wls server channel
Overview
This resource allows you to manage a server channel in an WebLogic domain.
Here is an example on how you should use this:
wls_server_channel { 'wlsServer1:Channel-Cluster':
ensure => 'present',
channel_identity_customized => '0',
client_certificate_enforced => '0',
custom_identity_alias => 'node1',
enabled => 1,
httpenabled => 1,
listenaddress => '10.10.10.100',
listenport => '8003',
max_message_size => '25000000',
outboundenabled => '0',
protocol => 'cluster-broadcast',
publicaddress => '10.10.10.100',
publicport => '8003',
tunnelingenabled => '0',
two_way_ssl => '0',
}
In this example you are managing a server channel in the default domain. When you want to manage a server channel in a specific domain, you can use:
wls_server_channel { 'my_domain/wlsServer1:HTTP':
ensure => 'present',
channel_identity_customized => '0',
client_certificate_enforced => '0',
custom_identity_alias => 'node1',
enabled => 1,
httpenabled => 1,
listenport => '8004',
max_message_size => '35000000',
outboundenabled => '0',
protocol => 'http',
publicport => '8104',
tunnelingenabled => '0',
two_way_ssl => '0',
}
Here are some more examples:
wls_server_channel { 'default/wlsServer2:Channel-Cluster':
ensure => 'present',
channel_identity_customized => '0',
client_certificate_enforced => '0',
custom_identity_alias => 'node2',
enabled => 1,
httpenabled => 1,
listenaddress => '10.10.10.200',
listenport => '8003',
max_message_size => '25000000',
outboundenabled => '0',
protocol => 'cluster-broadcast',
publicaddress => '10.10.10.200',
publicport => '8003',
tunnelingenabled => '0',
two_way_ssl => '0',
}
wls_server_channel { 'default/wlsServer2:HTTP':
ensure => 'present',
channel_identity_customized => '0',
client_certificate_enforced => '0',
custom_identity_alias => 'node2',
enabled => 1,
httpenabled => 1,
listenport => '8004',
max_message_size => '35000000',
outboundenabled => '0',
protocol => 'http',
publicport => '8104',
tunnelingenabled => '0',
two_way_ssl => '0',
}
Attributes
Attribute Name | Short Description |
---|---|
accept_backlog | The number of backlogged, new TCP connection requests that this network channel allows. |
allow_unencrypted_null_cipher | Test if the AllowUnEncryptedNullCipher is enabled see setAllowUnencryptedNullCipher(boolean enable) for the NullCipher feature. |
channel_identity_customized | Override the server SSL Identity for this channel. |
channel_name | Server channel name |
channel_weight | A weight to give this channel when creating server-to-server connections. |
ciphersuites | Indicates the cipher suites being used on a particular WebLogic Server channel. |
client_certificate_enforced | Should client certificate be enforced on the server. |
cluster_address | The address this network channel uses to generate EJB handles and failover addresses for use in a cluster. |
complete_message_timeout | The maximum amount of time this network channel waits for a complete message to be received. |
connect_timeout | The amount of time that this network channel should wait to establish an outbound socket connection before timing out. |
custom_identity_alias | The custom identity alias. |
custom_identity_key_store_file_name | The source of the identity keystore. |
custom_identity_key_store_pass_phrase | The encrypted custom identity keystore’s passphrase. |
custom_identity_key_store_type | The type of the keystore. |
custom_identity_privatekey_passphrase | The custom identity privatekey passphrase. |
custom_private_key_alias | The string alias used to store and retrieve the channel’s private key in the keystore. |
custom_private_key_pass_phrase | The passphrase used to retrieve the server’s private key from the keystore. |
disable_autorequire | Puppet supports automatic ordering of resources by autorequire. |
disable_corrective_change | Disable the modification of a resource when Puppet decides it is a corrective change. |
disable_corrective_ensure | Disable the creation or removal of a resource when Puppet decides is a corrective change. |
domain | With this parameter, you identify the domain, where your objects is in. |
enabled | The channel enabled on the server |
ensure | The basic property that the resource should be in. |
hostname_verification_ignored | Specifies whether to ignore the installed implementation of the weblogic.security.SSL.HostnameVerifier interface (when this server is acting as a client to another application server). |
hostname_verifier | The name of the class that implements the weblogic.security.SSL.HostnameVerifier interface. |
http_enabled_for_this_protocol | Specifies whether HTTP traffic should be allowed over this network channel. |
httpenabled | The channel HTTP enabled on the server |
idle_connection_timeout | The maximum amount of time (in seconds) that a connection is allowed to be idle before it is closed by this network channel. |
inbound_certificate_validation | Indicates the client certificate validation rules for inbound SSL. |
listen_address | The IP address or DNS name this network channel uses to listen for incoming connections. |
listen_port | The default TCP port this network channel uses to listen for regular (non-SSL) incoming connections. |
listenaddress | The listenaddress of the server channel |
listenport | The channel listenport of the server |
login_timeout_millis | The amount of time that this network channel should wait for a connection before timing out. |
max_backoff_between_failures | The maximum back off time between failures while accepting client connections. |
max_connected_clients | The maximum number of clients that can be connected on this network channel. |
max_message_size | The max message size of the server. |
name | The name. |
notes | Optional information that you can include to describe this configuration. |
outbound_certificate_validation | Indicates the server certificate validation rules for outbound SSL. |
outbound_enabled | Specifies whether new server-to-server connections may consider this network channel when initiating a connection. |
outbound_private_key_alias | The string alias used to store and retrieve the outbound private key in the keystore. |
outbound_private_key_enabled | Specifies whether the identity specified by {@link #getCustomPrivateKeyAlias} should be used for outbound SSL connections on this channel. |
outbound_private_key_pass_phrase | The passphrase used to retrieve the outbound private key from the keystore. |
outboundenabled | The channel outbound enabled on the server |
private_key_alias | The string alias used to store and retrieve the channel’s private key in the keystore. |
private_key_pass_phrase | The passphrase used to retrieve the server’s private key from the keystore. |
protocol | The server channel protocol. |
provider | resource. |
proxy_address | The IP address or DNS name of the HTTP proxy to use for outbound connections on this channel. |
proxy_port | The port of the HTTP proxy to use for outbound connections on this channel. |
public_address | The IP address or DNS name representing the external identity of this network channel. |
public_port | The externally published listen port for this network channel. |
publicaddress | The public address of the server channel |
publicport | The channel public listen port of the server. |
resolve_dns_name | Resolve the listen address to use for all T3 communication |
sdp_enabled | Enables Socket Direct Protocol (SDP) on this channel. |
server | The server name |
timeout | Timeout for applying a resource. |
timeout_connection_with_pending_responses | Determines if connections with pending responses are allowed to timeout. |
tunneling_client_ping_secs | The interval (in seconds) at which this network channel should ping an HTTP-tunneled client to see if its still alive. |
tunneling_client_timeout_secs | The amount of time (in seconds) after which this network channel considers a missing HTTP-tunneled client to be dead. |
tunneling_enabled | Specifies whether tunneling via HTTP should be enabled for this network channel. |
tunnelingenabled | The channel tunneling enabled on the server |
two_way_ssl | Should Two Way SSL be used on the server. |
two_way_ssl_enabled | Specifies whether this network channel uses two way SSL. |
use_fast_serialization | Specifies whether to use non-standard object serialization for performance. |
accept_backlog
The number of backlogged, new TCP connection requests that this network channel allows. A value of -1 indicates that the network channel obtains its backlog configuration from the server’s configuration.
An example on how to use this:
wls_server_channel {a_wls_server_channel :
...
accept_backlog => 'a_value'
...
}
This is an extended property. Before you can use it add it to the wls_settings
property extra_properties
.
wls_setting{'domain':
...
extra_properties => ['wls_server_channel:accept_backlog']
...
}
This help text generated from MBean text of the WebLogic server.
Back to overview of wls_server_channel
allow_unencrypted_null_cipher
Test if the AllowUnEncryptedNullCipher is enabled see setAllowUnencryptedNullCipher(boolean enable)
for the NullCipher feature.
An example on how to use this:
wls_server_channel {a_wls_server_channel :
...
allow_unencrypted_null_cipher => 1,
...
}
This is an extended property. Before you can use it add it to the wls_settings
property extra_properties
.
wls_setting{'domain':
...
extra_properties => ['wls_server_channel:allow_unencrypted_null_cipher']
...
}
This help text generated from MBean text of the WebLogic server.
Valid values are absent
, 1
, 0
.
Back to overview of wls_server_channel
channel_identity_customized
Override the server SSL Identity for this channel.
Valid values are absent
, 1
, 0
.
Back to overview of wls_server_channel
channel_name
Server channel name
Back to overview of wls_server_channel
channel_weight
A weight to give this channel when creating server-to-server connections.
An example on how to use this:
wls_server_channel {a_wls_server_channel :
...
channel_weight => '50'
...
}
This is an extended property. Before you can use it add it to the wls_settings
property extra_properties
.
wls_setting{'domain':
...
extra_properties => ['wls_server_channel:channel_weight']
...
}
This help text generated from MBean text of the WebLogic server.
Back to overview of wls_server_channel
ciphersuites
Indicates the cipher suites being used on a particular WebLogic Server channel. The strongest negotiated cipher suite is chosen during the SSL handshake. The set of cipher suites used by default by JSEE depends on the specific JDK version with which WebLogic Server is configured. For a list of possible values, see Cipher Suites.
An example on how to use this:
wls_server_channel {a_wls_server_channel :
...
ciphersuites => 'a_value'
...
}
This is an extended property. Before you can use it add it to the wls_settings
property extra_properties
.
wls_setting{'domain':
...
extra_properties => ['wls_server_channel:ciphersuites']
...
}
This help text generated from MBean text of the WebLogic server.
Back to overview of wls_server_channel
client_certificate_enforced
Should client certificate be enforced on the server.
Valid values are absent
, 1
, 0
.
Back to overview of wls_server_channel
cluster_address
The address this network channel uses to generate EJB handles and failover addresses for use in a cluster. This value is determined according to the following order of precedence:
- If the cluster address is specified via the NAPMBean, then that value is used
- If this value is not specified, the value of PublicAddress is used.
- If PublicAddress is not set, this value is derive from the ClusterAddress attribute of the ClusterMbean.
- If ClusterMbean.clusterAddress is not set, this value is derive from the listen address of the NAPMbean.
An example on how to use this:
wls_server_channel {a_wls_server_channel :
...
cluster_address => 'a_value'
...
}
This is an extended property. Before you can use it add it to the wls_settings
property extra_properties
.
wls_setting{'domain':
...
extra_properties => ['wls_server_channel:cluster_address']
...
}
This help text generated from MBean text of the WebLogic server.
Back to overview of wls_server_channel
complete_message_timeout
The maximum amount of time this network channel waits for a complete message to be received. A value of 0
disables network channel complete message timeout. A value of -1 indicates that the network channel obtains this timeout value from the ServerTemplateMBean. This timeout helps guard against denial of service attacks in which a caller indicates that they will be sending a message of a certain size which they never finish sending.
An example on how to use this:
wls_server_channel {a_wls_server_channel :
...
complete_message_timeout => 'a_value'
...
}
This is an extended property. Before you can use it add it to the wls_settings
property extra_properties
.
wls_setting{'domain':
...
extra_properties => ['wls_server_channel:complete_message_timeout']
...
}
This help text generated from MBean text of the WebLogic server.
Back to overview of wls_server_channel
connect_timeout
The amount of time that this network channel should wait to establish an outbound socket connection before timing out. A value of 0
disables network channel connect timeout.
An example on how to use this:
wls_server_channel {a_wls_server_channel :
...
connect_timeout => 'a_value'
...
}
This is an extended property. Before you can use it add it to the wls_settings
property extra_properties
.
wls_setting{'domain':
...
extra_properties => ['wls_server_channel:connect_timeout']
...
}
This help text generated from MBean text of the WebLogic server.
Back to overview of wls_server_channel
custom_identity_alias
The custom identity alias.
Back to overview of wls_server_channel
custom_identity_key_store_file_name
The source of the identity keystore. For a JKS keystore, the source is the path and file name. For an Oracle Key Store Service (KSS) keystore, the source is the KSS URI. If using a JKS keystore, the keystore path name must either be absolute or relative to where the server was booted. If using a KSS keystore, the keystore URI must be of the form:
"kss://system/keystorename
"
where "keystorename
" is the name of the keystore registered in KSS. The value in this attribute is only used if ServerMBean.KeyStores is CUSTOM_IDENTITY_AND_JAVA_STANDARD_TRUST, CUSTOM_IDENTITY_AND_CUSTOM_TRUST or CUSTOM_IDENTITY_AND_COMMAND_LINE_TRUST.
An example on how to use this:
wls_server_channel {a_wls_server_channel :
...
custom_identity_key_store_file_name => 'a_value'
...
}
This is an extended property. Before you can use it add it to the wls_settings
property extra_properties
.
wls_setting{'domain':
...
extra_properties => ['wls_server_channel:custom_identity_key_store_file_name']
...
}
This help text generated from MBean text of the WebLogic server.
Back to overview of wls_server_channel
custom_identity_key_store_pass_phrase
The encrypted custom identity keystore’s passphrase. If empty or null, then the keystore will be opened without a passphrase. This attribute is only used if ServerMBean.KeyStores is CUSTOM_IDENTITY_AND_JAVA_STANDARD_TRUST, CUSTOM_IDENTITY_AND_CUSTOM_TRUST or CUSTOM_IDENTITY_AND_COMMAND_LINE_TRUST. When you get the value of this attribute, WebLogic Server does the following: <ol><li>Retrieves the value of the CustomIdentityKeyStorePassPhraseEncrypted
attribute.</li> <li>Decrypts the value and returns the unencrypted password as a String.</li> </ol> When you set the value of this attribute, WebLogic Server does the following: <ol><li>Encrypts the value.</li> <li>Sets the value of the CustomIdentityKeyStorePassPhraseEncrypted
attribute to the encrypted value.</li> </ol> Using this attribute (CustomIdentityKeyStorePassPhrase
) is a potential security risk because the String object (which contains the unencrypted password) remains in the JVM’s memory until garbage collection removes it and the memory is reallocated. Depending on how memory is allocated in the JVM, a significant amount of time could pass before this unencrypted data is removed from memory. Instead of using this attribute, use CustomIdentityKeyStorePassPhraseEncrypted
.
An example on how to use this:
wls_server_channel {a_wls_server_channel :
...
custom_identity_key_store_pass_phrase => 'a_value'
...
}
This is an extended property. Before you can use it add it to the wls_settings
property extra_properties
.
wls_setting{'domain':
...
extra_properties => ['wls_server_channel:custom_identity_key_store_pass_phrase']
...
}
This help text generated from MBean text of the WebLogic server.
Back to overview of wls_server_channel
custom_identity_key_store_type
The type of the keystore. Generally, this is JKS
. If using the Oracle Key Store Service, this would be KSS
If empty or null, then the JDK’s default keystore type (specified in java.security
) is used. The custom identity key store type is only used if ServerMBean.KeyStores is CUSTOM_IDENTITY_AND_JAVA_STANDARD_TRUST, CUSTOM_IDENTITY_AND_CUSTOM_TRUST or CUSTOM_IDENTITY_AND_COMMAND_LINE_TRUST.
An example on how to use this:
wls_server_channel {a_wls_server_channel :
...
custom_identity_key_store_type => 'a_value'
...
}
This is an extended property. Before you can use it add it to the wls_settings
property extra_properties
.
wls_setting{'domain':
...
extra_properties => ['wls_server_channel:custom_identity_key_store_type']
...
}
This help text generated from MBean text of the WebLogic server.
Back to overview of wls_server_channel
custom_identity_privatekey_passphrase
The custom identity privatekey passphrase.
Back to overview of wls_server_channel
custom_private_key_alias
The string alias used to store and retrieve the channel’s private key in the keystore. This private key is associated with the server’s digital certificate. A value of null indicates that the network channel uses the alias specified in the server’s SSL configuration.
An example on how to use this:
wls_server_channel {a_wls_server_channel :
...
custom_private_key_alias => 'a_value'
...
}
This is an extended property. Before you can use it add it to the wls_settings
property extra_properties
.
wls_setting{'domain':
...
extra_properties => ['wls_server_channel:custom_private_key_alias']
...
}
This help text generated from MBean text of the WebLogic server.
Back to overview of wls_server_channel
custom_private_key_pass_phrase
The passphrase used to retrieve the server’s private key from the keystore. This passphrase is assigned to the private key when it is generated. A value of null indicates that the network channel uses the pass phrase specified in the server’s SSL configuration.
An example on how to use this:
wls_server_channel {a_wls_server_channel :
...
custom_private_key_pass_phrase => 'a_value'
...
}
This is an extended property. Before you can use it add it to the wls_settings
property extra_properties
.
wls_setting{'domain':
...
extra_properties => ['wls_server_channel:custom_private_key_pass_phrase']
...
}
This help text generated from MBean text of the WebLogic server.
Back to overview of wls_server_channel
disable_autorequire
Puppet supports automatic ordering of resources by autorequire. Sometimes, however, this causes issues. Setting this parameter to true
, disables autorequiring for this specific resource.
USE WITH CAUTION!!
Here is an example on hopw to use this:
...{'domain_name/...':
disableautorequire => true,
...
}
Back to overview of wls_server_channel
disable_corrective_change
Disable the modification of a resource when Puppet decides it is a corrective change.
(requires easy_type V2.11.0 or higher)
When using a Puppet Server, Puppet knows about adaptive and corrective changes. A corrective change is when Puppet notices that the resource has changed, but the catalog has not changed. This can occur for example, when a user, by accident or willingly, changed something on the system that Puppet is managing. The normal Puppet process then repairs this and puts the resource back in the state as defined in the catalog. This process is precisely what you want most of the time, but not always. This can sometimes also occur when a hardware or network error occurs. Then Puppet cannot correctly determine the current state of the system and thinks the resource is changed, while in fact, it is not. Letting Puppet recreate remove or change the resource in these cases, is NOT wat you want.
Using the disable_corrective_change
parameter, you can disable corrective changes on the current resource.
Here is an example of this:
crucial_resource {'be_carefull':
...
disable_corrective_change => true,
...
}
When a corrective ensure does happen on the resource Puppet will not modify the resource and signal an error:
Error: Corrective change present requested by catalog, but disabled by parameter disable_corrective_change
Error: /Stage[main]/Main/Crucial_resource[be_carefull]/parameter: change from '10' to '20' failed: Corrective change present requested by catalog, but disabled by parameter disable_corrective_change. (corrective)
Back to overview of wls_server_channel
disable_corrective_ensure
Disable the creation or removal of a resource when Puppet decides is a corrective change.
(requires easy_type V2.11.0 or higher)
When using a Puppet Server, Puppet knows about adaptive and corrective changes. A corrective change is when Puppet notices that the resource has changed, but the catalog has not changed. This can occur for example, when a user, by accident or willingly, changed something on the system that Puppet is managing. The normal Puppet process then repairs this and puts the resource back in the state as defined in the catalog. This process is precisely what you want most of the time, but not always. This can sometimes also occur when a hardware or network error occurs. Then Puppet cannot correctly determine the current state of the system and thinks the resource is changed, while in fact, it is not. Letting Puppet recreate remove or change the resource in these cases, is NOT wat you want.
Using the disable_corrective_ensure
parameter, you can disable corrective ensure present or ensure absent actions on the current resource.
Here is an example of this:
crucial_resource {'be_carefull':
ensure => 'present',
...
disable_corrective_ensure => true,
...
}
When a corrective ensure does happen on the resource Puppet will not create or remove the resource and signal an error:
Error: Corrective ensure present requested by catalog, but disabled by parameter disable_corrective_ensure.
Error: /Stage[main]/Main/Crucial_resource[be_carefull]/ensure: change from 'absent' to 'present' failed: Corrective ensure present requested by catalog, but disabled by parameter disable_corrective_ensure. (corrective)
Back to overview of wls_server_channel
domain
With this parameter, you identify the domain, where your objects is in.
The domain name is part of the full qualified name of any WebLogic object on a system. Let’s say we want to describe a WebLogic server. The full qualified name is:
wls_server{'domain_name/server_name':
ensure => present,
...
}
When you don’t specify a domain name, Puppet will use default
as domain name. For every domain you want to manage, you’ll have to put a wls_settings
in your manifest.
Back to overview of wls_server_channel
enabled
The channel enabled on the server
Valid values are absent
, 1
, 0
.
Back to overview of wls_server_channel
ensure
The basic property that the resource should be in.
Valid values are present
, absent
.
Back to overview of wls_server_channel
hostname_verification_ignored
Specifies whether to ignore the installed implementation of the weblogic.security.SSL.HostnameVerifier
interface (when this server is acting as a client to another application server).
An example on how to use this:
wls_server_channel {a_wls_server_channel :
...
hostname_verification_ignored => 1,
...
}
This is an extended property. Before you can use it add it to the wls_settings
property extra_properties
.
wls_setting{'domain':
...
extra_properties => ['wls_server_channel:hostname_verification_ignored']
...
}
This help text generated from MBean text of the WebLogic server.
Valid values are absent
, 1
, 0
.
Back to overview of wls_server_channel
hostname_verifier
The name of the class that implements the weblogic.security.SSL.HostnameVerifier
interface. This class verifies whether the connection to the host with the hostname from URL should be allowed. The class is used to prevent man-in-the-middle attacks. The weblogic.security.SSL.HostnameVerifier
has a verify()
method that WebLogic Server calls on the client during the SSL handshake.
An example on how to use this:
wls_server_channel {a_wls_server_channel :
...
hostname_verifier => 'a_value'
...
}
This is an extended property. Before you can use it add it to the wls_settings
property extra_properties
.
wls_setting{'domain':
...
extra_properties => ['wls_server_channel:hostname_verifier']
...
}
This help text generated from MBean text of the WebLogic server.
Back to overview of wls_server_channel
http_enabled_for_this_protocol
Specifies whether HTTP traffic should be allowed over this network channel. HTTP is generally required by binary protocols for downloading stubs and other resources.
An example on how to use this:
wls_server_channel {a_wls_server_channel :
...
http_enabled_for_this_protocol => 1,
...
}
This is an extended property. Before you can use it add it to the wls_settings
property extra_properties
.
wls_setting{'domain':
...
extra_properties => ['wls_server_channel:http_enabled_for_this_protocol']
...
}
This help text generated from MBean text of the WebLogic server.
Valid values are absent
, 1
, 0
.
Back to overview of wls_server_channel
httpenabled
The channel HTTP enabled on the server
Valid values are absent
, 1
, 0
.
Back to overview of wls_server_channel
idle_connection_timeout
The maximum amount of time (in seconds) that a connection is allowed to be idle before it is closed by this network channel. A value of -1 indicates that the network channel obtains this timeout value from the ServerTemplateMBean. This timeout helps guard against server deadlock through too many open connections.
An example on how to use this:
wls_server_channel {a_wls_server_channel :
...
idle_connection_timeout => 'a_value'
...
}
This is an extended property. Before you can use it add it to the wls_settings
property extra_properties
.
wls_setting{'domain':
...
extra_properties => ['wls_server_channel:idle_connection_timeout']
...
}
This help text generated from MBean text of the WebLogic server.
Back to overview of wls_server_channel
inbound_certificate_validation
Indicates the client certificate validation rules for inbound SSL. This attribute only applies to ports and network channels using 2-way SSL.
An example on how to use this:
wls_server_channel {a_wls_server_channel :
...
inbound_certificate_validation => 'a_value'
...
}
This is an extended property. Before you can use it add it to the wls_settings
property extra_properties
.
wls_setting{'domain':
...
extra_properties => ['wls_server_channel:inbound_certificate_validation']
...
}
This help text generated from MBean text of the WebLogic server.
Back to overview of wls_server_channel
listen_address
The IP address or DNS name this network channel uses to listen for incoming connections. A value of null indicates that the network channel should obtain this value from the server’s configuration.
An example on how to use this:
wls_server_channel {a_wls_server_channel :
...
listen_address => 'a_value'
...
}
This is an extended property. Before you can use it add it to the wls_settings
property extra_properties
.
wls_setting{'domain':
...
extra_properties => ['wls_server_channel:listen_address']
...
}
This help text generated from MBean text of the WebLogic server.
Back to overview of wls_server_channel
listen_port
The default TCP port this network channel uses to listen for regular (non-SSL) incoming connections. A value of -1 indicates that the network channel should obtain this value from the server’s configuration.
An example on how to use this:
wls_server_channel {a_wls_server_channel :
...
listen_port => 'a_value'
...
}
This is an extended property. Before you can use it add it to the wls_settings
property extra_properties
.
wls_setting{'domain':
...
extra_properties => ['wls_server_channel:listen_port']
...
}
This help text generated from MBean text of the WebLogic server.
Back to overview of wls_server_channel
listenaddress
The listenaddress of the server channel
Back to overview of wls_server_channel
listenport
The channel listenport of the server
Back to overview of wls_server_channel
login_timeout_millis
The amount of time that this network channel should wait for a connection before timing out. A value of 0
disables network channel login timeout. A value of -1 indicates that the network channel obtains this timeout value from the server’s configuration.
An example on how to use this:
wls_server_channel {a_wls_server_channel :
...
login_timeout_millis => 'a_value'
...
}
This is an extended property. Before you can use it add it to the wls_settings
property extra_properties
.
wls_setting{'domain':
...
extra_properties => ['wls_server_channel:login_timeout_millis']
...
}
This help text generated from MBean text of the WebLogic server.
Back to overview of wls_server_channel
max_backoff_between_failures
The maximum back off time between failures while accepting client connections. -1 implies that this value is inherited from the server.
An example on how to use this:
wls_server_channel {a_wls_server_channel :
...
max_backoff_between_failures => 'a_value'
...
}
This is an extended property. Before you can use it add it to the wls_settings
property extra_properties
.
wls_setting{'domain':
...
extra_properties => ['wls_server_channel:max_backoff_between_failures']
...
}
This help text generated from MBean text of the WebLogic server.
Back to overview of wls_server_channel
max_connected_clients
The maximum number of clients that can be connected on this network channel.
An example on how to use this:
wls_server_channel {a_wls_server_channel :
...
max_connected_clients => '2147483647'
...
}
This is an extended property. Before you can use it add it to the wls_settings
property extra_properties
.
wls_setting{'domain':
...
extra_properties => ['wls_server_channel:max_connected_clients']
...
}
This help text generated from MBean text of the WebLogic server.
Back to overview of wls_server_channel
max_message_size
The max message size of the server.
Back to overview of wls_server_channel
name
The name.
Back to overview of wls_server_channel
notes
Optional information that you can include to describe this configuration. WebLogic Server saves this note in the domain’s configuration file (config.xml
) as XML PCDATA. All left angle brackets (<) are converted to the XML entity <
. Carriage returns/line feeds are preserved. <dl> <dt>Note:</dt> <dd> If you create or edit a note from the Administration Console, the Administration Console does not preserve carriage returns/line feeds. </dd> </dl>
An example on how to use this:
wls_server_channel {a_wls_server_channel :
...
notes => 'a_value'
...
}
This is an extended property. Before you can use it add it to the wls_settings
property extra_properties
.
wls_setting{'domain':
...
extra_properties => ['wls_server_channel:notes']
...
}
This help text generated from MBean text of the WebLogic server.
Back to overview of wls_server_channel
outbound_certificate_validation
Indicates the server certificate validation rules for outbound SSL. This attribute always applies to outbound SSL that is part of WebLogic Server (that is, an Administration Server talking to the Node Manager). It does not apply to application code in the server that is using outbound SSL unless the application code uses a weblogic.security.SSL.ServerTrustManager
that is configured to use outbound SSL validation.
An example on how to use this:
wls_server_channel {a_wls_server_channel :
...
outbound_certificate_validation => 'a_value'
...
}
This is an extended property. Before you can use it add it to the wls_settings
property extra_properties
.
wls_setting{'domain':
...
extra_properties => ['wls_server_channel:outbound_certificate_validation']
...
}
This help text generated from MBean text of the WebLogic server.
Back to overview of wls_server_channel
outbound_enabled
Specifies whether new server-to-server connections may consider this network channel when initiating a connection. This is only relevant if the connection needs to be bound to the network channel’s listen address. This will only work for binary protocols that support both outbound and inbound traffic. When this feature is not enabled, connections are initiated using a local address selected by the underlying hardware. The default is false. Outbound channels are selected at runtime either by virtue of the fact of being the only outbound-enabled channel for the required protocol, or by name in weblogic.jndi.Environment#setProviderChannel
. The HTTP protocol is implicitly enabled for all the outbound channels, but you need to use the WLS client library (HTTP client) and set the channel on the connection.
An example on how to use this:
wls_server_channel {a_wls_server_channel :
...
outbound_enabled => 1,
...
}
This is an extended property. Before you can use it add it to the wls_settings
property extra_properties
.
wls_setting{'domain':
...
extra_properties => ['wls_server_channel:outbound_enabled']
...
}
This help text generated from MBean text of the WebLogic server.
Valid values are absent
, 1
, 0
.
Back to overview of wls_server_channel
outbound_private_key_alias
The string alias used to store and retrieve the outbound private key in the keystore. This private key is associated with either a server or a client digital certificate. This attribute value is derived from other settings and cannot be physically set. The returned value is determined as follows: <ul> <li>If {@link #isOutboundPrivateKeyEnabled}
and {@link #isChannelIdentityCustomized}
return true, the value from {@link #getCustomPrivateKeyAlias}
is returned. <li> Otherwise, the value from {@link SSLMBean#getOutboundPrivateKeyAlias}
is returned from the {@link ServerMBean}
for the channel. </ul>
An example on how to use this:
wls_server_channel {a_wls_server_channel :
...
outbound_private_key_alias => 'a_value'
...
}
This is an extended property. Before you can use it add it to the wls_settings
property extra_properties
.
wls_setting{'domain':
...
extra_properties => ['wls_server_channel:outbound_private_key_alias']
...
}
This help text generated from MBean text of the WebLogic server.
Back to overview of wls_server_channel
outbound_private_key_enabled
Specifies whether the identity specified by {@link #getCustomPrivateKeyAlias} should be used for outbound SSL connections on this channel. In normal circumstances the outbound identity is determined by the caller’s environment.
An example on how to use this:
wls_server_channel {a_wls_server_channel :
...
outbound_private_key_enabled => 1,
...
}
This is an extended property. Before you can use it add it to the wls_settings
property extra_properties
.
wls_setting{'domain':
...
extra_properties => ['wls_server_channel:outbound_private_key_enabled']
...
}
This help text generated from MBean text of the WebLogic server.
Valid values are absent
, 1
, 0
.
Back to overview of wls_server_channel
outbound_private_key_pass_phrase
The passphrase used to retrieve the outbound private key from the keystore. This passphrase is assigned to the private key when it is generated. This attribute value is derived from other settings and cannot be physically set. The returned value is determined as follows: <ul> <li>If {@link #isOutboundPrivateKeyEnabled}
and {@link #isChannelIdentityCustomized}
return true, the value from {@link #getCustomPrivateKeyPassPhrase}
is returned. <li> Otherwise, the value from {@link SSLMBean#getOutboundPrivateKeyPassPhrase}
is returned from the {@link ServerMBean}
for the channel. </ul>
An example on how to use this:
wls_server_channel {a_wls_server_channel :
...
outbound_private_key_pass_phrase => 'a_value'
...
}
This is an extended property. Before you can use it add it to the wls_settings
property extra_properties
.
wls_setting{'domain':
...
extra_properties => ['wls_server_channel:outbound_private_key_pass_phrase']
...
}
This help text generated from MBean text of the WebLogic server.
Back to overview of wls_server_channel
outboundenabled
The channel outbound enabled on the server
Valid values are absent
, 1
, 0
.
Back to overview of wls_server_channel
private_key_alias
The string alias used to store and retrieve the channel’s private key in the keystore. This private key is associated with the server’s digital certificate. This value is derived from other settings on the channel and cannot be physically set.
An example on how to use this:
wls_server_channel {a_wls_server_channel :
...
private_key_alias => 'a_value'
...
}
This is an extended property. Before you can use it add it to the wls_settings
property extra_properties
.
wls_setting{'domain':
...
extra_properties => ['wls_server_channel:private_key_alias']
...
}
This help text generated from MBean text of the WebLogic server.
Back to overview of wls_server_channel
private_key_pass_phrase
The passphrase used to retrieve the server’s private key from the keystore. This passphrase is assigned to the private key when it is generated. This value is derived from other settings on the channel and cannot be physically set.
An example on how to use this:
wls_server_channel {a_wls_server_channel :
...
private_key_pass_phrase => 'a_value'
...
}
This is an extended property. Before you can use it add it to the wls_settings
property extra_properties
.
wls_setting{'domain':
...
extra_properties => ['wls_server_channel:private_key_pass_phrase']
...
}
This help text generated from MBean text of the WebLogic server.
Back to overview of wls_server_channel
protocol
The server channel protocol.
Valid values are absent
, https
, t3
, snmp
, cluster-broadcast-secure
, ldaps
, cluster-broadcast
, ldap
, http
, iiop
, admin
, t3s
, iiops
.
Back to overview of wls_server_channel
provider
The specific backend to use for this wls_server_channel
resource. You will seldom need to specify this — Puppet will usually discover the appropriate provider for your platform.Available providers are:
- simple
- Manage server channels in an WebLogic domain via regular WLST
Back to overview of wls_server_channel
proxy_address
The IP address or DNS name of the HTTP proxy to use for outbound connections on this channel. The HTTP proxy must support the CONNECT tunneling command. This option is only effective when OutboundEnabled is set on the channel.
An example on how to use this:
wls_server_channel {a_wls_server_channel :
...
proxy_address => 'a_value'
...
}
This is an extended property. Before you can use it add it to the wls_settings
property extra_properties
.
wls_setting{'domain':
...
extra_properties => ['wls_server_channel:proxy_address']
...
}
This help text generated from MBean text of the WebLogic server.
Back to overview of wls_server_channel
proxy_port
The port of the HTTP proxy to use for outbound connections on this channel. The HTTP proxy must support the CONNECT tunneling command. This option is only effective when OutboundEnabled and ProxyHost are set on the channel.
An example on how to use this:
wls_server_channel {a_wls_server_channel :
...
proxy_port => '80'
...
}
This is an extended property. Before you can use it add it to the wls_settings
property extra_properties
.
wls_setting{'domain':
...
extra_properties => ['wls_server_channel:proxy_port']
...
}
This help text generated from MBean text of the WebLogic server.
Back to overview of wls_server_channel
public_address
The IP address or DNS name representing the external identity of this network channel. A value of null indicates that the network channel’s Listen Address is also its external address. If the Listen Address is null,the network channel obtains its external identity from the server’s configuration. This is required for the configurations which need to cross a firewall doing Network Address Translation.
An example on how to use this:
wls_server_channel {a_wls_server_channel :
...
public_address => 'a_value'
...
}
This is an extended property. Before you can use it add it to the wls_settings
property extra_properties
.
wls_setting{'domain':
...
extra_properties => ['wls_server_channel:public_address']
...
}
This help text generated from MBean text of the WebLogic server.
Back to overview of wls_server_channel
public_port
The externally published listen port for this network channel. A value of -1 indicates that the network channel’s Listen Port is also its public listen port. If the Listen Port is -1,the network channel obtains its public listen port from the server’s configuration.
An example on how to use this:
wls_server_channel {a_wls_server_channel :
...
public_port => 'a_value'
...
}
This is an extended property. Before you can use it add it to the wls_settings
property extra_properties
.
wls_setting{'domain':
...
extra_properties => ['wls_server_channel:public_port']
...
}
This help text generated from MBean text of the WebLogic server.
Back to overview of wls_server_channel
publicaddress
The public address of the server channel
Back to overview of wls_server_channel
publicport
The channel public listen port of the server.
Back to overview of wls_server_channel
resolve_dns_name
Resolve the listen address to use for all T3 communication
An example on how to use this:
wls_server_channel {a_wls_server_channel :
...
resolve_dns_name => 1,
...
}
This is an extended property. Before you can use it add it to the wls_settings
property extra_properties
.
wls_setting{'domain':
...
extra_properties => ['wls_server_channel:resolve_dns_name']
...
}
This help text generated from MBean text of the WebLogic server.
Valid values are absent
, 1
, 0
.
Back to overview of wls_server_channel
sdp_enabled
Enables Socket Direct Protocol (SDP) on this channel. Enable this attribute when configuring session replication enhancements for Managed Servers in a WebLogic cluster for Oracle Exalogic.
An example on how to use this:
wls_server_channel {a_wls_server_channel :
...
sdp_enabled => 1,
...
}
This is an extended property. Before you can use it add it to the wls_settings
property extra_properties
.
wls_setting{'domain':
...
extra_properties => ['wls_server_channel:sdp_enabled']
...
}
This help text generated from MBean text of the WebLogic server.
Valid values are absent
, 1
, 0
.
Back to overview of wls_server_channel
server
The server name
Back to overview of wls_server_channel
timeout
Timeout for applying a resource.
To be sure no Puppet operation, hangs a Puppet daemon, all operations have a timeout. When this timeout expires, Puppet will abort the current operation and signal an error in the Puppet run.
With this parameter, you can specify the length of the timeout. The value is specified in seconds. In this example, the timeout
is set to 600
seconds.
wls_server{'my_server':
...
timeout => 600,
}
The default value for timeout
is 120 seconds.
Back to overview of wls_server_channel
timeout_connection_with_pending_responses
Determines if connections with pending responses are allowed to timeout. It defaults to false. If set to true, the connection will be timed out for this channel if it exceeds the idleConnectionTimeout value. Note: This setting only applies to IIOP connections.
An example on how to use this:
wls_server_channel {a_wls_server_channel :
...
timeout_connection_with_pending_responses => 1,
...
}
This is an extended property. Before you can use it add it to the wls_settings
property extra_properties
.
wls_setting{'domain':
...
extra_properties => ['wls_server_channel:timeout_connection_with_pending_responses']
...
}
This help text generated from MBean text of the WebLogic server.
Valid values are absent
, 1
, 0
.
Back to overview of wls_server_channel
tunneling_client_ping_secs
The interval (in seconds) at which this network channel should ping an HTTP-tunneled client to see if its still alive. A value of -1 indicates that the network channel obtains this interval from the ServerTemplateMBean. (Requires you to enable tunneling for the network channel.)
An example on how to use this:
wls_server_channel {a_wls_server_channel :
...
tunneling_client_ping_secs => 'a_value'
...
}
This is an extended property. Before you can use it add it to the wls_settings
property extra_properties
.
wls_setting{'domain':
...
extra_properties => ['wls_server_channel:tunneling_client_ping_secs']
...
}
This help text generated from MBean text of the WebLogic server.
Back to overview of wls_server_channel
tunneling_client_timeout_secs
The amount of time (in seconds) after which this network channel considers a missing HTTP-tunneled client to be dead. A value of -1 indicates that the network channel obtains this timeout value from the ServerTemplateMBean. (Requires you to enable tunneling for the network channel.)
An example on how to use this:
wls_server_channel {a_wls_server_channel :
...
tunneling_client_timeout_secs => 'a_value'
...
}
This is an extended property. Before you can use it add it to the wls_settings
property extra_properties
.
wls_setting{'domain':
...
extra_properties => ['wls_server_channel:tunneling_client_timeout_secs']
...
}
This help text generated from MBean text of the WebLogic server.
Back to overview of wls_server_channel
tunneling_enabled
Specifies whether tunneling via HTTP should be enabled for this network channel. This value is not inherited from the server’s configuration.
An example on how to use this:
wls_server_channel {a_wls_server_channel :
...
tunneling_enabled => 1,
...
}
This is an extended property. Before you can use it add it to the wls_settings
property extra_properties
.
wls_setting{'domain':
...
extra_properties => ['wls_server_channel:tunneling_enabled']
...
}
This help text generated from MBean text of the WebLogic server.
Valid values are absent
, 1
, 0
.
Back to overview of wls_server_channel
tunnelingenabled
The channel tunneling enabled on the server
Valid values are absent
, 1
, 0
.
Back to overview of wls_server_channel
two_way_ssl
Should Two Way SSL be used on the server.
Valid values are absent
, 1
, 0
.
Back to overview of wls_server_channel
two_way_ssl_enabled
Specifies whether this network channel uses two way SSL.
An example on how to use this:
wls_server_channel {a_wls_server_channel :
...
two_way_ssl_enabled => 1,
...
}
This is an extended property. Before you can use it add it to the wls_settings
property extra_properties
.
wls_setting{'domain':
...
extra_properties => ['wls_server_channel:two_way_ssl_enabled']
...
}
This help text generated from MBean text of the WebLogic server.
Valid values are absent
, 1
, 0
.
Back to overview of wls_server_channel
use_fast_serialization
Specifies whether to use non-standard object serialization for performance. This option works in different ways for different protocols. In particular under IIOP this option uses Java serialization rather than RMI-IIOP serialization. In general using non-standard serialization is not suitable for interop scenarios and may imply some feature loss.
An example on how to use this:
wls_server_channel {a_wls_server_channel :
...
use_fast_serialization => 1,
...
}
This is an extended property. Before you can use it add it to the wls_settings
property extra_properties
.
wls_setting{'domain':
...
extra_properties => ['wls_server_channel:use_fast_serialization']
...
}
This help text generated from MBean text of the WebLogic server.
Valid values are absent
, 1
, 0
.