DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. Copyright (c) 2009-2017 Oracle and/or its affiliates. All rights reserved. The contents of this file are subject to the terms of either the GNU General Public License Version 2 only ("GPL") or the Common Development and Distribution License("CDDL") (collectively, the "License"). You may not use this file except in compliance with the License. You can obtain a copy of the License at https://glassfish.dev.java.net/public/CDDL+GPL_1_1.html or packager/legal/LICENSE.txt. See the License for the specific language governing permissions and limitations under the License. When distributing the software, include this License Header Notice in each file and include the License file at packager/legal/LICENSE.txt. GPL Classpath Exception: Oracle designates this particular file as subject to the "Classpath" exception as provided by Oracle in the GPL Version 2 section of the License file that accompanied this code. Modifications: If applicable, add the following below the License Header, with the fields enclosed by brackets [] replaced by your own identifying information: "Portions Copyright [year] [name of copyright owner]" Contributor(s): If you wish your version of this file to be governed by only the CDDL or only the GPL Version 2, indicate your decision by adding "[Contributor] elects to include this software in this distribution under the [CDDL or GPL Version 2] license." If you don't indicate a single choice of license, a recipient has the option to distribute your version of this file under either the CDDL, the GPL Version 2 or to extend the choice of license to its licensees as provided above. However, if you add GPL Version 2 code and therefore, elected the GPL Version 2 license, then the option applies only if the new code is made subject to such option by the copyright holder. ... The instance documents may indicate the published version of the schema using the xsi:schemaLocation attribute for Java EE namespace with the following location: http://xmlns.jcp.org/xml/ns/javaee/web-app_4_0.xsd ]]> The following conventions apply to all Java EE deployment descriptor elements unless indicated otherwise. - In elements that specify a pathname to a file within the same JAR file, relative filenames (i.e., those not starting with "/") are considered relative to the root of the JAR file's namespace. Absolute filenames (i.e., those starting with "/") also specify names in the root of the JAR file's namespace. In general, relative names are preferred. The exception is .war files where absolute names are preferred for consistency with the Servlet API. The web-app element is the root of the deployment descriptor for a web application. Note that the sub-elements of this element can be in the arbitrary order. Because of that, the multiplicity of the elements of distributable, session-config, welcome-file-list, jsp-config, login-config, and locale-encoding-mapping-list was changed from "?" to "*" in this schema. However, the deployment descriptor instance file must not contain multiple elements of session-config, jsp-config, and login-config. When there are multiple elements of welcome-file-list or locale-encoding-mapping-list, the container must concatenate the element contents. The multiple occurence of the element distributable is redundant and the container treats that case exactly in the same way when there is only one distributable. The servlet element contains the name of a servlet. The name must be unique within the web application. The filter element contains the name of a filter. The name must be unique within the web application. The ejb-local-ref-name element contains the name of an EJB reference. The EJB reference is an entry in the web application's environment and is relative to the java:comp/env context. The name must be unique within the web application. It is recommended that name is prefixed with "ejb/". The ejb-ref-name element contains the name of an EJB reference. The EJB reference is an entry in the web application's environment and is relative to the java:comp/env context. The name must be unique within the web application. It is recommended that name is prefixed with "ejb/". The resource-env-ref-name element specifies the name of a resource environment reference; its value is the environment entry name used in the web application code. The name is a JNDI name relative to the java:comp/env context and must be unique within a web application. The message-destination-ref-name element specifies the name of a message destination reference; its value is the environment entry name used in the web application code. The name is a JNDI name relative to the java:comp/env context and must be unique within a web application. The res-ref-name element specifies the name of a resource manager connection factory reference. The name is a JNDI name relative to the java:comp/env context. The name must be unique within a web application. The env-entry-name element contains the name of a web application's environment entry. The name is a JNDI name relative to the java:comp/env context. The name must be unique within a web application. A role-name-key is specified to allow the references from the security-role-refs. The keyref indicates the references from security-role-ref to a specified role-name. When specified, this element provides a default context path of the web application. An empty value for this element must cause the web application to be deployed at the root for the container. Otherwise, the default context path must start with a “/“ character but not end with a “/“ character. Servlet containers may provide vendor specific configuration options that allows specifying a value that overrides the value specified here. When specified, this element provides a default request character encoding of the web application. When specified, this element provides a default response character encoding of the web application. When specified, this element causes uncovered http methods to be denied. For every url-pattern that is the target of a security-constrant, this element causes all HTTP methods that are NOT covered (by a security constraint) at the url-pattern to be denied. Please see section 8.2.2 of the specification for details.