web-j2ee-engine.xsd

Schema Element / Attribute

Description

web-j2ee-engine

The root element for this deployment descriptor. It contains information about the deployed Web applications.

spec-version

Used in: web-j2ee-engine

Configures stopping of the application in the whole cluster in case of a servlet initialization failure. Application start succeeds only in case the initialization of all servlets configured to be initialized during the application startup is successful. If any servlet fails to initialize, then the application remains stopped on all server processes.

Used in: web-j2ee-engine

resource-ref

Contains additional reference's settings for external resources used within the current Web application.

Used in: web-j2ee-engine

Contains: res-ref-name , res-link , non-transactional

res-ref-name

Identifies the name of the defined resource reference. It is the same as specified in web.xml. The name must be unique within the Web application and must be the same as the one specified in the web.xml .

Used in: resource-ref

res-link

Specifies the JNDI name of the resource.

Used in: resource-ref

non-transactional

Specifies if the resource reference is transactional. By default, all references are transactional.

Used in: resource-ref

resource-env-ref

Contains a Web application's reference to an object in the Web application's environment.

Used in: web-j2ee-engine

Contains: resource-env-ref-name , jndi-name

resource-env-ref-name

Identifies the name of the reference to the Web application's environment resource specified in the web.xml of this application. The name must be unique within the Web application and must be the same as the one specified in the web.xml .

Used in: resource-env-ref

jndi-name

The JNDI name of the resource.

Used in: resource-env-ref , ejb-ref , ejb-local-ref , server-component-ref , message-destination , message-destination-ref

ejb-ref

Contains a reference to an enterprise bean in the Web application.

Used in: web-j2ee-engine

Contains: ejb-ref-name , jndi-name

ejb-ref-name

Identifies the name of the enterprise bean reference as specified in the web.xml of the current application. The name must be unique within the Web application and must be the same as the one specified in the web.xml .

Used in: ejb-ref , ejb-local-ref

ejb-local-ref

Describes a reference to enterprise bean's local home.

Used in: web-j2ee-engine

Contains: ejb-ref-name , jndi-name

server-component-ref

Describes a reference to a specific server component.

Used in: web-j2ee-engine

Contains: description , name , type , jndi-nam e

description

Description of the reference.

Used in: server-component-ref

name

Specifies the name of a component in the current Web application.

Used in: server-component-ref , option

type

Specifies the server component type. It can be SERVICE or INTERFACE . This value is case sensitive.

Used in: server-component-ref

message-destination

Specifies a message destination.

Contains: mess age-destination-name , jndi-name

message-destination-name

Specifies a name for a message destination. The name must be unique within the Web application and must be the same as the one specified in the web.xml .

Used in: message-destination

message-destination -ref

Specifies a message destination reference.

Used in: web-j2ee-engine

Contains: message-destination- ref- name , jndi-name

message-destination- ref- name

Specifies a name for a message destination reference. The name must be unique within the Web application and must be the same as the one specified in the web.xml .

Used in: message-destination

security-role-map

Describes the Web application's security roles that are mapped to AS Java security roles.

Used in: web-j2ee-engine

Contains: role-name , server-role-name

programmatic-security-against

Describes the programmatic security policy to be used in the application. It can have one of the following two values:

• CALLER-IDENTITY

  You should use this value in all cases except in the cases stated for the RUNAS-INDENTITY value.

• RUNAS-IDENTITY

  Use this value if all of the following conditions are available:

  1. Your application has run-as identity roles ( run-as tags) defined for some servlet

  2. You use programmatic security, namely, one of the HttpServletRequest methods: isUserInRole(role) , getRemoteUser() or getUserPrincipal() .

  3. The remote user (caller, client) is in a different role from the one defined in the run-as tag.

  With older-version Web modules (version 2.3 or less), which have no programmatic security specified, the RUNAS-IDENTITY value is assumed, and a warning message appears during deployment. If you want to avoid the warning message, upgrade the application to Servlet version 2.5/JSP version 2.1 or specify an explicit value to the programmatic-security-against tag.

• Used in: web-j2ee-engine

role-name

Specifies the name of the security role. The name must be unique within the Web application and must be the same as the one specified in the web.xml .

Used in: security-role-map

server-role-name

Specifies the name of the server roles that are mapped to specific Web application's security roles. The server roles are: administrators , guests , all and any other string literal.

Used in: security-role-map

response-status

Defines response status codes for HTTP responses and their reason phrases as specified in HTTP 1.1 protocol.

Used in: web-j2ee-engine

Contains: status-code , reason-phrase

status-code

This type defines custom HTTP response codes (in addition to the standard ones defined by the HTTP 1.1 specification in RFC #2616) that the Web Container uses to reply to the users of the Web application in certain cases. The value must be an Integer between 100 (exclusive) and 999 (inclusive) as the following code values are not permitted: 200, 201, 202, 203, 204, 205, 206, 300, 301, 302, 303, 304, 305, 306, 307, 400, 401, 402, 403, 404, 405, 406, 407, 408, 409, 410, 411, 412, 413, 414, 415, 500, 501, 502, 503, 504, 505. The value must be unique within the Web application.

Used in: response-status

reason-phrase

Specifies the reason phrase for the described response code.

Used in: response-status

fail-over-alert

Defines an alert message warning that the server node on which the user session is running is shut down.

Example:

<fail-over-alert>

<message>

Warning! This server node will be shut down.

</message>

<message-timeout>

15

</message-timeout>

</fail-over-alert>

Used in: web-j2ee-engine

Contains: message , timeout

message

Specifies the text of alert message warning you that the server node is shutting down.

Used in: fail-over-alert

timeout

Specifies the timeout (in minutes) after which the server node is shutting down. The displayed alert message warns you about the specified timeout period. By default, the value is 120000 .

Used in: fail-over-alert

login-module-configuration

Defines login modules and password changing settings for a particular Web application.

Used in: web-j2ee-engine

Contains: login-module-stack , password-change-config , security-policy-domain

login-module-stack

Contains login modules within the current Web application.

Used in: login-module-configuration

Contains: lo gin-module

login-module

Contains a particular login module's settings. It defines the authentication method and its priority.

Used in: login-module-stack

Contains: l ogin-module-name , flag , options

login-module-name

The login-module-name element specifies the name of the particular login module.

Example:

<login-module-name>

com.sap.engine.services.userstore.jaas.

BasicPasswordLoginModule

</login-module-name>

Used in: login-module

flag

The flag element specifies the priority of the authentication method in the login module. The options are:

• OPTIONAL

• REQUIRED

• REQUISITE

• SUFFICIENT

  Example:

  <flag>REQUIRED</flag>

  Used in: login-module

options

Contains specific features for the particular login module.

Used in: login-module

Contains: option

option

Defines specific login module option. Each option is in key=value format.

Example:

<option>

<name>debug</name>

<value>true</value>

</option>

Used in: options

Contains: name , value

value

Specifies the value of the login module specific option.

Used in: option

password-change-config

Defines the login page and the error page enabling you to change the login password for your Web application.

Used in: login-module-configuration

Contains: login-page , error-page

login-page

Specifies the login page that is displayed when the login password for the user expires and you have to set a new one.

Used in: password-change-config

error-page

Specifies the error page, displayed when the login fails.

Used in: password-change-config

security-policy-domain

Defines the security domain for a particular Web application. The default value is /<alias-name> .

Used in: login-module-configuration

url-session-tracking

Specifies if session tracking is performed using cookies, or encoded directly in the URL using URL rewriting mechanism. Accepts Boolean values (true/false). By default, the url-session-tracking tag has false value, which means cookies are used if the client accepts cookies, otherwise URL rewriting is used. If the tag is set to true , the URL rewriting is always used.

Used in: web-j2ee-engine

max-sessions

Specifies the maximum number of user sessions to an application.

Used in: web-j2ee-engine

cookie-config

Contains a description of the session or the application cookie.

Used in: web-j2ee-engine

Contains: cookie

cookie

Specifies the attributes that the Web Container uses when creating the session or the application cookie.

Used in: cookie-con fig

Contains: type , path , domain , max-age

type

Specifies the type of the cookie. It must be SESSION or APPLICATION . These are used as follows:

• SESSION specifies a jsessionid type of cookie (session cookie)

• APPLICATION specifies a saplb type of cookie (application cookie)

  More information: AS Java Cookies

  The default is SESSION . The value must be unique within the Web application.

  Used in: cookie

path

Specifies the path to which the cookie is set. The possible values for this element are:

• APPLICATION - the Web Container sets the path value to / <alias-name> /

• NONE - the Web Container does not set a path attribute

• Custom specified string - the Web Container uses this string as a path value.

  By default, if this tag is missing or empty, the Web Container sets / as value of the path attribute.

  Used in: cookie

domain

Specifies the domain of the cookie. It can be:

• SERVER - the Web Container sets a domain value as the host name from the request

• NONE - the Web Container does not set a domain attribute, that is, it is valid for the requested host only.

• Custom specified string - the Web Container uses this string for domain value.

  By default, if this tag is missing or empty, the Web Container sets NONE as value of the domain attribute.

  Used in: cookie

max-age

Defines the lifetime of the cookie. A positive integer number specifies the seconds after which the cookie expires. If the value is 0, the HTTP client discards the cookie. If the value is not set, the cookie expires with the end of the HTTP session.

By default, the lifetime value is not set.

Used in: cookie

get-request-url-mode

Determines the behavior of the getRequestURL() method of the HttpServletRequest object when it is called from a forwarded JSP or servlet. Possible values are REQUEST-DISPATCHER or CLIENT .

If the REQUEST-DISPATCHER value is set, then the getRequestURL() method returns the URL of the Servlet or JSP to which the request has been forwarded.

If the value is CLIENT , then the method returns the URL of the Servlet or JSP that has been called by the client.

By default, it is REQUEST-DISPATCHER .

Used in: web-j2ee-engine