319 lines
13 KiB
XML
319 lines
13 KiB
XML
<?xml version="1.0" encoding="UTF-8"?>
|
|
|
|
<!--
|
|
~ Copyright The WildFly Authors
|
|
~ SPDX-License-Identifier: Apache-2.0
|
|
-->
|
|
|
|
<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema"
|
|
targetNamespace="urn:jboss:domain:remoting:1.1"
|
|
xmlns="urn:jboss:domain:remoting:1.1"
|
|
elementFormDefault="qualified"
|
|
attributeFormDefault="unqualified"
|
|
version="1.1">
|
|
|
|
<!-- The remoting subsystem root element -->
|
|
<xs:element name="subsystem" type="subsystem"/>
|
|
|
|
<xs:complexType name="subsystem">
|
|
<xs:annotation>
|
|
<xs:documentation>
|
|
<![CDATA[
|
|
The configuration of the Remoting subsystem.
|
|
|
|
The 'worker-thread-pool' element configures the worker thread pool.
|
|
The nested "connector" element(s) define connectors for this subsystem.
|
|
]]>
|
|
</xs:documentation>
|
|
</xs:annotation>
|
|
<xs:sequence>
|
|
<xs:element name="worker-thread-pool" type="workerThreadsType" minOccurs="0"/>
|
|
<xs:element name="connector" type="connector" minOccurs="0" maxOccurs="unbounded"/>
|
|
<xs:element name="outbound-connections" minOccurs="0" type="outbound-connectionsType" />
|
|
</xs:sequence>
|
|
</xs:complexType>
|
|
|
|
<xs:complexType name="workerThreadsType">
|
|
<xs:annotation>
|
|
<xs:documentation>
|
|
<![CDATA[
|
|
The configuration of the worker thread pool.
|
|
|
|
The attributes correspond to the following xnio options:
|
|
]]>
|
|
</xs:documentation>
|
|
</xs:annotation>
|
|
<xs:attribute name="read-threads" type="xs:integer" use="optional"/>
|
|
<xs:attribute name="write-threads" type="xs:integer" use="optional"/>
|
|
<xs:attribute name="task-core-threads" type="xs:integer" use="optional"/>
|
|
<xs:attribute name="task-max-threads" type="xs:integer" use="optional"/>
|
|
<xs:attribute name="task-keepalive" type="xs:integer" use="optional"/>
|
|
<xs:attribute name="task-limit" type="xs:integer" use="optional"/>
|
|
</xs:complexType>
|
|
|
|
|
|
<xs:complexType name="connector">
|
|
<xs:annotation>
|
|
<xs:documentation>
|
|
<![CDATA[
|
|
The configuration of a Remoting connector.
|
|
|
|
The "name" attribute specifies the unique name of this connector.
|
|
|
|
The "socket-binding" attribute specifies the name (or names) of the socket binding(s) to attach to.
|
|
|
|
The optional nested "sasl" element contains the SASL authentication configuration for this connector.
|
|
|
|
The optional nested "authentication-provider" element contains the name of the authentication provider to
|
|
use for incoming connections.
|
|
]]>
|
|
</xs:documentation>
|
|
</xs:annotation>
|
|
<xs:all>
|
|
<xs:element name="sasl" type="sasl" minOccurs="0"/>
|
|
<xs:element name="authentication-provider" type="ref" minOccurs="0"/>
|
|
<xs:element name="properties" type="properties" minOccurs="0"/>
|
|
</xs:all>
|
|
<xs:attribute name="socket-binding" type="name-list" use="required"/>
|
|
<xs:attribute name="name" type="xs:string" use="required"/>
|
|
<xs:attribute name="security-realm" type="xs:string" use="optional"/>
|
|
</xs:complexType>
|
|
|
|
<xs:complexType name="sasl">
|
|
<xs:annotation>
|
|
<xs:documentation>
|
|
<![CDATA[
|
|
The configuration of the SASL authentication layer for this server.
|
|
|
|
The optional nested "include-mechanisms" element contains a whitelist of allowed SASL mechanism names.
|
|
No mechanisms will be allowed which are not present in this list.
|
|
|
|
The optional nested "qop" element contains a list of quality-of-protection values, in decreasing order
|
|
of preference.
|
|
|
|
The optional nested "strength" element contains a list of cipher strength values, in decreasing order
|
|
of preference.
|
|
|
|
The optional nested "reuse-session" boolean element specifies whether or not the server should attempt
|
|
to reuse previously authenticated session information. The mechanism may or may not support such reuse,
|
|
and other factors may also prevent it.
|
|
|
|
The optional nested "server-auth" boolean element specifies whether the server should authenticate to the
|
|
client. Not all mechanisms may support this setting.
|
|
|
|
The optional nested "policy" boolean element specifies a policy to use to narrow down the available set
|
|
of mechanisms.
|
|
]]>
|
|
</xs:documentation>
|
|
</xs:annotation>
|
|
<xs:all>
|
|
<xs:element name="include-mechanisms" type="name-listType" minOccurs="0"/>
|
|
<xs:element name="qop" type="qop-listType" minOccurs="0"/>
|
|
<xs:element name="strength" type="strength" minOccurs="0"/>
|
|
<xs:element name="reuse-session" type="boolean-element" minOccurs="0"/>
|
|
<xs:element name="server-auth" type="boolean-element" minOccurs="0"/>
|
|
<xs:element name="policy" type="policy" minOccurs="0"/>
|
|
<xs:element name="properties" type="properties" minOccurs="0"/>
|
|
</xs:all>
|
|
</xs:complexType>
|
|
|
|
<xs:complexType name="policy">
|
|
<xs:annotation>
|
|
<xs:documentation>
|
|
<![CDATA[
|
|
Policy criteria items to use in order to choose a SASL mechanism.
|
|
|
|
The optional nested "forward-secrecy" element contains a boolean value which specifies whether mechanisms
|
|
that implement forward secrecy between sessions are required. Forward secrecy means that breaking into
|
|
one session will not automatically provide information for breaking into future sessions.
|
|
|
|
The optional nested "no-active" element contains a boolean value which specifies whether mechanisms
|
|
susceptible to active (non-dictionary) attacks are not permitted. "false" to permit, "true" to deny.
|
|
|
|
The optional nested "no-anonymous" element contains a boolean value which specifies whether mechanisms
|
|
that accept anonymous login are permitted. "false" to permit, "true" to deny.
|
|
|
|
The optional nested "no-dictionary" element contains a boolean value which specifies whether mechanisms
|
|
susceptible to passive dictionary attacks are permitted. "false" to permit, "true" to deny.
|
|
|
|
The optional nested "no-plain-text" element contains a boolean value which specifies whether mechanisms
|
|
susceptible to simple plain passive attacks (e.g., "PLAIN") are not permitted. "false" to permit, "true" to deny.
|
|
|
|
The optional nested "pass-credentials" element contains a boolean value which specifies whether
|
|
mechanisms that pass client credentials are required.
|
|
]]>
|
|
</xs:documentation>
|
|
</xs:annotation>
|
|
<xs:all>
|
|
<xs:element name="forward-secrecy" type="boolean-element" minOccurs="0"/>
|
|
<xs:element name="no-active" type="boolean-element" minOccurs="0"/>
|
|
<xs:element name="no-anonymous" type="boolean-element" minOccurs="0"/>
|
|
<xs:element name="no-dictionary" type="boolean-element" minOccurs="0"/>
|
|
<xs:element name="no-plain-text" type="boolean-element" minOccurs="0"/>
|
|
<xs:element name="pass-credentials" type="boolean-element" minOccurs="0"/>
|
|
</xs:all>
|
|
</xs:complexType>
|
|
|
|
<xs:complexType name="boolean-element">
|
|
<xs:annotation>
|
|
<xs:documentation>
|
|
<![CDATA[
|
|
An element specifying a boolean value.
|
|
]]>
|
|
</xs:documentation>
|
|
</xs:annotation>
|
|
<xs:attribute name="value" type="xs:boolean" use="required"/>
|
|
</xs:complexType>
|
|
|
|
<xs:complexType name="name-listType">
|
|
<xs:annotation>
|
|
<xs:documentation>
|
|
<![CDATA[
|
|
An element specifying a string list.
|
|
]]>
|
|
</xs:documentation>
|
|
</xs:annotation>
|
|
<xs:attribute name="value" type="name-list" use="required"/>
|
|
</xs:complexType>
|
|
|
|
<xs:simpleType name="name-list">
|
|
<xs:annotation>
|
|
<xs:documentation>
|
|
<![CDATA[
|
|
A set of string items.
|
|
]]>
|
|
</xs:documentation>
|
|
</xs:annotation>
|
|
<xs:list itemType="xs:string"/>
|
|
</xs:simpleType>
|
|
|
|
<xs:complexType name="qop-listType">
|
|
<xs:annotation>
|
|
<xs:documentation>
|
|
<![CDATA[
|
|
An element specifying a qop list.
|
|
]]>
|
|
</xs:documentation>
|
|
</xs:annotation>
|
|
<xs:attribute name="value" type="qop-list" use="required"/>
|
|
</xs:complexType>
|
|
|
|
<xs:simpleType name="qop-list">
|
|
<xs:annotation>
|
|
<xs:documentation>
|
|
<![CDATA[
|
|
The SASL quality-of-protection value list. See http://download.oracle.com/docs/cd/E17409_01/javase/6/docs/api/javax/security/sasl/Sasl.html#QOP
|
|
for more information.
|
|
]]>
|
|
</xs:documentation>
|
|
</xs:annotation>
|
|
<xs:list>
|
|
<xs:simpleType>
|
|
<xs:restriction base="xs:token">
|
|
<xs:enumeration value="auth"/>
|
|
<xs:enumeration value="auth-int"/>
|
|
<xs:enumeration value="auth-conf"/>
|
|
</xs:restriction>
|
|
</xs:simpleType>
|
|
</xs:list>
|
|
</xs:simpleType>
|
|
|
|
<xs:simpleType name="strength">
|
|
<xs:annotation>
|
|
<xs:documentation>
|
|
<![CDATA[
|
|
The SASL strength value list. See http://download.oracle.com/docs/cd/E17409_01/javase/6/docs/api/javax/security/sasl/Sasl.html#STRENGTH
|
|
for more information.
|
|
]]>
|
|
</xs:documentation>
|
|
</xs:annotation>
|
|
<xs:list>
|
|
<xs:simpleType>
|
|
<xs:restriction base="xs:token">
|
|
<xs:enumeration value="low"/>
|
|
<xs:enumeration value="medium"/>
|
|
<xs:enumeration value="high"/>
|
|
</xs:restriction>
|
|
</xs:simpleType>
|
|
</xs:list>
|
|
</xs:simpleType>
|
|
|
|
<xs:complexType name="properties">
|
|
<xs:annotation>
|
|
<xs:documentation>
|
|
<![CDATA[
|
|
A set of free-form properties.
|
|
]]>
|
|
</xs:documentation>
|
|
</xs:annotation>
|
|
<xs:choice minOccurs="0" maxOccurs="unbounded">
|
|
<xs:element name="property" type="property"/>
|
|
</xs:choice>
|
|
</xs:complexType>
|
|
|
|
<xs:complexType name="property">
|
|
<xs:annotation>
|
|
<xs:documentation>
|
|
<![CDATA[
|
|
A free-form property. The name is required; the value is optional.
|
|
]]>
|
|
</xs:documentation>
|
|
</xs:annotation>
|
|
<xs:attribute name="name" type="xs:string" use="required"/>
|
|
<xs:attribute name="value" type="xs:string" use="optional"/>
|
|
</xs:complexType>
|
|
|
|
<xs:complexType name="ref">
|
|
<xs:annotation>
|
|
<xs:documentation>
|
|
<![CDATA[
|
|
A reference to another named service.
|
|
]]>
|
|
</xs:documentation>
|
|
</xs:annotation>
|
|
<xs:attribute name="name" type="xs:string" use="required"/>
|
|
</xs:complexType>
|
|
|
|
<xs:complexType name="outbound-connectionsType">
|
|
<xs:choice minOccurs="0" maxOccurs="unbounded">
|
|
<xs:element name="local-outbound-connection" type="local-outbound-connectionType" />
|
|
<xs:element name="remote-outbound-connection" type="remote-outbound-connectionType" />
|
|
<xs:element name="outbound-connection" type="outbound-connectionType" />
|
|
</xs:choice>
|
|
</xs:complexType>
|
|
|
|
<xs:complexType name="base-outbound-connectionType">
|
|
<xs:all>
|
|
<xs:element name="properties" type="properties" minOccurs="0"/>
|
|
</xs:all>
|
|
<xs:attribute name="name" type="xs:string" use="required"/>
|
|
</xs:complexType>
|
|
|
|
<xs:complexType name="outbound-connectionType">
|
|
<xs:complexContent>
|
|
<xs:extension base="base-outbound-connectionType">
|
|
<xs:attribute name="uri" type="xs:anyURI" use="required"/>
|
|
</xs:extension>
|
|
</xs:complexContent>
|
|
</xs:complexType>
|
|
|
|
<xs:complexType name="local-outbound-connectionType">
|
|
<xs:complexContent>
|
|
<xs:extension base="base-outbound-connectionType">
|
|
<xs:attribute name="outbound-socket-binding-ref" type="xs:string" use="required"/>
|
|
</xs:extension>
|
|
</xs:complexContent>
|
|
</xs:complexType>
|
|
|
|
<xs:complexType name="remote-outbound-connectionType">
|
|
<xs:complexContent>
|
|
<xs:extension base="base-outbound-connectionType">
|
|
<xs:attribute name="outbound-socket-binding-ref" type="xs:string" use="required"/>
|
|
<xs:attribute name="username" type="xs:string" use="optional"/>
|
|
<xs:attribute name="security-realm" type="xs:string" use="optional"/>
|
|
</xs:extension>
|
|
</xs:complexContent>
|
|
</xs:complexType>
|
|
|
|
</xs:schema>
|