1 <?xml version="1.0" encoding="US-ASCII"?>
2 <schema targetNamespace="urn:mace:shibboleth:target:config:1.0"
3 xmlns="http://www.w3.org/2001/XMLSchema"
4 xmlns:conf="urn:mace:shibboleth:target:config:1.0"
5 xmlns:cred="urn:mace:shibboleth:credentials:1.0"
6 xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"
7 elementFormDefault="qualified"
8 attributeFormDefault="unqualified"
9 blockDefault="substitution"
12 <import namespace="urn:mace:shibboleth:credentials:1.0" schemaLocation="credentials.xsd"/>
13 <import namespace="urn:oasis:names:tc:SAML:1.0:assertion" schemaLocation="cs-sstc-schema-assertion-1.1.xsd"/>
17 1.0 schema for XML-based configuration of Shibboleth target libraries and modules.
18 First appearing in Shibboleth 1.3 release.
22 <element name="ShibbolethTargetConfig">
24 <documentation>Outer element of configuration file</documentation>
28 <element ref="conf:Extensions" minOccurs="0"/>
29 <element ref="cred:Credentials" minOccurs="0"/>
30 <element ref="conf:SHAR" minOccurs="0"/>
31 <element ref="conf:SHIRE" minOccurs="0"/>
32 <element ref="conf:Applications"/>
34 <attribute name="schemadir" type="anyURI" use="required"/>
35 <attribute name="logger" type="anyURI" use="optional"/>
36 <anyAttribute namespace="##any" processContents="lax"/>
40 <element name="Extensions">
42 <documentation>Container for extension libraries and custom configuration</documentation>
46 <element name="Library" minOccurs="0" maxOccurs="unbounded">
49 <extension base="anyType">
50 <attribute name="path" type="anyURI" use="required"/>
51 <attribute name="fatal" type="boolean" use="optional"/>
56 <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
61 <complexType name="PluggableType">
63 <extension base="anyType">
64 <attribute name="type" type="string" use="required"/>
71 <documentation>Container for SHAR configuration</documentation>
75 <element name="Listener" type="conf:PluggableType" minOccurs="0"/>
76 <element name="SessionCache" minOccurs="0">
79 <extension base="conf:PluggableType">
80 <attribute name="cleanupInterval" type="unsignedInt" use="optional"/>
81 <attribute name="timeout" type="unsignedInt" use="optional"/>
86 <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
88 <attribute name="logger" type="anyURI" use="optional"/>
89 <attribute name="AATimeout" type="integer" use="optional"/>
90 <attribute name="AAConnectTimeout" type="integer" use="optional"/>
91 <anyAttribute namespace="##any" processContents="lax"/>
95 <element name="SHIRE">
98 Container for configuration glue between target library and the surrounding application environment.
103 <element ref="conf:ApplicationMap" minOccurs="0"/>
104 <element name="ImplementationSpecific" minOccurs="0">
106 <choice maxOccurs="unbounded">
107 <element ref="conf:ISAPI"/>
108 <element ref="conf:NSAPI"/>
109 <element ref="conf:Apache"/>
110 <element ref="conf:Java"/>
111 <any namespace="##other" processContents="lax"/>
115 <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
117 <attribute name="logger" type="anyURI" use="optional"/>
118 <anyAttribute namespace="##any" processContents="lax"/>
122 <element name="ISAPI">
125 <element name="Site" maxOccurs="unbounded">
128 <extension base="string">
129 <attribute name="InstanceID" type="unsignedInt" use="required"/>
130 <anyAttribute namespace="##any" processContents="lax"/>
135 <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
137 <anyAttribute namespace="##any" processContents="lax"/>
140 <element name="Apache">
143 <extension base="anyType">
144 <attribute name="apacheConfig" type="boolean" use="optional"/>
149 <element name="NSAPI" type="anyType"/>
150 <element name="Java" type="anyType"/>
152 <group name="ContentSettings">
155 Group of settings that can be applied to elements in the ApplicationMap, supersedes httpd.conf/htaccess
159 <element name="requireSession" type="boolean" minOccurs="0"/>
160 <element name="exportAssertion" type="boolean" minOccurs="0"/>
161 <choice minOccurs="0">
162 <element name="htaccess">
165 <element name="OR" type="conf:OperatorType"/>
166 <element name="AND" type="conf:OperatorType"/>
170 <restriction base="conf:OperatorType">
172 <element ref="conf:Rule"/>
178 <element ref="conf:Rule"/>
180 <anyAttribute namespace="##any" processContents="lax"/>
183 <element name="accessPolicy" type="conf:PluggableType"/>
185 <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
189 <element name="Rule">
192 <extension base="string">
193 <attribute name="requires" type="string" use="required"/>
198 <complexType name="OperatorType">
200 <element ref="conf:Rule" maxOccurs="unbounded"/>
204 <element name="ApplicationMap">
207 <group ref="conf:ContentSettings"/>
208 <element ref="conf:Host" minOccurs="0" maxOccurs="unbounded"/>
210 <attribute name="uri" type="anyURI" use="optional"/>
211 <anyAttribute namespace="##any" processContents="lax"/>
215 <element name="Host">
218 <group ref="conf:ContentSettings"/>
219 <element ref="conf:Path" minOccurs="0" maxOccurs="unbounded"/>
221 <attribute name="scheme" use="optional" default="http">
223 <restriction base="string">
224 <enumeration value="http"/>
225 <enumeration value="https"/>
226 <enumeration value="ftp"/>
227 <enumeration value="ldap"/>
228 <enumeration value="ldaps"/>
232 <attribute name="name" type="string" use="required"/>
233 <attribute name="port" type="unsignedInt" use="optional"/>
234 <attribute name="applicationId" type="string" use="optional"/>
235 <anyAttribute namespace="##any" processContents="lax"/>
239 <element name="Path">
242 <group ref="conf:ContentSettings"/>
243 <element ref="conf:Path" minOccurs="0" maxOccurs="unbounded"/>
245 <attribute name="name" type="string" use="required"/>
246 <attribute name="applicationId" type="string" use="optional"/>
247 <anyAttribute namespace="##any" processContents="lax"/>
251 <element name="Applications">
254 Container for global target settings and application-specific overrides
259 <element ref="conf:Sessions"/>
260 <element ref="conf:Errors"/>
261 <element ref="conf:Policy"/>
262 <element ref="conf:CredentialUse"/>
263 <element ref="conf:Application" minOccurs="0" maxOccurs="unbounded"/>
264 <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
266 <attribute name="providerId" type="anyURI" use="required"/>
267 <anyAttribute namespace="##any" processContents="lax"/>
271 <element name="Application">
274 Container for application-specific overrides
279 <element ref="conf:Sessions"/>
280 <element ref="conf:Errors" minOccurs="0"/>
281 <element ref="conf:Policy" minOccurs="0"/>
282 <element ref="conf:CredentialUse" minOccurs="0"/>
283 <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
285 <attribute name="id" type="string" use="required"/>
286 <attribute name="providerId" type="anyURI" use="optional"/>
287 <anyAttribute namespace="##any" processContents="lax"/>
291 <element name="Errors">
294 Container for error templates and associated details
299 <extension base="anyType">
300 <attribute name="shire" type="anyURI" use="required"/>
301 <attribute name="rm" type="anyURI" use="required"/>
302 <attribute name="access" type="anyURI" use="required"/>
303 <attribute name="supportContact" type="string" use="required"/>
304 <attribute name="logoLocation" type="anyURI" use="required"/>
310 <element name="Sessions">
313 Container for specifying app session establishment and policy
318 <element name="shireURL">
321 <extension base="anyURI">
322 <attribute name="SSLOnly" type="boolean" use="optional"/>
327 <element name="cookieName">
330 <extension base="string">
331 <attribute name="SSLOnly" type="boolean" use="optional"/>
336 <element name="wayfURL" type="anyURI" minOccurs="0"/>
337 <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
339 <attribute name="lifetime" type="unsignedInt" use="optional"/>
340 <attribute name="timeout" type="unsignedInt" use="optional"/>
341 <attribute name="normalizeRequest" type="boolean" use="optional"/>
342 <attribute name="checkAddress" type="boolean" use="optional"/>
343 <anyAttribute namespace="##any" processContents="lax"/>
347 <element name="Policy">
350 Container for specifying various policies for attributes, trust, and federations
355 <element name="Attributes" minOccurs="0">
358 <element ref="saml:AttributeDesignator" minOccurs="0" maxOccurs="unbounded"/>
359 <element name="AAPProvider" type="conf:PluggableType" minOccurs="0" maxOccurs="unbounded"/>
361 <attribute name="signRequest" type="boolean" use="optional"/>
362 <attribute name="signedResponse" type="boolean" use="optional"/>
363 <anyAttribute namespace="##any" processContents="lax"/>
366 <element name="FederationProvider" type="conf:PluggableType" minOccurs="0" maxOccurs="unbounded"/>
367 <element name="TrustProvider" type="conf:PluggableType" minOccurs="0" maxOccurs="unbounded"/>
368 <element name="Audiences" minOccurs="0">
371 <element ref="saml:Audience" maxOccurs="unbounded"/>
373 <anyAttribute namespace="##any" processContents="lax"/>
376 <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
378 <anyAttribute namespace="##any" processContents="lax"/>
382 <element name="CredentialUse">
385 Container for specifying credentials to use
390 <element name="RelyingParty" minOccurs="0" maxOccurs="unbounded">
393 <extension base="anyType">
394 <attribute name="Name" type="string" use="required"/>
395 <attribute name="TLS" type="string" use="required"/>
396 <attribute name="Signing" type="string" use="required"/>
401 <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
403 <attribute name="TLS" type="string" use="required"/>
404 <attribute name="Signing" type="string" use="required"/>
405 <anyAttribute namespace="##any" processContents="lax"/>