WebSphere:*,type=SecurityAdmin
MBean SecurityAdmin
Management interface for Security functions.
Operation Summary | |
void | enableHTTPTimers() enables the HTTP timers to use their default value |
void | disableHTTPTimers() disables the HTTP timers |
void | resetLdapBindInfo( authenticates the user |
void | updateAuthDataCfg( Updates the auth data entries in runtime |
void | purgeUserFromAuthCache( Remove a user from the auth cache |
void | clearAuthCache() Remove all users from the auth cache |
java.util.Map | generateKeysForKeySetGroup( Generates the LTPA keys for the LTPA KeySetGroup |
void | updateRuntimeKeys( Updates the LTPA runtime for the keys in the specified Map. |
java.util.Map | importSSOPropertiesToKeySetGroup( Imports the LTPAKeys into the configuration from a file. |
void | generateKeys( Generates the LTPA keys |
java.util.Properties | genKeys( Generates the LTPA keys without updating the Runtime |
void | exportKeys( Export the LTPAKeys from runtime to a file |
void | importKeys( Imports the LTPAKeys into the runtime from a file |
void | importLTPAKeys( Imports the LTPAKeys into the runtime |
void | checkImportLTPAKeys( Checks of the keys can be decrypted with the password |
java.util.Properties | exportLTPAKeys() Exports the LTPA keys from the runtime |
java.util.Properties | exportLTPAKeys( Exports the LTPA keys from the runtime |
com.ibm.websphere.security.Result | getUsers( getUsers from the UserRegistry |
com.ibm.websphere.security.Result | getGroups( getGroups from the UserRegistry |
java.lang.Boolean | checkPassword( authenticates the user |
java.lang.Integer | checkTokenLibFile( Validates SSL cryptographic config |
java.lang.Integer | checkKeyFile( Validates SSL key file config |
java.lang.Integer | checkTrustFile( Validates SSL trust file config |
java.lang.String | getRealm( gets the Realm |
java.lang.Boolean | checkRunAsUser( Checks if the user can be added to the runAsRole |
java.lang.String | getAccessIds( Gets the accessIds for users and groups from the active registry |
void | updateJAASCfg( Dynamic refreshing the WCCM JAAS configuration |
java.lang.String | getJAASCfg() Get the WCCM JAAS configuration |
com.ibm.wsspi.security.token.TokenHolder | getOpaqueToken( Get the opaque authorization token. |
void | propagatePolicyToJACCProvider( Propagate the security policy to the JACC prvider. |
com.ibm.wsspi.security.token.TokenHolder | getInitialContextToken( Get the initial context token for Kerberos. |
java.util.List | getSecureSocketLayerCipherList( Return SSL cipher list |
com.ibm.wsspi.security.token.TokenHolder[] | getSingleSignonTokens() Get the single signon tokens for the current authenticated caller. |
java.util.List | warnForLocalOS( Check whether or not to issue a warning message during addNode. |
byte[] | getKerberosPolicy() Return the Kerberos Policy byte[] for this server containing SPN and REALM. |
Operation Detail |
public void enableHTTPTimers()
public void disableHTTPTimers()
public void resetLdapBindInfo(java.lang.String userId,
java.lang.String password
)
userId
-
The userId to authenticatepassword
-
The password of the user
public void updateAuthDataCfg(java.util.HashMap newCfg
)
newCfg
-
The auth data config.
public void purgeUserFromAuthCache(java.lang.String realm,
java.lang.String userid
)
realm
-
The security realm.userid
-
The userid.
public void clearAuthCache()
public java.util.Map generateKeysForKeySetGroup(com.ibm.websphere.management.Session session,
java.lang.Boolean updateRuntime
)
session
-
The session for making configuration changes.updateRuntime
-
Determines whether to update all processes with the new Keys.
public void updateRuntimeKeys(java.util.Map keyMap
)
keyMap
-
The keys used to update the LTPA runtime.
public java.util.Map importSSOPropertiesToKeySetGroup(java.util.Properties ssoProps,
byte[] passwd,
com.ibm.websphere.management.Session session,
java.lang.Boolean updateRuntime
)
ssoProps
-
A properties object containing the LTPA keys to importpasswd
-
password in java byte array format to encrypt and decrypt the LTPA keyssession
-
The management session for saving configuration information.updateRuntime
-
Determines whether to update all processes with the new Keys.
public void generateKeys(java.lang.String password
)
password
-
The password to encrypt and decrypt the Keys
public java.util.Properties genKeys(java.lang.String password
)
password
-
The password to encrypt and decrypt the Keys
public void exportKeys(java.lang.String fileName,
java.util.Properties props
)
fileName
-
A File URI to which LTPA keys to be exportedprops
-
optional LTPA server properties
public void importKeys(java.lang.String fileName,
byte[] passwd
)
fileName
-
A File URI containing the LTPA keys to importpasswd
-
password in java byte array format to encrypt and decrypt the LTPA keys
public void importLTPAKeys(java.util.Properties ssoProps,
byte[] passwd
)
ssoProps
-
A properties object containing the LTPA keys to importpasswd
-
password in java byte array format to encrypt and decrypt the LTPA keys
public void checkImportLTPAKeys(java.util.Properties ssoProps,
byte[] passwd
)
ssoProps
-
A properties object containing the LTPA keys to importpasswd
-
password in java byte array format to encrypt and decrypt the LTPA keys
public java.util.Properties exportLTPAKeys()
public java.util.Properties exportLTPAKeys(byte[] password
)
password
-
password in java byte array format to encrypt and decrypt the LTPA keys
public com.ibm.websphere.security.Result getUsers(java.lang.String pattern,
java.lang.Integer limit,
java.util.Properties props
)
pattern
-
The pattern to search for users in the UserRegistrylimit
-
The maximum number of users that can be returnedprops
-
The properties object
public com.ibm.websphere.security.Result getGroups(java.lang.String pattern,
java.lang.Integer limit,
java.util.Properties props
)
pattern
-
The pattern to search for groups in the UserRegistrylimit
-
The maximum number of groups that can be returnedprops
-
The properties object
public java.lang.Boolean checkPassword(java.lang.String userId,
java.lang.String password,
java.util.Properties props
)
userId
-
The userId to authenticatepassword
-
The password of the userprops
-
The properties object
public java.lang.Integer checkTokenLibFile(java.lang.String tokenType,
java.lang.String tokenLib,
java.lang.String tokenSlot,
java.lang.String tokenPasswordEncoded,
java.lang.String serverAlias,
java.lang.String clientAlias
)
tokenType
-
Token type, i.e., PKCS#11tokenLib
-
The token library file nametokenSlot
-
The tokenslot numbertokenPasswordEncoded
-
The token password in the encoded formserverAlias
-
The value from com.ibm.ssl.keyStoreServerAliasclientAlias
-
The value from com.ibm.ssl.keyStoreClientAlias
public java.lang.Integer checkKeyFile(java.lang.String fileType,
java.lang.String fileName,
java.lang.String filePasswordEncoded,
java.lang.String serverAlias,
java.lang.String clientAlias
)
fileType
-
The file type, i.e., JKSfileName
-
The absolute path of the key filefilePasswordEncoded
-
The key file password in the encoded formserverAlias
-
The value from com.ibm.ssl.keyStoreServerAliasclientAlias
-
The value from com.ibm.ssl.keyStoreClientAlias
public java.lang.Integer checkTrustFile(java.lang.String fileType,
java.lang.String fileName,
java.lang.String filePasswordEncoded
)
fileType
-
The file type, i.e., JKSfileName
-
The absolute path of the trust filefilePasswordEncoded
-
The trust file password in the encoded form
public java.lang.String getRealm(java.util.Properties props
)
props
-
The properties object
public java.lang.Boolean checkRunAsUser(java.util.List usrList,
java.util.List grpList,
java.lang.String userName,
java.util.Properties props
)
usrList
-
The list of userNamesgrpList
-
The list of groupNamesuserName
-
The user name entered for runAsRoleprops
-
The properties object
public java.lang.String getAccessIds(boolean isUser,
java.lang.String name,
java.util.Properties props
)
isUser
-
true if it a user, false if it is a groupname
-
The name of the user or groupprops
-
The properties object
public void updateJAASCfg(java.lang.String newCfg
)
newCfg
-
New WCCM JAAS configuration
public java.lang.String getJAASCfg()
public com.ibm.wsspi.security.token.TokenHolder getOpaqueToken(com.ibm.ws.security.util.ByteArray ssoToken
)
ssoToken
-
The opaque token lookup key
public void propagatePolicyToJACCProvider(java.lang.String appList
)
appList
-
A string of colon(:) separated application names whose security policy information needs to be propagated to the JACC provider. If null is passed the security policy of all the applications in the process will be propagated.
public com.ibm.wsspi.security.token.TokenHolder getInitialContextToken(com.ibm.ws.security.util.ByteArray ssoToken,
java.lang.String targetServer
)
ssoToken
-
The opaque token lookup keytargetServer
-
The target server to perform initSecContext against.
public java.util.List getSecureSocketLayerCipherList(java.lang.Boolean fipsEnabledFlag
)
fipsEnabledFlag
-
True if FIPS is enabled, false otherwise.
public com.ibm.wsspi.security.token.TokenHolder[] getSingleSignonTokens()
public java.util.List warnForLocalOS(java.lang.Boolean nodeIsZOS,
java.lang.String nodeHostName
)
nodeIsZOS
-
True if the node is on a zOS platform.nodeHostName
-
The host name of the node being federated.
public byte[] getKerberosPolicy()