BEA WebLogic Server 9.0 Domain Configuration Schema Reference

http://www.bea.com/ns/weblogic/90/domain
element security-interop-mode

Super Types
{http://www.w3.org/2001/XMLSchema}string
|
+--{http://www.bea.com/ns/weblogic/90/domain} (restriction)

Documentation
Specifies the security mode to use for XA calls in cross-domain
 transactions. Only applies to transactions in which some participating resources
 are running on older versions of WebLogic Server.



In previous releases of WebLogic Server, the transaction coordinator
 used the kernel identity when calling to remote resources, however calls were 
 made over a non-secure channel. In the current release, remote calls made as the kernel
 identity must use a secure channel, which causes
 an interoperability problem with previous WebLogic domains and a possible performance
 problem in JTA with an admin channel enabled. The security interoperability mode setting
 enables you to control the XA call behavior.



Security Interoperability Mode options:

  - default - The transaction coordinator makes calls using the kernel identity over an
 admin channel if it is enabled, and anonymous otherwise. 


  - performance -  The transaction coordinator makes calls using 
 anonymous at all times. This
 implies a small security risk since a malicious third party
 could then try to affect the outcome of transactions.


  - compatibility - The transaction coordinator makes calls as the kernel
 identity over an insecure channel. This is a high security risk
 because it means that the server's kernel identity could be
 captured and used for nefarious purposes. However, this setting is required
 to interoperate with older, unpatched versions of
 WebLogic Server.



 


 Default: "default"
Properties
This component is not nillable.

Model
<security-interop-mode>

</security-interop-mode>

Source
<xs:element minOccurs="0" name="security-interop-mode" nillable="true">
<xs:simpleType>
<xs:restriction base="xs:string">
<xs:enumeration value="default"/>
<xs:enumeration value="performance"/>
<xs:enumeration value="compatibility"/>
</xs:restriction>
</xs:simpleType>
</xs:element>

BEA WebLogic Server 9.0 Domain Configuration Schema Reference

Copyright 2005 BEA Systems Inc. Complete WebLogic Server Documentation