The configuration of the Remoting subsystem. The 'worker-thread-pool' element configures the worker thread pool. The nested "connector" element(s) define connectors for this subsystem. Configures the remoting endpoint. The name of the IO subsystem worker the endpoint should use. The SASL authorization ID. Used as authentication user name to use if no authentication CallbackHandler is specified and the selected SASL mechanism demands a user name. The authentication realm to use if no authentication CallbackHandler is specified. Where a SaslServer or SaslClient are created by default the protocol specified it 'remoting', this can be used to override this. The maximum outbound message size to send. No messages larger than this well be transmitted; attempting to do so will cause an exception on the writing side. The size of allocated buffer regions. The size of the largest buffer that this endpoint will accept over a connection. Specify the number of times a client is allowed to retry authentication before closing the connection. The maximum window size of the transmit direction for connection channels, in bytes. The maximum number of concurrent outbound messages on a channel. The size of the largest buffer that this endpoint will transmit over a connection. The maximum number of concurrent inbound messages on a channel. The maximum window size of the receive direction for connection channels, in bytes. The interval to use for connection heartbeat, in milliseconds. If the connection is idle in the outbound direction for this amount of time, a ping message will be sent, which will trigger a corresponding reply message. The maximum inbound message size to be allowed. Messages exceeding this size will cause an exception to be thrown on the reading side as well as the writing side. The maximum number of outbound channels to support for a connection. The maximum number of inbound channels to support for a connection. The server side of the connection passes it's name to the client in the initial greeting, by default the name is automatically discovered from the local address of the connection or it can be overridden using this. The base configuration of a Remoting connector. The "name" attribute specifies the unique name of this connector. The optional nested "sasl" element contains the SASL authentication configuration for this connector. The optional nested "authentication-provider" element contains the name of the authentication provider to use for incoming connections. The optional server-name attribute specifies the server name that should be used in the initial exchange with the client and within the SASL mechanisms used for authentication. The optional sasl-protocol attribute specifies the protocol that should be used within the SASL mechanisms. Deprecated: Security configuration for connectors should be specified using a sasl-authentication-factory and/or ssl-context reference instead of using a security-realm. Reference to the SASL authentication factory to use for authenticating requests to this connector. The configuration of a Remoting connector. The "socket-binding" attribute specifies the name of the socket binding to attach to. Reference to the SSLContext to use for this connector. The configuration of a Remoting HTTP upgrade based connector. The "connector-ref" specifies the name of the Undertow http connector to use. The configuration of the SASL authentication layer for this server. The optional nested "include-mechanisms" element contains a whitelist of allowed SASL mechanism names. No mechanisms will be allowed which are not present in this list. The optional nested "qop" element contains a list of quality-of-protection values, in decreasing order of preference. The optional nested "strength" element contains a list of cipher strength values, in decreasing order of preference. The optional nested "reuse-session" boolean element specifies whether or not the server should attempt to reuse previously authenticated session information. The mechanism may or may not support such reuse, and other factors may also prevent it. The optional nested "server-auth" boolean element specifies whether the server should authenticate to the client. Not all mechanisms may support this setting. The optional nested "policy" boolean element specifies a policy to use to narrow down the available set of mechanisms. Policy criteria items to use in order to choose a SASL mechanism. The optional nested "forward-secrecy" element contains a boolean value which specifies whether mechanisms that implement forward secrecy between sessions are required. Forward secrecy means that breaking into one session will not automatically provide information for breaking into future sessions. The optional nested "no-active" element contains a boolean value which specifies whether mechanisms susceptible to active (non-dictionary) attacks are not permitted. "false" to permit, "true" to deny. The optional nested "no-anonymous" element contains a boolean value which specifies whether mechanisms that accept anonymous login are permitted. "false" to permit, "true" to deny. The optional nested "no-dictionary" element contains a boolean value which specifies whether mechanisms susceptible to passive dictionary attacks are permitted. "false" to permit, "true" to deny. The optional nested "no-plain-text" element contains a boolean value which specifies whether mechanisms susceptible to simple plain passive attacks (e.g., "PLAIN") are not permitted. "false" to permit, "true" to deny. The optional nested "pass-credentials" element contains a boolean value which specifies whether mechanisms that pass client credentials are required. An element specifying a string list. A set of string items. The SASL quality-of-protection value list. See http://download.oracle.com/docs/cd/E17409_01/javase/6/docs/api/javax/security/sasl/Sasl.html#QOP for more information. The SASL strength value list. See http://download.oracle.com/docs/cd/E17409_01/javase/6/docs/api/javax/security/sasl/Sasl.html#STRENGTH for more information. A set of free-form properties. A free-form property. The name is required; the value is optional. Deprecated: Outbound connection definitions should migrate to use an authentication-context instead of the security-realm reference.