Google Git
Sign in
third-party-mirror / glassfish / 72ce4ae58454d3fcb01e99935111fed519e0cb7e / . / nucleus / deployment / dtds / src / main / resources / lib / dtds / sun-server_1_0.dtd
blob: 6c1cc53c661f9fd4b419884ffe2a801694ff51de [file] [log] [blame]
<!--
Copyright (c) 1997, 2020 Oracle and/or its affiliates. All rights reserved.
This program and the accompanying materials are made available under the
terms of the Eclipse Public License v. 2.0, which is available at
http://www.eclipse.org/legal/epl-2.0.
This Source Code may also be made available under the following Secondary
Licenses when the conditions for such availability set forth in the
Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
version 2 with the GNU Classpath Exception, which is available at
https://www.gnu.org/software/classpath/license.html.
SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-->
<!ENTITY % boolean "(yes | no | on | off | 1 | 0 | true | false)">
<!ENTITY % severity "(FINEST|FINER|FINE|CONFIG|INFO|WARNING|SEVERE|ALERT|FATAL)">
<!ENTITY % isolation "(read-uncommitted | read-committed | repeatable-read | serializable)">
<!-- J2EE Application Server Configuration
Each Application Server instance is a J2EEv1.3 compliant container.
One server instance is specially designated as the Administration Server.
User applications cannot be deployed to an Adminsitration Server instance.
instance-name name of the server instance.
locale If present logging and Administration interface, will use
the specified locale. Overrides OS locale setting.
log-root specifies where the server instance's log files are kept,
including HTTP access logs, server logs, and transaction
logs. Default is $INSTANCE_ROOT/logs
session-store specifies the directory where passivated beans and
persisted HTTP sessions are stored on the file system.
Defaults to $INSTANCE_ROOT/session-store
applications-root Directory where deployed application are stored. Defaults
to $INSTANCE_ROOT/applications
-->
<!ELEMENT server (http-service, iiop-service, admin-service?,
web-container, ejb-container, mdb-container,
jms-service, log-service, security-service, transaction-service,
java-config, resources, applications, property*)>
<!ATTLIST server name CDATA #REQUIRED
locale CDATA #IMPLIED
log-root CDATA #IMPLIED
application-root CDATA #IMPLIED
session-store CDATA #IMPLIED>
<!-- HTTP service configuration -->
<!ELEMENT http-service ((http-listener | mime | acl | virtual-server-class)*, http-qos?, property*)>
<!ATTLIST http-service qos-metrics-interval-in-seconds CDATA "30"
qos-recompute-time-interval-in-millis CDATA "100"
qos-enabled %boolean; "true">
<!-- Configure HTTP listener
id Unique identifier for http listener.
address IP address of the listen socket. Can be in dotted-pair or IPv6 notation.
Can also be any for INADDR_ANY. Configuring a listen socket to listen on
any is required if more than one http-listener is configured to it.
port Port number to create the listen socket on. Legal values are 1 - 65535.
On Unix, creating sockets that listen on ports 1 - 1024 requires
superuser privileges. Configuring an SSL listen socket to listen on
port 443 is recommended.
security-enabled (optional) Determines whether the http listener runs SSL. You can
turn SSL2 or SSL3 on or off and set ciphers using an ssl element
The Security setting in the init.conf file globally enables or disables
SSL by making certificates available to the server instance. Therefore,
Security in init.conf must be on or security in server.xml does not work.
acceptor-threads (optional) Number of acceptor threads for the listen socket.
The recommended value is the number of processors in the machine.
family (optional) The socket family type. The default is inet. Legal values are
inet, inet6, and nca. Use the value inet6 for IPv6 listen sockets.
When using the value of inet6, IPv4 addresses will be prefixed with
::ffff: in the log file. Specify nca to make use of the
Solaris Network Cache and Accelerator.
blocking-enabled (optional) Determines whether the http listener socket and the accepted
socket are put in to blocking mode. Use of blocking mode may improve
benchmark scores.
default-virtual-server The id attribute of the default virtual server for this
particular connection group.
server-name Tells the server what to put in the host name section of any URLs
it sends to the client. This affects URLs the server automatically generates;
it doesn't affect the URLs for directories and files stored in the server.
This name should be the alias name if your server uses an alias.
If you append a colon and port number, that port will be used in URLs
the server sends to the client.
-->
<!ELEMENT http-listener (ssl?)>
<!ATTLIST http-listener id CDATA #REQUIRED
address CDATA #REQUIRED
port CDATA #REQUIRED
family CDATA #IMPLIED
acceptor-threads CDATA "1"
blocking-enabled %boolean; "false"
security-enabled %boolean; "false"
default-virtual-server CDATA #REQUIRED
server-name CDATA #REQUIRED
enabled %boolean; "true">
<!-- Define SSL processing parameters
cert-nickname nickname of the server certificate in the certificate database
or the PKCS#11 token. In the certificate, the name format is
tokenname:nickname. Including the tokenname: part of the name
in this attribute is optional.
ssl2-enabled (optional) Determines whether SSL2 is enabled.
ssl3-enabled (optional) Determines whether SSL3 is enabled.
If both SSL2 and SSL3 are enabled for a virtual server, the server
tries SSL3 encryption first. If that fails, the server tries SSL2
encryption.
ssl2-ciphers (optional) A comma-separated list of the SSL2 ciphers used, with
the prefix + to enable or - to disable, for example +rc4. Allowed
values are rc4, rc4export, rc2, rc2export, idea, des, desede3.
If no value is specified, all supported ciphers are assumed to
be enabled.
ssl3-tls-ciphers (optional) A comma-separated list of the SSL3 ciphers used, with
the prefix + to enable or - to disable, for example +rsa_des_sha.
Allowed SSL3 values are rsa_rc4_128_md5, rsa3des_sha, rsa_des_sha,
rsa_rc4_40_md5, rsa_rc2_40_md5, rsa_null_md5. Allowed TLS values
are rsa_des_56_sha, rsa_rc4_56_sha. If no value is specified,
all supported ciphers are assumed to be enabled.
tls-enabled (optional) Determines whether TLS is enabled.
tls-rollback-enabled (optional) Determines whether TLS rollback is enabled. TLS
rollback should be enabled for Microsoft Internet Explorer
5.0 and 5.5.
client-auth-enabled (optional) Determines whether SSL3 client authentication is
performed on every request, independent of ACL-based access
control.
-->
<!ELEMENT ssl EMPTY>
<!ATTLIST ssl cert-nickname CDATA #REQUIRED
ssl2-enabled %boolean; "false"
ssl2-ciphers CDATA #IMPLIED
ssl3-enabled %boolean; "true"
ssl3-tls-ciphers CDATA #IMPLIED
tls-enabled %boolean; "true"
tls-rollback-enabled %boolean; "true"
client-auth-enabled %boolean; "false">
<!-- Defines MIME types.
The most common way that the server determines the MIME type of a requested
resource is by invoking the type-by-extension directive in the ObjectType
section of the obj.conf file. The type-by-extension function does not work
if no MIME element has been defined in the SERVER element.
id Internal name for the MIME types listing. Used in a virtual-server
element to define the MIME types used by the virtual server.
file name of a MIME types file.
-->
<!ELEMENT mime EMPTY>
<!ATTLIST mime id CDATA #REQUIRED
file CDATA #REQUIRED>
<!-- ACL File references
id internal name for the ACL file listing. Used in a Vrtual Server
element to define the ACL file used by the virtual server.
file name of the default ACL file
-->
<!ELEMENT acl EMPTY>
<!ATTLIST acl id CDATA #REQUIRED
file CDATA #REQUIRED>
<!-- virtual-server-class provides a way to specify a set of properties that will
apply to several virtual server instances.
id Virtual server class ID. This is a unique ID that allows lookup of a
specific virtual server class.
config-file file name of alternative obj.conf file for class of virtual servers.
Can be overridden in a virtual-server element.
default-object (optional) names the object loaded from an obj.conf file which is
the default. The default object is expected to have all the name
translation (NameTrans) directives for the virtual server; any
server behavior that is configured in the default object affects
the entire virtual server class. The default value is default.
If you specify an object that doesn't exist, the server doesn't
report an error until a client tries to retrieve a document. The
Server Manager assumes the default to be the object named default.
Don't deviate from this convention if you use (or plan to use) the
Server Manager.
accept-language (optional) If on, the server parses the Accept-Language header
and sends an appropriate language version based on which language
the client can accept. You should set this value to on only if the
server supports multiple languages. The default is off. Can be
overridden in a virtual-server element.
-->
<!ELEMENT virtual-server-class (virtual-server*, http-qos?, property*)>
<!ATTLIST virtual-server-class id CDATA #REQUIRED
config-file CDATA #IMPLIED
default-object CDATA "default"
accept-language %boolean; "false"
enabled %boolean; "true">
<!-- Configuration of Virtual Server
Virtualization in Application Server allows multiple URL domains to be served by
the same HTTP server process, which is listening on multiple host addresses If
an application is available at two virtual servers, they still share same physical
resource pools, such as JDBC connection pools.
Sun Application Server allows a list of virtual servers, to be specified
along with web-module and j2ee-application elements. This establishes an
association between URL domains, represented by the virtual server and the web
modules (standalone web modules or web modules inside the ear file)
id Virtual server ID. This is a unique ID that allows lookup of a
specific virtual server. Can also be referred to as the
variable $id in an obj.conf file. A virtual server ID cannot
begin with a number.
http-listeners (optional) A comma-separated list of http-listener id(s),
Required only for a Virtual Server that is not the default
virtual server.
default-web-module (optional) stand alone web module associated with this
virtual server by default.
config-file (optional) Typically all virtual server initialization is
from $INSTANCE_ROOT/config/obj.conf. This can be changed
using this attribute.
hosts A comma-separated list of values allowed in the Host request
header to select the current virtual server. Each Virtual Server
that is configured to the same Connection Group must have a
unique hosts value for that group.
mime The id of the mime element used by the virtual server.
state (optional) Determines whether a Virtual Server is active
(on) or inactive (off, disable). The default is on (active).
When inactive, a Virtual Server does not service requests.
If a Virtual Server is disabled, only the server administrator
can turn it on.
acls (optional) One or more id attributes of <acl> elements,
separated by commas. Specifies the ACL file(s) used by the
virtual server.
log-file (optional) Specifies a log file for virtual-server-specific
log messages. If this is not specified, log messages go to
$LOG_ROOT/server.log
accept-language (optional) If on, the server parses the Accept-Language header
and sends an appropriate language version based on which language
the client can accept. You should set this value to on only if
the server supports multiple languages. The default is picked
up from the virtual-server-class.
-->
<!ELEMENT virtual-server (http-qos?, auth-db*, property*)>
<!ATTLIST virtual-server id CDATA #REQUIRED
http-listeners CDATA #IMPLIED
default-web-module CDATA #IMPLIED
config-file CDATA #IMPLIED
default-object CDATA #IMPLIED
hosts CDATA #REQUIRED
mime CDATA #REQUIRED
state (on | off | disabled ) "on"
acls CDATA #IMPLIED
accept-language %boolean; #IMPLIED
log-file CDATA #IMPLIED>
<!-- http-qos defines the Quality of Service paramaters on HTTP path.
bandwidth-limit (optional) maximum bandwidth limit for the Virtual Server Class,
or Virtual Server, in bytes per second. Default is No Limit.
enforce-bandwidth-limit (optional) whether the bandwidth limit should be enforced or not.
connection-limit (optional) maximum number of concurrent connections for the
server, virtual-server-class, or virtual-server.
enforce-connection-limit (optional) whether the connection limit should be enforced or not.
-->
<!ELEMENT http-qos EMPTY>
<!ATTLIST http-qos bandwidth-limit CDATA #IMPLIED
enforce-bandwidth-limit %boolean; "false"
connection-limit CDATA #IMPLIED
enforce-connection-limit %boolean; "false">
<!-- auth-db defines the user database used by the virtual server.
id user database name in the virtual server's ACL file.
database user database name in the dbswitch.conf file.
basedn (optional) Overrides the base DN lookup in the dbswitch.conf file.
However, the basedn value is still relative to the base DN value from the
dbswitch.conf entry.
certmaps (optional) certificate to LDAP entry mappings (defined in certmap.conf)
to use. If not present, all mappings are used. All lookups based on mappings
in certmap.conf are relative to the final base DN (distinguished name)
of the Virtual Server.
-->
<!ELEMENT auth-db EMPTY>
<!ATTLIST auth-db id CDATA #REQUIRED
database CDATA #REQUIRED
basedn CDATA #IMPLIED
certmaps CDATA #IMPLIED>
<!-- ORB underlies the EJB container. Requests for EJBs from Application Client
Container(s) or from another EJB interoperability capable J2EE Container(s)
are serviced by iiop listener(s). One non-SSL iiop listener can be configured.
SSL support may require up to two SSL secured IIOP listeners to be configured:
Server Authentication only, Mutual Authentication only, or both.
ssl-client-config element specifies the SSL configuration when the Application
Server is making outbound IIOP/SSL connections.
By default, a server instance will configure non-secure IIOP access.
Administrator can create and configure IIOP/SSL listener(s).
-->
<!ELEMENT iiop-service (orb, ssl-client-config?, iiop-listener*)>
<!-- Orb Configuration properties
message-fragment-size GIOPv1.2 messages larger than this will get fragmented.
steady-thread-pool-size minimum number of threads listening for incoming requests.
max-thread-pool-size maximum number of threads that can listen for requests
idle-thread-timeout-in-seconds idle threads are removed from pool, after this time
log-level Can be set to control verbosity of log messages from Orb
monitoring-enabled Enables statistics collection
max-connections maximum number of incoming connections, on all listeners
-->
<!ELEMENT orb (property*)>
<!ATTLIST orb message-fragment-size CDATA "1024"
steady-thread-pool-size CDATA "10"
max-thread-pool-size CDATA "200"
idle-thread-timeout-in-seconds CDATA "300"
max-connections CDATA "1024"
log-level %severity;#IMPLIED
monitoring-enabled %boolean; "false">
<!-- Client SSL Configuration -->
<!ELEMENT ssl-client-config (ssl)>
<!-- IIOP Listener Configuration.
ssl element specifies optional SSL configuration
id unique identifier for this listener.
address ip address or hostname (resolvable by DNS)
port port number
enabled if false, a configured listener, is disabled
-->
<!ELEMENT iiop-listener (ssl?, property*)>
<!ATTLIST iiop-listener id CDATA #REQUIRED
address CDATA #REQUIRED
port CDATA "1072"
enabled %boolean; "true">
<!-- Administration Server is a distinguished server instance.
server-instance group of server instances administered by this
Administration Server.
log-level controls verbosity of log messages from Administration
-->
<!ELEMENT admin-service (server-instance | property)*>
<!ATTLIST admin-service log-level %severity; #IMPLIED>
<!-- Administered Server instance
name Name of the server instance
-->
<!ELEMENT server-instance EMPTY>
<!ATTLIST server-instance name CDATA #REQUIRED>
<!-- J2EE Applications look up resources registered with the
Application server, using portable JNDI names.
-->
<!ELEMENT resources ((custom-resource | external-jndi-resource |
jdbc-resource | mail-resource | jms-resource |
persistence-manager-factory-resource |
jdbc-connection-pool)*)>
<!-- Textual description of a configured entity -->
<!ELEMENT description (#PCDATA)>
<!-- custom (or generic) resource managed by a user-written factory class. -->
<!ELEMENT custom-resource (description?, property*)>
<!--
JNDI name for generic resource, the fully qualified type of the resource
and whether it is enabled at runtime
-->
<!ATTLIST custom-resource jndi-name CDATA #REQUIRED
res-type CDATA #REQUIRED
factory-class CDATA #REQUIRED
enabled %boolean; "true">
<!-- resource residing in an external JNDI repository -->
<!ELEMENT external-jndi-resource (description? , property*)>
<!ATTLIST external-jndi-resource jndi-name CDATA #REQUIRED
jndi-lookup-name CDATA #REQUIRED
res-type CDATA #REQUIRED
factory-class CDATA #REQUIRED
enabled %boolean; "true">
<!-- JDBC javax.sql.(XA)DataSource resource definition -->
<!ELEMENT jdbc-resource (description?, property*)>
<!ATTLIST jdbc-resource jndi-name CDATA #REQUIRED
pool-name CDATA #REQUIRED
enabled %boolean; "true">
<!--
jdbc-connection-pool defines configuration used to create and manage
a pool physical database connections. Pool definition is named, and
can be referred to by multiple jdbc-resource elements (See <jdbc-resource>).
Each named pool definition results in a pool instantiated at server
start-up. Pool is populated when accessed for the first time. If two
or more jdbc-resource elements point to the same jdbc-connection-pool
element, they are using the same pool of connections, at run time.
name unique name of the pool definition.
datasource-classname Name of the vendor supplied JDBC datasource
resource manager. An XA or global transactions
capable datasource class will implement
javax.sql.XADatasource interface. Non XA or
Local transactions only datasources will
implement javax.sql.Datasource interface.
res-type DataSource implementation class could implement
one or both of javax.sql.DataSource, javax.sql.XADataSource
interfaces. This optional attribute must be specified to
disambiguate when a Datasource class implements both
interfaces. An error is produced when this attribute has
a legal value and the indicated interface is not implemented
by the datasource class. This attribute has no default value.
steady-pool-size minimum and initial number of connections
maintained in the pool.
max-pool-size maximum number of conections that can be created
max-wait-time-in-millis amount of time the caller will wait before getting
a connection timeout. The default is 60 seconds.
A value of 0 will force caller to wait indefinitely.
pool-resize-quantity number of connections to be removed when
idle-timeout-in-seconds timer expires. Connections
that have idled for longer than the timeout are
candidates for removal. When the pool size reaches
steady-pool-size, the connection removal stops.
idle-timeout-in-seconds maximum time in seconds, that a connection can
remain idle in the pool. After this time, the pool
implementation can close this connection. Note that
this does not control connection timeouts enforced
at the database server side. Adminsitrators are
advised to keep this timeout shorter than the database
server side timeout (if such timeouts are configured
on the specific vendor's database), to prevent
accumulation of unusable connection in Application Server.
transaction-isolation-level Specifies the Transaction Isolation Level on the pooled
database connections. Optional. Has no default. If left unspecified
the pool operates with default isolation level provided by the
JDBC Driver. A desired isolation level can be set using one
of the standard transaction isolation levels:
read-uncommitted, read-committed, repeatable-read, serializable
Applications that change the Isolation level on a pooled
connection programmatically, risk polluting the pool and this
could lead to program errors.
Also see: is-isolation-level-guaranteed
is-isolation-level-guaranteed Applicable only when a particular isolation level is specified
for transaction-isolation-level. The default value is true.
This assures that every time a connection is obtained from
the pool, it is guaranteed to have the isolation set to the
desired value. This could have some performance impact on
some JDBC drivers. Can be set to false by that administrator
when they are certain that the application does not
change the isolation level before returning the connection.
is-connection-validation-required if true, connections are validated (checked to
find out if they are usable) before giving out to
the application. The default is false.
If is-connection-validation-required is true then connection-validation-type
specifies the type of validation to be performed. Three types of validation
are supported:
1) using connection.autoCommit(),
2) using connection.getMetaData()
3) performing a query on a user specified table (see validation-table-name).
The possible values are one of: auto-commit | meta-data | table
validation-table-name specifies the table name to be used to perform a query to
validate a connection. This parameter is mandatory, if connection-validation-type
set to table. Verification by accessing a user specified table may become necessary
for connection validation, particularly if database driver caches calls to
setAutoCommit() and getMetaData().
fail-all-connections: indicates if all connections in the pool must be
closed should a single validation check fail. The
default is false. One attempt will be made to
re-establish failed connections.
Use of property lists:
Most JDBC 2.0 drivers permit use of standard property lists, to specify User, Password
and other resource configuration. While these are optional properties, according to the
specification, several of these properties may be necessary for most databases. See
Section 5.3 of JDBC 2.0 Standard Extension API.
Name Value
databaseName Name of the Database.
serverName Database Server name.
port Port where a Database server is listening for requests.
networkProtocol Communication Protocol used.
user default name of the database user with which connections
will be stablished. Programmatic database authentication
or default-resource-principal specified in vendor specific
web and ejb deployment descriptors will take precedence,
over this default. The details and caveats are described
in detail in the Administrator's guide.
password password for default database user
roleName The initial SQL role name.
datasourceName used to name an underlying XADataSource, or
ConnectionPoolDataSource when pooling of connections is done
description Textual description
When one or more of these properties are specified, they are passed as is using set<Name>(<Value>)
methods to the vendors Datasource class (specified in datasource-classname). User and Password
properties are used as default principal, if Container Managed authentication is specified and
a default-resource-principal is not found in application deployment descriptors.
-->
<!ELEMENT jdbc-connection-pool (description?, property*)>
<!ATTLIST jdbc-connection-pool name CDATA #REQUIRED
datasource-classname CDATA #REQUIRED
res-type CDATA #IMPLIED
steady-pool-size CDATA "8"
max-pool-size CDATA "32"
max-wait-time-in-millis CDATA "60000"
pool-resize-quantity CDATA "2"
idle-timeout-in-seconds CDATA "300"
transaction-isolation-level %isolation; #IMPLIED
is-isolation-level-guaranteed %boolean; "true"
is-connection-validation-required %boolean; "false"
connection-validation-method (auto-commit |
meta-data |
table ) "auto-commit"
validation-table-name CDATA #IMPLIED
fail-all-connections %boolean; "false">
<!-- The mail-resource element describes a jakarta.mail.Session resource -->
<!ELEMENT mail-resource (description?, property*)>
<!ATTLIST mail-resource jndi-name CDATA #REQUIRED
store-protocol CDATA "imap"
store-protocol-class CDATA "com.sun.mail.imap.IMAPStore"
transport-protocol CDATA "smtp"
transport-protocol-class CDATA "com.sun.mail.smtp.SMTPTransport"
host CDATA #REQUIRED
user CDATA #REQUIRED
from CDATA #REQUIRED
debug %boolean; "false"
enabled %boolean; "true">
<!--
Persistence Manager runtime configuration.
jndi-name JNDI name for this resource
jdbc-resource-jndi-name: jdbc resource with which database connections are obtained.
must be the name of one of pre-created jdbc resources.
factory-class: Class that creates persistence manager instance.
-->
<!ELEMENT persistence-manager-factory-resource (description? , property*)>
<!ATTLIST persistence-manager-factory-resource jndi-name CDATA #REQUIRED
factory-class CDATA
"com.sun.jdo.spi.persistence.support.sqlstore.impl.PersistenceManagerFactoryImpl"
jdbc-resource-jndi-name CDATA #IMPLIED
enabled %boolean; "true">
<!--
The jms-resource element contains JMS resource definitions for the
built-in JMS service that is managed by the Application Server.
property This is used to list optional JMS vendor specific
attribute=value pairs for configuring the resource.
jndi-name JNDI name.
res-type JMS resource type. This can be one of:
javax.jms.Topic
javax.jms.Queue
javax.jms.TopicConnectionFactory
javax.jms.QueueConnectionFactory
enabled Determines whether the resource is enabled (can be used)
at runtime or not. This attribute is not used currently.
-->
<!ELEMENT jms-resource (description?, property*)>
<!ATTLIST jms-resource jndi-name CDATA #REQUIRED
res-type CDATA #REQUIRED
enabled %boolean; "true">
<!--
The jms-service element specifies information about the bundled/built-in
JMS service that is managed by Application Server.
If the "enabled" attribute is set to "true", the server instance
will be responsible for starting up and shutting down the JMS service.
If the "enabled" attribute is set to "false", the server instance
will not startup nor shutdown the JMS service (either because JMS
is not used or because it is managed independently of application server).
"port" attribute specifies the port number used by the JMS service.
"admin-username" attribute specifies the admin username.
"admin-password" attribute specifies the admin password.
"init-timeout-in-seconds" specifies the time server instance
will wait at start up, for its corresponding JMS service instance
to respond. If there is no response within the specifies timeout
period, application server startup is aborted.
"start-args" specifies the arguments that will be supplied to
start up the corresponding JMS service instance.
-->
<!ELEMENT jms-service (property*)>
<!ATTLIST jms-service port CDATA "7676"
admin-user-name CDATA "admin"
admin-password CDATA "admin"
init-timeout-in-seconds CDATA "60"
start-args CDATA #IMPLIED
log-level %severity;#IMPLIED
enabled %boolean; "true">
<!--
Configuration of EJB Container. Properties apply to all beans in all deployed applications,
unless different parameters are specified in Sun Application Server specific deployment
descriptors. Applicability is indicated in middle column, using the following acronyms:
slsb - stateless session bean
sfsb - stateful session bean
eb - entity bean (incl. read-only)
steady-pool-size slsb,eb number of bean instances normally maintained in pool. When a pool
is first created, it will be populated with size equal to
steady-pool-size. When an instance is removed from the pool, it
is replenished asynchronously, so that the pool size is at
or above the steady-pool-size. This additions will be in multiples
of pool-resize-quantity. When a bean is disassociated from a
method invocation, it is put back in the pool, subject to
max-pool-size limit. If the max pool size is exceeded the bean
id destroyed immediately. A pool cleaning thread, executes at
an interval defined by pool-idle-timeout-in-seconds. This thread
reduces the pool size to steady-pool-size, in steps defined by
pool-resize-quantity. If the pool is empty, the required object
will be created and returned immediately. This prevents threads
from blocking till the pool is replenished by the background
thread. steady-pool-size must be greater than 1 and at most equal
to the max-pool-size.
max-pool-size slsb,eb maximum size, a pool can grow to. A value of 0 implies
an unbounded pool. Unbounded pools eventually shrink to the
steady-pool-size, in steps defined by pool-resize-quantity.
pool-resize-quantity slsb,eb size of bean pool grows (shrinks) in steps specified by
pool-resize-quantity, subject to max-pool-size (steady-pool-size) limit.
Pool is resized when the pool cleaner thread runs. This rate at which
this thread runs is defined by pool-idle-timeout-in-seconds
pool-resize-quantity must be greater 1 and less than max-pool-size.
pool will never be resized below the steady pool size.
pool-idle-timeout-in-seconds slsb,eb defines the rate at which the pool cleaning thread is executed.
this thread checks if current size is greater than steady pool
size, it removes pool-resize-quantity elements. If the current
size is less than steady-pool-size it is increased by
pool-resize-quantity, with a ceiling of
min (current-pool-size + pool-resize-quantity, max-pool-size)
Only objects that have not been accessed for more than
pool-idle-timeout-in-seconds are candidates for removal.
cache-resize-quantity eb,sfsb Cache elements have identity, hence growth is in unit steps
and created on demand. Shrinking of cache happens
when cache-idle-timeout-in-seconds timer expires and a cleaner
thread passivates beans which have been idle for longer than
cache-idle-timeout-in-seconds. All idle instances are passivated at once.
cache-resize-quantity does not apply in this case.
when max cache size is reached, an asynchronous task is created
to bring the size back under the max-cache-size limit. This task
removes cache-resize-quantity elements, consulting the
victim-selection-policy.
Must be greater than 1 and less than max-cache-size.
max-cache-size sfsb,eb specifies the maximum number of instances that can be cached.
For entity beans, internally two caches are maintained for
higher concurrency: (i) Ready (R$) (ii) Active in an Incomplete
Transaction (TX$). The TX$ is populated with instances from R$
or from the Pool directly. When an instance in TX$ completes the
transaction, it is placed back in the R$ (or in pool, in case an
instance with same identity already is in R$). max-cache-size
only specifies the upper limit for R$. The container computes
an appropriate size for TX$. For SFSBs, after the
max-cache-size is reached, beans (as determined by
the victim-selection-policy) get passivated.
cache-idle-timeout-in-seconds sfsb,eb specifies the rate at which the cache cleaner thread is scheduled.
All idle instances are passivated at once.
removal-timeout-in-seconds sfsb Instance is removed from cache or passivation store, if it is
not accesed within this time. All instances that can be removed,
will be removed.
victim-selection-policy sfsb Victim selection policy when cache needs to shrink. fifo method
picks victims, oldest instance first. lru algorithm picks least
recently accessed instances. nru policy tries to pick
"not recently used" instances and is a pseudo-random selection
process. Victims are passivated. Entity Bean Victims are selected
always using fifo discipline. Does not apply to slsb because it
does not matter, which particular instances are removed.
commit-option eb Entity Beans caching is controlled by this setting. Commit Option
C implies that no caching is performed in the container.
Above defaults, apply only if they are not specified in vendor specific Bean Deployment Descriptors.
log-level Log level verbosity, set for messages that appear from container.
monitoring-enabled Enable statistics gathering in EJB container.
-->
<!ELEMENT ejb-container (property*)>
<!ATTLIST ejb-container steady-pool-size CDATA "32"
pool-resize-quantity CDATA "16"
max-pool-size CDATA "64"
cache-resize-quantity CDATA "32"
max-cache-size CDATA "512"
pool-idle-timeout-in-seconds CDATA "600"
cache-idle-timeout-in-seconds CDATA "600"
removal-timeout-in-seconds CDATA "5400"
victim-selection-policy (fifo | lru | nru) "nru"
commit-option (B | C) "B"
log-level %severity; #IMPLIED
monitoring-enabled %boolean; "false">
<!ELEMENT web-container (property*)>
<!ATTLIST web-container monitoring-enabled %boolean; "false"
log-level %severity;#IMPLIED>
<!--
Configuration of MDB Container
steady-pool-size minimum and initial number of message driven beans in pool.
pool-resize-quantity quantum of increase/decrease, when the size of pool grows/shrinks.
max-pool-size maximum size, pool can grow to.
idle-timeout-in-seconds idle bean instance in pool becomes a candidate for deletion,
when this timeout expires.
The above pool defaults, apply if they are not specified in the
Sun Application Server specific Deployment Descriptors.
log-level Log level verbosity, set for messages that appear from MDB container.
monitoring-enabled Enable statistics gathering in MDB container.
-->
<!ELEMENT mdb-container (property*)>
<!ATTLIST mdb-container steady-pool-size CDATA "10"
pool-resize-quantity CDATA "2"
max-pool-size CDATA "60"
idle-timeout-in-seconds CDATA "600"
log-level %severity;#IMPLIED
monitoring-enabled %boolean; "false">
<!-- Logging Configuration
By default, logs would be kept in $INSTANCE_ROOT/logs. This can be changed
by changing server.log-root attribute. The following log files will be stored
under the logs directory.
access.log keeps default virtual server HTTP access messages.
server.log keeps log messages from default virtual server.
Messages from other configured virtual servers
also go here, unless log-file is explicitly
specified in the virtual-server element.
file attribute can be used to rename or relocate server.log using absolute
path or relative to logs-root (specified in <server> element)
level specifies the system default log verbosity level. Various server
sub systems can override this level, so as to configure different log
reporting levels. See log-level attribute under <transaction-service>,
<admin-service>, <web-container>, <ejb-container>, <mdb-container>
log-stdout if true, messages written to stdout will appear in log file.
log-stderr if true, messages written to stderr will appear in log file.
echo-log-messages-to-stderr if true, all log messages will also appear
on console, if avaialable
create-console if true, console window will be created to show log messages.
log-virtual-server-id if true, log message is also decorated with the
virtual server instance from which the log message was
produced. Useful when multiple virtual servers are
configured and they do not have separate log files.
It is possible to configure separate log files for each
virtual server. See <virtual-server> element.
use-system-logging if true, will utilize Unix syslog service or Windows
Event Logging to produce and manage logs.
-->
<!ELEMENT log-service (property*)>
<!ATTLIST log-service file CDATA #IMPLIED
level %severity; "INFO"
log-stdout %boolean; "true"
log-stderr %boolean; "true"
echo-log-messages-to-stderr %boolean; "true"
create-console %boolean; "false"
log-virtual-server-id %boolean; "false"
use-system-logging %boolean; "false">
<!--
The security service element defines parameters and configuration
information needed by the core J2EE security service. Some
container-specific security configuration elements are in the various
container configuration elements and not here. SSL configuration is also
elsewhere. At this time the security service configuration consists of a set of
authentication realms. A number of top-level attributes are defined as well.
default-realm: Specifies which realm (by name) is used by default when no
realm is specifically requested. The file realm is the common default.
default-principal: Used as the identity of default security contexts when
necessary and no principal is provided.
default-principal-pwd: Password of default principal.
anonymous-role: Used as role name for default/anonymous role.
audit-enabled: If true, additional access logging is performed to provide
audit information.
-->
<!ELEMENT security-service (auth-realm+ , property*)>
<!ATTLIST security-service default-realm CDATA "file"
default-principal CDATA #IMPLIED
default-principal-password CDATA #IMPLIED
anonymous-role CDATA "ANYONE"
audit-enabled %boolean; "false"
log-level %severity;#IMPLIED>
<!--
The auth-realm element defines and configures one authentication realm.
There must be at least one realm available for a server instance; any
number can be configured, as desired.
Authentication realms need provider-specific parameters which vary depending
on what a particular implementation needs; these are defined as properties
since they vary by provider and cannot be predicted for any custom or add-on
providers.
For the default file provider, the param used is: filename.
name: defines the name of this realm
classname: defines the java class which implements this realm
property: name/value pairs of provider implementation specific attributes.
-->
<!ELEMENT auth-realm (property*)>
<!ATTLIST auth-realm name CDATA #REQUIRED
classname CDATA #REQUIRED>
<!-- Configuration for Transaction Manager.
automatic-recovery if true, server instance attempts recovery at restart.
timeout-in-seconds amount of time the transaction manager waits for
response from a datasource participating in transaction.
A value of 0 implies infinite timeout.
tx-log-dir By default the transaction log is kept in the directory
$INSTANCE_ROOT/logs/tx.log. If user specifies log-root
attribute under <server> element, tx.log would appear
in that directory. User can also specify an alternative
location using transaction-service.txlog-file attribute.
The transaction service creates and uses 3 files for
logging and tracking transactions in progress.
heuristic-decision During recovery, if outcome of a transaction cannot be
determined from the logs, then this property is used
to fix the outcome.
keypoint-interval property used to specify the number of transactions between
keypoint operations on the log. A Keypoint operations could
reduce the size of the transaction log files. A larger value
for this property (for example, 1000) will result in larger
transaction log files, between log compactions, but less
keypoint operations, and potentially better performance.
A smaller value (e.g. 20) results in smaller log files but
slightly reduced performance due to the greater frequency of
keypoint operations.
interoperability this flag when true, propagates the transaction context
over IIOP. Transactions can span across beans executing in
separate, J2EE interoperability capable, containers.
log-level If greater or less verbosity is desired from transaction
sub-system this can be adjusted. Note that this refers to
logging messages and not transaction co-ordination logs.
monitoring-enabled If true, statistics will be collected
-->
<!ELEMENT transaction-service (property*)>
<!ATTLIST transaction-service automatic-recovery %boolean; "false"
timeout-in-seconds CDATA "0"
tx-log-dir CDATA #IMPLIED
heuristic-decision (rollback | commit) "rollback"
keypoint-interval CDATA "2048"
log-level %severity; #IMPLIED
monitoring-enabled %boolean; "false">
<!-- Various types of applications that can be deployed on Sun Application
Server instance
applications-dir specifies an absolute path to where deployed
applications will reside for this instance. The default location
is $INSTANCE_ROOT/applications
dynamic-reload-enabled when true, server checks timestamp on a .reload
file at every module and application directory level to trigger reload.
polling frequency is controlled by reload-poll-interval-in-seconds
-->
<!ELEMENT applications ((lifecycle-module | j2ee-application | ejb-module |
web-module | connector-module)*)>
<!ATTLIST applications dynamic-reload-enabled %boolean; "false"
dynamic-reload-poll-interval-in-seconds CDATA "2">
<!--
Server Lifecycle Listener Modules
name unqiue identifier for the deployed server lifecycle event
listener module.
class-name fully qualified name of the startup class.
classpath where this module is actually located, if it is not under
applications-root
load-order integer value that can be used to force the order in which deployed
lifecycle modules are loaded at server start up. Smaller numbered
modules get loaded sooner. Order is unspecified if two or more
lifecycle modules have the same load-order value.
is-failure-fatal, if true, aborts server start up if this module does not
load properly.
enabled boolean attribute. If set to "false" this module will not be
loaded at server start up.
-->
<!ELEMENT lifecycle-module (description?, property*)>
<!ATTLIST lifecycle-module name CDATA #REQUIRED
class-name CDATA #REQUIRED
classpath CDATA #IMPLIED
load-order CDATA #IMPLIED
is-failure-fatal %boolean; "false"
enabled %boolean; "true">
<!ELEMENT j2ee-application (description?)>
<!ATTLIST j2ee-application name CDATA #REQUIRED
location CDATA #REQUIRED
virtual-servers CDATA #IMPLIED
enabled %boolean; "true">
<!ELEMENT web-module (description?)>
<!ATTLIST web-module name CDATA #REQUIRED
context-root CDATA #REQUIRED
location CDATA #REQUIRED
virtual-servers CDATA #IMPLIED
enabled %boolean; "true">
<!ELEMENT ejb-module (description?)>
<!ATTLIST ejb-module name CDATA #REQUIRED
location CDATA #REQUIRED
enabled %boolean; "true">
<!ELEMENT connector-module (description?)>
<!ATTLIST connector-module name CDATA #REQUIRED
location CDATA #REQUIRED
enabled %boolean; "true">
<!-- Java Runtime environment configuration
java-home Specifies the installation directory for Java runtime. JDK 1.4 or higher is supported.
debug-enabled If set to true, the server starts up in debug mode ready for attaching with a JPDA
based debugger.
debug-options JPDA based debugging options string.
rmic-options Options string passed to RMI compiler, at application deployment time.
javac-options Options string passed to Java compiler, at application deployment time.
classpath-prefix A java classpath string that is prefixed to server-classpath
classpath-suffix A java classpath string that is appended to server-classpath
server-classpath A java classpath string that specifies the classes needed by the Application server.
Do not expect users to change this under normal conditions.
native-library-path is automatically constructed to be a concatenation of Application Server
installation relative path for its native shared libraries, standard JRE native library path,
the shell environment setting (LD_LIBRARY_PATH on Unix) and any path that may be specified
in the profile element. Since this is synthesied, it is not required to have this appear
explicitly in the server configuration.
native-library-path-prefix (native-library-path-suffix) is prepended (appended) to the native
library path, which is constricted as per the above description.
bytecode-preprocessors A comma separated list of classnames, each of which must implement the
com.sun.appserv.BytecodePreprocessor interface. Each of the specified
preprocessor class will be called in the order specified. At the moment
the comelling use is for a 3rd party Performance Profiling tool.
env-classpath-ignored If set to false, the CLASSPATH environment variable will be read and
appended to the Application Server classpath, which is constructed as
described above. The CLASSPATH environment variable will be added after
the classpath-suffix, at the very end.
-->
<!ELEMENT java-config (profiler?, (jvm-options | property)*)>
<!ATTLIST java-config java-home CDATA #REQUIRED
debug-enabled %boolean; "false"
debug-options CDATA "-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=n"
rmic-options CDATA "-iiop -poa -alwaysgenerate -keepgenerated -g"
javac-options CDATA "-g"
classpath-prefix CDATA #IMPLIED
server-classpath CDATA #IMPLIED
classpath-suffix CDATA #IMPLIED
native-library-path-prefix CDATA #IMPLIED
native-library-path-suffix CDATA #IMPLIED
bytecode-preprocessors CDATA #IMPLIED
env-classpath-ignored %boolean; "true">
<!-- String value for options that will be passed to the JVM -->
<!ELEMENT jvm-options (#PCDATA)>
<!-- Profilers could be one of jprobe, optimizeit, hprof, wily and so on
jvm-options and property elements are used to record the settings
needed to get a particular profiler going. A server instance is tied
to a particular profiler, by the profiler element in java-config.
Changing the profiler will require a server restart.
The adminstrative graphical interfaces, could list multiple supported
profilers (incomplete at this point) and will populate server.xml
appropriately. Admin CLI support for profilers, need not be supported.
-->
<!ELEMENT profiler ((jvm-options | property)*)>
<!ATTLIST profiler name CDATA #REQUIRED
classpath CDATA #IMPLIED
native-library-path CDATA #IMPLIED
enabled %boolean; "true">
<!-- Syntax for supplying properties as name value pairs -->
<!ELEMENT property (description?)>
<!ATTLIST property name CDATA #REQUIRED
value CDATA #REQUIRED>