e-docs > WebLogic Server > Administration Console Online Help > Clusters |
Administration Console Online Help |
Cluster --> Configuration --> General
Tasks Additional Documentation Attributes
Use the Cluster-->Configuration-->General tab to configure cluster-wide configuration parameters.
(Requires an Internet connection.)
For more information about the attributes you can set on this tab, see the following topics:
The name of this configuration. WebLogic Server uses an MBean to implement and persist the configuration. |
||
Defines the address to be used by clients to connect to this cluster. This address may be either a DNS host name that maps to multiple IP addresses or a comma separated list of single address host names or IP addresses. If network channels are configured, it is possible to set the cluster address on a per channel basis. |
||
Defines the algorithm to be used for load-balancing between replicated services if none is specified for a particular service. |
||
WLS HttpRequest.getRemoteAddr() used to rely on X-Forwarded-For for its returned value. This is a security hole due to HTTP header can be easily mocked and we end up with returning wrong value. This is improved by introducing a proprietary header WL-Proxy-Client-IP from our plug-ins and this header will only be used if WLS is configured to use our plug-ins. This is duplicated both in ClusterMBean and ServerMBean so the attribute WeblogicPluginEnabled can be used cluster-wide. ClusterMBean overrides ServerMBean |
||
Defines the number of seconds by which the age of two conflicting services must differ before one is considered older than the other. |
||
When set to true for a cluster, this attribute specifies that certs from clients of web applications hosted on the server instances in the cluster are provided in the special WL-Proxy-Client-Cert header sent by a proxy plug-in or HttpClusterServlet. (ClientCertProxyEnabled can be defined at the cluster level, at the server level, and at the web application level, in web.xml.) This setting is useful if user authentication is performed on the proxy server—setting clientCertProxy to true causes the plug-in to pass on the certs to the cluster in a special header, WL-Proxy-Client-Cert. A WL-Proxy-Client-Cert header could be provided by any client with access to WebLogic Server. WebLogic Server takes the certificate information from that header, trusting that is came from a secure source (the plug-in) and uses that information to authenticate the user. For this reason, if you set clientCertProxy to true, use a connection filter to ensure that WebLogic Server accepts connections only from the machine on which the plug-in is running. See "Using Network Connection Filters" in Programming WebLogic Security. |