1 <?xml version="1.0" encoding="US-ASCII"?>
2 <schema targetNamespace="urn:mace:shibboleth:2.0:native:sp:config"
3 xmlns="http://www.w3.org/2001/XMLSchema"
4 xmlns:conf="urn:mace:shibboleth:2.0:native:sp:config"
5 xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
6 xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
7 xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
8 xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"
9 elementFormDefault="qualified"
10 attributeFormDefault="unqualified"
11 blockDefault="substitution"
14 <import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd" />
15 <import namespace="urn:oasis:names:tc:SAML:2.0:assertion" schemaLocation="saml-schema-assertion-2.0.xsd"/>
16 <import namespace="urn:oasis:names:tc:SAML:2.0:protocol" schemaLocation="saml-schema-protocol-2.0.xsd"/>
17 <import namespace="urn:oasis:names:tc:SAML:2.0:metadata" schemaLocation="saml-schema-metadata-2.0.xsd"/>
21 2.0 schema for XML-based configuration of Shibboleth Native SP instances.
22 First appearing in Shibboleth 2.0 release.
26 <simpleType name="string">
27 <restriction base="string">
28 <minLength value="1"/>
32 <simpleType name="listOfStrings">
33 <list itemType="conf:string"/>
36 <simpleType name="listOfURIs">
37 <list itemType="anyURI"/>
40 <simpleType name="bindingBoolean">
41 <restriction base="string">
42 <enumeration value="true"/>
43 <enumeration value="false"/>
44 <enumeration value="front"/>
45 <enumeration value="back"/>
49 <complexType name="PluggableType">
51 <any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
53 <attribute name="type" type="conf:string" use="required"/>
54 <anyAttribute namespace="##any" processContents="lax"/>
57 <complexType name="ExtensionsType">
59 <documentation>Container for extension libraries and custom configuration</documentation>
62 <element name="Library" minOccurs="0" maxOccurs="unbounded">
65 <any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
67 <attribute name="path" type="anyURI" use="required"/>
68 <attribute name="fatal" type="boolean"/>
69 <anyAttribute namespace="##any" processContents="lax"/>
72 <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
76 <complexType name="StorageServiceType">
78 <documentation>References StorageService plugins</documentation>
81 <restriction base="conf:PluggableType">
83 <any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
85 <attribute name="id" type="ID" use="required"/>
86 <attribute name="cleanupInterval" type="unsignedInt"/>
87 <anyAttribute namespace="##any" processContents="lax"/>
92 <complexType name="SessionCacheType">
94 <documentation>References SessionCache plugins</documentation>
97 <restriction base="conf:PluggableType">
99 <any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
101 <attribute name="StorageService" type="IDREF"/>
102 <attribute name="cacheAllowance" type="unsignedInt"/>
103 <attribute name="cacheTimeout" type="unsignedInt"/> <!-- deprecated -->
104 <anyAttribute namespace="##any" processContents="lax"/>
109 <complexType name="ReplayCacheType">
111 <documentation>Ties ReplayCache to a custom StorageService</documentation>
114 <attribute name="StorageService" type="IDREF"/>
117 <complexType name="ArtifactMapType">
119 <documentation>Customizes an ArtifactMap</documentation>
122 <attribute name="StorageService" type="IDREF"/>
123 <attribute name="context" type="conf:string"/>
124 <attribute name="artifactTTL" type="unsignedInt"/>
127 <complexType name="OutOfProcessType">
129 <documentation>Container for out-of-process (shibd) configuration</documentation>
132 <element name="Extensions" type="conf:ExtensionsType" minOccurs="0"/>
133 <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
135 <attribute name="logger" type="anyURI"/>
136 <attribute name="catchAll" type="boolean"/>
137 <anyAttribute namespace="##other" processContents="lax"/>
140 <complexType name="InProcessType">
143 Container for configuration of locally integrated or platform-specific
144 features (e.g. web server filters)
148 <element name="Extensions" type="conf:ExtensionsType" minOccurs="0"/>
149 <element name="ISAPI" minOccurs="0">
152 <element name="Site" maxOccurs="unbounded">
155 <element name="Alias" type="conf:string" minOccurs="0" maxOccurs="unbounded"/>
157 <attribute name="id" type="unsignedInt" use="required"/>
158 <attribute name="name" type="conf:string" use="required"/>
159 <attribute name="port" type="unsignedInt"/>
160 <attribute name="sslport" type="unsignedInt"/>
161 <attribute name="scheme" type="conf:string"/>
164 <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
166 <attribute name="normalizeRequest" type="boolean"/>
167 <attribute name="safeHeaderNames" type="boolean"/>
168 <anyAttribute namespace="##other" processContents="lax"/>
171 <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
173 <attribute name="logger" type="anyURI"/>
174 <attribute name="unsetHeaderValue" type="conf:string"/>
175 <attribute name="checkSpoofing" type="boolean"/>
176 <attribute name="spoofKey" type="conf:string"/>
177 <attribute name="catchAll" type="boolean"/>
178 <attribute name="extraAuthTypes" type="conf:listOfStrings"/>
179 <anyAttribute namespace="##other" processContents="lax"/>
182 <element name="AccessControl" type="conf:UniOperatorType">
185 A simple example access policy language extension that supersedes Apache .htaccess
189 <complexType name="UniOperatorType">
191 <element name="AND" type="conf:MultiOperatorType"/>
192 <element name="OR" type="conf:MultiOperatorType"/>
193 <element name="NOT" type="conf:UniOperatorType"/>
194 <element name="Rule" type="conf:RuleType"/>
195 <element name="RuleRegex" type="conf:RuleRegexType"/>
198 <complexType name="MultiOperatorType">
199 <choice minOccurs="2" maxOccurs="unbounded">
200 <element name="AND" type="conf:MultiOperatorType"/>
201 <element name="OR" type="conf:MultiOperatorType"/>
202 <element name="NOT" type="conf:UniOperatorType"/>
203 <element name="Rule" type="conf:RuleType"/>
204 <element name="RuleRegex" type="conf:RuleRegexType"/>
207 <complexType name="RuleType">
209 <extension base="conf:listOfStrings">
210 <attribute name="require" type="conf:string" use="required"/>
211 <attribute name="list" type="boolean"/>
215 <complexType name="RuleRegexType">
217 <extension base="conf:string">
218 <attribute name="require" type="conf:string" use="required"/>
219 <attribute name="ignoreCase" type="boolean"/>
224 <attributeGroup name="ContentSettings">
225 <attribute name="applicationId" type="conf:string"/>
226 <attribute name="authType" type="conf:string"/>
227 <attribute name="requireSession" type="boolean"/>
228 <attribute name="requireSessionWith" type="conf:string"/>
229 <attribute name="exportAssertion" type="boolean"/>
230 <attribute name="redirectToSSL" type="unsignedInt"/>
231 <attribute name="entityID" type="anyURI"/>
232 <attribute name="discoveryURL" type="anyURI"/>
233 <attribute name="isPassive" type="boolean"/>
234 <attribute name="returnOnError" type="boolean"/>
235 <attribute name="forceAuthn" type="boolean"/>
236 <attribute name="authnContextClassRef" type="anyURI"/>
237 <attribute name="authnContextComparison" type="samlp:AuthnContextComparisonType"/>
238 <attribute name="NameIDFormat" type="anyURI"/>
239 <attribute name="SPNameQualifier" type="conf:string"/>
240 <attribute name="redirectErrors" type="anyURI"/>
241 <attribute name="sessionError" type="anyURI"/>
242 <attribute name="metadataError" type="anyURI"/>
243 <attribute name="accessError" type="anyURI"/>
244 <attribute name="sslError" type="anyURI"/>
245 <attribute name="target" type="anyURI"/>
246 <attribute name="acsIndex" type="unsignedShort"/>
247 <attribute name="REMOTE_ADDR" type="conf:string"/>
248 <attribute name="encoding" type="conf:string"/>
249 <anyAttribute namespace="##other" processContents="lax"/>
252 <element name="RequestMap">
255 Built-in request mapping syntax, decomposes URLs into Host/Path/Path/...
260 <choice minOccurs="0">
261 <element name="htaccess" type="conf:PluggableType"/>
262 <element ref="conf:AccessControl"/>
263 <element name="AccessControlProvider" type="conf:PluggableType"/>
265 <choice minOccurs="0" maxOccurs="unbounded">
266 <element name="Host" type="conf:HostType"/>
267 <element name="HostRegex" type="conf:HostRegexType"/>
269 <element ref="ds:Signature" minOccurs="0"/>
271 <attribute name="unicodeAware" type="boolean"/>
272 <attributeGroup ref="conf:ContentSettings"/>
276 <complexType name="HostType">
278 <choice minOccurs="0">
279 <element name="htaccess" type="conf:PluggableType"/>
280 <element ref="conf:AccessControl"/>
281 <element name="AccessControlProvider" type="conf:PluggableType"/>
283 <choice minOccurs="0" maxOccurs="unbounded">
284 <element name="Path" type="conf:PathType"/>
285 <element name="PathRegex" type="conf:PathRegexType"/>
286 <element name="Query" type="conf:QueryType"/>
289 <attribute name="scheme">
291 <restriction base="conf:string">
292 <enumeration value="http"/>
293 <enumeration value="https"/>
294 <enumeration value="ftp"/>
295 <enumeration value="ldap"/>
296 <enumeration value="ldaps"/>
300 <attribute name="name" type="conf:string" use="required"/>
301 <attribute name="port" type="unsignedInt"/>
302 <attributeGroup ref="conf:ContentSettings"/>
305 <complexType name="HostRegexType">
307 <choice minOccurs="0">
308 <element name="htaccess" type="conf:PluggableType"/>
309 <element ref="conf:AccessControl"/>
310 <element name="AccessControlProvider" type="conf:PluggableType"/>
312 <choice minOccurs="0" maxOccurs="unbounded">
313 <element name="Path" type="conf:PathType"/>
314 <element name="PathRegex" type="conf:PathRegexType"/>
315 <element name="Query" type="conf:QueryType"/>
318 <attribute name="regex" type="conf:string" use="required"/>
319 <attribute name="ignoreCase" type="boolean"/>
320 <attributeGroup ref="conf:ContentSettings"/>
323 <complexType name="PathType">
325 <choice minOccurs="0">
326 <element name="htaccess" type="conf:PluggableType"/>
327 <element ref="conf:AccessControl"/>
328 <element name="AccessControlProvider" type="conf:PluggableType"/>
330 <choice minOccurs="0" maxOccurs="unbounded">
331 <element name="Path" type="conf:PathType"/>
332 <element name="PathRegex" type="conf:PathRegexType"/>
333 <element name="Query" type="conf:QueryType"/>
336 <attribute name="name" type="conf:string" use="required"/>
337 <attributeGroup ref="conf:ContentSettings"/>
340 <complexType name="PathRegexType">
342 <choice minOccurs="0">
343 <element name="htaccess" type="conf:PluggableType"/>
344 <element ref="conf:AccessControl"/>
345 <element name="AccessControlProvider" type="conf:PluggableType"/>
347 <element name="Query" type="conf:QueryType" minOccurs="0" maxOccurs="unbounded"/>
349 <attribute name="regex" type="conf:string" use="required"/>
350 <attribute name="ignoreCase" type="boolean"/>
351 <attributeGroup ref="conf:ContentSettings"/>
354 <complexType name="QueryType">
356 <choice minOccurs="0">
357 <element name="htaccess" type="conf:PluggableType"/>
358 <element ref="conf:AccessControl"/>
359 <element name="AccessControlProvider" type="conf:PluggableType"/>
361 <element name="Query" type="conf:QueryType" minOccurs="0" maxOccurs="unbounded"/>
363 <attribute name="name" type="conf:string" use="required"/>
364 <attribute name="regex" type="conf:string"/>
365 <attributeGroup ref="conf:ContentSettings"/>
368 <complexType name="ApplicationDefaultsType">
370 <documentation>Container for default settings and application-specific overrides</documentation>
373 <element name="Sessions" type="conf:SessionsType"/>
374 <element name="Errors" type="conf:ErrorsType" minOccurs="0"/>
375 <choice minOccurs="0" maxOccurs="unbounded">
376 <element name="RelyingParty" type="conf:RelyingPartyType"/>
377 <element name="Notify" type="conf:NotifyType"/>
378 <element ref="saml:Audience"/>
379 <element name="MetadataProvider" type="conf:PluggableType"/>
380 <element name="TrustEngine" type="conf:PluggableType"/>
381 <element name="AttributeExtractor" type="conf:PluggableType"/>
382 <element name="AttributeResolver" type="conf:PluggableType"/>
383 <element name="AttributeFilter" type="conf:PluggableType"/>
384 <element name="CredentialResolver" type="conf:PluggableType"/>
385 <element name="ApplicationOverride" type="conf:ApplicationOverrideType"/>
388 <attribute name="id" type="conf:string" fixed="default"/>
389 <attribute name="entityID" type="anyURI" use="required"/>
390 <attribute name="policyId" type="conf:string"/>
391 <attributeGroup ref="conf:ApplicationGroup"/>
392 <attributeGroup ref="conf:RelyingPartyGroup"/>
393 <anyAttribute namespace="##other" processContents="lax"/>
396 <complexType name="ApplicationOverrideType">
398 <documentation>Container for application-specific overrides</documentation>
401 <element name="Sessions" type="conf:SessionsType" minOccurs="0"/>
402 <element name="Errors" type="conf:ErrorsType" minOccurs="0"/>
403 <choice minOccurs="0" maxOccurs="unbounded">
404 <element name="RelyingParty" type="conf:RelyingPartyType"/>
405 <element name="Notify" type="conf:NotifyType"/>
406 <element ref="saml:Audience"/>
407 <element name="MetadataProvider" type="conf:PluggableType"/>
408 <element name="TrustEngine" type="conf:PluggableType"/>
409 <element name="AttributeExtractor" type="conf:PluggableType"/>
410 <element name="AttributeResolver" type="conf:PluggableType"/>
411 <element name="AttributeFilter" type="conf:PluggableType"/>
412 <element name="CredentialResolver" type="conf:PluggableType"/>
415 <attribute name="id" type="conf:string" use="required"/>
416 <attribute name="entityID" type="anyURI"/>
417 <attribute name="policyId" type="conf:string"/>
418 <attributeGroup ref="conf:ApplicationGroup"/>
419 <attributeGroup ref="conf:RelyingPartyGroup"/>
420 <anyAttribute namespace="##other" processContents="lax"/>
423 <attributeGroup name="ApplicationGroup">
424 <attribute name="homeURL" type="anyURI"/>
425 <attribute name="REMOTE_USER" type="conf:listOfStrings"/>
426 <attribute name="unsetHeaders" type="conf:listOfStrings"/>
427 <attribute name="metadataAttributePrefix" type="conf:string"/>
428 <attribute name="attributePrefix" type="conf:string"/>
431 <attributeGroup name="RelyingPartyGroup">
432 <attribute name="authType" type="conf:string"/>
433 <attribute name="authUsername" type="conf:string"/>
434 <attribute name="authPassword" type="conf:string"/>
435 <attribute name="signing" type="conf:bindingBoolean"/>
436 <attribute name="signingAlg" type="anyURI"/>
437 <attribute name="digestAlg" type="anyURI"/>
438 <attribute name="encryption" type="conf:bindingBoolean"/>
439 <attribute name="encryptionAlg" type="anyURI"/>
440 <attribute name="keyName" type="conf:string"/>
441 <attribute name="artifactEndpointIndex" type="unsignedShort"/>
442 <attribute name="chunkedEncoding" type="boolean"/>
443 <attribute name="connectTimeout" type="unsignedShort"/>
444 <attribute name="timeout" type="unsignedShort"/>
445 <attribute name="requireConfidentiality" type="boolean"/>
446 <attribute name="requireTransportAuth" type="boolean"/>
447 <attribute name="requireSignedAssertions" type="boolean"/>
450 <complexType name="SessionsType">
452 <documentation>Container for specifying protocol handlers and session policy</documentation>
455 <element name="SSO" minOccurs="0">
458 <documentation>Implicitly configures SessionInitiator and AssertionConsumerService handlers</documentation>
461 <extension base="conf:listOfStrings">
462 <attribute name="discoveryProtocol" type="conf:string"/>
463 <attribute name="discoveryURL" type="anyURI"/>
464 <attributeGroup ref="conf:SessionInitiatorGroup"/>
469 <element name="Logout" minOccurs="0">
472 <documentation>Implicitly configures LogoutInitiator and SingleLogoutService handlers</documentation>
475 <extension base="conf:listOfStrings">
476 <attributeGroup ref="conf:LogoutInitiatorGroup"/>
481 <element name="NameIDMgmt" type="conf:listOfStrings" minOccurs="0">
483 <documentation>Implicitly configures ManageNameIDService handlers</documentation>
486 <choice minOccurs="0" maxOccurs="unbounded">
487 <element ref="conf:SessionInitiator"/>
488 <element ref="conf:LogoutInitiator"/>
489 <element ref="md:AssertionConsumerService"/>
490 <element ref="md:ArtifactResolutionService"/>
491 <element ref="md:SingleLogoutService"/>
492 <element ref="md:ManageNameIDService"/>
493 <element ref="conf:Handler"/>
496 <attribute name="handlerURL" type="anyURI"/>
497 <attribute name="handlerSSL" type="boolean"/>
498 <attribute name="exportLocation" type="conf:string"/>
499 <attribute name="exportACL" type="conf:listOfStrings"/>
500 <attribute name="cookieName" type="conf:string"/>
501 <attribute name="cookieProps" type="conf:string"/>
502 <attribute name="cookieLifetime" type="unsignedInt"/>
503 <attribute name="idpHistory" type="boolean"/>
504 <attribute name="idpHistoryDays" type="unsignedInt"/>
505 <attribute name="lifetime" type="unsignedInt"/>
506 <attribute name="timeout" type="unsignedInt"/>
507 <attribute name="maxTimeSinceAuthn" type="unsignedInt"/>
508 <attribute name="checkAddress" type="boolean"/>
509 <attribute name="consistentAddress" type="boolean"/>
510 <attribute name="postData" type="conf:string"/>
511 <attribute name="postLimit" type="positiveInteger"/>
512 <attribute name="postTemplate" type="conf:string"/>
513 <attribute name="postExpire" type="boolean"/>
514 <attribute name="relayState" type="conf:string"/>
515 <anyAttribute namespace="##other" processContents="lax"/>
518 <attribute name="policyId" type="conf:string">
520 <documentation>Used to override Policy from profile endpoints</documentation>
524 <attributeGroup name="SessionInitiatorGroup">
526 <documentation>Options common to explicit and implicit SessionInitiators</documentation>
528 <attribute name="relayState" type="conf:string"/>
529 <attribute name="entityIDParam" type="conf:string"/>
530 <attribute name="entityID" type="anyURI"/>
531 <attribute name="outgoingBindings" type="conf:listOfURIs"/>
532 <attribute name="preservedOptions" type="conf:listOfStrings"/>
533 <attribute name="template" type="anyURI"/>
534 <attribute name="postArtifact" type="boolean"/>
535 <attribute name="acsByIndex" type="boolean"/>
536 <attribute name="isPassive" type="boolean"/>
537 <attribute name="returnOnError" type="boolean"/>
538 <attribute name="forceAuthn" type="boolean"/>
539 <attribute name="authnContextClassRef" type="anyURI"/>
540 <attribute name="authnContextComparison" type="samlp:AuthnContextComparisonType"/>
541 <attribute name="NameIDFormat" type="anyURI"/>
542 <attribute name="SPNameQualifier" type="conf:string"/>
543 <attribute name="requestDelegation" type="boolean"/>
544 <attribute name="target" type="anyURI"/>
545 <anyAttribute namespace="##any" processContents="lax"/>
548 <element name="SessionInitiator">
550 <documentation>Used to specify handlers that can issue AuthnRequests or perform discovery</documentation>
554 <restriction base="conf:PluggableType">
556 <any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
558 <attribute name="Location" type="anyURI"/>
559 <attribute name="id" type="conf:string"/>
560 <attribute name="isDefault" type="boolean"/>
561 <attribute name="URL" type="anyURI"/>
562 <attribute name="acsIndex" type="unsignedShort"/>
563 <attribute name="defaultACSIndex" type="unsignedShort"/> <!-- deprecated -->
564 <attributeGroup ref="conf:SessionInitiatorGroup"/>
570 <attributeGroup name="LogoutInitiatorGroup">
572 <documentation>Options common to explicit and implicit LogoutInitiators</documentation>
574 <attribute name="relayState" type="conf:string"/>
575 <attribute name="outgoingBindings" type="conf:listOfURIs"/>
576 <attribute name="template" type="anyURI"/>
577 <attribute name="postArtifact" type="boolean"/>
578 <anyAttribute namespace="##any" processContents="lax"/>
581 <element name="LogoutInitiator">
583 <documentation>Used to specify handlers that can issue LogoutRequests</documentation>
587 <restriction base="conf:PluggableType">
589 <any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
591 <attribute name="Location" type="anyURI"/>
592 <attributeGroup ref="conf:LogoutInitiatorGroup"/>
598 <element name="Handler">
600 <documentation>Used to specify custom handlers</documentation>
604 <restriction base="conf:PluggableType">
606 <any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
608 <attribute name="Location" type="anyURI" use="required"/>
609 <attribute name="acl" type="conf:listOfStrings"/>
610 <anyAttribute namespace="##any" processContents="lax"/>
616 <complexType name="ErrorsType">
618 <documentation>Container for error templates and associated details</documentation>
621 <any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
623 <attribute name="redirectErrors" type="anyURI"/>
624 <attribute name="session" type="anyURI"/>
625 <attribute name="metadata" type="anyURI"/>
626 <attribute name="access" type="anyURI"/>
627 <attribute name="ssl" type="anyURI"/>
628 <attribute name="localLogout" type="anyURI"/>
629 <attribute name="globalLogout" type="anyURI"/>
630 <attribute name="partialLogout" type="anyURI"/>
631 <attribute name="supportContact" type="conf:string"/>
632 <attribute name="logoLocation" type="anyURI"/>
633 <attribute name="styleSheet" type="anyURI"/>
634 <anyAttribute namespace="##any" processContents="lax"/>
637 <complexType name="RelyingPartyType">
639 <documentation>Container for specifying settings to use with particular peers</documentation>
642 <attribute name="Name" type="conf:string" use="required"/>
643 <attributeGroup ref="conf:RelyingPartyGroup"/>
644 <attribute name="entityID" type="anyURI"/>
645 <anyAttribute namespace="##other" processContents="lax"/>
648 <complexType name="NotifyType">
650 <documentation>Used to specify locations to receive application notifications</documentation>
653 <attribute name="Channel" use="required">
655 <restriction base="string">
656 <enumeration value="front"/>
657 <enumeration value="back"/>
661 <attribute name="Location" type="anyURI" use="required"/>
662 <anyAttribute namespace="##any" processContents="lax"/>
665 <element name="SecurityPolicies">
668 <documentation>Container for specifying sets of policy rules to apply to incoming messages</documentation>
671 <element name="Policy" minOccurs="1" maxOccurs="unbounded">
673 <documentation>Specifies a set of SecurityPolicyRule plugins</documentation>
677 <element name="Rule" type="conf:PluggableType" minOccurs="1" maxOccurs="unbounded"/>
678 <element name="PolicyRule" type="conf:PluggableType" minOccurs="1" maxOccurs="unbounded"/>
680 <attribute name="id" type="conf:string" use="required"/>
681 <attribute name="validate" type="boolean"/>
682 <anyAttribute namespace="##any" processContents="lax"/>
685 <choice minOccurs="0">
686 <element name="AlgorithmWhitelist" type="conf:listOfURIs"/>
687 <element name="AlgorithmBlacklist" type="conf:listOfURIs"/>
693 <element name="TransportOption">
695 <documentation>Implementation-specific option to pass to SOAPTransport provider.</documentation>
699 <extension base="anySimpleType">
700 <attribute name="provider" type="conf:string" use="required"/>
701 <attribute name="option" type="conf:string" use="required"/>
707 <element name="SPConfig">
710 <documentation>Root of configuration</documentation>
713 <element name="Extensions" type="conf:ExtensionsType" minOccurs="0"/>
714 <element name="OutOfProcess" type="conf:OutOfProcessType" minOccurs="0"/>
715 <element name="InProcess" type="conf:InProcessType" minOccurs="0"/>
716 <choice minOccurs="0">
717 <element name="UnixListener">
719 <attribute name="address" type="conf:string" use="required"/>
720 <attribute name="stackSize" type="unsignedInt"/>
723 <element name="TCPListener">
725 <attribute name="address" type="conf:string" use="required"/>
726 <attribute name="port" type="unsignedInt" use="required"/>
727 <attribute name="acl" type="conf:listOfStrings"/>
728 <attribute name="stackSize" type="unsignedInt"/>
731 <element name="Listener" type="conf:PluggableType"/>
733 <element name="StorageService" type="conf:StorageServiceType" minOccurs="0" maxOccurs="unbounded"/>
734 <element name="SessionCache" type="conf:SessionCacheType" minOccurs="0"/>
735 <element name="ReplayCache" type="conf:ReplayCacheType" minOccurs="0"/>
736 <element name="ArtifactMap" type="conf:ArtifactMapType" minOccurs="0"/>
737 <element name="RequestMapper" type="conf:PluggableType" minOccurs="0"/>
738 <element name="ApplicationDefaults" type="conf:ApplicationDefaultsType"/>
740 <element name="SecurityPolicyProvider" type="conf:PluggableType"/>
741 <element ref="conf:SecurityPolicies"/> <!-- deprecated -->
743 <element name="ProtocolProvider" type="conf:PluggableType" minOccurs="0"/>
744 <element ref="conf:TransportOption" minOccurs="0" maxOccurs="unbounded"/>
745 <element ref="ds:Signature" minOccurs="0"/>
747 <attribute name="logger" type="anyURI"/>
748 <attribute name="clockSkew" type="unsignedInt"/>
749 <attribute name="unsafeChars" type="conf:string"/>
750 <attribute name="allowedSchemes" type="conf:listOfStrings"/>
751 <anyAttribute namespace="##other" processContents="lax"/>