Documentation : Geronimo Login Config Schema
This page last changed on Dec 14, 2005 by hcunico@gmail.com.
As was explained before, Geronimo login configuration schema was devised as a user-friendly syntax for configuring Security Realm GBeans. It is included with xml-reference element into the host GBean and processed by the syntax-aware deployer. Geronimo login configuration namespace is http://geronimo.apache.org/xml/ns/loginconfig-1.0 and the schema file is geronimo-login-config-1.0.xsd. All types are defined in this namespace. Type Login-configTypeElement login-config of the login-configType type is the top-level element in the login configuration schema. <xsd:complexType name="login-configType"> <xsd:annotation> <xsd:documentation> Defines the list of login modules for a login configuration represented by a GenericSecurityRealm </xsd:documentation> </xsd:annotation> <xsd:sequence> <xsd:choice minOccurs="0" maxOccurs="unbounded"> <xsd:element name="login-module-ref" type="geronimo:login-module-refType" minOccurs="0" maxOccurs="unbounded"/> <xsd:element name="login-module" type="geronimo:login-moduleType" minOccurs="0" maxOccurs="unbounded"/> </xsd:choice> </xsd:sequence> </xsd:complexType> login-module-ref - optinal element in the sequence of choices. Defines reference to a login module. Type abstract-login-moduleTypeThis is an abstract base type from which all other login module types are derived. <xsd:complexType name="abstract-login-moduleType" abstract="true"> <xsd:attribute name="control-flag" type="geronimo:control-flagType" use="required"/> </xsd:complexType> @control-flag - login module control flag of the geronimo:control-flagType. Defines how authentication outcome from the login module must be combined with authentication outcomes from other login modules. Type control-flagTypeThis type constrains the values of the module control flag. Values of this type emulate JAAS module combination semantics. <xsd:simpleType name="control-flagType"> <xsd:restriction base="xsd:string"> <xsd:enumeration value="REQUIRED"/> <xsd:enumeration value="REQUISITE"/> <xsd:enumeration value="SUFFICIENT"/> <xsd:enumeration value="OPTIONAL"/> </xsd:restriction> </xsd:simpleType> Type login-module-refTypeThis type allows reference to the login module by the object name. Object name is split into components, so you do not have to write an extensive object name by hand, just a extensive object-name enclosed in pointy brackets. Login-module-refType extends from abstract-login-moduleType. <xsd:complexType name="login-module-refType"> <xsd:complexContent> <xsd:extension base="geronimo:abstract-login-moduleType"> <xsd:sequence> <xsd:element name="domain" type="xsd:string" minOccurs="0"/> <xsd:element name="server" type="xsd:string" minOccurs="0"/> <xsd:element name="application" type="xsd:string" minOccurs="0"/> <xsd:element name="module" type="xsd:string" minOccurs="0"/> <xsd:element name="type" type="xsd:string" minOccurs="0"/> <xsd:element name="name" type="xsd:string"/> </xsd:sequence> </xsd:extension> </xsd:complexContent> </xsd:complexType> @control-flag - required attribute of the control-flagType type. It is inherited from the abstract base class. Defines how referenced login module authentication outcome must be combined with authentication outcome of other modules. domain - optional element of the xs:string type that defines domain component of the login module object name. Type login-moduleTypeThe login-moduleType describes configuration for one login module within the enclosing GenericSecurityRealm GBean. <xsd:complexType name="login-moduleType"> <xsd:complexContent> <xsd:extension base="geronimo:abstract-login-moduleType"> <xsd:sequence> <xsd:element name="login-domain-name" type="xsd:string"/> <xsd:element name="login-module-class" type="xsd:string"/> <xsd:element name="option" type="geronimo:optionType" minOccurs="0" maxOccurs="unbounded"/> </xsd:sequence> <xsd:attribute name="server-side" type="xsd:boolean" use="required"/> </xsd:extension> </xsd:complexContent> </xsd:complexType> @control-flag - required attribute of the control-flagType type. It is inherited from the abstract base class. Defines how login module authentication outcome must be combined with authentication outcome of other modules. login-domain-name - required element of the xs:string type. This is Login Domain name. Type optionTypeThis type defines login module specific option, like location of the authentication database, etc. <xsd:complexType name="optionType"> <xsd:simpleContent> <xsd:extension base="xsd:string"> <xsd:attribute name="name" type="xsd:string" use="required"/> </xsd:extension> </xsd:simpleContent> </xsd:complexType> @name - required attribute of type xs:string. This is login module option name. |
![]() |
Document generated by Confluence on Dec 15, 2005 19:14 |