WTCLocalTuxDomMBean

Overview

This interface provides access to the WTC local Tuxedo Domain configuration attributes. The methods defined herein are applicable for WTC configuration at the WLS domain level.

Attributes

This section describes the following attributes:

AccessPoint

The unique name used to identify this local Tuxedo access point. This name should be unique for all local and remote Tuxedo access points defined within a WTC Service. This allows you to define unique configurations having the same Access Point ID.

AccessPointId

The connection principal name used to identify this local Tuxedo access point when attempting to establish a session connection with remote Tuxedo access points.

Note: The AccessPointId must match the corresponding DOMAINID in the *DM_REMOTE_DOMAINS section of your Tuxedo DMCONFIG file.

BlockTime

The maximum number of seconds this local Tuxedo access point allows for a blocking call.

Range of Values: Between 0 and a positive 32 bit integer.

CachingDisabled

Private property that disables caching in proxies.

CmpLimit

The compression threshold this local Tuxedo access point uses when sending data to a remote Tuxedo access point. Application buffers larger than this size are compressed.

Range of Values: Between 0 and a positive 32-bit integer.

ConnectionPolicy

The conditions under which this local Tuxedo access point establishes a session connection with a remote Tuxedo access point.

The connection policies are:

• ON_DEMAND: A connection is attempted only when requested by either a client request to a remote service or an administrative connect command.

• ON_STARTUP: A domain gateway attempts to establish a connection with its remote Tuxedo access points at gateway server initialization time. Remote services (services advertised in JNDI by the domain gateway for this local access point) are advertised only if a connection is successfully established to that remote Tuxedo access point. If there is no active connection to a remote Tuxedo access point, then the remote services are suspended. By default, this connection policy retries failed connections every 60 seconds. Use the MaxRetry and RetryInterval values to specify application specific values.

• INCOMING_ONLY: A domain gateway does not attempt an initial connection to remote Tuxedo access points at startup and remote services are initially suspended. The domain gateway is available for incoming connections from remote Tuxedo access points and remote services are advertised when the domain gateway for this local Tuxedo access point receives an incoming connection. Connection retry processing is not allowed.

ConnPrincipalName

The principal name used to verify the identity of this domain when establishing a connection to another domain.

Note: This parameter only applies to domains of type TDOMAIN that are running Oracle Tuxedo 7.1 or later software. If not specified, the connection principal name defaults to the AccessPointID for this domain.ConnPrincipalName.

Note: ConnPrincipalName is not supported in this release.

IdentityKeyStoreFileName

The path and file name of the identity keystore.

The path name must either be absolute or relative to where the server was booted. The identity key store file name is only used if KeystoreLocation is "Custom Stores".

IdentityKeyStorePassPhrase

The custom identity keystore's passphrase. If empty or null, then the keystore will be opened without a passphrase.

This attribute is only used if KeyStores is "Custom Stores".

When you get the value of this attribute, WebLogic Server does the following:

1. Retrieves the value of the IdentityKeyStorePassPhraseEncrypted attribute.

2. Decrypts the value and returns the unencrypted password as a String.

When you set the value of this attribute, WebLogic Server does the following:

1. Encrypts the value.

2. Sets the value of the CustomIdentityKeyStorePassPhraseEncrypted attribute to the encrypted value.

Using this attribute (CustomIdentityKeyStorePassPhrase) is a potential security risk because the String object (which contains the unencrypted password) remains in the JVM's memory until garbage collection removes it and the memory is reallocated. Depending on how memory is allocated in the JVM, a significant amount of time could pass before this unencrypted data is removed from memory.

Instead of using this attribute, use CustomIdentityKeyStorePassPhraseEncrypted.

For more information, see:

• getCustomIdentityKeyStorePassPhraseEncrypted()

IdentityKeyStorePassPhraseEncrypted

The identity keystore's encrypted passphrase. If empty or null, then the keystore will be opened without a passphrase.

This attribute is only used if KeyStores is "Custom Stores".

To set this attribute, use weblogic.management.EncryptionHelper.encrypt() to encrypt the value. Then set this attribute to the output of the encrypt() method.

To compare a password that a user enters with the encrypted value of this attribute, use the same WebLogic Server instance that you used to set and encrypt this attribute and use weblogic.management.EncryptionHelper.encrypt() to encrypt the user-supplied password. Then compare the encrypted values.

Interoperate

Specifies whether this local Tuxedo access point interoperates with remote Tuxedo access points that are based upon Tuxedo release 6.5. If this value is set to Yes, the local Tuxedo access point interoperates with a Tuxedo 6.5 domain.

KeepAlive

Return value tells whether this local Tuxedo access point is configured with Application Level Keep Alive, and it maximum idle time value before wait timer start ticking.

KeepAliveWait

Return value that tells whether this local Tuxedo access point requires the acknowledgement of Application Level Keep Alive, and how long it will wait without receiving acknowledgement before declare the connection is inaccessible.

KeyStoresLocation

Provides the configuration rule to be used for finding Local Access Point's identity key store and trust key store. In plain text, it contains information on where the identity key store and trust key store are configured. When KeyStoreLocation is configured with WLS Store, WTC uses configuration information from the WLS Key Stores configuration. Otherwise, it uses the key stores information configured in the Local Access Point.

MaxEncryptBits

The maximum encryption key length (in bits) this local Tuxedo access point uses when establishing a session connection. A value of 0 indicates no encryption is used.

Value Restrictions:

• The MaxEncryptBits value must be greater than or equal to the MinEncrypBits value.

• A MaxEncryptBits of 40 can be used only with domains running Tuxedo 7.1 or higher.

MaxRetries

The maximum number of times that this local Tuxedo access point tries to establish a session connection to remote Tuxedo access points. Use this value only when Connection Policy is set to ON_STARTUP.

Range of Values: Between 0 and a positive 64 bit integer.

Note: Use the minimum value to disable the retry mechanism. Use the maximum value to try until a connection is established.

MBeanInfo

Returns the MBean info for this MBean.

Deprecated.

MinEncryptBits

The minimum encryption key length (in bits) this local Tuxedo access point uses when establishing a session connection. A value of 0 indicates no encryption is used.

Value Restrictions:

• The MinEncrypBits value must be less than or equal to the MaxEncrypBits value.

• A MinEncrypBits value of 40 can be used only with domains running Tuxedo 7.1 or higher.

Name

The user-specified name of this MBean instance.

This name is included as one of the key properties in the MBean's javax.management.ObjectName:
Name=user-specified-name

Notes

Optional information that you can include to describe this configuration.

WebLogic Server saves this note in the domain's configuration file (config.xml) as XML PCDATA. All left angle brackets (<) are converted to the XML entity <. Carriage returns/line feeds are preserved.

Note:

If you create or edit a note from the Administration Console, the Administration Console does not preserve carriage returns/line feeds.

NWAddr

The network address and port number of this local Tuxedo access point.

Specify the address in one of the following formats:

• TCP/IP address in the format //hostname:port_number or //#.#.#.#:port_number.

• SDP address in the format sdp://hostname:port_number or sdp://#.#.#.#:port_number.

• If the hostname is used, the access point finds an address for hostname using the local name resolution facilities (usually DNS). If dotted decimal format is used, each # should be a number from 0 to 255. This dotted decimal number represents the IP address of the local machine. The port_number is the TCP/SDP port number at which the access point listens for incoming requests.

• If SDP format address is specified, the transport protocol for this access point is SDP instead of TCP. This feature is only available when WTC and Tuxedo domain gateway are both deployed on Oracle Exalogic platform. Requires Tuxedo 11gR1PS2 and higher.

ObjectName

Returns the ObjectName under which this MBean is registered in the MBean server.

Deprecated.

Parent

Return the immediate parent for this MBean

PrivateKeyAlias

The string alias used to store and retrieve the Local Tuxedo access point's private key in the keystore. This private key is associated with the Local Tuxedo access point's digital certificate.

PrivateKeyPassPhrase

The passphrase used to retrieve the server's private key from the keystore. This passphrase is assigned to the private key when it is generated.

When you get the value of this attribute, WebLogic Server does the following:

1. Retrieves the value of the PrivateKeyPassPhraseEncrypted attribute.

2. Decrypts the value and returns the unencrypted passphrase as a String.

When you set the value of this attribute, WebLogic Server does the following:

1. Encrypts the value.

2. Sets the value of the PrivateKeyPassPhraseEncrypted attribute to the encrypted value.

Using this attribute (PrivateKeyPassPhrase) is a potential security risk because the String object (which contains the unencrypted passphrase) remains in the JVM's memory until garbage collection removes it and the memory is reallocated. Depending on how memory is allocated in the JVM, a significant amount of time could pass before this unencrypted data is removed from memory.

Instead of using this attribute, use getPrivateKeyPassPhraseEncrypted.

PrivateKeyPassPhraseEncrypted

The encrypted passphrase used to retrieve the Local Tuxedo access point's private key from the keystore. This passphrase is assigned to the private key when it is generated.

To set this attribute, use weblogic.management.EncryptionHelper.encrypt() to encrypt the value. Then set this attribute to the output of the encrypt() method.

To compare a password that a user enters with the encrypted value of this attribute, go to the same WebLogic Server instance that you used to set and encrypt this attribute and use weblogic.management.EncryptionHelper.encrypt() to encrypt the user-supplied password. Then compare the encrypted values.

Registered

Returns false if the MBean represented by this object has been unregistered.

Deprecated.

RetryInterval

The number of seconds that this local Tuxedo access point waits between automatic connection attempts to remote Tuxedo access points. Use this value only when Connection Policy is set to ON_STARTUP.

Range of Values: Between 0 and a positive 32-bit integer.

Security

The type of application security enforced.

The types of security are:

• NONE: No security is used.

• APP_PW: Password security is enforced when a connection is established from a remote domain. The application password is defined in the WTCResourcesMBean.

• DM_PW: Domain password security is enforced when a connection is established from a remote domain. The domain password is defined in the WTCPasswordsMBean.

TrustKeyStoreFileName

The path and file name of the trust keystore.

The path name must either be absolute or relative to where the server was booted. This file name is only used if KeyStores is "Custom Stores".

TrustKeyStorePassPhrase

The trust keystore's passphrase. If empty or null, then the keystore will be opened without a passphrase.

This attribute is only used if KeyStores is "Custom Stores".

When you get the value of this attribute, WebLogic Server does the following:

1. Retrieves the value of the TrustKeyStorePassPhraseEncrypted attribute.

2. Decrypts the value and returns the unencrypted password as a String.

When you set the value of this attribute, WebLogic Server does the following:

1. Encrypts the value.

2. Sets the value of the TrustKeyStorePassPhraseEncrypted attribute to the encrypted value.

Using this attribute (TrustKeyStorePassPhrase) is a potential security risk because the String object (which contains the unencrypted password) remains in the JVM's memory until garbage collection removes it and the memory is reallocated. Depending on how memory is allocated in the JVM, a significant amount of time could pass before this unencrypted data is removed from memory.

Instead of using this attribute, use TrustKeyStorePassPhraseEncrypted.

For more information, see:

• getTrustKeyStorePassPhraseEncrypted()

TrustKeyStorePassPhraseEncrypted

The trust keystore's encrypted passphrase. If empty or null, then the keystore will be opened without a passphrase.

This attribute is only used if KeyStores is "Custom Stores".

To set this attribute, use weblogic.management.EncryptionHelper.encrypt() to encrypt the value. Then set this attribute to the output of the encrypt() method.

To compare a password that a user enters with the encrypted value of this attribute, use the same WebLogic Server instance that you used to set and encrypt this attribute and use weblogic.management.EncryptionHelper.encrypt() to encrypt the user-supplied password. Then compare the encrypted values.

Type

Returns the type of the MBean.

UseSSL

Specifies if the connection initiated or accepted by this Local Tuxedo access point uses SSL on top of its transport layer. Values are:

• Off: SSL not used.

• TwoWay: Mutual Authentication with SSL required.

• OneWay: Server Authentication with SSL required.

Note: If SDP transport is configured for this access point, the configured value of this attribute is ignored and off is used.

Operations

This section describes the following operations:

freezeCurrentValue

If the specified attribute has not been set explicitly, and if the attribute has a default value, this operation forces the MBean to persist the default value.

Unless you use this operation, the default value is not saved and is subject to change if you update to a newer release of WebLogic Server. Invoking this operation isolates this MBean from the effects of such changes.

Note:

To insure that you are freezing the default value, invoke the restoreDefaultValue operation before you invoke this.

This operation has no effect if you invoke it on an attribute that does not provide a default value or on an attribute for which some other value has been set.

Deprecated. 9.0.0.0

isSet

Returns true if the specified attribute has been set explicitly in this MBean instance.

restoreDefaultValue

If the specified attribute has a default value, this operation removes any value that has been set explicitly and causes the attribute to use the default value.

Default values are subject to change if you update to a newer release of WebLogic Server. To prevent the value from changing if you update to a newer release, invoke the freezeCurrentValue operation.

This operation has no effect if you invoke it on an attribute that does not provide a default value or on an attribute that is already using the default.

Deprecated. 9.0.0.0

unSet

Restore the given property to its default value.