Technical data

ManualsBrandsBEA ManualsComputer equipmentWebLogic Server 7

301

302

303

304

305

306

307

308

309

310

14 Managing Security

14-72 Administration Guide

8. Set the -E option of the ISL command to configure the IIOP Listener/Handler to

detect and utilize the propagated security context from the WebLogic Server

realm. The

-E option of the ISL command requires you to specify a principal

name. The principal name defines the principal used by the WLEC connection

pool to log in to the WebLogic Enterprise domain. The principal name should

match the name defined in the User Name attribute when creating a WLEC

connection pool.

Using certificate authentication between the WebLogic Server environment and the

BEA Tuxedo environment implies performing a new SSL handshake when

establishing a connection from the WebLogic Server environment to a BEA Tuxedo

CORBA object. To support multiple client requests over the same SSL network

connection, you must set up certificate authentication so that it operates as follows:

1. Obtain a digital certificate for the WebLogic Server User and put the private key in

the

TUXDIR/udataobj/security/keys directory of BEA Tuxedo.

2. In the

UBBCONFIG file for the BEA Tuxedo CORBA application, use the

tpusradd command to define the WebLogic Server User as a BEA Tuxedo user.

3. Define the IIOP Listener/Handler in the UBBCONFIG file with the -E option to

indicate the WebLogic Server User is to be used for authentication.

4. Define the WebLogic Server User name in the User Name attribute when creating

a WLEC Connection pool in the Administration Console of WebLogic Server.

5. Obtain a digital certificate for the IIOP Listener/Handler.

6. Specify the digital certificate in the

SEC_PRINCIPAL_NAME option of the ISL

command and use the

-S option to indicate that a secure port should be used for

communication between the BEA Tuxedo domain and the WebLogic Server

security realm.

For more information about the

UBBCONFIG file, see Creating a Configuration File in

the BEA Tuxedo documentation.

For more information about the

corbalocs prefix, see Understanding the Address

Formats of the Bootstrap Object in the BEA Tuxedo documentation.

For information about BEA Tuxedo security levels, see Defining a Security Level in

the BEA Tuxedo documentation.