web-j2ee-engine.xsd (SAP Library - Developing Java EE 5 Applications)

Show TOC

web-j2ee-engine.xsd

Definition

An XML schema used for producing XML files for the creation of Web Deployment Descriptor object.

Use

Use the XML file based on this schema to create or configure the Web deployment descriptor settings.

Structure

The web-j2ee-engine.xsd has the following structure:

This graphic is explained in the accompanying text

XML Schema Description

Schema Element / Attribute	Description
web-j2ee-engine	The root element for this deployment descriptor. It contains information about the deployed Web applications.
spec-version	The spec-version is for internal purposes only. You should not modify the value stored in the tag. Used in: web-j2ee-engine
resource-ref	Contains additional reference’s settings for external resources used within the current Web application. Used in: web-j2ee-engine. Contains: res-ref-name, res-link, non-transactional.
res-ref-name	Identifies the name of the defined resource reference. It is the same as specified in web.xml. The name must be unique within the Web application and must be the same as the one specified in the web.xml. Used in: resource-ref
res-link	Specifies the JNDI name of the resource. Used in: resource-ref
non-transactional	Specifies if the resource reference is transactional. By default, all references are transactional. Used in: resource-ref
resource-env-ref	Contains a Web application’s reference to an object in the Web application’s environment. Used in: web-j2ee-engine Contains: resource-env-ref-name, jndi-name
resource-env-ref-name	Identifies the name of the reference to the Web application’s environment resource specified in the web.xml of this application. The name must be unique within the Web application and must be the same as the one specified in the web.xml. Used in: resource-env-ref
jndi-name	The JNDI name of the resource. Used in: resource-env-ref, ejb-ref, ejb-local-ref, server-component-ref, message-destination, message-destination-ref.
ejb-ref	Contains a reference to an enterprise bean in the Web application. Used in: web-j2ee-engine. Contains: ejb-ref-name, jndi-name.
ejb-ref-name	Identifies the name of the enterprise bean reference as specified in the web.xml of the current application. The name must be unique within the Web application and must be the same as the one specified in the web.xml. Used in: ejb-ref, ejb-local-ref.
ejb-local-ref	Describes a reference to enterprise bean’s local home. Used in: web-j2ee-engine. Contains: ejb-ref-name, jndi-name.
server-component-ref	Describes a reference to a specific server component. Used in: web-j2ee-engine. Contains: description, name, type, jndi-name.
description	Description of the reference. Used in: server-component-ref.
name	Specifies the name of a component in the current Web application. Used in: server-component-ref, option.
type	Specifies the server component type. It can be SERVICE or INTERFACE. This value is case sensitive. Used in: server-component-ref.
message-destination	Specifies a message destination. Contains: message-destination-name, jndi-name.
message-destination-name	Specifies a name for a message destination. The name must be unique within the Web application and must be the same as the one specified in the web.xml. Used in: message-destination.
message-destination-ref	Specifies a message destination reference. Used in: web-j2ee-engine. Contains: message-destination-ref-name, jndi-name.
message-destination-ref-name	Specifies a name for a message destination reference. The name must be unique within the Web application and must be the same as the one specified in the web.xml. Used in: message-destination.
security-role-map	Describes the Web application’s security roles that are mapped to AS Java security roles. Used in: web-j2ee-engine. Contains: role-name, server-role-name.
programmatic-security-against	Describes the programmatic security policy to be used in the application. It can have one of the following two values: ● CALLER-IDENTITY You should use this value in all cases except in the cases stated for the RUNAS-INDENTITY value. ● RUNAS-IDENTITY Use this value if all of the following conditions are available: ... a. Your application has run-as identity roles (run-as tags) defined for some servlet b. You use programmatic security, namely, one of the HttpServletRequest methods: isUserInRole(role), getRemoteUser() or getUserPrincipal(). c. The remote user (caller, client) is in a different role from the one defined in the run-as tag. With older-version Web modules (version 2.3 or less), which have no programmatic security specified, the RUNAS-IDENTITY value will be assumed, and a warning message will appear during deployment. If you want to avoid the warning message, upgrade the application to Servlet version 2.5/JSP version 2.1 or specify an explicit value to the programmatic-security-against tag. Used in: web-j2ee-engine
role-name	Specifies the name of the security role. The name must be unique within the Web application and must be the same as the one specified in the web.xml. Used in: security-role-map.
server-role-name	Specifies the name of the server roles that are mapped to specific Web application’s security roles. The server roles are: administrators, guests, all and any other string literal. Used in: security-role-map.
response-status	Defines response status codes for HTTP responses and their reason phrases as specified in HTTP 1.1 protocol. Used in: web-j2ee-engine. Contains: status-code, reason-phrase.
status-code	This type defines custom HTTP response codes (in addition to the standard ones defined by the HTTP 1.1 specification in RFC #2616) that the Web Container uses to reply to the users of the Web application in certain cases. The value must be an Integer between 100 (exclusive) and 999 (inclusive) as the following code values are not permitted: 200, 201, 202, 203, 204, 205, 206, 300, 301, 302, 303, 304, 305, 306, 307, 400, 401, 402, 403, 404, 405, 406, 407, 408, 409, 410, 411, 412, 413, 414, 415, 500, 501, 502, 503, 504, 505. The value must be unique within the Web application. Used in: response-status
reason-phrase	Specifies the reason phrase for the described response code. Used in: response-status
fail-over-alert	Defines an alert message warning that the server node on which the user session is running will be shut down. Example: <fail-over-alert> <message> Warning! This server node will be shut down. </message> <message-timeout> 15 </message-timeout> </fail-over-alert> Used in: web-j2ee-engine Contains: message, timeout.
message	Specifies the text of alert message warning you that the server node will be shut down. Used in: fail-over-alert.
timeout	Specifies the timeout (in minutes) after which the server node will be shut down. The displayed alert message warns you about the specified timeout period. By default the value is 120000. Used in: fail-over-alert
login-module-configuration	Defines login modules and password changing settings for a particular Web application. Used in: web-j2ee-engine. Contains: login-module-stack, password-change-config, security-policy-domain.
login-module-stack	Contains login modules within the current Web application. Used in: login-module-configuration. Contains: login-module.
login-module	Contains a particular login module’s settings. It defines the authentication method and its priority. Used in: login-module-stack. Contains: login-module-name, flag, options.
login-module-name	The login-module-name element specifies the name of the particular login module. Example: <login-module-name> com.sap.engine.services.userstore.jaas.BasicPasswordLoginModule </login-module-name> Used in: login-module.
flag	The flag element specifies the priority of the authentication method in the login module. The options are: ● OPTIONAL ● REQUIRED ● REQUISITE ● SUFFICIENT Example: <flag>REQUIRED</flag> Used in: login-module.
options	Contains specific features for the particular login module. Used in: login-module. Contains: option.
option	Defines specific login module option. Each option is in key=value format. Example: <option> <name>debug</name> <value>true</value> </option> Used in: options. Contains: name, value.
value	Specifies the value of the login module specific option. Used in: option.
password-change-config	Defines the login page and the error page enabling you to change the login password for your Web application. Used in: login-module-configuration. Contains: login-page, error-page.
login-page	Specifies the login page that is displayed when the login password for the user expires and you have to set a new one. Used in: password-change-config.
error-page	Specifies the error page, displayed when the login fails. Used in: password-change-config.
security-policy-domain	Defines the security domain for a particular Web application. The default value is alias-name (where "/" is replaced with "*"). The "/" is used for separator between security policy domains. Used in: login-module-configuration.
url-session-tracking	Specifies if session tracking is performed using cookies, or encoded directly in the URL using URL rewriting mechanism. Accepts Boolean values (true/false). By default, the <url-session-tracking> tag has false value, which means cookies are used if the client accepts cookies, otherwise URL rewriting is used. If the tag is set to true, the URL rewriting is always used. Used in: web-j2ee-engine.
max-sessions	Specifies the maximum number of user sessions to an application. Used in: web-j2ee-engine.
cookie-config	Contains a description of the session or load balancing cookies. Used in: web-j2ee-engine. Contains: cookie.
cookie	Specifies the attributes that the Web Container will use when creating the session or load balancing cookies. Used in: cookie-config. Contains: type, path, domain, max-age.
type	Specifies the type of the cookie. It must be SESSION or APPLICATION. These are used as follows: ● SESSION specifies a jsessionid type of cookie ● APPLICATION specifies a saplb type of cookie (load-balancing cookie) More information: AS Java Cookies. The default is SESSION. The value must be unique within the Web application. Used in: cookie.
path	Specifies the path to which the cookie is set. The possible values for this element are: ● APPLICATION - the Web Container will set the path value to "/ " + alias-name + "/ " ● NONE - the Web Container will not set a path attribute ● Custom specified string - the Web Container will use this string for path value. The default behavior if the tag is missing is as follows: ● If the cookie description does not contain any information about the cookie, the Web Container will set "/" for path attribute value ● If the cookie description contains some information, such as type, max-age or domain, the Web Container will set path value equal to APPLICATION value, that is "/ " + alias-name + "/ ". By default, if this tag is missing, the Web Container will set "/" for path attribute value. Used in: cookie
domain	Specifies the domain of the cookie. It can be: ● SERVER - the Web Container will set a domain value as the host name from the request ● NONE - the Web Container will not set a domain attribute ● Custom specified string - the Web Container will use this string for domain value. By default, it is SERVER. Used in: cookie
max-age	Defines the lifetime of the cookie. A positive integer number specifies the seconds after which the cookie expires. If the value is 0, the HTTP client discards the cookie. If the value is not set, the cookie expires with the end of the HTTP session. By default, the lifetime value is not set. Used in: cookie
get-request-url-mode	Determines the behavior of the getRequestURL() method of the HttpServletRequest object when it is called from a forwarded JSP or servlet. Possible values are REQUEST-DISPATCHER or CLIENT. If the REQUEST-DISPATCHER value is set, then the getRequestURL() method returns the URL of the Servlet or JSP to which the request has been forwarded. If the value is CLIENT, then the method returns the URL of the Servlet or JSP that has been called by the client. By default, it is REQUEST-DISPATCHER. Used in: web-j2ee-engine