Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
Oracle Fusion Middleware
Java API Reference for Oracle WebLogic Server
12c (12.1.2)

Part Number E27170-02
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    All Classes
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

weblogic.management.configuration
Interface FederationServicesMBean

All Superinterfaces:
ConfigurationMBean, DescriptorBean, DynamicMBean, MBeanRegistration, NotificationBroadcaster, SettableBean, WebLogicMBean
public interface FederationServicesMBean
extends ConfigurationMBean

This MBean represents configuration for SAML 1.1-based Federation Services, including the intersite transfer service, assertion consumer service, and assertion retrieval service.

Field Summary
 
Fields inherited from interface weblogic.management.configuration.ConfigurationMBean
DEFAULT_EMPTY_BYTE_ARRAY
 
Method Summary
 String[] getAssertionConsumerURIs()
          The Assertion Consumer URIs.
 String[] getAssertionRetrievalURIs()
          One or more URIs on which to listen for incoming assertion retrieval requests.
 String getAssertionStoreClassName()
          The class that provides persistent storage for assertions, if you use an Assertion Store class other than the default class.
 Properties getAssertionStoreProperties()
          Properties passed to Assertion Store class initStore() method.
 String[] getIntersiteTransferURIs()
          The Intersite Transfer URIs.
 String getSigningKeyAlias()
          The alias used to store and retrieve the Source Site's signing key in the keystore.
 String getSigningKeyPassPhrase()
          The passphrase used to retrieve the Source Site's signing key from the keystore.
 byte[] getSigningKeyPassPhraseEncrypted()
          The encrypted passphrase used to retrieve the Source Site's signing key from the keystore.
 String getSourceIdBase64()
          The Source Site ID base64-encoded.
 String getSourceIdHex()
          The Source Site ID in hexadecimal.
 String getSourceSiteURL()
          The URL for the Source Site.
 String getSSLClientIdentityAlias()
          The alias used to store and retrieve the Destination Site's SSL client identity in the keystore.
 String getSSLClientIdentityPassPhrase()
          The passphrase used to retrieve the Destination Site's SSL client identity from the keystore.
 byte[] getSSLClientIdentityPassPhraseEncrypted()
          The encrypted passphrase used to retrieve the Destination Site's SSL client identity from the keystore.
 String getUsedAssertionCacheClassName()
          The class used as the persistent store for the Used Assertion Cache.
 Properties getUsedAssertionCacheProperties()
          Properties to be passed to the Used Assertion Cache class.
 boolean isACSRequiresSSL()
          Specifies whether the Assertion Consumer Service requires SSL.
 boolean isARSRequiresSSL()
          Specifies whether the Assertion Retrieval Service requires SSL.
 boolean isARSRequiresTwoWaySSL()
          Specifies whether the Assertion Retrieval Service requires two-way SSL authentication.
 boolean isDestinationSiteEnabled()
          Specifies whether the Destination Site is enabled.
 boolean isITSRequiresSSL()
          Specifies whether the Intersite Transfer Service requires SSL.
 boolean isPOSTOneUseCheckEnabled()
          Specifies whether the POST one-use check is enabled.
 boolean isPOSTRecipientCheckEnabled()
          Specifies whether the POST recipient check is enabled.
 boolean isSourceSiteEnabled()
          Indicates whether the Source Site is enabled.
 void setACSRequiresSSL(boolean acsRequiresSSL)
          Set the ACS requires SSL value.
 void setARSRequiresSSL(boolean arsRequiresSSL)
          Set the ARS requires SSL value.
 void setARSRequiresTwoWaySSL(boolean arsRequiresTwoWaySSL)
          Set the ARS requires two-way SSL authentication value.
 void setAssertionConsumerURIs(String[] assertionConsumerURIs)
          Set the Assertion Consumer URIs.
 void setAssertionRetrievalURIs(String[] assertionRetrievalURIs)
          Set the Assertion Retrieval URIs.
 void setAssertionStoreClassName(String assertionStoreClassName)
          Set the (non-default) Assertion Store class name.
 void setAssertionStoreProperties(Properties assertionStoreProperties)
          Set the Assertion Store properties.
 void setDestinationSiteEnabled(boolean destinationSiteEnabled)
          Set the Destination Site enabled value.
 void setIntersiteTransferURIs(String[] intersiteTransferURIs)
          Set the Intersite Transfer URIs.
 void setITSRequiresSSL(boolean itsRequiresSSL)
          Set the ITS requires SSL value.
 void setPOSTOneUseCheckEnabled(boolean postOneUseCheckEnabled)
          Set the POST one-use check enabled value.
 void setPOSTRecipientCheckEnabled(boolean postRecipientCheckEnabled)
          Set the POST recipient check enabled value.
 void setSigningKeyAlias(String signingKeyAlias)
          Sets the value of the SigningKeyAlias attribute.
 void setSigningKeyPassPhrase(String signingKeyPassPhrase)
          Sets the value of the SigningKeyPassPhrase attribute.
 void setSigningKeyPassPhraseEncrypted(byte[] signingKeyPassPhraseEncrypted)
          Sets the value of the SigningKeyPassPhraseEncrypted attribute.
 void setSourceSiteEnabled(boolean sourceSiteEnabled)
          Set the Source Site enabled value.
 void setSourceSiteURL(String sourceSiteURL)
          Set the Source Site URL.
 void setSSLClientIdentityAlias(String sslClientIdentityAlias)
          Sets the value of the SSLClientIdentityAlias attribute.
 void setSSLClientIdentityPassPhrase(String sslClientIdentityPassPhrase)
          Sets the value of the SSLClientIdentityPassPhrase attribute.
 void setSSLClientIdentityPassPhraseEncrypted(byte[] sslClientIdentityPassPhraseEncrypted)
          Sets the value of the SSLClientIdentityPassPhraseEncrypted attribute.
 void setUsedAssertionCacheClassName(String usedAssertionCacheClassName)
          Set the (non-default) Used Assertion Cache class name.
 void setUsedAssertionCacheProperties(Properties usedAssertionCacheProperties)
          Set the Used Assertion Cache properties.
 
Methods inherited from interface weblogic.management.configuration.ConfigurationMBean
freezeCurrentValue, getId, getInheritedProperties, getName, getNotes, isDynamicallyCreated, isInherited, isSet, restoreDefaultValue, setComments, setDefaultedMBean, setName, setNotes, setPersistenceEnabled, unSet
 
Methods inherited from interface weblogic.management.WebLogicMBean
getMBeanInfo, getObjectName, getParent, getType, isCachingDisabled, isRegistered, setParent
 
Methods inherited from interface javax.management.DynamicMBean
getAttribute, getAttributes, invoke, setAttribute, setAttributes
 
Methods inherited from interface javax.management.MBeanRegistration
postDeregister, postRegister, preDeregister, preRegister
 
Methods inherited from interface javax.management.NotificationBroadcaster
addNotificationListener, getNotificationInfo, removeNotificationListener
 
Methods inherited from interface weblogic.descriptor.DescriptorBean
addPropertyChangeListener, createChildCopyIncludingObsolete, getParentBean, isEditable, removePropertyChangeListener
 

Method Detail

isSourceSiteEnabled

boolean isSourceSiteEnabled()

Indicates whether the Source Site is enabled.

Returns:
This Source Site enabled value.
Default Value:
false

setSourceSiteEnabled

void setSourceSiteEnabled(boolean sourceSiteEnabled)
                          throws InvalidAttributeValueException

Set the Source Site enabled value.

Parameters:
sourceSiteEnabled - The Source Site enabled setting.
Throws:
InvalidAttributeValueException

getSourceSiteURL

String getSourceSiteURL()

The URL for the Source Site.

Returns:
The Source Site URL.
Default Value:
null

setSourceSiteURL

void setSourceSiteURL(String sourceSiteURL)
                      throws InvalidAttributeValueException

Set the Source Site URL.

Parameters:
sourceSiteURL - The Source Site URL to set.
Throws:
InvalidAttributeValueException

getSourceIdHex

String getSourceIdHex()

The Source Site ID in hexadecimal.

This read-only value is a hexadecimal representation of a 20-byte binary value that is calculated from the SourceSiteURL. If you want to configure ARTIFACT profile with another site, you will need to give a SourceId value to the other site. This value is automatically updated when the SourceSiteURL changes.

Returns:
The Source Site ID.

getSourceIdBase64

String getSourceIdBase64()

The Source Site ID base64-encoded.

This read-only value is a Base64 representation of a 20-byte binary value that is calculated from the SourceSiteURL. If you want to configure ARTIFACT profile with another site, you will need to give a SourceId value to the other site. This value is automatically updated when the SourceSiteURL changes.

Returns:
The Source Site ID.

getIntersiteTransferURIs

String[] getIntersiteTransferURIs()

The Intersite Transfer URIs.

Returns:
The Intersite Transfer URIs.
Default Value:
"/samlits_ba/its", "/samlits_ba/its/post", "/samlits_ba/its/artifact", "/samlits_cc/its", "/samlits_cc/its/post", "/samlits_cc/its/artifact"

setIntersiteTransferURIs

void setIntersiteTransferURIs(String[] intersiteTransferURIs)
                              throws InvalidAttributeValueException

Set the Intersite Transfer URIs.

Parameters:
intersiteTransferURIs - The Intersite Transfer URIs to set.
Throws:
InvalidAttributeValueException

isITSRequiresSSL

boolean isITSRequiresSSL()

Specifies whether the Intersite Transfer Service requires SSL.

Returns:
The ITS requires SSL value.
Changes take effect after you redeploy the module or restart the server.
Default Value:
true

setITSRequiresSSL

void setITSRequiresSSL(boolean itsRequiresSSL)
                       throws InvalidAttributeValueException

Set the ITS requires SSL value.

Parameters:
itsRequiresSSL - The ITS requires SSL value to set.
Throws:
InvalidAttributeValueException

getAssertionRetrievalURIs

String[] getAssertionRetrievalURIs()

One or more URIs on which to listen for incoming assertion retrieval requests.

For artifact profile, the destination site receives a SAML artifact that represents a source site (why we need the source site ID values) and an assertion ID. The destination site sends a request containing the artifact to the source site's assertion retrieval URL, and the source site responds with the corresponding assertion. You may configure multiple URIs here, although typically one will be sufficient. The URI includes the application context, followed by the resource context. For example:

/my_application/saml/ars

which would be accessible from the outside as https://my.example.com/my_application/saml/ars

Returns:
The Assertion Retrieval URIs.
Default Value:
"/samlars/ars"

setAssertionRetrievalURIs

void setAssertionRetrievalURIs(String[] assertionRetrievalURIs)
                               throws InvalidAttributeValueException

Set the Assertion Retrieval URIs.

Parameters:
assertionRetrievalURIs - The Assertion Retrieval URIs to set.
Throws:
InvalidAttributeValueException

isARSRequiresSSL

boolean isARSRequiresSSL()

Specifies whether the Assertion Retrieval Service requires SSL.

Returns:
The ARS requires SSL value.
Changes take effect after you redeploy the module or restart the server.
Default Value:
true

setARSRequiresSSL

void setARSRequiresSSL(boolean arsRequiresSSL)
                       throws InvalidAttributeValueException

Set the ARS requires SSL value.

Parameters:
arsRequiresSSL - The ARS requires SSL value to set.
Throws:
InvalidAttributeValueException

isARSRequiresTwoWaySSL

boolean isARSRequiresTwoWaySSL()

Specifies whether the Assertion Retrieval Service requires two-way SSL authentication.

Returns:
The ARS requires two-way SSL authentication value.
Changes take effect after you redeploy the module or restart the server.
Default Value:
false

setARSRequiresTwoWaySSL

void setARSRequiresTwoWaySSL(boolean arsRequiresTwoWaySSL)
                             throws InvalidAttributeValueException

Set the ARS requires two-way SSL authentication value.

Parameters:
arsRequiresTwoWaySSL - The ARS requires two-way SSL authentication value to set.
Throws:
InvalidAttributeValueException

getAssertionStoreClassName

String getAssertionStoreClassName()

The class that provides persistent storage for assertions, if you use an Assertion Store class other than the default class.

Returns:
The Assertion Store class name.
Default Value:
null

setAssertionStoreClassName

void setAssertionStoreClassName(String assertionStoreClassName)
                                throws InvalidAttributeValueException

Set the (non-default) Assertion Store class name.

Parameters:
assertionStoreClassName - The Assertion Store class name to set.
Throws:
InvalidAttributeValueException

getAssertionStoreProperties

Properties getAssertionStoreProperties()

Properties passed to Assertion Store class initStore() method.

This may be useful if you have implemented a custom Assertion Store class.

Returns:
The Assertion Store properties.
Default Value:
null

setAssertionStoreProperties

void setAssertionStoreProperties(Properties assertionStoreProperties)
                                 throws InvalidAttributeValueException

Set the Assertion Store properties.

Parameters:
assertionStoreProperties - The Assertion Store properties to set.
Throws:
InvalidAttributeValueException

getSigningKeyAlias

String getSigningKeyAlias()

The alias used to store and retrieve the Source Site's signing key in the keystore. This key is used to sign POST profile responses.

Returns:
The signingKeyAlias.
Changes take effect after you redeploy the module or restart the server.
Default Value:
null

setSigningKeyAlias

void setSigningKeyAlias(String signingKeyAlias)
                        throws InvalidAttributeValueException

Sets the value of the SigningKeyAlias attribute.

Parameters:
signingKeyAlias - The signingKeyAlias to set.
Throws:
InvalidAttributeValueException

getSigningKeyPassPhrase

String getSigningKeyPassPhrase()

The passphrase used to retrieve the Source Site's signing key from the keystore.

Returns:
The signingKeyPassPhrase.

setSigningKeyPassPhrase

void setSigningKeyPassPhrase(String signingKeyPassPhrase)
                             throws InvalidAttributeValueException

Sets the value of the SigningKeyPassPhrase attribute.

When you get the value of this attribute, WebLogic Server does the following:

  1. Retrieves the value of the SigningKeyPassPhraseEncrypted attribute.
  2. Decrypts the value and returns the unencrypted passphrase as a String.

When you set the value of this attribute, WebLogic Server does the following:

  1. Encrypts the value.
  2. Sets the value of the SigningKeyPassPhraseEncrypted attribute to the encrypted value.

Using this attribute (SigningKeyPassPhrase) is a potential security risk because the String object (which contains the unencrypted passphrase) remains in the JVM's memory until garbage collection removes it and the memory is reallocated. Depending on how memory is allocated in the JVM, a significant amount of time could pass before this unencrypted data is removed from memory.

Instead of using this attribute, use getSigningKeyPassPhraseEncrypted.

Parameters:
signingKeyPassPhrase - The signingKeyPassPhrase to set.
Throws:
InvalidAttributeValueException

getSigningKeyPassPhraseEncrypted

byte[] getSigningKeyPassPhraseEncrypted()

The encrypted passphrase used to retrieve the Source Site's signing key from the keystore.

To set this attribute, use weblogic.management.EncryptionHelper.encrypt() to encrypt the value. Then set this attribute to the output of the encrypt() method.

To compare a password that a user enters with the encrypted value of this attribute, go to the same WebLogic Server instance that you used to set and encrypt this attribute and use weblogic.management.EncryptionHelper.encrypt() to encrypt the user-supplied password. Then compare the encrypted values.

Returns:
The encrypted signingKeyPassPhrase.
Changes take effect after you redeploy the module or restart the server.
Default Value:
null

setSigningKeyPassPhraseEncrypted

void setSigningKeyPassPhraseEncrypted(byte[] signingKeyPassPhraseEncrypted)
                                      throws InvalidAttributeValueException

Sets the value of the SigningKeyPassPhraseEncrypted attribute.

Parameters:
signingKeyPassPhraseEncrypted - The signingKeyPassPhraseEncrypted value to set.
Throws:
InvalidAttributeValueException

isDestinationSiteEnabled

boolean isDestinationSiteEnabled()

Specifies whether the Destination Site is enabled.

Default Value:
false

setDestinationSiteEnabled

void setDestinationSiteEnabled(boolean destinationSiteEnabled)
                               throws InvalidAttributeValueException

Set the Destination Site enabled value.

Parameters:
destinationSiteEnabled - The Destination Site enabled setting.
Throws:
InvalidAttributeValueException

getAssertionConsumerURIs

String[] getAssertionConsumerURIs()

The Assertion Consumer URIs.

Returns:
The Assertion Consumer URIs.
Default Value:
"/samlacs/acs"

setAssertionConsumerURIs

void setAssertionConsumerURIs(String[] assertionConsumerURIs)
                              throws InvalidAttributeValueException

Set the Assertion Consumer URIs.

Parameters:
assertionConsumerURIs - The ASsertion Consumer URIs to set.
Throws:
InvalidAttributeValueException

isACSRequiresSSL

boolean isACSRequiresSSL()

Specifies whether the Assertion Consumer Service requires SSL.

Returns:
The ACS requires SSL value.
Changes take effect after you redeploy the module or restart the server.
Default Value:
true

setACSRequiresSSL

void setACSRequiresSSL(boolean acsRequiresSSL)
                       throws InvalidAttributeValueException

Set the ACS requires SSL value.

Parameters:
acsRequiresSSL - The ACS requires SSL value to set.
Throws:
InvalidAttributeValueException

isPOSTRecipientCheckEnabled

boolean isPOSTRecipientCheckEnabled()

Specifies whether the POST recipient check is enabled. When true, the recipient of the SAML Response must match the URL in the HTTP Request.

Returns:
The POST recipient check enabled value.
Default Value:
true

setPOSTRecipientCheckEnabled

void setPOSTRecipientCheckEnabled(boolean postRecipientCheckEnabled)
                                  throws InvalidAttributeValueException

Set the POST recipient check enabled value.

Parameters:
postRecipientCheckEnabled - The POST recipient check enabled value to set.
Throws:
InvalidAttributeValueException

isPOSTOneUseCheckEnabled

boolean isPOSTOneUseCheckEnabled()

Specifies whether the POST one-use check is enabled.

Returns:
The POST one-use check enabled value.
Default Value:
true

setPOSTOneUseCheckEnabled

void setPOSTOneUseCheckEnabled(boolean postOneUseCheckEnabled)
                               throws InvalidAttributeValueException

Set the POST one-use check enabled value.

Parameters:
postOneUseCheckEnabled - The POST one-use check enabled value to set.
Throws:
InvalidAttributeValueException

getUsedAssertionCacheClassName

String getUsedAssertionCacheClassName()

The class used as the persistent store for the Used Assertion Cache. When no class is specified, the default Used Assertion Cache implementation is used.

Returns:
The Used Assertion Cache class name.
Default Value:
null

setUsedAssertionCacheClassName

void setUsedAssertionCacheClassName(String usedAssertionCacheClassName)
                                    throws InvalidAttributeValueException

Set the (non-default) Used Assertion Cache class name.

Parameters:
usedAssertionCacheClassName - The Used Assertion Cache class name to set.
Throws:
InvalidAttributeValueException

getUsedAssertionCacheProperties

Properties getUsedAssertionCacheProperties()

Properties to be passed to the Used Assertion Cache class.

Returns:
The Used Assertion Cache properties.
Default Value:
null

setUsedAssertionCacheProperties

void setUsedAssertionCacheProperties(Properties usedAssertionCacheProperties)
                                     throws InvalidAttributeValueException

Set the Used Assertion Cache properties.

Parameters:
usedAssertionCacheProperties - The Used Assertion Cache properties to set.
Throws:
InvalidAttributeValueException

getSSLClientIdentityAlias

String getSSLClientIdentityAlias()

The alias used to store and retrieve the Destination Site's SSL client identity in the keystore.

Returns:
The sslClientIdentityAlias.
Changes take effect after you redeploy the module or restart the server.
Default Value:
null

setSSLClientIdentityAlias

void setSSLClientIdentityAlias(String sslClientIdentityAlias)
                               throws InvalidAttributeValueException

Sets the value of the SSLClientIdentityAlias attribute.

Parameters:
sslClientIdentityAlias - The sslClientIdentityAlias to set.
Throws:
InvalidAttributeValueException

getSSLClientIdentityPassPhrase

String getSSLClientIdentityPassPhrase()

The passphrase used to retrieve the Destination Site's SSL client identity from the keystore.

Returns:
The sslClientIdentityPassPhrase.

setSSLClientIdentityPassPhrase

void setSSLClientIdentityPassPhrase(String sslClientIdentityPassPhrase)
                                    throws InvalidAttributeValueException

Sets the value of the SSLClientIdentityPassPhrase attribute.

When you get the value of this attribute, WebLogic Server does the following:

  1. Retrieves the value of the SSLClientIdentityPassPhraseEncrypted attribute.
  2. Decrypts the value and returns the unencrypted passphrase as a String.

When you set the value of this attribute, WebLogic Server does the following:

  1. Encrypts the value.
  2. Sets the value of the SSLClientIdentityPassPhraseEncrypted attribute to the encrypted value.

Using this attribute (SSLClientIdentityPassPhrase) is a potential security risk because the String object (which contains the unencrypted passphrase) remains in the JVM's memory until garbage collection removes it and the memory is reallocated. Depending on how memory is allocated in the JVM, a significant amount of time could pass before this unencrypted data is removed from memory.

Instead of using this attribute, use getSSLClientIdentityPassPhraseEncrypted.

Parameters:
sslClientIdentityPassPhrase - The sslClientIdentityPassPhrase to set.
Throws:
InvalidAttributeValueException

getSSLClientIdentityPassPhraseEncrypted

byte[] getSSLClientIdentityPassPhraseEncrypted()

The encrypted passphrase used to retrieve the Destination Site's SSL client identity from the keystore.

To set this attribute, use weblogic.management.EncryptionHelper.encrypt() to encrypt the value. Then set this attribute to the output of the encrypt() method.

To compare a password that a user enters with the encrypted value of this attribute, go to the same WebLogic Server instance that you used to set and encrypt this attribute and use weblogic.management.EncryptionHelper.encrypt() to encrypt the user-supplied password. Then compare the encrypted values.

Returns:
The encrypted sslClientIdentityPassPhrase.
Changes take effect after you redeploy the module or restart the server.
Default Value:
null

setSSLClientIdentityPassPhraseEncrypted

void setSSLClientIdentityPassPhraseEncrypted(byte[] sslClientIdentityPassPhraseEncrypted)
                                             throws InvalidAttributeValueException

Sets the value of the SSLClientIdentityPassPhraseEncrypted attribute.

Parameters:
sslClientIdentityPassPhraseEncrypted - The sslClientIdentityPassPhraseEncrypted value to set.
Throws:
InvalidAttributeValueException
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
Copyright 1996, 2013, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners.

Oracle Fusion Middleware
Java API Reference for Oracle WebLogic Server
12c (12.1.2)

Part Number E27170-02
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    All Classes
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD