glassfish 0.1.1-universal-java-1.5

data/lib/dtds/sun-connector_1_5-0.dtd

@@ -0,0 +1,62 @@
+
+<!ENTITY % boolean "(yes | no | on | off | 1 | 0 | true | false)">
+
+<!-- Each deployed Resource Adapter (RAR) Module, will have ias-ra.xml 
+     associated with it, which specifies several dynamic configuration 
+     properties. Key aspects are pool sizing and security role maps.
+ -->
+<!ELEMENT sun-connector (resource-adapter, role-map?)>
+
+<!-- Resource adapter configuration 
+
+     jndi-name          name by which, this adapter will appear in JNDI tree
+     max-pool-size      maximum size of connection to EIS
+     steady-pool-size   initial and minimum number of connections to be maintained
+     max-wait-in-millis if a connection is not readily found, caller will have to 
+                        wait this long, before a connection is created. A value of
+                        0 implies, wait till a connection becomes available. If the
+                        pool is completely utilized and the timer expires, an 
+                        exception will be delivered to the application.
+
+     idle-timeout-in-seconds A timer thread periodically removed unused connections.
+                             The interval at which this thread runs. All idle 
+                             connections will be removed, while mainataining
+                             the configured steady-pool-size.
+-->
+<!ELEMENT resource-adapter (description?, property*)>
+<!ATTLIST resource-adapter jndi-name                        CDATA     #REQUIRED
+                           max-pool-size                    CDATA     "32"
+                           steady-pool-size                 CDATA     "4" 
+                           max-wait-time-in-millis          CDATA     "10000" 
+                           idle-timeout-in-seconds          CDATA     "1000">
+
+<!-- Perform mapping from principal received during Servlet/EJB 
+     authentication, to credentials accepted by the EIS. This 
+     mapping is optional. The map consists of several 2-tuples
+     map-id is the name of the mapping
+ -->
+<!ELEMENT role-map (description?, map-element*)>
+<!ATTLIST role-map map-id   CDATA  #REQUIRED>
+                
+
+<!-- It is possible to map multiple (server) principal to the 
+     same backend principal. 
+-->
+<!ELEMENT map-element (principal+, backend-principal)>
+
+<!-- Principal of the Servlet and EJB client -->
+<!ELEMENT principal (description?)>
+<!ATTLIST principal user-name CDATA #REQUIRED>
+ 
+<!-- Backend EIS principal -->
+<!ELEMENT backend-principal EMPTY> 
+<!ATTLIST backend-principal user-name  CDATA #REQUIRED
+                            password   CDATA #REQUIRED
+                            credential CDATA #REQUIRED>
+
+<!ELEMENT description (#PCDATA)>
+
+<!-- Syntax for supplying properties as name value pairs -->
+<!ELEMENT property EMPTY>
+<!ATTLIST property name  CDATA  #REQUIRED
+                   value CDATA  #REQUIRED>

data/lib/dtds/sun-domain_1_0.dtd

@@ -0,0 +1,2007 @@
+<?xml version='1.0' encoding='UTF-8' ?>
+
+<!--
+ The contents of this file are subject to the terms 
+ of the Common Development and Distribution License 
+ (the "License").  You may not use this file except 
+ in compliance with the License.
+ 
+ You can obtain a copy of the license at 
+ glassfish/bootstrap/legal/CDDLv1.0.txt or 
+ https://glassfish.dev.java.net/public/CDDLv1.0.html. 
+ See the License for the specific language governing 
+ permissions and limitations under the License.
+ 
+ When distributing Covered Code, include this CDDL 
+ HEADER in each file and include the License file at 
+ glassfish/bootstrap/legal/CDDLv1.0.txt.  If applicable, 
+ add the following below this CDDL HEADER, with the 
+ fields enclosed by brackets "[]" replaced with your 
+ own identifying information: Portions Copyright [yyyy] 
+ [name of copyright owner]
+-->
+
+<!-- ENTITY Definitions for the dtd -->
+
+<!ENTITY % boolean "(yes | no | on | off | 1 | 0 | true | false)">
+
+<!ENTITY % isolation "(read-uncommitted | read-committed | repeatable-read | serializable)">
+
+<!ENTITY % validation-level "(full | parsing | none)">
+
+<!--
+object-type  defines the type of the resource. It can be:
+    system-all       These are system resources for all instances and DAS
+    system-admin     These are system resources only in DAS
+    system-instance  These are system resources only in instances (and not DAS)
+    user             User resources (This is the default for all elements)
+-->
+<!ENTITY % object-type "(system-all | system-admin | system-instance | user)">
+
+<!-- SE/EE related ENTITIES: This will define the available JSR 160 connector 
+     transport protocols.
+-->
+<!ENTITY % rjmx-protocol "(jmxmp)">
+
+<!--
+monitoring-level controls the amount of monitoring data collected 
+and exposed to clients
+   OFF: no monitoring/statistical data is exposed to the clients. 
+   LOW: SE/EE only
+   HIGH: maximum data is gathered and released.
+-->
+<!ENTITY % monitoring-level "(OFF|LOW|HIGH)">
+
+<!-- SE/EE related ENTITIES -->
+<!ENTITY % persistence-type "(memory | file | ha | jdbc-oracle | jdbc-pointbase | custom)">
+<!ENTITY % checkpoint-location "(end-of-method | end-of-transaction)">
+<!ENTITY % session-save-frequency "(web-method | timer | synch)">
+<!ENTITY % session-save-scope "(session | modified-session | modified-attribute)" >
+
+<!-- 
+ Top level Domain Element that includes applications, resources, configs, servers, 
+            clusters and node-controllers, load balancer configurations and load balancers.
+            node-controllers and load balancers are SE/EE related entities only.
+ 
+    application-root    for PE this defines the location where applications are 
+                        deployed
+    
+     log-root          specifies where the server instance's log files are kept,
+                       including HTTP access logs, server logs, and transaction 
+                       logs. Default is $INSTANCE-ROOT/logs
+
+    locale              If present, overrides OS locale setting.
+ -->
+<!ELEMENT domain (applications?, resources? , configs, servers, clusters?,
+                        node-controllers?, lb-configurations?, loadbalancers?,
+			property* )>
+<!ATTLIST  domain application-root CDATA  #IMPLIED
+                  log-root         CDATA  #IMPLIED
+		  locale	   CDATA  #IMPLIED>
+
+<!-- Aggregation elements that includes 0 or more of its types. 
+
+    configs: for PE there will be only a single named configuration
+    servers: for PE there will be only a single named server instance
+    clusters: SE/EE only
+    node-controllers: SE/EE only
+    lb-configurations: SE/EE only
+    loadbalancers: SE/EE only
+-->
+<!ELEMENT configs (config+)>
+<!ELEMENT servers (server*)>
+<!ELEMENT clusters (cluster*)>
+<!ELEMENT node-controllers (node-controller*)>
+<!ELEMENT lb-configurations (lb-configuration*)>
+<!ELEMENT loadbalancers (loadbalancer*)>
+
+
+<!--- APPLICATIONS SECTION -->
+
+<!-- Various types of applications that can be deployed on Sun ONE Application 
+     Server instance
+
+     applications-dir specifies an absolute path to where deployed 
+     applications will reside for this instance. The default location
+     is $INSTANCE-ROOT/applications 
+
+  -->
+<!ELEMENT applications ((lifecycle-module | j2ee-application | ejb-module | 
+                        web-module | connector-module | appclient-module)*)>
+
+<!-- 
+     Server Lifecycle Listener Modules 
+
+     name       unqiue identifier for the deployed server lifecycle event 
+                listener module. 
+     class-name fully qualified name of the startup class.
+     classpath  where this module is actually located, if it is not under 
+                applications-root
+     load-order integer value that can be used to force the order in which deployed 
+                lifecycle modules are loaded at server start up. Smaller numbered
+                modules get loaded sooner. Order is unspecified if two or more 
+                lifecycle modules have the same load-order value.
+     is-failure-fatal, if true, aborts server start up if this module does not 
+                load properly.
+     enabled    boolean attribute. If set to "false" this module will not be 
+                loaded at server start up.
+-->
+<!ELEMENT lifecycle-module (description? , property*)>
+
+<!ATTLIST lifecycle-module  name             CDATA  #REQUIRED
+                              class-name       CDATA  #REQUIRED
+                              classpath        CDATA  #IMPLIED
+                              load-order       CDATA  #IMPLIED
+                              is-failure-fatal %boolean; "false" 
+                              enabled          %boolean; "true">
+
+                              
+<!-- j2ee-application and ejb-module attributes
+-->
+<!ELEMENT j2ee-application (description?)>
+<!ATTLIST j2ee-application    name            CDATA  #REQUIRED
+                              location        CDATA  #REQUIRED
+                              object-type   %object-type; "user"
+                              enabled          %boolean; "true">
+
+<!ELEMENT ejb-module (description?)>
+<!ATTLIST ejb-module  name     CDATA  #REQUIRED
+                        location CDATA  #REQUIRED 
+                        object-type   %object-type; "user"
+                        enabled          %boolean; "true">
+                              
+<!ELEMENT web-module (description?)>
+<!ATTLIST web-module  name            CDATA  #REQUIRED
+                        context-root    CDATA  #REQUIRED
+                        location        CDATA  #REQUIRED
+                        object-type   %object-type; "user"
+                        enabled          %boolean; "true">
+
+
+<!ELEMENT connector-module (description?)>
+<!ATTLIST connector-module  name            CDATA           #REQUIRED
+                            location        CDATA           #REQUIRED 
+                            object-type   %object-type; "user"
+                            enabled          %boolean; "true">
+
+
+<!ELEMENT appclient-module (description?)>
+<!ATTLIST appclient-module  name                      CDATA     #REQUIRED
+                    location                  CDATA     #REQUIRED>
+
+
+<!--- RESOURCES SECTION -->                                        
+       
+<!-- J2EE Applications look up resources registered with the 
+     Application server, using portable JNDI names.
+-->
+<!ELEMENT resources ((custom-resource | external-jndi-resource | jdbc-resource |
+     mail-resource | persistence-manager-factory-resource |
+      admin-object-resource | connector-resource |  resource-adapter-config |
+        jdbc-connection-pool | connector-connection-pool)*)>
+
+
+<!-- Textual description of a configured entity -->
+<!ELEMENT description (#PCDATA)>
+
+<!-- custom (or generic) resource managed by a user-written factory class. -->
+<!ELEMENT custom-resource (description? , property*)>
+
+<!-- 
+   JNDI name for generic resource, the fully qualified type of the resource 
+   and whether it is enabled at runtime 
+-->
+<!ATTLIST custom-resource jndi-name     CDATA  #REQUIRED
+                          res-type      CDATA  #REQUIRED
+                          factory-class CDATA  #REQUIRED
+                          enabled          %boolean; "true">
+
+<!-- resource residing in an external JNDI repository -->
+<!ELEMENT external-jndi-resource (description? , property*)>
+
+<!ATTLIST external-jndi-resource  jndi-name        CDATA  #REQUIRED
+                                    jndi-lookup-name CDATA  #REQUIRED
+                                    res-type         CDATA  #REQUIRED
+                                    factory-class    CDATA  #REQUIRED 
+                                    enabled          %boolean; "true">
+                                    
+<!-- JDBC javax.sql.(XA)DataSource resource definition -->
+<!ELEMENT jdbc-resource (description? , property*)>
+
+<!ATTLIST jdbc-resource    jndi-name      CDATA #REQUIRED
+                           pool-name CDATA  #REQUIRED 
+			   object-type   %object-type; "user"
+                           enabled          %boolean; "true">
+
+<!-- The mail-resource element describes a javax.mail.Session resource -->
+<!ELEMENT mail-resource (description? , property*)>
+
+<!ATTLIST mail-resource    jndi-name                CDATA  #REQUIRED
+                           store-protocol           CDATA  "imap"
+                           store-protocol-class     CDATA  "com.sun.mail.imap.IMAPStore"
+                           transport-protocol       CDATA  "smtp"
+                           transport-protocol-class CDATA  "com.sun.mail.smtp.SMTPTransport"
+                           host                     CDATA  #REQUIRED
+                           user                     CDATA  #REQUIRED
+                           from                     CDATA  #REQUIRED
+                           debug                    %boolean;    "false" 
+                           enabled          %boolean; "true">
+<!-- 
+     Persistence Manager runtime configuration.
+
+     jndi-name                     JNDI name for this resource
+     jdbc-resource-jndi-name:      jdbc resource with which database connections 
+                                   are obtained. 
+                                   must be the name of one of pre-created jdbc resources.
+     factory-class:                Class that creates persistence manager instance. 
+-->
+<!ELEMENT persistence-manager-factory-resource (description? , property*)>
+
+<!ATTLIST persistence-manager-factory-resource
+      jndi-name               CDATA  #REQUIRED
+      factory-class           CDATA  
+          "com.sun.jdo.spi.persistence.support.sqlstore.impl.PersistenceManagerFactoryImpl"
+      jdbc-resource-jndi-name CDATA  #IMPLIED 
+      enabled          %boolean; "true">
+
+<!-- The admin-object-resource element describes a administered object for a inbound
+     resource adapter.
+     jndi-name          JNDI name for this resource
+     res-type           Interface definition for the administered object
+     res-adapter        Name of the inbound resource adapter.
+-->
+<!ELEMENT admin-object-resource (description?, property*)>
+<!ATTLIST admin-object-resource  jndi-name     CDATA  #REQUIRED
+                                 res-type      CDATA  #REQUIRED
+                                 res-adapter   CDATA  #REQUIRED
+                                 enabled          %boolean; "true">
+
+<!ELEMENT connector-resource (description?, property*)>
+<!ATTLIST connector-resource  jndi-name          CDATA #REQUIRED
+                              pool-name      CDATA  #REQUIRED
+                              object-type   %object-type;  "user"
+                              enabled          %boolean; "true">
+               
+   <!--
+     This element is for configuring the resource adapter. These values
+     (properties) over-rides the default values present in ra.xml.
+     The name attribute has to be  unique . It is optional for PE. It is
+     used mainly for EE.
+-->
+
+<!ELEMENT resource-adapter-config (property*)>
+<!ATTLIST resource-adapter-config      name CDATA #IMPLIED
+                thread-pool-ids CDATA  #IMPLIED
+                resource-adapter-name CDATA #REQUIRED>
+                                                   
+<!-- CONFIGS SECTION -->                    
+<!-- 
+    The configuration defines the configuration of a server instance that 
+    can be shared by other server instances. The availability-service and 
+    quorum-service are SE/EE only.
+-->
+<!ELEMENT config (http-service, iiop-service, admin-service, 
+                    web-container, ejb-container, mdb-container, 
+                    jms-service?, log-service, security-service, 
+                    transaction-service, monitoring-service, java-config ,  
+                    availability-service? , quorum-service?,
+                    thread-pools, property*)>
+
+<!ATTLIST config  name CDATA  #REQUIRED>
+                  
+
+<!-- HTTP service configuration -->
+<!ELEMENT http-service ((http-listener | virtual-server)* , 
+                        property*)>
+
+                          
+<!-- Configure HTTP listener
+
+    id     Unique identifier for http listener.
+
+    address IP address of the listen socket. Can be in dotted-pair or IPv6 notation. 
+            Can also be any for INADDR-ANY. Configuring a listen socket to listen on 
+            any is required if more than one http-listener is configured to it. 
+
+    port    Port number to create the listen socket on. Legal values are 1 - 65535. 
+            On Unix, creating sockets that listen on ports 1 - 1024 requires
+            superuser privileges. Configuring an SSL listen socket to listen on 
+            port 443 is recommended. 
+
+    security-enabled (optional) Determines whether the http listener runs SSL. You can 
+                     turn SSL2 or SSL3 on or off and set ciphers using an ssl element 
+                     The Security setting in the init.conf file globally enables or disables 
+                     SSL by making certificates available to the server instance. Therefore, 
+                     Security in init.conf must be on or security in server.xml does not 
+                     work. 
+
+    acceptor-threads (optional) Number of acceptor threads for the listen socket. 
+                     The recommended value is the number of processors in the machine. 
+
+    default-virtual-server The id attribute of the default virtual server for this 
+                           particular connection group. 
+
+    server-name Tells the server what to put in the host name section of any URLs 
+                it sends to the client. This affects URLs the server automatically generates;
+                it doesn't affect the URLs for directories and files stored in the server. 
+                This name should be the alias name if your server uses an alias. 
+                If you append a colon and port number, that port will be used in URLs 
+                the server sends to the client. 
+
+    xpowered-by The Servlet 2.4 spec defines a special X-Powered-By: Servlet/2.4
+                header, which containers may add to servlet-generated responses. This 
+                is complemented by the JSP 2.0 spec, which defines a X-Powered-By: JSP/2.0
+                header to be added (on an optional basis) to responses utilizing JSP technology.
+                The goal of these headers is to aid in gathering statistical data
+                about the use of Servlet and JSP technology. If true, these headers will
+                be added.
+
+    redirect-port if the connector is supporting non-SSL requests and a request is received
+                  for which a matching <security-constraint> requires SSL transport
+                  catalina will automatically redirect the request to the port number
+                  specified here
+-->
+<!ELEMENT http-listener (ssl?, property*)>
+<!ATTLIST http-listener    id                     CDATA  #REQUIRED
+                           address                CDATA  #REQUIRED
+                           port                   CDATA  #REQUIRED
+                           acceptor-threads       CDATA  "1"
+                           security-enabled       %boolean; "false"              
+                           default-virtual-server CDATA  #REQUIRED
+                           server-name            CDATA  #REQUIRED
+                           redirect-port            CDATA  #IMPLIED
+			   xpowered-by	          %boolean; "true"
+                           enabled                %boolean; "true"  >
+<!-- Define SSL processing parameters
+
+     cert-nickname nickname of the server certificate in the certificate database
+                   or the PKCS#11 token. In the certificate, the name format is
+                   tokenname:nickname. Including the tokenname: part of the name
+                   in this attribute is optional.
+
+     ssl2-enabled  (optional) Determines whether SSL2 is enabled.
+
+     ssl3-enabled  (optional) Determines whether SSL3 is enabled.
+
+                   If both SSL2 and SSL3 are enabled for a virtual server, the server
+                   tries SSL3 encryption first. If that fails, the server tries SSL2
+                   encryption.
+
+     ssl2-ciphers  (optional) A comma-separated list of the SSL2 ciphers used, with
+                   the prefix + to enable or - to disable, for example +rc4. Allowed
+                   values are rc4, rc4export, rc2, rc2export, idea, des, desede3.
+                   If no value is specified, all supported ciphers are assumed to
+                   be enabled.
+
+     ssl3-tls-ciphers (optional) A comma-separated list of the SSL3 ciphers used, with
+                      the prefix + to enable or - to disable, for example +rsa-des-sha.
+                      Allowed SSL3 values are rsa-rc4-128-md5, rsa3des-sha, rsa-des-sha,
+                      rsa-rc4-40-md5, rsa-rc2-40-md5, rsa-null-md5. Allowed TLS values
+                      are rsa-des-56-sha, rsa-rc4-56-sha. If no value is specified,
+                      all supported ciphers are assumed to be enabled.
+
+     tls-enabled     (optional) Determines whether TLS is enabled.
+
+     tls-rollback-enabled  (optional) Determines whether TLS rollback is enabled. TLS
+                           rollback should be enabled for Microsoft Internet Explorer
+                           5.0 and 5.5.
+
+     client-auth-enabled   (optional) Determines whether SSL3 client authentication is
+                          performed on every request, independent of ACL-based access
+                          control.
+-->
+
+<!ELEMENT ssl EMPTY>
+<!ATTLIST ssl  cert-nickname        CDATA  #REQUIRED
+                 ssl2-enabled         %boolean; "false"
+                 ssl2-ciphers         CDATA  #IMPLIED
+                 ssl3-enabled         %boolean; "true"
+                 ssl3-tls-ciphers     CDATA  #IMPLIED
+                 tls-enabled          %boolean; "true"
+                 tls-rollback-enabled %boolean; "true"
+                 client-auth-enabled  %boolean; "false"  >
+
+<!-- Configuration of Virtual Server
+  
+     Virtualization in Application Server allows multiple URL domains to be served by 
+     the same HTTP server process, which is listening on multiple host addresses If 
+     an application is available at two virtual servers, they still share same physical 
+     resource pools, such as JDBC connection pools.
+
+     Sun ONE Application Server allows a list of virtual servers, to be specified 
+     along with web-module and j2ee-application elements. This establishes an 
+     association between URL domains, represented by the virtual server and the web 
+     modules (standalone web modules or web modules inside the ear file)
+
+     id          Virtual server ID. This is a unique ID that allows lookup of a 
+                 specific virtual server. Can also be referred to as the 
+                 variable $id in an obj.conf file. A virtual server ID cannot 
+                 begin with a number. 
+
+     http-listeners  (optional) A comma-separated list of http-listener id(s),
+                     Required only for a Virtual Server that is not the default 
+                     virtual server. 
+
+     default-web-module (optional) stand alone web module associated with this 
+                        virtual server by default.
+
+
+     hosts              A comma-separated list of values allowed in the Host request 
+                        header to select the current virtual server. Each Virtual Server 
+                        that is configured to the same Connection Group must have a 
+                        unique hosts value for that group. 
+
+     state              (optional) Determines whether a Virtual Server is active 
+                        (on) or inactive (off, disable). The default is on (active). 
+                        When inactive, a Virtual Server does not service requests. 
+                        If a Virtual Server is disabled, only the server administrator 
+                        can turn it on. 
+
+     log-file           (optional) Specifies a log file for virtual-server-specific 
+                        log messages. If this is not specified, log messages go to
+                        $LOG-ROOT/server.log 
+
+-->
+<!ELEMENT virtual-server (property*)>
+
+<!ATTLIST virtual-server  id                 CDATA  #REQUIRED
+                            http-listeners     CDATA  #IMPLIED
+                            default-web-module CDATA  #IMPLIED
+                            hosts              CDATA  #REQUIRED
+                            state               (on | off | disabled )  "on"
+                            log-file           CDATA  #IMPLIED >
+
+<!-- ORB underlies the EJB container. Requests for EJBs from Application Client 
+     Container(s) or from another EJB interoperability capable J2EE Container(s) 
+     are serviced by iiop listener(s). One non-SSL iiop listener can be configured.
+     SSL support may require up to two SSL secured IIOP listeners to be configured: 
+     Server Authentication only, Mutual Authentication only, or both.
+
+     ssl-client-config element specifies the SSL configuration when the Application 
+     Server is making outbound IIOP/SSL connections.
+
+     By default, a server instance will configure non-secure IIOP access.
+     Administrator can create and configure IIOP/SSL listener(s).
+
+     client-authentication-required if true, the server will reject unauthenticated requests.  
+                                    It will also insert an "Authentication required"
+                                    bit in IORs sent to clients.
+-->
+
+<!ELEMENT iiop-service (orb , ssl-client-config? , iiop-listener*)>
+<!ATTLIST iiop-service  client-authentication-required  %boolean; "false">
+
+<!-- Orb Configuration properties 
+
+     message-fragment-size           GIOPv1.2 messages larger than this will get fragmented.
+     max-connections                 maximum number of incoming connections, on all listeners
+     use-thread-pool-ids             This would refer to the thread-pool-id(s) defined in 
+                                     the thread-pool sub-element of thread-pool-config 
+                                     element in server.xml. These would be the threadpool(s) 
+                                     used by the ORB. More than one thread-pool-id(s) could 
+                                     be specified by using commas to separate
+                                     the names e.g. "orb-thread-pool-1, orb-thread-pool-2"
+-->
+<!ELEMENT orb (property*)>
+
+<!ATTLIST orb    use-thread-pool-ids            CDATA         #REQUIRED
+		 message-fragment-size          CDATA  "1024"
+                 max-connections                CDATA  "1024">
+
+<!-- Client SSL Configuration -->
+<!ELEMENT ssl-client-config (ssl)>
+
+<!-- IIOP Listener Configuration.
+  
+     ssl             element specifies optional SSL configuration 
+     id              unique identifier for this listener.
+     address         ip address or hostname (resolvable by DNS) 
+     port            port number
+  security-enabled   Determines whether the iiop listener runs SSL. You can
+                     turn SSL2 or SSL3 on or off and set ciphers using an ssl element
+     enabled         if false, a configured listener, is disabled
+-->
+<!ELEMENT iiop-listener (ssl? , property*)>
+
+<!ATTLIST iiop-listener  id      CDATA  #REQUIRED
+                           address CDATA  #REQUIRED
+                           port    CDATA  "1072"
+                           security-enabled       %boolean; "false"
+                           enabled         %boolean; "true"  >
+
+
+<!-- 
+
+Admin Service exists in every instance. It is the configuration for either
+ a normal server, DAS or PE instance.
+
+    type     an instance can either be of type:
+             das: Domain Administration Server in SE/EE
+	     server: Any non-DAS instance in SE/EE
+	     das-and-server: DAS with Deployment (PE case)
+    system-jmx-connector-name   SE/EE only. Defines the name of the internally
+                                used jmx-connector.
+
+-->
+<!ELEMENT admin-service (jmx-connector*, das-config?, property* )>
+<!ATTLIST admin-service type            (das|das-and-server|server) "server" 
+			system-jmx-connector-name    CDATA #IMPLIED>
+
+<!-- SE/EE only. The jmx-connector element defines the configuration of a JSR 160 compliant 
+	remote JMX Connector.
+        name            name of jmx connector used for identification
+        protocol	Defines the protocol that this jmx-connector should 
+			support.  Supported protocols are defined by Entity 
+			rjmx-protocol. Sun ONE AS 8.0 supports "jmxmp" protocol. 
+			For other protocols supported, refer to documentation.
+                        
+	address 	Specifies the IP address or host-name.
+	port 		Specifies the port of the jmx-connector-server.
+			Note that jmx-service-uRL is a function of protocol, port
+			and address as defined by the JSR 160 1.0 Specification.
+	accept-all 	Determines whether the connection can be made on all the 
+			value of false implies that the connections only for 
+			this specific address will be selected. 
+    auth-realm-name             The name of the auth-realm in this config element that represents the special
+                                administrative realm. All authentication (from administraive GUI and CLI) will
+                                be handled by this realm.
+	security-enabled Decides whether the transport layer security be used in
+			jmx-connector. If true, configure the ssl element. 
+
+        Used in: admin-service.
+-->
+<!ELEMENT jmx-connector (ssl?, property*)>
+
+<!ATTLIST jmx-connector  name                   CDATA           #REQUIRED
+                         protocol 		%rjmx-protocol;	"jmxmp"
+                         address  		CDATA		#REQUIRED
+                         port			CDATA		#REQUIRED
+                         accept-all		%boolean;	"false"
+                         auth-realm-name        CDATA           #REQUIRED
+                         security-enabled	%boolean;	"true">
+                                          
+<!--
+
+dynamic-reload-enabled when true, server checks timestamp on a .reload
+                       file at every module and application directory level to trigger 
+                       reload. polling frequency is controlled by 
+                       reload-poll-interval-in-seconds
+
+autodeploy-enabled      This will enable the autodeployment service. If true, the 
+                        service will automatically starts with the admin-server. 
+                        Auto Deployment is a feature that enables developers to quickly 
+                        deploy applications and modules to a running application server 
+                        withoutrequiring the developer to perform an explicit application 
+                        server restart or separate deployment operation.
+
+autodeploy-polling-interval-in-seconds   The polling interval (in seconds), at the end of 
+                        which autodeployment service will  scan the source directory 
+                        (specified by "autodeploy-dir" tag) for any new deployable component.
+
+autodeploy-dir     The source directory (relative to instance root) from which autodeploy 
+                   service will  pick  deployable components. You can also specify an 
+                   absolute directory.
+
+autodeploy-verifier-enabled    To enable/disable verifier, during auto-deployment. If true, 
+                               verification will be done before any deployment activity. 
+                               In the event of any verifier test failure, deployment is 
+                               not  performed.
+
+
+autodeploy-jsp-precompilation-enabled  If true, JSPs will be pre compiled during 
+                                       deployment of the war module(s).
+
+deploy-xml-validation    specifies if descriptor validation is required or not.
+                         full: xml will be validated and in case of xml validation errors, 
+                               deployment will fail.
+                         parsing: xml errors will be reported but deployment process will continue.
+                         none: no xml validation will be perfomed on the standard or 
+                               runtime deployment descriptors. 
+
+admin-session-timeout-in-minutes    timeout in minutes indicating the administration gui session timeout.
+
+--> 
+<!ELEMENT das-config (property*)>
+<!ATTLIST das-config         dynamic-reload-enabled %boolean; "false" 
+                             dynamic-reload-poll-interval-in-seconds CDATA '2'
+                             autodeploy-enabled %boolean; "false"
+                             autodeploy-polling-interval-in-seconds CDATA '30'
+                             autodeploy-dir CDATA "autodeploy"    
+                             autodeploy-verifier-enabled %boolean; "false"      
+                             autodeploy-jsp-precompilation-enabled %boolean;"false"     
+                             deploy-xml-validation %validation-level; "full" 
+                             admin-session-timeout-in-minutes CDATA #IMPLIED >
+
+
+<!-- SE/EE only. needs explanation TBD -->
+<!ELEMENT web-container (session-config?, property*)>
+
+<!ELEMENT session-config (session-manager?, session-properties?)>
+<!ELEMENT session-manager (manager-properties?, store-properties?)>
+<!ELEMENT manager-properties (property*)>
+<!ATTLIST manager-properties session-file-name CDATA #IMPLIED
+                             reap-interval-in-seconds CDATA #IMPLIED
+                             max-sessions CDATA #IMPLIED
+                             session-id-generator-classname CDATA #IMPLIED>
+
+<!ELEMENT store-properties (property*)>
+<!ATTLIST store-properties directory CDATA #IMPLIED
+                           reap-interval-in-seconds CDATA #IMPLIED>
+
+<!ELEMENT session-properties (property*)>
+<!ATTLIST session-properties timeout-in-seconds CDATA #IMPLIED>
+
+                         
+<!-- 
+    Configuration of EJB Container. Properties apply to all beans in all deployed 
+    applications, unless different parameters are specified in Sun ONE Application Server 
+    specific deployment descriptors. Applicability is indicated in middle column, using 
+    the following acronyms:
+
+    slsb  - stateless session bean 
+    sfsb  - stateful session bean 
+    eb    - entity bean (incl. read-only)
+
+    steady-pool-size            slsb,eb    number of bean instances normally maintained in pool. When a pool 
+                                           is first created, it will be populated with size equal to 
+                                           steady-pool-size. When an instance is removed from the pool, it 
+                                           is replenished asynchronously, so that the pool size is at 
+                                           or above the steady-pool-size. This additions will be in multiples
+                                           of pool-resize-quantity. When a bean is disassociated from a 
+                                           method invocation, it is put back in the pool, subject to 
+                                           max-pool-size limit. If the max pool size is exceeded the bean 
+                                           id destroyed immediately. A pool cleaning thread, executes at 
+                                           an interval defined by pool-idle-timeout-in-seconds. This thread 
+                                           reduces the pool size to steady-pool-size, in steps defined by 
+                                           pool-resize-quantity. If the pool is empty, the required object 
+                                           will be created and returned immediately. This prevents threads
+                                           from blocking till the pool is replenished by the background
+                                           thread. steady-pool-size must be greater than 1 and at most equal
+                                           to the max-pool-size. 
+
+    max-pool-size               slsb,eb    maximum size, a pool can grow to. A value of 0 implies 
+                                           an unbounded pool. Unbounded pools eventually shrink to the 
+                                           steady-pool-size, in steps defined by pool-resize-quantity. 
+
+    pool-resize-quantity        slsb,eb    size of bean pool grows (shrinks) in steps specified by 
+                                           pool-resize-quantity, subject to max-pool-size (steady-pool-size) limit.
+
+                                           Pool is resized when the pool cleaner thread runs. This rate at which 
+                                           this thread runs is defined by pool-idle-timeout-in-seconds 
+
+					   pool-resize-quantity must be greater 1 and less than max-pool-size.
+                                           pool will never be resized below the steady pool size.
+
+    pool-idle-timeout-in-seconds  slsb,eb  defines the rate at which the pool cleaning thread is executed.
+                                           this thread checks if current size is greater than steady pool 
+                                           size, it removes pool-resize-quantity elements. If the current 
+                                           size is less than steady-pool-size it is increased by 
+                                           pool-resize-quantity, with a ceiling of 
+                                           min (current-pool-size+pool + resize-quantity, max-pool-size)
+                                           Only objects that have not been accessed for more than 
+                                           pool-idle-timeout-in-seconds are candidates for removal.
+
+    cache-resize-quantity       eb,sfsb    Cache elements have identity, hence growth is in unit steps
+                                           and created on demand. Shrinking of cache happens 
+
+                                           when cache-idle-timeout-in-seconds timer expires and a cleaner 
+                                           thread passivates beans which have been idle for longer than 
+                                           cache-idle-timeout-in-seconds. All idle instances are passivated at once.
+                                           cache-resize-quantity does not apply in this case.
+
+                                           when max cache size is reached, an asynchronous task is created 
+                                           to bring the size back under the max-cache-size limit. This task 
+                                           removes cache-resize-quantity elements, consulting the 
+                                           victim-selection-policy. 
+
+                                           Must be greater than 1 and less than max-cache-size.
+
+    max-cache-size              sfsb,eb    specifies the maximum number of instances that can be cached.
+                                           For entity beans, internally two caches are maintained for 
+                                           higher concurrency: (i) Ready (R$) (ii) Active in an Incomplete 
+                                           Transaction (TX$). The TX$ is populated with instances from R$ 
+                                           or from the Pool directly. When an instance in TX$ completes the 
+                                           transaction, it is placed back in the R$ (or in pool, in case an 
+                                           instance with same identity already is in R$). max-cache-size 
+                                           only specifies the upper limit for R$. The container computes 
+                                           an appropriate size for TX$.
+
+    cache-idle-timeout-in-seconds eb       specifies the rate at which the cache cleaner thread is scheduled.
+                                           All idle instances are passivated at once.
+
+    removal-timeout-in-seconds    sfsb     Instance is removed from cache or passivation store, if it is 
+                                           not accesed within this time. All instances that can be removed, 
+                                           will be removed.
+
+    victim-selection-policy       sfsb     Victim selection policy  when cache needs to shrink. fifo method 
+                                           picks victims, oldest instance first. lru algorithm picks least 
+                                           recently accessed instances.  nru policy tries to pick 
+                                           "not recently used" instances and is a pseudo-random selection 
+                                           process. Victims are passivated. Entity Bean Victims are selected 
+                                           always using fifo discipline. Does not apply to slsb because it 
+                                           does not matter, which particular instances are removed. 
+
+
+    commit-option                 eb	   Entity Beans caching is controlled by this setting. Commit Option 
+                                           C implies that no caching is performed in the container. 
+
+
+    Above defaults, apply only if they are not specified in vendor specific Bean Deployment Descriptors.
+
+
+ The ejb-timer-service element contains the configuration for the
+    ejb timer service.  There is at most one ejb timer service per
+    server instance.
+
+     session-store     specifies the directory where passivated beans and 
+                       persisted HTTP sessions are stored on the file system. 
+                       Defaults to $INSTANCE-ROOT/session-store 
+  
+-->
+<!ELEMENT ejb-container (ejb-timer-service?, property*)>
+
+<!ATTLIST ejb-container  steady-pool-size              CDATA  "32"
+                           pool-resize-quantity          CDATA  "16"
+                           max-pool-size                 CDATA  "64"
+                           cache-resize-quantity         CDATA  "32"
+                           max-cache-size                CDATA  "512"
+                           pool-idle-timeout-in-seconds  CDATA  "600"
+                           cache-idle-timeout-in-seconds CDATA  "600"
+                           removal-timeout-in-seconds    CDATA  "5400"
+                           victim-selection-policy        (fifo | lru | nru )  "nru"
+                           commit-option                  (B | C )  "B"
+                           session-store    CDATA  #IMPLIED>
+
+<!--
+    Configuration for ejb timer service.
+
+    "minimum-delivery-interval-in-millis" is the minimum number of milliseconds
+    allowed before the next timer expiration for a particular timer can occur.
+    It guards against extremely small timer increments that can overload
+    the server.
+
+    "max-redeliveries" is the maximum number of times the ejb timer service
+    will attempt to redeliver a timer expiration due to exception or
+    rollback.   The minimum value is 1, per the ejb specification.
+
+    "timer-datasource" overrides the cmp-resource (jdbc/__TimerPool) specified 
+    in sun-ejb-jar.xml of (__ejb_container_timer_app) of the timer service 
+    system application. By default this is set to jdbc/__TimerPool, but 
+    can be overridden for the cluster or server instance, if they choose to.
+
+    "redelivery-interval-in-millis"  is the number of milliseconds the ejb
+    timer service will wait after a failed ejbTimeout delivery before
+    attempting a redelivery.
+
+-->
+<!ELEMENT ejb-timer-service (property*)>
+<!ATTLIST ejb-timer-service minimum-delivery-interval-in-millis   CDATA    "7000"
+                            max-redeliveries                      CDATA    "1"
+                            timer-datasource                      CDATA    #IMPLIED
+                            redelivery-interval-internal-in-millis CDATA    "5000">
+
+
+                       
+
+<!-- 
+    Configuration of MDB Container 
+
+    steady-pool-size            minimum and initial number of message driven beans in pool. 
+    pool-resize-quantity        quantum of increase/decrease, when the size of pool grows/shrinks. 
+    max-pool-size               maximum size, pool can grow to.
+    idle-timeout-in-seconds     idle bean instance in pool becomes a candidate for deletion, 
+                                when this timeout expires.
+
+                                The above pool defaults, apply if they are not specified 
+                                in the Sun ONE Application Server specific Deployment
+                                Descriptors.
+
+-->
+<!ELEMENT mdb-container (property*)>
+
+<!ATTLIST mdb-container  steady-pool-size        CDATA  "10"
+                           pool-resize-quantity    CDATA  "2"
+                           max-pool-size           CDATA  "60"
+                           idle-timeout-in-seconds CDATA  "600">
+
+<!--
+     The jms-service element specifies information about the bundled/built-in
+     JMS service that is managed by Application Server.
+
+     If the "enabled" attribute is set to "true", the server instance
+     will be responsible for starting up and shutting down the JMS service.
+     If the "enabled" attribute is set to "false", the server instance
+     will not startup nor shutdown the JMS service (either because JMS
+     is not used or because it is managed independently of application server).
+
+     "port" attribute specifies the port number used by the JMS service.
+     "admin-username" attribute specifies the admin username.
+     "admin-password" attribute specifies the admin password.
+
+     "init-timeout-in-seconds" specifies the time server instance
+     will wait at start up, for its corresponding JMS service instance
+     to respond. If there is no response within the specifies timeout
+     period, application server startup is aborted.
+
+     "start-args" specifies the arguments that will be supplied to
+     start up the corresponding JMS service instance.
+-->
+<!ELEMENT jms-service (jms-host*, property*)>
+
+<!ATTLIST jms-service  init-timeout-in-seconds CDATA  "60"
+			type	(LOCAL|NONE|REMOTE) "LOCAL"
+            start-args              CDATA  #IMPLIED>
+
+<!ELEMENT jms-host (property*)>
+<!ATTLIST jms-host   name               CDATA #REQUIRED 
+                     host               CDATA #IMPLIED
+                     port               CDATA  "7676"
+                     admin-user-name    CDATA  "admin"
+                     admin-password     CDATA  "admin">
+                     
+	<!-- Generic Log Service Configuration
+
+	     By default, logs would be kept in $INSTANCE-ROOT/logs. The following log 
+             files will be stored under the logs directory.
+
+		access.log keeps default virtual server HTTP access messages.
+		server.log keeps log messages from default virtual server.
+				 Messages from other configured virtual servers
+				 also go here, unless log-file is explicitly
+				 specified in the virtual-server element.
+
+	     file attribute can be used to rename or relocate server.log using absolute
+             path.
+
+	     use-system-logging if true, will utilize Unix syslog service or Windows
+			 Event Logging to produce and manage logs.
+
+             log-handler               Can plug in a custom log handler to add it to the chain of
+                                       handlers to log into a different log destination than the default
+                                       ones given by the system (which are Console, File and Syslog). It is
+                                       a requirement that customers use the log formatter provided by the the
+                                       system to maintain uniformity in log messages. The custom log handler will
+                                       be added at the end of the handler chain after File + Syslog Handler,
+                                       Console Handler and JMX Handler. User cannot replace the handler
+                                       provided by the system, because of loosing precious log statements. The
+                                       Server Initialization will take care of installing the custom handler 
+                                       with the system formatter initialized. The user need to use JSR 047 
+                                       Log Handler Interface to implement the custom handler.
+
+            log-filter                 Can plug in a log filter to do custom filtering of log records .  By
+                                       default  there is no log filter other than the log level filtering
+                                       provided  by JSR 047 log API.
+
+            log-to-console   logs will be sent to stderr when asadmin start-domain verbose is used
+	     
+            log-rotation-limit-in-bytes  Log Files will be rotated when the file size reaches the limit.
+
+         alarms if true, will turn on alarms for the logger. The SEVERE and WARNING messages 
+             can be routed through the JMX framework to raise SEVERE and WARNING alerts. Alarms 
+             are turned off by default.
+
+-->
+<!ELEMENT log-service (module-log-levels?, property*)>
+<!ATTLIST log-service  file                           CDATA      #IMPLIED
+	               use-system-logging             %boolean;  "false"
+                       log-handler                    CDATA      #IMPLIED
+                       log-filter                     CDATA      #IMPLIED
+                       log-to-console                 %boolean;  "false"
+                       log-rotation-limit-in-bytes    CDATA      "500000"
+	               alarms                         %boolean;  "false">
+
+<!--
+    Configure the Log Levels for Various Loggers in the SUN ONE Modules.
+    The Default level is set to INFO, The log levels can be changed
+    using one of the seven levels. Please refer JSR 047 to understand
+    the Log Levels.
+
+    The Logs can be completely turned off by using 'OFF' value. The names
+    of the module loggers are self-explanatory
+    
+    transaction            If greater or less verbosity is desired from transaction 
+                          sub-system this can be adjusted. Note that this refers to 
+                          logging messages and not transaction co-ordination logs.
+-->
+<!ENTITY % log-level "(FINEST|FINER|FINE|CONFIG|INFO|WARNING|SEVERE|OFF)">
+<!ELEMENT module-log-levels (property*)>
+<!ATTLIST module-log-levels
+                root            %log-level;      "INFO"
+                server          %log-level;      "INFO"
+                ejb-container   %log-level;      "INFO"
+                cmp-container   %log-level;      "INFO"
+                mdb-container   %log-level;      "INFO"
+                web-container   %log-level;      "INFO"
+                classloader     %log-level;      "INFO"
+                configuration   %log-level;      "INFO"
+                naming          %log-level;      "INFO"
+                security        %log-level;      "INFO"
+                jts             %log-level;      "INFO"
+                jta             %log-level;      "INFO"
+                admin           %log-level;      "INFO"
+                deployment      %log-level;      "INFO"
+                verifier        %log-level;      "INFO"
+                jaxr            %log-level;      "INFO"
+                jaxrpc          %log-level;      "INFO"
+                saaj            %log-level;      "INFO"
+		corba           %log-level;      "INFO"
+		javamail        %log-level;      "INFO"
+		jms             %log-level;      "INFO"
+		connector       %log-level;      "INFO"
+		jdo             %log-level;      "INFO"
+		cmp             %log-level;      "INFO"
+		resource-adapter            %log-level;      "INFO">
+			
+<!-- 
+   The security service element defines parameters and configuration
+   information needed by the core J2EE security service. Some
+   container-specific security configuration elements are in the
+   various container configuration elements and not here. SSL
+   configuration is also elsewhere. At this time the security service
+   configuration consists of a set of authentication realms. A number
+   of top-level attributes are defined as well.
+
+   default-realm: Specifies which realm (by name) is used by default when no 
+       realm is specifically requested. The file realm is the common default.
+   default-principal: Used as the identity of default security contexts when
+       necessary and no principal is provided.
+   default-principal-pwd: Password of default principal.
+   anonymous-role: Used as role name for default/anonymous role.
+   audit-enabled: If true, additional access logging is performed to provide
+     audit information.
+   jacc: Specifies the name of the jacc-provider element to use for setting
+     up the JACC infrastructure. The default value "default" does not need
+     to be changed unless adding a custom JACC provider.
+   audit-modules: Optional list of audit provider modules which will be used
+     by the audit subsystem. The default value refers to the internal 
+     log-based audit module.
+-->
+
+<!ELEMENT security-service (auth-realm+ , jacc-provider+ , audit-module*, property*)>
+<!ATTLIST security-service  default-realm                CDATA     "file"
+                            default-principal            CDATA     #IMPLIED
+                            default-principal-password   CDATA     #IMPLIED
+                            anonymous-role               CDATA     "ANYONE"
+                                        audit-enabled	         %boolean; "false"
+                                        jacc			 CDATA	   "default"
+                                        audit-modules		 CDATA	   "default">
+
+<!--
+An audit-module specifies an optional plug-in module which implements
+audit capabilities.
+
+  name: defines the name of this realm
+  classname: defines the java class which implements this audit module
+-->
+
+<!ELEMENT audit-module (property*)>
+<!ATTLIST audit-module name            CDATA   #REQUIRED
+                       classname       CDATA   #REQUIRED>
+
+
+<!--
+The auth-realm element defines and configures one authentication realm.
+There must be at least one realm available for a server instance; any 
+number can be configured, as desired.
+
+Authentication realms need provider-specific parameters which vary depending
+on what a particular implementation needs; these are defined as properties
+since they vary by provider and cannot be predicted for any custom or add-on
+providers.
+
+For the default file provider, the param used is: file
+
+  name: defines the name of this realm
+  classname: defines the java class which implements this realm
+  property: name/value pairs of provider implementation specific attributes.
+
+-->
+
+<!ELEMENT auth-realm (property*)>
+<!ATTLIST auth-realm name            CDATA   #REQUIRED
+                     classname       CDATA   #REQUIRED>
+
+<!--
+The jacc-provider element defines the standard JACC properties used for
+setting up the JACC provider. It also allows optional properties which can
+be used by the provider implementation for its configuration.
+
+  name: A name for this jacc-provider. Is always "default" for the default
+    provider.
+  policy-provider: Corresponds to (and can be overridden by) the system 
+    property javax.security.jacc.policy.provider
+  policy-configuration-factory-provider: Corresponds to (and can be 
+    overridden by) the system property 
+    javax.security.jacc.PolicyConfigurationFactory.provider
+
+-->
+
+<!ELEMENT jacc-provider (property*)>
+<!ATTLIST jacc-provider name				      CDATA #REQUIRED
+                        policy-provider			      CDATA #REQUIRED
+                        policy-configuration-factory-provider   CDATA #REQUIRED>
+
+<!-- Configuration for Transaction Manager. 
+     automatic-recovery   if true, server instance attempts recovery at restart.
+     timeout-in-seconds   amount of time the transaction manager waits for 
+                          response from a datasource participating in transaction. 
+                          A value of 0 implies infinite timeout. 
+
+     tx-log-dir           By default the transaction log is kept in the directory
+                          $INSTANCE-ROOT/logs/tx. If user specifies log-root 
+                          attribute under <domain> element, tx.log would appear 
+                          in that directory. User can also specify an alternative 
+                          location using transaction-service.txlog-file attribute. 
+                          The transaction service creates and uses 3 files for 
+                          logging and tracking transactions in progress. 
+
+     heuristic-decision   During recovery, if outcome of a transaction cannot be 
+                          determined from the logs, then this property is used 
+                          to fix the outcome.
+
+    retry-timeout-in-seconds used to determine the retry time in the following 
+                             scenarios.  
+                             1. Time to wait at the transaction recovery time, 
+                                when resources are unreachable.
+                             2. If there are any transient exceptions in the 
+                                second phase of the 2 PC protocol.
+                             A negative value indicates infinite retry.  
+                             '0' indicates no retry.
+                             A positive value indicates the number of seconds for 
+                             which retry will be attempted. Default is 10 minutes 
+                             which may be appropriate for a database being restarted.
+
+     keypoint-interval    property used to specify the number of transactions between 
+                          keypoint operations on the log.  A Keypoint operations could 
+                          reduce the size of the transaction log files.  A larger value 
+                          for this property (for example, 1000) will result in larger 
+                          transaction log files, between log compactions, but less 
+                          keypoint operations, and potentially better performance.  
+                          A smaller value (e.g. 20) results in smaller log files but 
+                          slightly reduced performance due to the greater frequency of 
+                          keypoint operations.
+
+-->
+<!ELEMENT transaction-service (property*)>
+
+<!ATTLIST transaction-service  automatic-recovery %boolean;   "false"
+                                 timeout-in-seconds CDATA  "0"
+                                 tx-log-dir         CDATA  #IMPLIED
+                                 heuristic-decision  (rollback | commit )  "rollback"
+                                 retry-timeout-in-seconds CDATA "600"
+                                 keypoint-interval  CDATA  "2048">
+
+
+<!-- Configuration for monitoring service -->
+
+ <!ELEMENT monitoring-service (module-monitoring-levels?, property*)>
+
+<!--
+The attributes of module-monitoring-levels define various monitoring levels for various components:
+
+thread-pool 	          all the thread-pools used by the run time.
+orb  		          ORB, its connection managers etc. (WHAT IS ETC? TBD???)
+ejb-container             various ejbs deployed to the server, ejb-pools, ejb-caches and ejb-methods.
+transaction-service       transaction subsystem.
+http-service   h          ttp engine and the http listeners therein.
+jdbc-connection-pool      monitoring level for all the jdbc-connection-pools used by the runtime.
+connector-connection-pool monitoring level for all the connector-connection-pools used by the runtime.
+-->
+
+<!ELEMENT module-monitoring-levels (property*)>
+<!ATTLIST module-monitoring-levels     thread-pool %monitoring-level; "OFF"
+                                       orb %monitoring-level; "OFF"
+                                       ejb-container %monitoring-level; "OFF"
+                                       web-container %monitoring-level; "OFF"
+                                       transaction-service %monitoring-level; "OFF" 
+                                       http-service %monitoring-level; "OFF"
+                                       jdbc-connection-pool %monitoring-level; "OFF"
+                                       connector-connection-pool %monitoring-level; "OFF" > 
+
+<!-- Java Runtime environment configuration 
+
+     java-home 		Specifies the installation directory for Java runtime. 
+                        JDK 1.4 or higher is supported.
+     debug-enabled 	If set to true, the server starts up in debug mode ready for 
+                        attaching with a JPDA based debugger.
+     debug-options      JPDA based debugging options string.
+     rmic-options       Options string passed to RMI compiler, at application deployment 
+                        time.
+     javac-options      Options string passed to Java compiler, at application deployment 
+                        time.
+     classpath-prefix   A java classpath string that is prefixed to server-classpath
+     classpath-suffix   A java classpath string that is  appended to server-classpath
+     server-classpath   A java classpath string that specifies the classes needed by the 
+                        Application server. Do not expect users to change this under 
+                        normal conditions.
+
+   
+     native-library-path is automatically constructed to be a concatenation of Application 
+     Server installation relative path for its native shared libraries, standard JRE native 
+     library path, the shell environment setting (LD-LIBRARY-PATH on Unix) and any path 
+     that may be specified in the profile element. Since this is synthesied, it is not 
+     required to have this appear explicitly in the server configuration. 
+
+     native-library-path-prefix (native-library-path-suffix) is prepended (appended) to 
+     the native library path, which is constricted as per the above description.
+
+     bytecode-preprocessors A comma separated list of classnames, each of which must 
+                            implement the com.sun.appserv.BytecodePreprocessor interface. 
+                            Each of the specified preprocessor class will be called in the 
+                            order specified. At the moment the comelling use is for a 3rd 
+                            party Performance Profiling tool. 
+
+     env-classpath-ignored  If set to false, the CLASSPATH environment variable will be 
+                            read and appended to the Application Server classpath, which 
+                            is constructed as described above. The CLASSPATH environment 
+                            variable will be added after the classpath-suffix, at the very 
+                            end.
+-->
+<!ELEMENT java-config (profiler? , (jvm-options | property)*)>
+
+<!ATTLIST java-config  java-home                  CDATA  #REQUIRED
+                         debug-enabled              %boolean;  "false"
+                         debug-options              CDATA  "-Xdebug -Xrunjdwp:transport=dt-socket,server=y,suspend=n"
+                         rmic-options               CDATA  "-iiop -poa -alwaysgenerate -keepgenerated -g"
+                         javac-options              CDATA  "-g"
+                         classpath-prefix           CDATA  #IMPLIED
+                         classpath-suffix           CDATA  #IMPLIED
+                         server-classpath           CDATA  #IMPLIED
+                         native-library-path-prefix CDATA  #IMPLIED
+                         native-library-path-suffix CDATA  #IMPLIED
+                         bytecode-preprocessors     CDATA  #IMPLIED
+                         env-classpath-ignored      %boolean;  "true"  >
+<!-- String value for options that will be passed to the JVM -->
+<!ELEMENT jvm-options (#PCDATA)>
+
+<!-- Profilers could be one of jprobe, optimizeit, hprof, wily and so on
+     jvm-options and property elements are used to record the settings
+     needed to get a particular profiler going. A server instance is tied
+     to a particular profiler, by the profiler element in java-config.  
+     Changing the profiler will require a server restart.
+
+     The adminstrative graphical interfaces, could list multiple supported 
+     profilers (incomplete at this point) and will populate server.xml 
+     appropriately. 
+  -->
+<!ELEMENT profiler ((jvm-options | property)*)>
+
+<!ATTLIST profiler  name                CDATA  #REQUIRED
+                      classpath           CDATA  #IMPLIED
+                      native-library-path CDATA  #IMPLIED
+                      enabled             %boolean; "true"  >
+
+
+<!-- SE/EE only: TBD Needs explanation
+  quick-checkpoint      EJB container tries to convert an SFSB to
+                        a serializable form before saving it to a checkpointing
+                        store. If it fails to serialize the SFSB, it normally calls
+                        the ejbPassivate() method on the SFSB, since the application
+                        developer is expected to implement an ejbPassivate() method
+                        to ensure that the bean is in serializable form before
+                        passivation.  However invocation of ejbPassivate() causes
+                        additional performance overhead on the checkpointing mechanism.
+                        By setting the quick-checkpoint flag to true, the application
+                        deployer can ensure that the ejbPassivate() method is not invoked
+                        on a particular SFSB, or for any SFSB within a scope
+                        (ejb-container, a J2EE application, or an EJB module),
+                        before checkpointing to persistent store. This minimizes the
+                        overhead of the checkpointing operation.
+
+  checkpoint-location specifies a Stateful enterprise bean's check pointing mechanism
+                      type. Whether checkpointing is done at the end of transaction or
+                      at the end of method calls. The checkpoint-location element must
+                      be one of the following: end-of-transaction or end-of-method
+-->
+
+<!ELEMENT availability-service (web-container-availability?, ejb-container-availability?, property*)>
+<!ATTLIST availability-service availability-enabled %boolean;  "false">
+
+<!ELEMENT web-container-availability (property)*>
+<!ATTLIST web-container-availability persistence-type  %persistence-type; "memory"
+                                     persistence-frequency %session-save-frequency; #IMPLIED
+                                     persistence-scope %session-save-scope; #IMPLIED
+                                     persistence-store-health-check-enabled  %boolean; "false"
+                                     sso-failover-enabled                   %boolean; "false"
+                                     http-session-store-pool-name CDATA #REQUIRED>
+
+<!ELEMENT ejb-container-availability (property*)>
+<!ATTLIST ejb-container-availability sfsb-checkpoint-enabled %boolean; "false"
+                                     sfsb-quick-checkpoint-enabled %boolean; "false"
+                                     sfsb-store-pool-name    CDATA #REQUIRED>
+
+<!-- 
+Quorum Service is used by instances to determine the membership composition of the cluster.
+
+name              should correspond to the cluster name
+serviceClassName  Fully qualified class name of the group service provider implementation
+
+-->
+<!ELEMENT quorum-service (property*)>
+<!ATTLIST quorum-service  
+            name              CDATA      #REQUIRED
+            service-classname  CDATA     
+                       "com.sun.enterprise.ee.quorum.impl.jmx.S1ASJMXGroupServiceProvider">       
+
+                       
+<!-- 
+  jdbc-connection-pool defines configuration used to create and manage 
+  a pool physical database connections. Pool definition is named, and 
+  can be referred to by multiple jdbc-resource elements (See <jdbc-resource>). 
+
+  Each named pool definition results in a pool instantiated at server 
+  start-up. Pool is populated when accessed for the first time. If two 
+  or more jdbc-resource elements point to the same jdbc-connection-pool 
+  element, they are using the same pool of connections, at run time. 
+
+  name                                unique name of the pool definition.
+
+  datasource-classname                Name of the vendor supplied JDBC datasource 
+                                      resource manager. An XA or global transactions
+                                      capable datasource class will implement 
+                                      javax.sql.XADatasource interface. Non XA or 
+                                      Local transactions only datasources will 
+                                      implement javax.sql.Datasource interface. 
+
+  res-type                 DataSource implementation class could implement 
+                           one or both of javax.sql.DataSource, javax.sql.XADataSource 
+                           interfaces. This optional attribute must be specified to 
+                           disambiguate when a Datasource class implements both 
+                           interfaces. An error is produced when this attribute has 
+                           a legal value and the indicated interface is not implemented 
+                           by the datasource class. This attribute has no default value. 
+
+  steady-pool-size                    minimum and initial number of connections 
+                                      maintained in the pool.
+
+  max-pool-size                       maximum number of conections that can be created 
+
+  max-wait-time-in-millis             amount of time the caller will wait before getting 
+                                      a connection timeout. The default is 60 seconds.
+                                      A value of 0 will force caller to wait indefinitely. 
+
+  pool-resize-quantity                number of connections to be removed when 
+                                      idle-timeout-in-seconds timer expires. Connections 
+                                      that have idled for longer than the timeout are 
+                                      candidates for removal. When the pool size reaches 
+                                      steady-pool-size, the connection removal stops.
+
+  idle-timeout-in-seconds     maximum time in seconds, that a connection can 
+                              remain idle in the pool. After this time, the pool 
+                              implementation can close this connection.  Note that 
+                              this does not control connection timeouts enforced
+                              at the database server side. Adminsitrators are 
+                              advised to keep this timeout shorter than the database
+                              server side timeout (if such timeouts are configured 
+                              on the specific vendor's database), to prevent 
+                              accumulation of unusable connection in Application Server.
+
+  transaction-isolation-level   Specifies the Transaction Isolation Level on the pooled
+                                database connections. Optional. Has no default. If left 
+                                unspecified the pool operates with default isolation level 
+                                provided by the JDBC Driver. A desired isolation level 
+                                can be set using one of the standard transaction isolation 
+                                levels: read-uncommitted, read-committed, repeatable-read, 
+                                serializable
+
+                                Applications that change the Isolation level on a pooled 
+                                connection programmatically, risk polluting the pool and this
+                                could lead to program errors. 
+                                Also see: is-isolation-level-guaranteed
+
+  is-isolation-level-guaranteed  Applicable only when a particular isolation level is specified
+                                 for transaction-isolation-level. The default value is true. 
+                                 This assures that every time a connection is obtained from 
+                                 the pool, it is guaranteed to have the isolation set to the 
+                                 desired value. This could have some performance impact on 
+                                 some JDBC drivers. Can be set to false by that administrator 
+                                 when they are certain that the application does not 
+                                 change the isolation level before returning the connection.
+
+  is-connection-validation-required   if true, connections are validated (checked to 
+                                      find out if they are usable) before giving out to 
+                                      the application. The default is false. 
+
+     If is-connection-validation-required is true then connection-validation-type 
+     specifies the type of validation to be performed. Three types of validation
+     are supported:
+
+        1) using connection.autoCommit(), 
+        2) using connection.getMetaData() 
+        3) performing a query on a user specified table (see validation-table-name). 
+
+     The possible values are one of:  auto-commit | meta-data | table 
+
+     validation-table-name specifies the table name to be used to perform a query to 
+     validate a connection. This parameter is mandatory, if connection-validation-type 
+     set to table. Verification by accessing a user specified table may become necessary
+     for connection validation, particularly if database driver caches calls to
+     setAutoCommit() and getMetaData(). 
+
+  fail-all-connections:              indicates if all connections in the pool must be 
+                                     closed should a single validation check fail. The 
+                                     default is false. One attempt will be made to 
+                                     re-establish failed connections.
+
+  Use of property lists:
+
+  Most JDBC 2.0 drivers permit use of standard property lists, to specify User, Password 
+  and other resource configuration. While these are optional properties, according to the 
+  specification, several of these properties may be necessary for most databases. See 
+  Section 5.3 of JDBC 2.0 Standard Extension API.
+
+  Name                                Value
+
+  databaseName                        Name of the Database.
+  serverName                          Database Server name.
+  port                                Port where a Database server is listening for requests. 
+  networkProtocol                     Communication Protocol used.
+  user                                default name of the database user with which 
+                                      connections will be stablished. Programmatic database 
+                                      authentication or default-resource-principal specified
+                                      in vendor specific web and ejb deployment descriptors 
+                                      will take precedence, over this default. The details 
+                                      and caveats are described in detail in the 
+                                      Administrator's guide.
+  password                            password for default database user
+  roleName                            The initial SQL role name.
+  datasourceName                      used to name an underlying XADataSource, or 
+                                      ConnectionPoolDataSource when pooling of connections 
+                                      is done
+  description                         Textual description
+
+  When one or more of these properties are specified, they are passed as is using 
+  set<Name>(<Value>) methods to the vendors Datasource class (specified in 
+  datasource-classname). User and Password properties are used as default principal, 
+  if Container Managed authentication is specified and a default-resource-principal is 
+  not found in application deployment descriptors.
+-->
+<!ELEMENT jdbc-connection-pool (description? , property*)>
+
+<!ATTLIST jdbc-connection-pool  name                              CDATA  #REQUIRED
+                                  datasource-classname              CDATA  #REQUIRED
+                                  res-type                          CDATA  #IMPLIED
+                                  steady-pool-size                  CDATA  "8"
+                                  max-pool-size                     CDATA  "32"
+                                  max-wait-time-in-millis           CDATA  "60000"
+                                  pool-resize-quantity              CDATA  "2"
+                                  idle-timeout-in-seconds           CDATA  "300"
+                                  transaction-isolation-level        %isolation; #IMPLIED
+                                  is-isolation-level-guaranteed      %boolean;   "true"
+                                  is-connection-validation-required  %boolean;   "false" 
+                                  connection-validation-method       (auto-commit | 
+                                                                      meta-data | 
+                                                                      table )  "auto-commit"
+                                  validation-table-name             CDATA  #IMPLIED
+                                  fail-all-connections               %boolean;  "false"  >
+
+
+
+<!--
+  connector-connection-pool defines configuration used to create and manage
+  a pool of connections to a EIS. Pool definition is named, and
+  can be referred to by multiple connector-resource elements (See <connector-resource>).
+
+  Each named pool definition results in a pool instantiated at server
+  start-up. Pool is populated when accessed for the first time. If two
+  or more connector-resource elements point to the same connector-connection-pool
+  element, they are using the same pool of connections, at run time.
+
+  There can be more than one pool for one connection-definition in one resource-adapter.
+
+  name                                unique name of the pool definition.
+
+  resource-adapter-name               This is the name of resource adapter. Name of .rar file
+                                      is taken as the unique name for the resource adapter.
+
+  connection-definition-name          unique name, identifying one connection-definition in 
+                                      a Resource Adapter. Currently this is ConnectionFactory 
+                                      type.
+
+  steady-pool-size                    minimum and initial number of connections
+                                      maintained in the pool.
+
+  max-pool-size                       maximum number of conections that can be created
+
+  max-wait-time-in-millis             amount of time the caller will wait before getting
+                                      a connection timeout. The default is 60 seconds.
+                                      A value of 0 will force caller to wait indefinitely.
+
+  pool-resize-quantity                number of connections to be removed when
+                                      idle-timeout-in-seconds timer expires. Connections
+                                      that have idled for longer than the timeout are
+                                      candidates for removal. When the pool size reaches
+                                      steady-pool-size, the connection removal stops.
+
+  idle-timeout-in-seconds             maximum time in seconds, that a connection can
+                                      remain idle in the pool. After this time, the pool
+                                      implementation can close this connection.  Note that
+                                      this does not control connection timeouts enforced
+                                      at the database server side. Adminsitrators are
+                                      advised to keep this timeout shorter than the EIS
+                                      connection timeout (if such timeouts are configured
+                                      on the specific EIS), to prevent accumulation
+                                      of unusable connection in Application Server.
+  fail-all-connections:              indicates if all connections in the pool must be
+                                     closed should a single connection fail validation. The
+                                     default is false. One attempt will be made to
+                                     re-establish failed connections.
+
+  Use of property lists:
+
+  Properties are used to override the ManagedConnectionFactory javabean configuration 
+  settings.
+
+  When one or more of these properties are specified, they are passed as is using 
+  set<Name>(<Value>) methods to the Resource Adapter's ManagedConnectionfactory class 
+  (specified in ra.xml).
+-->
+<!ELEMENT connector-connection-pool (description?, security-map*, property*)>
+<!ATTLIST connector-connection-pool  name                          CDATA      #REQUIRED
+                                resource-adapter-name              CDATA      #REQUIRED
+                                connection-definition-name         CDATA      #REQUIRED
+                                steady-pool-size                   CDATA      "8"
+                                max-pool-size                      CDATA      "32"
+                                max-wait-time-in-millis            CDATA      "60000"
+                                pool-resize-quantity               CDATA      "2"
+                                idle-timeout-in-seconds            CDATA      "300"
+                                fail-all-connections               %boolean;  "false">
+                    
+<!-- Perform mapping from principal received during Servlet/EJB authentication, to
+     credentials accepted by the EIS. This mapping is optional.It is possible to
+     map multiple (server) principal to the same backend principal.
+-->
+<!ELEMENT security-map ((principal | user-group)+, backend-principal)>
+<!ATTLIST security-map name  CDATA #REQUIRED>
+
+<!-- Principal of the Servlet and EJB client -->
+<!ELEMENT principal (#PCDATA)>
+
+<!-- Group of user -->
+<!ELEMENT user-group (#PCDATA)>
+
+<!-- Backend EIS principal -->
+<!ELEMENT backend-principal EMPTY>
+<!ATTLIST backend-principal user-name  CDATA #REQUIRED
+                            password   CDATA #IMPLIED>
+
+
+<!ELEMENT thread-pools (thread-pool+)>
+                                                                            
+<!--
+     thread-pool-id                      This is an id for the work-queue e.g. 
+                                         "thread-pool-1", "thread-pool-2" etc
+     min-thread-pool-size                Minimum number of threads in the threadpool 
+                                         servicing requests in this queue.
+                                         These are created up front when this threadpool 
+                                         is instantiated
+     max-thread-pool-size                Maximum number of threads in the threadpool 
+                                         servicing requests in this queue. This is the 
+                                         upper bound on the no. of threads that 
+                                         exist in the threadpool.
+     idle-thread-timeout-in-seconds      idle threads are removed from pool, after this time
+     num-work-queues                     This denotes the total number of work queues 
+                                         that are serviced by this threadpool. 
+-->
+
+<!ELEMENT thread-pool EMPTY>
+<!ATTLIST thread-pool  thread-pool-id  CDATA                           #REQUIRED
+                                       min-thread-pool-size            CDATA     "0"
+                                       max-thread-pool-size            CDATA     "200"
+                                       idle-thread-timeout-in-seconds  CDATA     "120"
+                                       num-work-queues                 CDATA     "1">
+
+                                       
+<!-- Syntax for supplying properties as name value pairs -->
+<!ELEMENT property (description?)>
+
+<!ATTLIST property  name  CDATA  #REQUIRED
+                      value CDATA  #REQUIRED >
+
+
+                      
+<!-- SERVER SECTION -->
+                      
+<!-- J2EE Application Server Configuration 
+
+     Each Application Server instance is a J2EEv1.4 compliant container. 
+     One server instance is specially designated as the Administration Server in SE/EE. 
+     User applications cannot be deployed to an Adminsitration Server instance.
+
+     instance-name     name of the server instance.
+
+
+    config-ref         points to a named config. needed for stand-alone servers.
+                       If the server instance is part of a cluster, then it must 
+                       not be present, and will be ignored.
+
+    node-controller-ref SE/EE only. Specifies the name of the node controller where
+                        the server instance is hosted.
+
+    application-ref     References to applications deployed to the server instance
+
+    resource-ref        References to resources deployed to the server instance
+ 
+-->
+<!ELEMENT server (application-ref* , resource-ref* , property*)>
+<!ATTLIST server    name             CDATA  #REQUIRED
+		    config-ref       CDATA  #IMPLIED
+		    node-controller-ref CDATA #IMPLIED 
+>
+                
+<!ELEMENT application-ref EMPTY>
+<!ATTLIST application-ref  enabled %boolean;  "true"
+                           virtual-servers CDATA #IMPLIED
+			   ref  CDATA  #REQUIRED
+> 
+
+<!ELEMENT resource-ref EMPTY>
+<!ATTLIST resource-ref  enabled %boolean;  "true" 
+			ref CDATA #REQUIRED>
+
+
+<!-- SE/EE Cluster configuration. A cluster defines a homogenous set of 
+server instances that share the same applications, resources, and configuration.
+
+    name        cluster name
+    
+    config-ref  points to a named config. All server instances in the cluster will
+                share this config.
+    
+    server-ref  list of servers in the cluster.
+-->
+<!ELEMENT cluster (server-ref*, resource-ref*, application-ref*)>
+<!ATTLIST cluster  name CDATA  #REQUIRED
+                   config-ref CDATA #REQUIRED>
+                 
+<!ELEMENT server-ref EMPTY>
+<!ATTLIST server-ref  ref CDATA #REQUIRED>
+	
+<!-- SE/EE Node Controller. The node controller is an agent that manages 
+server instances on a host machine.
+
+    name        Node Controller name
+
+    system-jmx-connector-name   The name of the internal jmx connector
+
+    stop-servers-in-shutdown    If true stops all managed server instances when 
+                                the Node Controller is stopped.
+
+    start-servers-in-startup    If true starts all managed server instances when 
+                                the Node Controller is started.
+-->                                
+
+<!ELEMENT node-controller (jmx-connector+, log-service, property*)>
+<!ATTLIST node-controller name CDATA #REQUIRED
+			  system-jmx-connector-name  CDATA #REQUIRED
+			stop-servers-in-shutdown %boolean; "false"
+			start-servers-in-startup %boolean; "true"
+			>            
+                
+<!-- 
+SE/EE Only: Load Balancer configuration
+-->                      
+                      
+<!ELEMENT loadbalancer (property*)>
+<!ATTLIST loadbalancer  name                 CDATA  #REQUIRED
+                         lb-configuration-ref CDATA #REQUIRED>
+   
+<!-- 
+XML DTD for S1AS 8.0EE load balancer configuration.
+
+Copyright (c) 2002 by Sun Microsystems, Inc. All Rights Reserved.
+$Revision: 1.2 $
+-->
+
+<!-- Load Balancer Algorithm Types
+
+     This is a list of various load balancing algorithm types that are supported
+     by the load balancers. Note that each of these algorithms have an implicit
+     "sticky" prefix. That is, the round-robin actually implies sticky 
+     round-robin.
+-->
+<!ENTITY % lb-algorithm-type "(round-robin | random | weighted-round-robin | weighted-random)" >
+
+<!--  Load Balancer Configuration
+
+      Specify a load balancer configuration for one or more load balancers. The
+      load balancers use this configuration to load balance the request. The
+      DTD contains configuration details that pertain to the load balancer. The
+      lb-configuration is an aggregation of lb-groups. Additionally, there are
+      properties that can be specified at the lb-configuration level that allows
+      the administrator to control the operation of the load balancer.
+
+      name 	           identifies the lb-configuration.
+
+      lb-algorithm-type    identifies the type of load balancing algorithm that 			   Load Balancer should use. The default value would be 
+                           "round-robin".
+-->
+
+<!ELEMENT lb-configuration (lb-groups?, property*)>
+<!ATTLIST lb-configuration name CDATA #REQUIRED
+                          lb-algorithm-type   %lb-algorithm-type; "round-robin">
+
+<!ELEMENT lb-groups (lb-group*)>
+
+<!--  Load Balancer Group
+
+      This the counterpart of a "group" from domain.xml in the load balancer
+      realm. The lb-group is an aggregation of lb-servers, lb-j2ee-applications
+      and stand-alone lb-web-modules. In the HTTP load balancer world, 
+      lb-j2ee-applications contain one or more web-modules.
+
+      The default implicit health checker configuration can also be specified at
+      the lb-group level. This health checker configuration is used as the
+      default if the health checker configuration is not specified at the 
+      lb-j2ee-application or lb-web-module level. However, if the health checker
+      configuration is specified at the lb-j2ee-application or lb-web-module 
+      level, it overrides the health checker configuration specified at the 
+      lb-group level. 
+
+      NOTE: The default health checker only "instance" health, i.e, all 
+      applications on the instance would be available or unavailable depending 
+      upon whether the instance is healthy or not. This is contrast to 
+      application level health checker that is described below:
+
+      name 	      identifies the lb-group
+
+      ping-healthy-servers
+                      a boolean attribute that is used only if the 
+                      health-checker is configured. It determines if the health
+                      check sweep will check only unhealthy servers or both 
+                      healthy and unhealthy servers. By default, this attribute
+                      would be false, which would imply that only unhealthy 
+                      servers are pinged during the health check sweep. This 
+                      attribute can be set to true if the customers need a 
+                      pro-active health check mechanism to detect unhealthy 
+                      instances.
+-->
+
+<!ELEMENT lb-group (lb-servers?, lb-j2ee-applications?, lb-web-modules?, computed-response-timeout?, health-checker?)>
+<!ATTLIST lb-group name CDATA #REQUIRED
+                   ping-healthy-servers  %boolean; "false">
+
+<!ELEMENT lb-servers (lb-server*)>
+
+<!--  Load Balancer Server Instance
+
+      This element is the counterpart of an "server" from domain.xml for the 
+      load balancer. The attributes that apply to an server specific to the 
+      load balancer are specified in this section. The lb-server is an 
+      aggregation of HTTP Listeners.
+
+      name	      identifies the server server within the lb-group
+         
+      enabled	      specifies whether server is active (enabled)  
+                      for requests to be load balanced to it.	
+         
+      disable-timeout-in-minutes  
+                      specifies the quiescing timeout interval in seconds, upon 
+                      elapse of which load balancer would close all the open 
+                      connections related to the server being disabled and no 
+                      further requests would be routed to the server. Default 
+                      value would be 31 minutes (i.e. more than the default 
+                      session idle timeout which is 30 minutes).
+
+      weight
+                      This attribute is used if the weighted-round-robin policy 
+                      is specified as the lb-algorithm for the lb-configuration.
+                      It is used to supply a weighted value for each server in 
+                      the lb-group a numerical weight between 1 and 100. This 
+                      value determines what proportion of the load the server 
+                      will take relative to other servers. The default value is 
+                      100. Note that this attribute is ignored if the 
+                      round-robin or random algorithm is selected. 
+
+-->
+
+<!ELEMENT lb-server (lb-http-listener*)>
+<!ATTLIST lb-server  name             CDATA     #REQUIRED
+                     enabled          %boolean; "true"
+                     disable-timeout-in-minutes  CDATA     "31"
+                     weight           CDATA     "100">
+
+<!--  HTTP listeners for a lb-server
+
+      This element is used to specify HTTP/HTTPS listeners for an lb-server. 
+      An server could have one or more listeners configured. When the load  
+      balancer forwards requests to an server, it selects a listener from the
+      list of configured listeners for the server.
+
+      id              Unique identifier for http listener.
+
+      address 	      IP address for the listener.
+
+      port    	      Port number for the listener. 
+
+      security-enabled 
+                      An optional boolean attribute that determines whether the 
+                      http listener runs SSL. The default is false.
+-->
+
+<!ELEMENT lb-http-listener EMPTY>
+<!ATTLIST lb-http-listener    id                     CDATA  #REQUIRED
+                              address                CDATA  #REQUIRED
+                              port                   CDATA  #REQUIRED
+                              security-enabled       %boolean; "false"> 
+
+<!ELEMENT lb-j2ee-applications (lb-j2ee-application*)>
+
+<!--  Deployed LB J2EE Applications.
+
+      This element is the counterpart of an "j2ee-application" from domain.xml 
+      for the load balancer. The attributes that apply to an j2ee-application 
+      specific to the load balancer are specified in this section. The 
+      lb-j2ee-application is an aggregation of context-roots and an 
+      j2ee-application level implicit health checker.
+
+      NOTE: The j2ee-application level health checker allows health checks to
+      be performed on a per application basis. So instead of marking an entire
+      instance unhealthy, as is the case in the default lb-group level health
+      checker, a j2ee-application level health checker can mark an instance
+      healthy or unhealthy in the context of a particular application. This
+      allows an instance to be marked unhealthy for some applications while 
+      being marked as healthy for other applications.
+
+      name	      identifies the lb-j2ee-application
+
+      enabled	      signifies whether the lb-j2ee-application is enabled or
+         	      disabled. Default value would be "true".
+
+      disable-timeout-in-minutes   
+                      specifies the quiescing timeout interval after which no 
+                      further requests would be sent to the lb-j2ee-application
+                      that has been disabled. Application is  identified by the 
+                      lb-j2ee-application context root as specified in 
+                      applicaiton-web-module element. Default value would be 31
+                      minutes (i.e. more than the default session idle timeout 
+                      which is 30 minutes).
+-->
+
+<!ELEMENT lb-j2ee-application (j2ee-application-web-module*, health-checker?)>
+<!ATTLIST lb-j2ee-application  name CDATA #REQUIRED
+                               enabled         %boolean; "true"
+                               disable-timeout-in-minutes CDATA     "31"> 
+
+<!--  Web Modules in the deployed j2ee-application.
+
+      This element is used to specify web-modules that are part of a 
+      lb-j2ee-application. An j2ee-application could have one or more 
+      web-modules. The j2ee-application-web-module element is an aggregation of 
+      idempotent-url-patterns and a health-checker.
+
+      NOTE: The j2ee-application-web-module level health checker overrides the
+      health checker specified at the lb-j2ee-application level. 
+    
+      name	              identifies the j2ee-application-web-module
+
+      lb-context-root         context root of the j2ee-application deployed
+
+-->
+
+<!ELEMENT j2ee-application-web-module (idempotent-url-pattern*, web-module-response-timeout?, urls-and-response-timeouts?, health-checker?, error-url?)>
+<!ATTLIST j2ee-application-web-module name CDATA #REQUIRED
+                                      lb-context-root CDATA     #REQUIRED>
+
+<!--  Idempotent URLs for the deployed Web Module.
+
+      This element is used to specify all idempotent-url-patterns for a 
+      web-module that is part of an lb-j2ee-application as well as for a 
+      stand-alone lb-web-module. What this implies is that when a load balancer
+      detects that an instance is unhealthy while servicing a request, it would 
+      implicitly retry the request on another server in the lb-group, if its URL
+      matches one of the idempotent-url-patterns for that j2ee-application.
+    
+      url-pattern       URL patterns that are idempotent that can be retried by 
+                        the load balancer, if a request containing the pattern
+                        fails due to an instance being unhealthy.
+    
+      no-of-retries     Number of times the URL should be retried. The default 
+                        value is equal to the number of servers that support the
+                        the context-root for the url-pattern, minus 1. 
+
+-->
+
+<!ELEMENT idempotent-url-pattern EMPTY>
+<!ATTLIST idempotent-url-pattern   url-pattern             CDATA     #REQUIRED
+                                   no-of-retries           CDATA     "-1">
+
+<!--  Web Module Response Timeouts
+
+      This element is used to specify all timeouts at a Web Module level.
+      This includes standalone web-modules and web-modules that are part of 
+      an lb-j2ee-application. This setting overrides the LB wide response 
+      timeout for the web-module.
+    
+      timeout-in-seconds        
+                     timeout interval in seconds within which response should 
+                     be obtained for a request load balanced; else the server 
+                     would be considered unhealthy. Default value would be "60".
+		     This is applicable for all requests in the web-module 
+		     (that have the same context-root as that of the web-module)
+                     and overrides the global response timeout settings. 
+
+-->
+
+<!ELEMENT web-module-response-timeout EMPTY>
+<!ATTLIST web-module-response-timeout   timeout-in-seconds CDATA     "60">
+
+<!--  URLs and Response Timeouts
+
+      This element is used to specify specific response timeouts for URLs within
+      a Web Module level. This overrides the LB wide response timeout as well as
+      the web module specific response timeout. This element is specified as a
+      space delimited list of name=value pairs comprising the URLs and the 
+      corresponding response timeout values in seconds.
+    
+      urls-n-timeouts        
+                     A space delimited list of URLs and the corresponding 
+                     response timeout. For example:
+		     "/myApp/abc=15 /myApp/xyz=90"
+
+-->
+
+<!ELEMENT urls-and-response-timeouts EMPTY>
+<!ATTLIST urls-and-response-timeouts  urls-n-timeouts CDATA   #REQUIRED>
+
+<!--  Computed Response Timeout
+
+      This element is used to enable computed response times for all URLs.
+      This overrides all configurable response timeout settings including the 
+      global response timeout, web module response timeout and URL wise 
+      response timeouts. This computes the average response time per URL and
+      multiplies it with a latency-multiplier and adds a latency-offset to 
+      compute the response timeout.
+    
+      latency-multiplier
+                     A number to be multiplied to the average response time to
+                     get the response timeout. The default value is 1.
+
+      latency-offset
+                     Represents ad-hoc delays that impact the response time, for
+                     example, GC pause time.
+		     
+
+-->
+
+<!ELEMENT computed-response-timeout EMPTY>
+<!ATTLIST computed-response-timeout  latency-multiplier CDATA     "1"
+                                     latency-offset CDATA     "0">
+
+<!--  Deployed stand-alone Web Modules.
+
+      This element is the counterpart of a stand-alone "web-module" from 
+      domain.xml for the load balancer. These are web-modules thar are not part
+      of any j2ee-application. The lb-web-modules is an aggregation of 
+      idempotent-url-patterns and an implicit health checker.
+
+      NOTE: The web-module level health checker allows health checks to
+      be performed on a per web-module basis. So instead of marking an entire
+      instance unhealthy, as is the case in the default lb-group level health
+      checker, a web-module level health checker can mark an instance
+      healthy or unhealthy in the context of a particular web-module. This
+      allows an instance to be marked unhealthy for some web-modules while 
+      being marked as healthy for other web-modules.
+
+      name	      identifies the lb-web-module
+
+      lb-context-root    context root of the stand-alone lb-web-module
+
+      enabled	      signifies whether the lb-web-module is enabled or
+         	      disabled. Default value would be "true".
+
+      disable-timeout-in-minutes   
+                      specifies the quiescing timeout interval after which no 
+                      further requests would be sent to the lb-web-module that 
+                      has been disabled. The lb-web-module is identified by the 
+                      context root. Default value would be 31 minutes (i.e. 
+                      more than the default session idle timeout which is 30 
+                      minutes).
+-->
+
+<!ELEMENT lb-web-modules (lb-web-module*)>
+
+<!ELEMENT lb-web-module (idempotent-url-pattern*, web-module-response-timeout?, urls-and-response-timeouts?, health-checker?, error-url?)>
+<!ATTLIST lb-web-module  name CDATA     #REQUIRED
+                         lb-context-root CDATA     #REQUIRED
+                         enabled         %boolean; "true"
+                         disable-timeout-in-minutes CDATA     "31">
+
+<!--  Health Checker Configuration.
+
+      This element describes the Health Checker configuration. A health checker
+      could be configured at the lb-group level, at a per j2ee-application level
+      or a per stand-alone web-module level. If no health checker is specified 
+      at the lb-j2ee-application level or a lb-web-module level, then the 
+      health checker specified at the lb-group level is picked up. However, if 
+      the health checker is specified at the lb-j2ee-application level or the 
+      lb-web-module level, then it overrides the setting at the lb-group level. 
+
+      url	      URL to ping so as to determine the health state
+		      of a listener.
+
+      interval-in-seconds      
+                      specifies the interval in seconds at which health checks 
+                      of unhealthy servers carried out to check if the servers 
+                      has turned healthy. Default value is "30" seconds. A value
+                      of "0" would imply that health check is disabled. 
+
+      timeout-in-seconds	    
+                      timeout interval in seconds within which response should 
+                      be obtained for a health check request; else the server 
+                      would be considered unhealthy. Default value would be 
+                      "10" seconds.
+-->
+
+<!ELEMENT health-checker EMPTY>
+<!ATTLIST health-checker  url        CDATA               "/"
+                          interval-in-seconds   CDATA               "30"
+                          timeout-in-seconds    CDATA               "10">
+
+<!--  Error URL Configuration.
+
+
+      The error-url element is specified optionally for the lb-web-module or 
+      j2ee-application-web-module element. This element allows the URL that 
+      represents an user-defined error page to be specified. This URL is invoked
+      by the LB in the event of an error during the load balancing phase. If 
+      this element is specified, it overrides all other mechanisms of error 
+      reporting.
+
+      While the LB does not interfere with application errors, it has a role to
+      play when it encounters an error in the process of forwarding a request. 
+      The errors fall into two broad categories:
+
+          1. No socket connection can be opened by the LB to the selected 
+             Server (or alternate servers defined in the lb-configuration) and 
+             hence the LB cannot forward the request at all.
+
+          2. The LB forwarded the request to the server but did not get a 
+             response back before the configured response timeout.
+
+      url	      URL to be invoked in event of an LB error.
+
+-->
+
+<!ELEMENT error-url EMPTY>
+<!ATTLIST error-url  url        CDATA              #REQUIRED> 
+
+<!-- Properties that control the global configuration of the load balancer.
+
+     Name               			Value
+
+     response-timeout-in-seconds      timeout interval in seconds within which 
+				      response should be obtained for a request 
+				      load balanced; else the server would be 
+				      considered unhealthy. Default value would 
+				      be "60".
+
+     https-routing      	      flag ("true" | "false") that determines  
+                        	      whether the load balancer should route the
+                        	      incoming HTTPS request as HTTPS request to
+                        	      the server. Default value would be 
+				      "false".
+
+     require-monitor-data             flag ("true" | "false")  that determines
+                                      whether monitoring is switched on or not.
+                                      Default value would be "false".
+
+     pull-interval-in-minutes  
+                                      interval in minutes after which Agent will
+                                      initiate a pull of the load balancer 
+                                      configuration from the DAS.  Default value
+                                      is "10" minutes. If the pull interval is 
+                                      set to "0",
+
+    supported-url-pattern             specifies the  URL pattern that needs to 
+                                      be processed by the LB. The Web Server  
+				      will forward all URLs that match the URL 
+				      pattern to the LB Plugin. This property
+				      needs to be only set for LB plugins that
+				      are deployed on the IIS Web Server. The 
+			              default is "/*", which implies that all
+				      URL patterns will be sent to the LB 
+				      Plugin.
+                      
+-->
+