Apache Geronimo > Index > Development > XML Schemas > Apache Geronimo v3.0 XML Schemas | User List | Dev List | Wiki | Issue Tracker |
|
Documentation for geronimo-security-2.0Table of Contents
Schema Document Properties
Declared Namespaces
<xsd:schema
targetNamespace="http://geronimo.apache.org/xml/ns/security-2.0" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
<xsd:import
namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="http://www.w3.org/2001/xml.xsd"/>
<xsd:import
namespace="http://geronimo.apache.org/xml/ns/j2ee/application-2.0" schemaLocation="geronimo-application-2.0.xsd"/>
<xsd:import
namespace="http://geronimo.apache.org/xml/ns/deployment-1.2" schemaLocation="geronimo-module-1.2.xsd"/>
... </xsd:schema>Global DeclarationsElement: credential-store
Element: default-subject
Element: security
<geronimo:security
name=" xsd:string [0..1] 'Name of standalone security configurations. Optional for security elements in ee apps.' "doas-current-caller=" xsd:boolean [0..1] 'Set this attribute to \"true\" if the work is to be performed as the calling Subject.' "use-context-handler=" xsd:boolean [0..1] 'Set this attribute to \"true\" if the installed JACC policy contexts will use PolicyContextHandlers.' "default-role=" xsd:string [0..1] 'Used by the the Deployer to assign method permissions for all of the unspecified methods, either by assigning them to security roles, or by marking them as unchecked. If the value of default-role is empty, then the unspecified methods are marked unchecked' "><!-- '
app:abstract-securityType
' super type was not found in this schema. Some elements and attributes may be missing. -->
</geronimo:security>Element: security-ref
<geronimo:security-ref>
<!-- '
app:abstract-securityType
' super type was not found in this schema. Some elements and attributes may be missing. -->
Start Choice
[1]
End Choice </geronimo:security-ref> <xsd:element
name="security-ref" type="
geronimo:security-refType
" substitutionGroup="app:security"/>
Global DefinitionsComplex Type: descriptionType
Complex Type: distinguishedNameType
<xsd:complexType
name="distinguishedNameType">
<xsd:sequence>
</xsd:complexType><xsd:element
name="description" type="
geronimo:descriptionType
" minOccurs="0" maxOccurs="unbounded"/> </xsd:sequence>Complex Type: loginDomainPrincipalType
<xsd:complexType
name="loginDomainPrincipalType">
<xsd:complexContent></xsd:complexContent> </xsd:complexType>Complex Type: principalType
<xsd:complexType
name="principalType">
<xsd:sequence>
</xsd:complexType><xsd:element
name="description" type="
geronimo:descriptionType
" minOccurs="0" maxOccurs="unbounded"/> </xsd:sequence>Complex Type: realmPrincipalType
<xsd:complexType
name="realmPrincipalType">
<xsd:complexContent></xsd:complexContent> </xsd:complexType>Complex Type: role-mappingsType
Complex Type: roleType
<...
role-name=" xsd:string [1]"> <geronimo:login-domain-principal>
geronimo:loginDomainPrincipalType
</geronimo:login-domain-principal> [0..*]
</...><xsd:complexType
name="roleType">
<xsd:sequence>
</xsd:complexType><xsd:element
name="description" type="
geronimo:descriptionType
" minOccurs="0" maxOccurs="unbounded"/>
<xsd:element
name="realm-principal" type="
geronimo:realmPrincipalType
" minOccurs="0" maxOccurs="unbounded"/>
<xsd:element
name="login-domain-principal" type="
geronimo:loginDomainPrincipalType
" minOccurs="0" maxOccurs="unbounded"/>
<xsd:element
name="distinguished-name" type="
geronimo:distinguishedNameType
" minOccurs="0" maxOccurs="unbounded"/> </xsd:sequence>Complex Type: security-refType
<...>
<!-- '
app:abstract-securityType
' super type was not found in this schema. Some elements and attributes may be missing. -->
Start Choice
[1]
End Choice </...> <xsd:complexType
name="security-refType">
<xsd:complexContent></xsd:complexContent> </xsd:complexType>Complex Type: securityType
<...
name=" xsd:string [0..1] 'Name of standalone security configurations. Optional for security elements in ee apps.' "doas-current-caller=" xsd:boolean [0..1] 'Set this attribute to \"true\" if the work is to be performed as the calling Subject.' "use-context-handler=" xsd:boolean [0..1] 'Set this attribute to \"true\" if the installed JACC policy contexts will use PolicyContextHandlers.' "default-role=" xsd:string [0..1] 'Used by the the Deployer to assign method permissions for all of the unspecified methods, either by assigning them to security roles, or by marking them as unchecked. If the value of default-role is empty, then the unspecified methods are marked unchecked' "><!-- '
app:abstract-securityType
' super type was not found in this schema. Some elements and attributes may be missing. -->
</...><xsd:complexType
name="securityType">
<xsd:complexContent> </xsd:complexType><xsd:extension
base="
app:abstract-securityType
"> </xsd:complexContent><xsd:sequence>
</xsd:extension><xsd:element
name="description" type="
geronimo:descriptionType
" minOccurs="0" maxOccurs="unbounded"/>
</xsd:sequence>Complex Type: subject-infoType
<xsd:complexType
name="subject-infoType">
<xsd:sequence> </xsd:complexType><xsd:element
name="description" type="
geronimo:descriptionType
" minOccurs="0" maxOccurs="unbounded"/>
</xsd:sequence>LegendComplex Type:Schema Component Type
AusAddressSchema Component Name
If this schema component is a type definition, its type hierarchy is shown in a gray-bordered box.
The table above displays the properties of this schema component.
<...
country="Australia"
>
<unitNo> string </unitNo> [0..1] <houseNo> string </houseNo> [1] <street> string </street> [1] Start Choice [1] <city> string </city> [1] <town> string </town> [1] End Choice <state> AusStates </state> [1] <postcode> string <<pattern = [1-9][0-9]{3}>> </postcode> [1] </...> The XML Instance Representation table above shows the schema component's content as an XML instance.
<complexType
name="AusAddress">
<complexContent> <extension base=" Address "> <sequence> <element name="state" type=" AusStates "/> <element name="postcode"> <simpleType> <restriction base=" string "> <pattern value="[1-9][0-9]{3}"/> </restriction> </simpleType> </element> </sequence> <attribute name="country" type=" string " fixed="Australia"/> </extension> </complexContent> </complexType> The Schema Component Representation table above displays the underlying XML representation of the schema component. (Annotations are not shown.)
GlossaryAbstract (Applies to complex type definitions and element declarations). An abstract element or complex type cannot used to validate an element instance. If there is a reference to an abstract element, only element declarations that can substitute the abstract element can be used to validate the instance. For references to abstract type definitions, only derived types can be used. All Model Group Child elements can be provided in any order in instances. See: http://www.w3.org/TR/xmlschema-1/#element-all. Choice Model Group Only one from the list of child elements and model groups can be provided in instances. See: http://www.w3.org/TR/xmlschema-1/#element-choice. Collapse Whitespace Policy Replace tab, line feed, and carriage return characters with space character (Unicode character 32). Then, collapse contiguous sequences of space characters into single space character, and remove leading and trailing space characters.
Disallowed Substitutions
(Applies to element declarations). If substitution is specified, then substitution group members cannot be used in place of the given element declaration to validate element instances. If derivation methods, e.g. extension, restriction, are specified, then the given element declaration will not validate element instances that have types derived from the element declaration's type using the specified derivation methods. Normally, element instances can override their declaration's type by specifying an Key Constraint Like Uniqueness Constraint, but additionally requires that the specified value(s) must be provided. See: http://www.w3.org/TR/xmlschema-1/#cIdentity-constraint_Definitions. Key Reference Constraint Ensures that the specified value(s) must match value(s) from a Key Constraint or Uniqueness Constraint. See: http://www.w3.org/TR/xmlschema-1/#cIdentity-constraint_Definitions. Model Group Groups together element content, specifying the order in which the element content can occur and the number of times the group of element content may be repeated. See: http://www.w3.org/TR/xmlschema-1/#Model_Groups.
Nillable
(Applies to element declarations). If an element declaration is nillable, instances can use the Notation A notation is used to identify the format of a piece of data. Values of elements and attributes that are of type, NOTATION, must come from the names of declared notations. See: http://www.w3.org/TR/xmlschema-1/#cNotation_Declarations. Preserve Whitespace Policy Preserve whitespaces exactly as they appear in instances. Prohibited Derivations (Applies to type definitions). Derivation methods that cannot be used to create sub-types from a given type definition. Prohibited Substitutions (Applies to complex type definitions). Prevents sub-types that have been derived using the specified derivation methods from validating element instances in place of the given type definition. Replace Whitespace Policy Replace tab, line feed, and carriage return characters with space character (Unicode character 32). Sequence Model Group Child elements and model groups must be provided in the specified order in instances. See: http://www.w3.org/TR/xmlschema-1/#element-sequence. Substitution Group Elements that are members of a substitution group can be used wherever the head element of the substitution group is referenced. Substitution Group Exclusions (Applies to element declarations). Prohibits element declarations from nominating themselves as being able to substitute a given element declaration, if they have types that are derived from the original element's type using the specified derivation methods. Target Namespace The target namespace identifies the namespace that components in this schema belongs to. If no target namespace is provided, then the schema components do not belong to any namespace. Uniqueness Constraint Ensures uniqueness of an element/attribute value, or a combination of values, within a specified scope. See: http://www.w3.org/TR/xmlschema-1/#cIdentity-constraint_Definitions. |