Access Control Lists (ACLs) limit the access to local services within a local domain by restricting the remote domains that can execute these services. Inbound policy from a remote domain is specified using the AclPolicy element. Outbound policy towards a remote domain is specified using the CredentialPolicy element. This allows WebLogic Server and Tuxedo applications to share the same set of users and the users are able to propagate their credentials from one system to the other.

Attribute Label	Description	Value Constraints
Acl Policy	Defines the inbound access control list (ACL) policy toward requests from a remote domain. If Interoperate is set to Yes, AclPolicy is ignored. LOCAL: The local domain modifies the identity of service requests received from a given remote domain to the principal name specified in the local principal name for a given remote domain. GLOBAL: The local domain passes the service request with no change in identity. MBean: weblogic.management. configuration. WTCRemoteTuxDomMBean Attribute: AclPolicy	Default: "LOCAL" Valid values: "GLOBAL" "LOCAL" Readable: yes Writable: yes
Credential Policy	Defines the outbound access control list (ACL) policy toward requests to a remote domain. If Interoperate is set to Yes, CredentialPolicy is ignored. LOCAL: The remote domain controls the identity of service requests received from the local domain to the principal name specified in the local principal name for this remote domain. GLOBAL: The remote domain passes the service request with no change. MBean: weblogic.management. configuration. WTCRemoteTuxDomMBean Attribute: CredentialPolicy	Default: "LOCAL" Valid values: "GLOBAL" "LOCAL" Readable: yes Writable: yes
Tp User File	Defines the full path to user password file containing uid/gid information. This file is the same one generated by the Tuxedo tpusraddutility on the remote domain. Username, uid and gid information must be included and valid for correct authorization, authentication, and auditing. MBean: weblogic.management. configuration. WTCRemoteTuxDomMBean Attribute: TpUsrFile	Readable: yes Writable: yes
Min Encryption Level	Defines the minimum encryption key length (in bits) used when establishing a network connection for a local domain. A value of 0 indicates no encryption is used. The value of the MinEncrypBits attribute must be less than or equal to the value of the MaxEncrypBits attribute. A MinEncrypBits of 40 can be used only with domains running Tuxedo 7.1 or higher. MBean: weblogic.management. configuration. WTCRemoteTuxDomMBean Attribute: MinEncryptBits	Default: "0" Valid values: "0" "40" "56" "128" Readable: yes Writable: yes
Max Encryption Level	Defines the maximum encryption key length (in bits) used when establishing a network connection for a local domain. A value of 0 indicates no encryption is used. The value of the MaxEncryptBits attribute must be greater than or equal to the value of the MinEncrypBits attribute. A MaxEncryptBits of 40 can be used only with domains running Tuxedo 7.1 or higher. MBean: weblogic.management. configuration. WTCRemoteTuxDomMBean Attribute: MaxEncryptBits	Default: "128" Valid values: "0" "40" "56" "128" Readable: yes Writable: yes

Attribute Label

Description

Value Constraints

Acl Policy

Defines the inbound access control list (ACL) policy toward requests from a remote domain.

If Interoperate is set to Yes, AclPolicy is ignored.

LOCAL: The local domain modifies the identity of service requests received from a given remote domain to the principal name specified in the local principal name for a given remote domain.

GLOBAL: The local domain passes the service request with no change in identity.

MBean: weblogic.management.
configuration.
WTCRemoteTuxDomMBean

Attribute: AclPolicy

Default: "LOCAL"

Valid values:

"GLOBAL"

"LOCAL"

Readable: yes

Writable: yes

Credential Policy

Defines the outbound access control list (ACL) policy toward requests to a remote domain.

If Interoperate is set to Yes, CredentialPolicy is ignored.

LOCAL: The remote domain controls the identity of service requests received from the local domain to the principal name specified in the local principal name for this remote domain.

GLOBAL: The remote domain passes the service request with no change.

MBean: weblogic.management.
configuration.
WTCRemoteTuxDomMBean

Attribute: CredentialPolicy

Default: "LOCAL"

Valid values:

"GLOBAL"

"LOCAL"

Readable: yes

Writable: yes

Tp User File

Defines the full path to user password file containing uid/gid information. This file is the same one generated by the Tuxedo tpusraddutility on the remote domain. Username, uid and gid information must be included and valid for correct authorization, authentication, and auditing.

MBean: weblogic.management.
configuration.
WTCRemoteTuxDomMBean

Attribute: TpUsrFile

Readable: yes

Writable: yes

Min Encryption Level

Defines the minimum encryption key length (in bits) used when establishing a network connection for a local domain.

A value of 0 indicates no encryption is used.

The value of the MinEncrypBits attribute must be less than or equal to the value of the MaxEncrypBits attribute.

A MinEncrypBits of 40 can be used only with domains running Tuxedo 7.1 or higher.

MBean: weblogic.management.
configuration.
WTCRemoteTuxDomMBean

Attribute: MinEncryptBits

Default: "0"

Valid values:

"40"

"56"

"128"

Readable: yes

Writable: yes

Max Encryption Level

Defines the maximum encryption key length (in bits) used when establishing a network connection for a local domain.

A value of 0 indicates no encryption is used.

The value of the MaxEncryptBits attribute must be greater than or equal to the value of the MinEncrypBits attribute.

A MaxEncryptBits of 40 can be used only with domains running Tuxedo 7.1 or higher.

MBean: weblogic.management.
configuration.
WTCRemoteTuxDomMBean

Attribute: MaxEncryptBits

Default: "128"

Valid values:

"40"

"56"

"128"

Readable: yes

Writable: yes