FederationServicesMBean

Overview

This MBean represents configuration for SAML 1.1-based Federation Services, including the intersite transfer service, assertion consumer service, and assertion retrieval service.

Attributes

This section describes the following attributes:

ACSRequiresSSL

Specifies whether the Assertion Consumer Service requires SSL.

ARSRequiresSSL

Specifies whether the Assertion Retrieval Service requires SSL.

ARSRequiresTwoWaySSL

Specifies whether the Assertion Retrieval Service requires two-way SSL authentication.

AssertionConsumerURIs

The Assertion Consumer URIs.

AssertionRetrievalURIs

One or more URIs on which to listen for incoming assertion retrieval requests.

For artifact profile, the destination site receives a SAML artifact that represents a source site (why we need the source site ID values) and an assertion ID. The destination site sends a request containing the artifact to the source site's assertion retrieval URL, and the source site responds with the corresponding assertion. You may configure multiple URIs here, although typically one will be sufficient. The URI includes the application context, followed by the resource context. For example:

/my_application/saml/ars

which would be accessible from the outside as https://my.example.com/my_application/saml/ars

AssertionStoreClassName

The class that provides persistent storage for assertions, if you use an Assertion Store class other than the default class.

AssertionStoreProperties

Properties passed to Assertion Store class initStore() method.

This may be useful if you have implemented a custom Assertion Store class.

CachingDisabled

Private property that disables caching in proxies.

DestinationSiteEnabled

Specifies whether the Destination Site is enabled.

IntersiteTransferURIs

The Intersite Transfer URIs.

ITSRequiresSSL

Specifies whether the Intersite Transfer Service requires SSL.

MBeanInfo

Returns the MBean info for this MBean.

Deprecated.

Name

The user-specified name of this MBean instance.

This name is included as one of the key properties in the MBean's javax.management.ObjectName:
Name=user-specified-name

Notes

Optional information that you can include to describe this configuration.

WebLogic Sever saves this note in the domain's configuration file (config.xml) as XML PCDATA. All left angle brackets (<) are converted to the XML entity <. Carriage returns/line feeds are preserved.

Note:

If you create or edit a note from the Administration Console, the Administration Console does not preserve carriage returns/line feeds.

ObjectName

Returns the ObjectName under which this MBean is registered in the MBean server.

Deprecated.

Parent

Return the immediate parent for this MBean

POSTOneUseCheckEnabled

Specifies whether the POST one-use check is enabled.

POSTRecipientCheckEnabled

Specifies whether the POST recipient check is enabled. When true, the recipient of the SAML Response must match the URL in the HTTP Request.

Registered

Returns false if the MBean represented by this object has been unregistered.

Deprecated.

SigningKeyAlias

The alias used to store and retrieve the Source Site's signing key in the keystore. This key is used to sign POST profile responses.

SigningKeyPassPhrase

The passphrase used to retrieve the Source Site's signing key from the keystore.

SigningKeyPassPhraseEncrypted

The encrypted passphrase used to retrieve the Source Site's signing key from the keystore.

To set this attribute, use weblogic.management.EncryptionHelper.encrypt() to encrypt the value. Then set this attribute to the output of the encrypt() method.

To compare a password that a user enters with the encrypted value of this attribute, go to the same WebLogic Server instance that you used to set and encrypt this attribute and use weblogic.management.EncryptionHelper.encrypt() to encrypt the user-supplied password. Then compare the encrypted values.

SourceIdBase64

The Source Site ID base64-encoded.

This read-only value is a Base64 representation of a 20-byte binary value that is calculated from the SourceSiteURL. If you want to configure ARTIFACT profile with another site, you will need to give a SourceId value to the other site. This value is automatically updated when the SourceSiteURL changes.

SourceIdHex

The Source Site ID in hexadecimal.

This read-only value is a hexadecimal representation of a 20-byte binary value that is calculated from the SourceSiteURL. If you want to configure ARTIFACT profile with another site, you will need to give a SourceId value to the other site. This value is automatically updated when the SourceSiteURL changes.

SourceSiteEnabled

Indicates whether the Source Site is enabled.

SourceSiteURL

The URL for the Source Site.

SSLClientIdentityAlias

The alias used to store and retrieve the Destination Site's SSL client identity in the keystore.

SSLClientIdentityPassPhrase

The passphrase used to retrieve the Destination Site's SSL client identity from the keystore.

SSLClientIdentityPassPhraseEncrypted

The encrypted passphrase used to retrieve the Destination Site's SSL client identity from the keystore.

To set this attribute, use weblogic.management.EncryptionHelper.encrypt() to encrypt the value. Then set this attribute to the output of the encrypt() method.

To compare a password that a user enters with the encrypted value of this attribute, go to the same WebLogic Server instance that you used to set and encrypt this attribute and use weblogic.management.EncryptionHelper.encrypt() to encrypt the user-supplied password. Then compare the encrypted values.

Type

Returns the type of the MBean.

UsedAssertionCacheClassName

The class used as the persistent store for the Used Assertion Cache. When no class is specified, the default Used Assertion Cache implementation is used.

UsedAssertionCacheProperties

Properties to be passed to the Used Assertion Cache class.

Operations

This section describes the following operations:

freezeCurrentValue

If the specified attribute has not been set explicitly, and if the attribute has a default value, this operation forces the MBean to persist the default value.

Unless you use this operation, the default value is not saved and is subject to change if you update to a newer release of WebLogic Server. Invoking this operation isolates this MBean from the effects of such changes.

Note:

To insure that you are freezing the default value, invoke the restoreDefaultValue operation before you invoke this.

This operation has no effect if you invoke it on an attribute that does not provide a default value or on an attribute for which some other value has been set.

Deprecated. 9.0.0.0

isSet

Returns true if the specified attribute has been set explicitly in this MBean instance.

restoreDefaultValue

If the specified attribute has a default value, this operation removes any value that has been set explicitly and causes the attribute to use the default value.

Default values are subject to change if you update to a newer release of WebLogic Server. To prevent the value from changing if you update to a newer release, invoke the freezeCurrentValue operation.

This operation has no effect if you invoke it on an attribute that does not provide a default value or on an attribute that is already using the default.

Deprecated. 9.0.0.0

unSet

Restore the given property to its default value.