Overview

This resource allows you to manage Identity Asserters in an WebLogic domain.

Here is an example on how you should use this:

wls_authentication_provider { 'DefaultIdentityAsserter':
  ensure            => 'present',
  providerclassname => 'weblogic.security.providers.authentication.DefaultIdentityAsserter',
  attributes:       => 'DigestReplayDetectionEnabled;UseDefaultUserNameMapper',
  attributesvalues  => '1;1;',
  activetypes       => 'AuthenticatedUser::X.509',
  defaultmappertype => 'CN',
}

In this example you are managing a identity asserter in the default domain. When you want to manage a identity asserter in a specific domain, you can use:

wls_authentication_provider { 'my_domain/DefaultIdentityAsserter':
  ensure            => 'present',
  providerclassname => 'weblogic.security.providers.authentication.DefaultIdentityAsserter',
  attributes:       => 'DigestReplayDetectionEnabled;UseDefaultUserNameMapper',
  attributesvalues  => '1;1;',
  activetypes       => 'AuthenticatedUser::X.509',
  defaultmappertype => 'CN',
}

Attributes

Attribute Name Short Description
activetypes :: seperated list of active types
   
attributes The extra authentication provider properties
   
attributesvalues The extra authentication provider property values
   
authentication_provider_name The authentication provider name
   
defaultmappertype the default mapper type
   
domain With this parameter, you identify the domain, where your objects is in.
ensure The basic property that the resource should be in.
name The name.
order The order of the Authentication Provider (0 is highest).
provider resource.
providerclassname The provider classname
   
timeout Timeout for applying a resource.

activetypes

:: seperated list of active types

Back to overview of wls_identity_asserter

attributes

The extra authentication provider properties

Back to overview of wls_identity_asserter

attributesvalues

The extra authentication provider property values

Back to overview of wls_identity_asserter

authentication_provider_name

The authentication provider name

Back to overview of wls_identity_asserter

defaultmappertype

the default mapper type

Back to overview of wls_identity_asserter

domain

With this parameter, you identify the domain, where your objects is in.

The domain name is part of the full qualified name of any WebLogic object on a system. Let’s say we want to describe a WebLogic server. The full qualified name is:

wls_server{'domain_name/server_name':
  ensure => present,
  ...
}

When you don’t specify a domain name, Puppet will use default as domain name. For every domain you want to manage, you’ll have to put a wls_settings in your manifest.

Back to overview of wls_identity_asserter

ensure

The basic property that the resource should be in.

Valid values are present, absent. Back to overview of wls_identity_asserter

name

The name.

Back to overview of wls_identity_asserter

order

The order of the Authentication Provider (0 is highest).

Optionally, the provider can be ordered by specifying a value to the order paramater, which is a zero-based list. When configuring ordering order, it may be necessary to create the resources with Puppet ordering (if not using Hiera) or by structuring Hiera in matching order. Otherwise ordering may fail if not all authentication providers are created yet (by default the provider will be ordered last if it is greater than the number of providers currently configured).

Back to overview of wls_identity_asserter

provider

The specific backend to use for this wls_identity_asserter resource. You will seldom need to specify this — Puppet will usually discover the appropriate provider for your platform.Available providers are:

simple
Manage identity asserters in an WebLogic domain via regular WLST

Back to overview of wls_identity_asserter

providerclassname

The provider classname

Back to overview of wls_identity_asserter

timeout

Timeout for applying a resource.

To be sure no Puppet operation, hangs a Puppet daemon, all operations have a timeout. When this timeout expires, Puppet will abort the current operation and signal an error in the Puppet run.

With this parameter, you can specify the length of the timeout. The value is specified in seconds. In this example, the timeout is set to 600 seconds.

wls_server{'my_server':
  ...
  timeout => 600,
}

The default value for timeout is 120 seconds.

Back to overview of wls_identity_asserter