jakarta.servlet.resources.web-app_2_5.xsd Maven / Gradle / Ivy
The newest version!
...
The instance documents may indicate the published version of
the schema using the xsi:schemaLocation attribute for Java EE
namespace with the following location:
http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd
]]>
The following conventions apply to all Java EE deployment
descriptor elements unless indicated otherwise. - In
elements that specify a pathname to a file within the same
JAR file, relative filenames (i.e., those not starting with
"/") are considered relative to the root of the JAR file's
namespace. Absolute filenames (i.e., those starting with
"/") also specify names in the root of the JAR file's
namespace. In general, relative names are preferred. The
exception is .war files where absolute names are preferred
for consistency with the Servlet API.
The web-app element is the root of the deployment
descriptor for a web application. Note that the
sub-elements of this element can be in the arbitrary
order. Because of that, the multiplicity of the elements
of distributable, session-config, welcome-file-list,
jsp-config, login-config, and
locale-encoding-mapping-list was changed from "?" to "*"
in this schema. However, the deployment descriptor
instance file must not contain multiple elements of
session-config, jsp-config, and login-config. When there
are multiple elements of welcome-file-list or
locale-encoding-mapping-list, the container must
concatenate the element contents. The multiple occurrence
of the element distributable is redundant and the
container treats that case exactly in the same way when
there is only one distributable.
The servlet element contains the name of a servlet.
The name must be unique within the web application.
The filter element contains the name of a filter.
The name must be unique within the web application.
The ejb-local-ref-name element contains the name of
an EJB reference. The EJB reference is an entry in
the web application's environment and is relative to
the java:comp/env context. The name must be unique
within the web application. It is recommended that
name is prefixed with "ejb/".
The ejb-ref-name element contains the name of an EJB
reference. The EJB reference is an entry in the web
application's environment and is relative to the
java:comp/env context. The name must be unique
within the web application. It is recommended that
name is prefixed with "ejb/".
The resource-env-ref-name element specifies the name
of a resource environment reference; its value is
the environment entry name used in the web
application code. The name is a JNDI name relative
to the java:comp/env context and must be unique
within a web application.
The message-destination-ref-name element specifies
the name of a message destination reference; its
value is the environment entry name used in the web
application code. The name is a JNDI name relative
to the java:comp/env context and must be unique
within a web application.
The res-ref-name element specifies the name of a
resource manager connection factory reference. The
name is a JNDI name relative to the java:comp/env
context. The name must be unique within a web
application.
The env-entry-name element contains the name of a
web application's environment entry. The name is a
JNDI name relative to the java:comp/env context. The
name must be unique within a web application.
A role-name-key is specified to allow the references
from the security-role-refs.
The keyref indicates the references from
security-role-ref to a specified role-name.
The auth-constraintType indicates the user roles that
should be permitted access to this resource collection.
The role-name used here must either correspond to the
role-name of one of the security-role elements defined
for this web application, or be the specially reserved
role-name "*" that is a compact syntax for indicating
all roles in the web application. If both "*" and
rolenames appear, the container interprets this as all
roles. If no roles are defined, no user is allowed
access to the portion of the web application described
by the containing security-constraint. The container
matches role names case sensitively when determining
access.
The auth-methodType is used to configure the
authentication mechanism for the web application. As a
prerequisite to gaining access to any web resources
which are protected by an authorization constraint, a
user must have authenticated using the configured
mechanism. Legal values are "BASIC", "DIGEST", "FORM",
"CLIENT-CERT", or a vendor-specific authentication
scheme. Used in: login-config
The dispatcher has four legal values: FORWARD, REQUEST,
INCLUDE, and ERROR. A value of FORWARD means the Filter
will be applied under RequestDispatcher.forward() calls.
A value of REQUEST means the Filter will be applied
under ordinary client calls to the path or servlet. A
value of INCLUDE means the Filter will be applied under
RequestDispatcher.include() calls. A value of ERROR
means the Filter will be applied under the error page
mechanism. The absence of any dispatcher elements in a
filter-mapping indicates a default of applying filters
only under ordinary client calls to the path or servlet.
The encodingType defines IANA character sets.
The error-code contains an HTTP error code, ex: 404 Used
in: error-page
The error-pageType contains a mapping between an error
code or exception type to the path of a resource in the
web application. Used in: web-app
The exception-type contains a fully
qualified class name of a Java exception
type.
The location element contains the location of
the resource in the web application relative to
the root of the web application. The value of
the location must have a leading `/'.
Declaration of the filter mappings in this web
application is done by using filter-mappingType. The
container uses the filter-mapping declarations to decide
which filters to apply to a request, and in what order.
The container matches the request URI to a Servlet in
the normal way. To determine which filters to apply it
matches filter-mapping declarations either on
servlet-name, or on url-pattern for each filter-mapping
element, depending on which style is used. The order in
which filters are invoked is the order in which
filter-mapping declarations that match a request URI for
a servlet appear in the list of filter-mapping
elements. The filter-name value must be the value of the
filter-name sub-elements of one of the filter
declarations in the deployment descriptor.
The logical name of the filter is declare by using
filter-nameType. This name is used to map the filter.
Each filter name is unique within the web application.
Used in: filter, filter-mapping
The filterType is used to declare a filter in the web
application. The filter is mapped to either a servlet or
a URL pattern in the filter-mapping element, using the
filter-name value to reference. Filters can access the
initialization parameters declared in the deployment
descriptor at runtime via the FilterConfig interface.
Used in: web-app
The fully qualified classname of the filter.
The init-param element contains a name/value
pair as an initialization param of a servlet
filter
The form-login-configType specifies the login and error
pages that should be used in form based login. If form
based authentication is not used, these elements are
ignored. Used in: login-config
The form-login-page element defines the location
in the web app where the page that can be used
for login can be found. The path begins with a
leading / and is interpreted relative to the
root of the WAR.
The form-error-page element defines the location
in the web app where the error page that is
displayed when login is not successful can be
found. The path begins with a leading / and is
interpreted relative to the root of the WAR.
An HTTP method type as defined in HTTP 1.1 section 2.2.
The locale-encoding-mapping-list contains one or more
locale-encoding-mapping(s).
The locale-encoding-mapping contains locale name and
encoding name. The locale name must be either
"Language-code", such as "ja", defined by ISO-639 or
"Language-code_Country-code", such as "ja_JP". "Country
code" is defined by ISO-3166.
The localeType defines valid locale defined by ISO-639-1
and ISO-3166.
The login-configType is used to configure the
authentication method that should be used, the realm
name that should be used for this application, and the
attributes that are needed by the form login mechanism.
Used in: web-app
The realm name element specifies the realm name
to use in HTTP Basic authorization.
The mime-mappingType defines a mapping between an
extension and a mime type. Used in: web-app
The extension element contains a string describing
an extension. example: "txt"
The mime-typeType is used to indicate a defined mime
type. Example: "text/plain" Used in: mime-mapping
This type defines a string which contains at least one
character.
The security-constraintType is used to associate
security constraints with one or more web resource
collections Used in: web-app
The servlet-mappingType defines a mapping between a
servlet and a url pattern. Used in: web-app
The servlet-name element contains the canonical name of
the servlet. Each servlet name is unique within the web
application.
The servletType is used to declare a servlet. It
contains the declarative data of a servlet. If a
jsp-file is specified and the load-on-startup element is
present, then the JSP should be precompiled and loaded.
Used in: web-app
The servlet-class element contains the fully
qualified class name of the servlet.
The load-on-startup element indicates that this
servlet should be loaded (instantiated and have
its init() called) on the start-up of the web
application. The optional contents of these
element must be an integer indicating the order
in which the servlet should be loaded. If the
value is a negative integer, or the element is
not present, the container is free to load the
servlet whenever it chooses. If the value is a
positive integer or 0, the container must load
and initialize the servlet as the application is
deployed. The container must guarantee that
servlets marked with lower integers are loaded
before servlets marked with higher integers. The
container may choose the order of loading of
servlets with the same load-on-start-up value.
The session-configType defines the session parameters
for this web application.
Used in: web-app
The session-timeout element defines the default
session timeout interval for all sessions
created in this web application. The specified
timeout must be expressed in a whole number of
minutes. If the timeout is 0 or less, the
container ensures the default behaviour of
sessions is never to time out. If this element
is not specified, the container must set its
default timeout period.
The transport-guaranteeType specifies that the
communication between client and server should be NONE,
INTEGRAL, or CONFIDENTIAL. NONE means that the
application does not require any transport guarantees. A
value of INTEGRAL means that the application requires
that the data sent between the client and server be sent
in such a way that it can't be changed in transit.
CONFIDENTIAL means that the application requires that
the data be transmitted in a fashion that prevents other
entities from observing the contents of the
transmission. In most cases, the presence of the
INTEGRAL or CONFIDENTIAL flag will indicate that the use
of SSL is required. Used in: user-data-constraint
The user-data-constraintType is used to indicate how
data communicated between the client and container
should be protected. Used in: security-constraint
The elements that use this type designate a path
starting with a "/" and interpreted relative to the root
of a WAR file.
This type contains the recognized versions of
web-application supported. It is used to designate the
version of the web application.
The context-param element contains the
declaration of a web application's servlet
context initialization parameters.
The metadata-complete attribute defines whether this
deployment descriptor is complete, or whether the class
files of the jar file should be examined for annotations
that specify deployment information. If
metadata-complete is set to "true", the deployment tool
must ignore any Servlet annotations present in the class
files of the application. If metadata-complete is not
specified or is set to "false", the deployment tool must
examine the class files of the application for
annotations, as specified by the Servlet specifications.
The web-resource-collectionType is used to identify a
subset of the resources and HTTP methods on those
resources within a web application to which a security
constraint applies. If no HTTP methods are specified,
then the security constraint applies to all HTTP
methods. Used in: security-constraint
The web-resource-name contains the name of this
web resource collection.
The welcome-file-list contains an ordered list of
welcome files elements. Used in: web-app
The welcome-file element contains file name to
use as a default welcome file, such as
index.html