A server can specify additional network connections by using a NetworkAccessPointMBean. The NetworkAccessPointMBean is also used to set the listen address and external DNS name that a server uses for a particular channel.
| Since | 7.0.0.0 |
| Fully Qualified Interface Name | If you use the getMBeanInfo operation in MBeanTypeServiceMBean, supply the following value as this MBean's fully qualified interface name:
weblogic.management.configuration.NetworkAccessPointMBean
For more information, see: |
| Factory Methods |
This section describes the following attributes:
The number of backlogged, new TCP connection requests that this
network channel allows. A value of -1 indicates that
the network channel obtains its backlog configuration from the
server's configuration.
For more information, see:
| Privileges | Read/Write |
| Type | int |
Get the value of AllowListViolationAction attribute used with JEP 290 filtering. The default value is obtained from the domain allow list configuration.
| Privileges | Read/Write |
| Type | java.lang.String |
Test if the AllowUnEncryptedNullCipher is enabled
see setAllowUnencryptedNullCipher(boolean enable)
for the NullCipher feature.
For more information, see:
| Privileges | Read/Write |
| Type | boolean |
Private property that disables caching in proxies.
| Privileges | Read only |
| Type | boolean |
| Redeploy or Restart required | Changes take effect after you redeploy the module or restart the server. |
Whether or not the channel's custom identity should be used. This setting only has an effect if the server is using a customized keystore. By default the channel's identity is inherited from the server's identity.
For more information, see:
| Privileges | Read/Write |
| Type | boolean |
A weight to give this channel when creating server-to-server connections.
| Privileges | Read/Write |
| Type | int |
| Default Value | 50 |
| Minimum value | 1 |
| Maximum value | 100 |
Indicates the cipher suites being used on a particular WebLogic Server channel.
The strongest negotiated cipher suite is chosen during the SSL handshake. The set of cipher suites used by default by JSEE depends on the specific JDK version with which WebLogic Server is configured.
For a list of possible values, see Cipher Suites.
| Privileges | Read/Write |
| Type | class java.lang.String[] |
Specifies whether clients must present digital certificates from a trusted certificate authority to WebLogic Server on this channel.
| Privileges | Read/Write |
| Type | boolean |
| Secure value | true |
Indicate whether TLS client initiated secure renegotiation is accepted.
Deprecated.
| Available Since | Release 12.2.1.3.0 |
| Privileges | Read/Write |
| Type | boolean |
The address this network channel uses to generate EJB handles and failover addresses for use in a cluster. This value is determined according to the following order of precedence:
If the cluster address is specified via the NAPMBean, then that value is used
If this value is not specified, the value of PublicAddress is used.
If PublicAddress is not set, this value is derive from the ClusterAddress attribute of the ClusterMbean.
If ClusterMbean.clusterAddress is not set, this value is derive from the listen address of the NAPMbean.
For more information, see:
| Privileges | Read/Write |
| Type | java.lang.String |
The maximum amount of time this network channel waits for a
complete message to be received. A value of 0 disables
network channel complete message timeout. A value of
-1 indicates that the network channel obtains this
timeout value from the ServerTemplateMBean.
This timeout helps guard against denial of service attacks in which a caller indicates that they will be sending a message of a certain size which they never finish sending.
| Privileges | Read/Write |
| Type | int |
| Maximum value | 480 |
The amount of time that this network channel should wait to
establish an outbound socket connection before timing out. A value
of 0 disables network channel connect timeout.
| Privileges | Read/Write |
| Type | int |
| Maximum value | 240 |
The source of the identity keystore. For a JKS keystore, the source is the path and file name. For an Oracle Key Store Service (KSS) keystore, the source is the KSS URI.
If using a JKS keystore, the keystore path name must either be absolute or relative to where the server was booted.
If using a KSS keystore, the keystore URI must be of the form:
kss://system/keystorename
where keystorename is the name of the
keystore registered in KSS.
The value in this attribute is only used if
ServerMBean.KeyStores is
CUSTOM_IDENTITY_AND_JAVA_STANDARD_TRUST,
CUSTOM_IDENTITY_AND_CUSTOM_TRUST or
CUSTOM_IDENTITY_AND_COMMAND_LINE_TRUST.
| Privileges | Read/Write |
| Type | java.lang.String |
The encrypted custom identity keystore's passphrase. If empty or null, then the keystore will be opened without a passphrase.
This attribute is only used if
ServerMBean.KeyStores is
CUSTOM_IDENTITY_AND_JAVA_STANDARD_TRUST,
CUSTOM_IDENTITY_AND_CUSTOM_TRUST or
CUSTOM_IDENTITY_AND_COMMAND_LINE_TRUST.
When you get the value of this attribute, WebLogic Server does the following:
Retrieves the value of the
CustomIdentityKeyStorePassPhraseEncrypted
attribute.
Decrypts the value and returns the unencrypted password as a String.
When you set the value of this attribute, WebLogic Server does the following:
Encrypts the value.
Sets the value of the
CustomIdentityKeyStorePassPhraseEncrypted attribute to
the encrypted value.
Using this attribute
(CustomIdentityKeyStorePassPhrase) is a potential
security risk because the String object (which contains the
unencrypted password) remains in the JVM's memory until garbage
collection removes it and the memory is reallocated. Depending on
how memory is allocated in the JVM, a significant amount of time
could pass before this unencrypted data is removed from memory.
Instead of using this attribute, use
CustomIdentityKeyStorePassPhraseEncrypted.
For more information, see:
| Privileges | Read/Write |
| Type | java.lang.String |
| Encrypted | true |
Returns encrypted pass phrase defined when creating the keystore.
| Privileges | Read/Write |
| Type | byte[] |
| Encrypted | true |
The type of the keystore. Generally, this is JKS.
If using the Oracle Key Store Service, this would be
KSS
If empty or null, then the JDK's default keystore type
(specified in java.security) is used. The custom
identity key store type is only used if
ServerMBean.KeyStores is
CUSTOM_IDENTITY_AND_JAVA_STANDARD_TRUST,
CUSTOM_IDENTITY_AND_CUSTOM_TRUST or
CUSTOM_IDENTITY_AND_COMMAND_LINE_TRUST.
| Privileges | Read/Write |
| Type | java.lang.String |
The string alias used to store and retrieve the channel's
private key in the keystore. This private key is associated with
the server's digital certificate. A value of null
indicates that the network channel uses the alias specified in the
server's SSL configuration.
For more information, see:
| Privileges | Read/Write |
| Type | java.lang.String |
The passphrase used to retrieve the server's private key from
the keystore. This passphrase is assigned to the private key when
it is generated. A value of null indicates that the
network channel uses the pass phrase specified in the server's SSL
configuration.
For more information, see:
| Privileges | Read/Write |
| Type | java.lang.String |
| Encrypted | true |
The encrypted form of passphrase used to retrieve the server's private key from the keystore.
| Privileges | Read/Write |
| Type | byte[] |
| Encrypted | true |
Return whether the MBean was created dynamically or is persisted to config.xml
| Privileges | Read only |
| Type | boolean |
| Redeploy or Restart required | Changes take effect after you redeploy the module or restart the server. |
Specifies whether this channel should be started.
| Privileges | Read/Write |
| Type | boolean |
| Default Value | true |
List of cipher suites not to be used by WebLogic Server.
| Privileges | Read/Write |
| Type | class java.lang.String[] |
Specifies whether to ignore the installed implementation of the
weblogic.security.SSL.HostnameVerifier interface (when
this server is acting as a client to another application
server).
| Privileges | Read/Write |
| Type | boolean |
The name of the class that implements the
weblogic.security.SSL.HostnameVerifier interface.
This class verifies whether the connection to the host with the
hostname from URL should be allowed. The class is used to prevent
man-in-the-middle attacks. The
weblogic.security.SSL.HostnameVerifier has a
verify() method that WebLogic Server calls on the
client during the SSL handshake.
| Privileges | Read/Write |
| Type | java.lang.String |
Specifies whether HTTP traffic should be allowed over this network channel.
HTTP is generally required by binary protocols for downloading stubs and other resources.
| Privileges | Read/Write |
| Type | boolean |
| Default Value | true |
Return the unique id of this MBean instance
| Privileges | Read only |
| Type | long |
| Redeploy or Restart required | Changes take effect after you redeploy the module or restart the server. |
The maximum amount of time (in seconds) that a connection is
allowed to be idle before it is closed by this network channel. A
value of -1 indicates that the network channel obtains
this timeout value from the ServerTemplateMBean.
This timeout helps guard against server deadlock through too many open connections.
| Privileges | Read/Write |
| Type | int |
Indicates the client certificate validation rules for inbound SSL.
This attribute only applies to ports and network channels using 2-way SSL.
| Privileges | Read/Write |
| Type | java.lang.String |
| Legal Values |
|
The IP address or DNS name this network channel uses to listen
for incoming connections. A value of null indicates
that the network channel should obtain this value from the server's
configuration.
For more information, see:
| Privileges | Read/Write |
| Type | java.lang.String |
The default TCP port this network channel uses to listen for
regular (non-SSL) incoming connections. A value of -1
indicates that the network channel should obtain this value from
the server's configuration.
For more information, see:
| Privileges | Read/Write |
| Type | int |
The amount of time that this network channel should wait for a
connection before timing out. A value of 0 disables
network channel login timeout. A value of -1 indicates
that the network channel obtains this timeout value from the
server's configuration.
For more information, see:
| Privileges | Read/Write |
| Type | int |
| Maximum value | 100000 |
The maximum back off time between failures while accepting client connections. -1 implies that this value is inherited from the server.
| Privileges | Read/Write |
| Type | int |
The maximum number of clients that can be connected on this network channel.
| Privileges | Read/Write |
| Type | int |
| Default Value | 2147483647 |
The maximum message size allowable in a message header.
This maximum attempts to prevent a denial of service attack whereby a caller attempts to force the server to allocate more memory than is available thereby keeping the server from responding quickly to other requests.
A client can set this value using the
-Dweblogic.MaxMessageSize property.
| Privileges | Read/Write |
| Type | int |
| Minimum value | 4096 |
| Maximum value | 100000000 |
Returns the MBean info for this MBean.
Deprecated.
| Privileges | Read only |
| Type | javax.management.MBeanInfo |
| Redeploy or Restart required | Changes take effect after you redeploy the module or restart the server. |
Get the minimum SSL/TLS protocol version to be used in a network channel.
For more information, see:
| Available Since | Release 12.2.1.0.0 |
| Privileges | Read/Write |
| Type | java.lang.String |
The name of this network channel.
| Privileges | Read/Write |
| Type | java.lang.String |
| Default Value | <unknown> |
Optional information that you can include to describe this configuration.
WebLogic Server saves this note in the domain's configuration
file (config.xml) as XML PCDATA. All left angle
brackets (<) are converted to the XML entity
<. Carriage returns/line feeds are
preserved.
Note: If you create or edit a note from the Administration Console, the Administration Console does not preserve carriage returns/line feeds.
| Privileges | Read/Write |
| Security roles | Write access is granted only to the following roles:
|
| Type | java.lang.String |
Returns the ObjectName under which this MBean is registered in the MBean server.
Deprecated.
| Privileges | Read only |
| Type | weblogic.management.WebLogicObjectName |
| Redeploy or Restart required | Changes take effect after you redeploy the module or restart the server. |
Indicates the server certificate validation rules for outbound SSL.
This attribute always applies to outbound SSL that is part of
WebLogic Server (that is, an Administration Server talking to the
Node Manager). It does not apply to application code in the server
that is using outbound SSL unless the application code uses a
weblogic.security.SSL.ServerTrustManager that is
configured to use outbound SSL validation.
| Privileges | Read/Write |
| Type | java.lang.String |
| Legal Values |
|
Specifies whether new server-to-server connections may consider this network channel when initiating a connection. This is only relevant if the connection needs to be bound to the network channel's listen address. This will only work for binary protocols that support both outbound and inbound traffic.
When this feature is not enabled, connections are initiated using a local address selected by the underlying hardware.
The default is false.
Outbound channels are selected at runtime either by virtue of
the fact of being the only outbound-enabled channel for the
required protocol, or by name in
weblogic.jndi.Environment#setProviderChannel.
The HTTP protocol is implicitly enabled for all the outbound channels, but you need to use the WLS client library (HTTP client) and set the channel on the connection.
For more information, see:
| Privileges | Read/Write |
| Type | boolean |
The string alias used to store and retrieve the outbound private key in the keystore. This private key is associated with either a server or a client digital certificate. This attribute value is derived from other settings and cannot be physically set.
The returned value is determined as follows:
If isOutboundPrivateKeyEnabled and
isChannelIdentityCustomized return true, the
value from CustomPrivateKeyAlias is
returned.
Otherwise, the value from SSLMBean#getOutboundPrivateKeyAlias is returned from the
ServerMBean for the channel.
For more information, see:
| Privileges | Read only |
| Type | java.lang.String |
Specifies whether the identity specified by CustomPrivateKeyAlias should be used for outbound SSL connections on this channel. In normal circumstances the outbound identity is determined by the caller's environment.
| Privileges | Read/Write |
| Type | boolean |
The passphrase used to retrieve the outbound private key from the keystore. This passphrase is assigned to the private key when it is generated. This attribute value is derived from other settings and cannot be physically set.
The returned value is determined as follows:
If isOutboundPrivateKeyEnabled and
isChannelIdentityCustomized return true, the
value from CustomPrivateKeyPassPhrase is
returned.
Otherwise, the value from SSLMBean#getOutboundPrivateKeyPassPhrase is returned from
the ServerMBean for the channel.
For more information, see:
| Privileges | Read only |
| Type | java.lang.String |
Return the immediate parent for this MBean
| Privileges | Read/Write |
| Type |
The string alias used to store and retrieve the channel's private key in the keystore. This private key is associated with the server's digital certificate. This value is derived from other settings on the channel and cannot be physically set.
For more information, see:
| Privileges | Read only |
| Type | java.lang.String |
The passphrase used to retrieve the server's private key from the keystore. This passphrase is assigned to the private key when it is generated. This value is derived from other settings on the channel and cannot be physically set.
For more information, see:
| Privileges | Read only |
| Type | java.lang.String |
The protocol this network channel should use for connections.
| Privileges | Read/Write |
| Type | java.lang.String |
| Default Value | t3 |
| Secure value | t3s |
The IP address or DNS name of the HTTP proxy to use for outbound connections on this channel. The HTTP proxy must support the CONNECT tunneling command.
This option is only effective when OutboundEnabled is set on the channel.
| Privileges | Read/Write |
| Type | java.lang.String |
The port of the HTTP proxy to use for outbound connections on this channel. The HTTP proxy must support the CONNECT tunneling command.
This option is only effective when OutboundEnabled and ProxyHost are set on the channel.
| Privileges | Read/Write |
| Type | int |
| Default Value | 80 |
The IP address or DNS name representing the external identity of
this network channel. A value of null indicates that
the network channel's Listen Address is also its external address.
If the Listen Address is null,the network channel
obtains its external identity from the server's configuration.
This is required for the configurations which need to cross a firewall doing Network Address Translation.
For more information, see:
| Privileges | Read/Write |
| Type | java.lang.String |
The externally published listen port for this network channel. A
value of -1 indicates that the network channel's
Listen Port is also its public listen port. If the Listen Port is
-1,the network channel obtains its public listen port
from the server's configuration.
For more information, see:
| Privileges | Read/Write |
| Type | int |
Returns false if the MBean represented by this object has been unregistered.
Deprecated.
| Privileges | Read only |
| Type | boolean |
| Redeploy or Restart required | Changes take effect after you redeploy the module or restart the server. |
Resolve the listen address to use for all T3 communication
For more information, see:
| Privileges | Read/Write |
| Type | boolean |
Enables Socket Direct Protocol (SDP) on this channel. Enable this attribute when configuring session replication enhancements for Managed Servers in a WebLogic cluster for Oracle Exalogic. SDP is removed from JDK11.
Deprecated.
| Privileges | Read/Write |
| Type | boolean |
Indicates whether to honor the server cipher suites preference.
For more information, see:
| Privileges | Read/Write |
| Type | boolean |
| Default Value | true |
Indicate whether SSLv2Hello is enabled in a network channel.
| Available Since | Release 12.2.1.0.0 |
| Privileges | Read/Write |
| Type | boolean |
Return all tags on this Configuration MBean
| Available Since | Release 12.2.1.0.0 |
| Privileges | Read/Write |
| Type | class java.lang.String[] |
Determines if connections with pending responses are allowed to timeout. It defaults to false. If set to true, the connection will be timed out for this channel if it exceeds the idleConnectionTimeout value.
Note: This setting only applies to IIOP connections.
| Privileges | Read/Write |
| Type | boolean |
The interval (in seconds) at which this network channel should
ping an HTTP-tunneled client to see if its still alive. A value of
-1 indicates that the network channel obtains this
interval from the ServerTemplateMBean. (Requires you to enable
tunneling for the network channel.)
For more information, see:
| Privileges | Read/Write |
| Type | int |
| Minimum value | 1 |
The amount of time (in seconds) after which this network channel
considers a missing HTTP-tunneled client to be dead. A value of
-1 indicates that the network channel obtains this
timeout value from the ServerTemplateMBean. (Requires you to enable
tunneling for the network channel.)
For more information, see:
| Privileges | Read/Write |
| Type | int |
| Minimum value | 1 |
Specifies whether tunneling via HTTP should be enabled for this network channel. This value is not inherited from the server's configuration.
| Privileges | Read/Write |
| Type | boolean |
Specifies whether this network channel uses two way SSL.
| Privileges | Read/Write |
| Type | boolean |
| Secure value | true |
Returns the type of the MBean.
| Privileges | Read only |
| Type | java.lang.String |
| Redeploy or Restart required | Changes take effect after you redeploy the module or restart the server. |
Specifies whether to use non-standard object serialization for performance. This option works in different ways for different protocols. In particular under IIOP this option uses Java serialization rather than RMI-IIOP serialization. In general using non-standard serialization is not suitable for interop scenarios and may imply some feature loss.
| Privileges | Read/Write |
| Type | boolean |
This section describes the following operations:
Add a tag to this Configuration MBean. Adds a tag to the current set of tags on the Configuration MBean. Tags may contain white spaces.
| Operation Name | "addTag" |
| Parameters | Object [] { tag }
where:
|
| Signature | String [] {
"java.lang.String" } |
| Returns |
boolean
|
| Exceptions |
|
If the specified attribute has not been set explicitly, and if the attribute has a default value, this operation forces the MBean to persist the default value.
Unless you use this operation, the default value is not saved and is subject to change if you update to a newer release of WebLogic Server. Invoking this operation isolates this MBean from the effects of such changes.
Note: To insure that you are freezing the default value, invoke
the restoreDefaultValue operation before you invoke
this.
This operation has no effect if you invoke it on an attribute that does not provide a default value or on an attribute for which some other value has been set.
Deprecated.
| Operation Name | "freezeCurrentValue" |
| Parameters | Object [] { attributeName }
where:
|
| Signature | String [] {
"java.lang.String" } |
| Returns |
void
|
| Exceptions |
|
Return all properties' names whose value is inherited from template mbean. this is a convenient method to get inheritance info on multiple properties in one jmx call.
| Operation Name | "getInheritedProperties" |
| Parameters | Object [] { propertyNames }
where:
|
| Signature | String [] {
"[Ljava.lang.String;" } |
| Returns |
class |
Check if the value of a property is inherited from template mbean or not.
| Operation Name | "isInherited" |
| Parameters | Object [] { propertyName }
where:
|
| Signature | String [] {
"java.lang.String" } |
| Returns |
boolean
|
Returns true if the specified attribute has been set explicitly in this MBean instance.
| Operation Name | "isSet" |
| Parameters | Object [] { propertyName }
where:
|
| Signature | String [] {
"java.lang.String" } |
| Returns |
boolean
|
Remove a tag from this Configuration MBean
| Operation Name | "removeTag" |
| Parameters | Object [] { tag }
where:
|
| Signature | String [] {
"java.lang.String" } |
| Returns |
boolean
|
| Exceptions |
|
If the specified attribute has a default value, this operation removes any value that has been set explicitly and causes the attribute to use the default value.
Default values are subject to change if you update to a newer
release of WebLogic Server. To prevent the value from changing if
you update to a newer release, invoke the
freezeCurrentValue operation.
This operation has no effect if you invoke it on an attribute that does not provide a default value or on an attribute that is already using the default.
Deprecated.
| Operation Name | "restoreDefaultValue" |
| Parameters | Object [] { attributeName }
where:
|
| Signature | String [] {
"java.lang.String" } |
| Returns |
void
|
| Exceptions |
|
Restore the given property to its default value.
| Operation Name | "unSet" |
| Parameters | Object [] { propertyName }
where:
|
| Signature | String [] {
"java.lang.String" } |
| Returns |
void
|