Back | Next | Contents Cams Administrator's Guide

Security Domain Registry Tag Reference

The Cams policy server security domain registry configuration is defined by the security-domain-registry.xml file. This document contains reference information for each of the tags that can be used within security-domain-registry.xml. The following table shows the file structure with links to each of the possible elements.

Tag Name Instances Description

security-domain-registry

1

declares a security domain registry

var-list

0 ... 1

a list of Cams variables

[var]

0 ... N

a Cams variable

[security-domain]

1 ... N

declares a security domain

name

1

the unique security domain name

home

1

the location of security domain's configuration files

<security-domain-registry>

The top-level element that declares a security domain registry. A security domain registry manages a
collection of security domain objects.

Item Description
Syntax
<security-domain-registry>
  <var-list>
    ...
  </var-list>
  <security-domain>
    ...
  </security-domain>
  ...
</security-domain-registry> 
Attributes None
Data None
Parent Elements

None

Child Elements
<var-list> Opt An optional list of Cams variables that can be used to set global substitution values. These variables are useful in working with a security domains configuration files, especially where test and production deployments are on distinct hosts.
<security-domain> Req Declares a single named security domain within the registry with its associated configuration files. Minimally, the system security domain must always be declared. You can declare as many security domains as you require.
Example
<security-domain-registry>

  <!-- Global substitution variables -->
  <var-list>
<var name="http.resource.base.id" value="http://localhost:8080"/>
<var name="https.resource.base.id" value="https://localhost:8443"/>
<var name="cams.resource.base.id" value="cams://localhost:9191"/>
<var name="cams.logs.base.dir" value="${cams.home}/logs"/> </var-list> <!-- Register the system security domain --> <security-domain enabled="true"> <name>system</name> <home>${cams.home}/conf/domains/system</home> </security-domain>
  <!-- Register the mydomain security domain -->
  <security-domain enabled="true">
    <name>default</name>
    <home>${cams.home}/conf/domains/mydomain</home>
  </security-domain>
</security-domain-registry>

<var-list>

An optional list of Cams variables that can be used to set global substitution values. These variables are useful in defining values that are frequently used in security domain configuration files.

Item Description
Syntax
<var-list>
  <var ... />
  ...
</var-list>
Attributes None
Data

None

Parent Elements

1. <security-domain-registry>

Child Elements
<var> Opt A Cams variable as a generic name/value pair.
Example
<!-- Global substitution variables -->
<var-list>
<var name="http.resource.base.id" value="http://localhost:8080"/>
<var name="https.resource.base.id" value="https://localhost:8443"/>
<var name="cams.resource.base.id" value="cams://localhost:9191"/>
<var name="cams.logs.base.dir" value="${cams.home}/logs"/> </var-list>

<var>

A Cams variable is used to set a global substitution value. These values are useful in working with a security domains configuration files, especially where test and production deployments are on distinct hosts.

Item Description
Syntax
<var name="textual name" value="value"/>
Attributes
name Req The variable name.
value Req The variable value.
Data

None

Parent Elements

1. <var-list>

Child Elements None
Example
<!-- Global substitution variables -->
<var-list>
<var name="http.resource.base.id" value="http://localhost:8080"/>
<var name="https.resource.base.id" value="https://localhost:8443"/>
<var name="cams.resource.base.id" value="cams://localhost:9191"/>
<var name="cams.logs.base.dir" value="${cams.home}/logs"/> </var-list>

<security-domain>

Declares a single named security domain within the registry with its associated configuration files. Minimally, the system security domain must always be declared. You can declare as many security domains as you require.

Security domains represent a logic division of resources to facilitate management and functional requirements. For example, you might place resources in different security domains to delegate security management responsibilities across an organization. Or, you might have different authentication requirements depending upon the resources (some content may require a higher level of security).

Item Description
Syntax
<security-domain enabled="true|false">
  <name> ... </name>
  <home> ... </home>
</security-domain>
Attributes
enabled Req Enable this security domain (true or false).
Data None
Parent Elements

1. <security-domain-registry>

Child Elements
<name> Req The unique security domain name.
<home> Req The location of security domain's configuration files.
Example
<!-- Register the system security domain -->
<security-domain enabled="true">
  <name>system</name>
  <home>${cams.home}/conf/domains/system</home>
</security-domain>

<name>

The unique security domain name.

Item Description
Syntax
<name>textual name</name>
Attributes None
Data None
Parent Elements

1. <security-domain>

Child Elements None
Example
<!-- Register the system security domain -->
<security-domain enabled="true">
  <name>system</name>
  <home>${cams.home}/conf/domains/system</home>
</security-domain>

<home>

The location of security domain's configuration files. The path can be specified using forward or back slashes, and can use substitution values.

Item Description
Syntax
<home>path to files</home>
Attributes None
Data None
Parent Elements

1. <security-domain>

Child Elements None
Example
<!-- Register the system security domain -->
<security-domain enabled="true">
  <name>system</name>
  <home>${cams.home}/conf/domains/system</home>
</security-domain>

Back | Next | Contents