Sun Java System Application Server Enterprise Edition 8.2 Administration Reference

A

access-log

Defines access log settings for each http-access-log subelement of each virtual-server.

Superelements

http-service

Subelements

none

Attributes

The following table describes attributes for the access-log element.

Table 1–1 access-log Attributes


Attribute	Default	Description
`format`	`%client.dns;%auth-user-name;%system.date;%request;%status;%response.length;`	(optional) Specifies the format of the access log.
`rotation-policy`	`time`	(optional) Specifies the condition that triggers log rotation. The only legal value is `time`, which rotates log files at the `rotation-interval-in-minutes` interval.
`rotation-interval-in-minutes`	`1440`	(optional) Specifies the time interval between log rotations if `rotation-policy` is set to `time`.
`rotation-suffix`	`%YYYY;%MM;%DD;-%hh;h%mm;m%ss;s`	(optional) Specifies the format of the timestamp appended to the access log name when log rotation occurs.
`rotation-enabled`	`true`	(optional) If `true`, enables log rotation.

admin-object-resource

Defines an administered object for an inbound resource adapter.

Superelements

resources

Subelements

The following table describes subelements for the admin-object-resource element.

Table 1–2 admin-object-resource Subelements


Element	Required	Description
description	zero or one	Contains a text description of this element.
property	zero or more	Specifies a property or a variable.

Attributes

The following table describes attributes for the admin-object-resource element.

Table 1–3 admin-object-resource Attributes


Attribute	Default	Description
`jndi-name`	none	Specifies the JNDI name for the resource.
`res-type`	none	Specifies the fully qualified type of the resource.
`res-adapter`	none	Specifies the name of the inbound resource adapter, as specified in the `name` attribute of a connector-module element.
`object-type`	`user`	(optional) Defines the type of the resource. Allowed values are: `system-all` - A system resource for all server instances and the domain application server. `system-admin` - A system resource only for the domain application server. `system-instance` - A system resource for all server instances only. `user` - A user resource.
`enabled`	`true`	(optional) Determines whether this resource is enabled at runtime.

Properties

Properties of the admin-object-resource element are the names of setter methods of the adminobject-class specified in the adminobject element of the ra.xml file. Some of the property names can be specified in the adminobject element itself. For example, in jmsra, the resource adapter used to communicate with the Sun Java system Message Queue software, jmsra, Name and Description are valid properties.

For a complete list of the available properties (called administered object attributes in Sun Java System Message Queue), see the Sun Java System Message Queue 3.7 UR1 Administration Guide.

admin-service

Determines whether the server instance is a regular instance, a domain administration server, or a combination.

Superelements

config

Subelements

The following table describes subelements for the admin-service element.

Table 1–4 admin-service Subelements


Element	Required	Description
jmx-connector	zero or more	Configures a JSR 160 compliant remote JMX connector.
das-config	zero or one	Defines a domain administration server configuration.
property	zero or more	Specifies a property or a variable.

Attributes

The following table describes attributes for the admin-service element.

Table 1–5 admin-service Attributes


Attribute	Default	Description
`type`	`server`	Specifies whether the server instance is a regular instance (`server`), a domain administration server (`das`), or a combination (`das-and-server`).
`system-jmx-connector-name`	none	Specifies the name of the internal jmx-connector.

alert-service

Configures the alert service, which allows you to register for and receive system status alerts.

Superelements

config

Subelements

The following table describes subelements for the alert-service element.

Table 1–6 alert-service Subelements


Element	Required	Description
alert-subscription	zero or more	Configures a subscription to system status alerts.
property	zero or more	Specifies a property or a variable.

alert-subscription

Configures a subscription to system status alerts.

Superelements

alert-service

Subelements

The following table describes subelements for the alert-subscription element.

Table 1–7 alert-subscription Subelements


Element	Required	Description
listener-config	only one	Configures the listener class that listens for alerts from notification emitters.
filter-config	zero or one	Configures the filter class that filters alerts from notification emitters.

Attributes

The following table describes attributes for the alert-subscription element.

Table 1–8 alert-subscription Attributes


Attribute	Default	Description
`name`	none	Specifies the name of this alert subscription.

appclient-module

Specifies a deployed application client container (ACC) module.

Superelements

applications

Subelements

The following table describes subelements for the appclient-module element.

Table 1–9 appclient-module Subelements


Element	Required	Description
description	zero or one	Contains a text description of this element.

Attributes

The following table describes attributes for the appclient-module element.

Table 1–10 appclient-module Attributes


Attribute	Default	Description
`name`	none	The name of the ACC module.
`location`	none	The location of the ACC module in the Application Server file system.
`directory-deployed`	`false`	(optional) Specifies whether the application has been deployed to a directory.

application-ref

References an application or module deployed to the server instance.

Superelements

cluster, server

Subelements

none

Attributes

The following table describes attributes for the application-ref element.

Table 1–11 application-ref Attributes


Attribute	Default	Description
`enabled`	`true`	(optional) Determines whether the application or module is enabled.
`virtual-servers`	all virtual servers	(optional) In a comma-separated list, references `id` attributes of the virtual-server elements to which the web-module or the web modules within this j2ee-application are deployed.
`lb-enabled`	`false`	(optional) If `true`, all load-balancers consider this application available to them.
`disable-timeout-in-minutes`	`30`	(optional) Specifies the time it takes this application to reach a quiescent state after having been disabled.
`ref`	none	References the `name` attribute of a lifecycle-module, j2ee-application, ejb-module, web-module, connector-module, or appclient-module element.

applications

Contains deployed J2EE applications, J2EE modules, and Lifecycle modules.

Superelements

domain

Subelements

The following table describes subelements for the applications element.

Table 1–12 applications Subelements


Element	Required	Description
lifecycle-module	zero or more	Specifies a deployed lifecycle module.
j2ee-application	zero or more	Specifies a deployed J2EE application.
ejb-module	zero or more	Specifies a deployed EJB module.
web-module	zero or more	Specifies a deployed web module.
connector-module	zero or more	Specifies a deployed connector module.
appclient-module	zero or more	Specifies a deployed application client container (ACC) module.

Note –

Subelements of an applications element can occur in any order.

audit-module

Specifies an optional plug-in module that implements audit capabilities.

Superelements

security-service

Subelements

The following table describes subelements for the audit-module element.

Table 1–13 audit-module Subelements


Element	Required	Description
property	zero or more	Specifies a property or a variable.

Attributes

The following table describes attributes for the audit-module element.

Table 1–14 audit-module Attributes


Attribute	Default	Description
`name`	none	Specifies the name of this audit module.
`classname`	none	Specifies the Java class that implements this audit module.

auth-realm

Defines a realm for authentication.

Authentication realms require provider-specific properties, which vary depending on what a particular implementation needs.

For more information about how to define realms, see the Sun Java System Application Server Enterprise Edition 8.2 Developer’s Guide.

Here is an example of the default file realm:

<auth-realm name="file"
     classname="com.iplanet.ias.security.auth.realm.file.FileRealm">
     <property name="file" value="domain-dir/config/keyfile"/>
     <property name="jaas-context" value="fileRealm"/>
 </auth-realm>

Which properties an auth-realm element uses depends on the value of the auth-realm element’s name attribute. The file realm uses file and jaas-context properties. Other realms use different properties.

Superelements

node-agent, security-service

Subelements

The following table describes subelements for the auth-realm element.

Table 1–15 auth-realm Subelements


Element	Required	Description
property	zero or more	Specifies a property or a variable.

Attributes

The following table describes attributes for the auth-realm element.

Table 1–16 auth-realm Attributes


Attribute	Default	Description
`name`	none	Specifies the name of this realm.
`classname`	none	Specifies the Java class that implements this realm.

Properties

The standard realms provided with Application Server have required and optional properties. A custom realm might have different properties.

The following table describes properties for the auth-realm element.

Table 1–17 auth-realm Properties


Property	Realms	Description
`jaas-context`	`file, ldap, solaris`	Specifies the JAAS (Java Authentication and Authorization Service) context.
`file`	`file`	Specifies the file that stores user names. The default is `domain-dir/config/keyfile`.
`assign-groups`	`certificate`	(optional) If this property is set, its value is taken to be a comma-separated list of group names. All clients who present valid certificates are assigned membership to these groups for the purposes of authorization decisions in the web and EJB containers.
`directory`	`ldap`	Specifies the LDAP URL to your server.
`base-dn`	`ldap`	Specifies the LDAP base DN for the location of user data. This base DN can be at any level above the user data, since a tree scope search is performed. The smaller the search tree, the better the performance.
`search-filter`	`ldap`	(optional) Specifies the search filter to use to find the user. The default is `uid=%s` (`%s` expands to the subject name).
`group-base-dn`	`ldap`	(optional) Specifies the base DN for the location of groups data. By default, it is same as the `base-dn`, but it can be tuned, if necessary.
`group-search-filter`	`ldap`	(optional) Specifies the search filter to find group memberships for the user. The default is `uniquemember=%d` (`%d` expands to the user element DN).
`group-target`	`ldap`	(optional) Specifies the LDAP attribute name that contains group name entries. The default is `CN`.
`search-bind-dn`	`ldap`	(optional) Specifies an optional DN used to authenticate to the directory for performing the `search-filter` lookup. Only required for directories that do not allow anonymous search.
`search-bind-password`	`ldap`	(optional) Specifies the LDAP password for the DN given in `search-bind-dn` .

availability-service

Configures the availability service. Enables high-availability features, such as HTTP session and stateful session bean state persistence to the Sun Java System high-availability database (HADB).

Availability can be enabled or disabled at the following levels:

The server instance (attribute of availability-service). Default is true (enabled).
The EJB or web container (attribute of ejb-container-availability or web-container-availability). Default is true (enabled).
The application (attribute of j2ee-application). Default is false (disabled).
The stand-alone EJB or web module (attribute of ejb-module or web-module). Default is false (disabled).
The stateful session bean. Default is false (disabled). See the Sun Java System Application Server Enterprise Edition 8.2 Developer’s Guide.

For availability to be enabled at a given level, it must be enabled at all higher levels, as well. For example, to enable availability at the application level, you must also enable it at the server instance and container levels.

Superelements

config

Subelements

The following table describes subelements for the availability-service element.

Table 1–18 availability-service Subelements


Element	Required	Description
web-container-availability	only one	Enables availability in the web container.
ejb-container-availability	only one	Enables availability in the EJB container.
property	zero or more	Specifies a property or a variable.

Attributes

The following table describes attributes for the availability-service element.

Table 1–19 availability-service Attributes


Attribute	Default	Description
`availability-enabled`	`true`	(optional) If set to `true`, high-availability features apply to all applications deployed to the server instance that do not have availability disabled. All instances in a cluster should have the same availability value to ensure consistent behavior.
`store-pool-name`	`jdbc/hastore`	(optional) Specifies the `jndi-name` of the jdbc-resource used for connections to the HADB for session persistence. For more information about setting up a connection pool and JDBC resource for the HADB, see the description of the `configure-ha-cluster` command in the Sun Java System Application Server Enterprise Edition 8.2 Reference Manual.