SEC-858: Replaced integer properties in schema with strings to allow use of placeholders.

core/src/main/resources/org/springframework/security/config/spring-security-2.0.2.rnc

@@ -16,7 +16,7 @@ path-type =
     attribute path-type {"ant" | "regex"}
 port =
     ## Specifies an IP port number. Used to configure an embedded LDAP server, for example.
-    attribute port { xsd:integer }
+    attribute port { xsd:string }
 url =
     ## Specifies a URL.
     attribute url { xsd:string }
@@ -333,7 +333,7 @@ concurrent-session-control =
     ## Adds support for concurrent session control, allowing limits to be placed on the number of sessions a user can have.
     element concurrent-session-control {concurrent-sessions.attlist, empty}
 concurrent-sessions.attlist &=
-    attribute max-sessions {xsd:positiveInteger}?
+    attribute max-sessions {xsd:string}?
 concurrent-sessions.attlist &=
     ## The URL a user will be redirected to if they attempt to use a session which has been "expired" by the concurrent session controller.
     attribute expired-url {xsd:string}?
@@ -362,7 +362,7 @@ remember-me.attlist &=
     
 remember-me.attlist &=
     ## The period (in seconds) for which the remember-me cookie should be valid. 
-    attribute token-validity-seconds {xsd:positiveInteger}?
+    attribute token-validity-seconds {xsd:string}?
     
 token-repository-ref =
     ## Reference to a PersistentTokenRepository bean for use with the persistent token remember-me implementation. 
@@ -396,9 +396,9 @@ port-mappings.attlist &= empty
 port-mapping = 
     element port-mapping {http-port, https-port}
     
-http-port = attribute http {xsd:integer}
+http-port = attribute http {xsd:string}
 
-https-port = attribute https {xsd:integer}
+https-port = attribute https {xsd:string}
 
 
 x509 = 

core/src/main/resources/org/springframework/security/config/spring-security-2.0.2.xsd

@@ -50,7 +50,7 @@
     </xs:attribute>
   </xs:attributeGroup>
   <xs:attributeGroup name="port">
-    <xs:attribute name="port" use="required" type="xs:integer">
+    <xs:attribute name="port" use="required" type="xs:string">
       <xs:annotation>
         <xs:documentation>Specifies an IP port number. Used to configure an embedded LDAP server,
           for example.</xs:documentation>
@@ -192,7 +192,7 @@
         <xs:documentation>Specifies a URL.</xs:documentation>
       </xs:annotation>
     </xs:attribute>
-    <xs:attribute name="port" type="xs:integer">
+    <xs:attribute name="port" type="xs:string">
       <xs:annotation>
         <xs:documentation>Specifies an IP port number. Used to configure an embedded LDAP server,
           for example.</xs:documentation>
@@ -1012,7 +1012,7 @@
     </xs:attribute>
   </xs:attributeGroup>
   <xs:attributeGroup name="concurrent-sessions.attlist">
-    <xs:attribute name="max-sessions" type="xs:positiveInteger"/>
+    <xs:attribute name="max-sessions" type="xs:string"/>
     <xs:attribute name="expired-url" type="xs:string">
       <xs:annotation>
         <xs:documentation>The URL a user will be redirected to if they attempt to use a session
@@ -1064,7 +1064,7 @@
         Id</xs:documentation>
       </xs:annotation>
     </xs:attribute>
-    <xs:attribute name="token-validity-seconds" type="xs:positiveInteger">
+    <xs:attribute name="token-validity-seconds" type="xs:string">
       <xs:annotation>
         <xs:documentation>The period (in seconds) for which the remember-me cookie should be valid.
         </xs:documentation>
@@ -1122,10 +1122,10 @@
     </xs:complexType>
   </xs:element>
   <xs:attributeGroup name="http-port">
-    <xs:attribute name="http" use="required" type="xs:integer"/>
+    <xs:attribute name="http" use="required" type="xs:string"/>
   </xs:attributeGroup>
   <xs:attributeGroup name="https-port">
-    <xs:attribute name="https" use="required" type="xs:integer"/>
+    <xs:attribute name="https" use="required" type="xs:string"/>
   </xs:attributeGroup>
   <xs:attributeGroup name="x509.attlist">
     <xs:attribute name="subject-principal-regex" type="xs:string">