How to Add Host-Based Authorization in Coherence in a FMW WebLogic Domain?
(Doc ID 2759106.1)
Last updated on MARCH 16, 2021
Applies to:Oracle Coherence - Version 126.96.36.199.0 and later
Oracle WebLogic Server - Version 188.8.131.52.0 and later
Information in this document applies to any platform.
Host-based authorization uses the host name and IP address of a cluster member or extend client to determine whether a connection to the cluster is allowed. Specific host names, addresses, and address ranges can be defined. For custom processing, a custom filter can be created to validate hosts.
Host-based authorization is ideal for environments where known hosts with relatively static network addresses are joining or accessing the cluster. In dynamic environments, or when updating a DNS server, IP addresses can change and cause a
cluster member or extend client to fail authorization. Cache operations may not complete if cluster members or extend clients are no longer authorized. Extend clients are more likely to have access problems because of their transient nature.
When using host-based authorization, consider the dynamic nature of the network environment. The need to reconfigure the list of authorized hosts may become impractical. If possible, always use a range of IP addresses instead of using a specific host name. Or, create a custom filter that is capable of resolving address that have changed. If host-based authorization becomes impractical, consider using extend client identity tokens or SSL.
How to add "Host-Based Authorization" for a Coherence Cluster in a WebLogic domain.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document