[jboss-cvs] JBossAS SVN: r92114 - trunk/testsuite/src/resources/xml/loginconfig.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Fri Aug 7 07:00:31 EDT 2009
Author: smcgowan at redhat.com
Date: 2009-08-07 07:00:31 -0400 (Fri, 07 Aug 2009)
New Revision: 92114
Modified:
trunk/testsuite/src/resources/xml/loginconfig/jaspi-config.xml
trunk/testsuite/src/resources/xml/loginconfig/security-config_5_0.xsd
Log:
JBAS-6836
Modified: trunk/testsuite/src/resources/xml/loginconfig/jaspi-config.xml
===================================================================
--- trunk/testsuite/src/resources/xml/loginconfig/jaspi-config.xml 2009-08-07 10:46:04 UTC (rev 92113)
+++ trunk/testsuite/src/resources/xml/loginconfig/jaspi-config.xml 2009-08-07 11:00:31 UTC (rev 92114)
@@ -1,9 +1,8 @@
<?xml version="1.0" encoding="UTF-8"?>
-<!-- $Id$ -->
<jbsx:policy
- xsi:schemaLocation="urn:jboss:security-config security-config_5_0.xsd"
- xmlns:jbsx="urn:jboss:security-config"
+ xsi:schemaLocation="urn:jboss:security-config:5.0 security-config_5_0.xsd"
+ xmlns:jbsx="urn:jboss:security-config:5.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
>
<jbsx:application-policy name="conf1">
@@ -46,26 +45,25 @@
<jbsx:module-option name="unauthenticatedIdentity">guest</jbsx:module-option>
</jbsx:login-module>
</jbsx:authentication>
- </jbsx:application-policy>
+ </jbsx:application-policy>
+ <jbsx:application-policy name="conf-jaspi">
+ <jbsx:authentication-jaspi>
+ <jbsx:login-module-stack name="lm-stack">
+ <jbsx:login-module
+ code="org.jboss.security.auth.spi.UsersRolesLoginModule"
+ flag="required">
+ <jbsx:module-option name="usersProperties">props/jbossws-users.properties</jbsx:module-option>
+ <jbsx:module-option name="rolesProperties">props/jbossws-roles.properties</jbsx:module-option>
+ <jbsx:module-option name="unauthenticatedIdentity">anonymous</jbsx:module-option>
+ </jbsx:login-module>
+ </jbsx:login-module-stack>
+ <jbsx:auth-module code="auth.module1.class.name">
+ <jbsx:module-option name="usersProperties">props/jbossws-users.properties</jbsx:module-option>
+ <jbsx:module-option name="rolesProperties">props/jbossws-roles.properties</jbsx:module-option>
+ <jbsx:module-option name="unauthenticatedIdentity">anonymous</jbsx:module-option>
+ </jbsx:auth-module>
- <jbsx:application-policy name="conf-jaspi">
- <jbsx:authentication-jaspi>
- <jbsx:login-module-stack name="lm-stack">
- <jbsx:login-module
- code="org.jboss.security.auth.spi.UsersRolesLoginModule"
- flag="required">
- <jbsx:module-option name="usersProperties">props/jbossws-users.properties</jbsx:module-option>
- <jbsx:module-option name="rolesProperties">props/jbossws-roles.properties</jbsx:module-option>
- <jbsx:module-option name="unauthenticatedIdentity">anonymous</jbsx:module-option>
- </jbsx:login-module>
- </jbsx:login-module-stack>
- <jbsx:auth-module code="auth.module1.class.name">
- <jbsx:module-option name="usersProperties">props/jbossws-users.properties</jbsx:module-option>
- <jbsx:module-option name="rolesProperties">props/jbossws-roles.properties</jbsx:module-option>
- <jbsx:module-option name="unauthenticatedIdentity">anonymous</jbsx:module-option>
- </jbsx:auth-module>
-
- <jbsx:auth-module code="auth.module2.class.name" login-module-stack-ref="lm-stack"/>
- </jbsx:authentication-jaspi>
+ <jbsx:auth-module code="auth.module2.class.name" login-module-stack-ref="lm-stack"/>
+ </jbsx:authentication-jaspi>
</jbsx:application-policy>
</jbsx:policy>
Modified: trunk/testsuite/src/resources/xml/loginconfig/security-config_5_0.xsd
===================================================================
--- trunk/testsuite/src/resources/xml/loginconfig/security-config_5_0.xsd 2009-08-07 10:46:04 UTC (rev 92113)
+++ trunk/testsuite/src/resources/xml/loginconfig/security-config_5_0.xsd 2009-08-07 11:00:31 UTC (rev 92114)
@@ -1,13 +1,11 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!-- $Id$ -->
-
-<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema"
- elementFormDefault="qualified"
- xmlns:jbsx="urn:jboss:security-config"
- xmlns:jbxb="http://www.jboss.org/xml/ns/jbxb"
- targetNamespace="urn:jboss:security-config">
-
- <xsd:annotation>
+<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema"
+ xmlns:jbsx="urn:jboss:security-config:5.0"
+ xmlns="urn:jboss:security-config:5.0"
+ xmlns:jbxb="http://www.jboss.org/xml/ns/jbxb"
+ targetNamespace="urn:jboss:security-config:5.0"
+ elementFormDefault="qualified"
+ attributeFormDefault="unqualified">
+ <xsd:annotation>
<xsd:appinfo>
<jbxb:schemaBindings>
<jbxb:package name="org.jboss.security.config"/>
@@ -16,184 +14,287 @@
</jbxb:schemaBindings>
</xsd:appinfo>
</xsd:annotation>
-
- <xsd:element name="policy">
+ <xsd:element name="policy" type="jbsx:PolicyConfig"/>
+ <xsd:complexType name="PolicyConfig">
+ <xsd:annotation>
+ <xsd:appinfo>
+ <jbxb:class impl="org.jboss.security.config.PolicyConfig"/>
+ </xsd:appinfo>
+ </xsd:annotation>
+ <xsd:sequence>
+ <xsd:element ref="jbsx:application-policy" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:element name="application-policy">
<xsd:complexType>
<xsd:annotation>
<xsd:appinfo>
- <jbxb:class
- impl="org.jboss.security.config.PolicyConfig"/>
+ <jbxb:class impl="org.jboss.security.config.ApplicationPolicyContainer"/>
+ <jbxb:addMethod name="add" valueType="org.jboss.security.config.ApplicationPolicy"/>
</xsd:appinfo>
</xsd:annotation>
-
<xsd:sequence>
- <xsd:element maxOccurs="unbounded" ref="jbsx:application-policy"/>
+ <xsd:choice>
+ <xsd:element ref="jbsx:authentication"/>
+ <xsd:element ref="jbsx:authentication-jaspi"/>
+ </xsd:choice>
+ <xsd:element ref="jbsx:authorization" minOccurs="0"/>
+ <xsd:element ref="jbsx:acl" minOccurs="0"/>
+ <!-- rolemapping is here for backwards compatibility -->
+ <xsd:element ref="jbsx:rolemapping" minOccurs="0"/>
+ <xsd:element ref="jbsx:mapping" minOccurs="0"/>
+ <xsd:element ref="jbsx:audit" minOccurs="0"/>
+ <xsd:element ref="jbsx:identity-trust" minOccurs="0"/>
</xsd:sequence>
+ <xsd:attribute name="name" type="xsd:string" use="required"/>
+ <xsd:attribute name="extends" type="xsd:string"/>
</xsd:complexType>
</xsd:element>
-
- <xsd:element name="application-policy">
- <xsd:complexType>
- <xsd:annotation>
- <xsd:appinfo>
- <jbxb:class impl="org.jboss.security.config.ApplicationPolicyContainer"/>
- <jbxb:addMethod name="add" valueType="org.jboss.security.config.ApplicationPolicy"/>
- </xsd:appinfo>
-
- </xsd:annotation>
- <xsd:sequence>
- <xsd:choice>
- <xsd:element ref="jbsx:authentication"/>
- <xsd:element ref="jbsx:authentication-jaspi"/>
- </xsd:choice>
- <xsd:element minOccurs="0" maxOccurs="1"
- ref="jbsx:authorization"/>
- </xsd:sequence>
- <xsd:attribute name="name" use="required" type="xsd:string"/>
- </xsd:complexType>
- </xsd:element>
-
- <xsd:element name="authentication">
+ <xsd:element name="authentication" type="jbsx:authenticationInfo"/>
+ <xsd:element name="authentication-jaspi" type="jbsx:authenticationJaspiInfo"/>
+ <xsd:element name="authorization" type="jbsx:authorizationInfo"/>
+ <xsd:element name="acl" type="jbsx:aclInfo"/>
+ <xsd:element name="rolemapping" type="jbsx:mappingInfo"/>
+ <xsd:element name="mapping" type="jbsx:mappingInfo"/>
+ <xsd:element name="audit" type="jbsx:auditInfo"/>
+ <xsd:element name="identity-trust" type="jbsx:identityTrustInfo"/>
+ <xsd:complexType name="authenticationInfo">
<xsd:annotation>
<xsd:appinfo>
<jbxb:skip/>
</xsd:appinfo>
</xsd:annotation>
- <xsd:complexType>
- <xsd:sequence>
- <xsd:element ref="jbsx:login-module"/>
- </xsd:sequence>
- </xsd:complexType>
- </xsd:element>
-
- <xsd:element name="login-module">
- <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="jbsx:login-module" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="authenticationJaspiInfo">
+ <xsd:annotation>
+ <xsd:appinfo>
+ <jbxb:skip/>
+ </xsd:appinfo>
+ </xsd:annotation>
+ <xsd:sequence>
+ <xsd:element ref="jbsx:login-module-stack" maxOccurs="unbounded"/>
+ <xsd:element ref="jbsx:auth-module" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="authorizationInfo">
+ <xsd:annotation>
+ <xsd:appinfo>
+ <jbxb:skip/>
+ </xsd:appinfo>
+ </xsd:annotation>
+ <xsd:sequence>
+ <xsd:element ref="jbsx:policy-module" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="aclInfo">
+ <xsd:annotation>
+ <xsd:appinfo>
+ <jbxb:class impl="org.jboss.security.acl.config.ACLInfoContainer"/>
+ <jbxb:addMethod name="addACLInfo"/>
+ </xsd:appinfo>
+ </xsd:annotation>
+ <xsd:sequence>
+ <xsd:element ref="jbsx:acl-module" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="mappingInfo">
+ <xsd:annotation>
+ <xsd:appinfo>
+ <jbxb:class impl="org.jboss.security.mapping.config.MappingConfigContainer"/>
+ <jbxb:addMethod name="addMappingInfo"/>
+ </xsd:appinfo>
+ </xsd:annotation>
+ <xsd:sequence>
+ <xsd:element ref="jbsx:mapping-module" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="auditInfo">
+ <xsd:annotation>
+ <xsd:appinfo>
+ <jbxb:skip/>
+ </xsd:appinfo>
+ </xsd:annotation>
+ <xsd:sequence>
+ <xsd:element ref="jbsx:provider-module" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="identityTrustInfo">
+ <xsd:annotation>
+ <xsd:appinfo>
+ <jbxb:skip/>
+ </xsd:appinfo>
+ </xsd:annotation>
+ <xsd:sequence>
+ <xsd:element ref="jbsx:trust-module" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:simpleType name="module-option-flag">
+ <xsd:annotation>
+ <xsd:documentation>The flag attribute controls how a login module
+ participates in the overall authentication proceedure.
+ Required - The LoginModule is required to succeed. If it
+ succeeds or fails, authentication still continues to proceed
+ down the LoginModule list.
+
+ Requisite - The LoginModule is required to succeed. If it succeeds,
+ authentication continues down the LoginModule list. If it fails,
+ control immediately returns to the application (authentication does not proceed
+ down the LoginModule list).
+
+ Sufficient - The LoginModule is not required to succeed. If it does
+ succeed, control immediately returns to the application (authentication
+ does not proceed down the LoginModule list). If it fails,
+ authentication continues down the LoginModule list.
+
+ Optional - The LoginModule is not required to succeed. If it succeeds or
+ fails, authentication still continues to proceed down the
+ LoginModule list.
+
+ The overall authentication succeeds only if
+ all required and requisite LoginModules succeed. If a
+ sufficient LoginModule is configured and succeeds, then only
+ the required and requisite LoginModules prior to that
+ sufficient LoginModule need to have succeeded for the overall
+ authentication to succeed. If no required or requisite
+ LoginModules are configured for an application, then at least
+ one sufficient or optional LoginModule must succeed.
+ </xsd:documentation>
+ </xsd:annotation>
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="required"/>
+ <xsd:enumeration value="requisite"/>
+ <xsd:enumeration value="sufficient"/>
+ <xsd:enumeration value="optional"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+
+ <xsd:element name="login-module" type="jbsx:loginModuleInfo"/>
+ <xsd:complexType name="loginModuleInfo">
+ <xsd:annotation>
+ <xsd:appinfo>
+ <jbxb:class impl="org.jboss.security.auth.login.AppConfigurationEntryHolder"/>
+ </xsd:appinfo>
+ </xsd:annotation>
+ <xsd:sequence>
+ <xsd:element ref="jbsx:module-option" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ <xsd:attribute name="code" type="xsd:string" use="required"/>
+ <xsd:attribute name="flag" type="jbsx:module-option-flag" use="required"/>
+ </xsd:complexType>
+
+ <xsd:element name="module-option">
+ <xsd:complexType mixed="true">
<xsd:annotation>
<xsd:appinfo>
- <jbxb:class
- impl="org.jboss.security.auth.login.AppConfigurationEntryHolder"/>
+ <!-- ModuleOption declares a constructor that takes name as a parameter
+ while the value should be set with the setter.
+
+ This use-case is not supported out-of-the-box. So, we use this container. -->
+ <jbxb:class impl="org.jboss.security.auth.login.ModuleOptionContainer"/>
</xsd:appinfo>
</xsd:annotation>
<xsd:sequence>
- <xsd:element minOccurs="0" maxOccurs="unbounded"
- ref="jbsx:module-option"/>
+ <xsd:any namespace="##other" minOccurs="0"/>
</xsd:sequence>
- <xsd:attribute name="code" use="required" type="xsd:string"/>
- <xsd:attribute name="flag" use="required">
- <xsd:simpleType>
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="required"/>
- <xsd:enumeration value="requisite"/>
- <xsd:enumeration value="sufficient"/>
- <xsd:enumeration value="optional"/>
- </xsd:restriction>
- </xsd:simpleType>
- </xsd:attribute>
+ <xsd:attribute name="name" type="xsd:string" use="required"/>
</xsd:complexType>
</xsd:element>
-
- <xsd:element name="module-option">
- <xsd:complexType mixed="true">
+ <xsd:element name="login-module-stack">
+ <xsd:complexType>
<xsd:annotation>
<xsd:appinfo>
- <!-- ModuleOption declares a constructor that takes name as a parameter
- while the value should be set with the setter.
-
- This use-case is not supported out-of-the-box. So, we use this container. -->
- <jbxb:class
- impl="org.jboss.security.auth.login.ModuleOptionContainer"/>
+ <jbxb:class impl="org.jboss.security.auth.login.LoginModuleStackContainer"/>
</xsd:appinfo>
</xsd:annotation>
<xsd:sequence>
- <xsd:any minOccurs="0" maxOccurs="1" namespace="##other"/>
+ <xsd:element ref="jbsx:login-module" maxOccurs="unbounded"/>
</xsd:sequence>
- <xsd:attribute name="name" use="required" type="xsd:string"/>
+ <xsd:attribute name="name" type="xsd:string" use="required"/>
</xsd:complexType>
</xsd:element>
-
-
- <xsd:element name="authentication-jaspi">
+ <xsd:element name="auth-module" type="jbsx:authModuleInfo"/>
+ <xsd:complexType name="authModuleInfo">
<xsd:annotation>
<xsd:appinfo>
- <jbxb:skip/>
+ <jbxb:class impl="org.jboss.security.auth.container.config.AuthModuleEntryHolder"/>
</xsd:appinfo>
</xsd:annotation>
+ <xsd:sequence>
+ <xsd:element ref="jbsx:module-option" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ <xsd:attribute name="code" type="xsd:string" use="required"/>
+ <xsd:attribute name="login-module-stack-ref" type="xsd:string"/>
+ </xsd:complexType>
+ <xsd:element name="policy-module">
<xsd:complexType>
- <xsd:choice>
- <xsd:element maxOccurs="unbounded" ref="jbsx:login-module-stack"/>
- <xsd:element maxOccurs="unbounded" ref="jbsx:auth-module"/>
- </xsd:choice>
+ <xsd:annotation>
+ <xsd:appinfo>
+ <jbxb:class impl="org.jboss.security.authorization.config.AuthorizationConfigEntryHolder"/>
+ </xsd:appinfo>
+ </xsd:annotation>
+ <xsd:sequence>
+ <xsd:element ref="jbsx:module-option" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ <xsd:attribute name="code" type="xsd:string" use="required"/>
+ <xsd:attribute name="flag" type="jbsx:module-option-flag" use="required"/>
</xsd:complexType>
- </xsd:element>
-
- <xsd:element name="login-module-stack">
+ </xsd:element>
+ <xsd:element name="acl-module">
<xsd:complexType>
<xsd:annotation>
- <xsd:appinfo>
- <jbxb:class
- impl="org.jboss.security.auth.login.LoginModuleStackContainer"/>
+ <xsd:appinfo>
+ <jbxb:class impl="org.jboss.security.acl.config.ACLProviderEntryHolder"/>
</xsd:appinfo>
</xsd:annotation>
<xsd:sequence>
- <xsd:element minOccurs="1" maxOccurs="unbounded"
- ref="jbsx:login-module"/>
+ <xsd:element ref="jbsx:module-option" minOccurs="0" maxOccurs="unbounded"/>
</xsd:sequence>
- <xsd:attribute name="name" use="required" type="xsd:string"/>
+ <xsd:attribute name="code" type="xsd:string" use="required"/>
+ <xsd:attribute name="flag" type="module-option-flag" use="required"/>
</xsd:complexType>
</xsd:element>
-
- <xsd:element name="auth-module">
+ <xsd:element name="mapping-module">
<xsd:complexType>
<xsd:annotation>
<xsd:appinfo>
- <jbxb:class
- impl="org.jboss.security.auth.container.config.AuthModuleEntryHolder"/>
+ <jbxb:class impl="org.jboss.security.mapping.config.MappingConfigEntryHolder"/>
</xsd:appinfo>
</xsd:annotation>
<xsd:sequence>
- <xsd:element minOccurs="0" maxOccurs="unbounded"
- ref="jbsx:module-option"/>
+ <xsd:element ref="jbsx:module-option" minOccurs="0" maxOccurs="unbounded"/>
</xsd:sequence>
- <xsd:attribute name="code" use="required" type="xsd:string"/>
- <xsd:attribute name="login-module-stack-ref" type="xsd:string"/>
+ <xsd:attribute name="type" type="xsd:string" use="optional"/>
+ <xsd:attribute name="code" type="xsd:string" use="required"/>
</xsd:complexType>
</xsd:element>
- <xsd:element name="authorization">
- <xsd:annotation>
- <xsd:appinfo>
- <jbxb:skip/>
- </xsd:appinfo>
- </xsd:annotation>
+ <xsd:element name="provider-module">
<xsd:complexType>
+ <xsd:annotation>
+ <xsd:appinfo>
+ <jbxb:class impl="org.jboss.security.audit.config.AuditConfigEntryHolder"/>
+ </xsd:appinfo>
+ </xsd:annotation>
<xsd:sequence>
- <xsd:element ref="jbsx:policy-module"/>
+ <xsd:element ref="jbsx:module-option" minOccurs="0" maxOccurs="unbounded"/>
</xsd:sequence>
+ <xsd:attribute name="code" type="xsd:string" use="required"/>
</xsd:complexType>
</xsd:element>
-
- <xsd:element name="policy-module">
+ <xsd:element name="trust-module">
<xsd:complexType>
<xsd:annotation>
<xsd:appinfo>
- <jbxb:class
- impl="org.jboss.security.authorization.config.AuthorizationConfigEntryHolder"/>
+ <jbxb:class impl="org.jboss.security.identitytrust.config.IdentityTrustConfigEntryHolder"/>
</xsd:appinfo>
</xsd:annotation>
<xsd:sequence>
- <xsd:element minOccurs="0" maxOccurs="unbounded"
- ref="jbsx:module-option"/>
+ <xsd:element ref="jbsx:module-option" minOccurs="0" maxOccurs="unbounded"/>
</xsd:sequence>
- <xsd:attribute name="code" use="required" type="xsd:string"/>
- <xsd:attribute name="flag" use="required">
- <xsd:simpleType>
- <xsd:restriction base="xsd:string">
- <xsd:enumeration value="required"/>
- <xsd:enumeration value="requisite"/>
- <xsd:enumeration value="sufficient"/>
- <xsd:enumeration value="optional"/>
- </xsd:restriction>
- </xsd:simpleType>
- </xsd:attribute>
+ <xsd:attribute name="code" type="xsd:string" use="required"/>
+ <xsd:attribute name="flag" type="jbsx:module-option-flag" use="required"/>
</xsd:complexType>
</xsd:element>
</xsd:schema>
More information about the jboss-cvs-commits
mailing list