ReadOnlySQLAuthenticatorMBean


Overview  |   Related MBeans  |   Attributes  |   Operations

Overview

This MBean contains configuration information for the Read-Only SQL Authentication provider.

       
Fully Qualified Interface NameIf you use the getMBeanInfo operation in MBeanTypeServiceMBean, supply the following value as this MBean's fully qualified interface name:
weblogic.security.providers.authentication.ReadOnlySQLAuthenticatorMBean
Factory Methods No factory methods. Instances of this MBean are created automatically.
Subtypes The following MBeans extend or implement this MBean type:


    Related MBeans

    This section describes attributes that provide access to other MBeans.


      Realm

      Returns the realm that contains this security provider. Returns null if this security provider is not contained by a realm.

             
      Privileges Read only
      TypeRealmMBean
      Relationship type: Reference.


      Attributes

      This section describes the following attributes:


      ControlFlag

      Returns how the login sequence uses the Authentication provider.

      A REQUIRED value specifies this LoginModule must succeed. Even if it fails, authentication proceeds down the list of LoginModules for the configured Authentication providers. This setting is the default.

      A REQUISITE value specifies this LoginModule must succeed. If other Authentication providers are configured and this LoginModule succeeds, authentication proceeds down the list of LoginModules. Otherwise, control is return to the application.

      A SUFFICIENT value specifies this LoginModule need not succeed. If it does succeed, return control to the application. If it fails and other Authentication providers are configured, authentication proceeds down the LoginModule list.

      An OPTIONAL value specifies this LoginModule need not succeed. Whether it succeeds or fails, authentication proceeds down the LoginModule list.

             
      Privileges Read/Write
      Typejava.lang.String
      Default ValueREQUIRED
      Legal Values
      • REQUIRED
      • REQUISITE
      • SUFFICIENT
      • OPTIONAL

      DataSourceName

      The name of the JDBC data source used for database access.

             
      Privileges Read/Write
      Typejava.lang.String

      Description

      A short description of the DBMS Authentication provider.

             
      Privileges Read only
      Typejava.lang.String
      Default ValueProvider that performs DBMS authentication
      Redeploy or Restart required Changes take effect after you redeploy the module or restart the server.

      DescriptionsSupported

      Indicates whether user and group descriptions are supported by the database used by the authentication provider.

             
      Privileges Read/Write
      Typeboolean
      Default Valuetrue

      EnableGroupMembershipLookupHierarchyCaching

      Returns whether group membership hierarchies found during recursive membership lookup will be cached. If true, each subtree found will be cached.

             
      Privileges Read/Write
      Typejava.lang.Boolean

      GroupHierarchyCacheTTL

      Returns the maximum number of seconds a group membership hierarchy entry is valid in the LRU cache.

             
      Privileges Read/Write
      Typejava.lang.Integer
      Default Value60

      GroupMembershipSearching

      Specifies whether recursive group membership searching is unlimited or limited. Valid values are unlimited and limited.

             
      Privileges Read/Write
      Typejava.lang.String
      Default Valueunlimited
      Legal Values
      • unlimited
      • limited

      MaxGroupHierarchiesInCache

      Returns the maximum size of the LRU cache for holding group membership hierarchies if caching is enabled.

             
      Privileges Read/Write
      Typejava.lang.Integer
      Default Value100

      MaxGroupMembershipSearchLevel

      This specifies how many levels of group membership can be searched. This setting is valid only if Group Membership Searching is set to limited. Valid values are 0 and positive integers. For example, 0 indicates only direct group memberships will be found, a positive number indicates the number of levels to go down.

             
      Privileges Read/Write
      Typejava.lang.Integer
      Default Value0

      Name

             
      Privileges Read only
      Typejava.lang.String
      Default ValueReadOnlySQLAuthenticator
      Redeploy or Restart required Changes take effect after you redeploy the module or restart the server.

      PlaintextPasswordsEnabled

      Indicates whether plaintext passwords are allowed to be used.

             
      Privileges Read/Write
      Typeboolean

      ProviderClassName

      The name of the Java class for the Read-Only DBMS Authentication Provider.

             
      Privileges Read only
      Typejava.lang.String
      Default Valueweblogic.security.providers.authentication.DBMSSQLReadOnlyAuthenticationProviderImpl
      Redeploy or Restart required Changes take effect after you redeploy the module or restart the server.

      SQLGetGroupDescription

      The SQL statement used to retrieve the description of a group. Only valid if Descriptions Supported is enabled. The SQL statement requires a single parameter for the group name and must return a resultSet containing at most a single record containing the group description.

             
      Privileges Read/Write
      Typejava.lang.String
      Default ValueSELECT G_DESCRIPTION FROM GROUPS WHERE G_NAME = ?

      SQLGetUserDescription

      The SQL statement used to retrieve the description of a specific user. Only valid if Descriptions Supported is enabled. The SQL statement requires a single parameter for the username and must return a resultSet containing at most a single record containing the user description.

             
      Privileges Read/Write
      Typejava.lang.String
      Default ValueSELECT U_DESCRIPTION FROM USERS WHERE U_NAME = ?

      SQLGetUsersPassword

      The SQL statement used to look up a user's password. The SQL statement requires a single parameter for the username and must return a resultSet containing at most a single record containing the password.

             
      Privileges Read/Write
      Typejava.lang.String
      Default ValueSELECT U_PASSWORD FROM USERS WHERE U_NAME = ?

      SQLGroupExists

      The SQL statement used to look up a group. The SQL statement requires a single parameter for the group name and must return a resultSet containing at most a single record containing the group

             
      Privileges Read/Write
      Typejava.lang.String
      Default ValueSELECT G_NAME FROM GROUPS WHERE G_NAME = ?

      SQLIsMember

      The SQL statement used to look up members of a group. The SQL statement requires two parameters: a group name and a member or group name. It must return a resultSet containing the group names that matched

             
      Privileges Read/Write
      Typejava.lang.String
      Default ValueSELECT G_MEMBER FROM GROUPMEMBERS WHERE G_NAME = ? AND G_MEMBER = ?

      SQLListGroups

      The SQL statement used to retrieve group names that match a wildcard The SQL statement requires a single parameter for the wildcarded group name and return a resultSet containing matching group names

             
      Privileges Read/Write
      Typejava.lang.String
      Default ValueSELECT G_NAME FROM GROUPS WHERE G_NAME LIKE ?

      SQLListMemberGroups

      The SQL statement used to look up the groups a user or group is a member of. The SQL statement requires a single parameter for the username or group name and returns a resultSet containing the names of the groups that matched.

             
      Privileges Read/Write
      Typejava.lang.String
      Default ValueSELECT G_NAME FROM GROUPMEMBERS WHERE G_MEMBER = ?

      SQLListUsers

      The SQL statement used to retrieve users that match a particular wildcard search The SQL statement requires a single parameter for the wildcarded usernames and returns a resultSet containing matching usernames

             
      Privileges Read/Write
      Typejava.lang.String
      Default ValueSELECT U_NAME FROM USERS WHERE U_NAME LIKE ?

      SQLUserExists

      The SQL statement used to look up a user. The SQL statement requires a single parameter for the username and must return a resultSet containing at most a single record containing the user.

             
      Privileges Read/Write
      Typejava.lang.String
      Default ValueSELECT U_NAME FROM USERS WHERE U_NAME = ?

      Version

      The version number of the DBMS Authentication provider.

             
      Privileges Read only
      Typejava.lang.String
      Default Value1.0
      Redeploy or Restart required Changes take effect after you redeploy the module or restart the server.


      Operations

      This section describes the following operations:


      advance

      Advances the list to the next element in the list.

         
      Operation Name"advance"
      ParametersObject [] {  cursor }

      where:

      • cursor is an object of type java.lang.String that specifies:

        - The cursor returned from a previous list method.

      SignatureString [] { "java.lang.String" }
      Returns void
      Exceptions
      • weblogic.management.utils.InvalidCursorException

      close

      Indicates that the caller is finished using the list, and that the resources held on behalf of the list may be released. If the caller traverses through all the elements in the list, the caller need not call this method. In other words, it is used to let the caller close the list without reading each element that is returned.

         
      Operation Name"close"
      ParametersObject [] {  cursor }

      where:

      • cursor is an object of type java.lang.String that specifies:

        - The cursor returned from a previous list method.

      SignatureString [] { "java.lang.String" }
      Returns void
      Exceptions
      • weblogic.management.utils.InvalidCursorException

      getCurrentName

      The name of the current item in the list. Returns null if there is no current item.

         
      Operation Name"getCurrentName"
      ParametersObject [] {  cursor }

      where:

      • cursor is an object of type java.lang.String that specifies:

        - The cursor returned from a previous list method.

      SignatureString [] { "java.lang.String" }
      ReturnsString
      Exceptions
      • weblogic.management.utils.InvalidCursorException

      getGroupDescription

      Gets a group's description.

         
      Operation Name"getGroupDescription"
      ParametersObject [] {  groupName }

      where:

      • groupName is an object of type java.lang.String that specifies:

        - The name of an existing group.

      SignatureString [] { "java.lang.String" }
      ReturnsString
      Exceptions
      • weblogic.management.utils.NotFoundException
      • weblogic.management.utils.InvalidParameterException

      getUserDescription

      Gets a user's description.

         
      Operation Name"getUserDescription"
      ParametersObject [] {  userName }

      where:

      • userName is an object of type java.lang.String that specifies:

        - The name of an existing user.

      SignatureString [] { "java.lang.String" }
      ReturnsString
      Exceptions
      • weblogic.management.utils.NotFoundException
      • weblogic.management.utils.InvalidParameterException

      groupExists

      Indicates whether the specified group exists.

         
      Operation Name"groupExists"
      ParametersObject [] {  groupName }

      where:

      • groupName is an object of type java.lang.String that specifies:

        - The name that this method evaluates.

      SignatureString [] { "java.lang.String" }
      Returns boolean
      Exceptions
      • weblogic.management.utils.InvalidParameterException

      haveCurrent

      Returns true if there are more objects in the list, and false otherwise.

         
      Operation Name"haveCurrent"
      ParametersObject [] {  cursor }

      where:

      • cursor is an object of type java.lang.String that specifies:

        - The cursor returned from a previous list method.

      SignatureString [] { "java.lang.String" }
      Returns boolean
      Exceptions
      • weblogic.management.utils.InvalidCursorException

      isMember

      Indicates whether a user or group is a member of the group that you specify. A recursive search returns true if the member belongs to the group that you specify or to any of the groups contained within that group."

         
      Operation Name"isMember"
      ParametersObject [] {  parentGroupNamememberUserOrGroupNamerecursive }

      where:

      • parentGroupName is an object of type java.lang.String that specifies:

        - The existing group within which this method searches for membership.

      • memberUserOrGroupName is an object of type java.lang.String that specifies:

        - The user or group name for which this method searches.

      • recursive is an object of type java.lang.Boolean that specifies:

        - If set to true, the criteria for membership extends to any groups within the group that is specified by parentGroupName.

        If this argument is set to false, then this method checks only for direct membership within the parentGroupName.

      SignatureString [] { "java.lang.String", "java.lang.String", "java.lang.Boolean" }
      Returns boolean
      Exceptions
      • weblogic.management.utils.NotFoundException
      • weblogic.management.utils.InvalidParameterException

      isSet

      Returns true if the specified attribute has been set explicitly in this MBean instance.

         
      Operation Name"isSet"
      ParametersObject [] {  propertyName }

      where:

      • propertyName is an object of type java.lang.String that specifies:

        property to check

      SignatureString [] { "java.lang.String" }
      Returns boolean
      Exceptions
      • java.lang.IllegalArgumentException

      listGroups

      Searches for a user name that matches a pattern.

      This method returns a cursor that you can pass to the methods from weblogic.management.utils.NameListerMBean (which this MBean extends) to iterate through the returned list.

      This method does not sort the results.

         
      Operation Name"listGroups"
      ParametersObject [] {  groupNameWildcardmaximumToReturn }

      where:

      • groupNameWildcard is an object of type java.lang.String that specifies:

        -

        The pattern for which this method searches. The pattern can end with an * (asterisk) as a wildcard, which matches any string of characters.

        For example, a pattern of abc matches exactly one group name that contains only abc, a pattern of ab* matches all group names that start with ab, and a pattern of * matches all group names.

      • maximumToReturn is an object of type java.lang.Integer that specifies:

        - The maximum number of group names that this method returns. If there are more matches than this maximum, then the returned results are arbitrary because this method does not sort results. If the parameter is set to 0 there is no maximum and all results are returned.

      SignatureString [] { "java.lang.String", "java.lang.Integer" }
      ReturnsString
      Exceptions
      • weblogic.management.utils.InvalidParameterException

      listUsers

      Searches for a user name that matches a pattern.

      This method returns a cursor that you can pass to the methods from weblogic.management.utils.NameListerMBean (which this MBean extends) to iterate through the returned list.

      This method does not sort the results.

         
      Operation Name"listUsers"
      ParametersObject [] {  userNameWildcardmaximumToReturn }

      where:

      • userNameWildcard is an object of type java.lang.String that specifies:

        - The pattern for which this method searches. The pattern can end with an * (asterisk) as a wildcard, which matches any string of characters.

        For example, a pattern of abc matches exactly one user name that contains only abc, a pattern of ab* matches all user names that start with ab, and a pattern of * matches all user names.

      • maximumToReturn is an object of type java.lang.Integer that specifies:

        - The maximum number of user names that this method returns. If there are more matches than this maximum, then the returned results are arbitrary because this method does not sort results. If the parameter is set to 0 there is no maximum and all results are returned.

      SignatureString [] { "java.lang.String", "java.lang.Integer" }
      ReturnsString
      Exceptions
      • weblogic.management.utils.InvalidParameterException

      unSet

      Restore the given property to its default value.

         
      Operation Name"unSet"
      ParametersObject [] {  propertyName }

      where:

      • propertyName is an object of type java.lang.String that specifies:

        property to restore

      SignatureString [] { "java.lang.String" }
      Returns void
      Exceptions
      • java.lang.IllegalArgumentException
        UnsupportedOperationException if called on a runtime implementation.

      userExists

      Indicates whether the specified user exists.

         
      Operation Name"userExists"
      ParametersObject [] {  userName }

      where:

      • userName is an object of type java.lang.String that specifies:

        - The name that this method evaluates.

      SignatureString [] { "java.lang.String" }
      Returns boolean
      Exceptions
      • weblogic.management.utils.InvalidParameterException

      wls_getDisplayName

      Returns the display name of an MBean.

      Deprecated 9.0.0.0

         
      Operation Name"wls_getDisplayName"
      Parametersnull
      Signaturenull
      ReturnsString