web-2/wildfly/docs/schema/jboss-ejb-iiop_2_0.xsd

<?xml version="1.0" encoding="UTF-8"?>
<!--
~ JBoss, Home of Professional Open Source
~ Copyright 2022, Red Hat, Inc., and individual contributors as indicated
~ by the @authors tag.
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<xs:schema xmlns="urn:iiop" xmlns:jakartaee="https://jakarta.ee/xml/ns/jakartaee"
           xmlns:xs="http://www.w3.org/2001/XMLSchema"
           xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
           attributeFormDefault="unqualified" elementFormDefault="qualified"
           targetNamespace="urn:iiop" version="2.0"
           xsi:schemaLocation="https://jakarta.ee/xml/ns/jakartaee https://www.jboss.org/schema/jbossas/jboss-ejb3-spec-4_0.xsd">
   <xs:import namespace="https://jakarta.ee/xml/ns/jakartaee" schemaLocation="https://www.jboss.org/schema/jbossas/jboss-ejb3-spec-4_0.xsd"/>

   <xs:element name="iiop" type="iiopConfigType" substitutionGroup="jakartaee:assembly-descriptor-entry"/>

   <xs:complexType name="iiopConfigType">
      <xs:complexContent>
         <xs:extension base="jakartaee:jboss-assembly-descriptor-bean-entryType">
            <xs:annotation>
               <xs:documentation>
                  <![CDATA[
                  The iiop element contains the IIOP settings that are to be applied to an EJB. It must identify the
                  bean to which the settings apply via the ejb-name sub-element. A wildcard "*" is allowed to convey
                  that the settings are to be applied to all EJBs in the deployment.

                  The binding-name sub-element can be used to specify the name that must be used to bind the EJB IOR
                  in the COSNaming service. If a wildcard "*" is used as bean-name, this setting is ignored.

                  The ior-security-config sub-element contains the security settings that are to be inserted into the
                  EJB IOR. These include transport config requirements, authentication service settings, and secure
                  attribute service settings. If a wildcard "*" is used as bean-name, the IOR settings will be applied
                  to all beans in the deployment, except for the ones that override these settings in their own iiop
                  element.
                  ]]>
               </xs:documentation>
            </xs:annotation>
            <xs:sequence>
               <xs:element name="binding-name" type="xs:string" minOccurs="0" maxOccurs="1"/>
               <xs:element name="ior-security-config" type="iorSecurityConfigType"/>
            </xs:sequence>
         </xs:extension>
      </xs:complexContent>
   </xs:complexType>

   <xs:complexType name="iorSecurityConfigType">
      <xs:annotation>
         <xs:documentation>
             <![CDATA[
             The iorSecurityConfigType specifies the elements that can be used to configure security constraints of IIOP
             enabled EJB3 beans.

             - transport-config: contains the attributes that are used to specify the transport security requirements.
             - as-context: contains the attributes that are used to configure the authentication service (AS) context.
             - sas-context: contains the attributes that are used to configure the security attribute service (SAS) context.
                     ]]>
         </xs:documentation>
      </xs:annotation>
      <xs:sequence>
         <xs:element name="transport-config" type="iorTransportConfigType" minOccurs="0" maxOccurs="1"/>
         <xs:element name="as-context" type="iorASContextType" minOccurs="0" maxOccurs="1"/>
         <xs:element name="sas-context" type="iorSASContextType" minOccurs="0" maxOccurs="1"/>
      </xs:sequence>
   </xs:complexType>

   <xs:complexType name="iorTransportConfigType">
      <xs:annotation>
         <xs:documentation>
             <![CDATA[
             The iorTransportConfigType specifies attributes that can be used to configure the transport requirements of
             an IIOP enabled EJB3 bean.

             * integrity: indicates if the server (target) supports integrity protected messages. The valid values are
                          NONE, SUPPORTED or REQUIRED.
             * confidentiality: indicates if the server (target) supports privacy protected messages. The values are
                          NONE, SUPPORTED or REQUIRED.
             * detect-misordering: indicates if the server (target) supports detection of message sequence errors. The
                          values are NONE, SUPPORTED or REQUIRED.
             * detect-replay: indicates if the server (target) supports detection of message replay attempts. The values
                          are NONE, SUPPORTED or REQUIRED.
             * establish-trust-in-client: indicates if the target is capable of authenticating a client. The values are
                          NONE, SUPPORTED or REQUIRED.
             * establish-trust-in-target: indicates if the target is capable of authenticating to a client. The values
                         are NONE or SUPPORTED.
                     ]]>
         </xs:documentation>
      </xs:annotation>
      <xs:attribute name="integrity" type="xs:string" use="required"/>
      <xs:attribute name="confidentiality" type="xs:string" use="required"/>
      <xs:attribute name="detect-misordering" type="xs:string" use="optional" default="NONE"/>
      <xs:attribute name="detect-replay" type="xs:string" use="optional" default="NONE"/>
      <xs:attribute name="establish-trust-in-client" type="xs:string" use="required"/>
      <xs:attribute name="establish-trust-in-target" type="xs:string" use="required"/>
   </xs:complexType>

    <xs:complexType name="iorASContextType">
       <xs:annotation>
          <xs:documentation>
              <![CDATA[
              The iorASConfigType specifies attributes that can be used to configure the authentication service (AS) context.

              * auth-method:describes the authentication method. The only supported values are USERNAME_PASSWORD and NONE.
              * realm: describes the realm in which the user is authenticated. Must be a valid realm that is registered
                       in server configuration.
              * required: specifies if the supplied authentication method is required to be used for client authentication.
                       If so the EstablishTrustInClient bit will be set in the target_requires field of the AS_Context.
                       The attribute value is either true or false.
                      ]]>
          </xs:documentation>
       </xs:annotation>
       <xs:attribute name="auth-method" type="xs:string" use="required"/>
       <xs:attribute name="realm" type="xs:string" use="required"/>
       <xs:attribute name="required" type="xs:string" use="required"/>
    </xs:complexType>

    <xs:complexType name="iorSASContextType">
       <xs:annotation>
          <xs:documentation>
              <![CDATA[
              The iorASConfigType specifies attributes that can be used to configure the security attribute service.

              * caller-propagation: indicates if the target will accept propagated caller identities The values are
                       NONE or SUPPORTED.
                      ]]>
          </xs:documentation>
       </xs:annotation>
       <xs:attribute name="caller-propagation" type="xs:string" use="required"/>
    </xs:complexType>

</xs:schema>