1 <?xml version="1.0" encoding="UTF-8"?>
2 <xs:schema targetNamespace="urn:mace:shibboleth:credentials:1.0"
3 xmlns:credentials="urn:mace:shibboleth:credentials:1.0"
4 xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
5 xmlns:xs="http://www.w3.org/2001/XMLSchema"
6 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
7 elementFormDefault="qualified" attributeFormDefault="unqualified">
8 <xs:import namespace="http://www.w3.org/2000/09/xmldsig#"
9 schemaLocation="xmldsig-core-schema.xsd"/>
10 <xs:element name="Credentials">
12 <xs:choice minOccurs="1" maxOccurs="unbounded">
13 <xs:element name="KeyStoreResolver"
14 type="credentials:KeyStoreResolverType"/>
15 <xs:element name="FileResolver"
16 type="credentials:FileResolverType"/>
17 <xs:element name="CustomResolver"
18 type="credentials:CustomResolverType"/>
20 <xs:anyAttribute namespace="##any" processContents="lax"/>
23 <xs:element name="Credential">
25 <xs:choice minOccurs="1" maxOccurs="1">
26 <xs:element name="KeyStoreResolver"
27 type="credentials:KeyStoreResolverType"/>
28 <xs:element name="FileResolver"
29 type="credentials:FileResolverType"/>
30 <xs:element name="CustomResolver"
31 type="credentials:CustomResolverType"/>
33 <xs:anyAttribute namespace="##any" processContents="lax"/>
36 <xs:simpleType name="FormatType">
37 <xs:restriction base="xs:string">
38 <xs:enumeration value="PEM"/>
39 <xs:enumeration value="DER"/>
40 <xs:enumeration value="PKCS12"/>
43 <xs:complexType name="BaseCredentialFinder">
44 <xs:attribute name="Id" type="xs:string" use="optional"/>
46 <xs:complexType name="KeyStoreResolverType">
48 <xs:documentation>Pulls credentials from a Java
49 keystore.</xs:documentation>
52 <xs:extension base="credentials:BaseCredentialFinder">
54 <xs:element name="Path" type="xs:string"/>
55 <xs:element name="KeyAlias" type="xs:string"/>
56 <xs:element name="CertAlias" type="xs:string"
58 <xs:element name="StorePassword" type="xs:string"/>
59 <xs:element name="KeyPassword" type="xs:string"
62 <xs:attribute name="storeType" type="xs:string" use="optional"
67 <xs:complexType name ="FileResolverType">
69 <xs:documentation>Pulls credentials from files.</xs:documentation>
72 <xs:extension base="credentials:BaseCredentialFinder">
74 <xs:element name="Key" minOccurs="0">
77 <xs:element name="Path" type="xs:string"/>
79 <xs:attribute name="format"
80 type="credentials:FormatType" use="optional"
82 <xs:attribute name="password" type="xs:string"
86 <xs:element name="Certificate" minOccurs="0">
89 <xs:element name="Path" type="xs:string"/>
90 <xs:element name="CAPath" type="xs:string"
91 minOccurs="0" maxOccurs="unbounded"/>
93 <xs:attribute name="format"
94 type="credentials:FormatType" use="optional"
96 <xs:attribute name="password" type="xs:string"
104 <xs:complexType name="CustomResolverType">
106 <xs:documentation>Allows for specification of a Java class that
107 loads credentials from a custom storage mechanism.
111 <xs:extension base="credentials:BaseCredentialFinder">
113 <xs:any namespace="##any" processContents="lax"
114 minOccurs="0" maxOccurs="unbounded"/>
116 <xs:attribute name="class" type="xs:string" use="required"/>
117 <xs:anyAttribute namespace="##any"/>