projects / shibboleth / sp.git / blob
? search:


17b90cc30c15e7dd60019cd1633ce66deb262f6e
[shibboleth/sp.git] / schemas / shibboleth-2.0-attribute-map.xsd
1 <?xml version="1.0" encoding="UTF-8"?>
2 <schema targetNamespace="urn:mace:shibboleth:2.0:attribute-map"
3         xmlns="http://www.w3.org/2001/XMLSchema"
4         xmlns:am="urn:mace:shibboleth:2.0:attribute-map"
5         xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
6         elementFormDefault="qualified"
7         version="2.3">
8
9     <import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd" />
10
11     <annotation>
12         <documentation>
13             This schema maps SAML attributes into Shibboleth internal attributes.
14         </documentation>
15     </annotation>
16
17     <simpleType name="string">
18         <restriction base="string">
19             <minLength value="1"/>
20         </restriction>
21     </simpleType>
22
23     <simpleType name="anyURI">
24         <restriction base="anyURI">
25             <minLength value="1"/>
26         </restriction>
27     </simpleType>
28
29     <simpleType name="listOfStrings">
30         <list itemType="am:string"/>
31     </simpleType>
32
33     <complexType name="PluggableType">
34         <sequence>
35             <any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
36         </sequence>
37         <attribute name="type" type="am:string" use="required"/>
38         <anyAttribute namespace="##any" processContents="lax"/>
39     </complexType>
40     
41     <element name="Attributes">
42         <annotation>
43             <documentation>The set of SAML 1/2 attribute mappings.</documentation>
44         </annotation>
45         <complexType>
46             <sequence>
47                 <element name="MetadataProvider" type="am:PluggableType" minOccurs="0"/>
48                 <element name="TrustEngine" type="am:PluggableType" minOccurs="0"/>
49                 <element name="AttributeFilter" type="am:PluggableType" minOccurs="0"/>
50                 <element name="Attribute" type="am:AttributeType" maxOccurs="unbounded"/>
51                 <element ref="ds:Signature" minOccurs="0"/>
52             </sequence>
53             <attribute name="metadataPolicyId" type="am:string"/>
54         </complexType>
55     </element>
56
57     <complexType name="AttributeType">
58         <annotation>
59             <documentation>Rule for mapping a SAML 1/2 attribute to an internal attribute.</documentation>
60         </annotation>
61         <sequence>
62             <element name="AttributeDecoder" type="am:AttributeDecoderType" minOccurs="0"/>
63         </sequence>
64         <attribute name="id" type="am:string" use="required">
65             <annotation>
66                 <documentation>The internal attribute ID to which this SAML attribute maps.</documentation>
67             </annotation>
68         </attribute>
69         <attribute name="aliases" type="am:listOfStrings">
70             <annotation>
71                 <documentation>Optional aliases for the internal attribute to which this SAML attribute maps.</documentation>
72             </annotation>
73         </attribute>
74         <attribute name="name" type="am:string" use="required">
75             <annotation>
76                 <documentation>The SAML 1 AttributeName or SAML 2 Name of the attribute.</documentation>
77             </annotation>
78         </attribute>
79         <attribute name="nameFormat" type="am:string">
80             <annotation>
81                 <documentation>The SAML 1 Namespace or SAML 2 NameFormat of the attribute.</documentation>
82             </annotation>
83         </attribute>
84     </complexType>
85     
86     <complexType name="AttributeDecoderType" abstract="true">
87         <annotation>
88             <documentation>
89                 Decodes a SAML attribute into its Shibboleth-internal representation.
90             </documentation>
91         </annotation>
92         <attribute name="caseSensitive" type="boolean">
93             <annotation>
94                 <documentation>
95                     Flag controlling case sensitivity when comparisons to the attribute's values are done.
96                 </documentation>
97             </annotation>
98         </attribute>
99         <attribute name="internal" type="boolean">
100             <annotation>
101                 <documentation>Flag controlling whether the resulting attribute should be exported for CGI use.</documentation>
102             </annotation>
103         </attribute>
104         <attribute name="hashAlg" type="am:string">
105             <annotation>
106                 <documentation>
107                     Crypto-provider-specific name of hash algorithm to use,
108                     turning the decoded result into a simple string.
109                 </documentation>
110             </annotation>
111         </attribute>
112     </complexType>
113     
114     <complexType name="StringAttributeDecoder">
115         <annotation>
116             <documentation>
117                 Decoder for attributes with string values.
118             </documentation>
119         </annotation>
120         <complexContent>
121             <extension base="am:AttributeDecoderType" />
122         </complexContent>
123     </complexType>
124
125     <complexType name="ScopedAttributeDecoder">
126         <annotation>
127             <documentation>
128                 Decoder for attributes with scoped values.
129             </documentation>
130         </annotation>
131         <complexContent>
132             <extension base="am:AttributeDecoderType">
133                 <attribute name="scopeDelimiter" type="am:string">
134                     <annotation>
135                         <documentation>
136                             The character(s) used to delimit the scoped information from the scope.
137                         </documentation>
138                     </annotation>
139                 </attribute>
140             </extension>
141         </complexContent>
142     </complexType>
143     
144     <complexType name="NameIDAttributeDecoder">
145         <annotation>
146             <documentation>
147                 Decoder for attributes with NameID values.
148             </documentation>
149         </annotation>
150         <complexContent>
151             <extension base="am:AttributeDecoderType">
152                 <attribute name="formatter" type="am:string">
153                     <annotation>
154                         <documentation>
155                             The pattern used to generate string versions of the attribute's values.
156                         </documentation>
157                     </annotation>
158                 </attribute>
159                 <attribute name="defaultQualifiers" type="boolean">
160                     <annotation>
161                         <documentation>
162                             Flag controlling whether to default in values for NameQualifier/SPNameQualifier if not set.
163                         </documentation>
164                     </annotation>
165                 </attribute>
166             </extension>
167         </complexContent>
168     </complexType>
169
170     <complexType name="NameIDFromScopedAttributeDecoder">
171         <annotation>
172             <documentation>
173                 Decoder for attributes with scoped values that produces a NameID attribute with
174                 the scope dropped and the NameQualifiers defaulted.
175             </documentation>
176         </annotation>
177         <complexContent>
178             <extension base="am:ScopedAttributeDecoder">
179                 <attribute name="format" type="am:anyURI">
180                     <annotation>
181                         <documentation>
182                             Value to use as the NameID Format.
183                         </documentation>
184                     </annotation>
185                 </attribute>
186                 <attribute name="defaultQualifiers" type="boolean">
187                     <annotation>
188                         <documentation>
189                             Flag controlling whether to default in values for NameQualifier/SPNameQualifier if not set.
190                         </documentation>
191                     </annotation>
192                 </attribute>
193                 <attribute name="formatter" type="am:string">
194                     <annotation>
195                         <documentation>
196                             The pattern used to generate string versions of the attribute's values.
197                         </documentation>
198                     </annotation>
199                 </attribute>
200             </extension>
201         </complexContent>
202     </complexType>
203
204     <complexType name="KeyInfoAttributeDecoder">
205         <annotation>
206             <documentation>
207                 Decoder for attributes with ds:KeyInfo values.
208             </documentation>
209         </annotation>
210         <complexContent>
211             <extension base="am:AttributeDecoderType">
212                 <sequence>
213                     <element name="KeyInfoResolver" type="am:PluggableType" minOccurs="0"/>
214                 </sequence>
215                 <attribute name="hash" type="boolean">
216                     <annotation>
217                         <documentation>
218                             Flag controlling whether to hash keys before base64-encoding them.
219                         </documentation>
220                     </annotation>
221                 </attribute>
222                 <attribute name="keyInfoHashAlg" type="am:string">
223                     <annotation>
224                         <documentation>
225                             Crypto-provider-specific name of hash algorithm to use.
226                         </documentation>
227                     </annotation>
228                 </attribute>
229             </extension>
230         </complexContent>
231     </complexType>
232
233     <complexType name="XMLAttributeDecoder">
234         <annotation>
235             <documentation>
236                 Decoder for directly serializing XML values.
237             </documentation>
238         </annotation>
239         <complexContent>
240             <extension base="am:AttributeDecoderType"/>
241         </complexContent>
242     </complexType>
243
244     <complexType name="DOMAttributeDecoder">
245         <annotation>
246             <documentation>
247                 Decoder for extracting information from XML values.
248             </documentation>
249         </annotation>
250         <complexContent>
251             <extension base="am:AttributeDecoderType">
252                 <sequence>
253                     <element name="Mapping" minOccurs="0">
254                         <annotation>
255                             <documentation>Optional transform to turn qualified XML names into string names.</documentation>
256                         </annotation>
257                         <complexType>
258                             <attribute name="from" type="QName" use="required"/>
259                             <attribute name="to" type="am:string" use="required"/>
260                         </complexType>
261                     </element>
262                 </sequence>
263                 <attribute name="formatter" type="am:string">
264                     <annotation>
265                         <documentation>
266                             The pattern used to generate strings from the XML.
267                         </documentation>
268                     </annotation>
269                 </attribute>
270             </extension>
271         </complexContent>
272     </complexType>
273
274 </schema>
Shibboleth SP