domain.xml revision ada1678a4262b208a7b87391f520a7767d25287c
<!--
DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
The contents of this file are subject to the terms of either the GNU
General Public License Version 2 only ("GPL") or the Common Development
and Distribution License("CDDL") (collectively, the "License"). You
may not use this file except in compliance with the License. You can
obtain a copy of the License at
or packager/legal/LICENSE.txt. See the License for the specific
language governing permissions and limitations under the License.
When distributing the software, include this License Header Notice in each
file and include the License file at packager/legal/LICENSE.txt.
GPL Classpath Exception:
Oracle designates this particular file as subject to the "Classpath"
exception as provided by Oracle in the GPL Version 2 section of the License
file that accompanied this code.
Modifications:
If applicable, add the following below the License Header, with the fields
enclosed by brackets [] replaced by your own identifying information:
"Portions Copyright [year] [name of copyright owner]"
Contributor(s):
If you wish your version of this file to be governed by only the CDDL or
only the GPL Version 2, indicate your decision by adding "[Contributor]
elects to include this software in this distribution under the [CDDL or GPL
Version 2] license." If you don't indicate a single choice of license, a
recipient has the option to distribute your version of this file under
either the CDDL, the GPL Version 2 or to extend the choice of license to
its licensees as provided above. However, if you add GPL Version 2 code
and therefore, elected the GPL Version 2 license, then the option applies
only if the new code is made subject to such option by the copyright
holder.
-->
<domain log-root="${com.sun.aas.instanceRoot}/logs" application-root="${com.sun.aas.instanceRoot}/applications" version="10.0">
<system-applications />
<applications />
<resources>
<jdbc-connection-pool name="__TimerPool" datasource-classname="org.apache.derby.jdbc.EmbeddedXADataSource" res-type="javax.sql.XADataSource">
<property value=";create=true" name="connectionAttributes" />
</jdbc-connection-pool>
<jdbc-connection-pool is-isolation-level-guaranteed="false" name="DerbyPool" datasource-classname="org.apache.derby.jdbc.ClientDataSource" res-type="javax.sql.DataSource">
<property value="1527" name="PortNumber" />
<property value="APP" name="Password" />
<property value="APP" name="User" />
<property value="localhost" name="serverName" />
<property value="sun-appserv-samples" name="DatabaseName" />
<property value=";create=true" name="connectionAttributes" />
</jdbc-connection-pool>
</resources>
<servers>
<server name="%%%SERVER_ID%%%" config-ref="%%%CONFIG_MODEL_NAME%%%">
</server>
</servers>
<nodes>
<node name="localhost-%%%DOMAIN_NAME%%%" type="CONFIG" node-host="localhost" install-dir="${com.sun.aas.productRoot}"/>
</nodes>
<configs>
<config name="%%%CONFIG_MODEL_NAME%%%">
<http-service>
<access-log/>
<virtual-server id="server" network-listeners="http-listener-1,http-listener-2"/>
<virtual-server id="__asadmin" network-listeners="admin-listener"/>
</http-service>
<iiop-service>
<orb use-thread-pool-ids="thread-pool-1" />
<iiop-listener address="0.0.0.0" port="%%%ORB_LISTENER_PORT%%%" id="orb-listener-1" lazy-init="true"/>
<iiop-listener security-enabled="true" address="0.0.0.0" port="%%%ORB_SSL_PORT%%%" id="SSL">
</iiop-listener>
<iiop-listener security-enabled="true" address="0.0.0.0" port="%%%ORB_MUTUALAUTH_PORT%%%" id="SSL_MUTUALAUTH">
<ssl classname="com.sun.enterprise.security.ssl.GlassfishSSLImpl" cert-nickname="s1as" client-auth-enabled="true" />
</iiop-listener>
</iiop-service>
<admin-service auth-realm-name="admin-realm" type="das-and-server" system-jmx-connector-name="system">
<jmx-connector auth-realm-name="admin-realm" security-enabled="false" address="0.0.0.0" port="%%%JMX_SYSTEM_CONNECTOR_PORT%%%" name="system" />
<property value="/admin" name="adminConsoleContextRoot" />
<property value="${com.sun.aas.installRoot}/lib/install/applications/admingui.war" name="adminConsoleDownloadLocation" />
</admin-service>
<connector-service shutdown-timeout-in-seconds="30">
</connector-service>
<web-container>
<session-config>
<session-manager>
<manager-properties />
<store-properties />
</session-manager>
<session-properties />
</session-config>
</web-container>
<ejb-container steady-pool-size="0" max-pool-size="32" session-store="${com.sun.aas.instanceRoot}/session-store" pool-resize-quantity="8">
<ejb-timer-service />
</ejb-container>
<mdb-container steady-pool-size="0" max-pool-size="32" pool-resize-quantity="8" >
</mdb-container>
<jms-service type="EMBEDDED" default-jms-host="default_JMS_host">
<jms-host name="default_JMS_host" host="localhost" port="%%%JMS_PROVIDER_PORT%%%" admin-user-name="admin" admin-password="admin" lazy-init="true"/>
</jms-service>
<security-service>
<property value="fileRealm" name="jaas-context" />
</auth-realm>
<property value="fileRealm" name="jaas-context" />
</auth-realm>
<auth-realm classname="com.sun.enterprise.security.auth.realm.certificate.CertificateRealm" name="certificate" />
<jacc-provider policy-configuration-factory-provider="com.sun.enterprise.security.provider.PolicyConfigurationFactoryImpl" policy-provider="com.sun.enterprise.security.provider.PolicyWrapper" name="default">
</jacc-provider>
<jacc-provider policy-configuration-factory-provider="com.sun.enterprise.security.jacc.provider.SimplePolicyConfigurationFactory" policy-provider="com.sun.enterprise.security.jacc.provider.SimplePolicyProvider" name="simple" />
<property value="false" name="auditOn" />
</audit-module>
<message-security-config auth-layer="SOAP">
<provider-config provider-id="XWS_ClientProvider" class-name="com.sun.xml.wss.provider.ClientSecurityAuthModule" provider-type="client">
<request-policy auth-source="content" />
<response-policy auth-source="content" />
<property value="false" name="debug" />
</provider-config>
<provider-config provider-id="ClientProvider" class-name="com.sun.xml.wss.provider.ClientSecurityAuthModule" provider-type="client">
<request-policy auth-source="content" />
<response-policy auth-source="content" />
<property value="false" name="debug" />
<property value="${com.sun.aas.instanceRoot}/config/wss-server-config-1.0.xml" name="security.config" />
</provider-config>
<provider-config provider-id="XWS_ServerProvider" class-name="com.sun.xml.wss.provider.ServerSecurityAuthModule" provider-type="server">
<request-policy auth-source="content" />
<response-policy auth-source="content" />
<property value="false" name="debug" />
</provider-config>
<provider-config provider-id="ServerProvider" class-name="com.sun.xml.wss.provider.ServerSecurityAuthModule" provider-type="server">
<request-policy auth-source="content" />
<response-policy auth-source="content" />
<property value="false" name="debug" />
<property value="${com.sun.aas.instanceRoot}/config/wss-server-config-1.0.xml" name="security.config" />
</provider-config>
</message-security-config>
<message-security-config auth-layer="HttpServlet">
<provider-config provider-type="server" provider-id="GFConsoleAuthModule" class-name="org.glassfish.admingui.common.security.AdminConsoleAuthModule">
<request-policy auth-source="sender"></request-policy>
<response-policy></response-policy>
<property name="restAuthURL" value="http://localhost:${ADMIN_LISTENER_PORT}/management/sessions"></property>
</provider-config>
</message-security-config>
<property value="SHA-256" name="default-digest-algorithm" />
</security-service>
</transaction-service>
<java-config classpath-suffix="" system-classpath="" debug-options="-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=n,address=%%%JAVA_DEBUGGER_PORT%%%">
<jvm-options>-XX:MaxPermSize=192m</jvm-options>
<jvm-options>-XX:PermSize=64m</jvm-options>
<jvm-options>-client</jvm-options>
<jvm-options>-Djavax.management.builder.initial=com.sun.enterprise.v3.admin.AppServerMBeanServerBuilder</jvm-options>
<jvm-options>-XX:+UnlockDiagnosticVMOptions</jvm-options>
<jvm-options>-Djava.endorsed.dirs=${com.sun.aas.installRoot}/modules/endorsed${path.separator}${com.sun.aas.installRoot}/lib/endorsed</jvm-options>
<jvm-options>-Djava.security.auth.login.config=${com.sun.aas.instanceRoot}/config/login.conf</jvm-options>
<jvm-options>-Xmx512m</jvm-options>
<jvm-options>-Djavax.net.ssl.trustStore=${com.sun.aas.instanceRoot}/config/cacerts.jks</jvm-options>
<jvm-options>-Djava.ext.dirs=${com.sun.aas.javaRoot}/lib/ext${path.separator}${com.sun.aas.javaRoot}/jre/lib/ext${path.separator}${com.sun.aas.instanceRoot}/lib/ext</jvm-options>
<jvm-options>-DANTLR_USE_DIRECT_CLASS_LOADING=true</jvm-options>
<jvm-options>-Dcom.sun.enterprise.config.config_environment_factory_class=com.sun.enterprise.config.serverbeans.AppserverConfigEnvironmentFactory</jvm-options>
<!-- Configuration of various third-party OSGi bundles like
Felix Remote Shell, FileInstall, etc. -->
<!-- Port on which remote shell listens for connections.-->
<!-- How many concurrent users can connect to this remote shell -->
<!-- From which hosts users can connect -->
<!-- Gogo shell configuration -->
<!-- Directory being watched by fileinstall. -->
<!-- Time period fileinstaller thread in ms. -->
<!-- log level: 1 for error, 2 for warning, 3 for info and 4 for debug. -->
<!-- should new bundles be started or installed only?
true => start, false => only install
-->
<!-- should watched bundles be started transiently or persistently -->
<!-- Should changes to configuration be saved in corresponding cfg file? false: no, true: yes
If we don't set false, everytime server starts from clean osgi cache, the file gets rewritten.
-->
<!-- End of OSGi bundle configurations -->
<jvm-options>-XX:NewRatio=2</jvm-options>
</java-config>
<network-config>
<protocols>
<protocol name="http-listener-1">
<http default-virtual-server="server" max-connections="250">
<file-cache enabled="false"></file-cache>
</http>
</protocol>
<protocol security-enabled="true" name="http-listener-2">
<http default-virtual-server="server" max-connections="250">
<file-cache enabled="false"></file-cache>
</http>
</protocol>
<protocol name="admin-listener">
<http default-virtual-server="__asadmin" max-connections="250" encoded-slash-enabled="true" >
<file-cache enabled="false"></file-cache>
</http>
</protocol>
</protocols>
<network-listeners>
<network-listener port="%%%HTTP_PORT%%%" protocol="http-listener-1" transport="tcp" name="http-listener-1" thread-pool="http-thread-pool"></network-listener>
<network-listener port="%%%HTTP_SSL_PORT%%%" protocol="http-listener-2" transport="tcp" name="http-listener-2" thread-pool="http-thread-pool"></network-listener>
<network-listener port="%%%ADMIN_PORT%%%" protocol="admin-listener" transport="tcp" name="admin-listener" thread-pool="admin-thread-pool"></network-listener>
</network-listeners>
<transports>
<transport name="tcp"></transport>
</transports>
</network-config>
<thread-pools>
<thread-pool name="admin-thread-pool" max-thread-pool-size="50" max-queue-size="256"></thread-pool>
<thread-pool name="http-thread-pool" max-queue-size="4096"></thread-pool>
<thread-pool name="thread-pool-1" max-thread-pool-size="200"/>
</thread-pools>
</config>
<config name="default-config" dynamic-reconfiguration-enabled="true" >
<http-service>
<access-log/>
<virtual-server id="server" network-listeners="http-listener-1, http-listener-2" >
</virtual-server>
<virtual-server id="__asadmin" network-listeners="admin-listener" />
</http-service>
<iiop-service>
<orb use-thread-pool-ids="thread-pool-1" />
<iiop-listener port="${IIOP_LISTENER_PORT}" id="orb-listener-1" address="0.0.0.0" />
<iiop-listener port="${IIOP_SSL_LISTENER_PORT}" id="SSL" address="0.0.0.0" security-enabled="true">
</iiop-listener>
<iiop-listener port="${IIOP_SSL_MUTUALAUTH_PORT}" id="SSL_MUTUALAUTH" address="0.0.0.0" security-enabled="true">
<ssl classname="com.sun.enterprise.security.ssl.GlassfishSSLImpl" cert-nickname="s1as" client-auth-enabled="true" />
</iiop-listener>
</iiop-service>
<admin-service system-jmx-connector-name="system" type="server">
<!-- JSR 160 "system-jmx-connector" -->
<jmx-connector address="0.0.0.0" auth-realm-name="admin-realm" name="system" port="${JMX_SYSTEM_CONNECTOR_PORT}" protocol="rmi_jrmp" security-enabled="false"/>
<!-- JSR 160 "system-jmx-connector" -->
<property value="${com.sun.aas.installRoot}/lib/install/applications/admingui.war" name="adminConsoleDownloadLocation" />
</admin-service>
<web-container>
<session-config>
<session-manager>
<manager-properties/>
<store-properties />
</session-manager>
<session-properties />
</session-config>
</web-container>
<ejb-timer-service />
</ejb-container>
<mdb-container />
<jms-service type="EMBEDDED" default-jms-host="default_JMS_host" addresslist-behavior="priority">
<jms-host name="default_JMS_host" host="localhost" port="${JMS_PROVIDER_PORT}" admin-user-name="admin" admin-password="admin" lazy-init="true"/>
</jms-service>
<log-service log-rotation-limit-in-bytes="2000000" file="${com.sun.aas.instanceRoot}/logs/server.log">
<module-log-levels />
</log-service>
<security-service>
<property name="jaas-context" value="fileRealm" />
</auth-realm>
<property name="jaas-context" value="fileRealm" />
</auth-realm>
<auth-realm classname="com.sun.enterprise.security.auth.realm.certificate.CertificateRealm" name="certificate" />
<jacc-provider policy-provider="com.sun.enterprise.security.provider.PolicyWrapper" name="default" policy-configuration-factory-provider="com.sun.enterprise.security.provider.PolicyConfigurationFactoryImpl">
</jacc-provider>
<jacc-provider policy-provider="com.sun.enterprise.security.jacc.provider.SimplePolicyProvider" name="simple" policy-configuration-factory-provider="com.sun.enterprise.security.jacc.provider.SimplePolicyConfigurationFactory" />
<property name="auditOn" value="false" />
</audit-module>
<message-security-config auth-layer="SOAP">
<provider-config provider-type="client" provider-id="XWS_ClientProvider" class-name="com.sun.xml.wss.provider.ClientSecurityAuthModule">
<request-policy auth-source="content" />
<response-policy auth-source="content" />
<property name="debug" value="false" />
</provider-config>
<provider-config provider-type="client" provider-id="ClientProvider" class-name="com.sun.xml.wss.provider.ClientSecurityAuthModule">
<request-policy auth-source="content" />
<response-policy auth-source="content" />
<property name="debug" value="false" />
<property name="security.config" value="${com.sun.aas.instanceRoot}/config/wss-server-config-1.0.xml" />
</provider-config>
<provider-config provider-type="server" provider-id="XWS_ServerProvider" class-name="com.sun.xml.wss.provider.ServerSecurityAuthModule">
<request-policy auth-source="content" />
<response-policy auth-source="content" />
<property name="debug" value="false" />
</provider-config>
<provider-config provider-type="server" provider-id="ServerProvider" class-name="com.sun.xml.wss.provider.ServerSecurityAuthModule">
<request-policy auth-source="content" />
<response-policy auth-source="content" />
<property name="debug" value="false" />
<property name="security.config" value="${com.sun.aas.instanceRoot}/config/wss-server-config-1.0.xml" />
</provider-config>
</message-security-config>
</security-service>
<diagnostic-service />
<java-config debug-options="-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=n,address=${JAVA_DEBUGGER_PORT}" system-classpath="" classpath-suffix="">
<jvm-options>-XX:MaxPermSize=192m</jvm-options>
<jvm-options>-XX:PermSize=64m</jvm-options>
<jvm-options>-server</jvm-options>
<jvm-options>-XX:+UnlockDiagnosticVMOptions</jvm-options>
<jvm-options>-Djava.endorsed.dirs=${com.sun.aas.installRoot}/modules/endorsed${path.separator}${com.sun.aas.installRoot}/lib/endorsed</jvm-options>
<jvm-options>-Djava.security.auth.login.config=${com.sun.aas.instanceRoot}/config/login.conf</jvm-options>
<jvm-options>-Djavax.net.ssl.trustStore=${com.sun.aas.instanceRoot}/config/cacerts.jks</jvm-options>
<jvm-options>-Djava.ext.dirs=${com.sun.aas.javaRoot}/lib/ext${path.separator}${com.sun.aas.javaRoot}/jre/lib/ext${path.separator}${com.sun.aas.instanceRoot}/lib/ext</jvm-options>
<jvm-options>-DANTLR_USE_DIRECT_CLASS_LOADING=true</jvm-options>
<jvm-options>-Dcom.sun.enterprise.config.config_environment_factory_class=com.sun.enterprise.config.serverbeans.AppserverConfigEnvironmentFactory</jvm-options>
<jvm-options>-XX:NewRatio=2</jvm-options>
<jvm-options>-Xmx512m</jvm-options>
<!-- Port on which remote shell listens for connections.-->
<!-- How many concurrent users can connect to this remote shell -->
<!-- From which hosts users can connect -->
<!-- Gogo shell configuration -->
<!-- Directory being watched by fileinstall. -->
<!-- Time period fileinstaller thread in ms. -->
<!-- log level: 1 for error, 2 for warning, 3 for info and 4 for debug. -->
<!-- should new bundles be started or installed only?
true => start, false => only install
-->
<!-- should watched bundles be started transiently or persistently -->
<!-- Should changes to configuration be saved in corresponding cfg file? false: no, true: yes
If we don't set false, everytime server starts from clean osgi cache, the file gets rewritten.
-->
<!-- End of OSGi bundle configurations -->
</java-config>
<availability-service>
<web-container-availability/>
<jms-availability/>
</availability-service>
<network-config>
<protocols>
<protocol name="http-listener-1">
<http default-virtual-server="server">
<file-cache />
</http>
</protocol>
<protocol security-enabled="true" name="http-listener-2">
<http default-virtual-server="server">
<file-cache />
</http>
</protocol>
<protocol name="admin-listener">
<http default-virtual-server="__asadmin" max-connections="250">
<file-cache enabled="false" />
</http>
</protocol>
<protocol security-enabled="true" name="sec-admin-listener">
<http default-virtual-server="__asadmin" encoded-slash-enabled="true">
<file-cache></file-cache>
</http>
<ssl client-auth="want" classname="com.sun.enterprise.security.ssl.GlassfishSSLImpl" cert-nickname="glassfish-instance"></ssl>
</protocol>
<protocol name="admin-http-redirect">
<http-redirect secure="true"></http-redirect>
</protocol>
<protocol name="pu-protocol">
<port-unification>
<protocol-finder protocol="sec-admin-listener" name="http-finder" classname="com.sun.grizzly.config.HttpProtocolFinder"></protocol-finder>
<protocol-finder protocol="admin-http-redirect" name="admin-http-redirect" classname="com.sun.grizzly.config.HttpProtocolFinder"></protocol-finder>
</port-unification>
</protocol>
</protocols>
<network-listeners>
<network-listener address="0.0.0.0" port="${HTTP_LISTENER_PORT}" protocol="http-listener-1" transport="tcp" name="http-listener-1" thread-pool="http-thread-pool" />
<network-listener address="0.0.0.0" port="${HTTP_SSL_LISTENER_PORT}" protocol="http-listener-2" transport="tcp" name="http-listener-2" thread-pool="http-thread-pool" />
<network-listener port="${ASADMIN_LISTENER_PORT}" protocol="pu-protocol" transport="tcp" name="admin-listener" thread-pool="http-thread-pool" />
</network-listeners>
<transports>
<transport name="tcp" />
</transports>
</network-config>
<thread-pools>
<thread-pool name="http-thread-pool" />
<thread-pool max-thread-pool-size="200" idle-thread-timeout-in-seconds="120" name="thread-pool-1" />
</thread-pools>
<group-management-service/>
<management-rules />
<system-property name="ASADMIN_LISTENER_PORT" value="24848"/>
<system-property name="HTTP_LISTENER_PORT" value="28080"/>
<system-property name="HTTP_SSL_LISTENER_PORT" value="28181"/>
<system-property name="JMS_PROVIDER_PORT" value="27676"/>
<system-property name="IIOP_LISTENER_PORT" value="23700"/>
<system-property name="IIOP_SSL_LISTENER_PORT" value="23820"/>
<system-property name="IIOP_SSL_MUTUALAUTH_PORT" value="23920"/>
<system-property name="JMX_SYSTEM_CONNECTOR_PORT" value="28686"/>
<system-property name="OSGI_SHELL_TELNET_PORT" value="26666"/>
<system-property name="JAVA_DEBUGGER_PORT" value="29009"/>
</config>
</configs>
<secure-admin special-admin-indicator="%%%SECURE_ADMIN_IDENTIFIER%%%">
<secure-admin-principal dn="%%%ADMIN_CERT_DN%%%"></secure-admin-principal>
<secure-admin-principal dn="%%%INSTANCE_CERT_DN%%%"></secure-admin-principal>
</secure-admin>
</domain>