elementFormDefault="qualified"\r
attributeFormDefault="unqualified"\r
blockDefault="substitution"\r
- version="2.0">\r
+ version="2.2">\r
\r
<import namespace="urn:oasis:names:tc:SAML:2.0:assertion" schemaLocation="saml-schema-assertion-2.0.xsd"/>\r
<import namespace="urn:oasis:names:tc:SAML:2.0:protocol" schemaLocation="saml-schema-protocol-2.0.xsd"/>\r
<complexType>\r
<attribute name="address" type="conf:string" use="required"/>\r
<attribute name="port" type="unsignedInt" use="required"/>\r
- <attribute name="acl" type="conf:listOfStrings" default="127.0.0.1"/>\r
+ <attribute name="acl" type="conf:listOfStrings"/>\r
</complexType>\r
</element>\r
<element name="Listener" type="conf:PluggableType"/>\r
<element ref="conf:ReplayCache" minOccurs="0"/>\r
<element ref="conf:ArtifactMap" minOccurs="0"/>\r
<element name="RequestMapper" type="conf:PluggableType" minOccurs="0"/>\r
- <element ref="conf:Applications"/>\r
+ <element ref="conf:ApplicationDefaults"/>\r
<element ref="conf:SecurityPolicies"/>\r
+ <element ref="conf:TransportOption" minOccurs="0" maxOccurs="unbounded"/>
</sequence>\r
<attribute name="logger" type="anyURI"/>\r
<attribute name="clockSkew" type="unsignedInt"/>\r
+ <attribute name="unsafeChars" type="conf:string"/>
<anyAttribute namespace="##other" processContents="lax"/>\r
</complexType>\r
</element>\r
<any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>\r
</sequence>\r
<attribute name="path" type="anyURI" use="required"/>\r
- <attribute name="fatal" type="boolean" default="true"/>\r
+ <attribute name="fatal" type="boolean"/>\r
<anyAttribute namespace="##any" processContents="lax"/>\r
</complexType>\r
</element>\r
<any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>\r
</sequence>\r
<attribute name="id" type="ID" use="required"/>\r
- <attribute name="cleanupInterval" type="unsignedInt" default="900"/>\r
+ <attribute name="cleanupInterval" type="unsignedInt"/>\r
<anyAttribute namespace="##any" processContents="lax"/>\r
</restriction>\r
</complexContent>\r
<any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>\r
</sequence>\r
<attribute name="StorageService" type="IDREF"/>\r
- <attribute name="cacheTimeout" type="unsignedInt" default="28800"/>\r
+ <attribute name="cacheTimeout" type="unsignedInt"/>\r
<anyAttribute namespace="##any" processContents="lax"/>\r
</restriction>\r
</complexContent>\r
<sequence/>\r
<attribute name="StorageService" type="IDREF"/>\r
<attribute name="context" type="conf:string"/>\r
- <attribute name="artifactTTL" type="unsignedInt" default="180"/>\r
+ <attribute name="artifactTTL" type="unsignedInt"/>\r
</complexType>\r
</element>\r
\r
<attribute name="logger" type="anyURI"/>\r
<attribute name="unsetHeaderValue" type="string"/>\r
<attribute name="checkSpoofing" type="boolean"/>\r
+ <attribute name="spoofKey" type="string"/>\r
<attribute name="catchAll" type="boolean"/>\r
<anyAttribute namespace="##other" processContents="lax"/>\r
</complexType>\r
</element>\r
<any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>\r
</sequence>\r
- <attribute name="normalizeRequest" type="boolean" default="true"/>\r
+ <attribute name="normalizeRequest" type="boolean"/>\r
<anyAttribute namespace="##other" processContents="lax"/>\r
</complexType>\r
</element>\r
<attribute name="metadataError" type="anyURI"/>\r
<attribute name="accessError" type="anyURI"/>\r
<attribute name="sslError" type="anyURI"/>\r
+ <attribute name="REMOTE_ADDR" type="conf:string"/>\r
<anyAttribute namespace="##other" processContents="lax"/>\r
</attributeGroup>\r
<element name="AccessControlProvider" type="conf:PluggableType"/>\r
</choice>\r
</sequence>\r
<attribute name="regex" type="conf:string" use="required"/>\r
- <attribute name="ignoreCase" type="boolean" default="true"/>\r
+ <attribute name="ignoreCase" type="boolean"/>\r
<attribute name="applicationId" type="conf:string"/>\r
<attributeGroup ref="conf:ContentSettings"/>\r
</complexType>\r
<element ref="conf:Query" minOccurs="0" maxOccurs="unbounded"/>\r
</sequence>\r
<attribute name="regex" type="conf:string" use="required"/>\r
- <attribute name="ignoreCase" type="boolean" default="true"/>\r
+ <attribute name="ignoreCase" type="boolean"/>\r
<attribute name="applicationId" type="conf:string"/>\r
<attributeGroup ref="conf:ContentSettings"/>\r
</complexType>\r
</complexType>\r
</element>\r
\r
- <element name="Applications">\r
+ <element name="ApplicationDefaults">\r
<annotation>\r
- <documentation>Container for global settings and application-specific overrides</documentation>\r
+ <documentation>Container for default settings and application-specific overrides</documentation>\r
</annotation>\r
<complexType>\r
<sequence>\r
<element name="AttributeResolver" type="conf:PluggableType" minOccurs="0"/>\r
<element name="AttributeFilter" type="conf:PluggableType" minOccurs="0"/>\r
<element name="CredentialResolver" type="conf:PluggableType" minOccurs="0"/>\r
- <element ref="conf:Application" minOccurs="0" maxOccurs="unbounded"/>\r
+ <element ref="conf:ApplicationOverride" minOccurs="0" maxOccurs="unbounded"/>\r
</sequence>\r
<attribute name="id" type="conf:string" fixed="default"/>\r
<attribute name="entityID" type="anyURI" use="required"/>\r
</complexType>\r
</element>\r
\r
- <element name="Application">\r
+ <element name="ApplicationOverride">\r
<annotation>\r
<documentation>Container for application-specific overrides</documentation>\r
</annotation>\r
</element>\r
\r
<attributeGroup name="ApplicationGroup">\r
- <attribute name="homeURL" type="anyURI" default="/"/>\r
+ <attribute name="homeURL" type="anyURI"/>\r
<attribute name="REMOTE_USER" type="conf:listOfStrings"/>\r
<attribute name="unsetHeaders" type="conf:listOfStrings"/>\r
<attribute name="metadataAttributePrefix" type="conf:string"/>\r
<attribute name="timeout" type="unsignedShort"/>\r
<attribute name="requireConfidentiality" type="boolean"/>\r
<attribute name="requireTransportAuth" type="boolean"/>\r
- <attribute name="signedAssertions" type="boolean"/>\r
+ <attribute name="requireSignedAssertions" type="boolean"/>\r
</attributeGroup>\r
\r
<element name="Sessions">\r
</complexType>\r
</element>\r
</choice>\r
- <attribute name="handlerURL" type="anyURI"/>\r
- <attribute name="handlerSSL" type="boolean" default="true"/>\r
+ <attribute name="handlerURL" type="anyURI" use="required"/>\r
+ <attribute name="handlerSSL" type="boolean"/>\r
<attribute name="exportLocation" type="conf:string"/>\r
- <attribute name="exportACL" type="conf:listOfStrings" default="127.0.0.1"/>\r
+ <attribute name="exportACL" type="conf:listOfStrings"/>\r
<attribute name="cookieName" type="conf:string"/>\r
<attribute name="cookieProps" type="conf:string"/>\r
- <attribute name="idpHistory" type="boolean" default="false"/>\r
+ <attribute name="cookieLifetime" type="unsignedInt"/>\r
+ <attribute name="idpHistory" type="boolean"/>\r
<attribute name="idpHistoryDays" type="unsignedInt"/>\r
- <attribute name="lifetime" type="unsignedInt" default="28800"/>\r
- <attribute name="timeout" type="unsignedInt" default="3600"/>\r
+ <attribute name="lifetime" type="unsignedInt"/>\r
+ <attribute name="timeout" type="unsignedInt"/>\r
<attribute name="maxTimeSinceAuthn" type="unsignedInt"/>\r
- <attribute name="checkAddress" type="boolean" default="true"/>\r
- <attribute name="consistentAddress" type="boolean" default="true"/>\r
+ <attribute name="checkAddress" type="boolean"/>\r
+ <attribute name="consistentAddress" type="boolean"/>\r
+ <attribute name="postData" type="conf:string"/>\r
+ <attribute name="postLimit" type="positiveInteger"/>\r
+ <attribute name="postTemplate" type="conf:string"/>\r
+ <attribute name="postExpire" type="boolean"/>\r
<anyAttribute namespace="##other" processContents="lax"/>\r
</complexType>\r
</element>\r
<documentation>Specifies a set of SecurityPolicyRule plugins</documentation>\r
</annotation>\r
<complexType>\r
- <sequence>\r
- <element ref="conf:TransportOption" minOccurs="0" maxOccurs="unbounded"/>\r
+ <choice>\r
<element name="Rule" type="conf:PluggableType" minOccurs="1" maxOccurs="unbounded"/>\r
- </sequence>\r
+ <element name="PolicyRule" type="conf:PluggableType" minOccurs="1" maxOccurs="unbounded"/>\r
+ </choice>\r
<attribute name="id" type="conf:string" use="required"/>\r
- <attribute name="validate" type="boolean" default="false"/>\r
+ <attribute name="validate" type="boolean"/>\r
<anyAttribute namespace="##any" processContents="lax"/>\r
</complexType>\r
</element>\r