http://www.bea.com/ns/weblogic/920/domain
element security-interop-mode

Model

<security-interop-mode>annonymous type derived from string</security-interop-mode>

Disallowed substitutions (block)

none (extensions, restrictions and substitutions are allowed)

Substitution group exclusion (final)

none (extensions and restrictions are allowed)

Usage

Documentation

Specifies the security mode of the communication channel used for XA calls between servers that participate in a global transaction. All server instances in a domain must have the same security mode setting.

Security Interoperability Mode options:

• default

  The transaction coordinator makes calls using the kernel identity over an admin channel if it is enabled, and anonymous otherwise. Man-in-the-middle attacks are possible if the admin channel is not enabled.

• performance

  The transaction coordinator makes calls using anonymous at all times. This implies a security risk since a malicious third party could then try to affect the outcome of transactions using a man-in-the-middle attack.

• compatibility

  The transaction coordinator makes calls as the kernel identity over an insecure channel. This is a high security risk because a successful man-in-the-middle attack would allow the attacker to gain administrative control over both domains. This setting should only be used when strong network security is in place.

Privileges: Read/Write

Default Value: default

Redeploy or Restart required: Changes take effect after you redeploy the module or restart the server.

MBean Attribute: JTAMBean.SecurityInteropMode

Fundamental Facets

equality, non-numeric, unbounded, unordered, countable infinite value space

White Space Processing

preserve

Enumeration Facet

"default", "performance", "compatibility"