glassfish 0.1.1-universal-java-1.5

Sign up to get free protection for your applications and to get access to all the features.
Files changed (135) hide show
  1. data/COPYRIGHT +33 -0
  2. data/LICENSE.txt +263 -0
  3. data/README +12 -0
  4. data/bin/asadmin +7 -0
  5. data/bin/asadmin.bat +8 -0
  6. data/bin/glassfish_rails +40 -0
  7. data/config/asadminenv.conf +6 -0
  8. data/config/asenv.bat +28 -0
  9. data/config/asenv.conf +27 -0
  10. data/config/glassfish.container +4 -0
  11. data/domains/domain1/config/admin-keyfile +3 -0
  12. data/domains/domain1/config/cacerts.jks +0 -0
  13. data/domains/domain1/config/default-web.xml +906 -0
  14. data/domains/domain1/config/domain-passwords +0 -0
  15. data/domains/domain1/config/domain.xml +208 -0
  16. data/domains/domain1/config/keyfile +6 -0
  17. data/domains/domain1/config/keystore.jks +0 -0
  18. data/domains/domain1/config/logging.properties +82 -0
  19. data/domains/domain1/config/login.conf +18 -0
  20. data/domains/domain1/config/server.policy +160 -0
  21. data/domains/domain1/config/sun-acc.xml +40 -0
  22. data/domains/domain1/config/wss-server-config-1.0.xml +86 -0
  23. data/domains/domain1/config/wss-server-config-2.0.xml +94 -0
  24. data/domains/domain1/docroot/favicon.gif +0 -0
  25. data/domains/domain1/docroot/index.html +87 -0
  26. data/domains/domain1/master-password +0 -0
  27. data/lib/appclient/appclientlogin.conf +10 -0
  28. data/lib/appclient/client.policy +79 -0
  29. data/lib/appclient/wss-client-config-1.0.xml +84 -0
  30. data/lib/appclient/wss-client-config-2.0.xml +96 -0
  31. data/lib/dtds/application-client_1_2.dtd +292 -0
  32. data/lib/dtds/application-client_1_3.dtd +506 -0
  33. data/lib/dtds/application_1_2.dtd +197 -0
  34. data/lib/dtds/application_1_3.dtd +312 -0
  35. data/lib/dtds/connector_1_0.dtd +561 -0
  36. data/lib/dtds/ejb-jar_1_1.dtd +894 -0
  37. data/lib/dtds/ejb-jar_2_0.dtd +1671 -0
  38. data/lib/dtds/sun-application-client-container_1_0.dtd +123 -0
  39. data/lib/dtds/sun-application-client-container_1_1.dtd +264 -0
  40. data/lib/dtds/sun-application-client-container_1_2.dtd +267 -0
  41. data/lib/dtds/sun-application-client_1_3-0.dtd +57 -0
  42. data/lib/dtds/sun-application-client_1_4-0.dtd +182 -0
  43. data/lib/dtds/sun-application-client_1_4-1.dtd +431 -0
  44. data/lib/dtds/sun-application-client_5_0-0.dtd +495 -0
  45. data/lib/dtds/sun-application_1_3-0.dtd +30 -0
  46. data/lib/dtds/sun-application_1_4-0.dtd +44 -0
  47. data/lib/dtds/sun-application_5_0-0.dtd +51 -0
  48. data/lib/dtds/sun-cmp-mapping_1_0.dtd +100 -0
  49. data/lib/dtds/sun-cmp-mapping_1_1.dtd +99 -0
  50. data/lib/dtds/sun-cmp-mapping_1_2.dtd +106 -0
  51. data/lib/dtds/sun-connector_1_0-0.dtd +66 -0
  52. data/lib/dtds/sun-connector_1_5-0.dtd +62 -0
  53. data/lib/dtds/sun-domain_1_0.dtd +2007 -0
  54. data/lib/dtds/sun-domain_1_1.dtd +3080 -0
  55. data/lib/dtds/sun-domain_1_2.dtd +3697 -0
  56. data/lib/dtds/sun-domain_1_3.dtd +3867 -0
  57. data/lib/dtds/sun-ejb-jar_2_0-0.dtd +449 -0
  58. data/lib/dtds/sun-ejb-jar_2_0-1.dtd +454 -0
  59. data/lib/dtds/sun-ejb-jar_2_1-0.dtd +756 -0
  60. data/lib/dtds/sun-ejb-jar_2_1-1.dtd +1085 -0
  61. data/lib/dtds/sun-ejb-jar_3_0-0.dtd +1113 -0
  62. data/lib/dtds/sun-loadbalancer_1_0.dtd +156 -0
  63. data/lib/dtds/sun-loadbalancer_1_1.dtd +172 -0
  64. data/lib/dtds/sun-resources_1_0.dtd +650 -0
  65. data/lib/dtds/sun-resources_1_1.dtd +650 -0
  66. data/lib/dtds/sun-resources_1_2.dtd +662 -0
  67. data/lib/dtds/sun-resources_1_3.dtd +732 -0
  68. data/lib/dtds/sun-server_1_0.dtd +1056 -0
  69. data/lib/dtds/sun-web-app_2_3-0.dtd +230 -0
  70. data/lib/dtds/sun-web-app_2_3-1.dtd +230 -0
  71. data/lib/dtds/sun-web-app_2_4-0.dtd +466 -0
  72. data/lib/dtds/sun-web-app_2_4-1.dtd +742 -0
  73. data/lib/dtds/sun-web-app_2_5-0.dtd +789 -0
  74. data/lib/dtds/web-app_2_2.dtd +639 -0
  75. data/lib/dtds/web-app_2_3.dtd +1063 -0
  76. data/lib/dtds/web-jsptaglibrary_1_1.dtd +265 -0
  77. data/lib/dtds/web-jsptaglibrary_1_2.dtd +468 -0
  78. data/lib/package-appclient.xml +185 -0
  79. data/lib/processLauncher.properties +25 -0
  80. data/lib/processLauncher.xml +189 -0
  81. data/lib/schemas/XMLSchema.dtd +402 -0
  82. data/lib/schemas/application-client_1_4.xsd +267 -0
  83. data/lib/schemas/application-client_5.xsd +304 -0
  84. data/lib/schemas/application_1_4.xsd +315 -0
  85. data/lib/schemas/application_5.xsd +336 -0
  86. data/lib/schemas/connector_1_5.xsd +1036 -0
  87. data/lib/schemas/datatypes.dtd +203 -0
  88. data/lib/schemas/ejb-jar_2_1.xsd +2208 -0
  89. data/lib/schemas/ejb-jar_3_0.xsd +2706 -0
  90. data/lib/schemas/j2ee_1_4.xsd +1608 -0
  91. data/lib/schemas/j2ee_jaxrpc_mapping_1_1.xsd +886 -0
  92. data/lib/schemas/j2ee_web_services_1_1.xsd +491 -0
  93. data/lib/schemas/j2ee_web_services_client_1_1.xsd +345 -0
  94. data/lib/schemas/javaee_5.xsd +2096 -0
  95. data/lib/schemas/javaee_web_services_1_2.xsd +747 -0
  96. data/lib/schemas/javaee_web_services_client_1_2.xsd +578 -0
  97. data/lib/schemas/jax-rpc-ri-config.xsd +416 -0
  98. data/lib/schemas/jsp_2_0.xsd +308 -0
  99. data/lib/schemas/jsp_2_1.xsd +343 -0
  100. data/lib/schemas/orm_1_0.xsd +1516 -0
  101. data/lib/schemas/persistence_1_0.xsd +260 -0
  102. data/lib/schemas/web-app_2_4.xsd +1234 -0
  103. data/lib/schemas/web-app_2_5.xsd +1271 -0
  104. data/lib/schemas/web-jsptaglibrary_2_0.xsd +1010 -0
  105. data/lib/schemas/web-jsptaglibrary_2_1.xsd +1144 -0
  106. data/lib/schemas/xml.xsd +82 -0
  107. data/modules/admin-cli-10.0-SNAPSHOT.jar +0 -0
  108. data/modules/auto-depends-0.2-SNAPSHOT.jar +0 -0
  109. data/modules/cli-framework-10.0-SNAPSHOT.jar +0 -0
  110. data/modules/common-ee-util-10.0-SNAPSHOT.jar +0 -0
  111. data/modules/common-util-10.0-SNAPSHOT.jar +0 -0
  112. data/modules/config-0.2-SNAPSHOT.jar +0 -0
  113. data/modules/config-api-10.0-SNAPSHOT.jar +0 -0
  114. data/modules/gf-jruby-connector-10.0-SNAPSHOT.jar +0 -0
  115. data/modules/glassfish-10.0-SNAPSHOT.jar +0 -0
  116. data/modules/glassfish-api-10.0-SNAPSHOT.jar +0 -0
  117. data/modules/glassfish.rb +10 -0
  118. data/modules/grizzly-framework-1.7.1.jar +0 -0
  119. data/modules/grizzly-http-1.7.1.jar +0 -0
  120. data/modules/grizzly-http-utils-1.7.1.jar +0 -0
  121. data/modules/grizzly-jruby-1.7.0.jar +0 -0
  122. data/modules/grizzly-jruby-module-1.7.0.jar +0 -0
  123. data/modules/grizzly-module-1.7.1.jar +0 -0
  124. data/modules/grizzly-portunif-1.7.1.jar +0 -0
  125. data/modules/grizzly-rcm-1.7.1.jar +0 -0
  126. data/modules/hk2-0.2-SNAPSHOT.jar +0 -0
  127. data/modules/hk2-core-0.2-SNAPSHOT.jar +0 -0
  128. data/modules/junit-4.3.1.jar +0 -0
  129. data/modules/kernel-10.0-SNAPSHOT.jar +0 -0
  130. data/modules/persistence-api-1.0b.jar +0 -0
  131. data/modules/servlet-api-2.5.jar +0 -0
  132. data/modules/sjsxp-1.0.jar +0 -0
  133. data/modules/stax-api-1.0-2.jar +0 -0
  134. data/modules/tiger-types-1.0.jar +0 -0
  135. metadata +206 -0
@@ -0,0 +1,3080 @@
1
+ <?xml version="1.0" encoding="UTF-8"?>
2
+ <!--
3
+ XML DTD for Sun Java System Application Server Configuration.
4
+
5
+ Copyright (c) 2002 by Sun Microsystems, Inc. All Rights Reserved.
6
+ -->
7
+ <!-- ENTITIES -->
8
+ <!-- boolean
9
+
10
+ Used in:
11
+ access-log, admin-object-resource, appclient-module,
12
+ application-ref, availability-service, config,
13
+ connector-connection-pool, connector-module, connector-resource,
14
+ custom-resource, das-config, ejb-container-availability,
15
+ ejb-module, external-jndi-resource, http-access-log,
16
+ http-file-cache, http-listener, http-protocol, iiop-listener,
17
+ iiop-service, j2ee-application, java-config,
18
+ jdbc-connection-pool, jdbc-resource, jms-service, jmx-connector,
19
+ lb-config, lifecycle-module, log-service, mail-resource,
20
+ node-agent, persistence-manager-factory-resource, profiler,
21
+ resource-ref, security-service, server-ref, ssl,
22
+ transaction-service, web-container-availability, web-module
23
+ -->
24
+ <!ENTITY % boolean "(yes | no | on | off | 1 | 0 | true | false)">
25
+
26
+ <!-- isolation
27
+
28
+ Used in:
29
+ jdbc-connection-pool
30
+ -->
31
+ <!ENTITY % isolation
32
+ "(read-uncommitted | read-committed | repeatable-read | serializable)">
33
+
34
+
35
+ <!-- validation-level
36
+
37
+ Used in:
38
+ das-config
39
+ -->
40
+ <!ENTITY % validation-level "(full | parsing | none)">
41
+
42
+ <!-- object-type
43
+ defines the type of the resource. It can be:
44
+ system-all
45
+ These are system resources for all instances and DAS
46
+ system-admin
47
+ These are system resources only in DAS
48
+ system-instance
49
+ These are system resources only in instances (and not DAS)
50
+ user
51
+ User resources (This is the default for all elements)
52
+
53
+ Used in:
54
+ admin-object-resource, connector-module, connector-resource,
55
+ custom-resource, ejb-module, external-jndi-resource,
56
+ j2ee-application, jdbc-resource, mail-resource,
57
+ persistence-manager-factory-resource, resource-adapter-config,
58
+ web-module
59
+ -->
60
+ <!ENTITY % object-type "(system-all | system-admin | system-instance | user)">
61
+
62
+ <!-- rjmx-protocol
63
+ SE/EE related ENTITIES: This will define the available JSR 160
64
+ connector transport protocols.
65
+
66
+ Used in:
67
+ jmx-connector
68
+ -->
69
+ <!ENTITY % rjmx-protocol "(rmi_jrmp | rmi_iiop | jmxmp)">
70
+
71
+ <!-- monitoring-level
72
+ monitoring-level controls the amount of monitoring data collected
73
+ and exposed to clients
74
+ OFF
75
+ no monitoring/statistical data is exposed to the clients.
76
+ LOW
77
+ SE/EE only
78
+ HIGH
79
+ maximum data is gathered and released.
80
+
81
+ Used in:
82
+ module-monitoring-levels
83
+ -->
84
+ <!ENTITY % monitoring-level "(OFF | LOW | HIGH)">
85
+
86
+ <!-- persistence-type
87
+ SE/EE related ENTITIES
88
+
89
+ Used in:
90
+ web-container-availability
91
+ -->
92
+ <!ENTITY % persistence-type "(memory | file | ha)">
93
+
94
+ <!-- session-save-frequency
95
+
96
+ Used in:
97
+ web-container-availability
98
+ -->
99
+ <!ENTITY % session-save-frequency "(web-method | time-based | on-demand)">
100
+
101
+ <!-- session-save-scope
102
+
103
+ Used in:
104
+ web-container-availability
105
+ -->
106
+ <!ENTITY % session-save-scope
107
+ "(session | modified-session | modified-attribute)">
108
+
109
+
110
+ <!-- sfsb-persistence-type
111
+
112
+ Used in:
113
+ ejb-container-availability
114
+ -->
115
+ <!ENTITY % sfsb-persistence-type "(file | ha)">
116
+
117
+ <!-- message-layer
118
+
119
+ Used in:
120
+ message-security-config
121
+ -->
122
+ <!ENTITY % message-layer "(SOAP)">
123
+
124
+ <!-- log-level
125
+ Configure the Log Levels for Various Loggers in the SUN ONE
126
+ Modules. The Default level is set to INFO, The log levels can be
127
+ changed using one of the seven levels. Please refer JSR 047 to
128
+ understand the Log Levels.
129
+
130
+ The Logs can be completely turned off by using 'OFF' value. The names of
131
+ the module loggers are self-explanatory
132
+
133
+
134
+ Used in:
135
+ module-log-levels
136
+ -->
137
+ <!ENTITY % log-level
138
+ "(FINEST | FINER | FINE | CONFIG | INFO | WARNING | SEVERE | OFF)">
139
+
140
+
141
+ <!-- ELEMENTS -->
142
+
143
+ <!-- domain
144
+ Top level Domain Element that includes applications, resources,
145
+ configs, servers, clusters and node-agents, load balancer
146
+ configurations and load balancers. node-agents and load balancers
147
+ are SE/EE related entities only.
148
+
149
+ attributes
150
+ application-root
151
+ for PE this defines the location where applications are
152
+ deployed
153
+ locale
154
+ If present, overrides OS locale setting.
155
+ log-root
156
+ specifies where the server instance's log files are kept,
157
+ including HTTP access logs, server logs, and transaction
158
+ logs. Default is $INSTANCE-ROOT/logs
159
+ -->
160
+ <!ELEMENT domain
161
+ (applications?, resources?, configs, servers, clusters?, node-agents?,
162
+ lb-configs?, system-property*, property*)>
163
+
164
+
165
+ <!ATTLIST domain
166
+ application-root CDATA #IMPLIED
167
+ log-root CDATA #IMPLIED
168
+ locale CDATA #IMPLIED>
169
+
170
+
171
+ <!-- configs
172
+
173
+ Used in:
174
+ domain
175
+ -->
176
+ <!ELEMENT configs (config+)>
177
+
178
+
179
+ <!-- servers
180
+
181
+ Used in:
182
+ domain
183
+ -->
184
+ <!ELEMENT servers (server*)>
185
+
186
+
187
+ <!-- clusters
188
+
189
+ Used in:
190
+ domain
191
+ -->
192
+ <!ELEMENT clusters (cluster*)>
193
+
194
+
195
+ <!-- node-agents
196
+
197
+ Used in:
198
+ domain
199
+ -->
200
+ <!ELEMENT node-agents (node-agent*)>
201
+
202
+
203
+ <!-- lb-configs
204
+
205
+ Used in:
206
+ domain
207
+ -->
208
+ <!ELEMENT lb-configs (lb-config*)>
209
+
210
+
211
+ <!-- applications
212
+ Various types of applications that can be deployed on Sun ONE
213
+ Application Server instance
214
+
215
+ Used in:
216
+ domain
217
+ -->
218
+ <!ELEMENT applications
219
+ ((lifecycle-module | j2ee-application | ejb-module | web-module |
220
+ connector-module | appclient-module)*)>
221
+
222
+
223
+
224
+ <!-- lifecycle-module
225
+
226
+ attributes
227
+ class-name
228
+ fully qualified name of the startup class.
229
+ classpath
230
+ where this module is actually located, if it is not under
231
+ applications-root
232
+ enabled
233
+ boolean attribute. If set to "false" this module will not be
234
+ loaded at server start up.
235
+ is-failure-fatal
236
+ if true, aborts server start up if this module does not load
237
+ properly.
238
+ load-order
239
+ integer value that can be used to force the order in which
240
+ deployed lifecycle modules are loaded at server start up.
241
+ Smaller numbered modules get loaded sooner. Order is
242
+ unspecified if two or more lifecycle modules have the same
243
+ load-order value.
244
+ name
245
+ unqiue identifier for the deployed server lifecycle event
246
+ listener module.
247
+
248
+ Used in:
249
+ applications
250
+ -->
251
+ <!ELEMENT lifecycle-module (description?, property*)>
252
+
253
+ <!ATTLIST lifecycle-module
254
+ name CDATA #REQUIRED
255
+ class-name CDATA #REQUIRED
256
+ classpath CDATA #IMPLIED
257
+ load-order CDATA #IMPLIED
258
+ is-failure-fatal %boolean; "false"
259
+ enabled %boolean; "true">
260
+
261
+
262
+ <!-- j2ee-application
263
+
264
+ attributes
265
+ availability-enabled
266
+ This boolean flag controls whether availability is enabled
267
+ for SFSB checkpointing (and potentially passivation). If this
268
+ is "false", then all SFSB checkpointing is disabled for
269
+ either the given j2ee app or the given ejb module. If it is
270
+ "true" (and providing that all the availability-enabled
271
+ attributes above in precedence are also "true", then the j2ee
272
+ app or stand-alone ejb modules may be ha enabled.
273
+ Finer-grained control exists at lower level inside each bean.
274
+ If this attribute is missing, it defaults to "false".
275
+ directory-deployed
276
+ This attribute indicates whether the application has been
277
+ deployed to a directory or not
278
+
279
+ Used in:
280
+ applications
281
+ -->
282
+ <!ELEMENT j2ee-application (description?)>
283
+
284
+ <!ATTLIST j2ee-application
285
+ name CDATA #REQUIRED
286
+ location CDATA #REQUIRED
287
+ object-type %object-type; "user"
288
+ enabled %boolean; "true"
289
+ availability-enabled %boolean; "false"
290
+ directory-deployed %boolean; "false">
291
+
292
+
293
+ <!-- ejb-module
294
+
295
+ attributes
296
+ availability-enabled
297
+ This boolean flag controls whether availability is enabled
298
+ for SFSB checkpointing (and potentially passivation). If this
299
+ is "false", then all SFSB checkpointing is disabled for
300
+ either the given j2ee app or the given ejb module. If it is
301
+ "true" (and providing that all the availability-enabled
302
+ attributes above in precedence are also "true", then the j2ee
303
+ app or stand-alone ejb modules may be ha enabled.
304
+ Finer-grained control exists at lower level inside each bean.
305
+ If this attribute is missing, it defaults to "false".
306
+ directory-deployed
307
+ This attribute indicates whether the application has been
308
+ deployed to a directory or not
309
+
310
+ Used in:
311
+ applications
312
+ -->
313
+ <!ELEMENT ejb-module (description?)>
314
+
315
+ <!ATTLIST ejb-module
316
+ name CDATA #REQUIRED
317
+ location CDATA #REQUIRED
318
+ object-type %object-type; "user"
319
+ enabled %boolean; "true"
320
+ availability-enabled %boolean; "false"
321
+ directory-deployed %boolean; "false">
322
+
323
+
324
+ <!-- web-module
325
+
326
+ attributes
327
+ availability-enabled
328
+ This boolean flag controls whether availability is enabled
329
+ for HTTP Session Persistence. If this is "false", then all
330
+ session persistence is disabled for the given web module. If
331
+ it is "true" (and providing that all the availability-enabled
332
+ attributes above in precedence are also "true", then the web
333
+ module may be ha enabled. Finer-grained control exists at
334
+ lower level (see sun-web.xml). If this attribute is missing,
335
+ it defaults to "false".
336
+ context-root
337
+ context-root must match the pattern for the hpath production
338
+ in RFC 1738 which can be found at:
339
+ http://www.w3.org/Addressing/rfc1738.txt. This is flattened
340
+ to the following regular expression in XML Schema's pattern
341
+ language:
342
+ ([a-zA-Z0-9$\-_.+!*'(),]|%[0-9A-Fa-f][0-9A-Fa-f]|;|:|&|=)*(/([
343
+ -zA-Z0-9$\-_.+!*'(),]|%[0-9A-Fa-f][0-9A-Fa-f]|;|:|&|=)*)*
344
+ Note that this includes the null or empty context root and
345
+ permits but does not require a context root to start with the
346
+ '/' character (including a context root which is simply the
347
+ '/' character).
348
+ directory-deployed
349
+ This attribute indicates whether the application has been
350
+ deployed to a directory or not
351
+
352
+ Used in:
353
+ applications
354
+ -->
355
+ <!ELEMENT web-module (description?)>
356
+
357
+ <!ATTLIST web-module
358
+ name CDATA #REQUIRED
359
+ context-root CDATA #REQUIRED
360
+ location CDATA #REQUIRED
361
+ object-type %object-type; "user"
362
+ enabled %boolean; "true"
363
+ availability-enabled %boolean; "false"
364
+ directory-deployed %boolean; "false">
365
+
366
+
367
+ <!-- connector-module
368
+
369
+ Used in:
370
+ applications
371
+ -->
372
+ <!ELEMENT connector-module (description?)>
373
+
374
+ <!ATTLIST connector-module
375
+ name CDATA #REQUIRED
376
+ location CDATA #REQUIRED
377
+ object-type %object-type; "user"
378
+ enabled %boolean; "true"
379
+ directory-deployed %boolean; "false">
380
+
381
+
382
+ <!-- appclient-module
383
+
384
+ Used in:
385
+ applications
386
+ -->
387
+ <!ELEMENT appclient-module (description?)>
388
+
389
+ <!ATTLIST appclient-module
390
+ name CDATA #REQUIRED
391
+ location CDATA #REQUIRED
392
+ directory-deployed %boolean; "false">
393
+
394
+
395
+ <!-- resources
396
+ J2EE Applications look up resources registered with the
397
+ Application server, using portable JNDI names.
398
+
399
+ Used in:
400
+ domain
401
+ -->
402
+ <!ELEMENT resources
403
+ ((custom-resource | external-jndi-resource | jdbc-resource | mail-resource
404
+ | persistence-manager-factory-resource | admin-object-resource |
405
+ connector-resource | resource-adapter-config | jdbc-connection-pool |
406
+ connector-connection-pool)*)>
407
+
408
+
409
+
410
+ <!-- description
411
+ Textual description of a configured entity
412
+
413
+ Used in:
414
+ admin-object-resource, appclient-module,
415
+ connector-connection-pool, connector-module, connector-resource,
416
+ custom-resource, ejb-module, external-jndi-resource,
417
+ j2ee-application, jdbc-connection-pool, jdbc-resource,
418
+ lifecycle-module, mail-resource,
419
+ persistence-manager-factory-resource, property, system-property,
420
+ web-module
421
+ -->
422
+ <!ELEMENT description (#PCDATA)>
423
+
424
+
425
+ <!-- custom-resource
426
+ custom (or generic) resource managed by a user-written factory
427
+ class.
428
+
429
+ attributes
430
+ jndi-name
431
+ JNDI name for generic resource, the fully qualified type of
432
+ the resource and whether it is enabled at runtime
433
+
434
+ Used in:
435
+ resources
436
+ -->
437
+ <!ELEMENT custom-resource (description?, property*)>
438
+
439
+ <!ATTLIST custom-resource
440
+ jndi-name CDATA #REQUIRED
441
+ res-type CDATA #REQUIRED
442
+ factory-class CDATA #REQUIRED
443
+ object-type %object-type; "user"
444
+ enabled %boolean; "true">
445
+
446
+
447
+ <!-- external-jndi-resource
448
+ resource residing in an external JNDI repository
449
+
450
+ Used in:
451
+ resources
452
+ -->
453
+ <!ELEMENT external-jndi-resource (description?, property*)>
454
+
455
+ <!ATTLIST external-jndi-resource
456
+ jndi-name CDATA #REQUIRED
457
+ jndi-lookup-name CDATA #REQUIRED
458
+ res-type CDATA #REQUIRED
459
+ factory-class CDATA #REQUIRED
460
+ object-type %object-type; "user"
461
+ enabled %boolean; "true">
462
+
463
+
464
+ <!-- jdbc-resource
465
+ JDBC javax.sql.(XA)DataSource resource definition
466
+
467
+ Used in:
468
+ resources
469
+ -->
470
+ <!ELEMENT jdbc-resource (description?, property*)>
471
+
472
+ <!ATTLIST jdbc-resource
473
+ jndi-name CDATA #REQUIRED
474
+ pool-name CDATA #REQUIRED
475
+ object-type %object-type; "user"
476
+ enabled %boolean; "true">
477
+
478
+
479
+ <!-- mail-resource
480
+ The mail-resource element describes a javax.mail.Session resource
481
+
482
+ attributes
483
+ host
484
+ ip V6 or V4 address or hostname.
485
+
486
+ Used in:
487
+ resources
488
+ -->
489
+ <!ELEMENT mail-resource (description?, property*)>
490
+
491
+ <!ATTLIST mail-resource
492
+ jndi-name CDATA #REQUIRED
493
+ store-protocol CDATA "imap"
494
+ store-protocol-class CDATA "com.sun.mail.imap.IMAPStore"
495
+ transport-protocol CDATA "smtp"
496
+ transport-protocol-class CDATA "com.sun.mail.smtp.SMTPTransport"
497
+ host CDATA #REQUIRED
498
+ user CDATA #REQUIRED
499
+ from CDATA #REQUIRED
500
+ debug %boolean; "false"
501
+ object-type %object-type; "user"
502
+ enabled %boolean; "true">
503
+
504
+
505
+ <!-- persistence-manager-factory-resource
506
+ Persistence Manager runtime configuration.
507
+
508
+ attributes
509
+ factory-class
510
+ Class that creates persistence manager instance.
511
+ jdbc-resource-jndi-name
512
+ jdbc resource with which database connections are obtained.
513
+ jndi-name
514
+ JNDI name for this resource
515
+
516
+ Used in:
517
+ resources
518
+ -->
519
+ <!ELEMENT persistence-manager-factory-resource (description?, property*)>
520
+
521
+ <!ATTLIST persistence-manager-factory-resource
522
+ jndi-name CDATA #REQUIRED
523
+ factory-class CDATA "com.sun.jdo.spi.persistence.support.sqlstore.impl.PersistenceManagerFactoryImpl"
524
+ jdbc-resource-jndi-name CDATA #IMPLIED
525
+ object-type %object-type; "user"
526
+ enabled %boolean; "true">
527
+
528
+
529
+ <!-- admin-object-resource
530
+ The admin-object-resource element describes a administered object
531
+ for a inbound resource adapter.
532
+
533
+ attributes
534
+ jndi-name
535
+ JNDI name for this resource
536
+ res-adapter
537
+ Name of the inbound resource adapter.
538
+ res-type
539
+ Interface definition for the administered object
540
+
541
+ Used in:
542
+ resources
543
+ -->
544
+ <!ELEMENT admin-object-resource (description?, property*)>
545
+
546
+ <!ATTLIST admin-object-resource
547
+ jndi-name CDATA #REQUIRED
548
+ res-type CDATA #REQUIRED
549
+ res-adapter CDATA #REQUIRED
550
+ object-type %object-type; "user"
551
+ enabled %boolean; "true">
552
+
553
+
554
+ <!-- connector-resource
555
+
556
+ Used in:
557
+ resources
558
+ -->
559
+ <!ELEMENT connector-resource (description?, property*)>
560
+
561
+ <!ATTLIST connector-resource
562
+ jndi-name CDATA #REQUIRED
563
+ pool-name CDATA #REQUIRED
564
+ object-type %object-type; "user"
565
+ enabled %boolean; "true">
566
+
567
+
568
+ <!-- resource-adapter-config
569
+ This element is for configuring the resource adapter. These
570
+ values (properties) over-rides the default values present in
571
+ ra.xml. The name attribute has to be unique . It is optional for
572
+ PE. It is used mainly for EE.
573
+
574
+ Used in:
575
+ resources
576
+ -->
577
+ <!ELEMENT resource-adapter-config (property*)>
578
+
579
+ <!ATTLIST resource-adapter-config
580
+ name CDATA #IMPLIED
581
+ thread-pool-ids CDATA #IMPLIED
582
+ object-type %object-type; "user"
583
+ resource-adapter-name CDATA #REQUIRED>
584
+
585
+
586
+ <!-- config
587
+ The configuration defines the configuration of a server instance
588
+ that can be shared by other server instances. The
589
+ availability-service and are SE/EE only.
590
+
591
+ attributes
592
+ dynamic-reconfiguration-enabled
593
+ When set to "true" then any changes to the system (e.g.
594
+ applications deployed, resources created) will be
595
+ automatically applied to the affected servers without a
596
+ restart being required. When set to "false" such changes will
597
+ only be picked up by the affected servers when each server
598
+ restarts.
599
+
600
+ Used in:
601
+ configs
602
+ -->
603
+ <!ELEMENT config
604
+ (http-service, iiop-service, admin-service, connector-service?,
605
+ web-container, ejb-container, mdb-container, jms-service?, log-service,
606
+ security-service, transaction-service, monitoring-service, java-config,
607
+ availability-service?, thread-pools, alert-service?, system-property*,
608
+ property*)>
609
+
610
+
611
+ <!ATTLIST config
612
+ name CDATA #REQUIRED
613
+ dynamic-reconfiguration-enabled %boolean; "true">
614
+
615
+
616
+ <!-- alert-service
617
+ The Alert service provides a mechanism for users to register for
618
+ and receive alerts. The alert service collects together a set of
619
+ alert subscriptions
620
+
621
+ Used in:
622
+ config
623
+ -->
624
+ <!ELEMENT alert-service (alert-subscription*, property*)>
625
+
626
+
627
+ <!-- alert-subscription
628
+ alert subscription details a specific subscription. The
629
+ subscription comprises the configuration of a specific listener,
630
+ and a filter to be applied.
631
+
632
+ attributes
633
+ name
634
+ The unique name identifying a particular alert service.
635
+
636
+ Used in:
637
+ alert-service
638
+ -->
639
+ <!ELEMENT alert-subscription (listener-config, filter-config?)>
640
+
641
+ <!ATTLIST alert-subscription
642
+ name CDATA #REQUIRED>
643
+
644
+
645
+ <!-- listener-config
646
+ connects a specific listener class with specific managed objects
647
+
648
+ attributes
649
+ listener-class-name
650
+ The name of a class that can act as a listener for alerts.
651
+ Non-empty string containing a Java class name.
652
+ subscribe-listener-with
653
+ A list of managed object names that the listener should be
654
+ subscribed to. A non-empty, comma separated list.
655
+
656
+ Used in:
657
+ alert-subscription
658
+ -->
659
+ <!ELEMENT listener-config (property*)>
660
+
661
+ <!ATTLIST listener-config
662
+ listener-class-name CDATA #REQUIRED
663
+ subscribe-listener-with CDATA #REQUIRED>
664
+
665
+
666
+ <!-- filter-config
667
+ filter-config provides the means of specifying a filter to be
668
+ applied to alerts
669
+
670
+ attributes
671
+ filter-class-name
672
+ The name of a class that can act as a filter. Non-empty
673
+ string containing a Java class name.
674
+
675
+ Used in:
676
+ alert-subscription
677
+ -->
678
+ <!ELEMENT filter-config (property*)>
679
+
680
+ <!ATTLIST filter-config
681
+ filter-class-name CDATA #REQUIRED>
682
+
683
+
684
+ <!-- http-service
685
+
686
+ Used in:
687
+ config
688
+ -->
689
+ <!ELEMENT http-service
690
+ (access-log?, http-listener+, virtual-server+, request-processing?,
691
+ keep-alive?, connection-pool?, http-protocol?, http-file-cache?,
692
+ property*)>
693
+
694
+
695
+
696
+ <!-- access-log
697
+
698
+ attributes
699
+ format
700
+ The global format for the access log rotation-policy The
701
+ policy based on which the log rotation would be done . At
702
+ this time only time based rotation is enabled.
703
+ rotation-enabled
704
+ The flag for enabling the access-log rotation
705
+ rotation-interval-in-minutes
706
+ The time interval in minutes between two successive rotations
707
+ of the access logs.
708
+ rotation-suffix
709
+ The suffix to be added to the access-log name after rotation.
710
+
711
+ Used in:
712
+ http-service
713
+ -->
714
+ <!ELEMENT access-log EMPTY>
715
+
716
+ <!ATTLIST access-log
717
+ format CDATA "%client.name% %auth-user-name% %datetime% %request% %status% %response.length%"
718
+ rotation-policy (time) "time"
719
+ rotation-interval-in-minutes CDATA "1440"
720
+ rotation-suffix CDATA "%YYYY;%MM;%DD;-%hh;h%mm;m%ss;s"
721
+ rotation-enabled %boolean; "true">
722
+
723
+
724
+ <!-- http-listener
725
+
726
+ attributes
727
+ acceptor-threads
728
+ Number of acceptor threads for the listen socket. The
729
+ recommended value is the number of processors in the machine.
730
+ address
731
+ IP address of the listen socket. Can be in dotted-pair or
732
+ IPv6 notation. Can also be any for INADDR-ANY. Configuring a
733
+ listen socket to listen on any is required if more than one
734
+ http-listener is configured to it.
735
+ blocking-enabled
736
+ Enables blocking for the listen and external ports.
737
+ default-virtual-server
738
+ The id attribute of the default virtual server for this
739
+ particular connection group.
740
+ external-port
741
+ The port at which the user makes a request , typically a
742
+ proxy server port.
743
+ family
744
+ Specified the family of addresses either inet or ncsa
745
+ id
746
+ Unique identifier for http listener.
747
+ port
748
+ Port number to create the listen socket on. Legal values are
749
+ 1 - 65535. On Unix, creating sockets that listen on ports 1 -
750
+ 1024 requires superuser privileges. Configuring an SSL listen
751
+ socket to listen on port 443 is recommended.
752
+ redirect-port
753
+ if the connector is supporting non-SSL requests and a request
754
+ is received for which a matching security-constraint requires
755
+ SSL transport catalina will automatically redirect the
756
+ request to the port number specified here
757
+ security-enabled
758
+ Determines whether the http listener runs SSL. You can turn
759
+ SSL2 or SSL3 on or off and set ciphers using an ssl element.
760
+ The enable-ssl in the protocol element should be set to true
761
+ for this setting to work.
762
+ server-name
763
+ Tells the server what to put in the host name section of any
764
+ URLs it sends to the client. This affects URLs the server
765
+ automatically generates; it doesnt affect the URLs for
766
+ directories and files stored in the server. This name should
767
+ be the alias name if your server uses an alias. If you append
768
+ a colon and port number, that port will be used in URLs the
769
+ server sends to the client.
770
+ xpowered-by
771
+ The Servlet 2.4 spec defines a special X-Powered-By:
772
+ Servlet/2.4 header, which containers may add to
773
+ servlet-generated responses. This is complemented by the JSP
774
+ 2.0 spec, which defines a X-Powered-By: JSP/2.0 header to be
775
+ added (on an optional basis) to responses utilizing JSP
776
+ technology. The goal of these headers is to aid in gathering
777
+ statistical data about the use of Servlet and JSP technology.
778
+ If true, these headers will be added.
779
+
780
+ Used in:
781
+ http-service
782
+ -->
783
+ <!ELEMENT http-listener (ssl?, property*)>
784
+
785
+ <!ATTLIST http-listener
786
+ id CDATA #REQUIRED
787
+ address CDATA #REQUIRED
788
+ port CDATA #REQUIRED
789
+ external-port CDATA #IMPLIED
790
+ family (inet | ncsa) "inet"
791
+ blocking-enabled %boolean; "false"
792
+ acceptor-threads CDATA "10"
793
+ security-enabled %boolean; "false"
794
+ default-virtual-server CDATA #REQUIRED
795
+ server-name CDATA #REQUIRED
796
+ redirect-port CDATA #IMPLIED
797
+ xpowered-by %boolean; "true"
798
+ enabled %boolean; "true">
799
+
800
+
801
+ <!-- ssl
802
+ Define SSL processing parameters
803
+
804
+ attributes
805
+ cert-nickname
806
+ nickname of the server certificate in the certificate
807
+ database or the PKCS#11 token. In the certificate, the name
808
+ format is tokenname:nickname. Including the tokenname: part
809
+ of the name in this attribute is optional.
810
+ client-auth-enabled
811
+ Determines whether SSL3 client authentication is performed on
812
+ every request, independent of ACL-based access control.
813
+ ssl2-ciphers
814
+ A comma-separated list of the SSL2 ciphers used, with the
815
+ prefix + to enable or - to disable, for example +rc4. Allowed
816
+ values are rc4, rc4export, rc2, rc2export, idea, des,
817
+ desede3. If no value is specified, all supported ciphers are
818
+ assumed to be enabled. NOT Used in PE
819
+ ssl2-enabled
820
+ Determines whether SSL2 is enabled. NOT Used in PE. SSL2 is
821
+ not supported by either iiop or web-services. When this
822
+ element is used as a child of the iiop-listener element then
823
+ the only allowed value for this attribute is "false".
824
+ ssl3-enabled
825
+ Determines whether SSL3 is enabled.
826
+
827
+ If both SSL2 and SSL3 are enabled for a virtual server, the server
828
+ tries SSL3 encryption first. If that fails, the server tries SSL2
829
+ encryption.
830
+
831
+ ssl3-tls-ciphers
832
+ A comma-separated list of the SSL3 ciphers used, with the
833
+ prefix + to enable or - to disable, for example +rsa_des_sha.
834
+ Allowed SSL3 values are rsa_rc4_128_md5, rsa3des_sha,
835
+ rsa_des_sha, rsa_rc4_40_md5, rsa_rc2_40_md5, rsa_null_md5.
836
+ Allowed TLS values are rsa_des_56_sha, rsa_rc4_56_sha. If no
837
+ value is specified, all supported ciphers are assumed to be
838
+ enabled.
839
+ tls-enabled
840
+ Determines whether TLS is enabled.
841
+ tls-rollback-enabled
842
+ Determines whether TLS rollback is enabled. TLS rollback
843
+ should be enabled for Microsoft Internet Explorer 5.0 and
844
+ 5.5. NOT Used in PE
845
+
846
+ Used in:
847
+ http-listener, iiop-listener, jmx-connector, ssl-client-config
848
+ -->
849
+ <!ELEMENT ssl EMPTY>
850
+
851
+ <!ATTLIST ssl
852
+ cert-nickname CDATA #REQUIRED
853
+ ssl2-enabled %boolean; "false"
854
+ ssl2-ciphers CDATA #IMPLIED
855
+ ssl3-enabled %boolean; "true"
856
+ ssl3-tls-ciphers CDATA #IMPLIED
857
+ tls-enabled %boolean; "true"
858
+ tls-rollback-enabled %boolean; "true"
859
+ client-auth-enabled %boolean; "false">
860
+
861
+
862
+ <!-- virtual-server
863
+ Configuration of Virtual Server
864
+
865
+ Virtualization in Application Server allows multiple URL domains to be
866
+ served by the same HTTP server process, which is listening on multiple
867
+ host addresses If an application is available at two virtual servers, they
868
+ still share same physical resource pools, such as JDBC connection pools.
869
+
870
+ Sun ONE Application Server allows a list of virtual servers, to be
871
+ specified along with web-module and j2ee-application elements. This
872
+ establishes an association between URL domains, represented by the virtual
873
+ server and the web modules (standalone web modules or web modules inside
874
+ the ear file)
875
+
876
+
877
+ attributes
878
+ default-web-module
879
+ stand alone web module associated with this virtual server by
880
+ default.
881
+ docroot
882
+ The location on the filesystem where the files related to the
883
+ content to be served by this virtual server is stored.
884
+ hosts
885
+ A comma-separated list of values allowed in the Host request
886
+ header to select the current virtual server. Each Virtual
887
+ Server that is configured to the same Connection Group must
888
+ have a unique hosts value for that group.
889
+ http-listeners
890
+ A comma-separated list of http-listener id(s), Required only
891
+ for a Virtual Server that is not the default virtual server.
892
+ id
893
+ Virtual server ID. This is a unique ID that allows lookup of
894
+ a specific virtual server. A virtual server ID cannot begin
895
+ with a number.
896
+ log-file
897
+ Specifies a log file for virtual-server-specific log
898
+ messages. Default value is
899
+ ${com.sun.aas.instanceRoot}/logs/server.log
900
+ state
901
+ Determines whether a Virtual Server is active (on) or
902
+ inactive (off, disable). The default is on (active). When
903
+ inactive, a Virtual Server does not service requests.
904
+ off
905
+ returns a 404: Status code (404) indicating that the
906
+ requested resource is not available
907
+ disabled
908
+ returns a 403: Status code (403) indicating the server
909
+ understood the request but refused to fulfill it.
910
+
911
+ Used in:
912
+ http-service
913
+ -->
914
+ <!ELEMENT virtual-server (http-access-log?, property*)>
915
+
916
+ <!ATTLIST virtual-server
917
+ id CDATA #REQUIRED
918
+ http-listeners CDATA #IMPLIED
919
+ default-web-module CDATA #IMPLIED
920
+ hosts CDATA #REQUIRED
921
+ state (on | off | disabled) "on"
922
+ docroot CDATA #IMPLIED
923
+ log-file CDATA "${com.sun.aas.instanceRoot}/logs/server.log">
924
+
925
+
926
+ <!-- http-access-log
927
+
928
+ attributes
929
+ iponly
930
+ if the IP address of the user agent should be specified or a
931
+ DNL lookup should be done
932
+ log-directory
933
+ location of the access logs specified as a directory.This
934
+ defaults to the domain.log-root, which by default is
935
+ ${INSTANCE_ROOT}/logs. Hence the default value for this
936
+ attribute is ${INSTANCE_ROOT}/logs/access
937
+
938
+ Used in:
939
+ virtual-server
940
+ -->
941
+ <!ELEMENT http-access-log EMPTY>
942
+
943
+ <!ATTLIST http-access-log
944
+ log-directory CDATA "${com.sun.aas.instanceRoot}/logs/access"
945
+ iponly %boolean; "true">
946
+
947
+
948
+ <!-- request-processing
949
+ This element provides attributes to configure the request
950
+ processing subsystem in the HTTP service.
951
+
952
+ attributes
953
+ header-buffer-length-in-bytes
954
+ The size of the buffer used by the request processing threads
955
+ for reading the request data
956
+ initial-thread-count
957
+ The no of request processing threads when the http service is
958
+ initialized
959
+ request-timeout-in-seconds
960
+ Time after which the request times out
961
+ thread-count
962
+ Max no of request processing threads.
963
+ thread-increment
964
+ The increment in the no of request processing threads when
965
+ the no. of requests reaches the number specified by
966
+ request-threads-init
967
+
968
+ Used in:
969
+ http-service
970
+ -->
971
+ <!ELEMENT request-processing EMPTY>
972
+
973
+ <!ATTLIST request-processing
974
+ thread-count CDATA "128"
975
+ initial-thread-count CDATA "48"
976
+ thread-increment CDATA "10"
977
+ request-timeout-in-seconds CDATA "30"
978
+ header-buffer-length-in-bytes CDATA "4096">
979
+
980
+
981
+ <!-- keep-alive
982
+ Keep-alive subsystem configuration
983
+
984
+ attributes
985
+ max-connections
986
+ Max no of connection in the Keep Alive mode
987
+ thread-count
988
+ no of Keep Alive threads in the system
989
+ timeout-in-seconds
990
+ Keep Alive timeout , max time a connection can be deemed as
991
+ idle and kept in the keep-alive state
992
+
993
+ Used in:
994
+ http-service
995
+ -->
996
+ <!ELEMENT keep-alive EMPTY>
997
+
998
+ <!ATTLIST keep-alive
999
+ thread-count CDATA "1"
1000
+ max-connections CDATA "256"
1001
+ timeout-in-seconds CDATA "30">
1002
+
1003
+
1004
+ <!-- connection-pool
1005
+
1006
+ attributes
1007
+ max-pending-count
1008
+ Max no of pending connections on the listen socket
1009
+ queue-size-in-bytes
1010
+ Size in bytes of the Connection queue
1011
+ receive-buffer-size-in-bytes
1012
+ The buffer size of the receive buffer used by sockets.
1013
+ send-buffer-size-in-bytes
1014
+ The buffer size of the send buffer used by sockets.
1015
+
1016
+ Used in:
1017
+ http-service
1018
+ -->
1019
+ <!ELEMENT connection-pool EMPTY>
1020
+
1021
+ <!ATTLIST connection-pool
1022
+ queue-size-in-bytes CDATA "4096"
1023
+ max-pending-count CDATA "4096"
1024
+ receive-buffer-size-in-bytes CDATA "4096"
1025
+ send-buffer-size-in-bytes CDATA "8192">
1026
+
1027
+
1028
+ <!-- http-protocol
1029
+ HTTP Protocol related settings
1030
+
1031
+ attributes
1032
+ default-response-type
1033
+ Setting the default response-type. Specified as a semi-colon
1034
+ delimited string consisting of content-type, encoding,
1035
+ language, charset
1036
+ dns-lookup-enabled
1037
+ If the DNS name for a particular ip address from which the
1038
+ request originates needs to be looked up.
1039
+ forced-response-type
1040
+ The response type to be forced if the content served cannot
1041
+ be matched by any of the MIME mappings for extensions.
1042
+ Specified as a semi-colon delimited string consisting of
1043
+ content-type, encoding, language, charset
1044
+ ssl-enabled
1045
+ Globally enables SSL across the server
1046
+ version
1047
+ The version of the HTTP protocol used by the HTTP Service
1048
+
1049
+ Used in:
1050
+ http-service
1051
+ -->
1052
+ <!ELEMENT http-protocol EMPTY>
1053
+
1054
+ <!ATTLIST http-protocol
1055
+ version CDATA "HTTP/1.1"
1056
+ dns-lookup-enabled %boolean; "false"
1057
+ forced-response-type CDATA "text/html; charset=iso-8859-1"
1058
+ default-response-type CDATA "text/html; charset=iso-8859-1"
1059
+ ssl-enabled %boolean; "true">
1060
+
1061
+
1062
+ <!-- http-file-cache
1063
+
1064
+ attributes
1065
+ file-caching-enabled
1066
+ Enables the caching of file content if the file size is less
1067
+ than the one specified ny med-file-size-limit
1068
+ file-transmission-enabled
1069
+ This is valid on Windows only. Enables the TransmitFileSystem
1070
+ call.
1071
+ globally-enabled
1072
+ globally enables the file cache
1073
+ hash-init-size
1074
+ Initial no. of hash buckets.
1075
+ max-age-in-seconds
1076
+ Maximum age of a valid cache entry
1077
+ max-files-count
1078
+ Maximum no. of files in the file cache.
1079
+ medium-file-size-limit-in-bytes
1080
+ Maximum size of a cached file that can be stored as a memory
1081
+ mapped file.
1082
+ medium-file-space-in-bytes
1083
+ Total size of all files that are cached as memory mapped
1084
+ files.
1085
+ small-file-size-limit-in-bytes
1086
+ Maximum size of a file that can be read into memory.
1087
+ small-file-space-in-bytes
1088
+ Total size of the files that are read into memory.
1089
+
1090
+ Used in:
1091
+ http-service
1092
+ -->
1093
+ <!ELEMENT http-file-cache EMPTY>
1094
+
1095
+ <!ATTLIST http-file-cache
1096
+ globally-enabled %boolean; "true"
1097
+ file-caching-enabled %boolean; "on"
1098
+ max-age-in-seconds CDATA "30"
1099
+ medium-file-size-limit-in-bytes CDATA "537600"
1100
+ medium-file-space-in-bytes CDATA "10485760"
1101
+ small-file-size-limit-in-bytes CDATA "2048"
1102
+ small-file-space-in-bytes CDATA "1048576"
1103
+ file-transmission-enabled %boolean; "false"
1104
+ max-files-count CDATA "1024"
1105
+ hash-init-size CDATA "0">
1106
+
1107
+
1108
+ <!-- iiop-service
1109
+
1110
+ Used in:
1111
+ config
1112
+ -->
1113
+ <!ELEMENT iiop-service (orb, ssl-client-config?, iiop-listener*)>
1114
+
1115
+ <!ATTLIST iiop-service
1116
+ client-authentication-required %boolean; "false">
1117
+
1118
+
1119
+ <!-- orb
1120
+ Orb Configuration properties
1121
+
1122
+ attributes
1123
+ max-connections
1124
+ maximum number of incoming connections, on all listeners
1125
+ message-fragment-size
1126
+ GIOPv1.2 messages larger than this will get fragmented.
1127
+ Minimum value is 128.
1128
+ use-thread-pool-ids
1129
+ This would refer to the thread-pool-id(s) defined in the
1130
+ thread-pool sub-element of thread-pool-config element in
1131
+ server.xml. These would be the threadpool(s) used by the ORB.
1132
+ More than one thread-pool-id(s) could be specified by using
1133
+ commas to separate the names e.g. orb-thread-pool-1,
1134
+ orb-thread-pool-2
1135
+
1136
+ Used in:
1137
+ iiop-service
1138
+ -->
1139
+ <!ELEMENT orb (property*)>
1140
+
1141
+ <!ATTLIST orb
1142
+ use-thread-pool-ids CDATA #REQUIRED
1143
+ message-fragment-size CDATA "1024"
1144
+ max-connections CDATA "1024">
1145
+
1146
+
1147
+ <!-- ssl-client-config
1148
+ ssl-client-config element specifies the SSL configuration when
1149
+ the Application Server is making outbound IIOP/SSL connections.
1150
+
1151
+ Used in:
1152
+ iiop-service
1153
+ -->
1154
+ <!ELEMENT ssl-client-config (ssl)>
1155
+
1156
+
1157
+ <!-- iiop-listener
1158
+
1159
+ children
1160
+ ssl
1161
+ element specifies optional SSL configuration. Note that the
1162
+ ssl2 ciphers are not supported for iiop, and therefore must
1163
+ be disabled.
1164
+
1165
+ attributes
1166
+ address
1167
+ ip V6 or V4 address or hostname.
1168
+ enabled
1169
+ if false, a configured listener, is disabled
1170
+ id
1171
+ unique identifier for this listener.
1172
+ port
1173
+ port number
1174
+ security-enabled
1175
+ Determines whether the iiop listener runs SSL. You can turn
1176
+ SSL2 or SSL3 on or off and set ciphers using an ssl element
1177
+
1178
+ Used in:
1179
+ iiop-service
1180
+ -->
1181
+ <!ELEMENT iiop-listener (ssl?, property*)>
1182
+
1183
+ <!ATTLIST iiop-listener
1184
+ id CDATA #REQUIRED
1185
+ address CDATA #REQUIRED
1186
+ port CDATA "1072"
1187
+ security-enabled %boolean; "false"
1188
+ enabled %boolean; "true">
1189
+
1190
+
1191
+ <!-- admin-service
1192
+ Admin Service exists in every instance. It is the configuration
1193
+ for either a normal server, DAS or PE instance.
1194
+
1195
+ attributes
1196
+ type
1197
+ an instance can either be of type
1198
+ das
1199
+ Domain Administration Server in SE/EE or the PE instance
1200
+ das-and-server
1201
+ same as das
1202
+ server
1203
+ Any non-DAS instance in SE/EE. Not valid for PE.
1204
+
1205
+ Used in:
1206
+ config
1207
+ -->
1208
+ <!ELEMENT admin-service (jmx-connector*, das-config?, property*)>
1209
+
1210
+ <!ATTLIST admin-service
1211
+ type (das | das-and-server | server) "server"
1212
+ system-jmx-connector-name CDATA #IMPLIED>
1213
+
1214
+
1215
+ <!-- connector-service
1216
+ Configuration of the Connector Container. The attributes
1217
+ specified in the connector container would apply to all resource
1218
+ adapters deployed in this cluster/server-instance
1219
+
1220
+ attributes
1221
+ shutdown-timeout-in-seconds
1222
+ integer value (default 30 seconds). Represents the time-out,
1223
+ in seconds, that would be allowed by the application server,
1224
+ during shutdown, to call the ResourceAdapter.stop() method of
1225
+ this connector module's instance to complete.
1226
+
1227
+ Resource Adapters that take longer than the specified
1228
+ shutdown-timeout-in-seconds time interval would be ignored and the
1229
+ application server shutdown procedure would continue.
1230
+
1231
+
1232
+ Used in:
1233
+ config
1234
+ -->
1235
+ <!ELEMENT connector-service EMPTY>
1236
+
1237
+ <!ATTLIST connector-service
1238
+ shutdown-timeout-in-seconds CDATA "30">
1239
+
1240
+
1241
+ <!-- jmx-connector
1242
+ The jmx-connector element defines the configuration of a JSR 160
1243
+ compliant remote JMX Connector.
1244
+
1245
+ attributes
1246
+ accept-all
1247
+ Determines whether the connection can be made on all the
1248
+ network interfaces. A value of false implies that the
1249
+ connections only for this specific address will be selected.
1250
+ This attribute is ignored for SJS AS 8.1.
1251
+ address
1252
+ Specifies the IP address or host-name. Ignored for SJS AS 8.1.
1253
+ auth-realm-name
1254
+ The name of the auth-realm in this config element that
1255
+ represents the special administrative realm. All
1256
+ authentication (from administraive GUI and CLI) will be
1257
+ handled by this realm.
1258
+ enabled
1259
+ Defines if this connector is enabled. For EE this must be
1260
+ enabled.
1261
+ name
1262
+ name of jmx connector used for identification
1263
+ port
1264
+ Specifies the port of the jmx-connector-server. Note that
1265
+ jmx-service-uRL is a function of protocol, port and address
1266
+ as defined by the JSR 160 1.0 Specification.
1267
+ protocol
1268
+ Defines the protocol that this jmx-connector should support.
1269
+ Supported protocols are defined by Entity rjmx-protocol. SJS
1270
+ AS 8.1 PE/SE/EE supports "rmi_jrmp" protocol only. Other
1271
+ protocols can be used by user applications independently. For
1272
+ other protocols supported refer to documentation.
1273
+ security-enabled
1274
+ Decides whether the transport layer security be used in
1275
+ jmx-connector. If true, configure the ssl element.
1276
+
1277
+ Used in:
1278
+ admin-service, node-agent
1279
+ -->
1280
+ <!ELEMENT jmx-connector (ssl?, property*)>
1281
+
1282
+ <!ATTLIST jmx-connector
1283
+ name CDATA #REQUIRED
1284
+ enabled %boolean; "true"
1285
+ protocol %rjmx-protocol; "rmi_jrmp"
1286
+ address CDATA #REQUIRED
1287
+ port CDATA #REQUIRED
1288
+ accept-all %boolean; "false"
1289
+ auth-realm-name CDATA #REQUIRED
1290
+ security-enabled %boolean; "true">
1291
+
1292
+
1293
+ <!-- das-config
1294
+
1295
+ attributes
1296
+ admin-session-timeout-in-minutes
1297
+ timeout in minutes indicating the administration gui session
1298
+ timeout.
1299
+ autodeploy-dir
1300
+ The source directory (relative to instance root) from which
1301
+ autodeploy service will pick deployable components. You can
1302
+ also specify an absolute directory.
1303
+ autodeploy-enabled
1304
+ This will enable the autodeployment service. If true, the
1305
+ service will automatically starts with the admin-server. Auto
1306
+ Deployment is a feature that enables developers to quickly
1307
+ deploy applications and modules to a running application
1308
+ server withoutrequiring the developer to perform an explicit
1309
+ application server restart or separate deployment operation.
1310
+ autodeploy-jsp-precompilation-enabled
1311
+ If true, JSPs will be pre compiled during deployment of the
1312
+ war module(s).
1313
+ autodeploy-polling-interval-in-seconds
1314
+ The polling interval (in seconds), at the end of which
1315
+ autodeployment service will scan the source directory
1316
+ (specified by "autodeploy-dir" tag) for any new deployable
1317
+ component.
1318
+ autodeploy-verifier-enabled
1319
+ To enable/disable verifier, during auto-deployment. If true,
1320
+ verification will be done before any deployment activity. In
1321
+ the event of any verifier test failure, deployment is not
1322
+ performed.
1323
+ deploy-xml-validation
1324
+ specifies if descriptor validation is required or not.
1325
+
1326
+ full
1327
+ xml will be validated and in case of xml validation
1328
+ errors, deployment will fail.
1329
+ parsing
1330
+ xml errors will be reported but deployment process will
1331
+ continue.
1332
+ none
1333
+ no xml validation will be perfomed on the standard or
1334
+ runtime deployment descriptors.
1335
+
1336
+ dynamic-reload-enabled
1337
+ when true, server checks timestamp on a .reload file at every
1338
+ module and application directory level to trigger reload.
1339
+ polling frequency is controlled by
1340
+ reload-poll-interval-in-seconds
1341
+
1342
+ Used in:
1343
+ admin-service
1344
+ -->
1345
+ <!ELEMENT das-config (property*)>
1346
+
1347
+ <!ATTLIST das-config
1348
+ dynamic-reload-enabled %boolean; "false"
1349
+ dynamic-reload-poll-interval-in-seconds CDATA "2"
1350
+ autodeploy-enabled %boolean; "false"
1351
+ autodeploy-polling-interval-in-seconds CDATA "2"
1352
+ autodeploy-dir CDATA "autodeploy"
1353
+ autodeploy-verifier-enabled %boolean; "false"
1354
+ autodeploy-jsp-precompilation-enabled %boolean; "false"
1355
+ deploy-xml-validation %validation-level; "full"
1356
+ admin-session-timeout-in-minutes CDATA "60">
1357
+
1358
+
1359
+ <!-- web-container
1360
+
1361
+ Used in:
1362
+ config
1363
+ -->
1364
+ <!ELEMENT web-container (session-config?, property*)>
1365
+
1366
+
1367
+ <!-- session-config
1368
+
1369
+ Used in:
1370
+ web-container
1371
+ -->
1372
+ <!ELEMENT session-config (session-manager?, session-properties?)>
1373
+
1374
+
1375
+ <!-- session-manager
1376
+
1377
+ Used in:
1378
+ session-config
1379
+ -->
1380
+ <!ELEMENT session-manager (manager-properties?, store-properties?)>
1381
+
1382
+
1383
+ <!-- manager-properties
1384
+
1385
+ Used in:
1386
+ session-manager
1387
+ -->
1388
+ <!ELEMENT manager-properties (property*)>
1389
+
1390
+ <!ATTLIST manager-properties
1391
+ session-file-name CDATA #IMPLIED
1392
+ reap-interval-in-seconds CDATA #IMPLIED
1393
+ max-sessions CDATA #IMPLIED
1394
+ session-id-generator-classname CDATA #IMPLIED>
1395
+
1396
+
1397
+ <!-- store-properties
1398
+
1399
+ Used in:
1400
+ session-manager
1401
+ -->
1402
+ <!ELEMENT store-properties (property*)>
1403
+
1404
+ <!ATTLIST store-properties
1405
+ directory CDATA #IMPLIED
1406
+ reap-interval-in-seconds CDATA #IMPLIED>
1407
+
1408
+
1409
+ <!-- session-properties
1410
+
1411
+ Used in:
1412
+ session-config
1413
+ -->
1414
+ <!ELEMENT session-properties (property*)>
1415
+
1416
+ <!ATTLIST session-properties
1417
+ timeout-in-seconds CDATA #IMPLIED>
1418
+
1419
+
1420
+ <!-- ejb-container
1421
+ Configuration of EJB Container.
1422
+
1423
+ children
1424
+ ejb-timer-service
1425
+ The ejb-timer-service element contains the configuration for
1426
+ the ejb timer service. There is at most one ejb timer service
1427
+ per server instance.
1428
+
1429
+ attributes
1430
+ cache-idle-timeout-in-seconds
1431
+ (eb, sfsb) specifies the rate at which the cache cleaner
1432
+ thread is scheduled. All idle instances are passivated at
1433
+ once.
1434
+ cache-resize-quantity
1435
+ (eb,sfsb) Cache elements have identity, hence growth is in
1436
+ unit steps and created on demand. Shrinking of cache happens
1437
+
1438
+ when cache-idle-timeout-in-seconds timer expires and a cleaner thread
1439
+ passivates beans which have been idle for longer than
1440
+ cache-idle-timeout-in-seconds. All idle instances are passivated at
1441
+ once. cache-resize-quantity does not apply in this case.
1442
+
1443
+ when max cache size is reached, an asynchronous task is created to
1444
+ bring the size back under the max-cache-size limit. This task removes
1445
+ cache-resize-quantity elements, consulting the victim-selection-policy.
1446
+
1447
+ Must be greater than 1 and less than max-cache-size.
1448
+
1449
+ commit-option
1450
+ (eb) Entity Beans caching is controlled by this setting.
1451
+ Commit Option C implies that no caching is performed in the
1452
+ container.
1453
+ max-cache-size
1454
+ (sfsb,eb) specifies the maximum number of instances that can
1455
+ be cached. For entity beans, internally two caches are
1456
+ maintained for higher concurrency: (i) Ready (R$) (ii) Active
1457
+ in an Incomplete Transaction (TX$). The TX$ is populated with
1458
+ instances from R$ or from the Pool directly. When an instance
1459
+ in TX$ completes the transaction, it is placed back in the R$
1460
+ (or in pool, in case an instance with same identity already
1461
+ is in R$). max-cache-size only specifies the upper limit for
1462
+ R$. The container computes an appropriate size for TX$. For
1463
+ SFSBs, after the max-cache-size is reached, beans (as
1464
+ determined by the victim-selection-policy) get passivated.
1465
+ max-pool-size
1466
+ (slsb,eb) maximum size, a pool can grow to. A value of 0
1467
+ implies an unbounded pool. Unbounded pools eventually shrink
1468
+ to the steady-pool-size, in steps defined by
1469
+ pool-resize-quantity.
1470
+ pool-idle-timeout-in-seconds
1471
+ (slsb,eb) defines the rate at which the pool cleaning thread
1472
+ is executed. this thread checks if current size is greater
1473
+ than steady pool size, it removes pool-resize-quantity
1474
+ elements. If the current size is less than steady-pool-size
1475
+ it is increased by pool-resize-quantity, with a ceiling of
1476
+ min (current-pool-size + pool-resize-quantity, max-pool-size)
1477
+ Only objects that have not been accessed for more than
1478
+ pool-idle-timeout-in-seconds are candidates for removal.
1479
+ pool-resize-quantity
1480
+ (slsb,eb) size of bean pool grows (shrinks) in steps
1481
+ specified by pool-resize-quantity, subject to max-pool-size
1482
+ (steady-pool-size) limit.
1483
+ removal-timeout-in-seconds
1484
+ (sfsb) Instance is removed from cache or passivation store,
1485
+ if it is not accesed within this time. All instances that can
1486
+ be removed, will be removed.
1487
+ session-store
1488
+ specifies the directory where passivated beans and persisted
1489
+ HTTP sessions are stored on the file system. Defaults to
1490
+ $INSTANCE-ROOT/session-store
1491
+ steady-pool-size
1492
+ (slsb,eb) number of bean instances normally maintained in
1493
+ pool. When a pool is first created, it will be populated with
1494
+ size equal to steady-pool-size. When an instance is removed
1495
+ from the pool, it is replenished asynchronously, so that the
1496
+ pool size is at or above the steady-pool-size. This additions
1497
+ will be in multiples of pool-resize-quantity. When a bean is
1498
+ disassociated from a method invocation, it is put back in the
1499
+ pool, subject to max-pool-size limit. If the max pool size is
1500
+ exceeded the bean id destroyed immediately. A pool cleaning
1501
+ thread, executes at an interval defined by
1502
+ pool-idle-timeout-in-seconds. This thread reduces the pool
1503
+ size to steady-pool-size, in steps defined by
1504
+ pool-resize-quantity. If the pool is empty, the required
1505
+ object will be created and returned immediately. This
1506
+ prevents threads from blocking till the pool is replenished
1507
+ by the background thread. steady-pool-size must be greater
1508
+ than 1 and at most equal to the max-pool-size.
1509
+ victim-selection-policy
1510
+ (sfsb) Victim selection policy when cache needs to shrink.
1511
+ Victims are passivated. Entity Bean Victims are selected
1512
+ always using fifo discipline. Does not apply to slsb because
1513
+ it does not matter, which particular instances are removed.
1514
+ fifo
1515
+ method picks victims, oldest instance first.
1516
+ lru
1517
+ algorithm picks least recently accessed instances.
1518
+ nru
1519
+ policy tries to pick 'not recently used' instances and is
1520
+ a pseudo-random selection process.
1521
+
1522
+ Used in:
1523
+ config
1524
+ -->
1525
+ <!ELEMENT ejb-container (ejb-timer-service?, property*)>
1526
+
1527
+ <!ATTLIST ejb-container
1528
+ steady-pool-size CDATA "32"
1529
+ pool-resize-quantity CDATA "16"
1530
+ max-pool-size CDATA "64"
1531
+ cache-resize-quantity CDATA "32"
1532
+ max-cache-size CDATA "512"
1533
+ pool-idle-timeout-in-seconds CDATA "600"
1534
+ cache-idle-timeout-in-seconds CDATA "600"
1535
+ removal-timeout-in-seconds CDATA "5400"
1536
+ victim-selection-policy (fifo | lru | nru) "nru"
1537
+ commit-option (B | C) "B"
1538
+ session-store CDATA #IMPLIED>
1539
+
1540
+
1541
+ <!-- ejb-timer-service
1542
+ Configuration for ejb timer service.
1543
+
1544
+ attributes
1545
+ max-redeliveries
1546
+ is the maximum number of times the ejb timer service will
1547
+ attempt to redeliver a timer expiration due to exception or
1548
+ rollback. The minimum value is 1, per the ejb specification.
1549
+ minimum-delivery-interval-in-millis
1550
+ is the minimum number of milliseconds allowed before the next
1551
+ timer expiration for a particular timer can occur. It guards
1552
+ against extremely small timer increments that can overload
1553
+ the server.
1554
+ redelivery-interval-internal-in-millis
1555
+ is the number of milliseconds the ejb timer service will wait
1556
+ after a failed ejbTimeout delivery before attempting a
1557
+ redelivery.
1558
+ timer-datasource
1559
+ overrides the cmp-resource (jdbc/__TimerPool) specified in
1560
+ sun-ejb-jar.xml of (__ejb_container_timer_app) of the timer
1561
+ service system application. By default this is set to
1562
+ jdbc/__TimerPool, but can be overridden for the cluster or
1563
+ server instance, if they choose to.
1564
+
1565
+ Used in:
1566
+ ejb-container
1567
+ -->
1568
+ <!ELEMENT ejb-timer-service (property*)>
1569
+
1570
+ <!ATTLIST ejb-timer-service
1571
+ minimum-delivery-interval-in-millis CDATA "7000"
1572
+ max-redeliveries CDATA "1"
1573
+ timer-datasource CDATA #IMPLIED
1574
+ redelivery-interval-internal-in-millis CDATA "5000">
1575
+
1576
+
1577
+ <!-- mdb-container
1578
+
1579
+ attributes
1580
+ idle-timeout-in-seconds
1581
+ idle bean instance in pool becomes a candidate for deletion,
1582
+ when this timeout expires.
1583
+ max-pool-size
1584
+ maximum size, pool can grow to. A non-negative integer.
1585
+ pool-resize-quantity
1586
+ quantum of increase/decrease, when the size of pool
1587
+ grows/shrinks. An integer in the range [0, max-pool-size].
1588
+ steady-pool-size
1589
+ minimum and initial number of message driven beans in pool.
1590
+ An integer in the range [0, max-pool-size].
1591
+
1592
+ Used in:
1593
+ config
1594
+ -->
1595
+ <!ELEMENT mdb-container (property*)>
1596
+
1597
+ <!ATTLIST mdb-container
1598
+ steady-pool-size CDATA "10"
1599
+ pool-resize-quantity CDATA "2"
1600
+ max-pool-size CDATA "60"
1601
+ idle-timeout-in-seconds CDATA "600">
1602
+
1603
+
1604
+ <!-- jms-service
1605
+ The jms-service element specifies information about the
1606
+ bundled/built-in JMS service that is managed by Application
1607
+ Server.
1608
+
1609
+ attributes
1610
+ addresslist-behavior
1611
+ Determines broker selection from imqAddressList.
1612
+ random
1613
+ causes selection to be performed randomly
1614
+ priority
1615
+ causes selection to be performed sequentially
1616
+ addresslist-iterations
1617
+ Number of times reconnect logic should iterate
1618
+ imqAddressList. This property will not be used if the
1619
+ addresslist-behavior is "random". An integer.
1620
+ default-jms-host
1621
+ reference to a jms-host that to be started when type of
1622
+ jms-service is LOCAL.
1623
+ init-timeout-in-seconds
1624
+ specifies the time server instance will wait at start up, for
1625
+ its corresponding JMS service instance to respond. If there
1626
+ is no response within the specifies timeout period,
1627
+ application server startup is aborted. Default value of 60
1628
+ seconds.
1629
+ mq-scheme
1630
+ Scheme for establishing connection with broker. For example,
1631
+ scheme can be specified as "http" for connecting to MQ broker
1632
+ over http. Default is "mq".
1633
+ mq-service
1634
+ Type of broker service. If a broker supports ssl, then the
1635
+ type of service can be "ssljms". If nothing is specified, MQ
1636
+ will assume 4that service is "jms".
1637
+ reconnect-attempts
1638
+ Total number of attempts to reconnect. An integer.
1639
+ reconnect-enabled
1640
+ Causes reconnect feature to be enabled (true) or disabled
1641
+ (false). A boolean.
1642
+ reconnect-interval-in-seconds
1643
+ Interval between reconnect attempts, in seconds. An integer.
1644
+ start-args
1645
+ specifies the arguments that will be supplied to start up the
1646
+ corresponding JMS service instance.
1647
+ type
1648
+ Type of JMS service.
1649
+
1650
+ Used in:
1651
+ config
1652
+ -->
1653
+ <!ELEMENT jms-service (jms-host*, property*)>
1654
+
1655
+ <!ATTLIST jms-service
1656
+ init-timeout-in-seconds CDATA "60"
1657
+ type (LOCAL | REMOTE) "LOCAL"
1658
+ start-args CDATA #IMPLIED
1659
+ default-jms-host CDATA #IMPLIED
1660
+ reconnect-interval-in-seconds CDATA "60"
1661
+ reconnect-attempts CDATA "3"
1662
+ reconnect-enabled %boolean; "true"
1663
+ addresslist-behavior (random | priority) "random"
1664
+ addresslist-iterations CDATA "3"
1665
+ mq-scheme CDATA #IMPLIED
1666
+ mq-service CDATA #IMPLIED>
1667
+
1668
+
1669
+ <!-- jms-host
1670
+
1671
+ attributes
1672
+ admin-password
1673
+ attribute specifies the admin password.
1674
+ admin-user-name
1675
+ specifies the admin username.
1676
+ host
1677
+ ip V6 or V4 address or hostname.
1678
+ port
1679
+ the port number used by the JMS service.
1680
+
1681
+ Used in:
1682
+ jms-service
1683
+ -->
1684
+ <!ELEMENT jms-host (property*)>
1685
+
1686
+ <!ATTLIST jms-host
1687
+ name CDATA #REQUIRED
1688
+ host CDATA #IMPLIED
1689
+ port CDATA "7676"
1690
+ admin-user-name CDATA "admin"
1691
+ admin-password CDATA "admin">
1692
+
1693
+
1694
+ <!-- log-service
1695
+ By default, logs would be kept in $INSTANCE-ROOT/logs. The
1696
+ following log files will be stored under the logs directory.
1697
+
1698
+ access.log
1699
+ keeps default virtual server HTTP access messages.
1700
+ server.log
1701
+ keeps log messages from default virtual server. Messages from
1702
+ other configured virtual servers also go here, unless
1703
+ log-file is explicitly specified in the virtual-server
1704
+ element.
1705
+
1706
+
1707
+ attributes
1708
+ alarms
1709
+ if true, will turn on alarms for the logger. The SEVERE and
1710
+ WARNING messages can be routed through the JMX framework to
1711
+ raise SEVERE and WARNING alerts. Alarms are turned off by
1712
+ default.
1713
+ file
1714
+ can be used to rename or relocate server.log using absolute
1715
+ path.
1716
+ log-filter
1717
+ Can plug in a log filter to do custom filtering of log
1718
+ records . By default there is no log filter other than the
1719
+ log level filtering provided by JSR 047 log API.
1720
+ log-handler
1721
+ Can plug in a custom log handler to add it to the chain of
1722
+ handlers to log into a different log destination than the
1723
+ default ones given by the system (which are Console, File and
1724
+ Syslog). It is a requirement that customers use the log
1725
+ formatter provided by the the system to maintain uniformity
1726
+ in log messages. The custom log handler will be added at the
1727
+ end of the handler chain after File + Syslog Handler, Console
1728
+ Handler and JMX Handler. User cannot replace the handler
1729
+ provided by the system, because of loosing precious log
1730
+ statements. The Server Initialization will take care of
1731
+ installing the custom handler with the system formatter
1732
+ initialized. The user need to use JSR 047 Log Handler
1733
+ Interface to implement the custom handler.
1734
+ log-rotation-limit-in-bytes
1735
+ Log Files will be rotated when the file size reaches the
1736
+ limit.
1737
+ log-rotation-timelimit-in-minutes
1738
+ This is a new attribute to enable time based log rotation.
1739
+ The Log File will be rotated only if this value is non-zero
1740
+ and the valid range is 60 minutes (1 hour) to 10*24*60
1741
+ minutes (10 days). If the value is zero then the files will
1742
+ be rotated based on size specified in
1743
+ log-rotation-limit-in-bytes.
1744
+ log-to-console
1745
+ logs will be sent to stderr when asadmin start-domain verbose
1746
+ is used
1747
+ use-system-logging
1748
+ if true, will utilize Unix syslog service or Windows Event
1749
+ Logging to produce and manage logs.
1750
+
1751
+ Used in:
1752
+ config, node-agent
1753
+ -->
1754
+ <!ELEMENT log-service (module-log-levels?, property*)>
1755
+
1756
+ <!ATTLIST log-service
1757
+ file CDATA #IMPLIED
1758
+ use-system-logging %boolean; "false"
1759
+ log-handler CDATA #IMPLIED
1760
+ log-filter CDATA #IMPLIED
1761
+ log-to-console %boolean; "false"
1762
+ log-rotation-limit-in-bytes CDATA "500000"
1763
+ log-rotation-timelimit-in-minutes CDATA "0"
1764
+ alarms %boolean; "false">
1765
+
1766
+
1767
+ <!-- module-log-levels
1768
+
1769
+ Used in:
1770
+ log-service
1771
+ -->
1772
+ <!ELEMENT module-log-levels (property*)>
1773
+
1774
+ <!ATTLIST module-log-levels
1775
+ root %log-level; "INFO"
1776
+ server %log-level; "INFO"
1777
+ ejb-container %log-level; "INFO"
1778
+ cmp-container %log-level; "INFO"
1779
+ mdb-container %log-level; "INFO"
1780
+ web-container %log-level; "INFO"
1781
+ classloader %log-level; "INFO"
1782
+ configuration %log-level; "INFO"
1783
+ naming %log-level; "INFO"
1784
+ security %log-level; "INFO"
1785
+ jts %log-level; "INFO"
1786
+ jta %log-level; "INFO"
1787
+ admin %log-level; "INFO"
1788
+ deployment %log-level; "INFO"
1789
+ verifier %log-level; "INFO"
1790
+ jaxr %log-level; "INFO"
1791
+ jaxrpc %log-level; "INFO"
1792
+ saaj %log-level; "INFO"
1793
+ corba %log-level; "INFO"
1794
+ javamail %log-level; "INFO"
1795
+ jms %log-level; "INFO"
1796
+ connector %log-level; "INFO"
1797
+ jdo %log-level; "INFO"
1798
+ cmp %log-level; "INFO"
1799
+ util %log-level; "INFO"
1800
+ resource-adapter %log-level; "INFO"
1801
+ synchronization %log-level; "INFO"
1802
+ node-agent %log-level; "INFO">
1803
+
1804
+
1805
+ <!-- security-service
1806
+ The security service element defines parameters and configuration
1807
+ information needed by the core J2EE security service. Some
1808
+ container-specific security configuration elements are in the
1809
+ various container configuration elements and not here. SSL
1810
+ configuration is also elsewhere. At this time the security
1811
+ service configuration consists of a set of authentication realms.
1812
+ A number of top-level attributes are defined as well.
1813
+
1814
+ children
1815
+ message-security-config
1816
+ Optional list of layer specific lists of configured message
1817
+ security providers.
1818
+
1819
+ attributes
1820
+ anonymous-role
1821
+ Used as role name for default/anonymous role.
1822
+ audit-enabled
1823
+ If true, additional access logging is performed to provide
1824
+ audit information.
1825
+ audit-modules
1826
+ Optional list of audit provider modules which will be used by
1827
+ the audit subsystem. The default value refers to the internal
1828
+ log-based audit module.
1829
+ default-principal
1830
+ Used as the identity of default security contexts when
1831
+ necessary and no principal is provided.
1832
+ default-principal-password
1833
+ Password of default principal.
1834
+ default-realm
1835
+ Specifies which realm (by name) is used by default when no
1836
+ realm is specifically requested. The file realm is the common
1837
+ default.
1838
+ jacc
1839
+ Specifies the name of the jacc-provider element to use for
1840
+ setting up the JACC infrastructure. The default value
1841
+ "default" does not need to be changed unless adding a custom
1842
+ JACC provider.
1843
+
1844
+ Used in:
1845
+ config
1846
+ -->
1847
+ <!ELEMENT security-service
1848
+ (auth-realm+, jacc-provider+, audit-module*, message-security-config*,
1849
+ property*)>
1850
+
1851
+
1852
+ <!ATTLIST security-service
1853
+ default-realm CDATA "file"
1854
+ default-principal CDATA #IMPLIED
1855
+ default-principal-password CDATA #IMPLIED
1856
+ anonymous-role CDATA "ANYONE"
1857
+ audit-enabled %boolean; "false"
1858
+ jacc CDATA "default"
1859
+ audit-modules CDATA "default">
1860
+
1861
+
1862
+ <!-- audit-module
1863
+ An audit-module specifies an optional plug-in module which
1864
+ implements audit capabilities.
1865
+
1866
+ attributes
1867
+ classname
1868
+ defines the java class which implements this audit module
1869
+ name
1870
+ defines the name of this realm
1871
+
1872
+ Used in:
1873
+ security-service
1874
+ -->
1875
+ <!ELEMENT audit-module (property*)>
1876
+
1877
+ <!ATTLIST audit-module
1878
+ name CDATA #REQUIRED
1879
+ classname CDATA #REQUIRED>
1880
+
1881
+
1882
+ <!-- auth-realm
1883
+ The auth-realm element defines and configures one authentication
1884
+ realm. There must be at least one realm available for a server
1885
+ instance; any number can be configured, as desired.
1886
+
1887
+ Authentication realms need provider-specific parameters which vary
1888
+ depending on what a particular implementation needs; these are defined as
1889
+ properties since they vary by provider and cannot be predicted for any
1890
+ custom or add-on providers.
1891
+
1892
+ For the default file provider, the param used is: file
1893
+
1894
+
1895
+ attributes
1896
+ classname
1897
+ defines the java class which implements this realm
1898
+ name
1899
+ defines the name of this realm
1900
+
1901
+ Used in:
1902
+ node-agent, security-service
1903
+ -->
1904
+ <!ELEMENT auth-realm (property*)>
1905
+
1906
+ <!ATTLIST auth-realm
1907
+ name CDATA #REQUIRED
1908
+ classname CDATA #REQUIRED>
1909
+
1910
+
1911
+ <!-- jacc-provider
1912
+ The jacc-provider element defines the standard JACC properties
1913
+ used for setting up the JACC provider. It also allows optional
1914
+ properties which can be used by the provider implementation for
1915
+ its configuration.
1916
+
1917
+ attributes
1918
+ name
1919
+ A name for this jacc-provider. Is always "default" for the
1920
+ default provider.
1921
+ policy-configuration-factory-provider
1922
+ Corresponds to (and can be overridden by) the system property
1923
+ javax.security.jacc.PolicyConfigurationFactory.provider
1924
+ policy-provider
1925
+ Corresponds to (and can be overridden by) the system property
1926
+ javax.security.jacc.policy.provider
1927
+
1928
+ Used in:
1929
+ security-service
1930
+ -->
1931
+ <!ELEMENT jacc-provider (property*)>
1932
+
1933
+ <!ATTLIST jacc-provider
1934
+ name CDATA #REQUIRED
1935
+ policy-provider CDATA #REQUIRED
1936
+ policy-configuration-factory-provider CDATA #REQUIRED>
1937
+
1938
+
1939
+ <!-- transaction-service
1940
+ Configuration for Transaction Manager.
1941
+
1942
+ attributes
1943
+ automatic-recovery
1944
+ if true, server instance attempts recovery at restart.
1945
+ heuristic-decision
1946
+ During recovery, if outcome of a transaction cannot be
1947
+ determined from the logs, then this property is used to fix
1948
+ the outcome.
1949
+ keypoint-interval
1950
+ property used to specify the number of transactions between
1951
+ keypoint operations on the log. A Keypoint operations could
1952
+ reduce the size of the transaction log files. A larger value
1953
+ for this property (for example, 1000) will result in larger
1954
+ transaction log files, between log compactions, but less
1955
+ keypoint operations, and potentially better performance. A
1956
+ smaller value (e.g. 20) results in smaller log files but
1957
+ slightly reduced performance due to the greater frequency of
1958
+ keypoint operations.
1959
+ retry-timeout-in-seconds
1960
+ used to determine the retry time in the following scenarios.
1961
+
1962
+ 1 Time to wait at the transaction recovery time, when
1963
+ resources are unreachable.
1964
+ 2 If there are any transient
1965
+ exceptions in the second phase of the 2 PC protocol.
1966
+
1967
+ A negative value indicates infinite retry. '0' indicates no
1968
+ retry. A positive value indicates the number of seconds for
1969
+ which retry will be attempted. Default is 10 minutes which
1970
+ may be appropriate for a database being restarted.
1971
+ timeout-in-seconds
1972
+ amount of time the transaction manager waits for response
1973
+ from a datasource participating in transaction. A value of 0
1974
+ implies infinite timeout.
1975
+ tx-log-dir
1976
+ Transaction service creates a sub directory 'tx' under
1977
+ tx-log-dir to store the transaction logs. The default value
1978
+ of the tx-log-dir is $INSTANCE-ROOT/logs. If this attribute
1979
+ is not explicitly specified in the <transaction-service>
1980
+ element, 'tx' sub directory will be created under the path
1981
+ specified in log-root attribute of <domain> element.
1982
+
1983
+ Used in:
1984
+ config
1985
+ -->
1986
+ <!ELEMENT transaction-service (property*)>
1987
+
1988
+ <!ATTLIST transaction-service
1989
+ automatic-recovery %boolean; "false"
1990
+ timeout-in-seconds CDATA "0"
1991
+ tx-log-dir CDATA #IMPLIED
1992
+ heuristic-decision (rollback | commit) "rollback"
1993
+ retry-timeout-in-seconds CDATA "600"
1994
+ keypoint-interval CDATA "2048">
1995
+
1996
+
1997
+ <!-- monitoring-service
1998
+
1999
+ Used in:
2000
+ config
2001
+ -->
2002
+ <!ELEMENT monitoring-service (module-monitoring-levels?, property*)>
2003
+
2004
+
2005
+ <!-- module-monitoring-levels
2006
+
2007
+ attributes
2008
+ connector-connection-pool
2009
+ monitoring level for all the connector-connection-pools used
2010
+ by the runtime.
2011
+ ejb-container
2012
+ various ejbs deployed to the server, ejb-pools, ejb-caches
2013
+ and ejb-methods.
2014
+ http-service
2015
+ http engine and the http listeners therein.
2016
+ jdbc-connection-pool
2017
+ monitoring level for all the jdbc-connection-pools used by
2018
+ the runtime.
2019
+ orb
2020
+ specifies the level for connection managers of the orb, which
2021
+ apply to connections to the orb
2022
+ thread-pool
2023
+ all the thread-pools used by the run time.
2024
+ transaction-service
2025
+ transaction subsystem.
2026
+
2027
+ Used in:
2028
+ monitoring-service
2029
+ -->
2030
+ <!ELEMENT module-monitoring-levels (property*)>
2031
+
2032
+ <!ATTLIST module-monitoring-levels
2033
+ thread-pool %monitoring-level; "OFF"
2034
+ orb %monitoring-level; "OFF"
2035
+ ejb-container %monitoring-level; "OFF"
2036
+ web-container %monitoring-level; "OFF"
2037
+ transaction-service %monitoring-level; "OFF"
2038
+ http-service %monitoring-level; "OFF"
2039
+ jdbc-connection-pool %monitoring-level; "OFF"
2040
+ connector-connection-pool %monitoring-level; "OFF"
2041
+ connector-service %monitoring-level; "OFF"
2042
+ jms-service %monitoring-level; "OFF"
2043
+ jvm %monitoring-level; "OFF">
2044
+
2045
+
2046
+ <!-- java-config
2047
+ Java Runtime environment configuration
2048
+
2049
+ attributes
2050
+ bytecode-preprocessors
2051
+ A comma separated list of classnames, each of which must
2052
+ implement the com.sun.appserv.BytecodePreprocessor interface.
2053
+ Each of the specified preprocessor class will be called in
2054
+ the order specified. At the moment the comelling use is for a
2055
+ 3rd party Performance Profiling tool.
2056
+ classpath-prefix
2057
+ A java classpath string that is prefixed to server-classpath
2058
+ classpath-suffix
2059
+ A java classpath string that is appended to server-classpath
2060
+ debug-enabled
2061
+ If set to true, the server starts up in debug mode ready for
2062
+ attaching with a JPDA based debugger.
2063
+ debug-options
2064
+ JPDA based debugging options string.
2065
+ env-classpath-ignored
2066
+ If set to false, the CLASSPATH environment variable will be
2067
+ read and appended to the Application Server classpath, which
2068
+ is constructed as described above. The CLASSPATH environment
2069
+ variable will be added after the classpath-suffix, at the
2070
+ very end.
2071
+ javac-options
2072
+ Options string passed to Java compiler, at application
2073
+ deployment time.
2074
+ java-home
2075
+ Specifies the installation directory for Java runtime. JDK
2076
+ 1.4 or higher is supported.
2077
+ native-library-path-prefix
2078
+ is prepended to the native library path, which is constructed
2079
+ internally.
2080
+
2081
+ Internally, the native library path is automatically constructed to be
2082
+ a concatenation of Application Server installation relative path for
2083
+ its native shared libraries, standard JRE native library path, the
2084
+ shell environment setting (LD-LIBRARY-PATH on Unix) and any path that
2085
+ may be specified in the profile element.
2086
+
2087
+ native-library-path-suffix
2088
+ is appended to the native library path, which is constructed
2089
+ as described above.
2090
+ rmic-options
2091
+ Options string passed to RMI compiler, at application
2092
+ deployment time.
2093
+ server-classpath
2094
+ A java classpath string that specifies the classes needed by
2095
+ the Application server. Do not expect users to change this
2096
+ under normal conditions.
2097
+
2098
+ Used in:
2099
+ config
2100
+ -->
2101
+ <!ELEMENT java-config (profiler?, (jvm-options | property)*)>
2102
+
2103
+ <!ATTLIST java-config
2104
+ java-home CDATA "${com.sun.aas.javaRoot}"
2105
+ debug-enabled %boolean; "false"
2106
+ debug-options CDATA "-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=n"
2107
+ rmic-options CDATA "-iiop -poa -alwaysgenerate -keepgenerated -g"
2108
+ javac-options CDATA "-g"
2109
+ classpath-prefix CDATA #IMPLIED
2110
+ classpath-suffix CDATA #IMPLIED
2111
+ server-classpath CDATA #IMPLIED
2112
+ native-library-path-prefix CDATA #IMPLIED
2113
+ native-library-path-suffix CDATA #IMPLIED
2114
+ bytecode-preprocessors CDATA #IMPLIED
2115
+ env-classpath-ignored %boolean; "true">
2116
+
2117
+
2118
+ <!-- jvm-options
2119
+ String value for options that will be passed to the JVM
2120
+
2121
+ Used in:
2122
+ java-config, profiler
2123
+ -->
2124
+ <!ELEMENT jvm-options (#PCDATA)>
2125
+
2126
+
2127
+ <!-- profiler
2128
+ Profilers could be one of jprobe, optimizeit, hprof, wily and so
2129
+ on jvm-options and property elements are used to record the
2130
+ settings needed to get a particular profiler going. A server
2131
+ instance is tied to a particular profiler, by the profiler
2132
+ element in java-config. Changing the profiler will require a
2133
+ server restart.
2134
+
2135
+ The adminstrative graphical interfaces, could list multiple supported
2136
+ profilers (incomplete at this point) and will populate server.xml
2137
+ appropriately.
2138
+
2139
+
2140
+ Used in:
2141
+ java-config
2142
+ -->
2143
+ <!ELEMENT profiler ((jvm-options | property)*)>
2144
+
2145
+ <!ATTLIST profiler
2146
+ name CDATA #REQUIRED
2147
+ classpath CDATA #IMPLIED
2148
+ native-library-path CDATA #IMPLIED
2149
+ enabled %boolean; "true">
2150
+
2151
+
2152
+ <!-- availability-service
2153
+ SE/EE only: TBD Needs explanation
2154
+
2155
+ attributes
2156
+ store-pool-name
2157
+ This is the jndi-name for the JDBC Connection Pool used
2158
+ potentially by both the Web Container and the EJB Stateful
2159
+ Session Bean Container for use in checkpointing/passivation
2160
+ when persistence-type = "ha". See sfsb-ha-persistence-type
2161
+ and sfsb-persistence-type for more details. It will default
2162
+ to "jdbc/hastore". This attribute can be over-ridden in
2163
+ either web-container-availability (with
2164
+ http-session-store-pool-name) and/or in
2165
+ ejb-container-availability (with sfsb-store-pool-name). If
2166
+ store-pool-name is not over-ridden then both containers will
2167
+ share the same connection pool. If either container
2168
+ over-rides then it may have its own dedicated pool. In this
2169
+ case there must also be a new corresponding JDBC Resource and
2170
+ JDBC Connection Pool defined for this new pool name.
2171
+
2172
+ Used in:
2173
+ config
2174
+ -->
2175
+ <!ELEMENT availability-service
2176
+ (web-container-availability?, ejb-container-availability?, property*)>
2177
+
2178
+
2179
+ <!ATTLIST availability-service
2180
+ availability-enabled %boolean; "true"
2181
+ store-pool-name CDATA #IMPLIED>
2182
+
2183
+
2184
+ <!-- web-container-availability
2185
+ web-container-availability SE/EE only:
2186
+
2187
+ attributes
2188
+ availability-enabled
2189
+ This boolean flag controls whether availability is enabled
2190
+ for HTTP session persistence. If this is "false", then
2191
+ session persistence is disabled for all web modules in j2ee
2192
+ apps and stand-alone web modules. If it is "true" (and
2193
+ providing that the global availability-enabled in
2194
+ availability-service is also "true", then j2ee apps and
2195
+ stand-alone web modules may be ha enabled. Finer-grained
2196
+ control exists at lower levels. If this attribute is missing,
2197
+ it "inherits" the value of the global availability-enabled
2198
+ under availability-service.
2199
+ http-session-store-pool-name
2200
+ This is the jndi-name for the JDBC Connection Pool used by
2201
+ the HTTP Session Persistence Framework. If missing, internal
2202
+ code will default it to value of store-pool-name under
2203
+ availability-service (ultimately "jdbc/hastore").
2204
+ persistence-frequency
2205
+ The persistence frequency used by the session persistence
2206
+ framework, when persistence-type = "ha". Values may be
2207
+ "time-based" or "web-event". If it is missing, then the
2208
+ persistence-type will revert to "memory".
2209
+ persistence-scope
2210
+ The persistence scope used by the session persistence
2211
+ framework, when persistence-type = "ha". Values may be
2212
+ "session", "modified-session", "modified-attribute". If it is
2213
+ missing, then the persistence-type will revert to "memory".
2214
+ persistence-store-health-check-enabled
2215
+ Reserved for future use.
2216
+ persistence-type
2217
+ The persistence type used by the session persistence
2218
+ framework.
2219
+ sso-failover-enabled
2220
+ This controls whether Single-Sign-On state will be made
2221
+ available for failover.
2222
+
2223
+ Used in:
2224
+ availability-service
2225
+ -->
2226
+ <!ELEMENT web-container-availability (property*)>
2227
+
2228
+ <!ATTLIST web-container-availability
2229
+ availability-enabled %boolean; #IMPLIED
2230
+ persistence-type %persistence-type; "memory"
2231
+ persistence-frequency %session-save-frequency; #IMPLIED
2232
+ persistence-scope %session-save-scope; #IMPLIED
2233
+ persistence-store-health-check-enabled %boolean; "false"
2234
+ sso-failover-enabled %boolean; "false"
2235
+ http-session-store-pool-name CDATA #IMPLIED>
2236
+
2237
+
2238
+ <!-- ejb-container-availability
2239
+
2240
+ attributes
2241
+ availability-enabled
2242
+ This boolean flag controls whether availability is enabled
2243
+ for SFSB checkpointing (and potentially passivation). If this
2244
+ is "false", then all SFSB checkpointing is disabled for all
2245
+ j2ee apps and ejb modules. If it is "true" (and providing
2246
+ that the global availability-enabled in availability-service
2247
+ is also "true", then j2ee apps and stand-alone ejb modules
2248
+ may be ha enabled. Finer-grained control exists at lower
2249
+ levels. If this attribute is missing, it inherits the value
2250
+ of the global availability-enabled under availability-service.
2251
+ sfsb-checkpoint-enabled
2252
+ This attribute is deprecated, replaced by
2253
+ availability-enabled and will be ignored if present.
2254
+ sfsb-ha-persistence-type
2255
+ The persistence type used by the EJB Stateful Session Bean
2256
+ Container for checkpointing and passivating
2257
+ availability-enabled beans' state. Values may be "file" or
2258
+ "ha". Default is "ha".
2259
+ sfsb-quick-checkpoint-enabled
2260
+ This attribute is deprecated and will be ignored if present.
2261
+ sfsb-store-pool-name
2262
+ This is the jndi-name for the JDBC Connection Pool used by
2263
+ the EJB Stateful Session Bean Container for use in
2264
+ checkpointing/passivation when persistence-type = "ha". See
2265
+ sfsb-ha-persistence-type and sfsb-persistence-type for more
2266
+ details. It will default to value of store-pool-name under
2267
+ availability-service (ultimately "jdbc/hastore").
2268
+
2269
+ Used in:
2270
+ availability-service
2271
+ -->
2272
+ <!ELEMENT ejb-container-availability (property*)>
2273
+
2274
+ <!ATTLIST ejb-container-availability
2275
+ availability-enabled %boolean; #IMPLIED
2276
+ sfsb-ha-persistence-type %sfsb-persistence-type; "ha"
2277
+ sfsb-persistence-type %sfsb-persistence-type; "file"
2278
+ sfsb-checkpoint-enabled %boolean; #IMPLIED
2279
+ sfsb-quick-checkpoint-enabled %boolean; #IMPLIED
2280
+ sfsb-store-pool-name CDATA #IMPLIED>
2281
+
2282
+
2283
+ <!-- jdbc-connection-pool
2284
+ jdbc-connection-pool defines configuration used to create and
2285
+ manage a pool physical database connections. Pool definition is
2286
+ named, and can be referred to by multiple jdbc-resource elements
2287
+ (See <jdbc-resource>).
2288
+
2289
+ Each named pool definition results in a pool instantiated at server
2290
+ start-up. Pool is populated when accessed for the first time. If two or
2291
+ more jdbc-resource elements point to the same jdbc-connection-pool
2292
+ element, they are using the same pool of connections, at run time.
2293
+
2294
+
2295
+ children
2296
+ property
2297
+ Most JDBC 2.0 drivers permit use of standard property lists,
2298
+ to specify User, Password and other resource configuration.
2299
+ While these are optional properties, according to the
2300
+ specification, several of these properties may be necessary
2301
+ for most databases. See Section 5.3 of JDBC 2.0 Standard
2302
+ Extension API.
2303
+
2304
+ The following are the names and corresponding values for these
2305
+ properties
2306
+
2307
+ databaseName
2308
+ Name of the Database
2309
+ serverName
2310
+ Database Server name.
2311
+ port
2312
+ Port where a Database server is listening for requests.
2313
+ networkProtocol
2314
+ Communication Protocol used.
2315
+ user
2316
+ default name of the database user with which connections
2317
+ will be stablished. Programmatic database authentication
2318
+ or default-resource-principal specified in vendor
2319
+ specific web and ejb deployment descriptors will take
2320
+ precedence, over this default. The details and caveats
2321
+ are described in detail in the Administrator's guide.
2322
+ password
2323
+ password for default database user
2324
+ roleName
2325
+ The initial SQL role name.
2326
+ datasourceName
2327
+ used to name an underlying XADataSource, or
2328
+ ConnectionPoolDataSource when pooling of connections is
2329
+ done
2330
+ description
2331
+ Textual Description
2332
+
2333
+ When one or more of these properties are specified, they are passed as
2334
+ is using set<Name>(<Value>) methods to the vendors Datasource class
2335
+ (specified in datasource-classname). User and Password properties are
2336
+ used as default principal, if Container Managed authentication is
2337
+ specified and a default-resource-principal is not found in application
2338
+ deployment descriptors.
2339
+
2340
+
2341
+ attributes
2342
+ connection-validation-method
2343
+ specifies the type of validation to be performed when
2344
+ is-connection-validation-required is true. The following
2345
+ types of validation are supported:
2346
+ auto-commit
2347
+ using connection.autoCommit()
2348
+ meta-data
2349
+ using connection.getMetaData()
2350
+ table
2351
+ performing a query on a user specified table (see
2352
+ validation-table-name).
2353
+ datasource-classname
2354
+ Name of the vendor supplied JDBC datasource resource manager.
2355
+ An XA or global transactions capable datasource class will
2356
+ implement javax.sql.XADatasource interface. Non XA or Local
2357
+ transactions only datasources will implement
2358
+ javax.sql.Datasource interface.
2359
+ fail-all-connections
2360
+ indicates if all connections in the pool must be closed
2361
+ should a single validation check fail. The default is false.
2362
+ One attempt will be made to re-establish failed connections.
2363
+ idle-timeout-in-seconds
2364
+ maximum time in seconds, that a connection can remain idle in
2365
+ the pool. After this time, the pool implementation can close
2366
+ this connection. Note that this does not control connection
2367
+ timeouts enforced at the database server side. Adminsitrators
2368
+ are advised to keep this timeout shorter than the database
2369
+ server side timeout (if such timeouts are configured on the
2370
+ specific vendor's database), to prevent accumulation of
2371
+ unusable connection in Application Server.
2372
+ is-connection-validation-required
2373
+ if true, connections are validated (checked to find out if
2374
+ they are usable) before giving out to the application. The
2375
+ default is false.
2376
+ is-isolation-level-guaranteed
2377
+ Applicable only when a particular isolation level is
2378
+ specified for transaction-isolation-level. The default value
2379
+ is true. This assures that every time a connection is
2380
+ obtained from the pool, it is guaranteed to have the
2381
+ isolation set to the desired value. This could have some
2382
+ performance impact on some JDBC drivers. Can be set to false
2383
+ by that administrator when they are certain that the
2384
+ application does not change the isolation level before
2385
+ returning the connection.
2386
+ max-pool-size
2387
+ maximum number of conections that can be created
2388
+ max-wait-time-in-millis
2389
+ amount of time the caller will wait before getting a
2390
+ connection timeout. The default is 60 seconds. A value of 0
2391
+ will force caller to wait indefinitely.
2392
+ name
2393
+ unique name of the pool definition.
2394
+ pool-resize-quantity
2395
+ number of connections to be removed when
2396
+ idle-timeout-in-seconds timer expires. Connections that have
2397
+ idled for longer than the timeout are candidates for removal.
2398
+ When the pool size reaches steady-pool-size, the connection
2399
+ removal stops.
2400
+ res-type
2401
+ DataSource implementation class could implement one of of
2402
+ javax.sql.DataSource, javax.sql.XADataSource or
2403
+ javax.sql.ConnectionPoolDataSource interfaces. This optional
2404
+ attribute must be specified to disambiguate when a Datasource
2405
+ class implements two or more of these interfaces. An error is
2406
+ produced when this attribute has a legal value and the
2407
+ indicated interface is not implemented by the datasource
2408
+ class. This attribute has no default value.
2409
+ steady-pool-size
2410
+ minimum and initial number of connections maintained in the
2411
+ pool.
2412
+ transaction-isolation-level
2413
+ Specifies the Transaction Isolation Level on the pooled
2414
+ database connections. Optional. Has no default. If left
2415
+ unspecified the pool operates with default isolation level
2416
+ provided by the JDBC Driver. A desired isolation level can be
2417
+ set using one of the standard transaction isolation levels,
2418
+ which see.
2419
+
2420
+ Applications that change the Isolation level on a pooled connection
2421
+ programmatically, risk polluting the pool and this could lead to
2422
+ program errors. Also see: is-isolation-level-guaranteed
2423
+
2424
+ validation-table-name
2425
+ specifies the table name to be used to perform a query to
2426
+ validate a connection. This parameter is mandatory, if
2427
+ connection-validation-type set to table. Verification by
2428
+ accessing a user specified table may become necessary for
2429
+ connection validation, particularly if database driver caches
2430
+ calls to setAutoCommit() and getMetaData().
2431
+
2432
+ Used in:
2433
+ resources
2434
+ -->
2435
+ <!ELEMENT jdbc-connection-pool (description?, property*)>
2436
+
2437
+ <!ATTLIST jdbc-connection-pool
2438
+ name CDATA #REQUIRED
2439
+ datasource-classname CDATA #REQUIRED
2440
+ res-type (javax.sql.DataSource | javax.sql.XADataSource | javax.sql.ConnectionPoolDataSource) #IMPLIED
2441
+ steady-pool-size CDATA "8"
2442
+ max-pool-size CDATA "32"
2443
+ max-wait-time-in-millis CDATA "60000"
2444
+ pool-resize-quantity CDATA "2"
2445
+ idle-timeout-in-seconds CDATA "300"
2446
+ transaction-isolation-level %isolation; #IMPLIED
2447
+ is-isolation-level-guaranteed %boolean; "true"
2448
+ is-connection-validation-required %boolean; "false"
2449
+ connection-validation-method (auto-commit | meta-data | table) "auto-commit"
2450
+ validation-table-name CDATA #IMPLIED
2451
+ fail-all-connections %boolean; "false">
2452
+
2453
+
2454
+ <!-- connector-connection-pool
2455
+ connector-connection-pool defines configuration used to create
2456
+ and manage a pool of connections to a EIS. Pool definition is
2457
+ named, and can be referred to by multiple connector-resource
2458
+ elements (See connector-resource).
2459
+
2460
+ Each named pool definition results in a pool instantiated at server
2461
+ start-up. Pool is populated when accessed for the first time. If two or
2462
+ more connector-resource elements point to the same
2463
+ connector-connection-pool element, they are using the same pool of
2464
+ connections, at run time.
2465
+
2466
+ There can be more than one pool for one connection-definition in one
2467
+ resource-adapter.
2468
+
2469
+
2470
+ children
2471
+ property
2472
+ Properties are used to override the ManagedConnectionFactory
2473
+ javabean configuration settings.
2474
+
2475
+ When one or more of these properties are specified, they are passed as
2476
+ is using set<Name>(<Value>) methods to the Resource Adapter's
2477
+ ManagedConnectionfactory class (specified in ra.xml).
2478
+
2479
+
2480
+ attributes
2481
+ connection-definition-name
2482
+ unique name, identifying one connection-definition in a
2483
+ Resource Adapter. Currently this is ConnectionFactory type.
2484
+ fail-all-connections
2485
+ indicates if all connections in the pool must be closed
2486
+ should a single connection fail validation. The default is
2487
+ false. One attempt will be made to re-establish failed
2488
+ connections.
2489
+ idle-timeout-in-seconds
2490
+ maximum time in seconds, that a connection can remain idle in
2491
+ the pool. After this time, the pool implementation can close
2492
+ this connection. Note that this does not control connection
2493
+ timeouts enforced at the database server side. Adminsitrators
2494
+ are advised to keep this timeout shorter than the EIS
2495
+ connection timeout (if such timeouts are configured on the
2496
+ specific EIS), to prevent accumulation of unusable connection
2497
+ in Application Server.
2498
+ max-pool-size
2499
+ maximum number of conections that can be created
2500
+ max-wait-time-in-millis
2501
+ amount of time the caller will wait before getting a
2502
+ connection timeout. The default is 60 seconds. A value of 0
2503
+ will force caller to wait indefinitely.
2504
+ name
2505
+ unique name of the pool definition.
2506
+ pool-resize-quantity
2507
+ number of connections to be removed when
2508
+ idle-timeout-in-seconds timer expires. Connections that have
2509
+ idled for longer than the timeout are candidates for removal.
2510
+ When the pool size reaches steady-pool-size, the connection
2511
+ removal stops.
2512
+ resource-adapter-name
2513
+ This is the name of resource adapter. Name of .rar file is
2514
+ taken as the unique name for the resource adapter.
2515
+ steady-pool-size
2516
+ minimum and initial number of connections maintained in the
2517
+ pool.
2518
+ transaction-support
2519
+ Indicates the level of transaction support that this pool
2520
+ will have. Possible values are "XATransaction",
2521
+ "LocalTransaction" and "NoTransaction". This attribute will
2522
+ override that transaction support attribute in the Resource
2523
+ Adapter in a downward compatible way, i.e it can support a
2524
+ lower/equal transaction level than specified in the RA, but
2525
+ not a higher level.
2526
+
2527
+ Used in:
2528
+ resources
2529
+ -->
2530
+ <!ELEMENT connector-connection-pool (description?, security-map*, property*)>
2531
+
2532
+ <!ATTLIST connector-connection-pool
2533
+ name CDATA #REQUIRED
2534
+ resource-adapter-name CDATA #REQUIRED
2535
+ connection-definition-name CDATA #REQUIRED
2536
+ steady-pool-size CDATA "8"
2537
+ max-pool-size CDATA "32"
2538
+ max-wait-time-in-millis CDATA "60000"
2539
+ pool-resize-quantity CDATA "2"
2540
+ idle-timeout-in-seconds CDATA "300"
2541
+ fail-all-connections %boolean; "false"
2542
+ transaction-support (XATransaction | LocalTransaction | NoTransaction) #IMPLIED>
2543
+
2544
+
2545
+ <!-- security-map
2546
+ Perform mapping from principal received during Servlet/EJB
2547
+ authentication, to credentials accepted by the EIS. This mapping
2548
+ is optional.It is possible to map multiple (server) principal to
2549
+ the same backend principal.
2550
+
2551
+ Used in:
2552
+ connector-connection-pool
2553
+ -->
2554
+ <!ELEMENT security-map ((principal | user-group)+, backend-principal)>
2555
+
2556
+ <!ATTLIST security-map
2557
+ name CDATA #REQUIRED>
2558
+
2559
+
2560
+ <!-- principal
2561
+ Principal of the Servlet and EJB client
2562
+
2563
+ Used in:
2564
+ security-map
2565
+ -->
2566
+ <!ELEMENT principal (#PCDATA)>
2567
+
2568
+
2569
+ <!-- user-group
2570
+
2571
+ Used in:
2572
+ security-map
2573
+ -->
2574
+ <!ELEMENT user-group (#PCDATA)>
2575
+
2576
+
2577
+ <!-- backend-principal
2578
+
2579
+ Used in:
2580
+ security-map
2581
+ -->
2582
+ <!ELEMENT backend-principal EMPTY>
2583
+
2584
+ <!ATTLIST backend-principal
2585
+ user-name CDATA #REQUIRED
2586
+ password CDATA #IMPLIED>
2587
+
2588
+
2589
+ <!-- thread-pools
2590
+
2591
+ Used in:
2592
+ config
2593
+ -->
2594
+ <!ELEMENT thread-pools (thread-pool+)>
2595
+
2596
+
2597
+ <!-- thread-pool
2598
+
2599
+ attributes
2600
+ idle-thread-timeout-in-seconds
2601
+ idle threads are removed from pool, after this time
2602
+ max-thread-pool-size
2603
+ Maximum number of threads in the threadpool servicing
2604
+ requests in this queue. This is the upper bound on the no. of
2605
+ threads that exist in the threadpool.
2606
+ min-thread-pool-size
2607
+ Minimum number of threads in the threadpool servicing
2608
+ requests in this queue. These are created up front when this
2609
+ threadpool is instantiated
2610
+ num-work-queues
2611
+ This denotes the total number of work queues that are
2612
+ serviced by this threadpool.
2613
+ thread-pool-id
2614
+ This is an id for the work-queue e.g. "thread-pool-1",
2615
+ "thread-pool-2" etc
2616
+
2617
+ Used in:
2618
+ thread-pools
2619
+ -->
2620
+ <!ELEMENT thread-pool EMPTY>
2621
+
2622
+ <!ATTLIST thread-pool
2623
+ thread-pool-id CDATA #REQUIRED
2624
+ min-thread-pool-size CDATA "0"
2625
+ max-thread-pool-size CDATA "200"
2626
+ idle-thread-timeout-in-seconds CDATA "120"
2627
+ num-work-queues CDATA "1">
2628
+
2629
+
2630
+ <!-- property
2631
+ Syntax for supplying properties as name value pairs
2632
+
2633
+ Used in:
2634
+ admin-object-resource, admin-service, alert-service,
2635
+ audit-module, auth-realm, availability-service, cluster, config,
2636
+ connector-connection-pool, connector-resource, custom-resource,
2637
+ das-config, domain, ejb-container, ejb-container-availability,
2638
+ ejb-timer-service, external-jndi-resource, filter-config,
2639
+ http-listener, http-service, iiop-listener, jacc-provider,
2640
+ java-config, jdbc-connection-pool, jdbc-resource, jms-host,
2641
+ jms-service, jmx-connector, lb-config, lifecycle-module,
2642
+ listener-config, log-service, mail-resource, manager-properties,
2643
+ mdb-container, module-log-levels, module-monitoring-levels,
2644
+ monitoring-service, node-agent, orb,
2645
+ persistence-manager-factory-resource, profiler, provider-config,
2646
+ resource-adapter-config, security-service, server,
2647
+ session-properties, store-properties, transaction-service,
2648
+ virtual-server, web-container, web-container-availability
2649
+ -->
2650
+ <!ELEMENT property (description?)>
2651
+
2652
+ <!ATTLIST property
2653
+ name CDATA #REQUIRED
2654
+ value CDATA #REQUIRED>
2655
+
2656
+
2657
+ <!-- system-property
2658
+ Syntax for supplying system properties as name value pairs
2659
+
2660
+ Used in:
2661
+ cluster, config, domain, server
2662
+ -->
2663
+ <!ELEMENT system-property (description?)>
2664
+
2665
+ <!ATTLIST system-property
2666
+ name CDATA #REQUIRED
2667
+ value CDATA #REQUIRED>
2668
+
2669
+
2670
+ <!-- server
2671
+ J2EE Application Server Configuration
2672
+
2673
+ Each Application Server instance is a J2EEv1.4 compliant container. One
2674
+ server instance is specially designated as the Administration Server in
2675
+ SE/EE. User applications cannot be deployed to an Adminsitration Server
2676
+ instance.
2677
+
2678
+
2679
+ children
2680
+ application-ref
2681
+ References to applications deployed to the server instance
2682
+ resource-ref
2683
+ References to resources deployed to the server instance
2684
+
2685
+ attributes
2686
+ config-ref
2687
+ points to a named config. needed for stand-alone servers. If
2688
+ the server instance is part of a cluster, then it must not be
2689
+ present, and will be ignored.
2690
+ name
2691
+ name of the server instance.
2692
+ node-agent-ref
2693
+ SE/EE only. Specifies the name of the node agent where the
2694
+ server instance is hosted.
2695
+
2696
+ Used in:
2697
+ servers
2698
+ -->
2699
+ <!ELEMENT server
2700
+ (application-ref*, resource-ref*, system-property*, property*)>
2701
+
2702
+
2703
+ <!ATTLIST server
2704
+ name CDATA #REQUIRED
2705
+ config-ref CDATA #IMPLIED
2706
+ node-agent-ref CDATA #IMPLIED>
2707
+
2708
+
2709
+ <!-- application-ref
2710
+
2711
+ attributes
2712
+ disable-timeout-in-minutes
2713
+ The time, in minutes, that it takes this application to reach
2714
+ a quiescent state after having been disabled
2715
+ lb-enabled
2716
+ A boolean flag that causes any and all load-balancers using
2717
+ this application to consider this application unavailable to
2718
+ them. Defaults to unavailable (false).
2719
+
2720
+ Used in:
2721
+ cluster, server
2722
+ -->
2723
+ <!ELEMENT application-ref EMPTY>
2724
+
2725
+ <!ATTLIST application-ref
2726
+ enabled %boolean; "true"
2727
+ virtual-servers CDATA #IMPLIED
2728
+ lb-enabled %boolean; "false"
2729
+ disable-timeout-in-minutes CDATA "30"
2730
+ ref CDATA #REQUIRED>
2731
+
2732
+
2733
+ <!-- resource-ref
2734
+
2735
+ Used in:
2736
+ cluster, server
2737
+ -->
2738
+ <!ELEMENT resource-ref EMPTY>
2739
+
2740
+ <!ATTLIST resource-ref
2741
+ enabled %boolean; "true"
2742
+ ref CDATA #REQUIRED>
2743
+
2744
+
2745
+ <!-- cluster
2746
+ SE/EE Cluster configuration. A cluster defines a homogenous set
2747
+ of server instances that share the same applications, resources,
2748
+ and configuration.
2749
+
2750
+ children
2751
+ server-ref
2752
+ list of servers in the cluster
2753
+
2754
+ attributes
2755
+ config-ref
2756
+ points to a named config. All server instances in the cluster
2757
+ will share this config.
2758
+ name
2759
+ cluster name
2760
+
2761
+ Used in:
2762
+ clusters
2763
+ -->
2764
+ <!ELEMENT cluster
2765
+ (server-ref*, resource-ref*, application-ref*, system-property*,
2766
+ property*)>
2767
+
2768
+
2769
+ <!ATTLIST cluster
2770
+ name CDATA #REQUIRED
2771
+ config-ref CDATA #REQUIRED>
2772
+
2773
+
2774
+ <!-- server-ref
2775
+
2776
+ attributes
2777
+ disable-timeout-in-minutes
2778
+ The time, in minutes, that it takes this server to reach a
2779
+ quiescent state after having been disabled
2780
+ enabled
2781
+ A boolean flag that causes the server to be enabled to serve
2782
+ end-users, or not. Default is to be enabled (true)
2783
+ lb-enabled
2784
+ A boolean flag that causes any and all load-balancers using
2785
+ this server to consider this server unavailable to them.
2786
+ Defaults to unavailable (false)
2787
+ ref
2788
+ A reference to the name of a server defined elsewhere
2789
+
2790
+ Used in:
2791
+ cluster, lb-config
2792
+ -->
2793
+ <!ELEMENT server-ref (health-checker?)>
2794
+
2795
+ <!ATTLIST server-ref
2796
+ ref CDATA #REQUIRED
2797
+ disable-timeout-in-minutes CDATA "30"
2798
+ lb-enabled %boolean; "false"
2799
+ enabled %boolean; "true">
2800
+
2801
+
2802
+ <!-- node-agent
2803
+ SE/EE Node Controller. The node agent is an agent that manages
2804
+ server instances on a host machine.
2805
+
2806
+ attributes
2807
+ name
2808
+ Node Controller name
2809
+ start-servers-in-startup
2810
+ If true starts all managed server instances when the Node
2811
+ Controller is started.
2812
+ system-jmx-connector-name
2813
+ The name of the internal jmx connector
2814
+
2815
+ Used in:
2816
+ node-agents
2817
+ -->
2818
+ <!ELEMENT node-agent (jmx-connector?, auth-realm?, log-service, property*)>
2819
+
2820
+ <!ATTLIST node-agent
2821
+ name CDATA #REQUIRED
2822
+ system-jmx-connector-name CDATA #IMPLIED
2823
+ start-servers-in-startup %boolean; "true">
2824
+
2825
+
2826
+ <!-- lb-config
2827
+
2828
+ attributes
2829
+ https-routing
2830
+ Boolean flag indicating how load-balancer will route https
2831
+ requests. If true then an https request to the load-balancer
2832
+ will result in an https request to the server; if false then
2833
+ https requests to the load-balancer result in http requests
2834
+ to the server. Default is to use http (i.e. value of false);
2835
+ monitoring-enabled
2836
+ Boolean flag that determines whether monitoring is switched
2837
+ on or not. Default is that monitoring is switched off (false)
2838
+ name
2839
+ Name of the load balancer configuration
2840
+ reload-poll-interval-in-seconds
2841
+ Maximum period, in seconds, that a change to the load
2842
+ balancer configuration file takes before it is detected by
2843
+ the load balancer and the file reloaded. A value of 0
2844
+ indicates that reloading is disabled. Default period is 1
2845
+ minute (60)
2846
+ response-timeout-in-seconds
2847
+ Period within which a server must return a response or
2848
+ otherwise it will be considered unhealthy. Default value is
2849
+ 60 seconds. Must be greater than or equal to 0. A value of 0
2850
+ effectively turns off this check functionality, meaning the
2851
+ server will always be considered healthy.
2852
+ route-cookie-enabled
2853
+ Boolean flag that determines whether a route cookie is or is
2854
+ not enabled. Default is enabled (true).
2855
+
2856
+ Used in:
2857
+ lb-configs
2858
+ -->
2859
+ <!ELEMENT lb-config ((cluster-ref* | server-ref*), property*)>
2860
+
2861
+ <!ATTLIST lb-config
2862
+ name CDATA #REQUIRED
2863
+ response-timeout-in-seconds CDATA "60"
2864
+ https-routing %boolean; "false"
2865
+ reload-poll-interval-in-seconds CDATA "60"
2866
+ monitoring-enabled %boolean; "false"
2867
+ route-cookie-enabled %boolean; "true">
2868
+
2869
+
2870
+ <!-- health-checker
2871
+ Each cluster would be configured for a ping based health check
2872
+ mechanism.
2873
+
2874
+ attributes
2875
+ interval-in-seconds
2876
+ Interval, in seconds, between health checks. A value of "0"
2877
+ means that the health check is disabled. Default is 30
2878
+ seconds. Must be 0 or greater.
2879
+ timeout-in-seconds
2880
+ Maximum time, in seconds, that a server must respond to a
2881
+ health check request to be considered healthy. Default is 10
2882
+ seconds. Must be greater than 0.
2883
+ url
2884
+ URL to ping so as to determine the health state of a
2885
+ listener. This must be a relative URL.
2886
+
2887
+ Used in:
2888
+ cluster-ref, server-ref
2889
+ -->
2890
+ <!ELEMENT health-checker EMPTY>
2891
+
2892
+ <!ATTLIST health-checker
2893
+ url CDATA "/"
2894
+ interval-in-seconds CDATA "30"
2895
+ timeout-in-seconds CDATA "10">
2896
+
2897
+
2898
+ <!-- cluster-ref
2899
+ Element relating a reference to a cluster to be load balanced to
2900
+ an (optional) health-checker
2901
+
2902
+ attributes
2903
+ ref
2904
+ A reference to the name of a cluster defined elsewhere
2905
+
2906
+ Used in:
2907
+ lb-config
2908
+ -->
2909
+ <!ELEMENT cluster-ref (health-checker?)>
2910
+
2911
+ <!ATTLIST cluster-ref
2912
+ ref CDATA #REQUIRED>
2913
+
2914
+
2915
+ <!-- message-security-config
2916
+ The message-security-config element defines the message layer
2917
+ specific provider configurations of the application server.
2918
+
2919
+ All of the providers within a message-security-config element must be able
2920
+ to perform authentication processing at the message layer defined by the
2921
+ value of the auth-layer attribute.
2922
+
2923
+
2924
+ attributes
2925
+ default-client-provider
2926
+ used to identify the client provider to be invoked for any
2927
+ application for which a specific client provider has not been
2928
+ bound.
2929
+ default-provider
2930
+ used to identify the server provider to be invoked for any
2931
+ application for which a specific server provider has not been
2932
+ bound.
2933
+
2934
+ When a default provider of a type is not defined for a message layer,
2935
+ the container will only invoke a provider of the type (at the layer)
2936
+ for those applications for which a specific provider has been bound.
2937
+
2938
+
2939
+ Used in:
2940
+ security-service
2941
+ -->
2942
+ <!ELEMENT message-security-config (provider-config+)>
2943
+
2944
+ <!ATTLIST message-security-config
2945
+ auth-layer %message-layer; #REQUIRED
2946
+ default-provider CDATA #IMPLIED
2947
+ default-client-provider CDATA #IMPLIED>
2948
+
2949
+
2950
+ <!-- provider-config
2951
+ The provider-config element defines the configuration of an
2952
+ authentication provider.
2953
+
2954
+ A provider-config with no contained request-policy or response-policy
2955
+ sub-elements, is a null provider. The container will not instantiate or
2956
+ invoke the methods of a null provider, and as such the implementation
2957
+ class of a null provider need not exist.
2958
+
2959
+
2960
+ children
2961
+ request-policy
2962
+ defines the authentication policy requirements associated
2963
+ with the request processing performed by the authentication
2964
+ provider.
2965
+ response-policy
2966
+ defines the authentication policy requirements associated
2967
+ with the response processing performed by the authentication
2968
+ provider.
2969
+
2970
+ attributes
2971
+ class-name
2972
+ defines the java implementation class of the provider. Client
2973
+ authentication providers must implement the
2974
+
2975
+ com.sun.enterprise.security.jauth.ClientAuthModule
2976
+ interface. Server-side providers must implement the
2977
+
2978
+ com.sun.enterprise.security.jauth.ServerAuthModule
2979
+ interface. A provider may implement both interfaces, but it
2980
+ must implement the interface corresponding to its provider
2981
+ type.
2982
+ provider-id
2983
+ Identifier used to uniquely identify this
2984
+
2985
+ provider-config
2986
+ element
2987
+ provider-type
2988
+ defines whether the provider is a client authentication
2989
+ provider or a server authentication provider.
2990
+
2991
+ Used in:
2992
+ message-security-config
2993
+ -->
2994
+ <!ELEMENT provider-config (request-policy?, response-policy?, property*)>
2995
+
2996
+ <!ATTLIST provider-config
2997
+ provider-id CDATA #REQUIRED
2998
+ provider-type (client | server | client-server) #REQUIRED
2999
+ class-name CDATA #REQUIRED>
3000
+
3001
+
3002
+ <!-- request-policy
3003
+ Used to define the authentication policy requirements associated
3004
+ with the request processing performed by an authentication
3005
+ provider (i.e. when a client provider's
3006
+
3007
+ ClientAuthModule.initiateRequest()
3008
+ method is called or when a server provider's
3009
+
3010
+ ServerAuthModule.validateRequest()
3011
+ method is called).
3012
+
3013
+ attributes
3014
+ auth-recipient
3015
+ defines a requirement for message layer authentication of the
3016
+ reciever of a message to its sender (e.g. by XML encryption).
3017
+ before-content
3018
+ indicates that recipient authentication (e.g. encryption)
3019
+ is to occur before any content authentication (e.g.
3020
+ encrypt then sign) with respect to the target of the
3021
+ containing auth-policy.
3022
+ after-content
3023
+ indicates that recipient authentication (e.g. encryption)
3024
+ is to occur after any content authentication (e.g. sign
3025
+ then encrypt) with respect to the target of the
3026
+ containing auth-policy.
3027
+ auth-source
3028
+ defines a requirement for message layer sender authentication
3029
+ (e.g. username password) or content authentication (e.g.
3030
+ digital signature).
3031
+
3032
+ Used in:
3033
+ provider-config
3034
+ -->
3035
+ <!ELEMENT request-policy EMPTY>
3036
+
3037
+ <!ATTLIST request-policy
3038
+ auth-source (sender | content) #IMPLIED
3039
+ auth-recipient (before-content | after-content) #IMPLIED>
3040
+
3041
+
3042
+ <!-- response-policy
3043
+ Used to define the authentication policy requirements associated
3044
+ with the response processing performed by an authentication
3045
+ provider (i.e. when a client provider's
3046
+
3047
+ ClientAuthModule.validateResponse()
3048
+ method is called or when a server provider's
3049
+
3050
+ ServerAuthModule.secureResponse()
3051
+ method is called).
3052
+
3053
+ attributes
3054
+ auth-recipient
3055
+ defines a requirement for message layer authentication of the
3056
+ reciever of a message to its sender (e.g. by XML encryption).
3057
+ before-content
3058
+ indicates that recipient authentication (e.g. encryption)
3059
+ is to occur before any content authentication (e.g.
3060
+ encrypt then sign) with respect to the target of the
3061
+ containing auth-policy.
3062
+ after-content
3063
+ indicates that recipient authentication (e.g. encryption)
3064
+ is to occur after any content authentication (e.g. sign
3065
+ then encrypt) with respect to the target of the
3066
+ containing auth-policy.
3067
+ auth-source
3068
+ defines a requirement for message layer sender authentication
3069
+ (e.g. username password) or content authentication (e.g.
3070
+ digital signature).
3071
+
3072
+ Used in:
3073
+ provider-config
3074
+ -->
3075
+ <!ELEMENT response-policy EMPTY>
3076
+
3077
+ <!ATTLIST response-policy
3078
+ auth-source (sender | content) #IMPLIED
3079
+ auth-recipient (before-content | after-content) #IMPLIED>
3080
+