3 Replies Latest reply on Aug 8, 2006 3:31 AM by Alexey Loubyansky

    inconcistency between security-config_5_0.xsd and xml tests

    Alexey Loubyansky Master

      The problem is in the authentication-jaspi element which is declared in the XSD as

       <xsd:element name="authentication-jaspi">
       <xsd:annotation>
       <xsd:appinfo>
       <jbxb:skip/>
       </xsd:appinfo>
       </xsd:annotation>
       <xsd:complexType>
       <xsd:choice >
       <xsd:element maxOccurs="unbounded" ref="jbsx:login-module-stack"/>
       <xsd:element maxOccurs="unbounded" ref="jbsx:auth-module"/>
       </xsd:choice>
       </xsd:complexType>
       </xsd:element>
      


      The XML tested is
       <jbsx:application-policy name="conf-jaspi">
       <jbsx:authentication-jaspi>
       <jbsx:login-module-stack name="lm-stack">
       <jbsx:login-module
       code="org.jboss.security.auth.spi.UsersRolesLoginModule"
       flag="required">
       <jbsx:module-option name="usersProperties">props/jbossws-users.properties</jbsx:module-option>
       <jbsx:module-option name="rolesProperties">props/jbossws-roles.properties</jbsx:module-option>
       <jbsx:module-option name="unauthenticatedIdentity">anonymous</jbsx:module-option>
       </jbsx:login-module>
       </jbsx:login-module-stack>
       <jbsx:auth-module code="auth.module1.class.name">
       <jbsx:module-option name="usersProperties">props/jbossws-users.properties</jbsx:module-option>
       <jbsx:module-option name="rolesProperties">props/jbossws-roles.properties</jbsx:module-option>
       <jbsx:module-option name="unauthenticatedIdentity">anonymous</jbsx:module-option>
       </jbsx:auth-module>
      
       <jbsx:auth-module code="auth.module2.class.name" login-module-stack-ref="lm-stack"/>
       </jbsx:authentication-jaspi>
       </jbsx:application-policy>
      


      There can be either auth-module or login-module-stack but not both.

      Actually the test currently passes. Though, the SAX parser's validation is supposed to be on. I'll look into that.

      Current SchemaBinding-based validation doesn't catch it. I was working on a fix for another issue and extended SchemaBinding validation to catch that.