SAMLIdentityAsserterMBean

Overview  |   Related MBeans  |   Attributes  |   Operations

Overview

This MBean represents configuration information for the SAML Identity Assertion provider.

Deprecation of MBeanHome and Type-Safe Interfaces

This is a type-safe interface for a WebLogic Server MBean, which you can import into your client classes and access through weblogic.management.MBeanHome. As of 9.0, the MBeanHome interface and all type-safe interfaces for WebLogic Server MBeans are deprecated. Instead, client classes that interact with WebLogic Server MBeans should use standard JMX design patterns in which clients use the javax.management.MBeanServerConnection interface to discover MBeans, attributes, and attribute types at runtime.

   
Fully Qualified Interface NameIf you use the getMBeanInfo operation in MBeanTypeServiceMBean, supply the following value as this MBean's fully qualified interface name:
weblogic.security.providers.saml.SAMLIdentityAsserterMBean
Factory Methods No factory methods. Instances of this MBean are created automatically.

Related MBeans

This section describes attributes that provide access to other MBeans.

    Realm

    Returns the realm that contains this security provider. Returns null if this security provider is not contained by a realm.

           
    Privileges Read only
    TypeRealmMBean
    Relationship type: Reference.

    Attributes

    This section describes the following attributes:

    ActiveTypes

    The token types active for this SAML Identity Assertion provider.

           
    Privileges Read only
    Typeclass java.lang.String[]
    Default Value SAML.Assertion SAML.Assertion64 SAML.Assertion.DOM
    Redeploy or Restart required Changes take effect after you redeploy the module or restart the server.

    ArtifactEnabled

    Enable ARTIFACT profile.

           
    Privileges Read/Write
    Typeboolean

    AssertionConfiguration

    Configuration for assertions generated by this SAML authority.

    Assertions are configured in key=value format. You may find it convenient to write your assertion configuration in a text editor and paste it into the Assertion Configuration field.

           
    Privileges Read/Write
    Typejava.util.Properties
    Default Value{}

    AssertionConsumerURIs

    Consumer URIs to listen on.

           
    Privileges Read/Write
    Typeclass java.lang.String[]
    Default Value /samlacs/acs

    Base64DecodingRequired

    Base64 decoding is not required for the WebLogic SAML Identity Assertion provider.

           
    Privileges Read only
    Typeboolean
    Redeploy or Restart required Changes take effect after you redeploy the module or restart the server.

    Description

    A short description of this SAML Identity Assertion provider.

           
    Privileges Read only
    Typejava.lang.String
    Default ValueWebLogic SAML Identity Assertion Provider. Supports Security Assertion Markup Language v1.1.
    Redeploy or Restart required Changes take effect after you redeploy the module or restart the server.

    EnforceOneUsePolicy

    Enforce a one-use policy for POST profile assertions.

           
    Privileges Read/Write
    Typeboolean

    MinimumParserPoolSize

    The minimum number of parsers to maintain in the parser pool.

           
    Privileges Read/Write
    Typeint
    Default Value5
    Minimum value0

    Name

           
    Privileges Read only
    Typejava.lang.String
    Default ValueSAMLIdentityAsserter
    Redeploy or Restart required Changes take effect after you redeploy the module or restart the server.

    NameMapperClassName

    The name of the Java class that maps SAML Assertion name information to local Subjects. When no mapper is supplied the default mapper implementation is used.

           
    Privileges Read/Write
    Typejava.lang.String
    Default Value

    PostEnabled

    Enable POST profile.

           
    Privileges Read/Write
    Typeboolean

    ProviderClassName

    The name of the Java class used to load the SAML Identity Assertion provider.

           
    Privileges Read only
    Typejava.lang.String
    Default Valueweblogic.security.providers.saml.SAMLIdentityAsserterProviderImpl
    Redeploy or Restart required Changes take effect after you redeploy the module or restart the server.

    RecipientCheckEnabled

    When true, the recipient of the SAML Response must match the URL in the HTTP Request

           
    Privileges Read/Write
    Typeboolean
    Default Valuetrue

    SourceSiteRedirects

    An optional set of URIs from which unauthenticated users will be redirected to the configured ITS URL.

           
    Privileges Read/Write
    Typejava.util.Properties
    Default Value{}

    SupportedExportConstraints

    A certificate registry always exports all the certificates in the registry thus does not support export constraints.

           
    Privileges Read only
    Typeclass java.lang.String[]
    Default Value
    Redeploy or Restart required Changes take effect after you redeploy the module or restart the server.

    SupportedExportFormats

    A certificate registry exports trusted CAs to a JKS keystore. The keystore must not already exist.

           
    Privileges Read only
    Typeclass java.lang.String[]
    Default Value JKS KeyStore
    Redeploy or Restart required Changes take effect after you redeploy the module or restart the server.

    SupportedImportConstraints

    A certificate registry always imports all the certificates in a keystore (identities and trusted CAs) thus does not support export constraints.

           
    Privileges Read only
    Typeclass java.lang.String[]
    Default Value
    Redeploy or Restart required Changes take effect after you redeploy the module or restart the server.

    SupportedImportFormats

    A certificate registry imports trusted CAs from a JKS keystore.

           
    Privileges Read only
    Typeclass java.lang.String[]
    Default Value JKS KeyStore
    Redeploy or Restart required Changes take effect after you redeploy the module or restart the server.

    SupportedTypes

    The token types supported by this SAML Identity Assertion provider.

           
    Privileges Read only
    Typeclass java.lang.String[]
    Default Value SAML.Assertion SAML.Assertion64 SAML.Assertion.DOM
    Redeploy or Restart required Changes take effect after you redeploy the module or restart the server.

    UsedAssertionCacheClassName

    The class that implements persistent storage for the POST profile used assertion cache.

    The UsedAssertionCache class is used to enforce a one-use policy for POST profile assertions.

           
    Privileges Read/Write
    Typejava.lang.String
    Default Value

    UsedAssertionCacheProperties

    Properties passed to the UsedAssertionCache class init() method. This may be useful if you have implemented a custom UsedAssertionCache class.

           
    Privileges Read/Write
    Typejava.util.Properties
    Default Value{}

    Version

    The version number of this SAML Identity Assertion provider.

           
    Privileges Read only
    Typejava.lang.String
    Default Value1.0
    Redeploy or Restart required Changes take effect after you redeploy the module or restart the server.

    Operations

    This section describes the following operations:

    advance

    Advances the list to the next element in the list.

       
    Operation Name"advance"
    ParametersObject [] {  cursor }

    where:

    • cursor is an object of type java.lang.String that specifies:

      - The cursor returned from a previous list method.
    SignatureString [] { "java.lang.String" }
    Returns void
    Exceptions
    • weblogic.management.utils.InvalidCursorException

    aliasExists

    Determines whether or not an alias exists in the registry.

    Throws InvalidParameterException if alias is empty or null.

       
    Operation Name"aliasExists"
    ParametersObject [] {  alias }

    where:

    • alias is an object of type java.lang.String that specifies:

      - The alias the certificate is registered under. It must not be empty or null. Aliases are case-insensitive.
    SignatureString [] { "java.lang.String" }
    Returns boolean
    Exceptions
    • weblogic.management.utils.InvalidParameterException

    close

    Indicates that the caller is finished using the list, and that the resources held on behalf of the list may be released. If the caller traverses through all the elements in the list, the caller need not call this method. In other words, it is used to let the caller close the list without reading each element that is returned.

       
    Operation Name"close"
    ParametersObject [] {  cursor }

    where:

    • cursor is an object of type java.lang.String that specifies:

      - The cursor returned from a previous list method.
    SignatureString [] { "java.lang.String" }
    Returns void
    Exceptions
    • weblogic.management.utils.InvalidCursorException

    copyToDER

    writes a certificate in the registry to a file in DER binary format.

    Throws InvalidParameterException if alias or certificateFile is empty or null or if the file cannot be written to.

       
    Operation Name"copyToDER"
    ParametersObject [] {  aliascertificateFile }

    where:

    • alias is an object of type java.lang.String that specifies:

      - The alias the certificate is registered under. It must not be empty or null. Aliases are case-insensitive.

    • certificateFile is an object of type java.lang.String that specifies:

      - The pathname (relative to the directory the admin server is booted from) of the file to write the certificate to.
    SignatureString [] { "java.lang.String", "java.lang.String" }
    Returns void
    Exceptions
    • weblogic.management.utils.NotFoundException
    • weblogic.management.utils.InvalidParameterException

    copyToPEM

    writes a certificate in the registry to a file in PEM base64 encoded format.

    Throws InvalidParameterException if alias or certificateFile is empty or null or if the file cannot be written to.

       
    Operation Name"copyToPEM"
    ParametersObject [] {  aliascertificateFile }

    where:

    • alias is an object of type java.lang.String that specifies:

      - The alias the certificate is registered under. It must not be empty or null. Aliases are case-insensitive.

    • certificateFile is an object of type java.lang.String that specifies:

      - The pathname (relative to the directory the admin server is booted from) of the file to write the certificate to.
    SignatureString [] { "java.lang.String", "java.lang.String" }
    Returns void
    Exceptions
    • weblogic.management.utils.NotFoundException
    • weblogic.management.utils.InvalidParameterException

    exportData

    Exports provider specific data in a specified format. When errors occur, the MBean throws an ErrorCollectionException containing a list of java.lang.Exceptions, where the text of each exception describes the error.

       
    Operation Name"exportData"
    ParametersObject [] {  formatfilenameconstraints }

    where:

    • format is an object of type java.lang.String that specifies:

      - The format for exporting provider specific data.

    • filename is an object of type java.lang.String that specifies:

      - The full path to the filename used to write data.

    • constraints is an object of type java.util.Properties that specifies:

      - The constraints to be used when exporting data. A null value indicates that all data will be exported.
    SignatureString [] { "java.lang.String", "java.lang.String", "java.util.Properties" }
    Returns void
    Exceptions
    • weblogic.management.utils.InvalidParameterException
    • weblogic.management.utils.ErrorCollectionException

    getCertificate

    Retrieves a certificate from the registry.

    Throws NotFoundException if alias does not exist in the registry.

       
    Operation Name"getCertificate"
    ParametersObject [] {  alias }

    where:

    • alias is an object of type java.lang.String that specifies:

      - The alias the certificate is registered under. It must not be empty or null. Aliases are case-insensitive.
    SignatureString [] { "java.lang.String" }
    ReturnsX509Certificate
    Exceptions
    • weblogic.management.utils.NotFoundException
    • weblogic.management.utils.InvalidParameterException

    getCurrentName

    The name of the current item in the list. Returns null if there is no current item.

       
    Operation Name"getCurrentName"
    ParametersObject [] {  cursor }

    where:

    • cursor is an object of type java.lang.String that specifies:

      - The cursor returned from a previous list method.
    SignatureString [] { "java.lang.String" }
    ReturnsString
    Exceptions
    • weblogic.management.utils.InvalidCursorException

    haveCurrent

    Returns true if there are more objects in the list, and false otherwise.

       
    Operation Name"haveCurrent"
    ParametersObject [] {  cursor }

    where:

    • cursor is an object of type java.lang.String that specifies:

      - The cursor returned from a previous list method.
    SignatureString [] { "java.lang.String" }
    Returns boolean
    Exceptions
    • weblogic.management.utils.InvalidCursorException

    importData

    Imports provider specific data from a specified format. When errors occur, the MBean throws an ErrorCollectionException containing a list of java.lang.Exceptions, where the text of each exception describes the error.

       
    Operation Name"importData"
    ParametersObject [] {  formatfilenameconstraints }

    where:

    • format is an object of type java.lang.String that specifies:

      - The format for importing provider specific data.

    • filename is an object of type java.lang.String that specifies:

      - The full path to the filename used to read data.

    • constraints is an object of type java.util.Properties that specifies:

      - The constraints to be used when importing data. A null value indicates that all data will be imported.
    SignatureString [] { "java.lang.String", "java.lang.String", "java.util.Properties" }
    Returns void
    Exceptions
    • weblogic.management.utils.InvalidParameterException
    • weblogic.management.utils.ErrorCollectionException

    isSet

    Returns true if the specified attribute has been set explicitly in this MBean instance.

       
    Operation Name"isSet"
    ParametersObject [] {  propertyName }

    where:

    • propertyName is an object of type java.lang.String that specifies:

      property to check
    SignatureString [] { "java.lang.String" }
    Returns boolean
    Exceptions
    • java.lang.IllegalArgumentException

    listAliases

    Lists the registered aliases that match a wild card.

    Returns a String containing a cursor that may be passed into the NameListerMBean methods to read the list. The getCurrentName method returns the current alias on the list.

       
    Operation Name"listAliases"
    ParametersObject [] {  aliasWildcardmaxToReturn }

    where:

    • aliasWildcard is an object of type java.lang.String that specifies:

      - A wild card used to select aliases. It supports three formats: "*" matches all aliases. "foo*" matches all aliases starting with the string "foo". "foo" matches the alias "foo" only. The matches are case-insensitive.

    • maxToReturn is an object of type java.lang.Integer that specifies:

      - The maximum number of aliases this method may return. If there are more matches than this maximum, then the returned results are arbitrary because this method does not sort the results. Set this parameter to zero to return all matching aliases.
    SignatureString [] { "java.lang.String", "java.lang.Integer" }
    ReturnsString
    Exceptions
    • weblogic.management.utils.InvalidCursorException
    • weblogic.management.utils.InvalidParameterException

    registerCertificate

    Registers an end certificate in the registry under an alias.

    Throws InvalidParameterException if the alias or certificateFile is empty or null or if the file does not exist or cannot be read.

       
    Operation Name"registerCertificate"
    ParametersObject [] {  aliascertificateFile }

    where:

    • alias is an object of type java.lang.String that specifies:

      - The alias to register the certificate under. It must not be empty or null. Aliases are case-insensitive.

    • certificateFile is an object of type java.lang.String that specifies:

      - The pathname (relative to the directory the admin server is booted from) of a PEM or DER file containing the certificate to be registered.
    SignatureString [] { "java.lang.String", "java.lang.String" }
    Returns void
    Exceptions
    • weblogic.management.utils.AlreadyExistsException
    • weblogic.management.utils.InvalidParameterException

    unregisterCertificate

    Unregisters an end certificate from the registry.

    Throws InvalidParameterException if alias is empty or null.

       
    Operation Name"unregisterCertificate"
    ParametersObject [] {  alias }

    where:

    • alias is an object of type java.lang.String that specifies:

      - The alias the certificate is registered under. It must not be empty or null. Aliases are case-insensitive.
    SignatureString [] { "java.lang.String" }
    Returns void
    Exceptions
    • weblogic.management.utils.NotFoundException
    • weblogic.management.utils.InvalidParameterException

    unSet

    Restore the given property to its default value.

       
    Operation Name"unSet"
    ParametersObject [] {  propertyName }

    where:

    • propertyName is an object of type java.lang.String that specifies:

      property to restore
    SignatureString [] { "java.lang.String" }
    Returns void
    Exceptions
    • java.lang.IllegalArgumentException
      UnsupportedOperationException if called on a runtime implementation.

    wls_getDisplayName

    Returns the display name of an MBean.

    Deprecated 9.0.0.0

       
    Operation Name"wls_getDisplayName"
    Parametersnull
    Signaturenull
    ReturnsString