<?xml version="1.0" encoding="UTF-8"?>
<!--
  ~ JBoss, Home of Professional Open Source.
  ~ Copyright 2011, Red Hat, Inc., and individual contributors
  ~ as indicated by the @author tags. See the copyright.txt file in the
  ~ distribution for a full listing of individual contributors.
  ~
  ~ This is free software; you can redistribute it and/or modify it
  ~ under the terms of the GNU Lesser General Public License as
  ~ published by the Free Software Foundation; either version 2.1 of
  ~ the License, or (at your option) any later version.
  ~
  ~ This software is distributed in the hope that it will be useful,
  ~ but WITHOUT ANY WARRANTY; without even the implied warranty of
  ~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  ~ Lesser General Public License for more details.
  ~
  ~ You should have received a copy of the GNU Lesser General Public
  ~ License along with this software; if not, write to the Free
  ~ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
  ~ 02110-1301 USA, or see the FSF site: http://www.fsf.org.
  -->

<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema"
           targetNamespace="urn:jboss:domain:web:1.0"
           xmlns="urn:jboss:domain:web:1.0"
           elementFormDefault="qualified"
           attributeFormDefault="unqualified"
           version="1.0">

   <!-- The web subsystem root element -->
   <xs:element name="subsystem" type="web-containerType" />

   <!-- The web container configuration -->
   <xs:complexType name="web-containerType">
      <xs:annotation>
         <xs:documentation>
                <![CDATA[
                    The web subsystem, used to configure jboss.web
                ]]>
         </xs:documentation>
      </xs:annotation>
      <!--  FIXME classloading delegation and package filtering ? -->
      <xs:sequence>
         <xs:element minOccurs="0" maxOccurs="1" name="configuration" type="webConfigType" />
         <xs:element maxOccurs="unbounded" ref="connector" />
         <xs:element maxOccurs="unbounded" ref="virtual-server" />
      </xs:sequence>
      <xs:attribute name="default-virtual-server"/>
      <xs:attribute name="native" default="true" type="xs:boolean"/> 
   </xs:complexType>


   <xs:complexType name="webConfigType">
      <xs:sequence>
         <xs:element name="static-resources" minOccurs="0" maxOccurs="1" type="static-resourcesType">
            <xs:annotation>
               <xs:documentation>
               <![CDATA[
                  A default service for all web applications, that serves static resources.
                  It processes all requests that are not mapped to other servlets with servlet mappings.
               ]]>
             </xs:documentation>
            </xs:annotation>
         </xs:element>
         <xs:element name="jsp-configuration" minOccurs="0" maxOccurs="1" type="jsp-configurationType" />
     <!--  
     <xs:element minOccurs="0" maxOccurs="1" name="csrf"/>
     <xs:element minOccurs="0" maxOccurs="1" name="webdav-fix"/>
     -->
         <xs:element name="mime-mapping" minOccurs="0" maxOccurs="unbounded" type="mime-mappingType" />
         <xs:element name="welcome-file" minOccurs="0" maxOccurs="unbounded" type="xs:string" />
      </xs:sequence>
   </xs:complexType>

   <xs:complexType name="static-resourcesType">
      <xs:attribute name="listings" default="false" type="xs:boolean" />
      <xs:attribute name="sendfile" default="49152" />
      <xs:attribute name="file-encoding" />
      <xs:attribute name="read-only" default="true" type="xs:boolean" />
      <xs:attribute name="webdav" default="false" type="xs:boolean" />
      <xs:attribute name="secret" />
      <xs:attribute name="max-depth" default="3" />
      <xs:attribute name="disabled" default="false" type="xs:boolean" />
   </xs:complexType>

   <xs:complexType name="jsp-configurationType">
      <xs:attribute name="development" default="false" type="xs:boolean" />
      <xs:attribute name="disabled" default="false" type="xs:boolean" />
      <xs:attribute name="keep-generated" default="true" type="xs:boolean" />
      <xs:attribute name="trim-spaces" default="false" type="xs:boolean" />
      <xs:attribute name="tag-pooling" default="true" type="xs:boolean" />
      <xs:attribute name="mapped-file" default="true" type="xs:boolean" />
      <xs:attribute name="check-interval" default="0" />
      <xs:attribute name="modification-test-interval" default="4" />
      <xs:attribute name="recompile-on-fail" default="false" type="xs:boolean" />
      <xs:attribute name="smap" default="true" type="xs:boolean" />
      <xs:attribute name="dump-smap" default="false" type="xs:boolean" />
      <xs:attribute name="generate-strings-as-char-arrays" default="false" type="xs:boolean" />
      <xs:attribute name="error-on-use-bean-invalid-class-attribute" default="false" type="xs:boolean" />
      <xs:attribute name="scratch-dir" />
      <xs:attribute name="source-vm" default="1.5" />
      <xs:attribute name="target-vm" default="1.5" />
      <xs:attribute name="java-encoding" default="UTF8" />
      <xs:attribute name="x-powered-by" default="true" type="xs:boolean" />
      <xs:attribute name="display-source-fragment" default="true" type="xs:boolean" />
   </xs:complexType>

<!-- 
  <xs:complexType name="cgi-servletType">
    <xs:attribute name="debug" default="0"/>
    <xs:attribute name="cgi-path-prefix"/>
    <xs:attribute name="pass-shell-environment" default="false" type="xs:boolean"/>
    <xs:attribute name="cgi-executable" default="perl"/>
    <xs:attribute name="parameter-encoding"/>
  </xs:complexType>

  <xs:complexType name="ssi-servletType">
    <xs:attribute name="debug" default="0"/>
    <xs:attribute name="webapp-relative" default="false" type="xs:boolean"/>
    <xs:attribute name="expires"/>
    <xs:attribute name="buffered" default="false" type="xs:boolean"/>
    <xs:attribute name="input-encoding"/>
    <xs:attribute name="output-encoding" default="UTF-8"/>
  </xs:complexType>

  <xs:complexType name="ssi-filterType">
    <xs:attribute name="debug" default="0"/>
    <xs:attribute name="webapp-relative" default="false" type="xs:boolean"/>
    <xs:attribute name="expires"/>
    <xs:attribute name="content-type-regex"/>
  </xs:complexType>
 -->

   <xs:element name="connector">
      <xs:complexType>
         <xs:sequence>
           <xs:element name="ssl" type="sslType" minOccurs="0" maxOccurs="1"/>
           <xs:element name="virtual-server" minOccurs="0" maxOccurs="unbounded">
               <xs:complexType>
                  <xs:attribute name="name" type="xs:string" use="required" />
               </xs:complexType>
           </xs:element>
         </xs:sequence>
         <xs:attributeGroup ref="web-connector-attlist" />
      </xs:complexType>
   </xs:element>

   <xs:attributeGroup name="web-connector-attlist">
      <xs:attribute name="name" use="required" />
      <xs:attribute name="protocol" use="required" />
      <xs:attribute name="scheme" />
      <xs:attribute name="socket-binding" use="required" />
      <xs:attribute name="enable-lookups" default="false" type="xs:boolean" />
      <xs:attribute name="proxy-name" />
      <xs:attribute name="proxy-port" />
      <xs:attribute name="redirect-port" />
      <xs:attribute name="secure" default="false" type="xs:boolean" />
      <xs:attribute name="max-post-size" />
      <xs:attribute name="max-save-post-size" />
      <xs:attribute name="enabled" default="true" type="xs:boolean" />
      <xs:attribute name="executor" type="xs:string" />
      <xs:attribute name="max-connections" />
   </xs:attributeGroup>

   <xs:element name="virtual-server">
      <xs:complexType>
         <xs:sequence>
            <xs:element name="alias" minOccurs="0" maxOccurs="unbounded">
               <xs:annotation>
                  <xs:documentation>Vhost aliases</xs:documentation>
               </xs:annotation>
               <xs:complexType>
                  <xs:attribute name="name" type="xs:string" use="required" />
               </xs:complexType>
            </xs:element>
            <xs:element name="access-log" minOccurs="0" type="http-access-logType" />
            <xs:element name="rewrite" minOccurs="0" type="http-rewriteType" />
         </xs:sequence>
         <xs:attributeGroup ref="virtual-server-attlist" />
      </xs:complexType>
   </xs:element>
   <xs:attributeGroup name="virtual-server-attlist">
      <xs:attribute name="enable-welcome-root" type="xs:boolean">
         <xs:annotation>
           <xs:documentation>Whether or not the bundled welcome directory is used as the root web context</xs:documentation>
         </xs:annotation>
      </xs:attribute>
      <xs:attribute name="default-web-module" default="ROOT.war" />
      <xs:attribute name="name" use="required">
         <xs:annotation>
            <xs:documentation>Main vhost name</xs:documentation>
         </xs:annotation>
      </xs:attribute>
   </xs:attributeGroup>

   <xs:complexType name="http-access-logType">
      <xs:sequence>
         <xs:element name="directory" type="directoryType" />
      </xs:sequence>
      <xs:attribute name="pattern" default="common" />
      <xs:attribute name="resolve-hosts" default="false" type="xs:boolean" />
      <xs:attribute name="extended" default="false" type="xs:boolean" />
      <xs:attribute name="prefix" default="access_log." />
      <xs:attribute name="rotate" default="true" type="xs:boolean" />
   </xs:complexType>

   <xs:complexType name="http-rewriteType">
      <xs:sequence>
         <xs:element name="condition" type="rewrite-conditionType" />
      </xs:sequence>

      <xs:attribute name="pattern" use="required">
         <xs:annotation>
            <xs:documentation>
                <![CDATA[
                    Pattern is a perl compatible regular expression, which is applied to the current URL
                ]]>
            </xs:documentation>
         </xs:annotation>
      </xs:attribute>
      <xs:attribute name="substitution" use="required">
         <xs:annotation>
            <xs:documentation>
                <![CDATA[
                    The substitution of a rewrite rule is the string which is substituted for (or replaces) 
                    the original URL which Pattern matched
                  ]]>
            </xs:documentation>
         </xs:annotation>
      </xs:attribute>
      <xs:attribute name="flags" use="required">
         <xs:annotation>
            <xs:documentation>Substitution options</xs:documentation>
         </xs:annotation>
      </xs:attribute>
   </xs:complexType>

   <xs:complexType name="rewrite-conditionType">
      <xs:attribute name="test" use="required">
         <xs:annotation>
            <xs:documentation>
                <![CDATA[
                    The test string is first evaluated, before being matched against the specified pattern
                  ]]>
            </xs:documentation>
         </xs:annotation>
      </xs:attribute>
      <xs:attribute name="pattern" use="required">
         <xs:annotation>
            <xs:documentation>
                <![CDATA[
                    CondPattern is the condition pattern, a regular expression which is applied to the 
                    current instance of the test string
                ]]>
            </xs:documentation>
         </xs:annotation>
      </xs:attribute>
      <xs:attribute name="flags" use="required">
         <xs:annotation>
            <xs:documentation>Matching options</xs:documentation>
         </xs:annotation>
      </xs:attribute>
   </xs:complexType>

   <xs:complexType name="directoryType">
      <xs:annotation>
         <xs:documentation>
            <![CDATA[               
                The "relative-to" references a global path configuration in the domain model, with the default
                to the JBoss Application data directory (jboss.server.data.dir).
                The "path" the directory based on the referenced path.
            ]]>
         </xs:documentation>
      </xs:annotation>
      <xs:attribute name="relative-to" type="xs:string" default="jboss.server.data.dir" />
      <xs:attribute name="path" type="xs:string" default="tx-object-store" />
   </xs:complexType>

   <xs:complexType name="mime-mappingType">
       <xs:attribute name="name" use="required"/>
       <xs:attribute name="value" use="optional"/>
   </xs:complexType>

  <!-- general SSL definitions -->
  <xs:complexType name="sslType">
    <xs:annotation>
      <xs:documentation>Configuration information for one SSL configuration.</xs:documentation>
    </xs:annotation>
    <xs:attribute name="name" type="xs:string" use="required"/>
    <xs:attribute name="key-alias" default="jboss"/>
    <xs:attribute name="password">
      <xs:annotation>
        <xs:documentation>Password for both trustore and keystore</xs:documentation>
      </xs:annotation>
    </xs:attribute>
    <xs:attribute name="certificate-key-file" default="${user.home}/.keystore">
      <xs:annotation>
        <xs:documentation>
          When using JSSE that could be the only file, with OpenSSL there several files
          Additionally we should have a logic to find the type of the file (PEM, PKCS12 or JKS) before using it.
        </xs:documentation>
      </xs:annotation>
    </xs:attribute>
    <xs:attribute name="cipher-suite" default="ALL">
      <xs:annotation>
        <xs:documentation>
          comma separated list of encryption ciphers the configuration is allowed to use, that MUST NOT be
          the JVM default in of JSSE as contains weak ciphers.
          that is SSLCipherSuite when using OpenSSL (APR).
        </xs:documentation>
      </xs:annotation>
    </xs:attribute>
    <xs:attribute name="protocol" default="ALL" type="SSlProtocolType"/>
    <xs:attribute name="verify-client" default="none">
      <xs:annotation>
        <xs:documentation>
          that is OpenSSL SSLVerifyClient (optional,require,optionalNoCA,none) and clientAuth (true=require/false=none)
        </xs:documentation>
      </xs:annotation>
    </xs:attribute>
    <xs:attribute name="verify-depth" default="10"/>
    <xs:attribute name="certificate-file">
      <xs:annotation>
        <xs:documentation>
          Only in the OpenSSL (JSSE keystore contains both key and certificate).
        </xs:documentation>
      </xs:annotation>
    </xs:attribute>
    <xs:attribute name="ca-certificate-file">
      <xs:annotation>
        <xs:documentation>
          The file containing the CA certificates, truststoreFile in JSSE, note the password it same as the keystore password.
        </xs:documentation>
      </xs:annotation>
    </xs:attribute>
    <xs:attribute name="ca-revocation-url">
      <xs:annotation>
        <xs:documentation>
          A file or URL to get the revocation list. (actually: crlFile is JSSE and SSLCARevocationFile in OpenSSL)
        </xs:documentation>
      </xs:annotation>
    </xs:attribute>
    <xs:attribute name="session-cache-size" default="0"/>
    <xs:attribute name="session-timeout" default="86400"/>
  </xs:complexType>
  
  <xs:simpleType name="SSlProtocolType">
    <xs:restriction base="xs:token">
        <xs:enumeration value="SSLv2"/>
        <xs:enumeration value="SSLv3"/>
        <xs:enumeration value="TLSv1"/>
        <xs:enumeration value="SSLv2+SSLv3"/>
        <xs:enumeration value="ALL"/>
    </xs:restriction>
  </xs:simpleType>
  
</xs:schema>