projects / shibboleth / sp.git / blob
? search:


b40a8ddd0a12f10276ce7f814a582fbfb5b0a775
[shibboleth/sp.git] / schemas / shibboleth-2.0-attribute-map.xsd
1 <?xml version="1.0" encoding="UTF-8"?>
2 <schema targetNamespace="urn:mace:shibboleth:2.0:attribute-map"
3         xmlns="http://www.w3.org/2001/XMLSchema"
4         xmlns:am="urn:mace:shibboleth:2.0:attribute-map"
5         xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
6         elementFormDefault="qualified"
7         version="2.5">
8
9     <import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd" />
10
11     <annotation>
12         <documentation>
13             This schema maps SAML attributes into Shibboleth internal attributes.
14         </documentation>
15     </annotation>
16
17     <simpleType name="string">
18         <restriction base="string">
19             <minLength value="1"/>
20         </restriction>
21     </simpleType>
22
23     <simpleType name="anyURI">
24         <restriction base="anyURI">
25             <minLength value="1"/>
26         </restriction>
27     </simpleType>
28
29     <simpleType name="listOfStrings">
30         <list itemType="am:string"/>
31     </simpleType>
32
33     <complexType name="PluggableType">
34         <sequence>
35             <any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
36         </sequence>
37         <attribute name="type" type="am:string" use="required"/>
38         <anyAttribute namespace="##any" processContents="lax"/>
39     </complexType>
40     
41     <element name="Attributes">
42         <annotation>
43             <documentation>The set of SAML or GSS-API attribute mappings.</documentation>
44         </annotation>
45         <complexType>
46             <sequence>
47                 <element name="MetadataProvider" type="am:PluggableType" minOccurs="0"/>
48                 <element name="TrustEngine" type="am:PluggableType" minOccurs="0"/>
49                 <element name="AttributeFilter" type="am:PluggableType" minOccurs="0"/>
50                 <choice maxOccurs="unbounded">
51                     <element name="Attribute" type="am:AttributeType"/>
52                     <element name="GSSAPIAttribute" type="am:GSSAPIAttributeType"/>
53                 </choice>
54                 <element ref="ds:Signature" minOccurs="0"/>
55             </sequence>
56             <attribute name="metadataPolicyId" type="am:string"/>
57         </complexType>
58     </element>
59
60     <complexType name="AttributeType">
61         <annotation>
62             <documentation>Rule for mapping a SAML attribute to an internal attribute.</documentation>
63         </annotation>
64         <sequence>
65             <element name="AttributeDecoder" type="am:AttributeDecoderType" minOccurs="0"/>
66         </sequence>
67         <attribute name="id" type="am:string" use="required">
68             <annotation>
69                 <documentation>The internal attribute ID to which this SAML attribute maps.</documentation>
70             </annotation>
71         </attribute>
72         <attribute name="aliases" type="am:listOfStrings">
73             <annotation>
74                 <documentation>Optional aliases for the internal attribute to which this SAML attribute maps.</documentation>
75             </annotation>
76         </attribute>
77         <attribute name="name" type="am:string" use="required">
78             <annotation>
79                 <documentation>The SAML 1 AttributeName or SAML 2 Name of the attribute.</documentation>
80             </annotation>
81         </attribute>
82         <attribute name="nameFormat" type="am:string">
83             <annotation>
84                 <documentation>The SAML 1 Namespace or SAML 2 NameFormat of the attribute.</documentation>
85             </annotation>
86         </attribute>
87         <attribute name="isRequested" type="boolean">
88           <annotation>
89             <documentation>Marks an attribute as requested by the service.</documentation>
90           </annotation>
91         </attribute>
92         <attribute name="isRequired" type="boolean">
93           <annotation>
94             <documentation>Marks an attribute as required by the service.</documentation>
95           </annotation>
96         </attribute>
97     </complexType>
98
99     <complexType name="GSSAPIAttributeType">
100         <annotation>
101             <documentation>Rule for mapping a GSS-API naming attribute to an internal attribute.</documentation>
102         </annotation>
103         <attribute name="id" type="am:string" use="required">
104             <annotation>
105                 <documentation>The internal attribute ID to which this SAML attribute maps.</documentation>
106             </annotation>
107         </attribute>
108         <attribute name="aliases" type="am:listOfStrings">
109             <annotation>
110                 <documentation>Optional aliases for the internal attribute to which this SAML attribute maps.</documentation>
111             </annotation>
112         </attribute>
113         <attribute name="name" type="am:string" use="required">
114             <annotation>
115                 <documentation>The SAML 1 AttributeName or SAML 2 Name of the attribute.</documentation>
116             </annotation>
117         </attribute>
118         <attribute name="authenticated" type="boolean">
119             <annotation>
120                 <documentation>If true, only an authenticated GSS-API naming attribute will be mapped.</documentation>
121             </annotation>
122         </attribute>
123         <attribute name="scopeDelimiter" type="am:string">
124             <annotation>
125                 <documentation>
126                     The character(s) used to delimit the scoped information from the scope.
127                 </documentation>
128             </annotation>
129         </attribute>
130     </complexType>
131     
132     <complexType name="AttributeDecoderType" abstract="true">
133         <annotation>
134             <documentation>
135                 Decodes a SAML attribute into its Shibboleth-internal representation.
136             </documentation>
137         </annotation>
138         <attribute name="caseSensitive" type="boolean">
139             <annotation>
140                 <documentation>
141                     Flag controlling case sensitivity when comparisons to the attribute's values are done.
142                 </documentation>
143             </annotation>
144         </attribute>
145         <attribute name="internal" type="boolean">
146             <annotation>
147                 <documentation>Flag controlling whether the resulting attribute should be exported for CGI use.</documentation>
148             </annotation>
149         </attribute>
150         <attribute name="hashAlg" type="am:string">
151             <annotation>
152                 <documentation>
153                     Crypto-provider-specific name of hash algorithm to use,
154                     turning the decoded result into a simple string.
155                 </documentation>
156             </annotation>
157         </attribute>
158     </complexType>
159     
160     <complexType name="StringAttributeDecoder">
161         <annotation>
162             <documentation>
163                 Decoder for attributes with string values.
164             </documentation>
165         </annotation>
166         <complexContent>
167             <extension base="am:AttributeDecoderType" />
168         </complexContent>
169     </complexType>
170
171     <complexType name="ScopedAttributeDecoder">
172         <annotation>
173             <documentation>
174                 Decoder for attributes with scoped values.
175             </documentation>
176         </annotation>
177         <complexContent>
178             <extension base="am:AttributeDecoderType">
179                 <attribute name="scopeDelimiter" type="am:string">
180                     <annotation>
181                         <documentation>
182                             The character(s) used to delimit the scoped information from the scope.
183                         </documentation>
184                     </annotation>
185                 </attribute>
186             </extension>
187         </complexContent>
188     </complexType>
189     
190     <complexType name="NameIDAttributeDecoder">
191         <annotation>
192             <documentation>
193                 Decoder for attributes with NameID values.
194             </documentation>
195         </annotation>
196         <complexContent>
197             <extension base="am:AttributeDecoderType">
198                 <attribute name="formatter" type="am:string">
199                     <annotation>
200                         <documentation>
201                             The pattern used to generate string versions of the attribute's values.
202                         </documentation>
203                     </annotation>
204                 </attribute>
205                 <attribute name="defaultQualifiers" type="boolean">
206                     <annotation>
207                         <documentation>
208                             Flag controlling whether to default in values for NameQualifier/SPNameQualifier if not set.
209                         </documentation>
210                     </annotation>
211                 </attribute>
212             </extension>
213         </complexContent>
214     </complexType>
215
216     <complexType name="NameIDFromScopedAttributeDecoder">
217         <annotation>
218             <documentation>
219                 Decoder for attributes with scoped values that produces a NameID attribute with
220                 the scope dropped and the NameQualifiers defaulted.
221             </documentation>
222         </annotation>
223         <complexContent>
224             <extension base="am:ScopedAttributeDecoder">
225                 <attribute name="format" type="am:anyURI">
226                     <annotation>
227                         <documentation>
228                             Value to use as the NameID Format.
229                         </documentation>
230                     </annotation>
231                 </attribute>
232                 <attribute name="defaultQualifiers" type="boolean">
233                     <annotation>
234                         <documentation>
235                             Flag controlling whether to default in values for NameQualifier/SPNameQualifier if not set.
236                         </documentation>
237                     </annotation>
238                 </attribute>
239                 <attribute name="formatter" type="am:string">
240                     <annotation>
241                         <documentation>
242                             The pattern used to generate string versions of the attribute's values.
243                         </documentation>
244                     </annotation>
245                 </attribute>
246             </extension>
247         </complexContent>
248     </complexType>
249
250     <complexType name="KeyInfoAttributeDecoder">
251         <annotation>
252             <documentation>
253                 Decoder for attributes with ds:KeyInfo values.
254             </documentation>
255         </annotation>
256         <complexContent>
257             <extension base="am:AttributeDecoderType">
258                 <sequence>
259                     <element name="KeyInfoResolver" type="am:PluggableType" minOccurs="0"/>
260                 </sequence>
261                 <attribute name="hash" type="boolean">
262                     <annotation>
263                         <documentation>
264                             Flag controlling whether to hash keys before base64-encoding them.
265                         </documentation>
266                     </annotation>
267                 </attribute>
268                 <attribute name="keyInfoHashAlg" type="am:string">
269                     <annotation>
270                         <documentation>
271                             Crypto-provider-specific name of hash algorithm to use.
272                         </documentation>
273                     </annotation>
274                 </attribute>
275             </extension>
276         </complexContent>
277     </complexType>
278
279     <complexType name="XMLAttributeDecoder">
280         <annotation>
281             <documentation>
282                 Decoder for directly serializing XML values.
283             </documentation>
284         </annotation>
285         <complexContent>
286             <extension base="am:AttributeDecoderType"/>
287         </complexContent>
288     </complexType>
289
290     <complexType name="DOMAttributeDecoder">
291         <annotation>
292             <documentation>
293                 Decoder for extracting information from XML values.
294             </documentation>
295         </annotation>
296         <complexContent>
297             <extension base="am:AttributeDecoderType">
298                 <sequence>
299                     <element name="Mapping" minOccurs="0">
300                         <annotation>
301                             <documentation>Optional transform to turn qualified XML names into string names.</documentation>
302                         </annotation>
303                         <complexType>
304                             <attribute name="from" type="QName" use="required"/>
305                             <attribute name="to" type="am:string" use="required"/>
306                         </complexType>
307                     </element>
308                 </sequence>
309                 <attribute name="formatter" type="am:string">
310                     <annotation>
311                         <documentation>
312                             The pattern used to generate strings from the XML.
313                         </documentation>
314                     </annotation>
315                 </attribute>
316             </extension>
317         </complexContent>
318     </complexType>
319
320     <complexType name="Base64AttributeDecoder">
321         <annotation>
322             <documentation>
323                 Decoder for attributes with base64-encoded string values.
324             </documentation>
325         </annotation>
326         <complexContent>
327             <extension base="am:AttributeDecoderType" />
328         </complexContent>
329     </complexType>
330
331 </schema>
Shibboleth SP