An XML schema used for producing XML files for the creation of Web Deployment Descriptor object.
Use the XML file based on this schema to create or configure the Web deployment descriptor settings.
The web-j2ee-engine.xsd has the following structure:
XML Schema Description
Schema Element / Attribute |
Description |
web-j2ee-engine |
The root element for this deployment descriptor. It contains information about the deployed Web applications. |
spec-version |
The spec-version is for internal purposes only. You should not modify the value stored in the tag. Used in: web-j2ee-engine |
resource-ref |
Contains additional reference’s settings for external resources used within the current Web application. Used in: web-j2ee-engine. Contains: res-ref-name, res-link, non-transactional. |
res-ref-name |
Identifies the name of the defined resource reference. It is the same as specified in web.xml. The name must be unique within the Web application and must be the same as the one specified in the web.xml. Used in: resource-ref |
res-link |
Specifies the JNDI name of the resource. Used in: resource-ref |
non-transactional |
Specifies if the resource reference is transactional. By default, all references are transactional. Used in: resource-ref |
resource-env-ref |
Contains a Web application’s reference to an object in the Web application’s environment. Used in: web-j2ee-engine Contains: resource-env-ref-name, jndi-name |
resource-env-ref-name |
Identifies the name of the reference to the Web application’s environment resource specified in the web.xml of this application. The name must be unique within the Web application and must be the same as the one specified in the web.xml. Used in: resource-env-ref |
jndi-name |
The JNDI name of the resource. Used in: resource-env-ref, ejb-ref, ejb-local-ref, server-component-ref, message-destination, message-destination-ref. |
ejb-ref |
Contains a reference to an enterprise bean in the Web application. Used in: web-j2ee-engine. Contains: ejb-ref-name, jndi-name. |
ejb-ref-name |
Identifies the name of the enterprise bean reference as specified in the web.xml of the current application. The name must be unique within the Web application and must be the same as the one specified in the web.xml. Used in: ejb-ref, ejb-local-ref. |
ejb-local-ref |
Describes a reference to enterprise bean’s local home. Used in: web-j2ee-engine. Contains: ejb-ref-name, jndi-name. |
server-component-ref |
Describes a reference to a specific server component. Used in: web-j2ee-engine. Contains: description, name, type, jndi-name. |
description |
Description of the reference. Used in: server-component-ref. |
name |
Specifies the name of a component in the current Web application. Used in: server-component-ref, option. |
type |
Specifies the server component type. It can be SERVICE or INTERFACE. This value is case sensitive. Used in: server-component-ref. |
message-destination |
Specifies a message destination. Contains: message-destination-name, jndi-name. |
message-destination-name |
Specifies a name for a message destination. The name must be unique within the Web application and must be the same as the one specified in the web.xml. Used in: message-destination. |
message-destination-ref |
Specifies a message destination reference. Used in: web-j2ee-engine. Contains: message-destination-ref-name, jndi-name. |
message-destination-ref-name |
Specifies a name for a message destination reference. The name must be unique within the Web application and must be the same as the one specified in the web.xml. Used in: message-destination. |
security-role-map |
Describes the Web application’s security roles that are mapped to AS Java security roles. Used in: web-j2ee-engine. Contains: role-name, server-role-name. |
programmatic-security-against |
Describes the programmatic security policy to be used in the application. It can have one of the following two values: ● CALLER-IDENTITY You should use this value in all cases except in the cases stated for the RUNAS-INDENTITY value. ● RUNAS-IDENTITY Use this value if all of the following conditions are available: ... a. Your application has run-as identity roles (run-as tags) defined for some servlet b. You use programmatic security, namely, one of the HttpServletRequest methods: isUserInRole(role), getRemoteUser() or getUserPrincipal(). c. The remote user (caller, client) is in a different role from the one defined in the run-as tag. With older-version Web modules (version 2.3 or less), which have no programmatic security specified, the RUNAS-IDENTITY value will be assumed, and a warning message will appear during deployment. If you want to avoid the warning message, upgrade the application to Servlet version 2.5/JSP version 2.1 or specify an explicit value to the programmatic-security-against tag. Used in: web-j2ee-engine |
role-name |
Specifies the name of the security role. The name must be unique within the Web application and must be the same as the one specified in the web.xml. Used in: security-role-map. |
server-role-name |
Specifies the name of the server roles that are mapped to specific Web application’s security roles. The server roles are: administrators, guests, all and any other string literal. Used in: security-role-map. |
response-status |
Defines response status codes for HTTP responses and their reason phrases as specified in HTTP 1.1 protocol. Used in: web-j2ee-engine. Contains: status-code, reason-phrase. |
status-code |
This type defines custom HTTP response codes (in addition to the standard ones defined by the HTTP 1.1 specification in RFC #2616) that the Web Container uses to reply to the users of the Web application in certain cases. The value must be an Integer between 100 (exclusive) and 999 (inclusive) as the following code values are not permitted: 200, 201, 202, 203, 204, 205, 206, 300, 301, 302, 303, 304, 305, 306, 307, 400, 401, 402, 403, 404, 405, 406, 407, 408, 409, 410, 411, 412, 413, 414, 415, 500, 501, 502, 503, 504, 505. The value must be unique within the Web application. Used in: response-status |
reason-phrase |
Specifies the reason phrase for the described response code. Used in: response-status |
fail-over-alert |
Defines an alert message warning that the server node on which the user session is running will be shut down. Example: <fail-over-alert> <message> Warning! This server node will be shut down. </message> <message-timeout> 15 </message-timeout> </fail-over-alert> Used in: web-j2ee-engine Contains: message, timeout. |
message |
Specifies the text of alert message warning you that the server node will be shut down. Used in: fail-over-alert. |
timeout |
Specifies the timeout (in minutes) after which the server node will be shut down. The displayed alert message warns you about the specified timeout period. By default the value is 120000. Used in: fail-over-alert |
login-module-configuration |
Defines login modules and password changing settings for a particular Web application. Used in: web-j2ee-engine. Contains: login-module-stack, password-change-config, security-policy-domain. |
login-module-stack |
Contains login modules within the current Web application. Used in: login-module-configuration. Contains: login-module. |
login-module |
Contains a particular login module’s settings. It defines the authentication method and its priority. Used in: login-module-stack. Contains: login-module-name, flag, options. |
login-module-name |
The login-module-name element specifies the name of the particular login module. Example: <login-module-name> com.sap.engine.services.userstore.jaas.BasicPasswordLoginModule </login-module-name> Used in: login-module. |
flag |
The flag element specifies the priority of the authentication method in the login module. The options are: ● OPTIONAL ● REQUIRED ● REQUISITE ● SUFFICIENT Example: <flag>REQUIRED</flag> Used in: login-module. |
options |
Contains specific features for the particular login module. Used in: login-module. Contains: option. |
option |
Defines specific login module option. Each option is in key=value format. Example: <option> <name>debug</name> <value>true</value> </option> Used in: options. Contains: name, value. |
value |
Specifies the value of the login module specific option. Used in: option. |
password-change-config |
Defines the login page and the error page enabling you to change the login password for your Web application. Used in: login-module-configuration. Contains: login-page, error-page. |
login-page |
Specifies the login page that is displayed when the login password for the user expires and you have to set a new one. Used in: password-change-config. |
error-page |
Specifies the error page, displayed when the login fails. Used in: password-change-config. |
security-policy-domain |
Defines the security domain for a particular Web application. The default value is alias-name (where "/" is replaced with "*"). The "/" is used for separator between security policy domains. Used in: login-module-configuration. |
url-session-tracking |
Specifies if session tracking is performed using cookies, or encoded directly in the URL using URL rewriting mechanism. Accepts Boolean values (true/false). By default, the <url-session-tracking> tag has false value, which means cookies are used if the client accepts cookies, otherwise URL rewriting is used. If the tag is set to true, the URL rewriting is always used. Used in: web-j2ee-engine. |
max-sessions |
Specifies the maximum number of user sessions to an application. Used in: web-j2ee-engine. |
cookie-config |
Contains a description of the session or load balancing cookies. Used in: web-j2ee-engine. Contains: cookie. |
cookie |
Specifies the attributes that the Web Container will use when creating the session or load balancing cookies. Used in: cookie-config. Contains: type, path, domain, max-age. |
type |
Specifies the type of the cookie. It must be SESSION or APPLICATION. These are used as follows: ● SESSION specifies a jsessionid type of cookie ● APPLICATION specifies a saplb type of cookie (load-balancing cookie) More information: AS Java Cookies. The default is SESSION. The value must be unique within the Web application. Used in: cookie. |
path |
Specifies the path to which the cookie is set. The possible values for this element are: ● APPLICATION - the Web Container will set the path value to "/ " + alias-name + "/ " ● NONE - the Web Container will not set a path attribute ● Custom specified string - the Web Container will use this string for path value. The default behavior if the tag is missing is as follows: ● If the cookie description does not contain any information about the cookie, the Web Container will set "/" for path attribute value ● If the cookie description contains some information, such as type, max-age or domain, the Web Container will set path value equal to APPLICATION value, that is "/ " + alias-name + "/ ". By default, if this tag is missing, the Web Container will set "/" for path attribute value. Used in: cookie |
domain |
Specifies the domain of the cookie. It can be: ● SERVER - the Web Container will set a domain value as the host name from the request ● NONE - the Web Container will not set a domain attribute ● Custom specified string - the Web Container will use this string for domain value. By default, it is SERVER. Used in: cookie |
max-age |
Defines the lifetime of the cookie. A positive integer number specifies the seconds after which the cookie expires. If the value is 0, the HTTP client discards the cookie. If the value is not set, the cookie expires with the end of the HTTP session. By default, the lifetime value is not set. Used in: cookie |
get-request-url-mode |
Determines the behavior of the getRequestURL() method of the HttpServletRequest object when it is called from a forwarded JSP or servlet. Possible values are REQUEST-DISPATCHER or CLIENT. If the REQUEST-DISPATCHER value is set, then the getRequestURL() method returns the URL of the Servlet or JSP to which the request has been forwarded. If the value is CLIENT, then the method returns the URL of the Servlet or JSP that has been called by the client. By default, it is REQUEST-DISPATCHER. Used in: web-j2ee-engine |