45 lines
2.1 KiB
XML
45 lines
2.1 KiB
XML
<?xml version="1.0" encoding="UTF-8"?>
|
|
|
|
<!--
|
|
~ Copyright The WildFly Authors
|
|
~ SPDX-License-Identifier: Apache-2.0
|
|
-->
|
|
|
|
<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema"
|
|
targetNamespace="urn:security:1.1"
|
|
xmlns="urn:security:1.1"
|
|
xmlns:javaee="http://java.sun.com/xml/ns/javaee"
|
|
elementFormDefault="qualified"
|
|
attributeFormDefault="unqualified"
|
|
version="1.1">
|
|
<xs:import namespace="http://java.sun.com/xml/ns/javaee"/>
|
|
|
|
<xs:element name="security" type="securityType" substitutionGroup="javaee:assembly-descriptor-entry"/>
|
|
|
|
<xs:complexType name="securityType">
|
|
<xs:complexContent>
|
|
<xs:extension base="javaee:jboss-assembly-descriptor-bean-entryType">
|
|
<xs:sequence>
|
|
<xs:element name="security-domain" type="xs:string" minOccurs="0"/>
|
|
<xs:element name="run-as-principal" type="xs:string" minOccurs="0"/>
|
|
<xs:element name="missing-method-permissions-deny-access" type="xs:boolean" minOccurs="0">
|
|
<xs:annotation>
|
|
<xs:documentation>
|
|
<![CDATA[
|
|
If an EJB is secured but certain methods haven't been marked with explicit roles or @PermitAll/@DenyAll
|
|
then the EJB container uses this missing-method-permissions-deny-access element to decide whether or not
|
|
access is allowed to such methods.
|
|
Setting this element to true will prevent access to this by any role (i.e.
|
|
the method is as good as being marked as @DenyAll).
|
|
Setting this element to false will allow access to this method by any role (i.e. the method is as
|
|
good as being marked as @PemitAll)
|
|
|
|
]]>
|
|
</xs:documentation>
|
|
</xs:annotation>
|
|
</xs:element>
|
|
</xs:sequence>
|
|
</xs:extension>
|
|
</xs:complexContent>
|
|
</xs:complexType>
|
|
</xs:schema> |