AtnSecurityMgmtHelper Class
- public class AtnSecurityMgmtHelper
extends Object
Provides helper methods for accessing security management classes,
especially those used to manage SSPI providers.
-
Hierarchy
-
Object
AtnSecurityMgmtHelper
public static AtnProviderDescription |
-
findProviderByName (String aDisplayName)
- Returns the configured SSPI authentication
provider with a matching display name.
|
public static AtnProviderDescription |
-
findProviderByName (String aDisplayName, boolean getCachedMBean)
- Returns the configured SSPI authentication
provider with a matching display name.
|
public static AtnProviderDescription |
-
findProviderByUniqueName (String aUniqueId)
- Returns the configured SSPI authentication
provider with a matching unique id which is the concatenation
of display name and version number.
|
public static AtnProviderDescription |
-
getDefaultProvider ()
- Returns the default configured SSPI authentication
provider.
|
public static String |
-
getDisallowedUserPattern ()
- Returns the set of characters which are disallowed in the creation
of user names.
|
public static List |
-
getProviders ()
- Returns the list of currently configured SSPI authentication
providers.
|
public static String |
-
getProviderUniqueName (String aDisplayName, String aVersion)
- Returns unique id of the
provider which is the concatenation
of display name and version number.
|
public static boolean |
-
isDeletableGroup (String aProviderDescription, String groupName)
- Checks whether the
groupName specified is a protected group
name or whether the groupName is a WLS special group name, neither of which will
be allowed to be deleted.
|
public static boolean |
-
isMultiAtnProviderMode ()
- Returns an indication of whether multiple authentication providers
have been configured.
|
public static boolean |
-
isProtectedGroupName (String aProviderDescription, String groupName)
- Checks whether the
groupName specified is an optional reserved group
name or whether the groupName is a WLS special group name, neither of which will
be allowed to be created by this provider.
|
public static boolean |
-
isProtectedUserName (String aProviderDescription, String userName)
- Checks whether the
userName specified is a protected user
name which willnot be allowed to be created by this provider.
|
public static boolean |
-
isReservedGroupName (String aProviderDescription, String groupName)
- Checks whether the
groupName specified is an optional reserved group
name which will not be allowed to be created by this provider.
|
public static boolean |
-
isReservedUserName (String aProviderDescription, String userName)
- Checks whether the
userName specified is an optional reserved user
name or whether the userName is a WLS special user name, neither of which will
be allowed to be created by this provider.
|
public static void |
-
validateGroupCallerRole (String operationType, String targetUserName)
- Throws an exception if the caller is not in the proper role
to perform the requested user management operation.
|
public static void |
-
validateUserCallerRole (String operationType, String targetUserName)
- Throws an exception if the caller is not in the proper role
to perform the requested user management operation.
|
Methods from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
AtnSecurityMgmtHelper
public AtnSecurityMgmtHelper()
findProviderByName(String) Method
public static AtnProviderDescription
findProviderByName(String
aDisplayName)
throws ProviderMgmtException
Returns the configured SSPI authentication
provider with a matching display name. Will return a cached reference which
may be stale if the admin server has bounced.
Parameters
-
aDisplayName
- The name entered at the WLS console when
creating a new authentication provider.
Returns
- AtnProviderDescription or null, if no matching provider found
Exceptions
-
ProviderMgmtException
findProviderByName(String, boolean) Method
public static AtnProviderDescription
findProviderByName(String
aDisplayName,
boolean getCachedMBean)
throws ProviderMgmtException
Returns the configured SSPI authentication
provider with a matching display name. The getCachedMBean parameter can be used to
force a refreshing of the provider MBean reference contained in the returned
AtnProviderDescription. This is only necessary if it has been determined the
admin server is down or has been cycled.
Parameters
-
aDisplayName
- The display name this provider is recognized by
-
getCachedMBean
- If true, uses an existing reference to the provider
Returns
- AtnProviderDescription
Exceptions
-
ProviderMgmtException
findProviderByUniqueName(String) Method
public static AtnProviderDescription
findProviderByUniqueName(String
aUniqueId)
throws ProviderMgmtException
Returns the configured SSPI authentication
provider with a matching unique id which is the concatenation
of display name and version number.
Parameters
-
aUniqueId
- Concatenation of display name and version number
Returns
- AtnProviderDescription or null, if no matching provider found
Exceptions
-
ProviderMgmtException
getDefaultProvider() Method
public static AtnProviderDescription
getDefaultProvider()
throws ProviderMgmtException
Returns the default configured SSPI authentication
provider.
Returns
- default AtnProviderDescription
Exceptions
-
ProviderMgmtException
getDisallowedUserPattern() Method
public static String
getDisallowedUserPattern()
Returns the set of characters which are disallowed in the creation
of user names.
Returns
- disallowed chars
getProviders() Method
public static List
getProviders()
throws ProviderMgmtException
Returns the list of currently configured SSPI authentication
providers.
Returns
- List of AtnProviderDescription objects
Exceptions
-
ProviderMgmtException
getProviderUniqueName(String, String) Method
public static String
getProviderUniqueName(String
aDisplayName,
String
aVersion)
Returns unique id of the
provider which is the concatenation
of display name and version number.
Parameters
-
aDisplayName
- The provider name
-
aVersion
- The provider version
Returns
- unique id
isDeletableGroup(String, String) Method
public static boolean isDeletableGroup(String
aProviderDescription,
String
groupName)
Checks whether the groupName
specified is a protected group
name or whether the groupName
is a WLS special group name, neither of which will
be allowed to be deleted.
Parameters
-
aProviderDescription
- the string identifying this authentication provider in
the properties file.
-
groupName
- the group name to evaluate
Returns
- true if group name can be deleted, else false
isMultiAtnProviderMode() Method
public static boolean isMultiAtnProviderMode()
Returns an indication of whether multiple authentication providers
have been configured.
Returns
- True if more than one authentication provider is found, else false
isProtectedGroupName(String, String) Method
public static boolean isProtectedGroupName(String
aProviderDescription,
String
groupName)
Checks whether the groupName
specified is an optional reserved group
name or whether the groupName
is a WLS special group name, neither of which will
be allowed to be created by this provider.
Parameters
-
aProviderDescription
- the string identifying this authentication provider in
the properties file.
-
groupName
- the group name to evaluate
Returns
- List of Strings containing reserved user names
isProtectedUserName(String, String) Method
public static boolean isProtectedUserName(String
aProviderDescription,
String
userName)
Checks whether the userName
specified is a protected user
name which willnot be allowed to be created by this provider.
Parameters
-
aProviderDescription
- the string identifying this authentication provider in
the properties file.
-
userName
- the user name to evaluate
Returns
- true if userName is protecteds by provider else false
isReservedGroupName(String, String) Method
public static boolean isReservedGroupName(String
aProviderDescription,
String
groupName)
Checks whether the groupName
specified is an optional reserved group
name which will not be allowed to be created by this provider.
Parameters
-
aProviderDescription
- the string identifying this authentication provider in
the properties file.
-
groupName
- the group name to evaluate
Returns
- True if group name is reserved, otherwise false
isReservedUserName(String, String) Method
public static boolean isReservedUserName(String
aProviderDescription,
String
userName)
Checks whether the userName
specified is an optional reserved user
name or whether the userName
is a WLS special user name, neither of which will
be allowed to be created by this provider.
Parameters
-
aProviderDescription
- the string identifying this authentication provider in
the properties file.
-
userName
- the user name to evaluate
Returns
- true if userName is reserved by provider, else false
validateGroupCallerRole(String, String) Method
public static void validateGroupCallerRole(String
operationType,
String
targetUserName)
Throws an exception if the caller is not in the proper role
to perform the requested user management operation.
validateUserCallerRole(String, String) Method
public static void validateUserCallerRole(String
operationType,
String
targetUserName)
Throws an exception if the caller is not in the proper role
to perform the requested user management operation.