blob: 83a94874d5d1b08e97769113441ea225da70b477 [file] [log] [blame]
<!--
Copyright (c) 2010, 2018 Oracle and/or its affiliates. All rights reserved.
This program and the accompanying materials are made available under the
terms of the Eclipse Public License v. 2.0, which is available at
http://www.eclipse.org/legal/epl-2.0.
This Source Code may also be made available under the following Secondary
Licenses when the conditions for such availability set forth in the
Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
version 2 with the GNU Classpath Exception, which is available at
https://www.gnu.org/software/classpath/license.html.
SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-->
<domain log-root="${com.sun.aas.instanceRoot}/logs" application-root="${com.sun.aas.instanceRoot}/applications" version="10.0">
<security-configurations>
<authorization-service default="true" name="authorizationService">
<security-provider name="simpleAuthorization" type="Simple" provider-name="simpleAuthorizationProvider">
<authorization-provider-config support-policy-deploy="false" name="simpleAuthorizationProviderConfig"></authorization-provider-config>
</security-provider>
</authorization-service>
</security-configurations>
<system-applications />
<applications />
<resources/>
<servers>
<server name="server" config-ref="server-config">
<resource-ref ref="jdbc/__TimerPool" />
<resource-ref ref="jdbc/__default" />
</server>
</servers>
<configs>
<config name="server-config">
<http-service>
<access-log rotation-suffix="yyyy-MM-dd" rotation-interval-in-minutes="15" />
<virtual-server id="server" network-listeners="http-listener-1,http-listener-2">
<property name="docroot" value="${com.sun.aas.instanceRoot}/docroot" />
<property name="accesslog" value="${com.sun.aas.instanceRoot}/logs/access" />
<property name="sso-enabled" value="false" />
</virtual-server>
<virtual-server id="__asadmin" network-listeners="admin-listener">
<property name="docroot" value="${com.sun.aas.instanceRoot}/docroot" />
<property name="accesslog" value="${com.sun.aas.instanceRoot}/logs/access" />
<property name="sso-enabled" value="false" />
</virtual-server>
</http-service>
<iiop-service>
<orb use-thread-pool-ids="thread-pool-1" />
<iiop-listener id="orb-listener-1" port="3700" address="0.0.0.0" />
<iiop-listener id="SSL" port="3820" address="0.0.0.0" security-enabled="true">
<ssl cert-nickname="s1as" />
</iiop-listener>
<iiop-listener id="SSL_MUTUALAUTH" port="3920" address="0.0.0.0" security-enabled="true">
<ssl cert-nickname="s1as" client-auth-enabled="true" />
</iiop-listener>
</iiop-service>
<admin-service system-jmx-connector-name="system" type="das-and-server">
<jmx-connector port="8686" address="0.0.0.0" security-enabled="false" name="system" auth-realm-name="admin-realm" />
<das-config dynamic-reload-enabled="true" deploy-xml-validation="full" autodeploy-dir="${com.sun.aas.instanceRoot}/autodeploy" autodeploy-enabled="true" />
<property name="adminConsoleContextRoot" value="/admin" />
<property name="adminConsoleDownloadLocation" value="glassfish/lib/install/applications/admingui.war" />
<property name="ipsRoot" value="${com.sun.aas.installRoot}/.." />
</admin-service>
<log-service log-rotation-limit-in-bytes="2000000" file="${com.sun.aas.instanceRoot}/logs/server.log">
<module-log-levels />
</log-service>
<security-service>
<auth-realm name="admin-realm" classname="com.sun.enterprise.security.auth.realm.file.FileRealm">
<property name="file" value="${com.sun.aas.instanceRoot}/config/admin-keyfile" />
<property name="jaas-context" value="fileRealm" />
</auth-realm>
<auth-realm name="file" classname="com.sun.enterprise.security.auth.realm.file.FileRealm">
<property name="file" value="${com.sun.aas.instanceRoot}/config/keyfile" />
<property name="jaas-context" value="fileRealm" />
</auth-realm>
<auth-realm name="certificate" classname="com.sun.enterprise.security.auth.realm.certificate.CertificateRealm" />
<jacc-provider policy-provider="org.glassfish.exousia.modules.locked.SimplePolicyProvider" name="default" policy-configuration-factory-provider="org.glassfish.exousia.modules.locked.SimplePolicyConfigurationFactory">
<property name="repository" value="${com.sun.aas.instanceRoot}/generated/policy" />
</jacc-provider>
<jacc-provider policy-provider="org.glassfish.exousia.modules.locked.SimplePolicyProvider" name="simple" policy-configuration-factory-provider="org.glassfish.exousia.modules.locked.SimplePolicyConfigurationFactory" />
<audit-module name="default" classname="com.sun.enterprise.security.ee.Audit">
<property name="auditOn" value="false" />
</audit-module>
<message-security-config auth-layer="SOAP">
<provider-config provider-type="client" provider-id="XWS_ClientProvider" class-name="com.sun.xml.wss.provider.ClientSecurityAuthModule">
<request-policy auth-source="content" />
<response-policy auth-source="content" />
<property name="encryption.key.alias" value="s1as" />
<property name="signature.key.alias" value="s1as" />
<property name="dynamic.username.password" value="false" />
<property name="debug" value="false" />
</provider-config>
<provider-config provider-type="client" provider-id="ClientProvider" class-name="com.sun.xml.wss.provider.ClientSecurityAuthModule">
<request-policy auth-source="content" />
<response-policy auth-source="content" />
<property name="encryption.key.alias" value="s1as" />
<property name="signature.key.alias" value="s1as" />
<property name="dynamic.username.password" value="false" />
<property name="debug" value="false" />
<property name="security.config" value="${com.sun.aas.instanceRoot}/config/wss-server-config-1.0.xml" />
</provider-config>
<provider-config provider-type="server" provider-id="XWS_ServerProvider" class-name="com.sun.xml.wss.provider.ServerSecurityAuthModule">
<request-policy auth-source="content" />
<response-policy auth-source="content" />
<property name="encryption.key.alias" value="s1as" />
<property name="signature.key.alias" value="s1as" />
<property name="debug" value="false" />
</provider-config>
<provider-config provider-type="server" provider-id="ServerProvider" class-name="com.sun.xml.wss.provider.ServerSecurityAuthModule">
<request-policy auth-source="content" />
<response-policy auth-source="content" />
<property name="encryption.key.alias" value="s1as" />
<property name="signature.key.alias" value="s1as" />
<property name="debug" value="false" />
<property name="security.config" value="${com.sun.aas.instanceRoot}/config/wss-server-config-1.0.xml" />
</provider-config>
</message-security-config>
</security-service>
<monitoring-service>
<module-monitoring-levels />
</monitoring-service>
<java-config debug-options="-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=n,address=9009" system-classpath="" classpath-suffix="">
<jvm-options>-client</jvm-options>
<jvm-options>-XX:+UnlockDiagnosticVMOptions</jvm-options>
<jvm-options>-XX:+LogVMOutput</jvm-options>
<jvm-options>-XX:LogFile=${com.sun.aas.instanceRoot}/logs/jvm.log</jvm-options>
<jvm-options>-Djava.security.policy=${com.sun.aas.instanceRoot}/config/server.policy</jvm-options>
<jvm-options>-Djava.security.auth.login.config=${com.sun.aas.instanceRoot}/config/login.conf
</jvm-options>
<jvm-options>-Dsun.rmi.dgc.server.gcInterval=3600000</jvm-options>
<jvm-options>-Dsun.rmi.dgc.client.gcInterval=3600000</jvm-options>
<jvm-options>-Xmx512m</jvm-options>
<jvm-options>-Djavax.net.ssl.keyStore=${com.sun.aas.instanceRoot}/config/keystore.jks</jvm-options>
<jvm-options>-Djavax.net.ssl.trustStore=${com.sun.aas.instanceRoot}/config/cacerts.jks</jvm-options>
<jvm-options>
-Djava.ext.dirs=${com.sun.aas.javaRoot}/lib/ext${path.separator}${com.sun.aas.javaRoot}/jre/lib/ext${path.separator}${com.sun.aas.instanceRoot}/lib/ext${path.separator}${com.sun.aas.derbyRoot}/lib
</jvm-options>
<jvm-options>-Djdbc.drivers=org.apache.derby.jdbc.ClientDriver</jvm-options>
<jvm-options>
-Dcom.sun.enterprise.config.config_environment_factory_class=com.sun.enterprise.config.serverbeans.AppserverConfigEnvironmentFactory
</jvm-options>
<jvm-options>-XX:NewRatio=2</jvm-options>
</java-config>
<thread-pools>
<thread-pool thread-pool-id="thread-pool-1" />
</thread-pools>
<management-rules enabled="true" />
<network-config>
<protocols>
<protocol name="http-listener-1">
<http header-buffer-length="8192" forced-response-type="text/plain; charset=iso-8859-1" default-virtual-server="server" max-connections="250" server-name="" default-response-type="text/plain; charset=iso-8859-1">
<file-cache enabled="false" />
</http>
</protocol>
<protocol security-enabled="true" name="http-listener-2">
<http header-buffer-length="8192" forced-response-type="text/plain; charset=iso-8859-1" default-virtual-server="server" max-connections="250" server-name="" default-response-type="text/plain; charset=iso-8859-1">
<file-cache enabled="false" />
</http>
<ssl ssl3-enabled="false" cert-nickname="s1as" />
</protocol>
<protocol name="admin-listener">
<http header-buffer-length="8192" forced-response-type="text/plain; charset=iso-8859-1" default-virtual-server="__asadmin" max-connections="250" server-name="" default-response-type="text/plain; charset=iso-8859-1">
<file-cache enabled="false" />
</http>
</protocol>
</protocols>
<network-listeners>
<thread-pool max-thread-pool-size="20" min-thread-pool-size="2" thread-pool-id="http-thread-pool" max-queue-size="4096" />
<network-listener port="8080" protocol="http-listener-1" transport="tcp" name="http-listener-1" thread-pool="http-thread-pool" />
<network-listener port="8181" enabled="false" protocol="http-listener-2" transport="tcp" name="http-listener-2" thread-pool="http-thread-pool" />
<network-listener port="4848" protocol="admin-listener" transport="tcp" name="admin-listener" thread-pool="http-thread-pool" />
</network-listeners>
<transports>
<transport name="tcp" />
</transports>
</network-config>
</config>
</configs>
<property name="administrative.domain.name" value="domain1" />
</domain>