Package weblogic.management.configuration

Interface SecureModeMBean

All Superinterfaces:

ConfigurationMBean, DescriptorBean, javax.management.DynamicMBean, javax.management.MBeanRegistration, javax.management.NotificationBroadcaster, SettableBean, WebLogicMBean

public interface SecureModeMBean
extends ConfigurationMBean

Controls the behavior of Secure Mode in the current WebLogic Server domain. Attributes control whether secure mode is enabled and control the validation that is performed during startup.

Field Summary

Fields inherited from interface weblogic.management.configuration.ConfigurationMBean

DEFAULT_EMPTY_BYTE_ARRAY

Method Summary

Modifier and Type	Method	Description
boolean	isRestrictiveJMXPolicies()	Returns whether restrictive policies will be used for JMX authorization.
boolean	isSecureModeEnabled()	Returns whether the domain will run in secure mode.
boolean	isWarnOnAnonymousRequests()	Returns whether a warning should be logged if anonymous RMI requests are enabled.
boolean	isWarnOnAuditing()	Returns whether warnings should be logged if auditing not enabled.
boolean	isWarnOnInsecureApplications()	Returns whether warnings should be logged if applications are not secure.
boolean	isWarnOnInsecureDataSources()	Returns whether warnings should be logged if data sources are not secure.
boolean	isWarnOnInsecureFileSystem()	Returns whether warnings should be logged if the File System is not secure.
boolean	isWarnOnInsecureSSL()	Returns whether warnings should be logged if the SSL configuration is not secure.
boolean	isWarnOnJavaSecurityManager()	Returns whether warnings should be logged if the Java Security Manager is not enabled.
boolean	isWarnOnPatches()	Returns whether a warning should be logged if required WebLogic Server or Coherence CPU patches are not applied.
boolean	isWarnOnPorts()	Returns whether a warning should be logged if ports configuration is insecure.
boolean	isWarnOnSamples()	Returns whether a warning should be logged if samples are installed.
boolean	isWarnOnUserLockout()	Returns whether a warning should be logged if the user lockout configuration is not secure.
boolean	isWarnOnUsernamePasswords()	Returns whether a warning should be logged if usernames or password configuration is insecure.
void	setRestrictiveJMXPolicies(boolean enabled)	Sets the value of the RestrictiveJMXPolicies attribute.
void	setSecureModeEnabled(boolean isSecure)	Sets the value of the Secure Mode Enabled attribute.
void	setWarnOnAnonymousRequests(boolean enabled)	Sets the value of the Warn On Anonymous Requests attribute.
void	setWarnOnAuditing(boolean enabled)	Sets the value of the Warn On Auditing attribute.
void	setWarnOnInsecureApplications(boolean enabled)	Sets the value of the Warn On Insecure Applications attribute.
void	setWarnOnInsecureDataSources(boolean enabled)	Sets the value of the Warn On Insecure Data Sources attribute.
void	setWarnOnInsecureFileSystem(boolean enabled)	Sets the value of the Warn On Insecure File System attribute.
void	setWarnOnInsecureSSL(boolean enabled)	Sets the value of the Warn On Insecure SSL attribute.
void	setWarnOnJavaSecurityManager(boolean enabled)	Sets the value of the Warn On Java Security Manager attribute.
void	setWarnOnPatches(boolean enabled)	Sets the value of the Warn On Patches attribute.
void	setWarnOnPorts(boolean enabled)	Sets the value of the Warn On Ports attribute.
void	setWarnOnSamples(boolean enabled)	Sets the value of the Warn On Samples attribute.
void	setWarnOnUserLockout(boolean enabled)	Sets the value of the Warn On user lockout attribute.
void	setWarnOnUsernamePasswords(boolean enabled)	Sets the value of the Warn On UsernamePasswords attribute.

Methods inherited from interface weblogic.management.configuration.ConfigurationMBean

freezeCurrentValue, getId, getInheritedProperties, getName, getNotes, isDynamicallyCreated, isInherited, isSet, restoreDefaultValue, setComments, setDefaultedMBean, setName, setNotes, setPersistenceEnabled, unSet

Methods inherited from interface weblogic.descriptor.DescriptorBean

addPropertyChangeListener, createChildCopyIncludingObsolete, getParentBean, isEditable, removePropertyChangeListener

Methods inherited from interface javax.management.DynamicMBean

getAttribute, getAttributes, invoke, setAttribute, setAttributes

Methods inherited from interface javax.management.MBeanRegistration

postDeregister, postRegister, preDeregister, preRegister

Methods inherited from interface javax.management.NotificationBroadcaster

addNotificationListener, getNotificationInfo, removeNotificationListener

Methods inherited from interface weblogic.management.WebLogicMBean

getMBeanInfo, getObjectName, getParent, getType, isCachingDisabled, isRegistered, setParent

Method Detail

isSecureModeEnabled

boolean isSecureModeEnabled()

Returns whether the domain will run in secure mode.

In secure mode, the configuration defaults are those recommended for securing a domain. The authorization policies for JNDI and MBean access are more restrictive in secure mode. In addition, WLS will validate the domain configuration and log warnings and errors for any insecure settings.

Secure mode requires the domain to be in production mode.

Returns:

The Secure Mode Enabled value

Changes to this property take effect after you redeploy the module or restart the server. If the resource is in a partition, restart the partition.

setSecureModeEnabled

void setSecureModeEnabled(boolean isSecure)

Sets the value of the Secure Mode Enabled attribute.

Parameters:

isSecure - The new Secure Mode Enabled value

See Also:

isSecureModeEnabled()

isRestrictiveJMXPolicies

boolean isRestrictiveJMXPolicies()

Returns whether restrictive policies will be used for JMX authorization.

If secure mode is enabled and restrictive policies are enabled, then the default policies for JMX only allow MBean access to the standard WLS roles (Admin, Deployer, Operator, or Monitor). If changed as part of a non-dynamic activation, then the ServerSecurityRuntimeMBean.resetDefaultPolicies method should also be invoked.

Returns:

The Restricted JMX Policies value

Default Value:

true

Changes to this property are dynamic and thus take effect immediately without restarting the server or partition.

setRestrictiveJMXPolicies

void setRestrictiveJMXPolicies(boolean enabled)

Sets the value of the RestrictiveJMXPolicies attribute.

Parameters:

enabled - The new Restrictive JMX Policies value

See Also:

isRestrictiveJMXPolicies()

isWarnOnInsecureSSL

boolean isWarnOnInsecureSSL()

Returns whether warnings should be logged if the SSL configuration is not secure.

If secure mode is enabled and warnings are enabled, then messages will be logged for insecure SSL configuration settings.

Returns:

The Warn on Insecure SSL value

Default Value:

true

Changes to this property are dynamic and thus take effect immediately without restarting the server or partition.

setWarnOnInsecureSSL

void setWarnOnInsecureSSL(boolean enabled)

Sets the value of the Warn On Insecure SSL attribute.

Parameters:

enabled - The new Warn value

See Also:

isWarnOnInsecureSSL()

isWarnOnInsecureFileSystem

boolean isWarnOnInsecureFileSystem()

Returns whether warnings should be logged if the File System is not secure.

If secure mode is enabled and warnings are enabled, then messages will be logged for insecure file system setting.

Returns:

The Warn on Insecure File System value

Default Value:

true

Changes to this property are dynamic and thus take effect immediately without restarting the server or partition.

setWarnOnInsecureFileSystem

void setWarnOnInsecureFileSystem(boolean enabled)

Sets the value of the Warn On Insecure File System attribute.

Parameters:

enabled - The new Warn value

See Also:

isWarnOnInsecureFileSystem()

isWarnOnAuditing

boolean isWarnOnAuditing()

Returns whether warnings should be logged if auditing not enabled.

If secure mode is enabled and warnings are enabled, then messages will be logged if auditing is not enabled.

Returns:

The Warn on Auditing value

Default Value:

true

Changes to this property are dynamic and thus take effect immediately without restarting the server or partition.

setWarnOnAuditing

void setWarnOnAuditing(boolean enabled)

Sets the value of the Warn On Auditing attribute.

Parameters:

enabled - The new Warn value

See Also:

isWarnOnAuditing()

isWarnOnInsecureApplications

boolean isWarnOnInsecureApplications()

Returns whether warnings should be logged if applications are not secure.

If secure mode is enabled and warnings are enabled, then messages will be logged for insecure application elements.

Returns:

The Warn on Insecure Applications value

Default Value:

true

Changes to this property are dynamic and thus take effect immediately without restarting the server or partition.

setWarnOnInsecureApplications

void setWarnOnInsecureApplications(boolean enabled)

Sets the value of the Warn On Insecure Applications attribute.

Parameters:

enabled - The new Warn value

See Also:

isWarnOnInsecureApplications()

isWarnOnJavaSecurityManager

boolean isWarnOnJavaSecurityManager()

Returns whether warnings should be logged if the Java Security Manager is not enabled.

If secure mode is enabled and warning is enabled, then a messages will be logged if the Java Security Manager is not enabled.

Returns:

The Warn on Java Security Manager Not Enabled value

Default Value:

false

Changes to this property are dynamic and thus take effect immediately without restarting the server or partition.

setWarnOnJavaSecurityManager

void setWarnOnJavaSecurityManager(boolean enabled)

Sets the value of the Warn On Java Security Manager attribute.

Parameters:

enabled - The new Warn value

See Also:

isWarnOnJavaSecurityManager()

isWarnOnUserLockout

boolean isWarnOnUserLockout()

Returns whether a warning should be logged if the user lockout configuration is not secure.

If the warning is enabled, then a message will be logged if the user lockout settings are not secure.

Returns:

The Warn on User Lockout value

Default Value:

true

Changes to this property are dynamic and thus take effect immediately without restarting the server or partition.

setWarnOnUserLockout

void setWarnOnUserLockout(boolean enabled)

Sets the value of the Warn On user lockout attribute.

Parameters:

enabled - The new Warn value

See Also:

isWarnOnUserLockout()

isWarnOnAnonymousRequests

boolean isWarnOnAnonymousRequests()

Returns whether a warning should be logged if anonymous RMI requests are enabled.

If the warning is enabled, then a message will be logged if anonymous RMI requests are enabled.

Returns:

The Warn on Anonymous Requests value

Default Value:

true

Changes to this property are dynamic and thus take effect immediately without restarting the server or partition.

setWarnOnAnonymousRequests

void setWarnOnAnonymousRequests(boolean enabled)

Sets the value of the Warn On Anonymous Requests attribute.

Parameters:

enabled - The new Warn value

See Also:

isWarnOnAnonymousRequests()

isWarnOnPatches

boolean isWarnOnPatches()

Returns whether a warning should be logged if required WebLogic Server or Coherence CPU patches are not applied.

If the warning is enabled, then a message will be logged if required CPU patches are not applied.

Returns:

The Warn on Patches value

Default Value:

true

Changes to this property are dynamic and thus take effect immediately without restarting the server or partition.

setWarnOnPatches

void setWarnOnPatches(boolean enabled)

Sets the value of the Warn On Patches attribute.

Parameters:

enabled - The new Warn value

See Also:

isWarnOnPatches()

isWarnOnUsernamePasswords

boolean isWarnOnUsernamePasswords()

Returns whether a warning should be logged if usernames or password configuration is insecure.

If the warning is enabled and the domain is in secured production mode, then a message will be logged if well known administrator usernames are present or password validation configuration is insecure.

Returns:

The Warn on Usernames value

Default Value:

true

Changes to this property are dynamic and thus take effect immediately without restarting the server or partition.

setWarnOnUsernamePasswords

void setWarnOnUsernamePasswords(boolean enabled)

Sets the value of the Warn On UsernamePasswords attribute.

Parameters:

enabled - The new Warn value

See Also:

isWarnOnUsernamePasswords()

isWarnOnSamples

boolean isWarnOnSamples()

Returns whether a warning should be logged if samples are installed.

If the warning is enabled, then a message will be logged if samples are installed.

Returns:

The Warn on Samples value

Default Value:

true

Changes to this property are dynamic and thus take effect immediately without restarting the server or partition.

setWarnOnSamples

void setWarnOnSamples(boolean enabled)

Sets the value of the Warn On Samples attribute.

Parameters:

enabled - The new Warn value

See Also:

isWarnOnSamples()

isWarnOnPorts

boolean isWarnOnPorts()

Returns whether a warning should be logged if ports configuration is insecure.

If the warning is enabled, then a message will be logged if the network port configuration is insecure.

Returns:

The Warn on Ports value

Default Value:

true

Changes to this property are dynamic and thus take effect immediately without restarting the server or partition.

setWarnOnPorts

void setWarnOnPorts(boolean enabled)

Sets the value of the Warn On Ports attribute.

Parameters:

enabled - The new Warn value

See Also:

isWarnOnPorts()

isWarnOnInsecureDataSources

boolean isWarnOnInsecureDataSources()

Returns whether warnings should be logged if data sources are not secure.

If production mode is enabled and warnings are enabled, then messages will be logged for insecure data sources.

Returns:

The Warn on Insecure Data Sources value

Default Value:

true

Changes to this property are dynamic and thus take effect immediately without restarting the server or partition.

setWarnOnInsecureDataSources

void setWarnOnInsecureDataSources(boolean enabled)

Sets the value of the Warn On Insecure Data Sources attribute.

Parameters:

enabled - The new Warn value

See Also:

isWarnOnInsecureDataSources()