Server: Administration: Protocols: IIOP
Configuration Options Advanced Configuration Options
This page allows you to define the IIOP (Internet Inter-ORB Protocol) settings for this server. IIOP makes it possible for distributed programs written in different programming languages to communicate over the Internet.
Name Description Enable IIOP
Specifies whether this server has IIOP support enabled for both the regular (non-SSL) and SSL ports.
Advanced Configuration Options
Name Description Default GIOP Version
The default GIOP (General Inter-ORB Protocol) version that this server will negotiate for incoming connections. (You may have to modify the default to work with other vendor's ORBs.)
This attribute is useful for client orbs with broken GIOP 1.2 implementations.
The transaction mechanism used by IIOP invocations. The default is the Object Transaction Service (OTS) required by Java EE 1.3.
Default Char Codeset
The standard character code set that this server will publish as its native code set. (Older ORBs may have trouble interoperating with anything other than the default.)
Default Wide Char Codeset
The wide character code set that this server will publish as its native code set. (Older ORBs may have trouble interoperating with anything other than the default.)
Specify the value System Security. The following variables are affected. clientCertAuthentication, clientAuthentication, identityAssertion confidentiality, integrity. The value set in this MBean would only be picked up if the value set in RTD.xml is "config".
Default IIOP Username
The user name of the default IIOP user. (Requires you to enable IIOP.)
Default IIOP Password
The password for the default IIOP user. (Requires you to enable IIOP.)
As of 8.1 sp4, when you get the value of this attribute, WebLogic Server does the following:
Retrieves the value of the
Decrypts the value and returns the unencrypted password as a String.
Using this attribute (
DefaultIIOPPassword) is a potential security risk because the String object (which contains the unencrypted password) remains in the JVM's memory until garbage collection removes it and the memory is reallocated. Depending on how memory is allocated in the JVM, a significant amount of time could pass before this unencrypted data is removed from memory.
Instead of using this attribute, use
Use Stateful Authentication
Specify whether to advertise RMI objects and EJBs as supporting stateful CSIv2. Stateful CSIv2 is more efficient than stateless, requiring only a single authentication step for each remote principal. Stateless CSIv2 requires per-request authentication. Stateful CSIv2 is not required by Java EE 1.3 and so some ORBs do not support it. Stateful CSIv2 is enabled by default. This property can be changed at the object-level by changing the object's <stateful-authentication> runtime descriptor property.
Use Full Repository Id List
Specify whether to use full Repository ID lists when sending value type information for custom-marshaled types. Full Repository ID lists allow C++ ORBS to truncate values to base types. For RMI-IIOP and Java ORBs doing this merely increases transmission overhead. JDK ORBs are known to have problems with these so setting this will prevent JDK ORB access from working.
Use Serial Format Version 2
Specify whether to advertise RMI objects and EJBs as supporting RMI-IIOP serial format version 2 for custom marshaled objects.