projects / shibboleth / cpp-sp.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
A few cleanup items.
[shibboleth/cpp-sp.git] / schemas / shibboleth-targetconfig-1.0.xsd
1 <?xml version="1.0" encoding="US-ASCII"?>
2 <schema targetNamespace="urn:mace:shibboleth:target:config:1.0"
3         xmlns="http://www.w3.org/2001/XMLSchema"
4         xmlns:conf="urn:mace:shibboleth:target:config:1.0"
5         xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"
6         xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"
7         elementFormDefault="qualified"
8         attributeFormDefault="unqualified"
9         blockDefault="substitution"
10         version="1.1">
11
12         <import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd"/>
13         <import namespace="urn:oasis:names:tc:SAML:1.0:assertion" schemaLocation="cs-sstc-schema-assertion-1.1.xsd"/>
14         <import namespace="urn:oasis:names:tc:SAML:2.0:metadata" schemaLocation="saml-schema-metadata-2.0.xsd"/>
15
16         <annotation>
17                 <documentation>
18         1.0 schema for XML-based configuration of Shibboleth target libraries and modules.
19         First appearing in Shibboleth 1.2 release.
20         </documentation>
21     </annotation>
22
23         <complexType name="PluggableType">
24                 <sequence>
25                         <any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
26                 </sequence>
27                 <attribute name="type" type="string" use="required"/>
28                 <attribute name="uri" type="anyURI" use="optional"/>
29                 <anyAttribute namespace="##any" processContents="lax"/>
30         </complexType>
31
32         <element name="ShibbolethTargetConfig" type="conf:SPConfigType"/>
33         <element name="SPConfig" type="conf:SPConfigType"/>
34         <complexType name="SPConfigType">
35                 <annotation>
36                         <documentation>Root element of configuration file</documentation>
37                 </annotation>
38                 <sequence>
39                         <element ref="conf:Extensions" minOccurs="0"/>
40                         <choice minOccurs="0">
41                                 <element name="Global" type="conf:GlobalConfigurationType"/>
42                                 <element name="SHAR" type="conf:GlobalConfigurationType"/>
43                         </choice>
44                         <choice minOccurs="0">
45                                 <element name="Local" type="conf:LocalConfigurationType"/>
46                                 <element name="SHIRE" type="conf:LocalConfigurationType"/>
47                         </choice>
48                         <element ref="conf:Applications"/>
49                         <element name="CredentialsProvider" type="conf:PluggableType" minOccurs="0" maxOccurs="unbounded"/>
50                 </sequence>
51                 <attribute name="logger" type="anyURI" use="optional"/>
52                 <attribute name="clockSkew" type="unsignedInt" use="optional"/>
53                 <anyAttribute namespace="##other" processContents="lax"/>
54         </complexType>
55
56         <element name="Extensions">
57                 <annotation>
58                         <documentation>Container for extension libraries and custom configuration</documentation>
59                 </annotation>
60                 <complexType>
61                         <sequence>
62                                 <element name="Library" minOccurs="0" maxOccurs="unbounded">
63                                         <complexType>
64                                                 <sequence>
65                                                         <any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
66                                                 </sequence>
67                                                 <attribute name="path" type="anyURI" use="required"/>
68                                                 <attribute name="fatal" type="boolean" use="optional"/>
69                                                 <anyAttribute namespace="##other" processContents="lax"/>
70                                         </complexType>
71                                 </element>
72                                 <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
73                         </sequence>
74                 </complexType>
75         </element>
76
77         <complexType name="GlobalConfigurationType">
78                 <annotation>
79                         <documentation>Container for global (server independent) configuration</documentation>
80                 </annotation>
81                 <sequence>
82                         <element ref="conf:Extensions" minOccurs="0"/>
83                         <choice>
84                                 <element name="UnixListener">
85                                         <complexType>
86                                                 <attribute name="address" type="string" use="required"/>
87                                         </complexType>
88                                 </element>
89                                 <element name="TCPListener">
90                                         <complexType>
91                                                 <attribute name="address" type="string" use="required"/>
92                                                 <attribute name="port" type="unsignedInt" use="required"/>
93                                                 <attribute name="acl" use="optional" default="127.0.0.1">
94                                                         <simpleType>
95                                                                 <list itemType="string"/>
96                                                         </simpleType>
97                                                 </attribute>
98                                         </complexType>
99                                 </element>
100                                 <element name="Listener" type="conf:PluggableType"/>
101                         </choice>
102                         <choice>
103                                 <element name="MemorySessionCache">
104                                         <complexType>
105                                                 <attributeGroup ref="conf:SessionCacheProperties"/>
106                                                 <anyAttribute namespace="##other" processContents="lax"/>
107                                         </complexType>
108                                 </element>
109                                 <element name="MySQLSessionCache">
110                                         <complexType>
111                                                 <sequence>
112                                                         <element name="Argument" type="string" minOccurs="0" maxOccurs="unbounded"/>
113                                                 </sequence>
114                                                 <attributeGroup ref="conf:SessionCacheProperties"/>
115                                                 <attribute name="mysqlTimeout" type="unsignedInt" use="optional" default="14400"/>
116                                                 <attribute name="storeAttributes" type="boolean" use="optional" default="false"/>
117                                                 <anyAttribute namespace="##other" processContents="lax"/>
118                                         </complexType>
119                                 </element>
120                                 <element name="SessionCache">
121                                         <complexType>
122                                                 <complexContent>
123                                                         <extension base="conf:PluggableType">
124                                                                 <attributeGroup ref="conf:SessionCacheProperties"/>
125                                                         </extension>
126                                                 </complexContent>
127                                         </complexType>
128                                 </element>
129                         </choice>
130                         <choice minOccurs="0">
131                                 <element name="MySQLReplayCache">
132                                         <complexType>
133                                                 <sequence>
134                                                         <element name="Argument" type="string" minOccurs="0" maxOccurs="unbounded"/>
135                                                 </sequence>
136                                                 <anyAttribute namespace="##other" processContents="lax"/>
137                                         </complexType>
138                                 </element>
139                                 <element name="ReplayCache" type="conf:PluggableType"/>
140                         </choice>
141                         <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
142                 </sequence>
143                 <attribute name="logger" type="anyURI" use="optional"/>
144                 <anyAttribute namespace="##other" processContents="lax"/>
145         </complexType>
146
147         <attributeGroup name="SessionCacheProperties">
148         <attribute name="cleanupInterval" type="unsignedInt" use="optional" default="300"/>
149         <attribute name="cacheTimeout" type="unsignedInt" use="optional" default="28800"/>
150                 <attribute name="AAConnectTimeout" type="unsignedInt" use="optional" default="15"/>
151                 <attribute name="AATimeout" type="unsignedInt" use="optional" default="30"/>
152                 <attribute name="defaultLifetime" type="unsignedInt" use="optional" default="1800"/>
153                 <attribute name="retryInterval" type="unsignedInt" use="optional" default="300"/>
154                 <attribute name="strictValidity" type="boolean" use="optional" default="true"/>
155                 <attribute name="propagateErrors" type="boolean" use="optional" default="false"/>
156         </attributeGroup>
157
158         <complexType name="LocalConfigurationType">
159                 <annotation>
160                         <documentation>
161                         Container for configuration of locally integrated or platform-specific
162                         features (e.g. web server filters)
163                         </documentation>
164                 </annotation>
165                 <sequence>
166                         <element ref="conf:Extensions" minOccurs="0"/>
167                         <element name="RequestMapProvider" type="conf:PluggableType" minOccurs="0"/>
168                         <element name="Implementation" minOccurs="0">
169                                 <complexType>
170                                         <choice maxOccurs="unbounded">
171                                                 <element ref="conf:ISAPI"/>
172                                                 <any namespace="##other" processContents="lax"/>
173                                         </choice>
174                                 </complexType>
175                         </element>
176                         <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
177                 </sequence>
178                 <attribute name="logger" type="anyURI" use="optional"/>
179                 <attribute name="localRelayState" type="boolean" use="optional" default="false"/>
180                 <anyAttribute namespace="##other" processContents="lax"/>
181         </complexType>
182         
183         <element name="ISAPI">
184                 <complexType>
185                         <sequence>
186                                 <element name="Site" maxOccurs="unbounded">
187                                         <complexType>
188                                                 <sequence>
189                                                         <element name="Alias" type="string" minOccurs="0" maxOccurs="unbounded"/>
190                                                 </sequence>
191                                                 <attribute name="id" type="unsignedInt" use="required"/>
192                                                 <attribute name="name" type="string" use="required"/>
193                                                 <attribute name="port" type="unsignedInt" use="optional"/>
194                                                 <attribute name="sslport" type="unsignedInt" use="optional"/>
195                                                 <attribute name="scheme" type="string" use="optional"/>
196                                         </complexType>
197                                 </element>
198                                 <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
199                         </sequence>
200                         <attribute name="normalizeRequest" type="boolean" use="optional"/>
201                         <anyAttribute namespace="##other" processContents="lax"/>
202                 </complexType>
203         </element>
204         <element name="NSAPI" type="anyType"/>
205         <element name="Java" type="anyType"/>
206
207         <element name="AccessControl" type="conf:UniOperatorType">
208                 <annotation>
209                         <documentation>
210                         A simple example access policy language extension that supersedes Apache .htaccess
211                         </documentation>
212                 </annotation>
213         </element>
214         <element name="OR" type="conf:MultiOperatorType"/>
215         <element name="AND" type="conf:MultiOperatorType"/>
216         <element name="NOT" type="conf:UniOperatorType"/>
217         <complexType name="UniOperatorType">
218                 <choice>
219                         <element ref="conf:AND"/>
220                         <element ref="conf:OR"/>
221                         <element ref="conf:NOT"/>
222                         <element ref="conf:Rule"/>
223                 </choice>
224         </complexType>
225         <complexType name="MultiOperatorType">
226                 <choice minOccurs="2" maxOccurs="unbounded">
227                         <element ref="conf:AND"/>
228                         <element ref="conf:OR"/>
229                         <element ref="conf:NOT"/>
230                         <element ref="conf:Rule"/>
231                 </choice>
232         </complexType>
233         <element name="Rule">
234                 <complexType>
235                         <simpleContent>
236                                 <extension base="conf:listOfStrings">
237                                         <attribute name="require" type="string" use="required"/>
238                                 </extension>
239                         </simpleContent>
240                 </complexType>
241         </element>
242         <simpleType name="listOfStrings">
243                 <list itemType="string"/>
244         </simpleType>
245         
246         <attributeGroup name="ContentSettings">
247                 <attribute name="authType" type="string" use="optional"/>
248                 <attribute name="requireSession" type="boolean" use="optional"/>
249                 <attribute name="requireSessionWith" type="string" use="optional"/>
250                 <attribute name="exportAssertion" type="boolean" use="optional"/>
251                 <anyAttribute namespace="##other" processContents="lax"/>
252         </attributeGroup>
253         <element name="AccessControlProvider" type="conf:PluggableType"/>
254         <element name="htaccess" type="conf:PluggableType"/>
255
256     <element name="RequestMap">
257                 <annotation>
258                         <documentation>
259                         Built-in request mapping syntax, decomposes URLs into Host/Path/Path/...
260                         </documentation>
261                 </annotation>
262         <complexType>
263             <sequence>
264                 <choice minOccurs="0">
265                         <element ref="conf:htaccess"/>
266                                         <element ref="conf:AccessControl"/>
267                         <element ref="conf:AccessControlProvider"/>
268                     </choice>
269                 <element ref="conf:Host" minOccurs="0" maxOccurs="unbounded"/>
270             </sequence>
271             <attribute name="applicationId" type="string" fixed="default"/>
272                 <attributeGroup ref="conf:ContentSettings"/>
273         </complexType>
274     </element>
275
276     <element name="Host">
277         <complexType>
278                 <sequence>
279                 <choice minOccurs="0">
280                         <element ref="conf:htaccess"/>
281                                         <element ref="conf:AccessControl"/>
282                         <element ref="conf:AccessControlProvider"/>
283                     </choice>
284                         <element ref="conf:Path" minOccurs="0" maxOccurs="unbounded"/>
285                 </sequence>
286                 <attribute name="scheme" use="optional">
287                             <simpleType>
288                                 <restriction base="string">
289                                     <enumeration value="http"/>
290                                     <enumeration value="https"/>
291                                     <enumeration value="ftp"/>
292                                     <enumeration value="ldap"/>
293                                     <enumeration value="ldaps"/>
294                                 </restriction>
295                             </simpleType>
296                 </attribute>
297                 <attribute name="name" type="string" use="required"/>
298                 <attribute name="port" type="unsignedInt" use="optional"/>
299                 <attribute name="applicationId" type="string" use="optional"/>
300                 <attributeGroup ref="conf:ContentSettings"/>
301         </complexType>
302     </element>
303
304     <element name="Path">
305         <complexType>
306                 <sequence>
307                 <choice minOccurs="0">
308                         <element ref="conf:htaccess"/>
309                                         <element ref="conf:AccessControl"/>
310                         <element ref="conf:AccessControlProvider"/>
311                     </choice>
312                         <element ref="conf:Path" minOccurs="0" maxOccurs="unbounded"/>
313                 </sequence>
314                 <attribute name="name" type="string" use="required"/>
315                 <attribute name="applicationId" type="string" use="optional"/>
316                 <attributeGroup ref="conf:ContentSettings"/>
317         </complexType>
318     </element>
319
320         <element name="Applications">
321                 <annotation>
322                         <documentation>Container for global target settings and application-specific overrides</documentation>
323                 </annotation>
324                 <complexType>
325                         <sequence>
326                                 <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
327                                 <element ref="conf:Sessions"/>
328                                 <element ref="conf:Errors"/>
329                                 <element ref="conf:CredentialUse" minOccurs="0"/>
330                                 <choice minOccurs="0" maxOccurs="unbounded">
331                     <element ref="saml:AttributeDesignator"/>
332                     <element ref="saml:Audience"/>
333                     <element name="AAPProvider" type="conf:PluggableType"/>
334                     <!-- deprecated --> <element name="FederationProvider" type="conf:PluggableType"/>
335                     <element name="MetadataProvider" type="conf:PluggableType"/>
336                     <element name="TrustProvider" type="conf:PluggableType"/>
337                                 </choice>
338                                 <element ref="conf:Application" minOccurs="0" maxOccurs="unbounded"/>
339                         </sequence>
340                         <attribute name="id" type="string" fixed="default"/>
341                         <attribute name="providerId" type="anyURI" use="required"/>
342                         <attribute name="homeURL" type="anyURI" use="optional"/>
343                 <anyAttribute namespace="##other" processContents="lax"/>
344                 </complexType>
345         </element>
346         
347         <element name="Application">
348                 <annotation>
349                         <documentation>Container for application-specific overrides</documentation>
350                 </annotation>
351                 <complexType>
352                         <sequence>
353                                 <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
354                                 <element ref="conf:Sessions" minOccurs="0"/>
355                                 <element ref="conf:Errors" minOccurs="0"/>
356                                 <element ref="conf:CredentialUse" minOccurs="0"/>
357                                 <choice minOccurs="0" maxOccurs="unbounded">
358                     <element ref="saml:AttributeDesignator"/>
359                     <element ref="saml:Audience"/>
360                     <element name="AAPProvider" type="conf:PluggableType"/>
361                     <!-- deprecated --> <element name="FederationProvider" type="conf:PluggableType"/>
362                     <element name="MetadataProvider" type="conf:PluggableType"/>
363                     <element name="TrustProvider" type="conf:PluggableType"/>
364                                 </choice>
365                         </sequence>
366                         <attribute name="id" type="string" use="required"/>
367                         <attribute name="providerId" type="anyURI" use="optional"/>
368                         <attribute name="homeURL" type="anyURI" use="optional"/>
369                 <anyAttribute namespace="##other" processContents="lax"/>
370                 </complexType>
371         </element>
372
373         <element name="KeyInfoResolver" type="conf:PluggableType">
374                 <annotation>
375                         <documentation>
376                         Custom plug-in that resolves ds:KeyInfo elements into public keys, used in
377                         TrustProvider elements.
378                         </documentation>
379                 </annotation>
380         </element>
381
382         <element name="Sessions">
383                 <annotation>
384                         <documentation>Container for specifying app session establishment and policy</documentation>
385                 </annotation>
386                 <complexType>
387                         <choice minOccurs="0" maxOccurs="unbounded">
388                                 <element ref="conf:SessionInitiator"/>
389                                 <element ref="md:AssertionConsumerService"/>
390                                 <element ref="md:SingleLogoutService"/>
391                         </choice>
392                         <!-- deprecated --> <attribute name="wayfURL" type="anyURI" use="optional"/>
393                         <!-- deprecated --> <attribute name="shireURL" type="anyURI" use="optional"/>
394                         <!-- deprecated --> <attribute name="shireSSL" type="boolean" use="optional"/>
395                         <attribute name="handlerURL" type="anyURI" use="optional"/>
396                         <attribute name="handlerSSL" type="boolean" use="optional" default="true"/>
397                         <attribute name="cookieName" type="string" use="optional"/>
398                         <attribute name="cookieProps" type="string" use="optional"/>
399                         <attribute name="idpHistory" type="boolean" use="optional" default="true"/>
400                         <attribute name="idpHistoryDays" type="unsignedInt" use="optional"/>
401                         <attribute name="lifetime" type="unsignedInt" use="optional"/>
402                         <attribute name="timeout" type="unsignedInt" use="optional"/>
403                         <attribute name="checkAddress" type="boolean" use="optional"/>
404                         <attribute name="checkReplay" type="boolean" use="optional" default="true"/>
405                         <anyAttribute namespace="##other" processContents="lax"/>
406                 </complexType>
407         </element>
408         <element name="SessionInitiator">
409                 <annotation>
410                         <documentation>Used to specify WAYF/Discovery services (external or internal)</documentation>
411                 </annotation>
412                 <complexType>
413                         <sequence>
414                                 <any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
415                         </sequence>
416                         <attribute name="Location" type="anyURI" use="required"/>
417                         <attribute name="Binding" type="anyURI" use="required"/>
418                         <attribute name="wayfURL" type="anyURI" use="optional"/>
419                         <attribute name="wayfBinding" type="anyURI" use="optional"/>
420                         <attribute name="checkCDC" type="anyURI" use="optional"/>
421                         <attribute name="isDefault" type="boolean" use="optional"/>
422                         <attribute name="id" type="string" use="optional"/>
423                 </complexType>
424         </element>
425
426         <element name="Errors">
427                 <annotation>
428                         <documentation>Container for error templates and associated details</documentation>
429                 </annotation>
430                 <complexType>
431                         <sequence>
432                                 <any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
433                         </sequence>
434                         <!-- deprecated --> <attribute name="shire" type="anyURI" use="optional"/>
435                         <attribute name="session" type="anyURI" use="optional"/>
436                         <attribute name="metadata" type="anyURI" use="optional"/>
437                         <attribute name="rm" type="anyURI" use="required"/>
438                         <attribute name="access" type="anyURI" use="optional"/>
439                         <attribute name="supportContact" type="string" use="optional"/>
440                         <attribute name="logoLocation" type="anyURI" use="optional"/>
441                         <attribute name="styleSheet" type="anyURI" use="optional"/>
442                         <anyAttribute namespace="##any" processContents="lax"/>
443                 </complexType>
444         </element>
445
446         <attributeGroup name="CredentialUseGroup">
447                 <attribute name="TLS" type="string" use="required"/>
448                 <attribute name="Signing" type="string" use="required"/>
449                 <attribute name="signRequest" type="boolean" use="optional" default="false"/>
450                 <attribute name="signedResponse" type="boolean" use="optional" default="false"/>
451                 <attribute name="signedAssertions" type="boolean" use="optional" default="false"/>
452         </attributeGroup>
453
454         <element name="CredentialUse">
455                 <annotation>
456                         <documentation>Container for specifying credentials to use</documentation>
457                 </annotation>
458                 <complexType>
459                         <sequence>
460                                 <element name="RelyingParty" minOccurs="0" maxOccurs="unbounded">
461                                         <complexType>
462                                                 <sequence>
463                                                         <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
464                                                 </sequence>
465                                                 <attribute name="Name" type="string" use="required"/>
466                                                 <attributeGroup ref="conf:CredentialUseGroup"/>
467                                                 <anyAttribute namespace="##other" processContents="lax"/>
468                                         </complexType>
469                                 </element>
470                                 <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
471                         </sequence>
472                         <attributeGroup ref="conf:CredentialUseGroup"/>
473                 <anyAttribute namespace="##other" processContents="lax"/>
474                 </complexType>
475         </element>
476 </schema>
477
Unnamed repository; edit this file 'description' to name the repository.