How to change the users passwords from J2EE Application ?

There are no generic J2EE API's to manipulate J2EE application user details.How ever each Application servers exposes MBeans to perform these operations through console or via scripting tools.
Eg: While creating the users from admin console, specifc mbeans will be called behind the scenes.

I wrote an example to reset the password for particular user using weblogic MBeans from Servlet.Eventhough this is not the exhaustive example which provides the basic steps for listing users/groups and modifying the user passwords


import java.io.IOException;
import java.io.PrintWriter;

import javax.naming.Context;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import weblogic.jndi.Environment;
import weblogic.management.MBeanHome;
import weblogic.management.security.RealmMBean;
import weblogic.management.security.authentication.AuthenticationProviderMBean;
import weblogic.management.security.authentication.GroupEditorMBean;
import weblogic.management.security.authentication.GroupMemberListerMBean;
import weblogic.management.security.authentication.MemberGroupListerMBean;
import weblogic.management.security.authentication.UserEditorMBean;
import weblogic.management.security.authentication.UserPasswordEditorMBean;
import weblogic.management.security.authentication.UserReaderMBean;
import weblogic.management.security.credentials.CredentialMapperMBean;
import weblogic.management.security.credentials.UserPasswordCredentialMapEditorMBean;
import weblogic.management.security.credentials.UserPasswordCredentialMapReaderMBean;
import weblogic.management.utils.InvalidParameterException;
import weblogic.management.utils.NotFoundException;

public class PasswordServlet extends HttpServlet
{

protected transient MBeanHome home;


/**
* The doGet method of the servlet.

*
* This method is called when a form has its tag value method equals to get.
*
* @param request the request send by the client to the server
* @param response the response send by the server to the client
* @throws ServletException if an error occurred
* @throws IOException if an error occurred
*/
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException
{

doPost(request, response);
}

/**
* The doPost method of the servlet.

*
* This method is called when a form has its tag value method equals to post.
*
* @param request the request send by the client to the server
* @param response the response send by the server to the client
* @throws ServletException if an error occurred
* @throws IOException if an error occurred
*/
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException
{
response.setContentType("text/html");
findAdminHome();
PrintWriter out = response.getWriter();
RealmMBean[]realms= home.getActiveDomain().getSecurityConfiguration().findRealms();
for(int n=0;n< authProviders.length; i++) { if (authProviders[i] instanceof UserEditorMBean) { out.println("UserEditorMBean: " + authProviders[i].wls_getDisplayName()); } if (authProviders[i] instanceof GroupEditorMBean) { out.println("GroupEditorMBean: " + authProviders[i].wls_getDisplayName()); } if (authProviders[i] instanceof MemberGroupListerMBean) { out.println("MemberGroupListerMBean: " + authProviders[i].wls_getDisplayName()); } if (authProviders[i] instanceof GroupMemberListerMBean) { out.println("GroupMemberListerMBean: " + authProviders[i].wls_getDisplayName()); } if (authProviders[i] instanceof UserReaderMBean) { UserReaderMBean users=(UserReaderMBean)authProviders[i]; try { //String listUser=users.listUsers("USR*", 100); out.println("Users List: " +users.userExists("USR333")); out.println("Users List: " +users.userExists("USR330")); } catch (InvalidParameterException e) { // TODO Auto-generated catch block e.printStackTrace(); } } } for (int i = 0; i < credMappers.length; i++) { if (authProviders[i] instanceof UserPasswordCredentialMapReaderMBean) { UserPasswordCredentialMapReaderMBean user=(UserPasswordCredentialMapReaderMBean)authProviders[i]; out.println("UserPasswordCredentialMapReaderMBean: " + credMappers[i].wls_getDisplayName()); } if (authProviders[i] instanceof UserPasswordCredentialMapEditorMBean) { out.println("UserPasswordCredentialMapEditorMBean: " + credMappers[i].wls_getDisplayName()); } if (authProviders[i] instanceof UserPasswordEditorMBean) { UserPasswordEditorMBean pwd=(UserPasswordEditorMBean)authProviders[i]; try { pwd.changeUserPassword("all", "allusers", "ALLUSERS"); out.println("Password Chnaged : " + credMappers[i].wls_getDisplayName()); } catch (NotFoundException e) { e.printStackTrace(); } catch (InvalidParameterException e) { e.printStackTrace(); } } } } out.flush(); out.close(); } private void findAdminHome() { Environment env = new Environment(); env.setProviderUrl("t3://localhost:7001"); env.setSecurityPrincipal("weblogic"); env.setSecurityCredentials("weblogic"); try { Context ctx = env.getInitialContext(); home = (MBeanHome) ctx.lookup(MBeanHome.ADMIN_JNDI_NAME); } catch (javax.naming.NamingException e) { e.printStackTrace(); } } }