Introduction to Developing Security Providers for WebLogic Server 2-3

2.2.2 Creating Runtime Classes for the Custom Security Provider by Implementing SSPIs

In one or two runtime classes, implement the SSPIs you have identified by providing implementations for each of their methods. The methods should contain the specific algorithms for the security services offered by the custom security provider. The content of these methods describe how the service should behave. Procedures for this task are dependent on the type of security provider you want to create, and are provided under the Create Runtime Classes Using the Appropriate SSPIs heading in the sections that discuss each security provider in detail.

2.2.3 Generating an MBean Type to Configure and Manage the Custom Security Provider

Generating an MBean type includes the following steps: 1. Create an MBean Definition File MDF for the custom security provider that extends the required SSPI MBean, implements any optional SSPI MBeans, and adds any custom attributes and operations that will be required to configure and manage the custom security provider. Information about MDFs is available in Section 3.3.3, Understand the Basic Elements of an MBean Definition File MDF, and procedures for this task are provided under the Create an MBean Definition File MDF heading in the sections that discuss each security provider in detail. 2. Run the MDF through the WebLogic MBeanMaker to generate intermediate files including the MBean interface, MBean implementation, and MBean information files for the custom security providers MBean type. Information about the WebLogic MBeanMaker and how it uses the MDF to generate Java files is provided in Section 3.3.5, Understand What the WebLogic MBeanMaker Provides, and procedures for this task are provided under the Use the WebLogic MBeanMaker to Generate the MBean Type heading in the sections that discuss each security provider in detail. 3. Edit the MBean implementation file to supply content for any methods inherited from implementing optional SSPI MBeans, as well as content for the method stubs generated as a result of custom attributes and operations added to the MDF. 4. Run the modified intermediate files for the MBean type and the runtime classes for your custom security provider through the WebLogic MBeanMaker to generate a JAR file, called an MBean JAR File MJF. Procedures for this task are provided under the Use the WebLogic MBeanMaker to Create the MBean JAR File MJF heading in the sections that discuss each security provider in detail. 5. Install the MBean JAR File MJF into the WebLogic Server environment. Procedures for this task are provided under the Install the MBean Type into the WebLogic Server Environment heading in the sections that discuss each security provider in detail.

2.2.4 Writing Console Extensions

Console extensions allow you to add JavaServer Pages JSPs to the WebLogic Server Administration Console to support additional management and configuration of custom security providers. Console extensions allow you to include Administration 2-4 Developing Security Providers for Oracle WebLogic Server Console support where that support does not yet exist, as well as to customize administrative interactions as you see fit. To get complete configuration and management support through the WebLogic Server Administration Console for a custom security provider, you need to write a console extension when: ■ You decide not to implement an optional SSPI MBean when you generate an MBean type for your custom security provider, but still want to configure and manage your custom security provider via the Administration Console. That is, you do not want to use the WebLogic Server Command-Line Interface instead. Generating an MBean type as described in Section 2.2.3, Generating an MBean Type to Configure and Manage the Custom Security Provider is the Oracle-recommended way for configuring and managing custom security providers. However, you may want to configure and manage your custom security provider completely through a console extension that you write. ■ You implement optional SSPI MBeans for custom security providers that are not custom Authentication providers. When you implement optional SSPI MBeans to develop a custom Authentication provider, you automatically receive support in the Administration Console for the MBean types attributes inherited from the optional SSPI MBean. Other types of custom security providers, such as custom Authorization providers, do not receive this support. ■ You add a custom attribute that cannot be represented as a simple data type to your MBean Definition File MDF, which is used to generate the custom security providers MBean type. The Details tab for a custom security provider will automatically display custom attributes, but only if they are represented as a simple data type, such as a string, MBean, boolean or integer value. If you have custom attributes that are represented as atypical data types for example, an image of a fingerprint, the Administration Console cannot visualize the custom attribute without customization. ■ You add a custom operation to your MBean Definition File MDF, which is used to generate the custom security providers MBean type. Because of the potential variety involved with custom operations, the Administration Console does not know how to automatically display or process them. Examples of custom operations might be a microphone for a voice print, or importexport buttons. The Administration Console cannot visualize and process these operations without customization. Some other optional reasons for extending the Administration Console include: ■ Corporate branding—when, for example, you want your organizations logo or look and feel on the pages used to configure and manage a custom security provider. ■ Consolidation—when, for example, you want all the fields used to configure and manage a custom security provider on one page, rather than in separate tabs or locations. For more information about console extensions, see Extending the Administration Console for Oracle WebLogic Server. Introduction to Developing Security Providers for WebLogic Server 2-5

2.2.5 Configuring the Custom Security Provider