Access Decisions
definition 1
purpose 1
relationship to Authorization providers 1
AccessDecision SSPI
methods 1
Active Types
attribute in MBean Definition Files (MDFs) for Identity Assertion providers 1
defaulting 1
field in WebLogic Server Administration Console 1
adjudication
definition 1
general process 1
Adjudication providers
configuring
in the WebLogic Server Administration Console 1
custom
determining necessity 1
main steps for developing 1
purpose 1
WebLogic
description 1
AdjudicationProvider SSPI
methods 1
Adjudicator SSPI
methods 1
appearance of custom attributes/operations in WebLogic Server Administration Console 1
architecture of a security provider 1
argument-passing mechanisms
attributes for MBean Definition File (MDF) elements
MBeanAttribute subelement 1
MBeanOperation subelement 1
MBeanOperationArg subelement 1
MBeanType (root) element 1
attributes/operations, custom
appearance in WebLogic Server Administration Console 1
using to configure an existing security provider database 1
what the WebLogic MBeanMaker utility provides 1
Audit Channels
definition 1
purpose 1
relationship to Auditing providers 1
audit context
definition 1
audit events
creating 1
definition 1
using the Auditor Service to write 1
example 1
audit severity
definition 1
AuditChannel SSPI
methods 1
AuditContext interface
methods 1
AuditEvent SSPI
convenience interfaces 1
AuditAtnEvent
example 1
methods 1
AuditAtzEvent
methods 1
AuditMgmtEvent 1
AuditPolicyEvent
methods 1
AuditRoleDeploymentEvent 1
AuditRoleEvent 1
methods 1
auditing
definition 1
from a custom security provider
main steps 1
Auditing providers
configuring in the WebLogic Server Administration Console 1
audit severity 1
custom
determining necessity 1
main steps for developing 1
example of creating runtime classes 1
relationship
to Audit Channels 1
WebLogic
description 1
Auditor Service
obtaining and using to write audit events 1
example 1
AuditorService interface
implementations 1
methods 1
purpose 1
AuditProvider SSPI
methods 1
authentication
client-side
using UsernamePasswordLoginModule 1, 2, 3, 4
definition 1
enabling different technologies with LoginModules 1
establishing context 1
example
standalone T3 application 1
general process
usernames/passwords 1
multipart
using LoginModules 1
perimeter
definition 1
passing tokens 1
use of separate LoginModule 1
server-side
use of login method 1
use of CallbackHandlers 1, 2, 3
use of Java Authentication and Authorization Service (JAAS) 1
Authentication providers
appearance of optional SSPI MBean attributes/operations in WebLogic Server Administration Console 1
configuring in the WebLogic Server Administration Console 1
custom
determining necessity 1
main steps for developing 1
difference from Identity Assertion providers 1
example of creating runtime classes 1
purpose 1
relationship
to Principal Validation providers 1, 2, 3
specifying the order of 1
use of LoginModules for multipart authentication 1
WebLogic
description 1
use of embedded LDAP server 1
AuthenticationProvider SSPI
getPrincipalValidator 1
authorization
definition 1
general process 1
Authorization providers
configuring in the WebLogic Server Administration Console 1
support for deployable security policies 1
use of security policies in deployment descriptors 1
custom
determining necessity 1
main steps for developing 1
example of creating runtime classes 1
purpose 1
relationship
to Access Decisions 1
use with deployment descriptors 1
use with Role Mapping providers 1
WebLogic
description 1
AuthorizationProvider SSPI
methods 1
automatic creation of a security provider database 1
base required SSPI MBean 1
basic console extensions
difference from custom security provider console extensions 1
best practices
security provider database
automatic creation 1
configuring existing 1
CallbackHandlers
example of creating 1
classes
ResourceBase 1
WLSPrincipals 1
client-side authentication using UsernamePasswordLoginModule 1, 2, 3, 4
Common Secure Interoperability Version 2 (CSIv2)
process 1
support 1
configuring
an existing database for use with security providers 1
Auditing Providers
audit severity 1
Authorization providers
use of security policies in deployment descriptors 1
Credential Mapping providers
use of credential mappings in deployment descriptors 1
custom security providers
general information 1
Identity Assertion providers for use with token types 1, 2, 3
Role Mapping providers
use of role mappings in deployment descriptors 1
console extensions
affect on WebLogic Server Administration Console 1
for custom security providers
difference from basic 1
main steps 1
in the development process 1
purpose 1
context
audit
definition 1
authentication
establishing 1
element
definition 1
request
consideration during dynamic security role computation 1
ContextHandlers
WebLogic resource use of 1
control flag setting for LoginModules 1
CORBA
Common Secure Interoperability Version 2 (CSIv2) specification 1
creating runtime classes for custom security providers
main steps 1
Credential Mapping Deployment Enabled flag 1
Credential Mapping providers
configuring in the WebLogic Server Administration Console 1
support for deployable credential mappings 1
use of credential mappings in deployment descriptors 1
custom
determining necessity 1
main steps for developing 1
interaction with WebLogic Security Framework 1
purpose 1
use with deployment descriptors 1
WebLogic
description 1
credential mappings
definition 1
enabling deployment 1
in deployment descriptors 1
use of Credential Mapping Deployment Enabled flag 1
use of Ignore Deploy Credential Mapping checkbox 1
credential maps
management mechanisms
description 1
overview 1
CredentialMapper SSPI
methods 1
CredentialProvider SSPI
methods 1
credentials
default
security provider database initialization 1
definition 1
custom attributes/operations
appearance in WebLogic Server Administration Console 1
specific steps for WebLogic MBeanMaker utility 1, 2, 3, 4, 5, 6, 7, 8, 9, 10
using to configure an existing security provider database 1
what the WebLogic MBeanMaker utility provides 1
custom security provider-related dialog screens in the Administration Console
replacing 1
database, security provider
initializing 1
automatic creation 1
configuring existing 1
default users, groups, roles, policies, credentials 1
requirements 1
storing WebLogic resources 1
declarative security roles 1
default users, groups, roles, policies, and credentials
security provider database initialization 1
defaulting the ActiveTypes attribute for Identity Assertion providers 1
Deployable versions of Provider SSPIs 1
DeployableAuthorizationProvider 1
methods 1
DeployableCredentialProvider 1
methods 1
DeployableRoleProvider 1
methods 1
deployment descriptors
configuring use of in the WebLogic Server Administration Console
Authorization providers 1
Credential Mapping providers 1
Role Mapping providers 1
credential mappings defined in 1
definitions
of roles 1
of security policies 1
of security roles 1
Enterprise JavaBean (EJB)/Web application use of 1, 2
deployment support
for credential mappings 1
for role mappings 1
for security policies 1
developing custom security providers
creating runtime classes 1
designing 1
general information about configuring 1
generating MBean types 1
main steps
Adjudication 1
Auditing 1
Authentication 1
Authorization 1
Credential Mapping 1
Identity Assertion 1
Role Mapping 1
options for Principal Validation 1
process 1
writing console extensions 1
differences between Principal Validation providers and other security providers 1
dynamic security role computation 1
consideration of request context 1
definition 1
general process 1
result of 1
EJB containers
use of ContextHandlers 1
element syntax for MBean Definition Files (MDFs) 1
examples 1
MBeanAttribute subelement 1
MBeanConstructor subelement 1
MBeanOperation subelement 1
MBeanOperationArg subelement 1
MBeanType (root) element 1
understanding 1
element, context
definition 1
embedded LDAP server
WebLogic Authentication provider use of 1
enabling different authentication technologies with LoginModules 1
Enterprise JavaBeans (EJBs)
use of deployment descriptors 1, 2
events, audit
creating 1
definition 1
using the Auditor Service to write 1
example 1
exceptions, security
management 1
resulting from invalid principals 1
extending and implementing SSPI MBeans 1
extensions, console
affect on WebLogic Server Administration Console 1
for custom security providers
difference from basic 1
main steps 1
in the development process 1
purpose 1
factories, Provider SSPIs as 1
file, MBean interface
definition 1, 2, 3, 4, 5, 6, 7
flag
control 1
Credential Mapping Deployment Enabled 1
Policy Deployment Enabled 1
Role Deployment Enabled 1
generating MBean types for custom security providers
main steps 1
getID method
for optimizing look ups of WebLogic resources 1
use for runtime caching 1
use for WebLogic resource identification 1
getParentResource method
for traversing the single-parent resource hierarchy 1
getPrincipalValidator method in AuthenticationProvider SSPI 1
groups
default
creating 1
security provider database initialization 1
definition 1
WebLogic Server 1
hierarchy, single-parent
WebLogic resources 1
getParentResource method 1
identifying WebLogic resources 1
using the getID method 1
using the toString method 1
identity assertion
general process 1
Identity Assertion providers
configuring in the WebLogic Server Administration Console 1, 2
ActiveTypes field 1
Supported Types field 1
custom
main steps for developing 1
defaulting the Active Types attribute 1
difference from Authentication providers 1, 2
example of creating runtime classes 1
purpose 1
use of separate LoginModule 1, 2
use of tokens 1
creating new 1
WebLogic
description 1
token types supported 1
IdentityAsserter SSPI
methods 1
inheritance hierarchy
SSPI MBeans 1
SSPIs 1
initialization
security provider database 1
automatic creation 1
configuring existing 1
default users, groups, roles, policies, credentials 1
requirements 1
using a database delegator 1
instances, MBean 1
interfaces
AuditContext
methods 1
AuditEvent convenience 1
AuditAtnEvent 1
example implementation 1
AuditAtzEvent 1
AuditMgmtEvent 1
AuditPolicyEvent 1
AuditRoleDeploymentEvent 1
AuditRoleEvent 1
AuditorService
implementations 1
methods 1
management 1
Resource 1
SecurityExtension 1
SecurityExtensionV2
methods 1
SecurityServices
implementations 1
methods 1
Java Authentication and Authorization Service (JAAS)
description 1
subject's use of 1
use of LoginModules 1
WebLogic Security Framework
interaction 1
example 1
Java Management eXtensions (JMX) specification 1
lockouts, user
implementing your own User Lockout Manager 1
managing 1
preventing double 1
realm-wide User Lockout Manager 1
relationship to PasswordPolicyMBean 1
login method
use for server-side authentication 1
LoginModule interface
methods 1
LoginModules
control flag setting 1
definition 1
enabling different authentication technologies 1
example implementation 1
Java Authentication and Authorization Service (JAAS) use of 1
purpose 1
relationship to Authentication providers 1, 2
use
for multipart authentication 1
for perimeter authentication 1
with Common Secure Interoperability Version 2 (CSIv2) 1
with Identity Assertion providers 1
main steps
writing console extensions 1
management mechanisms
description
credential maps 1
roles 1
security policies 1
options
overview
credential maps 1
security policies 1
security roles 1
management utilities package 1
mappings
credential
definition 1
enabling deployment 1
Ignore Deploy Credential Mapping checkbox 1
in deployment descriptors 1
use of Credential Mapping Deployment Enabled flag 1
role
definition 1
enabling deployment 1
in deployment descriptors 1
On Future Redeploys menu 1
use of Role Deployment Enabled flag 1
MBean Definition Files (MDFs)
definition 1
description 1
element syntax 1
examples 1
MBeanAttribute subelement 1
attributes 1
MBeanConstructor subelement 1
MBeanOperation subelement 1
attributes 1
MBeanOperationArg subelement 1
attributes 1
understanding 1
Identity Assertion providers
ActiveTypes attribute 1
Supported Types attribute 1
sample 1
use of by WebLogic MBeanMaker utility 1, 2
using custom attributes/operations to configure an existing security provider database 1
MBean interface file
definition 1, 2, 3, 4, 5, 6, 7
MBean JAR Files (MJFs)
creating with WebLogic MBeanMaker utility 1, 2, 3, 4, 5, 6, 7
MBean types
definition 1
generating
from SSPI MBeans 1
with WebLogic MBeanMaker utility 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15
installing into WebLogic Server environment 1, 2, 3, 4, 5, 6, 7
instances created from 1
purpose 1
MBeans
definition 1
SSPI
quick reference 1
MBeanType (root) element in MBean Definition Files (MDFs)
attributes 1
syntax 1
methods
AccessDecision SSPI 1
AdjudicationProvider SSPI 1
Adjudicator SSPI 1
AuditAtnEvent convenience interface 1
AuditAtzEvent convenience interface 1
AuditChannel SSPI 1
AuditContext interface 1
AuditEvent SSPI 1
AuditorService interface 1
AuditPolicyEvent convenience interface 1
AuditProvider SSPI 1
AuthenticationProvider SSPI 1, 2
getPrincipalValidator 1
AuthorizationProvider SSPI 1
CredentialMapper SSPI 1
CredentialProvider SSPI 1
DeployableAuthorizationProvider SSPI 1
DeployableCredentialProvider SSPI 1
DeployableRoleProvider SSPI 1, 2
getID
for optimizing look ups of WebLogic resources 1
use for runtime caching 1
use for WebLogic resource identification 1
getParentResource
for traversing the single-parent resource hierarchy 1
IdentityAsserter SSPI 1
login
use for server-side authentication 1
LoginModule interface 1
PrincipalValidator SSPI 1
RoleMapper SSPI 1
RoleProvider SSPI 1
SecurityExtensionV2 interface 1
SecurityProvider interface 1
SecurityServices interface 1
toString
format 1
use for WebLogic resource identification 1
multipart authentication
using LoginModules 1
optional SSPI MBeans
definition 1
specific steps for WebLogic MBeanMaker utility 1, 2, 3, 4, 5
what the WebLogic MBeanMaker utility provides 1
ordering Authentication providers 1
PasswordPolicyMBean
relationship to user lockouts 1
perimeter authentication
definition 1
passing tokens 1
use of separate LoginModules 1
planning development activities 1
policies, security
default
creating 1
security provider database initialization 1
enabling deployment 1
in deployment descriptors 1
On Future Redeploys menu 1
use of Policy Deployment Enabled flag 1
Policy Deployment Enabled flag 1
preventing double user lockouts 1
principal validation
general process 1
principal types 1
Principal Validation providers
custom
determining necessity 1
options for developing 1
differences from other security providers 1
principal types 1
purpose 1
relationship
to Authentication providers 1, 2, 3
WebLogic
description 1
how to use 1
principals
definition 1
invalid 1
types 1
PrincipalValidator SSPI 1
methods 1
process
adjudication 1
authentication
using identity assertion 1
using usernames/passwords 1
authorization 1
for developing custom security providers 1
writing console extensions 1
principal validation 1
role mapping 1
Provider SSPIs
as factory 1
Deployable versions 1
DeployableAuthorizationProvider 1, 2
DeployableCredentialProvider 1, 2
purpose 1
quick reference
SSPI MBeans 1
SSPIs 1
request context
consideration during dynamic security role computation 1
required SSPI MBeans
definition 1
Resource interface 1
ResourceBase class 1
resources, WebLogic
architecture 1
creating default groups 1
creating default roles 1
creating default security policies 1
definition 1
identifiers 1
resource IDs 1
toString method 1
optimizing look ups 1
single-parent hierarchy 1
getParentResource method 1
storing in security provider database 1
types 1
use of ContextHandlers 1
Role Deployment Enabled flag 1
role mapping
definition 1
enabling deployment 1
general process 1
in deployment descriptors 1
use
of On Future Redeploys menu 1
of Role Deployment Enabled flag 1
Role Mapping providers
configuring in the WebLogic Server Administration Console 1
support for deployable role mappings 1
use of role mappings in deployment descriptors 1
custom
determining necessity 1
main steps for developing 1
example of creating runtime classes 1
purpose 1
use
with Authorization providers 1
with deployment descriptors 1
WebLogic
description 1
RoleMapper SSPI
methods 1
RoleProvider SSPI
methods 1
roles
declarative 1
default
creating 1
security provider database initialization 1
definition 1
dynamic computation 1
consideration of request context 1
definition 1
general process 1
result of 1
in deployment descriptors 1
management mechanisms
description 1
overview 1
specified in the WebLogic Server Administration Console 1
runtime caching using the getID method 1
runtime classes
creating using security service provider interfaces (SSPIs)
Adjudication providers 1
Auditing providers 1
AuditingProvider example implementation 1
Authentication providers 1
AuthenticationProvider example implementation 1
Authorization providers 1
AuthorizationProvider example implementation 1
CallbackHandler example implementation 1
Credential Mapping providers 1
Identity Assertion providers 1
IdentityAsserter example implementation 1
LoginModule example implementation 1
Role Mapping providers 1
RoleProvider example implementation 1
SecurityRole example implementation 1
one versus two 1
sample MBean Definition File (MDF) 1
security policies
default
creating 1
security provider database initialization 1
enabling deployment 1
in deployment descriptors 1
management mechanisms
description 1
overview 1
use
of On Future Redeploys menu 1
of Policy Deployment Enabled flag 1
security provider databases
initializing 1
automatic creation 1
configuring existing 1
default users, groups, roles, policies, credentials 1
requirements 1
storing WebLogic resources 1
security providers
Adjudication
configuring in the WebLogic Server Administration Console 1
custom
determining necessity for 1
main steps for developing 1
purpose 1
Auditing
configuring in the WebLogic Server Administration Console 1
custom
determining necessity for 1
main steps for developing 1
example of creating runtime classes 1
relationship
to Audit Channels 1
auditing from
main steps 1
Authentication
configuring in the WebLogic Server Administration Console 1
custom
determining necessity for 1
main steps for developing 1
difference from Identity Assertion providers 1, 2
example of creating runtime classes 1
optional SSPI MBean attributes/operations in the WebLogic Server Administration Console 1
purpose 1
relationship
to Principal Validation providers 1, 2
specifying the order of 1
use of LoginModules for multipart authentication 1
Authorization
configuring in the WebLogic Server Administration Console 1, 2
custom
determining necessity for 1
main steps for developing 1
example of creating runtime classes 1
purpose 1
relationship
to Access Decisions 1
use with Role Mapping providers 1
Credential Mapping
configuring in the WebLogic Server Administration Console 1, 2
custom
determining necessity for 1
main steps for developing 1
interaction with WebLogic Security Framework 1
purpose 1
custom
main steps 1
creating runtime classes 1
general information about configuring 1
generating MBean types 1
when to write console extensions 1, 2
general architecture 1
how the WebLogic Security Framework locates 1
Identity Assertion
configuring
for use with token types 1
in the WebLogic Server Administration Console 1
custom
determining necessity for 1
main steps for developing 1
determining necessity for custom 1
difference from Authentication providers 1, 2
example of creating runtime classes 1
purpose 1
use of separate LoginModule 1, 2
use of tokens 1
WebLogic 1
initializing a database for use with 1
automatic creation 1
configuring existing 1
default users, groups, roles, policies, credentials 1
requirements 1
interfaces
for creating runtime classes 1
for generating MBean types 1
Principal Validation
custom
determining necessity for 1
options for developing 1
differences from other types 1
purpose 1
relationship
to Authentication providers 1, 2
WebLogic 1
process for developing 1
Role Mapping
configuring in the WebLogic Server Administration Console 1, 2
custom
determining necessity for 1
main steps for developing 1
example of creating runtime classes 1
purpose 1
use with Authorization providers 1
samples
Auditing provider 1
Authentication provider 1
Authorization provider 1
Identity Assertion provider 1
Role Mapping provider 1
use with deployment descriptors
Authorization 1
Credential Mapping 1
Role Mapping 1
security service provider interfaces (SSPIs)
AccessDecision 1
AdjudicationProvider 1
Adjudicator 1
AuditChannel 1
AuditEvent 1
AuditEvent convenience interfaces 1
AuditProvider 1
getPrincipalValidator method 1
AuthorizationProvider 1
creating runtime classes
Adjudication providers 1
Auditing providers 1
AuditingProvider example implementation 1
Authentication providers 1
AuthenticationProvider example implementation 1
Authorization providers 1
AuthorizationProvider example implementation 1
Credential Mapping providers 1
Identity Assertion providers 1
IdentityAsserter example implementation 1
LoginModule example implementation 1
Role Mapping providers 1
RoleProvider example implementation 1
SecurityRole example implementation 1
CredentialMapper 1
CredentialProvider 1
Deployable versions
DeployableAuthorizationProvider 1, 2
DeployableCredentialProvider 1, 2
ending in Provider
as factory 1
Deployable versions 1, 2, 3, 4
purpose 1
IdentityAsserter 1
inheritance hierarchy 1
quick reference 1
RoleMapper 1
RoleProvider 1
SecurityExtension interface 1
SecurityExtensionV2 interface
methods 1
SecurityProvider interface
methods 1
SecurityServices interface
implementations 1
methods 1
purpose 1
server, embedded LDAP
WebLogic Authentication provider use of 1
Servlet containers
use of ContextHandlers 1
severity, audit
configuring for Auditing providers in the WebLogic Server Administration Console 1
definition 1
single sign-on
using Identity Assertion providers and LoginModules 1
single-parent WebLogic resource hierarchies 1
getParentResource method 1
specification, Java Management eXtensions (JMX) 1
SSPI MBeans
base required 1
definition 1
determining which to extend and implement 1
inheritance hierarchy 1
optional
appearance of attributes/operations in WebLogic Server Administration Console 1
definition 1
specific steps for WebLogic MBeanMaker utility 1, 2, 3, 4, 5
what the WebLogic MBeanMaker utility provides 1
quick reference 1
required
definition 1
using to generate MBean types 1
subinterfaces of the AuditEvent SSPI 1
subjects
Supported Types
attribute in MBean Definition Files (MDFs) for Identity Assertion providers 1
field in WebLogic Server Administration Console 1
syntax, MBean Definition File (MDF) elements 1
examples 1
MBeanAttribute subelement 1
attributes 1
MBeanConstructor subelement 1
MBeanOperation subelement 1
attributes 1
MBeanOperationArg subelement 1
attributes 1
MBeanType (root) element 1
attributes 1
tokens
passing for perimeter authentication 1
types
configuring Identity Assertion providers for use with 1
creating new 1
definition 1
for identity assertion 1
supported by WebLogic Identity Assertion provider 1
toString method
format 1
use for WebLogic resource identification 1
types
tokens
configuring Identity Assertion providers for use with 1
creating new 1
definition 1
for identity assertion 1
supported by WebLogic Identity Assertion provider 1
user lockouts
implementing your own User Lockout Manager 1
managing 1
preventing double 1
realm-wide User Lockout Manager 1
relationship to PasswordPolicyMBean 1
username/password authentication 1
UsernamePasswordLoginModule
using for client-side authentication 1, 2, 3
using for Common Secure Interoperability version 2 (CSIv2) 1
users
default
security provider database initialization 1
definition 1
WebLogic Server 1
utilities, management 1
utility, WebLogic MBeanMaker
what it provides 1
Web applications
use of deployment descriptors 1, 2
WebLogic MBeanMaker utility
creating MBean JAR Files (MJFs) 1, 2, 3, 4, 5, 6, 7
generating MBean types 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15
specific steps
custom operations 1, 2, 3, 4, 5, 6, 7, 8, 9, 10
optional SSPI MBeans 1, 2, 3, 4, 5
what it provides 1
WebLogic resources
architecture 1
creating default groups 1
creating default roles 1
creating default security policies 1
definition 1
identifiers 1
resource IDs 1
toString method 1
optimizing look ups 1
single-parent hierarchy 1
getParentResource method 1
storing in security provider database 1
types 1
use of ContextHandlers 1
WebLogic Security Framework
interaction
with Credential Mapping providers 1
with Java Authentication and Authorization Service (JAAS) 1
example 1
security providers
exposing to 1
how located 1
WebLogic security providers
description
Adjudication provider 1
Auditing provider 1
Authentication provider 1
Authorization provider 1
Credential Mapping provider 1
Identity Assertion provider 1
Principal Validation provider 1
Role Mapping provider 1
WebLogic Server
installing MBean types into 1, 2, 3, 4, 5, 6, 7
support for Common Secure Interoperability version 2 (CSIv2) 1
process 1
WebLogic Server Administration Console
ActiveTypes field for Identity Assertion providers 1
configuring
Adjudication providers 1
audit severity of Auditing providers 1
Auditing providers 1
Authentication providers 1
Authorization providers 1
Credential Mapping providers 1
deployable credential mappings 1
deployable security policies 1
deployable security roles 1
Identity Assertion providers 1
Role Mapping providers 1
custom attributes/operations in 1
effect of a console extension 1
optional SSPI MBean attributes/operations for Authentication providers in 1
replacing custom security provider-related dialog screens 1
specifying roles 1
SSPI MBeans' effect on 1
Supported Types field for Identity Assertion providers 1
WLSPrincipals class 1
writing console extensions
affect on WebLogic Server Administration Console 1
for custom security providers
difference from basic 1
main steps 1
in the development process 1
purpose 1