Latest updates to namespace configuration.

core/src/main/resources/org/springframework/security/config/spring-security-2.0.rnc

@@ -3,6 +3,14 @@ namespace beans = "http://www.springframework.org/schema/beans"
 namespace a = "http://relaxng.org/ns/compatibility/annotations/1.0"
 datatypes xsd = "http://www.w3.org/2001/XMLSchema-datatypes"
 
+#default namespace = "http://www.springframework.org/schema/security"
+
+path-type =
+    ## Defines the type types of pattern used to specify URL paths. Defaults to "ant"
+    [ a:defaultValue = "ant" ] attribute pathType {"regex" | "ant"}
+
+
+
 autoconfig = 
     ## Provides automatic security configration for a application
     element autoconfig {autoconfig.attlist, empty}
@@ -39,25 +47,31 @@ protect.attlist &=
 
 http =
     ## Container element for HTTP security configuration
-   element http {http.attlist, intercept-url+, form-login?, logout? }
+   element http {http.attlist, intercept-url+, logout?, form-login?, http-basic? }
 http.attlist &=
     ## Controls the eagerness with which an HTTP session is created.
     [ a:defaultValue = "ifRequired" ] attribute createSession {"ifRequired" | "always" | "never" }?
 http.attlist &=
-    ## Defines the type of path used to define URLs in child elements. 
-    [ a:defaultValue = "ant" ] attribute pathType {"regex" | "ant"}?
+    ## The path format used to define the paths used in child elements. 
+    path-type?
 http.attlist &=
     ## Whether test URLs should be converted to lower case prior to comparing with defined path patterns.
-    [ a:defaultValue = "true" ] attribute lowerCaseComparisons {"true" | "true"}?
+    [ a:defaultValue = "true" ] attribute lowerCaseComparisons {"true" | "false"}?
 
 intercept-url =
+    ## Specifies the access attributes and/or filter list for a particular set of URLs.
     element intercept-url {intercept-url.attlist, empty}
 intercept-url.attlist &=
-    attribute path {xsd:string} 
+    ## The pattern which defines the URL path. The content will depend on the type set in the containing http element, so will
+    ## default to ant path syntax.    
+    attribute pattern {xsd:string} 
 intercept-url.attlist &=
+    ## The access configuration attributes that apply for the configured path.
     attribute access {xsd:string}?
+    ## The filter list for the path. Currently can be set to "none" to remove a path from having any filters applied.
+    ## The full filter stack (consisting of all defined filters, will be applied to any other paths).
 intercept-url.attlist &=
-    attribute filters {xsd:string}?
+    attribute filters {"none"}?
 
 logout =
     element logout {logout.attlist, empty}
@@ -74,6 +88,40 @@ form-login =
 form-login.attlist &=
     ## The URL that the form is submitted to
     [ a:defaultValue = "/j_spring_security_check" ] attribute loginUrl {xsd:string}?   
+form-login.attlist &=
+    ## The URL for the login page
+    attribute loginPage {xsd:string}?   
+
+filter-chain-map = 
+    ## Used to explicitly configure a FilterChainProxy instance with a FilterChainMap
+    element filter-chain-map {filter-chain-map.attlist, filter-chain+}
+filter-chain-map.attlist &=
+    path-type    
+
+filter-chain =
+    ## Used within filter-chain-map to define a specific URL pattern and the list of filters 
+    ## which apply to the URLs matching that pattern. When multiple filter-chain elements are used within a
+    ## filter-chain-map element, the most specific patterns must be placed at the top of the list, with 
+    ## most general ones at the bottom.
+    element filter-chain {filter-chain.attlist, empty}
+filter-chain.attlist &= 
+    attribute pattern {xsd:string}
+filter-chain.attlist &= 
+    attribute filters {xsd:string}
+
+http-basic =
+    ## Adds support for basic authentication
+    element http-basic {http-basic.attlist, empty}
+http-basic.attlist &= 
+    attribute realm {xsd:string}
+
+concurrent-sessions =
+    ## Adds support for concurrent session control, allowing limits to be placed on the number of sessions a
+    ## user can have.
+    element concurrent-sessions {concurrent-sessions.attlist, empty}
+concurrent-sessions.attlist &=
+    attribute maxSessions {xsd:positiveInteger}?
+
 
 authentication-provider =
     element authentication-provider {authentication-provider.attlist, (user-service | jdbc-user-service)}

core/src/main/resources/org/springframework/security/config/spring-security-2.0.xsd

@@ -1,9 +1,23 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <xs:schema xmlns="http://www.springframework.org/schema/security"
-	xmlns:xs="http://www.w3.org/2001/XMLSchema"
-	targetNamespace="http://www.springframework.org/schema/security"
-	xmlns:beans="http://www.springframework.org/schema/beans"
-	elementFormDefault="qualified" attributeFormDefault="unqualified">
+  xmlns:xs="http://www.w3.org/2001/XMLSchema"
+  targetNamespace="http://www.springframework.org/schema/security"
+  xmlns:beans="http://www.springframework.org/schema/beans"
+  elementFormDefault="qualified" attributeFormDefault="unqualified">
+  <!-- default namespace = "http://www.springframework.org/schema/security" -->
+  <xs:attributeGroup name="path-type">
+    <xs:attribute name="pathType" use="required">
+      <xs:annotation>
+        <xs:documentation>Defines the type types of pattern used to specify URL paths. Defaults to "ant"</xs:documentation>
+      </xs:annotation>
+      <xs:simpleType>
+        <xs:restriction base="xs:token">
+          <xs:enumeration value="regex"/>
+          <xs:enumeration value="ant"/>
+        </xs:restriction>
+      </xs:simpleType>
+    </xs:attribute>
+  </xs:attributeGroup>
   <xs:element name="autoconfig">
     <xs:annotation>
       <xs:documentation>Provides automatic security configration for a application</xs:documentation>
@@ -64,8 +78,9 @@
     <xs:complexType>
       <xs:sequence>
         <xs:element maxOccurs="unbounded" ref="intercept-url"/>
-        <xs:element minOccurs="0" ref="form-login"/>
         <xs:element minOccurs="0" ref="logout"/>
+        <xs:element minOccurs="0" ref="form-login"/>
+        <xs:element minOccurs="0" ref="http-basic"/>
       </xs:sequence>
       <xs:attributeGroup ref="http.attlist"/>
     </xs:complexType>
@@ -83,9 +98,9 @@
         </xs:restriction>
       </xs:simpleType>
     </xs:attribute>
-    <xs:attribute name="pathType" default="ant">
+    <xs:attribute name="pathType">
       <xs:annotation>
-        <xs:documentation>Defines the type of path used to define URLs in child elements. </xs:documentation>
+        <xs:documentation>Defines the type types of pattern used to specify URL paths. Defaults to "ant"</xs:documentation>
       </xs:annotation>
       <xs:simpleType>
         <xs:restriction base="xs:token">
@@ -101,20 +116,33 @@
       <xs:simpleType>
         <xs:restriction base="xs:token">
           <xs:enumeration value="true"/>
-          <xs:enumeration value="true"/>
+          <xs:enumeration value="false"/>
         </xs:restriction>
       </xs:simpleType>
     </xs:attribute>
   </xs:attributeGroup>
   <xs:element name="intercept-url">
+    <xs:annotation>
+      <xs:documentation>Specifies the access attributes and/or filter list for a particular set of URLs.</xs:documentation>
+    </xs:annotation>
     <xs:complexType>
       <xs:attributeGroup ref="intercept-url.attlist"/>
     </xs:complexType>
   </xs:element>
   <xs:attributeGroup name="intercept-url.attlist">
-    <xs:attribute name="path" use="required" type="xs:string"/>
-    <xs:attribute name="access" type="xs:string"/>
-    <xs:attribute name="filters" type="xs:string"/>
+    <xs:attribute name="pattern" use="required" type="xs:string"/>
+    <xs:attribute name="access" type="xs:string">
+      <xs:annotation>
+        <xs:documentation>The access configuration attributes that apply for the configured path.</xs:documentation>
+      </xs:annotation>
+    </xs:attribute>
+    <xs:attribute name="filters">
+      <xs:simpleType>
+        <xs:restriction base="xs:token">
+          <xs:enumeration value="none"/>
+        </xs:restriction>
+      </xs:simpleType>
+    </xs:attribute>
   </xs:attributeGroup>
   <xs:element name="logout">
     <xs:complexType>
@@ -147,6 +175,53 @@
         <xs:documentation>The URL that the form is submitted to</xs:documentation>
       </xs:annotation>
     </xs:attribute>
+    <xs:attribute name="loginPage" type="xs:string">
+      <xs:annotation>
+        <xs:documentation>The URL for the login page</xs:documentation>
+      </xs:annotation>
+    </xs:attribute>
+  </xs:attributeGroup>
+  <xs:element name="filter-chain-map">
+    <xs:annotation>
+      <xs:documentation>Used to explicitly configure a FilterChainProxy instance with a FilterChainMap</xs:documentation>
+    </xs:annotation>
+    <xs:complexType>
+      <xs:sequence>
+        <xs:element maxOccurs="unbounded" ref="filter-chain"/>
+      </xs:sequence>
+      <xs:attributeGroup ref="filter-chain-map.attlist"/>
+    </xs:complexType>
+  </xs:element>
+  <xs:attributeGroup name="filter-chain-map.attlist">
+    <xs:attributeGroup ref="path-type"/>
+  </xs:attributeGroup>
+  <xs:element name="filter-chain">
+    <xs:complexType>
+      <xs:attributeGroup ref="filter-chain.attlist"/>
+    </xs:complexType>
+  </xs:element>
+  <xs:attributeGroup name="filter-chain.attlist">
+    <xs:attribute name="pattern" use="required" type="xs:string"/>
+    <xs:attribute name="filters" use="required" type="xs:string"/>
+  </xs:attributeGroup>
+  <xs:element name="http-basic">
+    <xs:annotation>
+      <xs:documentation>Adds support for basic authentication</xs:documentation>
+    </xs:annotation>
+    <xs:complexType>
+      <xs:attributeGroup ref="http-basic.attlist"/>
+    </xs:complexType>
+  </xs:element>
+  <xs:attributeGroup name="http-basic.attlist">
+    <xs:attribute name="realm" use="required" type="xs:string"/>
+  </xs:attributeGroup>
+  <xs:element name="concurrent-sessions">
+    <xs:complexType>
+      <xs:attributeGroup ref="concurrent-sessions.attlist"/>
+    </xs:complexType>
+  </xs:element>
+  <xs:attributeGroup name="concurrent-sessions.attlist">
+    <xs:attribute name="maxSessions" type="xs:positiveInteger"/>
   </xs:attributeGroup>
   <xs:element name="authentication-provider">
     <xs:complexType>