[jboss-cvs] JBossAS SVN: r75797 - in projects/security/security-jboss-sx/trunk/jbosssx/src/resources: dtd and 1 other directory.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Mon Jul 14 13:10:44 EDT 2008
Author: sguilhen at redhat.com
Date: 2008-07-14 13:10:44 -0400 (Mon, 14 Jul 2008)
New Revision: 75797
Added:
projects/security/security-jboss-sx/trunk/jbosssx/src/resources/dtd/
projects/security/security-jboss-sx/trunk/jbosssx/src/resources/dtd/security_config.dtd
Log:
SECURITY-260: Moving security_config.dtd from metadata to jbosssx.
Added: projects/security/security-jboss-sx/trunk/jbosssx/src/resources/dtd/security_config.dtd
===================================================================
--- projects/security/security-jboss-sx/trunk/jbosssx/src/resources/dtd/security_config.dtd (rev 0)
+++ projects/security/security-jboss-sx/trunk/jbosssx/src/resources/dtd/security_config.dtd 2008-07-14 17:10:44 UTC (rev 75797)
@@ -0,0 +1,100 @@
+<?xml version='1.0' encoding='UTF-8' ?>
+
+<!--Generated by XML Authority-->
+
+<!-- This is the XML DTD for the JBoss 3.0 security policy configuration.
+The DOCTYPE is:
+ <!DOCTYPE policy PUBLIC
+ "-//JBoss//DTD JBOSS Security Config 3.0//EN"
+ "http://www.jboss.org/j2ee/dtd/security_config.dtd">
+
+$Id: security_config.dtd 20476 2004-04-17 13:29:24Z tdiesler $
+$Revision: 20476 $
+
+The outline of the application-policy is:
+<policy>
+ <application-policy name="security-domain-name">
+ <authentication>
+ <login-module code="login.module1.class.name" flag="control_flag">
+ <module-option name = "option1-name">option1-value</module-option>
+ <module-option name = "option2-name">option2-value</module-option>
+ ...
+ </login-module>
+
+ <login-module code="login.module2.class.name" flag="control_flag">
+ ...
+ </login-module>
+ ...
+ </authentication>
+ </application-policy>
+</policy>
+-->
+<!-- The root element of the security policy configuration -->
+<!ELEMENT policy (application-policy+)>
+
+<!-- An application-policy defines the security configuration for an application domain. Currently
+this consists of only the login module configurations specified in the authentication -->
+<!ELEMENT application-policy (authentication)>
+
+<!-- The application-policy name attribute gives the name of the security domain.
+-->
+<!ATTLIST application-policy name CDATA #REQUIRED>
+
+<!-- The authentication element contains the login module stack configuration. Each
+login module configuration is specified using a login-module element.
+-->
+<!ELEMENT authentication (login-module+)>
+
+<!-- The login-module element defines a JAAS login module configuration entry. Each
+entry must have a code and flag attribute along with zero or more login module options
+specified via the module-option element.
+-->
+<!ELEMENT login-module (module-option*)>
+
+<!-- The flag attribute controls how a login module participates in the overall authentication proceedure.
+Required - The LoginModule is required to succeed.
+ If it succeeds or fails, authentication still continues
+ to proceed down the LoginModule list.
+
+Requisite - The LoginModule is required to succeed.
+ If it succeeds, authentication continues down the
+ LoginModule list. If it fails,
+ control immediately returns to the application
+ (authentication does not proceed down the
+ LoginModule list).
+
+Sufficient - The LoginModule is not required to
+ succeed. If it does succeed, control immediately
+ returns to the application (authentication does not
+ proceed down the LoginModule list).
+ If it fails, authentication continues down the
+ LoginModule list.
+
+Optional - The LoginModule is not required to
+ succeed. If it succeeds or fails,
+ authentication still continues to proceed down the
+ LoginModule list.
+
+The overall authentication succeeds only if all required and requisite LoginModules succeed. If a sufficient
+LoginModule is configured and succeeds, then only the required and requisite LoginModules prior to that
+sufficient LoginModule need to have succeeded for the overall authentication to succeed. If no required or
+requisite LoginModules are configured for an application, then at least one sufficient or optional LoginModule
+must succeed.
+-->
+<!ATTLIST login-module flag (required | requisite | sufficient | optional ) #REQUIRED>
+
+<!-- The code attribute gives the fully qualifed class name of the javax.security.auth.spi.LoginModule
+interface implementation for the login module.
+-->
+<!ATTLIST login-module code CDATA #REQUIRED>
+
+<!-- A module option defines a name, value pair of strings that are passed to a LoginModule when it
+is initialized during the login proceedure. The name attribute defines the option name while the
+element value is the option string value.
+-->
+<!ELEMENT module-option (#PCDATA)>
+
+<!-- The name attribute specifies the name of the login module option.
+-->
+<!ATTLIST module-option name CDATA #REQUIRED>
+
More information about the jboss-cvs-commits
mailing list