| BEA WebLogic Server 10.0 Security Schema Reference | ||||||
DETAILS: DOCUMENTATION | ELEMENTS | ATTRIBUTES | FRAMES | NO FRAMES |
<p>Specifies the security mode of the communication channel used for XA calls between servers that participate in a global transaction. All server instances in a domain must have the same security mode setting.</p> <p>Security Interoperability Mode options: <ul> <li><b>default</b> The transaction coordinator makes calls using the kernel identity over an admin channel if it is enabled, and <code>anonymous</code> otherwise. Man-in-the-middle attacks are possible if the admin channel is not enabled.</li> <li><b>performance</b> The transaction coordinator makes calls using <code>anonymous</code> at all times. This implies a security risk since a malicious third party could then try to affect the outcome of transactions using a man-in-the-middle attack.</li> <li><b>compatibility</b> The transaction coordinator makes calls as the kernel identity over an insecure channel. This is a high security risk because a successful man-in-the-middle attack would allow the attacker to gain administrative control over both domains. This setting should only be used when strong network security is in place. </li> </ul></p> (Interface=weblogic.management.configuration.JTAMBean Attribute=getSecurityInteropMode)
"default", "performance", "compatibility"
| BEA WebLogic Server 10.0 Security Schema Reference | ||||||
DETAILS: DOCUMENTATION | ELEMENTS | ATTRIBUTES | FRAMES | NO FRAMES |
Version: 10.0