| BEA WebLogic Server 9.1 Domain Configuration Schema Reference | ||||||
DETAILS: DOCUMENTATION | ELEMENTS | ATTRIBUTES | FRAMES | NO FRAMES |
Specifies the security mode to use for XA calls in cross-domain transactions. Only applies to transactions in which some participating resources are running on older versions of WebLogic Server.
In previous releases of WebLogic Server, the transaction coordinator used the kernel identity when calling to remote resources, however calls were made over a non-secure channel. In the current release, remote calls made as the kernel identity must use a secure channel, which causes an interoperability problem with previous WebLogic domains and a possible performance problem in JTA with an admin channel enabled. The security interoperability mode setting enables you to control the XA call behavior.
Security Interoperability Mode options:
- The transaction coordinator makes calls using the kernel
identity over an admin channel if it is enabled, and
anonymous
otherwise.
- The transaction coordinator makes calls using
anonymous
at all times. This implies a small security
risk since a malicious third party could then try to affect the
outcome of transactions.
- The transaction coordinator makes calls as the kernel identity over an insecure channel. This is a high security risk because it means that the server's kernel identity could be captured and used for nefarious purposes. However, this setting is required to interoperate with older, unpatched versions of WebLogic Server.
"default", "performance", "compatibility"
| BEA WebLogic Server 9.1 Domain Configuration Schema Reference | ||||||
DETAILS: DOCUMENTATION | ELEMENTS | ATTRIBUTES | FRAMES | NO FRAMES |
Version: 9.1