[jboss-cvs] JBossAS SVN: r87880 - branches/Branch_5_x/testsuite/src/resources/xml/loginconfig.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Mon Apr 27 12:43:48 EDT 2009
Author: anil.saldhana at jboss.com
Date: 2009-04-27 12:43:47 -0400 (Mon, 27 Apr 2009)
New Revision: 87880
Modified:
branches/Branch_5_x/testsuite/src/resources/xml/loginconfig/security-config_5_0.xsd
Log:
update schema
Modified: branches/Branch_5_x/testsuite/src/resources/xml/loginconfig/security-config_5_0.xsd
===================================================================
--- branches/Branch_5_x/testsuite/src/resources/xml/loginconfig/security-config_5_0.xsd 2009-04-27 16:32:56 UTC (rev 87879)
+++ branches/Branch_5_x/testsuite/src/resources/xml/loginconfig/security-config_5_0.xsd 2009-04-27 16:43:47 UTC (rev 87880)
@@ -1,13 +1,12 @@
-<?xml version="1.0" encoding="UTF-8"?>
<!-- $Id$ -->
-
-<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema"
- elementFormDefault="qualified"
- xmlns:jbsx="urn:jboss:security-config"
- xmlns:jbxb="http://www.jboss.org/xml/ns/jbxb"
- targetNamespace="urn:jboss:security-config">
-
- <xsd:annotation>
+<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema"
+ xmlns:jbsx="urn:jboss:security-config:5.0"
+ xmlns="urn:jboss:security-config:5.0"
+ xmlns:jbxb="http://www.jboss.org/xml/ns/jbxb"
+ targetNamespace="urn:jboss:security-config:5.0"
+ elementFormDefault="qualified"
+ attributeFormDefault="unqualified">
+ <xsd:annotation>
<xsd:appinfo>
<jbxb:schemaBindings>
<jbxb:package name="org.jboss.security.config"/>
@@ -16,184 +15,289 @@
</jbxb:schemaBindings>
</xsd:appinfo>
</xsd:annotation>
-
- <xsd:element name="policy">
+ <xsd:element name="policy" type="jbsx:PolicyConfig"/>
+ <xsd:complexType name="PolicyConfig">
+ <xsd:annotation>
+ <xsd:appinfo>
+ <jbxb:class impl="org.jboss.security.config.PolicyConfig"/>
+ </xsd:appinfo>
+ </xsd:annotation>
+ <xsd:sequence>
+ <xsd:element ref="jbsx:application-policy" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:element name="application-policy">
<xsd:complexType>
<xsd:annotation>
<xsd:appinfo>
- <jbxb:class
- impl="org.jboss.security.config.PolicyConfig"/>
+ <jbxb:class impl="org.jboss.security.config.ApplicationPolicyContainer"/>
+ <jbxb:addMethod name="add" valueType="org.jboss.security.config.ApplicationPolicy"/>
</xsd:appinfo>
</xsd:annotation>
-
<xsd:sequence>
- <xsd:element maxOccurs="unbounded" ref="jbsx:application-policy"/>
+ <xsd:choice>
+ <xsd:element ref="jbsx:authentication"/>
+ <xsd:element ref="jbsx:authentication-jaspi"/>
+ </xsd:choice>
+ <xsd:element ref="jbsx:authorization" minOccurs="0"/>
+ <xsd:element ref="jbsx:acl" minOccurs="0"/>
+ <!-- rolemapping is here for backwards compatibility -->
+ <xsd:element ref="jbsx:rolemapping" minOccurs="0"/>
+ <xsd:element ref="jbsx:mapping" minOccurs="0"/>
+ <xsd:element ref="jbsx:audit" minOccurs="0"/>
+ <xsd:element ref="jbsx:identity-trust" minOccurs="0"/>
</xsd:sequence>
+ <xsd:attribute name="name" type="xsd:string" use="required"/>
+ <xsd:attribute name="extends" type="xsd:string"/>
</xsd:complexType>
</xsd:element>
+ <xsd:element name="authentication" type="jbsx:authenticationInfo"/>
+ <xsd:element name="authentication-jaspi" type="jbsx:authenticationJaspiInfo"/>
+ <xsd:element name="authorization" type="jbsx:authorizationInfo"/>
+ <xsd:element name="acl" type="jbsx:aclInfo"/>
+ <xsd:element name="rolemapping" type="jbsx:mappingInfo"/>
+ <xsd:element name="mapping" type="jbsx:mappingInfo"/>
+ <xsd:element name="audit" type="jbsx:auditInfo"/>
+ <xsd:element name="identity-trust" type="jbsx:identityTrustInfo"/>
+ <xsd:complexType name="authenticationInfo">
+ <xsd:annotation>
+ <xsd:appinfo>
+ <jbxb:skip/>
+ </xsd:appinfo>
+ </xsd:annotation>
+ <xsd:sequence>
+ <xsd:element ref="jbsx:login-module" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="authenticationJaspiInfo">
+ <xsd:annotation>
+ <xsd:appinfo>
+ <jbxb:skip/>
+ </xsd:appinfo>
+ </xsd:annotation>
+ <xsd:sequence>
+ <xsd:element ref="jbsx:login-module-stack" maxOccurs="unbounded"/>
+ <xsd:element ref="jbsx:auth-module" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="authorizationInfo">
+ <xsd:annotation>
+ <xsd:appinfo>
+ <jbxb:skip/>
+ </xsd:appinfo>
+ </xsd:annotation>
+ <xsd:sequence>
+ <xsd:element ref="jbsx:policy-module" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="aclInfo">
+ <xsd:annotation>
+ <xsd:appinfo>
+ <jbxb:class impl="org.jboss.security.acl.config.ACLInfoContainer"/>
+ <jbxb:addMethod name="addACLInfo"/>
+ </xsd:appinfo>
+ </xsd:annotation>
+ <xsd:sequence>
+ <xsd:element ref="jbsx:acl-module" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="mappingInfo">
+ <xsd:annotation>
+ <xsd:appinfo>
+ <jbxb:class impl="org.jboss.security.mapping.config.MappingConfigContainer"/>
+ <jbxb:addMethod name="addMappingInfo"/>
+ </xsd:appinfo>
+ </xsd:annotation>
+ <xsd:sequence>
+ <xsd:element ref="jbsx:mapping-module" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="auditInfo">
+ <xsd:annotation>
+ <xsd:appinfo>
+ <jbxb:skip/>
+ </xsd:appinfo>
+ </xsd:annotation>
+ <xsd:sequence>
+ <xsd:element ref="jbsx:provider-module" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="identityTrustInfo">
+ <xsd:annotation>
+ <xsd:appinfo>
+ <jbxb:skip/>
+ </xsd:appinfo>
+ </xsd:annotation>
+ <xsd:sequence>
+ <xsd:element ref="jbsx:trust-module" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+
- <xsd:element name="application-policy">
- <xsd:complexType>
- <xsd:annotation>
- <xsd:appinfo>
- <jbxb:class impl="org.jboss.security.config.ApplicationPolicyContainer"/>
- <jbxb:addMethod name="add" valueType="org.jboss.security.config.ApplicationPolicy"/>
- </xsd:appinfo>
+ <xsd:simpleType name="module-option-flag">
+ <xsd:annotation>
+ <xsd:documentation>The flag attribute controls how a login module
+ participates in the overall authentication proceedure.
+ Required - The LoginModule is required to succeed. If it
+ succeeds or fails, authentication still continues to proceed
+ down the LoginModule list.
- </xsd:annotation>
- <xsd:sequence>
- <xsd:choice>
- <xsd:element ref="jbsx:authentication"/>
- <xsd:element ref="jbsx:authentication-jaspi"/>
- </xsd:choice>
- <xsd:element minOccurs="0" maxOccurs="1"
- ref="jbsx:authorization"/>
- </xsd:sequence>
- <xsd:attribute name="name" use="required" type="xsd:string"/>
- </xsd:complexType>
- </xsd:element>
-
- <xsd:element name="authentication">
+ Requisite - The LoginModule is required to succeed. If it succeeds,
+ authentication continues down the LoginModule list. If it fails,
+ control immediately returns to the application (authentication does not proceed
+ down the LoginModule list).
+
+ Sufficient - The LoginModule is not required to succeed. If it does
+ succeed, control immediately returns to the application (authentication
+ does not proceed down the LoginModule list). If it fails,
+ authentication continues down the LoginModule list.
+
+ Optional - The LoginModule is not required to succeed. If it succeeds or
+ fails, authentication still continues to proceed down the
+ LoginModule list.
+
+ The overall authentication succeeds only if
+ all required and requisite LoginModules succeed. If a
+ sufficient LoginModule is configured and succeeds, then only
+ the required and requisite LoginModules prior to that
+ sufficient LoginModule need to have succeeded for the overall
+ authentication to succeed. If no required or requisite
+ LoginModules are configured for an application, then at least
+ one sufficient or optional LoginModule must succeed.
+ </xsd:documentation>
+ </xsd:annotation>
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="required"/>
+ <xsd:enumeration value="requisite"/>
+ <xsd:enumeration value="sufficient"/>
+ <xsd:enumeration value="optional"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+
+ <xsd:element name="login-module" type="jbsx:loginModuleInfo"/>
+ <xsd:complexType name="loginModuleInfo">
<xsd:annotation>
<xsd:appinfo>
- <jbxb:skip/>
+ <jbxb:class impl="org.jboss.security.auth.login.AppConfigurationEntryHolder"/>
</xsd:appinfo>
</xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element ref="jbsx:login-module"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
+ <xsd:sequence>
+ <xsd:element ref="jbsx:module-option" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ <xsd:attribute name="code" type="xsd:string" use="required"/>
+ <xsd:attribute name="flag" type="jbsx:module-option-flag" use="required"/>
+ </xsd:complexType>
- <xsd:element name="login-module">
- <xsd:complexType>
+ <xsd:element name="module-option">
+ <xsd:complexType mixed="true">
<xsd:annotation>
<xsd:appinfo>
- <jbxb:class
- impl="org.jboss.security.auth.login.AppConfigurationEntryHolder"/>
+ <!-- ModuleOption declares a constructor that takes name as a parameter
+ while the value should be set with the setter.
+
+ This use-case is not supported out-of-the-box. So, we use this container. -->
+ <jbxb:class impl="org.jboss.security.auth.login.ModuleOptionContainer"/>
</xsd:appinfo>
</xsd:annotation>
<xsd:sequence>
- <xsd:element minOccurs="0" maxOccurs="unbounded"
- ref="jbsx:module-option"/>
+ <xsd:any namespace="##other" minOccurs="0"/>
</xsd:sequence>
- <xsd:attribute name="code" use="required" type="xsd:string"/>
- <xsd:attribute name="flag" use="required">
- <xsd:simpleType>
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="required"/>
- <xsd:enumeration value="requisite"/>
- <xsd:enumeration value="sufficient"/>
- <xsd:enumeration value="optional"/>
- </xsd:restriction>
- </xsd:simpleType>
- </xsd:attribute>
+ <xsd:attribute name="name" type="xsd:string" use="required"/>
</xsd:complexType>
</xsd:element>
-
- <xsd:element name="module-option">
- <xsd:complexType mixed="true">
+ <xsd:element name="login-module-stack">
+ <xsd:complexType>
<xsd:annotation>
<xsd:appinfo>
- <!-- ModuleOption declares a constructor that takes name as a parameter
- while the value should be set with the setter.
-
- This use-case is not supported out-of-the-box. So, we use this container. -->
- <jbxb:class
- impl="org.jboss.security.auth.login.ModuleOptionContainer"/>
+ <jbxb:class impl="org.jboss.security.auth.login.LoginModuleStackContainer"/>
</xsd:appinfo>
</xsd:annotation>
<xsd:sequence>
- <xsd:any minOccurs="0" maxOccurs="1" namespace="##other"/>
+ <xsd:element ref="jbsx:login-module" maxOccurs="unbounded"/>
</xsd:sequence>
- <xsd:attribute name="name" use="required" type="xsd:string"/>
+ <xsd:attribute name="name" type="xsd:string" use="required"/>
</xsd:complexType>
</xsd:element>
-
-
- <xsd:element name="authentication-jaspi">
+ <xsd:element name="auth-module" type="jbsx:authModuleInfo"/>
+ <xsd:complexType name="authModuleInfo">
<xsd:annotation>
<xsd:appinfo>
- <jbxb:skip/>
+ <jbxb:class impl="org.jboss.security.auth.container.config.AuthModuleEntryHolder"/>
</xsd:appinfo>
</xsd:annotation>
+ <xsd:sequence>
+ <xsd:element ref="jbsx:module-option" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ <xsd:attribute name="code" type="xsd:string" use="required"/>
+ <xsd:attribute name="login-module-stack-ref" type="xsd:string"/>
+ </xsd:complexType>
+ <xsd:element name="policy-module">
<xsd:complexType>
- <xsd:choice>
- <xsd:element maxOccurs="unbounded" ref="jbsx:login-module-stack"/>
- <xsd:element maxOccurs="unbounded" ref="jbsx:auth-module"/>
- </xsd:choice>
+ <xsd:annotation>
+ <xsd:appinfo>
+ <jbxb:class impl="org.jboss.security.authorization.config.AuthorizationConfigEntryHolder"/>
+ </xsd:appinfo>
+ </xsd:annotation>
+ <xsd:sequence>
+ <xsd:element ref="jbsx:module-option" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ <xsd:attribute name="code" type="xsd:string" use="required"/>
+ <xsd:attribute name="flag" type="jbsx:module-option-flag" use="required"/>
</xsd:complexType>
- </xsd:element>
-
- <xsd:element name="login-module-stack">
+ </xsd:element>
+ <xsd:element name="acl-module">
<xsd:complexType>
<xsd:annotation>
- <xsd:appinfo>
- <jbxb:class
- impl="org.jboss.security.auth.login.LoginModuleStackContainer"/>
+ <xsd:appinfo>
+ <jbxb:class impl="org.jboss.security.acl.config.ACLProviderEntryHolder"/>
</xsd:appinfo>
</xsd:annotation>
<xsd:sequence>
- <xsd:element minOccurs="1" maxOccurs="unbounded"
- ref="jbsx:login-module"/>
+ <xsd:element ref="jbsx:module-option" minOccurs="0" maxOccurs="unbounded"/>
</xsd:sequence>
- <xsd:attribute name="name" use="required" type="xsd:string"/>
+ <xsd:attribute name="code" type="xsd:string" use="required"/>
+ <xsd:attribute name="flag" type="module-option-flag" use="required"/>
</xsd:complexType>
</xsd:element>
-
- <xsd:element name="auth-module">
+ <xsd:element name="mapping-module">
<xsd:complexType>
<xsd:annotation>
<xsd:appinfo>
- <jbxb:class
- impl="org.jboss.security.auth.container.config.AuthModuleEntryHolder"/>
+ <jbxb:class impl="org.jboss.security.mapping.config.MappingConfigEntryHolder"/>
</xsd:appinfo>
</xsd:annotation>
<xsd:sequence>
- <xsd:element minOccurs="0" maxOccurs="unbounded"
- ref="jbsx:module-option"/>
+ <xsd:element ref="jbsx:module-option" minOccurs="0" maxOccurs="unbounded"/>
</xsd:sequence>
- <xsd:attribute name="code" use="required" type="xsd:string"/>
- <xsd:attribute name="login-module-stack-ref" type="xsd:string"/>
+ <xsd:attribute name="type" type="xsd:string" use="optional"/>
+ <xsd:attribute name="code" type="xsd:string" use="required"/>
</xsd:complexType>
</xsd:element>
- <xsd:element name="authorization">
- <xsd:annotation>
- <xsd:appinfo>
- <jbxb:skip/>
- </xsd:appinfo>
- </xsd:annotation>
+ <xsd:element name="provider-module">
<xsd:complexType>
+ <xsd:annotation>
+ <xsd:appinfo>
+ <jbxb:class impl="org.jboss.security.audit.config.AuditConfigEntryHolder"/>
+ </xsd:appinfo>
+ </xsd:annotation>
<xsd:sequence>
- <xsd:element ref="jbsx:policy-module"/>
+ <xsd:element ref="jbsx:module-option" minOccurs="0" maxOccurs="unbounded"/>
</xsd:sequence>
+ <xsd:attribute name="code" type="xsd:string" use="required"/>
</xsd:complexType>
</xsd:element>
-
- <xsd:element name="policy-module">
+ <xsd:element name="trust-module">
<xsd:complexType>
<xsd:annotation>
<xsd:appinfo>
- <jbxb:class
- impl="org.jboss.security.authorization.config.AuthorizationConfigEntryHolder"/>
+ <jbxb:class impl="org.jboss.security.identitytrust.config.IdentityTrustConfigEntryHolder"/>
</xsd:appinfo>
</xsd:annotation>
<xsd:sequence>
- <xsd:element minOccurs="0" maxOccurs="unbounded"
- ref="jbsx:module-option"/>
+ <xsd:element ref="jbsx:module-option" minOccurs="0" maxOccurs="unbounded"/>
</xsd:sequence>
- <xsd:attribute name="code" use="required" type="xsd:string"/>
- <xsd:attribute name="flag" use="required">
- <xsd:simpleType>
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="required"/>
- <xsd:enumeration value="requisite"/>
- <xsd:enumeration value="sufficient"/>
- <xsd:enumeration value="optional"/>
- </xsd:restriction>
- </xsd:simpleType>
- </xsd:attribute>
+ <xsd:attribute name="code" type="xsd:string" use="required"/>
+ <xsd:attribute name="flag" type="jbsx:module-option-flag" use="required"/>
</xsd:complexType>
</xsd:element>
</xsd:schema>
More information about the jboss-cvs-commits
mailing list