Glassfish example source code file (sun-domain_1_0.dtd)
The Glassfish sun-domain_1_0.dtd source code
<?xml version='1.0' encoding='UTF-8' ?>
<!--
The contents of this file are subject to the terms
of the Common Development and Distribution License
(the "License"). You may not use this file except
in compliance with the License.
You can obtain a copy of the license at
glassfish/bootstrap/legal/CDDLv1.0.txt or
https://glassfish.dev.java.net/public/CDDLv1.0.html.
See the License for the specific language governing
permissions and limitations under the License.
When distributing Covered Code, include this CDDL
HEADER in each file and include the License file at
glassfish/bootstrap/legal/CDDLv1.0.txt. If applicable,
add the following below this CDDL HEADER, with the
fields enclosed by brackets "[]" replaced with your
own identifying information: Portions Copyright [yyyy]
[name of copyright owner]
-->
<!-- ENTITY Definitions for the dtd -->
<!ENTITY % boolean "(yes | no | on | off | 1 | 0 | true | false)">
<!ENTITY % isolation "(read-uncommitted | read-committed | repeatable-read | serializable)">
<!ENTITY % validation-level "(full | parsing | none)">
<!--
object-type defines the type of the resource. It can be:
system-all These are system resources for all instances and DAS
system-admin These are system resources only in DAS
system-instance These are system resources only in instances (and not DAS)
user User resources (This is the default for all elements)
-->
<!ENTITY % object-type "(system-all | system-admin | system-instance | user)">
<!-- SE/EE related ENTITIES: This will define the available JSR 160 connector
transport protocols.
-->
<!ENTITY % rjmx-protocol "(jmxmp)">
<!--
monitoring-level controls the amount of monitoring data collected
and exposed to clients
OFF: no monitoring/statistical data is exposed to the clients.
LOW: SE/EE only
HIGH: maximum data is gathered and released.
-->
<!ENTITY % monitoring-level "(OFF|LOW|HIGH)">
<!-- SE/EE related ENTITIES -->
<!ENTITY % persistence-type "(memory | file | ha | jdbc-oracle | jdbc-pointbase | custom)">
<!ENTITY % checkpoint-location "(end-of-method | end-of-transaction)">
<!ENTITY % session-save-frequency "(web-method | timer | synch)">
<!ENTITY % session-save-scope "(session | modified-session | modified-attribute)" >
<!--
Top level Domain Element that includes applications, resources, configs, servers,
clusters and node-controllers, load balancer configurations and load balancers.
node-controllers and load balancers are SE/EE related entities only.
application-root for PE this defines the location where applications are
deployed
log-root specifies where the server instance's log files are kept,
including HTTP access logs, server logs, and transaction
logs. Default is $INSTANCE-ROOT/logs
locale If present, overrides OS locale setting.
-->
<!ELEMENT domain (applications?, resources? , configs, servers, clusters?,
node-controllers?, lb-configurations?, loadbalancers?,
property* )>
<!ATTLIST domain application-root CDATA #IMPLIED
log-root CDATA #IMPLIED
locale CDATA #IMPLIED>
<!-- Aggregation elements that includes 0 or more of its types.
configs: for PE there will be only a single named configuration
servers: for PE there will be only a single named server instance
clusters: SE/EE only
node-controllers: SE/EE only
lb-configurations: SE/EE only
loadbalancers: SE/EE only
-->
<!ELEMENT configs (config+)>
<!ELEMENT servers (server*)>
<!ELEMENT clusters (cluster*)>
<!ELEMENT node-controllers (node-controller*)>
<!ELEMENT lb-configurations (lb-configuration*)>
<!ELEMENT loadbalancers (loadbalancer*)>
<!--- APPLICATIONS SECTION -->
<!-- Various types of applications that can be deployed on Sun ONE Application
Server instance
applications-dir specifies an absolute path to where deployed
applications will reside for this instance. The default location
is $INSTANCE-ROOT/applications
-->
<!ELEMENT applications ((lifecycle-module | j2ee-application | ejb-module |
web-module | connector-module | appclient-module)*)>
<!--
Server Lifecycle Listener Modules
name unqiue identifier for the deployed server lifecycle event
listener module.
class-name fully qualified name of the startup class.
classpath where this module is actually located, if it is not under
applications-root
load-order integer value that can be used to force the order in which deployed
lifecycle modules are loaded at server start up. Smaller numbered
modules get loaded sooner. Order is unspecified if two or more
lifecycle modules have the same load-order value.
is-failure-fatal, if true, aborts server start up if this module does not
load properly.
enabled boolean attribute. If set to "false" this module will not be
loaded at server start up.
-->
<!ELEMENT lifecycle-module (description? , property*)>
<!ATTLIST lifecycle-module name CDATA #REQUIRED
class-name CDATA #REQUIRED
classpath CDATA #IMPLIED
load-order CDATA #IMPLIED
is-failure-fatal %boolean; "false"
enabled %boolean; "true">
<!-- j2ee-application and ejb-module attributes
-->
<!ELEMENT j2ee-application (description?)>
<!ATTLIST j2ee-application name CDATA #REQUIRED
location CDATA #REQUIRED
object-type %object-type; "user"
enabled %boolean; "true">
<!ELEMENT ejb-module (description?)>
<!ATTLIST ejb-module name CDATA #REQUIRED
location CDATA #REQUIRED
object-type %object-type; "user"
enabled %boolean; "true">
<!ELEMENT web-module (description?)>
<!ATTLIST web-module name CDATA #REQUIRED
context-root CDATA #REQUIRED
location CDATA #REQUIRED
object-type %object-type; "user"
enabled %boolean; "true">
<!ELEMENT connector-module (description?)>
<!ATTLIST connector-module name CDATA #REQUIRED
location CDATA #REQUIRED
object-type %object-type; "user"
enabled %boolean; "true">
<!ELEMENT appclient-module (description?)>
<!ATTLIST appclient-module name CDATA #REQUIRED
location CDATA #REQUIRED>
<!--- RESOURCES SECTION -->
<!-- J2EE Applications look up resources registered with the
Application server, using portable JNDI names.
-->
<!ELEMENT resources ((custom-resource | external-jndi-resource | jdbc-resource |
mail-resource | persistence-manager-factory-resource |
admin-object-resource | connector-resource | resource-adapter-config |
jdbc-connection-pool | connector-connection-pool)*)>
<!-- Textual description of a configured entity -->
<!ELEMENT description (#PCDATA)>
<!-- custom (or generic) resource managed by a user-written factory class. -->
<!ELEMENT custom-resource (description? , property*)>
<!--
JNDI name for generic resource, the fully qualified type of the resource
and whether it is enabled at runtime
-->
<!ATTLIST custom-resource jndi-name CDATA #REQUIRED
res-type CDATA #REQUIRED
factory-class CDATA #REQUIRED
enabled %boolean; "true">
<!-- resource residing in an external JNDI repository -->
<!ELEMENT external-jndi-resource (description? , property*)>
<!ATTLIST external-jndi-resource jndi-name CDATA #REQUIRED
jndi-lookup-name CDATA #REQUIRED
res-type CDATA #REQUIRED
factory-class CDATA #REQUIRED
enabled %boolean; "true">
<!-- JDBC javax.sql.(XA)DataSource resource definition -->
<!ELEMENT jdbc-resource (description? , property*)>
<!ATTLIST jdbc-resource jndi-name CDATA #REQUIRED
pool-name CDATA #REQUIRED
object-type %object-type; "user"
enabled %boolean; "true">
<!-- The mail-resource element describes a javax.mail.Session resource -->
<!ELEMENT mail-resource (description? , property*)>
<!ATTLIST mail-resource jndi-name CDATA #REQUIRED
store-protocol CDATA "imap"
store-protocol-class CDATA "com.sun.mail.imap.IMAPStore"
transport-protocol CDATA "smtp"
transport-protocol-class CDATA "com.sun.mail.smtp.SMTPTransport"
host CDATA #REQUIRED
user CDATA #REQUIRED
from CDATA #REQUIRED
debug %boolean; "false"
enabled %boolean; "true">
<!--
Persistence Manager runtime configuration.
jndi-name JNDI name for this resource
jdbc-resource-jndi-name: jdbc resource with which database connections
are obtained.
must be the name of one of pre-created jdbc resources.
factory-class: Class that creates persistence manager instance.
-->
<!ELEMENT persistence-manager-factory-resource (description? , property*)>
<!ATTLIST persistence-manager-factory-resource
jndi-name CDATA #REQUIRED
factory-class CDATA
"com.sun.jdo.spi.persistence.support.sqlstore.impl.PersistenceManagerFactoryImpl"
jdbc-resource-jndi-name CDATA #IMPLIED
enabled %boolean; "true">
<!-- The admin-object-resource element describes a administered object for a inbound
resource adapter.
jndi-name JNDI name for this resource
res-type Interface definition for the administered object
res-adapter Name of the inbound resource adapter.
-->
<!ELEMENT admin-object-resource (description?, property*)>
<!ATTLIST admin-object-resource jndi-name CDATA #REQUIRED
res-type CDATA #REQUIRED
res-adapter CDATA #REQUIRED
enabled %boolean; "true">
<!ELEMENT connector-resource (description?, property*)>
<!ATTLIST connector-resource jndi-name CDATA #REQUIRED
pool-name CDATA #REQUIRED
object-type %object-type; "user"
enabled %boolean; "true">
<!--
This element is for configuring the resource adapter. These values
(properties) over-rides the default values present in ra.xml.
The name attribute has to be unique . It is optional for PE. It is
used mainly for EE.
-->
<!ELEMENT resource-adapter-config (property*)>
<!ATTLIST resource-adapter-config name CDATA #IMPLIED
thread-pool-ids CDATA #IMPLIED
resource-adapter-name CDATA #REQUIRED>
<!-- CONFIGS SECTION -->
<!--
The configuration defines the configuration of a server instance that
can be shared by other server instances. The availability-service and
quorum-service are SE/EE only.
-->
<!ELEMENT config (http-service, iiop-service, admin-service,
web-container, ejb-container, mdb-container,
jms-service?, log-service, security-service,
transaction-service, monitoring-service, java-config ,
availability-service? , quorum-service?,
thread-pools, property*)>
<!ATTLIST config name CDATA #REQUIRED>
<!-- HTTP service configuration -->
<!ELEMENT http-service ((http-listener | virtual-server)* ,
property*)>
<!-- Configure HTTP listener
id Unique identifier for http listener.
address IP address of the listen socket. Can be in dotted-pair or IPv6 notation.
Can also be any for INADDR-ANY. Configuring a listen socket to listen on
any is required if more than one http-listener is configured to it.
port Port number to create the listen socket on. Legal values are 1 - 65535.
On Unix, creating sockets that listen on ports 1 - 1024 requires
superuser privileges. Configuring an SSL listen socket to listen on
port 443 is recommended.
security-enabled (optional) Determines whether the http listener runs SSL. You can
turn SSL2 or SSL3 on or off and set ciphers using an ssl element
The Security setting in the init.conf file globally enables or disables
SSL by making certificates available to the server instance. Therefore,
Security in init.conf must be on or security in server.xml does not
work.
acceptor-threads (optional) Number of acceptor threads for the listen socket.
The recommended value is the number of processors in the machine.
default-virtual-server The id attribute of the default virtual server for this
particular connection group.
server-name Tells the server what to put in the host name section of any URLs
it sends to the client. This affects URLs the server automatically generates;
it doesn't affect the URLs for directories and files stored in the server.
This name should be the alias name if your server uses an alias.
If you append a colon and port number, that port will be used in URLs
the server sends to the client.
xpowered-by The Servlet 2.4 spec defines a special X-Powered-By: Servlet/2.4
header, which containers may add to servlet-generated responses. This
is complemented by the JSP 2.0 spec, which defines a X-Powered-By: JSP/2.0
header to be added (on an optional basis) to responses utilizing JSP technology.
The goal of these headers is to aid in gathering statistical data
about the use of Servlet and JSP technology. If true, these headers will
be added.
redirect-port if the connector is supporting non-SSL requests and a request is received
for which a matching <security-constraint> requires SSL transport
catalina will automatically redirect the request to the port number
specified here
-->
<!ELEMENT http-listener (ssl?, property*)>
<!ATTLIST http-listener id CDATA #REQUIRED
address CDATA #REQUIRED
port CDATA #REQUIRED
acceptor-threads CDATA "1"
security-enabled %boolean; "false"
default-virtual-server CDATA #REQUIRED
server-name CDATA #REQUIRED
redirect-port CDATA #IMPLIED
xpowered-by %boolean; "true"
enabled %boolean; "true" >
<!-- Define SSL processing parameters
cert-nickname nickname of the server certificate in the certificate database
or the PKCS#11 token. In the certificate, the name format is
tokenname:nickname. Including the tokenname: part of the name
in this attribute is optional.
ssl2-enabled (optional) Determines whether SSL2 is enabled.
ssl3-enabled (optional) Determines whether SSL3 is enabled.
If both SSL2 and SSL3 are enabled for a virtual server, the server
tries SSL3 encryption first. If that fails, the server tries SSL2
encryption.
ssl2-ciphers (optional) A comma-separated list of the SSL2 ciphers used, with
the prefix + to enable or - to disable, for example +rc4. Allowed
values are rc4, rc4export, rc2, rc2export, idea, des, desede3.
If no value is specified, all supported ciphers are assumed to
be enabled.
ssl3-tls-ciphers (optional) A comma-separated list of the SSL3 ciphers used, with
the prefix + to enable or - to disable, for example +rsa-des-sha.
Allowed SSL3 values are rsa-rc4-128-md5, rsa3des-sha, rsa-des-sha,
rsa-rc4-40-md5, rsa-rc2-40-md5, rsa-null-md5. Allowed TLS values
are rsa-des-56-sha, rsa-rc4-56-sha. If no value is specified,
all supported ciphers are assumed to be enabled.
tls-enabled (optional) Determines whether TLS is enabled.
tls-rollback-enabled (optional) Determines whether TLS rollback is enabled. TLS
rollback should be enabled for Microsoft Internet Explorer
5.0 and 5.5.
client-auth-enabled (optional) Determines whether SSL3 client authentication is
performed on every request, independent of ACL-based access
control.
-->
<!ELEMENT ssl EMPTY>
<!ATTLIST ssl cert-nickname CDATA #REQUIRED
ssl2-enabled %boolean; "false"
ssl2-ciphers CDATA #IMPLIED
ssl3-enabled %boolean; "true"
ssl3-tls-ciphers CDATA #IMPLIED
tls-enabled %boolean; "true"
tls-rollback-enabled %boolean; "true"
client-auth-enabled %boolean; "false" >
<!-- Configuration of Virtual Server
Virtualization in Application Server allows multiple URL domains to be served by
the same HTTP server process, which is listening on multiple host addresses If
an application is available at two virtual servers, they still share same physical
resource pools, such as JDBC connection pools.
Sun ONE Application Server allows a list of virtual servers, to be specified
along with web-module and j2ee-application elements. This establishes an
association between URL domains, represented by the virtual server and the web
modules (standalone web modules or web modules inside the ear file)
id Virtual server ID. This is a unique ID that allows lookup of a
specific virtual server. Can also be referred to as the
variable $id in an obj.conf file. A virtual server ID cannot
begin with a number.
http-listeners (optional) A comma-separated list of http-listener id(s),
Required only for a Virtual Server that is not the default
virtual server.
default-web-module (optional) stand alone web module associated with this
virtual server by default.
hosts A comma-separated list of values allowed in the Host request
header to select the current virtual server. Each Virtual Server
that is configured to the same Connection Group must have a
unique hosts value for that group.
state (optional) Determines whether a Virtual Server is active
(on) or inactive (off, disable). The default is on (active).
When inactive, a Virtual Server does not service requests.
If a Virtual Server is disabled, only the server administrator
can turn it on.
log-file (optional) Specifies a log file for virtual-server-specific
log messages. If this is not specified, log messages go to
$LOG-ROOT/server.log
-->
<!ELEMENT virtual-server (property*)>
<!ATTLIST virtual-server id CDATA #REQUIRED
http-listeners CDATA #IMPLIED
default-web-module CDATA #IMPLIED
hosts CDATA #REQUIRED
state (on | off | disabled ) "on"
log-file CDATA #IMPLIED >
<!-- ORB underlies the EJB container. Requests for EJBs from Application Client
Container(s) or from another EJB interoperability capable J2EE Container(s)
are serviced by iiop listener(s). One non-SSL iiop listener can be configured.
SSL support may require up to two SSL secured IIOP listeners to be configured:
Server Authentication only, Mutual Authentication only, or both.
ssl-client-config element specifies the SSL configuration when the Application
Server is making outbound IIOP/SSL connections.
By default, a server instance will configure non-secure IIOP access.
Administrator can create and configure IIOP/SSL listener(s).
client-authentication-required if true, the server will reject unauthenticated requests.
It will also insert an "Authentication required"
bit in IORs sent to clients.
-->
<!ELEMENT iiop-service (orb , ssl-client-config? , iiop-listener*)>
<!ATTLIST iiop-service client-authentication-required %boolean; "false">
<!-- Orb Configuration properties
message-fragment-size GIOPv1.2 messages larger than this will get fragmented.
max-connections maximum number of incoming connections, on all listeners
use-thread-pool-ids This would refer to the thread-pool-id(s) defined in
the thread-pool sub-element of thread-pool-config
element in server.xml. These would be the threadpool(s)
used by the ORB. More than one thread-pool-id(s) could
be specified by using commas to separate
the names e.g. "orb-thread-pool-1, orb-thread-pool-2"
-->
<!ELEMENT orb (property*)>
<!ATTLIST orb use-thread-pool-ids CDATA #REQUIRED
message-fragment-size CDATA "1024"
max-connections CDATA "1024">
<!-- Client SSL Configuration -->
<!ELEMENT ssl-client-config (ssl)>
<!-- IIOP Listener Configuration.
ssl element specifies optional SSL configuration
id unique identifier for this listener.
address ip address or hostname (resolvable by DNS)
port port number
security-enabled Determines whether the iiop listener runs SSL. You can
turn SSL2 or SSL3 on or off and set ciphers using an ssl element
enabled if false, a configured listener, is disabled
-->
<!ELEMENT iiop-listener (ssl? , property*)>
<!ATTLIST iiop-listener id CDATA #REQUIRED
address CDATA #REQUIRED
port CDATA "1072"
security-enabled %boolean; "false"
enabled %boolean; "true" >
<!--
Admin Service exists in every instance. It is the configuration for either
a normal server, DAS or PE instance.
type an instance can either be of type:
das: Domain Administration Server in SE/EE
server: Any non-DAS instance in SE/EE
das-and-server: DAS with Deployment (PE case)
system-jmx-connector-name SE/EE only. Defines the name of the internally
used jmx-connector.
-->
<!ELEMENT admin-service (jmx-connector*, das-config?, property* )>
<!ATTLIST admin-service type (das|das-and-server|server) "server"
system-jmx-connector-name CDATA #IMPLIED>
<!-- SE/EE only. The jmx-connector element defines the configuration of a JSR 160 compliant
remote JMX Connector.
name name of jmx connector used for identification
protocol Defines the protocol that this jmx-connector should
support. Supported protocols are defined by Entity
rjmx-protocol. Sun ONE AS 8.0 supports "jmxmp" protocol.
For other protocols supported, refer to documentation.
address Specifies the IP address or host-name.
port Specifies the port of the jmx-connector-server.
Note that jmx-service-uRL is a function of protocol, port
and address as defined by the JSR 160 1.0 Specification.
accept-all Determines whether the connection can be made on all the
value of false implies that the connections only for
this specific address will be selected.
auth-realm-name The name of the auth-realm in this config element that represents the special
administrative realm. All authentication (from administraive GUI and CLI) will
be handled by this realm.
security-enabled Decides whether the transport layer security be used in
jmx-connector. If true, configure the ssl element.
Used in: admin-service.
-->
<!ELEMENT jmx-connector (ssl?, property*)>
<!ATTLIST jmx-connector name CDATA #REQUIRED
protocol %rjmx-protocol; "jmxmp"
address CDATA #REQUIRED
port CDATA #REQUIRED
accept-all %boolean; "false"
auth-realm-name CDATA #REQUIRED
security-enabled %boolean; "true">
<!--
dynamic-reload-enabled when true, server checks timestamp on a .reload
file at every module and application directory level to trigger
reload. polling frequency is controlled by
reload-poll-interval-in-seconds
autodeploy-enabled This will enable the autodeployment service. If true, the
service will automatically starts with the admin-server.
Auto Deployment is a feature that enables developers to quickly
deploy applications and modules to a running application server
withoutrequiring the developer to perform an explicit application
server restart or separate deployment operation.
autodeploy-polling-interval-in-seconds The polling interval (in seconds), at the end of
which autodeployment service will scan the source directory
(specified by "autodeploy-dir" tag) for any new deployable component.
autodeploy-dir The source directory (relative to instance root) from which autodeploy
service will pick deployable components. You can also specify an
absolute directory.
autodeploy-verifier-enabled To enable/disable verifier, during auto-deployment. If true,
verification will be done before any deployment activity.
In the event of any verifier test failure, deployment is
not performed.
autodeploy-jsp-precompilation-enabled If true, JSPs will be pre compiled during
deployment of the war module(s).
deploy-xml-validation specifies if descriptor validation is required or not.
full: xml will be validated and in case of xml validation errors,
deployment will fail.
parsing: xml errors will be reported but deployment process will continue.
none: no xml validation will be perfomed on the standard or
runtime deployment descriptors.
admin-session-timeout-in-minutes timeout in minutes indicating the administration gui session timeout.
-->
<!ELEMENT das-config (property*)>
<!ATTLIST das-config dynamic-reload-enabled %boolean; "false"
dynamic-reload-poll-interval-in-seconds CDATA '2'
autodeploy-enabled %boolean; "false"
autodeploy-polling-interval-in-seconds CDATA '30'
autodeploy-dir CDATA "autodeploy"
autodeploy-verifier-enabled %boolean; "false"
autodeploy-jsp-precompilation-enabled %boolean;"false"
deploy-xml-validation %validation-level; "full"
admin-session-timeout-in-minutes CDATA #IMPLIED >
<!-- SE/EE only. needs explanation TBD -->
<!ELEMENT web-container (session-config?, property*)>
<!ELEMENT session-config (session-manager?, session-properties?)>
<!ELEMENT session-manager (manager-properties?, store-properties?)>
<!ELEMENT manager-properties (property*)>
<!ATTLIST manager-properties session-file-name CDATA #IMPLIED
reap-interval-in-seconds CDATA #IMPLIED
max-sessions CDATA #IMPLIED
session-id-generator-classname CDATA #IMPLIED>
<!ELEMENT store-properties (property*)>
<!ATTLIST store-properties directory CDATA #IMPLIED
reap-interval-in-seconds CDATA #IMPLIED>
<!ELEMENT session-properties (property*)>
<!ATTLIST session-properties timeout-in-seconds CDATA #IMPLIED>
<!--
Configuration of EJB Container. Properties apply to all beans in all deployed
applications, unless different parameters are specified in Sun ONE Application Server
specific deployment descriptors. Applicability is indicated in middle column, using
the following acronyms:
slsb - stateless session bean
sfsb - stateful session bean
eb - entity bean (incl. read-only)
steady-pool-size slsb,eb number of bean instances normally maintained in pool. When a pool
is first created, it will be populated with size equal to
steady-pool-size. When an instance is removed from the pool, it
is replenished asynchronously, so that the pool size is at
or above the steady-pool-size. This additions will be in multiples
of pool-resize-quantity. When a bean is disassociated from a
method invocation, it is put back in the pool, subject to
max-pool-size limit. If the max pool size is exceeded the bean
id destroyed immediately. A pool cleaning thread, executes at
an interval defined by pool-idle-timeout-in-seconds. This thread
reduces the pool size to steady-pool-size, in steps defined by
pool-resize-quantity. If the pool is empty, the required object
will be created and returned immediately. This prevents threads
from blocking till the pool is replenished by the background
thread. steady-pool-size must be greater than 1 and at most equal
to the max-pool-size.
max-pool-size slsb,eb maximum size, a pool can grow to. A value of 0 implies
an unbounded pool. Unbounded pools eventually shrink to the
steady-pool-size, in steps defined by pool-resize-quantity.
pool-resize-quantity slsb,eb size of bean pool grows (shrinks) in steps specified by
pool-resize-quantity, subject to max-pool-size (steady-pool-size) limit.
Pool is resized when the pool cleaner thread runs. This rate at which
this thread runs is defined by pool-idle-timeout-in-seconds
pool-resize-quantity must be greater 1 and less than max-pool-size.
pool will never be resized below the steady pool size.
pool-idle-timeout-in-seconds slsb,eb defines the rate at which the pool cleaning thread is executed.
this thread checks if current size is greater than steady pool
size, it removes pool-resize-quantity elements. If the current
size is less than steady-pool-size it is increased by
pool-resize-quantity, with a ceiling of
min (current-pool-size+pool + resize-quantity, max-pool-size)
Only objects that have not been accessed for more than
pool-idle-timeout-in-seconds are candidates for removal.
cache-resize-quantity eb,sfsb Cache elements have identity, hence growth is in unit steps
and created on demand. Shrinking of cache happens
when cache-idle-timeout-in-seconds timer expires and a cleaner
thread passivates beans which have been idle for longer than
cache-idle-timeout-in-seconds. All idle instances are passivated at once.
cache-resize-quantity does not apply in this case.
when max cache size is reached, an asynchronous task is created
to bring the size back under the max-cache-size limit. This task
removes cache-resize-quantity elements, consulting the
victim-selection-policy.
Must be greater than 1 and less than max-cache-size.
max-cache-size sfsb,eb specifies the maximum number of instances that can be cached.
For entity beans, internally two caches are maintained for
higher concurrency: (i) Ready (R$) (ii) Active in an Incomplete
Transaction (TX$). The TX$ is populated with instances from R$
or from the Pool directly. When an instance in TX$ completes the
transaction, it is placed back in the R$ (or in pool, in case an
instance with same identity already is in R$). max-cache-size
only specifies the upper limit for R$. The container computes
an appropriate size for TX$.
cache-idle-timeout-in-seconds eb specifies the rate at which the cache cleaner thread is scheduled.
All idle instances are passivated at once.
removal-timeout-in-seconds sfsb Instance is removed from cache or passivation store, if it is
not accesed within this time. All instances that can be removed,
will be removed.
victim-selection-policy sfsb Victim selection policy when cache needs to shrink. fifo method
picks victims, oldest instance first. lru algorithm picks least
recently accessed instances. nru policy tries to pick
"not recently used" instances and is a pseudo-random selection
process. Victims are passivated. Entity Bean Victims are selected
always using fifo discipline. Does not apply to slsb because it
does not matter, which particular instances are removed.
commit-option eb Entity Beans caching is controlled by this setting. Commit Option
C implies that no caching is performed in the container.
Above defaults, apply only if they are not specified in vendor specific Bean Deployment Descriptors.
The ejb-timer-service element contains the configuration for the
ejb timer service. There is at most one ejb timer service per
server instance.
session-store specifies the directory where passivated beans and
persisted HTTP sessions are stored on the file system.
Defaults to $INSTANCE-ROOT/session-store
-->
<!ELEMENT ejb-container (ejb-timer-service?, property*)>
<!ATTLIST ejb-container steady-pool-size CDATA "32"
pool-resize-quantity CDATA "16"
max-pool-size CDATA "64"
cache-resize-quantity CDATA "32"
max-cache-size CDATA "512"
pool-idle-timeout-in-seconds CDATA "600"
cache-idle-timeout-in-seconds CDATA "600"
removal-timeout-in-seconds CDATA "5400"
victim-selection-policy (fifo | lru | nru ) "nru"
commit-option (B | C ) "B"
session-store CDATA #IMPLIED>
<!--
Configuration for ejb timer service.
"minimum-delivery-interval-in-millis" is the minimum number of milliseconds
allowed before the next timer expiration for a particular timer can occur.
It guards against extremely small timer increments that can overload
the server.
"max-redeliveries" is the maximum number of times the ejb timer service
will attempt to redeliver a timer expiration due to exception or
rollback. The minimum value is 1, per the ejb specification.
"timer-datasource" overrides the cmp-resource (jdbc/__TimerPool) specified
in sun-ejb-jar.xml of (__ejb_container_timer_app) of the timer service
system application. By default this is set to jdbc/__TimerPool, but
can be overridden for the cluster or server instance, if they choose to.
"redelivery-interval-in-millis" is the number of milliseconds the ejb
timer service will wait after a failed ejbTimeout delivery before
attempting a redelivery.
-->
<!ELEMENT ejb-timer-service (property*)>
<!ATTLIST ejb-timer-service minimum-delivery-interval-in-millis CDATA "7000"
max-redeliveries CDATA "1"
timer-datasource CDATA #IMPLIED
redelivery-interval-internal-in-millis CDATA "5000">
<!--
Configuration of MDB Container
steady-pool-size minimum and initial number of message driven beans in pool.
pool-resize-quantity quantum of increase/decrease, when the size of pool grows/shrinks.
max-pool-size maximum size, pool can grow to.
idle-timeout-in-seconds idle bean instance in pool becomes a candidate for deletion,
when this timeout expires.
The above pool defaults, apply if they are not specified
in the Sun ONE Application Server specific Deployment
Descriptors.
-->
<!ELEMENT mdb-container (property*)>
<!ATTLIST mdb-container steady-pool-size CDATA "10"
pool-resize-quantity CDATA "2"
max-pool-size CDATA "60"
idle-timeout-in-seconds CDATA "600">
<!--
The jms-service element specifies information about the bundled/built-in
JMS service that is managed by Application Server.
If the "enabled" attribute is set to "true", the server instance
will be responsible for starting up and shutting down the JMS service.
If the "enabled" attribute is set to "false", the server instance
will not startup nor shutdown the JMS service (either because JMS
is not used or because it is managed independently of application server).
"port" attribute specifies the port number used by the JMS service.
"admin-username" attribute specifies the admin username.
"admin-password" attribute specifies the admin password.
"init-timeout-in-seconds" specifies the time server instance
will wait at start up, for its corresponding JMS service instance
to respond. If there is no response within the specifies timeout
period, application server startup is aborted.
"start-args" specifies the arguments that will be supplied to
start up the corresponding JMS service instance.
-->
<!ELEMENT jms-service (jms-host*, property*)>
<!ATTLIST jms-service init-timeout-in-seconds CDATA "60"
type (LOCAL|NONE|REMOTE) "LOCAL"
start-args CDATA #IMPLIED>
<!ELEMENT jms-host (property*)>
<!ATTLIST jms-host name CDATA #REQUIRED
host CDATA #IMPLIED
port CDATA "7676"
admin-user-name CDATA "admin"
admin-password CDATA "admin">
<!-- Generic Log Service Configuration
By default, logs would be kept in $INSTANCE-ROOT/logs. The following log
files will be stored under the logs directory.
access.log keeps default virtual server HTTP access messages.
server.log keeps log messages from default virtual server.
Messages from other configured virtual servers
also go here, unless log-file is explicitly
specified in the virtual-server element.
file attribute can be used to rename or relocate server.log using absolute
path.
use-system-logging if true, will utilize Unix syslog service or Windows
Event Logging to produce and manage logs.
log-handler Can plug in a custom log handler to add it to the chain of
handlers to log into a different log destination than the default
ones given by the system (which are Console, File and Syslog). It is
a requirement that customers use the log formatter provided by the the
system to maintain uniformity in log messages. The custom log handler will
be added at the end of the handler chain after File + Syslog Handler,
Console Handler and JMX Handler. User cannot replace the handler
provided by the system, because of loosing precious log statements. The
Server Initialization will take care of installing the custom handler
with the system formatter initialized. The user need to use JSR 047
Log Handler Interface to implement the custom handler.
log-filter Can plug in a log filter to do custom filtering of log records . By
default there is no log filter other than the log level filtering
provided by JSR 047 log API.
log-to-console logs will be sent to stderr when asadmin start-domain verbose is used
log-rotation-limit-in-bytes Log Files will be rotated when the file size reaches the limit.
alarms if true, will turn on alarms for the logger. The SEVERE and WARNING messages
can be routed through the JMX framework to raise SEVERE and WARNING alerts. Alarms
are turned off by default.
-->
<!ELEMENT log-service (module-log-levels?, property*)>
<!ATTLIST log-service file CDATA #IMPLIED
use-system-logging %boolean; "false"
log-handler CDATA #IMPLIED
log-filter CDATA #IMPLIED
log-to-console %boolean; "false"
log-rotation-limit-in-bytes CDATA "500000"
alarms %boolean; "false">
<!--
Configure the Log Levels for Various Loggers in the SUN ONE Modules.
The Default level is set to INFO, The log levels can be changed
using one of the seven levels. Please refer JSR 047 to understand
the Log Levels.
The Logs can be completely turned off by using 'OFF' value. The names
of the module loggers are self-explanatory
transaction If greater or less verbosity is desired from transaction
sub-system this can be adjusted. Note that this refers to
logging messages and not transaction co-ordination logs.
-->
<!ENTITY % log-level "(FINEST|FINER|FINE|CONFIG|INFO|WARNING|SEVERE|OFF)">
<!ELEMENT module-log-levels (property*)>
<!ATTLIST module-log-levels
root %log-level; "INFO"
server %log-level; "INFO"
ejb-container %log-level; "INFO"
cmp-container %log-level; "INFO"
mdb-container %log-level; "INFO"
web-container %log-level; "INFO"
classloader %log-level; "INFO"
configuration %log-level; "INFO"
naming %log-level; "INFO"
security %log-level; "INFO"
jts %log-level; "INFO"
jta %log-level; "INFO"
admin %log-level; "INFO"
deployment %log-level; "INFO"
verifier %log-level; "INFO"
jaxr %log-level; "INFO"
jaxrpc %log-level; "INFO"
saaj %log-level; "INFO"
corba %log-level; "INFO"
javamail %log-level; "INFO"
jms %log-level; "INFO"
connector %log-level; "INFO"
jdo %log-level; "INFO"
cmp %log-level; "INFO"
resource-adapter %log-level; "INFO">
<!--
The security service element defines parameters and configuration
information needed by the core J2EE security service. Some
container-specific security configuration elements are in the
various container configuration elements and not here. SSL
configuration is also elsewhere. At this time the security service
configuration consists of a set of authentication realms. A number
of top-level attributes are defined as well.
default-realm: Specifies which realm (by name) is used by default when no
realm is specifically requested. The file realm is the common default.
default-principal: Used as the identity of default security contexts when
necessary and no principal is provided.
default-principal-pwd: Password of default principal.
anonymous-role: Used as role name for default/anonymous role.
audit-enabled: If true, additional access logging is performed to provide
audit information.
jacc: Specifies the name of the jacc-provider element to use for setting
up the JACC infrastructure. The default value "default" does not need
to be changed unless adding a custom JACC provider.
audit-modules: Optional list of audit provider modules which will be used
by the audit subsystem. The default value refers to the internal
log-based audit module.
-->
<!ELEMENT security-service (auth-realm+ , jacc-provider+ , audit-module*, property*)>
<!ATTLIST security-service default-realm CDATA "file"
default-principal CDATA #IMPLIED
default-principal-password CDATA #IMPLIED
anonymous-role CDATA "ANYONE"
audit-enabled %boolean; "false"
jacc CDATA "default"
audit-modules CDATA "default">
<!--
An audit-module specifies an optional plug-in module which implements
audit capabilities.
name: defines the name of this realm
classname: defines the java class which implements this audit module
-->
<!ELEMENT audit-module (property*)>
<!ATTLIST audit-module name CDATA #REQUIRED
classname CDATA #REQUIRED>
<!--
The auth-realm element defines and configures one authentication realm.
There must be at least one realm available for a server instance; any
number can be configured, as desired.
Authentication realms need provider-specific parameters which vary depending
on what a particular implementation needs; these are defined as properties
since they vary by provider and cannot be predicted for any custom or add-on
providers.
For the default file provider, the param used is: file
name: defines the name of this realm
classname: defines the java class which implements this realm
property: name/value pairs of provider implementation specific attributes.
-->
<!ELEMENT auth-realm (property*)>
<!ATTLIST auth-realm name CDATA #REQUIRED
classname CDATA #REQUIRED>
<!--
The jacc-provider element defines the standard JACC properties used for
setting up the JACC provider. It also allows optional properties which can
be used by the provider implementation for its configuration.
name: A name for this jacc-provider. Is always "default" for the default
provider.
policy-provider: Corresponds to (and can be overridden by) the system
property javax.security.jacc.policy.provider
policy-configuration-factory-provider: Corresponds to (and can be
overridden by) the system property
javax.security.jacc.PolicyConfigurationFactory.provider
-->
<!ELEMENT jacc-provider (property*)>
<!ATTLIST jacc-provider name CDATA #REQUIRED
policy-provider CDATA #REQUIRED
policy-configuration-factory-provider CDATA #REQUIRED>
<!-- Configuration for Transaction Manager.
automatic-recovery if true, server instance attempts recovery at restart.
timeout-in-seconds amount of time the transaction manager waits for
response from a datasource participating in transaction.
A value of 0 implies infinite timeout.
tx-log-dir By default the transaction log is kept in the directory
$INSTANCE-ROOT/logs/tx. If user specifies log-root
attribute under <domain> element, tx.log would appear
in that directory. User can also specify an alternative
location using transaction-service.txlog-file attribute.
The transaction service creates and uses 3 files for
logging and tracking transactions in progress.
heuristic-decision During recovery, if outcome of a transaction cannot be
determined from the logs, then this property is used
to fix the outcome.
retry-timeout-in-seconds used to determine the retry time in the following
scenarios.
1. Time to wait at the transaction recovery time,
when resources are unreachable.
2. If there are any transient exceptions in the
second phase of the 2 PC protocol.
A negative value indicates infinite retry.
'0' indicates no retry.
A positive value indicates the number of seconds for
which retry will be attempted. Default is 10 minutes
which may be appropriate for a database being restarted.
keypoint-interval property used to specify the number of transactions between
keypoint operations on the log. A Keypoint operations could
reduce the size of the transaction log files. A larger value
for this property (for example, 1000) will result in larger
transaction log files, between log compactions, but less
keypoint operations, and potentially better performance.
A smaller value (e.g. 20) results in smaller log files but
slightly reduced performance due to the greater frequency of
keypoint operations.
-->
<!ELEMENT transaction-service (property*)>
<!ATTLIST transaction-service automatic-recovery %boolean; "false"
timeout-in-seconds CDATA "0"
tx-log-dir CDATA #IMPLIED
heuristic-decision (rollback | commit ) "rollback"
retry-timeout-in-seconds CDATA "600"
keypoint-interval CDATA "2048">
<!-- Configuration for monitoring service -->
<!ELEMENT monitoring-service (module-monitoring-levels?, property*)>
<!--
The attributes of module-monitoring-levels define various monitoring levels for various components:
thread-pool all the thread-pools used by the run time.
orb ORB, its connection managers etc. (WHAT IS ETC? TBD???)
ejb-container various ejbs deployed to the server, ejb-pools, ejb-caches and ejb-methods.
transaction-service transaction subsystem.
http-service h ttp engine and the http listeners therein.
jdbc-connection-pool monitoring level for all the jdbc-connection-pools used by the runtime.
connector-connection-pool monitoring level for all the connector-connection-pools used by the runtime.
-->
<!ELEMENT module-monitoring-levels (property*)>
<!ATTLIST module-monitoring-levels thread-pool %monitoring-level; "OFF"
orb %monitoring-level; "OFF"
ejb-container %monitoring-level; "OFF"
web-container %monitoring-level; "OFF"
transaction-service %monitoring-level; "OFF"
http-service %monitoring-level; "OFF"
jdbc-connection-pool %monitoring-level; "OFF"
connector-connection-pool %monitoring-level; "OFF" >
<!-- Java Runtime environment configuration
java-home Specifies the installation directory for Java runtime.
JDK 1.4 or higher is supported.
debug-enabled If set to true, the server starts up in debug mode ready for
attaching with a JPDA based debugger.
debug-options JPDA based debugging options string.
rmic-options Options string passed to RMI compiler, at application deployment
time.
javac-options Options string passed to Java compiler, at application deployment
time.
classpath-prefix A java classpath string that is prefixed to server-classpath
classpath-suffix A java classpath string that is appended to server-classpath
server-classpath A java classpath string that specifies the classes needed by the
Application server. Do not expect users to change this under
normal conditions.
native-library-path is automatically constructed to be a concatenation of Application
Server installation relative path for its native shared libraries, standard JRE native
library path, the shell environment setting (LD-LIBRARY-PATH on Unix) and any path
that may be specified in the profile element. Since this is synthesied, it is not
required to have this appear explicitly in the server configuration.
native-library-path-prefix (native-library-path-suffix) is prepended (appended) to
the native library path, which is constricted as per the above description.
bytecode-preprocessors A comma separated list of classnames, each of which must
implement the com.sun.appserv.BytecodePreprocessor interface.
Each of the specified preprocessor class will be called in the
order specified. At the moment the comelling use is for a 3rd
party Performance Profiling tool.
env-classpath-ignored If set to false, the CLASSPATH environment variable will be
read and appended to the Application Server classpath, which
is constructed as described above. The CLASSPATH environment
variable will be added after the classpath-suffix, at the very
end.
-->
<!ELEMENT java-config (profiler? , (jvm-options | property)*)>
<!ATTLIST java-config java-home CDATA #REQUIRED
debug-enabled %boolean; "false"
debug-options CDATA "-Xdebug -Xrunjdwp:transport=dt-socket,server=y,suspend=n"
rmic-options CDATA "-iiop -poa -alwaysgenerate -keepgenerated -g"
javac-options CDATA "-g"
classpath-prefix CDATA #IMPLIED
classpath-suffix CDATA #IMPLIED
server-classpath CDATA #IMPLIED
native-library-path-prefix CDATA #IMPLIED
native-library-path-suffix CDATA #IMPLIED
bytecode-preprocessors CDATA #IMPLIED
env-classpath-ignored %boolean; "true" >
<!-- String value for options that will be passed to the JVM -->
<!ELEMENT jvm-options (#PCDATA)>
<!-- Profilers could be one of jprobe, optimizeit, hprof, wily and so on
jvm-options and property elements are used to record the settings
needed to get a particular profiler going. A server instance is tied
to a particular profiler, by the profiler element in java-config.
Changing the profiler will require a server restart.
The adminstrative graphical interfaces, could list multiple supported
profilers (incomplete at this point) and will populate server.xml
appropriately.
-->
<!ELEMENT profiler ((jvm-options | property)*)>
<!ATTLIST profiler name CDATA #REQUIRED
classpath CDATA #IMPLIED
native-library-path CDATA #IMPLIED
enabled %boolean; "true" >
<!-- SE/EE only: TBD Needs explanation
quick-checkpoint EJB container tries to convert an SFSB to
a serializable form before saving it to a checkpointing
store. If it fails to serialize the SFSB, it normally calls
the ejbPassivate() method on the SFSB, since the application
developer is expected to implement an ejbPassivate() method
to ensure that the bean is in serializable form before
passivation. However invocation of ejbPassivate() causes
additional performance overhead on the checkpointing mechanism.
By setting the quick-checkpoint flag to true, the application
deployer can ensure that the ejbPassivate() method is not invoked
on a particular SFSB, or for any SFSB within a scope
(ejb-container, a J2EE application, or an EJB module),
before checkpointing to persistent store. This minimizes the
overhead of the checkpointing operation.
checkpoint-location specifies a Stateful enterprise bean's check pointing mechanism
type. Whether checkpointing is done at the end of transaction or
at the end of method calls. The checkpoint-location element must
be one of the following: end-of-transaction or end-of-method
-->
<!ELEMENT availability-service (web-container-availability?, ejb-container-availability?, property*)>
<!ATTLIST availability-service availability-enabled %boolean; "false">
<!ELEMENT web-container-availability (property)*>
<!ATTLIST web-container-availability persistence-type %persistence-type; "memory"
persistence-frequency %session-save-frequency; #IMPLIED
persistence-scope %session-save-scope; #IMPLIED
persistence-store-health-check-enabled %boolean; "false"
sso-failover-enabled %boolean; "false"
http-session-store-pool-name CDATA #REQUIRED>
<!ELEMENT ejb-container-availability (property*)>
<!ATTLIST ejb-container-availability sfsb-checkpoint-enabled %boolean; "false"
sfsb-quick-checkpoint-enabled %boolean; "false"
sfsb-store-pool-name CDATA #REQUIRED>
<!--
Quorum Service is used by instances to determine the membership composition of the cluster.
name should correspond to the cluster name
serviceClassName Fully qualified class name of the group service provider implementation
-->
<!ELEMENT quorum-service (property*)>
<!ATTLIST quorum-service
name CDATA #REQUIRED
service-classname CDATA
"com.sun.enterprise.ee.quorum.impl.jmx.S1ASJMXGroupServiceProvider">
<!--
jdbc-connection-pool defines configuration used to create and manage
a pool physical database connections. Pool definition is named, and
can be referred to by multiple jdbc-resource elements (See <jdbc-resource>).
Each named pool definition results in a pool instantiated at server
start-up. Pool is populated when accessed for the first time. If two
or more jdbc-resource elements point to the same jdbc-connection-pool
element, they are using the same pool of connections, at run time.
name unique name of the pool definition.
datasource-classname Name of the vendor supplied JDBC datasource
resource manager. An XA or global transactions
capable datasource class will implement
javax.sql.XADatasource interface. Non XA or
Local transactions only datasources will
implement javax.sql.Datasource interface.
res-type DataSource implementation class could implement
one or both of javax.sql.DataSource, javax.sql.XADataSource
interfaces. This optional attribute must be specified to
disambiguate when a Datasource class implements both
interfaces. An error is produced when this attribute has
a legal value and the indicated interface is not implemented
by the datasource class. This attribute has no default value.
steady-pool-size minimum and initial number of connections
maintained in the pool.
max-pool-size maximum number of conections that can be created
max-wait-time-in-millis amount of time the caller will wait before getting
a connection timeout. The default is 60 seconds.
A value of 0 will force caller to wait indefinitely.
pool-resize-quantity number of connections to be removed when
idle-timeout-in-seconds timer expires. Connections
that have idled for longer than the timeout are
candidates for removal. When the pool size reaches
steady-pool-size, the connection removal stops.
idle-timeout-in-seconds maximum time in seconds, that a connection can
remain idle in the pool. After this time, the pool
implementation can close this connection. Note that
this does not control connection timeouts enforced
at the database server side. Adminsitrators are
advised to keep this timeout shorter than the database
server side timeout (if such timeouts are configured
on the specific vendor's database), to prevent
accumulation of unusable connection in Application Server.
transaction-isolation-level Specifies the Transaction Isolation Level on the pooled
database connections. Optional. Has no default. If left
unspecified the pool operates with default isolation level
provided by the JDBC Driver. A desired isolation level
can be set using one of the standard transaction isolation
levels: read-uncommitted, read-committed, repeatable-read,
serializable
Applications that change the Isolation level on a pooled
connection programmatically, risk polluting the pool and this
could lead to program errors.
Also see: is-isolation-level-guaranteed
is-isolation-level-guaranteed Applicable only when a particular isolation level is specified
for transaction-isolation-level. The default value is true.
This assures that every time a connection is obtained from
the pool, it is guaranteed to have the isolation set to the
desired value. This could have some performance impact on
some JDBC drivers. Can be set to false by that administrator
when they are certain that the application does not
change the isolation level before returning the connection.
is-connection-validation-required if true, connections are validated (checked to
find out if they are usable) before giving out to
the application. The default is false.
If is-connection-validation-required is true then connection-validation-type
specifies the type of validation to be performed. Three types of validation
are supported:
1) using connection.autoCommit(),
2) using connection.getMetaData()
3) performing a query on a user specified table (see validation-table-name).
The possible values are one of: auto-commit | meta-data | table
validation-table-name specifies the table name to be used to perform a query to
validate a connection. This parameter is mandatory, if connection-validation-type
set to table. Verification by accessing a user specified table may become necessary
for connection validation, particularly if database driver caches calls to
setAutoCommit() and getMetaData().
fail-all-connections: indicates if all connections in the pool must be
closed should a single validation check fail. The
default is false. One attempt will be made to
re-establish failed connections.
Use of property lists:
Most JDBC 2.0 drivers permit use of standard property lists, to specify User, Password
and other resource configuration. While these are optional properties, according to the
specification, several of these properties may be necessary for most databases. See
Section 5.3 of JDBC 2.0 Standard Extension API.
Name Value
databaseName Name of the Database.
serverName Database Server name.
port Port where a Database server is listening for requests.
networkProtocol Communication Protocol used.
user default name of the database user with which
connections will be stablished. Programmatic database
authentication or default-resource-principal specified
in vendor specific web and ejb deployment descriptors
will take precedence, over this default. The details
and caveats are described in detail in the
Administrator's guide.
password password for default database user
roleName The initial SQL role name.
datasourceName used to name an underlying XADataSource, or
ConnectionPoolDataSource when pooling of connections
is done
description Textual description
When one or more of these properties are specified, they are passed as is using
set<Name>(
Other Glassfish examples (source code examples)Here is a short list of links related to this Glassfish sun-domain_1_0.dtd source code file: |
The search page
Other Glassfish source code examples at this package level
Click here to learn more about this project
