Oracle WebLogic Server 10.3.6.0 Documentation > Administration Console Online Help > Jolt Connection Pools: Configuration: User

Administration Console Online Help

Previous Next Open TOC in new window
Content starts here

Jolt Connection Pools: Configuration: User

Configuration Options     Related Tasks     

Use this page to establish user credentials for accessing this connection pool. If you have enabled this connection pool to pass its security context to Tuxedo, the user name and password must be the name of an authorized Tuxedo user.

Configuration Options

Name Description
User Name

A user name that applications specify to connect to this Jolt connection pool. If Security Context is enabled, this name must be the name of an authorized Tuxedo user. (Specifying a Tuxedo user name is required if the Tuxedo authentication level is USER_AUTH.)

MBean Attribute:
JoltConnectionPoolMBean.UserName

Changes take effect after you redeploy the module or restart the server.

User Role

The Tuxedo user role for this Jolt connection pool. (This is required only when the security level in the Tuxedo domain is USER_AUTH, ACL, or MANDATORY_ACL).

MBean Attribute:
JoltConnectionPoolMBean.UserRole

Changes take effect after you redeploy the module or restart the server.

User Password

The user password for this Jolt connection pool.

As of 8.1 sp4, when you get the value of this attribute, WebLogic Server does the following:

  1. Retrieves the value of the UserPasswordEncrypted attribute.

  2. Decrypts the value and returns the unencrypted password as a String.

When you set the value of this attribute, WebLogic Server does the following:

  1. Encrypts the value.

  2. Sets the value of the UserPasswordEncrypted attribute to the encrypted value.

Using this attribute (UserPassword) is a potential security risk because the String object (which contains the unencrypted password) remains in the JVM's memory until garbage collection removes it and the memory is reallocated. Depending on how memory is allocated in the JVM, a significant amount of time could pass before this unencrypted data is removed from memory.

Instead of using this attribute, use UserPasswordEncrypted.

MBean Attribute:
JoltConnectionPoolMBean.UserPassword

Changes take effect after you redeploy the module or restart the server.

Application Password

The application password for this Jolt connection pool. (This is required only when the security level in the Tuxedo domain is USER_AUTH, ACL or MANDATORY_ACL).

As of 8.1 sp4, when you get the value of this attribute, WebLogic Server does the following:

  1. Retrieves the value of the ApplicationPasswordEncrypted attribute.

  2. Decrypts the value and returns the unencrypted password as a String.

When you set the value of this attribute, WebLogic Server does the following:

  1. Encrypts the value.

  2. Sets the value of the ApplicationPasswordEncrypted attribute to the encrypted value.

Using this attribute (ApplicationPassword) is a potential security risk because the String object (which contains the unencrypted password) remains in the JVM's memory until garbage collection removes it and the memory is reallocated. Depending on how memory is allocated in the JVM, a significant amount of time could pass before this unencrypted data is removed from memory.

Instead of using this attribute, use ApplicationPasswordEncrypted.

MBean Attribute:
JoltConnectionPoolMBean.ApplicationPassword

Changes take effect after you redeploy the module or restart the server.

Related Tasks


Back to Top