX Model MBeans require. The format of this file is a list of attributes, operations, and notifications, each of which also has a set of descriptor tags that describe that entity. In addition, the MBean itself also has a set of descriptor tags. An example of this format is as follows: MBean + tags attribute1 + tags, attribute2 + tags ... operation1 + tags, operation2 + tags ... notification1 + tags, notification2 + tags ... If desired, you can access this information at runtime by calling the standard JMX server getMBeanInfo method to obtain the ModelMBeanInfo.3.3.6 SSPI MBean Quick Reference
Based on the list of SSPIs you need to implement as part of developing your custom security provider, locate the required SSPI MBeans you need to extend in Table 3–2 . Using Table 3–3 through Table 3–5 , locate any optional SSPI MBeans you also want to implement for managing your security provider. Note: Be sure to reference the JMX specification to determine how to interpret the returned structure. Table 3–2 Required SSPI MBeans Type Package Name Required SSPI MBean Authentication provider authentication Authenticator Identity Assertion provider authentication IdentityAsserter Authorization provider authorization Authorizer or DeployableAuthorizer Adjudication provider authorization Adjudicator Design Considerations 3-15 Role Mapping provider authorization RoleMapper or DeployableRoleMapper Auditing provider audit Auditor Credential Mapping provider credentials CredentialMapper or DeployableCredentialMapper Cert Path Provider pk CertPathBuilder or CertPathValidator Note: The required SSPI MBeans shown in Table 3–2 are located in the weblogic.management.security.Package_Name package. Table 3–3 Optional Authentication SSPI MBeans Optional SSPI MBeans Purpose GroupEditor Create a group. If the group already exists, an exception is thrown. GroupMemberLister List a groups members. GroupReader Read data about groups. GroupRemover Remove groups. MemberGroupLister List the groups containing a user or a group. UserEditor Create, edit and remove users. UserPasswordEditor Change a users password. UserReader Read data about users. UserRemover Remove users. Note: The optional Authentication SSPI MBeans shown in Table 3–3 are located in the weblogic.management.security.authentication package. They are also supported in the WebLogic Server Administration Console. For an example of how to implement the optional Authentication SSPI MBeans shown in Table 3–4 , review the code for the Manageable Sample Authentication Provider available at https:codesamples.samplecode.oracle.comservletst racking?id=S224 on the Oracle Technology Network Web site. Table 3–4 Optional Authorization SSPI MBeans Optional SSPI MBeans Purpose PolicyConsumer Indicates that the provider supports policy consumption. PolicyEditor Create, edit and remove security policies. Table 3–2 Cont. Required SSPI MBeans Type Package Name Required SSPI MBean 3-16 Developing Security Providers for Oracle WebLogic Server3.4 Security Data Migration
Parts
» Oracle Fusion Middleware Online Documentation Library
» Document Scope Documentation Audience Guide to this Document
» Writing Console Extensions Overview of the Development Process
» Understand Two Important Restrictions
» Understand the Purpose of the Provider SSPIs Understand the Purpose of the Bulk Access Providers
» Determine Which Provider Interface You Will Implement
» Understand Why You Need an MBean Type
» Understand the SSPI MBean Hierarchy and How It Affects the Administration Console
» Understand What the WebLogic MBeanMaker Provides
» Migration Concepts Security Data Migration
» The Architecture of WebLogic Resources Types of WebLogic Resources
» Looking Up WebLogic Resources in a Security Providers Runtime Class
» ContextHandlers and WebLogic Resources
» Best Practice: Create a Simple Database If None Exists
» Best Practice: Configure an Existing Database
» Users and Groups, Principals and Subjects
» Java Authentication and Authorization Service JAAS
» Example: Creating the Runtime Classes for the Sample Authentication Provider
» Install the MBean Type Into the WebLogic Server Environment
» Specifying the Order of Authentication Providers
» Identity Assertion Providers and LoginModules Identity Assertion and Tokens
» Do You Need to Develop a Custom Authentication Provider? The Identity Assertion Process
» Do You Need to Develop a Custom Identity Assertion Provider?
» Create Runtime Classes Using the Appropriate SSPIs
» Implement the PrincipalValidator SSPI
» The Principal Validation Process The Authorization Process
» Policy Consumer SSPI How to Develop a Custom Authorization Provider
» PolicyStoreMBean How to Develop a Custom Authorization Provider
» Provide a Mechanism for Security Policy Management
» Security Roles Dynamic Security Role Computation
» Role Consumer SSPI How to Develop a Custom Role Mapping Provider
» PolicyStoreMBean How to Develop a Custom Role Mapping Provider
» Is Your Custom Role Mapping Provider Thread Safe? The Auditing Process
» ContextHandlerMBean Methods Example: Implementing the ContextHandlerMBean
» Extend weblogic.management.security.audit.ContextHandlerImpl
» Do You Need to Develop a Custom Auditing Provider?
» Configure the Custom Auditing Provider Using the Administration Console
» Passing Additional Audit Information Audit Event Interfaces and Audit Events
» Credential Mapping Concepts The Credential Mapping Process
» Security Services and the Auditor Service
» Example: Auditing Management Operations from a Providers MBean
» Best Practice: Posting Audit Events from a Providers MBean
» Why Filters are Needed Servlet Authentication Filter Design Considerations
» Implementing Challenge Identity Assertion from a Filter
» Example of a Provider that Implements a Filter Versionable Application Concepts
Show more