<element ref="conf:OutOfProcess"/>
<element ref="conf:InProcess"/>
<element ref="conf:Applications"/>
- <element ref="conf:Credentials" minOccurs="0"/>
<element ref="conf:SecurityPolicies"/>
</sequence>
<attribute name="logger" type="anyURI"/>
<annotation>\r
<documentation>Ties ReplayCache to a custom StorageService</documentation>\r
</annotation>\r
- <sequence/>\r
- <attribute name="StorageService" type="IDREF" use="required"/>\r
+ <complexType>\r
+ <sequence/>
+ <attribute name="StorageService" type="IDREF" use="required"/>\r
+ </complexType>\r
</element>
\r
<element name="ArtifactMap">
<annotation>\r
<documentation>Customizes an ArtifactMap</documentation>\r
</annotation>\r
- <sequence/>
- <attribute name="StorageService" type="IDREF"/>
- <attribute name="context" type="conf:string"/>
- <attribute name="artifactTTL" type="unsignedInt" default="180"/>
+ <complexType>\r
+ <sequence/>
+ <attribute name="StorageService" type="IDREF"/>
+ <attribute name="context" type="conf:string"/>
+ <attribute name="artifactTTL" type="unsignedInt" default="180"/>\r
+ </complexType>
</element>\r
\r
<element name="OutOfProcess">\r
<complexType>\r
<sequence>
<element ref="conf:Extensions" minOccurs="0"/>
+ <element ref="conf:SessionCache" minOccurs="0"/>\r
<element name="RequestMapper" type="conf:PluggableType"/>
<element name="Implementation" minOccurs="0">
<complexType>
<any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</sequence>
<attribute name="logger" type="anyURI"/>
- <attribute name="localRelayState" type="boolean" default="false"/>
<anyAttribute namespace="##other" processContents="lax"/>\r
</complexType>\r
</element>\r
<attribute name="requireSessionWith" type="conf:string"/>\r
<attribute name="exportAssertion" type="boolean"/>\r
<attribute name="redirectToSSL" type="unsignedInt"/>\r
+ <attribute name="isPassive" type="boolean"/>\r
+ <attribute name="forceAuthn" type="boolean"/>\r
+ <attribute name="authnContextClassRef" type="anyURI"/>\r
+ <attribute name="authnContextDeclRef" type="anyURI"/>\r
+ <attribute name="authnContextComparison" type="conf:string"/>\r
<anyAttribute namespace="##other" processContents="lax"/>\r
</attributeGroup>\r
<element name="AccessControlProvider" type="conf:PluggableType"/>\r
<sequence>\r
<element ref="conf:Sessions"/>\r
<element ref="conf:Errors"/>\r
- <element ref="conf:CredentialUse" minOccurs="0"/>\r
+ <element ref="conf:DefaultRelyingParty"/>\r
<element ref="saml:Audience" minOccurs="0" maxOccurs="unbounded"/>
<element name="MetadataProvider" type="conf:PluggableType"/>
<element name="TrustEngine" type="conf:PluggableType"/>\r
<element name="AttributeResolver" type="conf:PluggableType"/>\r
+ <element name="CredentialResolver" type="conf:PluggableType" minOccurs="0"/>\r
<element ref="conf:Application" minOccurs="0" maxOccurs="unbounded"/>\r
</sequence>\r
<attribute name="id" type="conf:string" fixed="default"/>\r
- <attribute name="providerId" type="anyURI" use="required"/>\r
+ <attribute name="entityID" type="anyURI" use="required"/>\r
<attribute name="policyId" type="conf:string" use="required"/>\r
- <attribute name="homeURL" type="anyURI"/>\r
+ <attribute name="homeURL" type="anyURI" default="/"/>\r
+ <attribute name="attributeIds" type="conf:listOfStrings"/>\r
<anyAttribute namespace="##other" processContents="lax"/>\r
</complexType>\r
</element>\r
<sequence>\r
<element ref="conf:Sessions" minOccurs="0"/>\r
<element ref="conf:Errors" minOccurs="0"/>\r
- <element ref="conf:CredentialUse" minOccurs="0"/>\r
+ <element ref="conf:DefaultRelyingParty" minOccurs="0"/>\r
<element ref="saml:Audience" minOccurs="0" maxOccurs="unbounded"/>\r
<element name="MetadataProvider" type="conf:PluggableType" minOccurs="0"/>\r
<element name="TrustEngine" type="conf:PluggableType" minOccurs="0"/>\r
<element name="AttributeResolver" type="conf:PluggableType" minOccurs="0"/>\r
+ <element name="CredentialResolver" type="conf:PluggableType" minOccurs="0"/>\r
</sequence>\r
<attribute name="id" type="conf:string" use="required"/>\r
- <attribute name="providerId" type="anyURI"/>\r
+ <attribute name="entityID" type="anyURI"/>\r
<attribute name="policyId" type="conf:string"/>\r
- <attribute name="homeURL" type="anyURI"/>\r
- <anyAttribute namespace="##other" processContents="lax"/>\r
+ <attribute name="homeURL" type="anyURI" default="/"/>\r
+ <attribute name="attributeIds" type="conf:listOfStrings"/>\r
+ <anyAttribute namespace="##other" processContents="lax"/>\r
</complexType>\r
</element>\r
\r
\r
<element name="SessionInitiator">\r
<annotation>\r
- <documentation>Used to specify handlers that can issue AuthnRequests</documentation>\r
+ <documentation>Used to specify handlers that can issue AuthnRequests or perform discovery</documentation>\r
</annotation>\r
<complexType>\r
- <sequence>\r
- <any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>\r
- </sequence>\r
- <attribute name="Location" type="anyURI" use="required"/>\r
- <attribute name="Binding" type="anyURI" use="required"/>\r
- <attribute name="id" type="conf:string"/>\r
- <attribute name="isDefault" type="boolean"/>\r
- <attribute name="wayfURL" type="anyURI"/>\r
- <attribute name="wayfBinding" type="anyURI"/>\r
- <attribute name="relayState" type="conf:string"/>\r
- <anyAttribute namespace="##any" processContents="lax"/>\r
+ <complexContent>\r
+ <restriction base="conf:PluggableType">\r
+ <sequence>\r
+ <any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>\r
+ </sequence>\r
+ <attribute name="Location" type="anyURI"/>\r
+ <attribute name="id" type="conf:string"/>\r
+ <attribute name="isDefault" type="boolean"/>\r
+ <attribute name="relayState" type="conf:string"/>\r
+ <attribute name="entityIDParam" type="conf:string"/>\r
+ <attribute name="entityID" type="anyURI"/>\r
+ <attribute name="URL" type="anyURI"/>\r
+ <anyAttribute namespace="##any" processContents="lax"/>\r
+ </restriction>\r
+ </complexContent>\r
</complexType>\r
</element>\r
-\r
+ \r
<element name="Errors">\r
<annotation>\r
<documentation>Container for error templates and associated details</documentation>\r
</complexType>\r
</element>\r
\r
- <attributeGroup name="CredentialUseGroup">\r
- <attribute name="TLS" type="conf:string"/>\r
- <attribute name="Signing" type="conf:string"/>\r
- <attribute name="signRequests" type="boolean" default="false"/>\r
- <attribute name="signatureAlg" type="anyURI"/>\r
- <attribute name="authType">\r
- <simpleType>\r
- <restriction base="conf:string">\r
- <enumeration value="basic"/>\r
- <enumeration value="digest"/>\r
- <enumeration value="ntlm"/>\r
- <enumeration value="gss"/>\r
- </restriction>\r
- </simpleType>\r
- </attribute>\r
- <attribute name="authUsername"/>\r
- <attribute name="authPassword"/>\r
- </attributeGroup>\r
-\r
- <element name="CredentialUse">\r
+ <element name="DefaultRelyingParty">\r
<annotation>\r
<documentation>Container for specifying security methods to use with particular peers</documentation>\r
</annotation>\r
<sequence>\r
<element name="RelyingParty" minOccurs="0" maxOccurs="unbounded">\r
<complexType>\r
- <sequence>\r
- <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>\r
- </sequence>\r
+ <sequence/>\r
<attribute name="Name" type="conf:string" use="required"/>\r
- <attributeGroup ref="conf:CredentialUseGroup"/>\r
+ <attributeGroup ref="conf:RelyingPartyGroup"/>\r
<anyAttribute namespace="##other" processContents="lax"/>\r
</complexType>\r
</element>\r
- <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>\r
</sequence>\r
- <attributeGroup ref="conf:CredentialUseGroup"/>\r
+ <attributeGroup ref="conf:RelyingPartyGroup"/>\r
<anyAttribute namespace="##other" processContents="lax"/>\r
</complexType>\r
</element>\r
\r
- <element name="Credentials">
- <annotation>\r
- <documentation>Container for specifying sources of credentials</documentation>\r
- </annotation>\r
- <complexType>\r
- <sequence>\r
- <element name="CredentialResolver" minOccurs="1" maxOccurs="unbounded">
- <annotation>\r
- <documentation>References CredentialResolver plugins</documentation>\r
- </annotation>\r
- <complexType>
- <complexContent>
- <restriction base="conf:PluggableType">
- <sequence>
- <any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- <attribute name="id" type="conf:string" use="required"/>\r
- <anyAttribute namespace="##any" processContents="lax"/>
- </restriction>
- </complexContent>
- </complexType>
- </element>\r
- </sequence>
- </complexType>
- </element>\r
+ <attributeGroup name="RelyingPartyGroup">\r
+ <attribute name="authType" type="conf:string" default="TLS"/>\r
+ <attribute name="authUsername" type="conf:string"/>\r
+ <attribute name="authPassword" type="conf:string"/>\r
+ <attribute name="signRequests" type="boolean" default="false"/>
+ <attribute name="signatureAlg" type="anyURI"/>\r
+ <attribute name="encryptRequests" type="boolean" default="true"/>\r
+ </attributeGroup>\r
\r
<element name="SecurityPolicies">
<annotation>\r
projects / shibboleth / sp.git / blobdiff