glassfish 0.1.1-universal-java-1.5

data/lib/appclient/wss-client-config-2.0.xml

@@ -0,0 +1,96 @@
+<!--
+Copyright 2004 Sun Microsystems, Inc. All rights reserved.
+SUN PROPRIETARY/CONFIDENTIAL. Use is subject to license terms.
+-->
+<!--
+ This client side config file pairs with wss-server-config-2.0.xml on the server
+ and supports the following UseCases:
+ Usecase 2: Encrypted UsernameToken
+ Usecase 3: Encrypted UsernameToken and MessageBody
+ Usecase 4: Response Encryption Key Learnt from Incoming Message
+
+ Certificate Alias Information :
+ 1. A certificateAlias under the <xwss:Encrypt> element signifies the certificate
+    of the recipient of the message.
+ 2. A certificateAlias under the <xwss:Sign> element signifies the certificate of the
+    sender.
+                                                                                                                                               
+ NOTE:
+                                                                                                                                               
+   1. the certificateAlias has the above meaning for all the Sign and Encrypt elements below
+   2. there are several Sign and Encrypt elements below and similarly several RequireSignature and
+      RequireEncryption elements. Which of them would be actually used at runtime will depend on
+      the AuthPolicy passed to the module.
+                                                                                                                                               
+      For Example : if Auth-Source=Sender then only the <xwss:UsernameToken> elements will be used
+      and none of the <xwss:Sign> elements will be used.
+      If Auth-Source=Content then the <xwss:Sign> element will be used
+                                                                                                                                               
+   3.  The different variations of <xwss:Encrypt> elements in this configuration file are to accomodate
+       default encryption of the UsernameToken.
+                                                                                                                                               
+   4.  The actual certificate alias to be used for any Signature operation can be modified during AuthModule
+       initialization by setting the alias as the value of "signature.key.alias" property in the Module Options Map.
+   5.  The actual certificate alias to be used for any Encrypt operation can be modified during AuthModule
+       initialization by setting the alias as the value of "encryption.key.alias" property in the Module Options Map.
+                                                                                                                                               
+   6. Debug Dumping of Messages can be enabled by setting the "debug" property in the Module Options Map to "true" during
+      AuthModule initialization.
+   7. The Actual configuration file to be used by an Authmodule can be changed by setting the property "security.config" in
+      the Module Options Map to point to the configuration file location.
+   8. When the "security.config" property is not set during module initialization then a client auth module will use wss-client-config-2.0.xml
+      by default.
+   9. When the "security.config" property is not set during module initialization then a server auth module will use wss-server-config-2.0.xml
+      by default.
+   10. The property "dynamic.username.password" when set during module initialization to "true" will signal the provider runtime to collect the username and password from the CallbackHandler for each request. When this property is set to "false" or if the property is not set then the username and password for  wsse:UsernameToken(s) is collected once during Module Initialization.
+
+-->
+
+<xwss:SecurityConfiguration xmlns:xwss="http://java.sun.com/xml/ns/xwss/config" 
+                            dumpMessages="false">                           
+    <xwss:Timestamp/>
+    <xwss:Encrypt>
+        <xwss:X509Token certificateAlias="s1as"/>
+        <xwss:KeyEncryptionMethod algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
+    </xwss:Encrypt>    
+    <xwss:Encrypt>
+        <xwss:X509Token certificateAlias="s1as"/>
+        <xwss:KeyEncryptionMethod algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
+        <xwss:Target type="qname">{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}UsernameToken</xwss:Target>
+    </xwss:Encrypt>    
+    <xwss:Encrypt>
+        <xwss:X509Token certificateAlias="s1as"/>
+        <xwss:KeyEncryptionMethod algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
+        <xwss:Target type="qname">{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}UsernameToken</xwss:Target>
+        <xwss:Target type="qname">SOAP-BODY</xwss:Target>
+    </xwss:Encrypt>    
+    <xwss:Encrypt>
+        <xwss:X509Token certificateAlias="s1as"/>
+        <xwss:KeyEncryptionMethod algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
+        <xwss:Target type="qname">SOAP-BODY</xwss:Target>
+        <xwss:Target type="qname">{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}UsernameToken</xwss:Target>
+    </xwss:Encrypt>    
+    <xwss:Sign>
+        <xwss:X509Token certificateAlias="s1as"/>
+    </xwss:Sign>
+    <xwss:UsernameToken digestPassword="false" useNonce="true"/>
+
+    <xwss:RequireUsernameToken nonceRequired="true" passwordDigestRequired="false"/>   
+    <xwss:RequireSignature>
+        <xwss:Target type="qname">SOAP-BODY</xwss:Target>
+    </xwss:RequireSignature>     
+    <xwss:RequireEncryption>
+        <xwss:Target type="qname">SOAP-BODY</xwss:Target>
+    </xwss:RequireEncryption>
+    <xwss:RequireEncryption>
+        <xwss:Target type="qname">{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}UsernameToken</xwss:Target>
+    </xwss:RequireEncryption>    
+    <xwss:RequireEncryption>
+        <xwss:Target type="qname">{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}UsernameToken</xwss:Target>
+        <xwss:Target type="qname">SOAP-BODY</xwss:Target>
+    </xwss:RequireEncryption>    
+    <xwss:RequireEncryption>
+        <xwss:Target type="qname">SOAP-BODY</xwss:Target>
+        <xwss:Target type="qname">{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}UsernameToken</xwss:Target>
+    </xwss:RequireEncryption>    
+</xwss:SecurityConfiguration>

data/lib/dtds/application-client_1_2.dtd

@@ -0,0 +1,292 @@
+<!--
+Copyright 1999 Sun Microsystems, Inc. 901 San Antonio Road,
+Palo Alto, CA  94303, U.S.A.  All rights reserved.
+ 
+This product or document is protected by copyright and distributed
+under licenses restricting its use, copying, distribution, and
+decompilation.  No part of this product or documentation may be
+reproduced in any form by any means without prior written authorization
+of Sun and its licensors, if any.  
+
+Third party software, including font technology, is copyrighted and 
+licensed from Sun suppliers. 
+
+Sun, Sun Microsystems, the Sun Logo, Solaris, Java, JavaServer Pages, Java 
+Naming and Directory Interface, JDBC, JDK, JavaMail and Enterprise JavaBeans, 
+are trademarks or registered trademarks of Sun Microsystems, Inc in the U.S. 
+and other countries.
+
+All SPARC trademarks are used under license and are trademarks
+or registered trademarks of SPARC International, Inc.
+in the U.S. and other countries. Products bearing SPARC
+trademarks are based upon an architecture developed by Sun Microsystems, Inc. 
+
+PostScript is a registered trademark of Adobe Systems, Inc. 
+
+ 
+Federal Acquisitions: Commercial Software - Government Users Subject to 
+Standard License Terms and Conditions.
+
+
+ 
+DOCUMENTATION IS PROVIDED "AS IS" AND ALL EXPRESS OR IMPLIED
+CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING ANY
+IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
+PURPOSE OR NON-INFRINGEMENT, ARE DISCLAIMED, EXCEPT
+TO THE EXTENT THAT SUCH DISCLAIMERS ARE HELD TO BE LEGALLY
+INVALID.
+
+_________________________________________________________________________
+Copyright 1999 Sun Microsystems, Inc., 
+901 San Antonio Road, Palo Alto, CA  94303, Etats-Unis. 
+Tous droits re'serve's.
+ 
+
+Ce produit ou document est prote'ge' par un copyright et distribue' avec 
+des licences qui en restreignent l'utilisation, la copie, la distribution,
+et la de'compilation.  Aucune partie de ce produit ou de sa documentation
+associe'e ne peut e^tre reproduite sous aucune forme, par quelque moyen 
+que ce soit, sans l'autorisation pre'alable et e'crite de Sun et de ses 
+bailleurs de licence, s'il y en a.  
+
+Le logiciel de'tenu par des tiers, et qui comprend la technologie 
+relative aux polices de caracte`res, est prote'ge' par un copyright 
+et licencie' par des fournisseurs de Sun.
+ 
+Sun, Sun Microsystems, le logo Sun, Solaris, Java, JavaServer Pages, Java 
+Naming and Directory Interface, JDBC, JDK, JavaMail, et Enterprise JavaBeans,  
+sont des marques de fabrique ou des marques de'pose'es de Sun 
+Microsystems, Inc. aux Etats-Unis et dans d'autres pays.
+ 
+Toutes les marques SPARC sont utilise'es sous licence et sont
+des marques de fabrique ou des marques de'pose'es de SPARC
+International, Inc. aux Etats-Unis et  dans
+d'autres pays. Les produits portant les marques SPARC sont
+base's sur une architecture de'veloppe'e par Sun Microsystems, Inc.  
+
+Postcript est une marque enregistre'e d'Adobe Systems Inc. 
+ 
+LA DOCUMENTATION EST FOURNIE "EN L'ETAT" ET TOUTES AUTRES CONDITIONS,
+DECLARATIONS ET GARANTIES EXPRESSES OU TACITES SONT FORMELLEMENT EXCLUES,
+DANS LA MESURE AUTORISEE PAR LA LOI APPLICABLE, Y COMPRIS NOTAMMENT
+TOUTE GARANTIE IMPLICITE RELATIVE A LA QUALITE MARCHANDE, A L'APTITUDE
+A UNE UTILISATION PARTICULIERE OU A L'ABSENCE DE CONTREFACON.
+-->
+
+<!--
+The application-client element is the root element of an application client
+deployment descriptor.
+The application client deployment descriptor describes the EJB components and
+external resources referenced by the application client.
+-->
+<!ELEMENT application-client (icon?, display-name, description?, env-entry*,
+ejb-ref*, resource-ref*)>
+
+<!--
+The description element is used to provide text describing the parent element.
+The description element should include any information that the
+application-client file producer wants to provide to the consumer of the
+application-client file (i.e., to the Deployer). Typically, the tools used by
+the application-client file consumer will display the description when
+processing the parent element that contains the description.
+-->
+<!ELEMENT description (#PCDATA)>
+
+<!--
+The display-name element contains a short name that is intended to be displayed
+by tools.
+-->
+<!ELEMENT display-name (#PCDATA)>
+
+<!--
+The ejb-link element is used in the ejb-ref element to specify that an EJB
+reference is linked to an enterprise bean in the encompassing J2EE Application
+package. The value of the ejb-link element must be the ejb-name of an enterprise
+bean in the same J2EE Application package. Used in: ejb-ref
+Example: <ejb-link>EmployeeRecord</ejb-link>
+-->
+<!ELEMENT ejb-link (#PCDATA)>
+
+<!--
+The ejb-ref element is used for the declaration of a reference to an enterprise
+bean's home. The declaration consists of an optional description; the EJB
+reference name used in the code of the referencing application client; the
+expected type of the referenced enterprise bean; the expected home and remote
+interfaces of the referenced enterprise bean; and an optional ejb-link
+information. The optional ejb-link element is used to specify the referenced
+enterprise bean.
+-->
+<!ELEMENT ejb-ref (description?, ejb-ref-name, ejb-ref-type, home, remote,
+ejb-link?)>
+
+<!--
+The ejb-ref-name element contains the name of an EJB reference. The EJB
+reference is an entry in the application client's environment. It is recommended
+that name is prefixed with "ejb/". Used in: ejb-ref
+Example: <ejb-ref-name>ejb/Payroll</ejb-ref-name>
+-->
+<!ELEMENT ejb-ref-name (#PCDATA)>
+
+<!--
+The ejb-ref-type element contains the expected type of the referenced enterprise
+bean. The ejb-ref-type element must be one of the following:
+<ejb-ref-type>Entity</ejb-ref-type>
+<ejb-ref-type>Session</ejb-ref-type>
+Used in: ejb-ref
+-->
+<!ELEMENT ejb-ref-type (#PCDATA)>
+
+<!--
+The env-entry element contains the declaration of an application client's
+environment entries. The declaration consists of an optional description, the
+name of the environment entry, and an optional value.
+-->
+<!ELEMENT env-entry (description?, env-entry-name, env-entry-type,
+env-entry-value?)>
+
+<!--
+The env-entry-name element contains the name of an application client's
+environment entry. Used in: env-entry
+Example: <env-entry-name>EmployeeAppDB</env-entry-name>
+-->
+<!ELEMENT env-entry-name (#PCDATA)>
+
+<!--
+The env-entry-type element contains the fully-qualified Java type of the
+environment entry value that is expected by the application client's code. The
+following are the legal values of env-entry-type: java.lang.Boolean,
+java.lang.String, java.lang.Integer, java.lang.Double, java.lang.Byte,
+java.lang.Short, java.lang.Long, and java.lang.Float.
+
+Used in: env-entry
+
+Example:
+<env-entry-type>java.lang.Boolean</env-entry-type>
+-->
+<!ELEMENT env-entry-type (#PCDATA)>
+
+<!--
+The env-entry-value element contains the value of an application client's
+environment entry. The value must be a String that is valid for the constructor
+of the specified type that takes a single String parameter.
+
+Used in: env-entry
+
+Example:
+<env-entry-value>/datasources/MyDatabase</env-entry-value>
+-->
+<!ELEMENT env-entry-value (#PCDATA)>
+
+<!--
+The home element contains the fully-qualified name of the enterprise bean's home
+interface.
+Used in: ejb-ref
+Example: <home>com.aardvark.payroll.PayrollHome</home>
+-->
+<!ELEMENT home (#PCDATA)>
+
+<!--
+The icon element contains a small-icon and large-icon element which specify the
+URIs for a small and a large GIF or JPEG icon image used to represent the
+application client in a GUI tool.
+-->
+<!ELEMENT icon (small-icon?, large-icon?)>
+
+<!--
+The large-icon element contains the name of a file containing a large (32 x 32)
+icon image. The file name is a relative path within the application-client jar
+file. The image must be either in the JPEG or GIF format, and the file name must
+end with the suffix ".jpg" or ".gif" respectively. The icon can be used by
+tools.
+Example:
+<large-icon>lib/images/employee-service-icon32x32.jpg</large-icon>
+-->
+<!ELEMENT large-icon (#PCDATA)>
+
+<!--
+The remote element contains the fully-qualified name of the enterprise bean's
+remote interface.
+Used in: ejb-ref
+Example:
+<remote>com.wombat.empl.EmployeeService</remote>
+-->
+<!ELEMENT remote (#PCDATA)>
+
+<!--
+The res-auth element specifies whether the enterprise bean code signs on
+programmatically to the resource manager, or whether the Container will sign on
+to the resource manager on behalf of the bean. In the latter case, the Container
+uses information that is supplied by the Deployer.
+The value of this element must be one of the two following:
+<res-auth>Application</res-auth>
+<res-auth>Container</res-auth>
+-->
+<!ELEMENT res-auth (#PCDATA)>
+
+<!--
+The res-ref-name element specifies the name of the resource factory reference
+name. The resource factory reference name is the name of the application
+client's environment entry whose value contains the JNDI name of the data
+source.
+Used in: resource-ref
+-->
+<!ELEMENT res-ref-name (#PCDATA)>
+
+<!--
+The res-type element specifies the type of the data source. The type is
+specified by the Java interface (or class) expected to be implemented by the
+data source.
+Used in: resource-ref
+-->
+<!ELEMENT res-type (#PCDATA)>
+
+<!--
+The resource-ref element contains a declaration of application clients's
+reference to an external resource. It consists of an optional description, the
+resource factory reference name, the indication of the resource factory type
+expected by the application client's code, and the type of authentication (bean
+or container).
+
+Example:
+<resource-ref>
+<res-ref-name>EmployeeAppDB</res-ref-name>
+<res-type>javax.sql.DataSource</res-type>
+<res-auth>Container</res-auth>
+</resource-ref>
+-->
+<!ELEMENT resource-ref (description?, res-ref-name, res-type, res-auth)>
+<!--
+The small-icon element contains the name of a file containing a small (16 x 16)
+icon image. The file name is a relative path within the application-client jar
+file. The image must be either in the JPEG or GIF format, and the file name must
+end with the suffix ".jpg" or ".gif" respectively. The icon can be used by
+tools.
+Example:
+<small-icon>lib/images/employee-service-icon16x16.jpg</small-icon>
+-->
+<!ELEMENT small-icon (#PCDATA)>
+
+<!--
+The ID mechanism is to allow tools to easily make tool-specific references to
+the elements of the deployment descriptor.
+ -->
+<!ATTLIST application-client id ID #IMPLIED>
+<!ATTLIST description id ID #IMPLIED>
+<!ATTLIST display-name id ID #IMPLIED>
+<!ATTLIST ejb-link id ID #IMPLIED>
+<!ATTLIST ejb-ref id ID #IMPLIED>
+<!ATTLIST ejb-ref-name id ID #IMPLIED>
+<!ATTLIST ejb-ref-type id ID #IMPLIED>
+<!ATTLIST env-entry id ID #IMPLIED>
+<!ATTLIST env-entry-name id ID #IMPLIED>
+<!ATTLIST env-entry-type id ID #IMPLIED>
+<!ATTLIST env-entry-value id ID #IMPLIED>
+<!ATTLIST home id ID #IMPLIED>
+<!ATTLIST icon id ID #IMPLIED>
+<!ATTLIST large-icon id ID #IMPLIED>
+<!ATTLIST remote id ID #IMPLIED>
+<!ATTLIST res-auth id ID #IMPLIED>
+<!ATTLIST res-ref-name id ID #IMPLIED>
+<!ATTLIST res-type id ID #IMPLIED>
+<!ATTLIST resource-ref id ID #IMPLIED>
+<!ATTLIST small-icon id ID #IMPLIED>

data/lib/dtds/application-client_1_3.dtd

@@ -0,0 +1,506 @@
+<!--
+Copyright (c) 2000 Sun Microsystems, Inc.,
+901 San Antonio Road,
+Palo Alto, California 94303, U.S.A.
+All rights reserved.
+
+Sun Microsystems, Inc. has intellectual property rights relating to
+technology embodied in the product that is described in this document.
+In particular, and without limitation, these intellectual property
+rights may include one or more of the U.S. patents listed at
+http://www.sun.com/patents and one or more additional patents or
+pending patent applications in the U.S. and in other countries.
+
+This document and the product to which it pertains are distributed
+under licenses restricting their use, copying, distribution, and
+decompilation.  This document may be reproduced and distributed but may
+not be changed without prior written authorization of Sun and its
+licensors, if any.
+
+Third-party software, including font technology, is copyrighted and
+licensed from Sun suppliers.
+
+Sun,  Sun Microsystems,  the Sun logo,  Java,  JavaServer Pages,  Java
+Naming and Directory Interface,  JDBC,  JDK,  JavaMail and  and
+Enterprise JavaBeans are trademarks or registered trademarks of Sun
+Microsystems, Inc. in the U.S. and other countries.
+
+Federal Acquisitions: Commercial Software - Government Users Subject to
+Standard License Terms and Conditions.
+
+DOCUMENTATION IS PROVIDED "AS IS" AND ALL EXPRESS OR IMPLIED
+CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING ANY IMPLIED
+WARRANTY OF MERCHANTABILITY, FITNESS FOR FOR A PARTICULAR PURPOSE OR
+NON-INFRINGEMENT, ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCH
+DISCLAIMERS ARE HELD TO BE LEGALLY INVALID.
+
+
+_________________________________________________________________________
+
+Copyright (c) 2000 Sun Microsystems, Inc.,
+901 San Antonio Road,
+Palo Alto, California 94303, E'tats-Unis.
+Tous droits re'serve's.
+
+Sun Microsystems, Inc. a les droits de proprie'te' intellectuels
+relatants a` la technologie incorpore'e dans le produit qui est de'crit
+dans ce document. En particulier, et sans la limitation, ces droits de
+proprie'te' intellectuels peuvent inclure un ou plus des brevets
+ame'ricains e'nume're's a` http://www.sun.com/patents et un ou les
+brevets plus supple'mentaires ou les applications de brevet en attente
+dans les E'tats-Unis et dans les autres pays.
+
+Ce produit ou document est prote'ge' par un copyright et distribue'
+avec des licences qui en restreignent l'utilisation, la copie, la
+distribution, et la de'compilation.  Ce documention associe n peut
+e^tre reproduite et distribuer, par quelque moyen que ce soit, sans
+l'autorisation pre'alable et e'crite de Sun et de ses bailleurs de
+licence, le cas e'che'ant.
+
+Le logiciel de'tenu par des tiers, et qui comprend la technologie
+relative aux polices de caracte`res, est prote'ge' par un copyright et
+licencie' par des fournisseurs de Sun.
+
+Sun,  Sun Microsystems,  le logo Sun,  Java,  JavaServer Pages,  Java
+Naming and Directory Interface,  JDBC,  JDK,  JavaMail et  and
+Enterprise JavaBeans sont des marques de fabrique ou des marques
+de'pose'es de Sun Microsystems, Inc. aux E'tats-Unis et dans d'autres
+pays.
+
+LA DOCUMENTATION EST FOURNIE "EN L'E'TAT" ET TOUTES AUTRES CONDITIONS,
+DECLARATIONS ET GARANTIES EXPRESSES OU TACITES SONT FORMELLEMENT
+EXCLUES, DANS LA MESURE AUTORISEE PAR LA LOI APPLICABLE, Y COMPRIS
+NOTAMMENT TOUTE GARANTIE IMPLICITE RELATIVE A LA QUALITE MARCHANDE, A
+L'APTITUDE A UNE UTILISATION PARTICULIERE OU A L'ABSENCE DE
+CONTREFAC,ON.
+-->
+
+<!--
+This is the XML DTD for the J2EE 1.3 application client deployment
+descriptor.  All J2EE 1.3 application client deployment descriptors
+must include a DOCTYPE of the following form:
+
+  <!DOCTYPE application-client PUBLIC
+	"-//Sun Microsystems, Inc.//DTD J2EE Application Client 1.3//EN"
+	"http://java.sun.com/dtd/application-client_1_3.dtd">
+
+-->
+
+<!--
+The following conventions apply to all J2EE deployment descriptor
+elements unless indicated otherwise.
+
+- In elements that contain PCDATA, leading and trailing whitespace
+  in the data may be ignored.
+
+- In elements whose value is an "enumerated type", the value is
+  case sensitive.
+
+- In elements that specify a pathname to a file within the same
+  JAR file, relative filenames (i.e., those not starting with "/")
+  are considered relative to the root of the JAR file's namespace.
+  Absolute filenames (i.e., those starting with "/") also specify
+  names in the root of the JAR file's namespace.  In general, relative
+  names are preferred.  The exception is .war files where absolute
+  names are preferred for consistency with the servlet API.
+-->
+
+
+<!--
+The application-client element is the root element of an application
+client deployment descriptor.  The application client deployment
+descriptor describes the EJB components and external resources
+referenced by the application client.
+-->
+<!ELEMENT application-client (icon?, display-name, description?,
+		env-entry*, ejb-ref*, resource-ref*, resource-env-ref*,
+		callback-handler?)>
+
+<!--
+The callback-handler element names a class provided by the
+application.  The class must have a no args constructor and must
+implement the javax.security.auth.callback.CallbackHandler interface.
+The class will be instantiated by the application client container and
+used by the container to collect authentication information from the
+user.
+
+Used in: application-client
+-->
+<!ELEMENT callback-handler (#PCDATA)>
+
+<!--
+The description element is used to provide text describing the parent
+element.  The description element should include any information that
+the application client jar file producer wants to provide to the consumer of
+the application client jar file (i.e., to the Deployer). Typically, the tools
+used by the application client jar file consumer will display the description
+when processing the parent element that contains the description.
+
+Used in: application-client, ejb-ref, env-entry, resource-env-ref,
+resource-ref
+-->
+<!ELEMENT description (#PCDATA)>
+
+<!--
+The display-name element contains a short name that is intended to be
+displayed by tools.  The display name need not be unique.
+
+Used in: application-client
+
+Example:
+
+<display-name>Employee Self Service</display-name>
+-->
+<!ELEMENT display-name (#PCDATA)>
+
+<!--
+The ejb-link element is used in the ejb-ref element
+to specify that an EJB reference is linked to an
+enterprise bean.
+
+The name in the ejb-link element is composed of a
+path name specifying the ejb-jar containing the referenced enterprise
+bean with the ejb-name of the target bean appended and separated from
+the path name by "#".  The path name is relative to the jar file
+containing the application client that is referencing the enterprise bean.
+This allows multiple enterprise beans with the same ejb-name to be
+uniquely identified.
+
+Used in: ejb-ref
+
+Examples:
+
+	<ejb-link>EmployeeRecord</ejb-link>
+
+	<ejb-link>../products/product.jar#ProductEJB</ejb-link>
+
+-->
+<!ELEMENT ejb-link (#PCDATA)>
+
+<!--
+The ejb-ref element is used for the declaration of a reference to
+an enterprise bean's home. The declaration consists of:
+
+	- an optional description
+	- the EJB reference name used in the code of
+	  the application client that's referencing the enterprise bean
+	- the expected type of the referenced enterprise bean
+	- the expected home and remote interfaces of the referenced
+	  enterprise bean
+	- optional ejb-link information, used to specify the referenced
+	  enterprise bean
+
+Used in: application-client
+-->
+<!ELEMENT ejb-ref (description?, ejb-ref-name, ejb-ref-type,
+		home, remote, ejb-link?)>
+
+<!--
+The ejb-ref-name element contains the name of an EJB reference. The
+EJB reference is an entry in the application client's environment and is
+relative to the java:comp/env context.  The name must be unique
+within the application client.
+
+It is recommended that name is prefixed with "ejb/".
+
+Used in: ejb-ref
+
+Example:
+
+<ejb-ref-name>ejb/Payroll</ejb-ref-name>
+-->
+<!ELEMENT ejb-ref-name (#PCDATA)>
+
+<!--
+The ejb-ref-type element contains the expected type of the
+referenced enterprise bean.
+
+The ejb-ref-type element must be one of the following:
+
+	<ejb-ref-type>Entity</ejb-ref-type>
+	<ejb-ref-type>Session</ejb-ref-type>
+
+Used in: ejb-ref
+-->
+<!ELEMENT ejb-ref-type (#PCDATA)>
+
+<!--
+The env-entry element contains the declaration of an application client's
+environment entry. The declaration consists of an optional
+description, the name of the environment entry, and an optional
+value.  If a value is not specified, one must be supplied
+during deployment.
+
+Used in: application-client
+-->
+<!ELEMENT env-entry (description?, env-entry-name, env-entry-type,
+		env-entry-value?)>
+
+<!--
+The env-entry-name element contains the name of an application client's
+environment entry.  The name is a JNDI name relative to the
+java:comp/env context.  The name must be unique within an application client.
+
+Used in: env-entry
+
+Example:
+
+<env-entry-name>minAmount</env-entry-name>
+-->
+<!ELEMENT env-entry-name (#PCDATA)>
+
+<!--
+The env-entry-type element contains the fully-qualified Java type of
+the environment entry value that is expected by the application client's
+code.
+
+The following are the legal values of env-entry-type:
+
+	java.lang.Boolean
+	java.lang.Byte
+	java.lang.Character
+	java.lang.String
+	java.lang.Short
+	java.lang.Integer
+	java.lang.Long
+	java.lang.Float
+	java.lang.Double
+
+
+Used in: env-entry
+
+Example:
+
+<env-entry-type>java.lang.Boolean</env-entry-type>
+-->
+<!ELEMENT env-entry-type (#PCDATA)>
+
+<!--
+The env-entry-value element contains the value of an application client's
+environment entry. The value must be a String that is valid for the
+constructor of the specified type that takes a single String
+parameter, or for java.lang.Character, a single character.
+
+Used in: env-entry
+
+Example:
+
+<env-entry-value>100.00</env-entry-value>
+-->
+<!ELEMENT env-entry-value (#PCDATA)>
+
+<!--
+The home element contains the fully-qualified name of the enterprise
+bean's home interface.
+
+Used in: ejb-ref
+
+Example:
+
+<home>com.aardvark.payroll.PayrollHome</home>
+-->
+<!ELEMENT home (#PCDATA)>
+
+<!--
+The icon element contains small-icon and large-icon elements that
+specify the file names for small and a large GIF or JPEG icon images
+used to represent the parent element in a GUI tool.
+
+Used in: application-client
+-->
+<!ELEMENT icon (small-icon?, large-icon?)>
+
+<!--
+The large-icon element contains the name of a file
+containing a large (32 x 32) icon image. The file
+name is a relative path within the application client's
+jar file.
+
+The image may be either in the JPEG or GIF format.
+The icon can be used by tools.
+
+Used in: icon
+
+Example:
+
+<large-icon>employee-service-icon32x32.jpg</large-icon>
+-->
+<!ELEMENT large-icon (#PCDATA)>
+
+<!--
+The remote element contains the fully-qualified name of the enterprise
+bean's remote interface.
+
+Used in: ejb-ref
+
+Example:
+
+<remote>com.wombat.empl.EmployeeService</remote>
+-->
+<!ELEMENT remote (#PCDATA)>
+
+<!--
+The res-auth element specifies whether the application client code signs
+on programmatically to the resource manager, or whether the Container
+will sign on to the resource manager on behalf of the application client. In the
+latter case, the Container uses information that is supplied by the
+Deployer.
+
+The value of this element must be one of the two following:
+
+	<res-auth>Application</res-auth>
+	<res-auth>Container</res-auth>
+
+Used in: resource-ref
+-->
+<!ELEMENT res-auth (#PCDATA)>
+
+<!--
+The res-ref-name element specifies the name of a resource manager
+connection factory reference.  The name is a JNDI name relative to the
+java:comp/env context.  The name must be unique within an application client.
+
+Used in: resource-ref
+-->
+<!ELEMENT res-ref-name (#PCDATA)>
+
+<!--
+The res-sharing-scope element specifies whether connections obtained
+through the given resource manager connection factory reference can be
+shared. The value of this element, if specified, must be one of the
+two following:
+
+	<res-sharing-scope>Shareable</res-sharing-scope>
+	<res-sharing-scope>Unshareable</res-sharing-scope>
+
+The default value is Shareable.
+
+Used in: resource-ref
+-->
+<!ELEMENT res-sharing-scope (#PCDATA)>
+
+<!--
+The res-type element specifies the type of the data source. The type
+is specified by the fully qualified Java language class or interface
+expected to be implemented by the data source.
+
+Used in: resource-ref
+-->
+<!ELEMENT res-type (#PCDATA)>
+
+<!--
+The resource-env-ref element contains a declaration of an application client's
+reference to an administered object associated with a resource
+in the application client's environment.  It consists of an optional
+description, the resource environment reference name, and an
+indication of the resource environment reference type expected by
+the application client code.
+
+Used in: application-client
+
+Example:
+
+<resource-env-ref>
+    <resource-env-ref-name>jms/StockQueue</resource-env-ref-name>
+    <resource-env-ref-type>javax.jms.Queue</resource-env-ref-type>
+</resource-env-ref>
+-->
+<!ELEMENT resource-env-ref (description?, resource-env-ref-name,
+		resource-env-ref-type)>
+
+<!--
+The resource-env-ref-name element specifies the name of a resource
+environment reference; its value is the environment entry name used in
+the application client code.  The name is a JNDI name relative to the
+java:comp/env context and must be unique within an application client.
+
+Used in: resource-env-ref
+-->
+<!ELEMENT resource-env-ref-name (#PCDATA)>
+
+<!--
+The resource-env-ref-type element specifies the type of a resource
+environment reference.  It is the fully qualified name of a Java
+language class or interface.
+
+Used in: resource-env-ref
+-->
+<!ELEMENT resource-env-ref-type (#PCDATA)>
+
+<!--
+The resource-ref element contains a declaration of an application client's
+reference to an external resource. It consists of an optional
+description, the resource manager connection factory reference name,
+the indication of the resource manager connection factory type
+expected by the application client code, the type of authentication
+(Application or Container), and an optional specification of the
+shareability of connections obtained from the resource (Shareable or
+Unshareable).
+
+Used in: application-client
+
+Example:
+
+    <resource-ref>
+	<res-ref-name>jdbc/EmployeeAppDB</res-ref-name>
+	<res-type>javax.sql.DataSource</res-type>
+	<res-auth>Container</res-auth>
+	<res-sharing-scope>Shareable</res-sharing-scope>
+    </resource-ref>
+-->
+<!ELEMENT resource-ref (description?, res-ref-name, res-type, res-auth,
+		res-sharing-scope?)>
+
+<!--
+The small-icon element contains the name of a file
+containing a small (16 x 16) icon image. The file
+name is a relative path within the application client's
+jar file.
+
+The image may be either in the JPEG or GIF format.
+The icon can be used by tools.
+
+Used in: icon
+
+Example:
+
+<small-icon>employee-service-icon16x16.jpg</small-icon>
+-->
+<!ELEMENT small-icon (#PCDATA)>
+
+<!--
+The ID mechanism is to allow tools that produce additional deployment
+information (i.e., information beyond the standard deployment
+descriptor information) to store the non-standard information in a
+separate file, and easily refer from these tool-specific files to the
+information in the standard deployment descriptor.
+
+Tools are not allowed to add the non-standard information into the
+standard deployment descriptor.
+-->
+
+<!ATTLIST application-client id ID #IMPLIED>
+<!ATTLIST callback-handler id ID #IMPLIED>
+<!ATTLIST description id ID #IMPLIED>
+<!ATTLIST display-name id ID #IMPLIED>
+<!ATTLIST ejb-link id ID #IMPLIED>
+<!ATTLIST ejb-ref id ID #IMPLIED>
+<!ATTLIST ejb-ref-name id ID #IMPLIED>
+<!ATTLIST ejb-ref-type id ID #IMPLIED>
+<!ATTLIST env-entry id ID #IMPLIED>
+<!ATTLIST env-entry-name id ID #IMPLIED>
+<!ATTLIST env-entry-type id ID #IMPLIED>
+<!ATTLIST env-entry-value id ID #IMPLIED>
+<!ATTLIST home id ID #IMPLIED>
+<!ATTLIST icon id ID #IMPLIED>
+<!ATTLIST large-icon id ID #IMPLIED>
+<!ATTLIST remote id ID #IMPLIED>
+<!ATTLIST res-auth id ID #IMPLIED>
+<!ATTLIST res-ref-name id ID #IMPLIED>
+<!ATTLIST res-sharing-scope id ID #IMPLIED>
+<!ATTLIST res-type id ID #IMPLIED>
+<!ATTLIST resource-env-ref id ID #IMPLIED>
+<!ATTLIST resource-env-ref-name id ID #IMPLIED>
+<!ATTLIST resource-env-ref-type id ID #IMPLIED>
+<!ATTLIST resource-ref id ID #IMPLIED>
+<!ATTLIST small-icon id ID #IMPLIED>