Root element for the master document specifying the core configuration
for the servers in a domain. There should be one such master
document per domain, available to the host controller that
is configured to act as the domain controller.
Root element for a document configuring a host controller and
the group of servers under the control of that host controller.
The standard usage would be for a domain to have one such host controller
on each physical (or virtual) host machine. Emphasis in this
document is on enumerating the servers, configuring items that
are specific to the host environment (e.g. IP addresses), and
on any server-specific configuration settings.
The name to use for this host's host controller. Must be unique across the domain.
If not set, defaults to the runtime value "HOSTNAME" or "COMPUTERNAME" environment variables,
or, if neither environment variable is present, to the value of InetAddress.getLocalHost().getHostName().
If the special value "jboss.domain.uuid" is used, a java.util.UUID will be created
and used, based on the value of InetAddress.getLocalHost().
Root element for a document specifying the configuration
of a single "standalone" server that does not operate
as part of a domain.
Note that this element is distinct from the 'serverType'
specified in this schema. The latter type forms part of the
configuration of a server that operates as part of a domain.
The name to use for this server.
If not set, defaults to the runtime value "HOSTNAME" or "COMPUTERNAME" environment variables,
or, if neither environment variable is present, to the value of InetAddress.getLocalHost().getHostName().
If the special value "jboss.domain.uuid" is used, a java.util.UUID will be created
and used, based on the value of InetAddress.getLocalHost().
Domain-wide default configuration settings for the management of standalone servers and a Host Controller.
The centralized configuration for the management of a Host Controller.
The centralized configuration for the management of standalone server.
The LDAP connection definition.
The name of this connection.
The URL to connect to ldap.
The distinguished name to use when connecting to LDAP to perform searches.
The credential to use when connecting to perform a search.
The initial context factory to establish the LdapContext.
Configuration of a security realm for securing access to the management interfaces.
The name of this security-realm, each security-realm must be assigned a unique name.
Configuration defining how to load the authorization information for the authenticated user.
After a user has been authenticated additional information such as roles can be loaded and
associated with the user for subsequent authorization checks, this type is used to define
how the roles are loaded.
Configuration of the identities that represent the server.
Configuration of the secret/password-based identity of this server.
The secret / password - Base64 Encoded
Configuration of the SSL identity of this server.
The protocol to use when creating the SSLContext.
The keystore configuration for the server.
The path of the keystore.
The name of another previously named path, or of one of the
standard paths provided by the system. If 'relative-to' is
provided, the value of the 'path' attribute is treated as
relative to the path specified by this attribute.
The password to open the keystore.
Configuration of the server side authentication mechanisms.
Optionally one truststore can be defined and one username/password based store can be defined.
Authentication will first attempt to use the truststore and if this is not available will fall back
to the username/password authentication.
If none of these are specified the only available mechanism will be the local mechanism for the
Native interface and the HTTP interface will not be accessible.
Configuration of a keystore to use to create a trust manager to verify clients.
Definition to use a JAAS based configuration for authentication.
The name identifying the jaas configuration of LoginModules.
Definition to use LDAP as the user repository.
The name of the attribute to search for the user, this filter will then perform
a simple search where the username entered by the user matches the attribute
specified here.
The fully defined filter to be used to search for the user based on their entered
user ID. The filter should contain a variable in the form {0} - this will be
replaced with the username supplied by the user.
The name of the connection to use to connect to LDAP.
The base distinguished name to commence the search for the user.
Should the search be recursive.
The name of the attribute which is the users distinguished name.
A set of users
A single user.
The users username.
Declaration of a location of a properties file.
The name of another previously named path, or of one of the
standard paths provided by the system. If 'relative-to' is
provided, the value of the 'path' attribute is treated as
relative to the path specified by this attribute.
The path of the properties file.
Declaration of users stored within properties files.
The entries within the properties file are username={credentials} with each user
being specified on it's own line.
Are the credentials within the properties file stored in plain text, if not
the {credential} is expected to be the hex encoded Digest hash
of 'username : realm : password'.
The security realm to use for this management interface, the capabilities
of the security realm will be queried to identify the authentication mechanism(s) to
offer.
Configuration of a host's exposed native management interface.
Configuration of the socket used by host or standalone server's exposed management interface.
Network interface on which the host's socket for
management communication should be opened.
Configuration of the socket used by host or standalone server's exposed HTTP management interface.
Port on which the host's socket for native
management communication should be opened.
Configuration of a host's exposed HTTP management interface.
Configuration of the socket used by host or standalone server's exposed HTTP management interface.
Port on which the host's socket for
management communication should be opened.
If not specified the port will not be opened.
Port on which the host's socket for HTTPS
management communication should be opened.
If not specified the port will not be opened.
If specified the security-realm will be required to obtain
the SSL configuration.
Configuration of the socket used by host or standalone server's exposed HTTP management interface.
Configuration of the socket to use for the native management interface is a choice
between a direct configuration of the address and port, or a reference to a socket-binding
configuration in the server's socket-binding-group element. The latter is the recommended
approach is it makes it easier to avoid port conflicts by taking advantage of the
socket-binding-group's port-offset configuration. Direct configuration of the address and
ports is provided to preserve backward compatibility.
Reference to the configuration of the socket to be used by a standalone server's exposed native management interface.
Name of a socket-binding configuration declared in the server's socket-binding-group.
Configuration of a standalone server's exposed HTTP/HTTPS management interface.
Configuration of the socket to use for the HTTP/HTTPS management interface is a choice
between a direct configuration of the address and ports, or a reference to socket-binding
configurations in the server's socket-binding-group element. The latter is the recommended
approach is it makes it easier to avoid port conflicts by taking advantage of the
socket-binding-group's port-offset configuration. Direct configuration of the address and
ports is provided to preserve backward compatibility.
Reference to the configurations of the sockets to be used by a standalone server's exposed HTTP and HTTPS management interface.
Name of a socket-binding configuration declared in the server's socket-binding-group to use for a HTTP socket.
Name of a socket-binding configuration declared in the server's socket-binding-group to use for a HTTPS socket.
Note: When specified the interface must also be configured to reference a security realm with a configured keystore.
Makes the native management interface available via the connectors set up in the remoting subsystem,
using the remoting subsystem's endpoint. This should only be used for a server not for a HC/DC.
Provides names of direct child resources of the domain root resource requests for which the
Host Controller should ignore. Only relevant on a slave Host Controller. Configuring such
"ignored resources" may help allow a Host Controller from an earlier release to function as a
slave to a master Host Controller running a later release, by letting the slave ignore portions
of the configuration its version of the software cannot understand. This strategy can only be
successful if the servers managed by the slave Host Controller do not reference any of the
ignored configuration.
Supports the following attributes:
type -- the type of resource (e.g. 'profile' or 'socket-binding-group') certain instances of which
should be ignored. The value corresponds to the 'key' portion of the first element in the
resource's address (e.g. 'profile' in the address /profile=ha/subsystem=web)
wildcard -- if 'true', all resources of the given type should be ignored.
Child elements list the names of specific instances of the given type of resource
that should be ignored. Each element in the list corresponds to the 'value' portion of
the first element in the resource's address (e.g. 'ha' in the address /profile=ha/subsystem=web.)
The name of a specific instances of a particular type of resource that should be ignored.
The 'name' attribute corresponds to the 'value' portion of the first element in the resource's address
(e.g. 'ha' in the address /profile=ha/subsystem=web.)
Contains a list of extension modules.
A module that extends the standard capabilities of a domain
or a standalone server.
The name of the module
The name of the server group
The name of the profile this server is running.
Set to true to have servers belonging to the server group connect back to the host controller using the
endpoint from their remoting subsystem. The subsystem must be preset for this to
work.
Contains a list of deployments that have been mapped to a server-group.
A deployment that has been mapped to a server group.
Whether the deployment deploy automatically when the server starts up.
Unique identifier of the deployment. Must be unique across all deployments.
Name by which the deployment will be known within a running server.of the deployment.
Does not need to be unique across all deployments in the domain, although it must be unique within
an individual server. For example, two different deployments running on different servers in
the domain could both have a 'runtime-name' of 'example.war', with one having a 'name'
of 'example.war_v1' and another with an 'name' of 'example.war_v2'.
Contains a list of deployments that have been mapped to a server.
A deployment that has been mapped to a server.
Whether the deployment deploy automatically when the server starts up.
The checksum of the content
Archived content found on the filesystem
Exploded content found on the filesystem
Contains a list of domain-level deployments
Deployment represents anything that can be deployed (e.g. an application such as EJB-JAR,
WAR, EAR,
any kind of standard archive such as RAR or JBoss-specific deployment),
which can be enabled or disabled on a domain level.
The domain controller/server bootstrap configuration
The URI for bootstrapping a domain server
Contains a list of profiles available for use in the domain
Contains a list of subsystems
A profile declaration may include configuration
elements from other namespaces for the subsystems that make up the profile.
Name of the profile
Contains a list of subsystems
A profile declaration may include configuration
elements from other namespaces for the subsystems that make up the profile.
Contains a list of socket binding groups
Contains a list of socket configurations
Name of an interface that should be used as the interface for
any sockets that do not explicitly declare one.
Contains a list of socket configurations
Name of an interface that should be used as the interface for
any sockets that do not explicitly declare one.
Increment to apply to the base port values defined in the
socket group to derive the values to use on this
server.
Configuration information for a socket.
Specifies zero or more client mappings for this socket binding.
A client connecting to this socket should use the destination address
specified in the mapping that matches its desired outbound interface.
This allows for advanced network topologies that use either network
address translation, or have bindings on multiple network interfaces
to function.
Each mapping should be evaluated in declared order, with the first successful
match used to determine the destination.
Name of the interface to which the socket should be bound, or, for multicast
sockets, the interface on which it should listen. This should
be one of the declared interfaces.
Number of the port to which the socket should be bound.
Whether the port value should remain fixed even if numerically offsets
are applied to the other sockets in the socket group..
Multicast address on which the socket should receive multicast
traffic. If unspecified, the socket will not be configured
to receive multicast.
Port on which the socket should receive multicast
traffic. Must be configured if 'multicast-address' is configured.
Type definition for a client mapping on a socket binding. A client
mapping specifies how external clients should connect to this
socket's port, provided that the client's outbound interface
match the specified source network value.
Source network the client connection binds on. This value is in
the form of ip/netmask. A client should match this value against
the desired client host network interface, and if matched the
client should connect to the corresponding destination values.
If omitted this mapping should match any interface.
The destination address that a client should connect to if the
source-network matches. This value can either be a hostname or
an IP address.
The destination port that a client should connect to if the
source-network matches.
If omitted this mapping will reuse the effective socket binding
port.
Configuration information for an outbound socket.
The name of the outbound socket binding
The name of the interface that should be used for setting up the source address of the
outbound socket. This should be one of the declared interfaces.
The port number that will be used for setting the source address of the outbound socket. If the
source-interface attribute has been specified and the source-port attribute equals 0 or is absent,
then the system uses an ephemeral port while binding the socket to a source address.
Whether the source-port value should remain fixed even if the socket binding group specifies
a port offset
The remote server address to which the outbound socket has to be connect.
The address can be either an IP address of the host server of the hostname of the server
The remote port to which the outbound socket has to connect.
The reference to a socket binding that has to be used as the destination for the outbound
socket binding. This socket binding name should belong to the same socket binding group
to which this local destination client socket belongs.
The socket group to use for the server group or server.
Increment to apply to the base port values defined in the
referenced socket group to derive the values to use on this
server.
A list of named network interfaces. The interfaces may or may
not be fully specified (i.e. include criteria on how to determine
their IP address.)
A named network interface, but without any criteria
for determining the IP address to associate with that interface.
Acts as a placeholder in the model (e.g. at the domain level)
until a fully specified interface definition is applied at a
lower level (e.g. at the server level, where available addresses
are known.)
A list of fully specified named network interfaces.
A named network interface, along with required criteria
for determining the IP address to associate with that interface.
A set of criteria that can be used at runtime to determine
what IP address to use for an interface.
Either an IP address in IPv6 or IPv4 dotted decimal notation,
or a hostname that can be resolved to an IP address.
The name of a network interface (e.g. eth0, eth1, lo).
A regular expression against which the names of the network
interfaces available on the machine can be matched to find
an acceptable interface.
A network IP address and the number of bits in the
address' network prefix, written in "slash notation";
e.g. "192.168.0.0/16".
Empty element indicating that part of the selection criteria
for an interface should be whether or not it is a loopback
interface.
A loopback address that may not actually be configured on the machine's loopback interface.
Differs from inet-addressType in that the given value will be used even if no NIC can
be found that has the IP address associated with it.
An IP address in IPv6 or IPv4 dotted decimal notation.
Empty element indicating that part of the selection criteria
for an interface should be whether or not it supports
multicast.
Empty element indicating that part of the selection criteria
for an interface should be whether or not it is a point-to-point
interface.
Empty element indicating that part of the selection criteria
for an interface should be whether or not it is currently up.
Empty element indicating that part of the selection criteria
for an interface should be whether or not it is a virtual
interface.
Empty element indicating that part of the selection criteria
for an interface should be whether or not it has a publicly
routable address.
Empty element indicating that part of the selection criteria
for an interface should be whether or not an address associated
with it is site-local.
Empty element indicating that part of the selection criteria
for an interface should be whether or not an address associated
with it is link-local.
Empty element indicating that sockets using this interface
should be bound to the IPv6 wildcard address (::).
Empty element indicating that sockets using this interface
should be bound to the IPv4 wildcard address (0.0.0.0).
Empty element indicating that sockets using this interface
should be bound to a wildcard address. The IPv6 wildcard
address (::) will be used unless the java.net.preferIpV4Stack
system property is set to true, in which case the IPv4
wildcard address (0.0.0.0) will be used. If a socket is
bound to an IPv6 anylocal address on a dual-stack machine,
it can accept both IPv6 and IPv4 traffic; if it is bound to
an IPv4 (IPv4-mapped) anylocal address, it can only accept
IPv4 traffic.
Configuration information for a socket.
Name of the interface to which the socket should be bound, or, for multicast
sockets, the interface on which it should listen. This should
be one of the declared interfaces.
Number of the port to which the socket should be bound.
Whether the port value should remain fixed even if numerically offsets
are applied to the other sockets in the socket group..
Multicast address on which the socket should receive multicast
traffic. If unspecified, the socket will not be configured
to receive multicast.
Port on which the socket should receive multicast
traffic. If unspecified, the socket will not be configured
to receive multicast.
A list of named filesystem paths. The paths may or may
not be fully specified (i.e. include the actual paths.)
A named filesystem path, but without a requirement to specify
the actual path. If no actual path is specified, acts as a
as a placeholder in the model (e.g. at the domain level)
until a fully specified path definition is applied at a
lower level (e.g. at the host level, where available addresses
are known.)
The name of the path. Cannot be one of the standard fixed paths
provided by the system:
jboss.home.dir - the root directory of the JBoss AS distribution
user.home - user's home directory
user.dir - user's current working directory
java.home - java installation directory
jboss.server.base.dir - root directory for an individual server
instance
Note that the system provides other standard paths that can be
overridden by declaring them in the configuration file. See
the 'relative-to' attribute documentation for a complete
list of standard paths.
The actual filesystem path. Treated as an absolute path, unless the
'relative-to' attribute is specified, in which case the value
is treated as relative to that path.
If treated as an absolute path, the actual runtime pathname specified
by the value of this attribute will be determined as follows:
If this value is already absolute, then the value is directly
used. Otherwise the runtime pathname is resolved in a
system-dependent way. On UNIX systems, a relative pathname is
made absolute by resolving it against the current user directory.
On Microsoft Windows systems, a relative pathname is made absolute
by resolving it against the current directory of the drive named by the
pathname, if any; if not, it is resolved against the current user
directory.
The name of another previously named path, or of one of the
standard paths provided by the system. If 'relative-to' is
provided, the value of the 'path' attribute is treated as
relative to the path specified by this attribute. The standard
paths provided by the system include:
jboss.home.dir - the root directory of the JBoss AS distribution
user.home - user's home directory
user.dir - user's current working directory
java.home - java installation directory
jboss.server.base.dir - root directory for an individual server
instance
jboss.server.config.dir - directory in which server configuration
files are stored.
jboss.server.data.dir - directory the server will use for persistent
data file storage
jboss.server.log.dir - directory the server will use for
log file storage
jboss.server.temp.dir - directory the server will use for
temporary file storage
jboss.domain.servers.dir - directory under which a host controller
will create the working area for
individual server instances
A list of named filesystem paths.
A named filesystem path.
The name of the path. Cannot be one of the standard fixed paths
provided by the system:
jboss.home.dir - the root directory of the JBoss AS distribution
user.home - user's home directory
user.dir - user's current working directory
java.home - java installation directory
jboss.server.base.dir - root directory for an individual server
instance
Note that the system provides other standard paths that can be
overridden by declaring them in the configuration file. See
the 'relative-to' attribute documentation for a complete
list of standard paths.
The actual filesystem path. Treated as an absolute path, unless the
'relative-to' attribute is specified, in which case the value
is treated as relative to that path.
If treated as an absolute path, the actual runtime pathname specified
by the value of this attribute will be determined as follows:
If this value is already absolute, then the value is directly
used. Otherwise the runtime pathname is resolved in a
system-dependent way. On UNIX systems, a relative pathname is
made absolute by resolving it against the current user directory.
On Microsoft Windows systems, a relative pathname is made absolute
by resolving it against the current directory of the drive named by the
pathname, if any; if not, it is resolved against the current user
directory.
Note relative path declarations have to use '/' as file separator.
The name of another previously named path, or of one of the
standard paths provided by the system. If 'relative-to' is
provided, the value of the 'path' attribute is treated as
relative to the path specified by this attribute. The standard
paths provided by the system include:
jboss.home.dir - the root directory of the JBoss AS distribution
user.home - user's home directory
user.dir - user's current working directory
java.home - java installation directory
jboss.server.base.dir - root directory for an individual server
instance
jboss.server.config.dir - directory in which server configuration
files are stored.
jboss.server.data.dir - directory the server will use for persistent
data file storage
jboss.server.log.dir - directory the server will use for
log file storage
jboss.server.temp.dir - directory the server will use for
temporary file storage
jboss.domain.servers.dir - directory under which a host controller
will create the working area for
individual server instances
Allows the full set of JVM options to be set via the jvm schema elements
Sets a subset of the JVM options via the jvm schema elements
Initial JVM heap size
Maximum JVM heap size
JVM option value
JVM agent lib value
JVM agent path value
JVM javaagent value