Added support for starttls and sasl EXTERNAL authentication. Hooked the existing...
[java-idp.git] / src / schemas / credentials.xsd
1 <?xml version="1.0" encoding="UTF-8"?>
2 <xs:schema targetNamespace="urn:mace:shibboleth:credentials:1.0" 
3         xmlns:credentials="urn:mace:shibboleth:credentials:1.0" 
4         xmlns:ds="http://www.w3.org/2000/09/xmldsig#" 
5         xmlns:xs="http://www.w3.org/2001/XMLSchema" 
6         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
7         elementFormDefault="qualified" attributeFormDefault="unqualified">
8         <xs:import namespace="http://www.w3.org/2000/09/xmldsig#" 
9                 schemaLocation="xmldsig-core-schema.xsd"/>
10         <xs:element name="Credentials">
11                 <xs:complexType>
12                         <xs:choice minOccurs="1" maxOccurs="unbounded">
13                                 <xs:element name="KeyStoreResolver" 
14                                         type="credentials:KeyStoreResolverType"/>
15                                 <xs:element name="FileResolver" 
16                                         type="credentials:FileResolverType"/>
17                                 <xs:element name="CustomResolver" 
18                                         type="credentials:CustomResolverType"/>
19                         </xs:choice>
20                         <xs:anyAttribute namespace="##any" processContents="lax"/>
21                 </xs:complexType>
22         </xs:element>
23                 <xs:element name="Credential">
24                 <xs:complexType>
25                         <xs:choice minOccurs="1" maxOccurs="1">
26                                 <xs:element name="KeyStoreResolver" 
27                                         type="credentials:KeyStoreResolverType"/>
28                                 <xs:element name="FileResolver" 
29                                         type="credentials:FileResolverType"/>
30                                 <xs:element name="CustomResolver" 
31                                         type="credentials:CustomResolverType"/>
32                         </xs:choice>
33                         <xs:anyAttribute namespace="##any" processContents="lax"/>
34                 </xs:complexType>
35         </xs:element>
36         <xs:simpleType name="FormatType">
37                 <xs:restriction base="xs:string">
38                         <xs:enumeration value="PEM"/>
39                         <xs:enumeration value="DER"/>
40                         <xs:enumeration value="PKCS12"/>
41                 </xs:restriction>
42         </xs:simpleType>
43         <xs:complexType name="BaseCredentialFinder">
44                 <xs:attribute name="Id" type="xs:string" use="optional"/>
45         </xs:complexType>
46         <xs:complexType name="KeyStoreResolverType">
47                 <xs:annotation>
48                         <xs:documentation>Pulls credentials from a Java 
49                                 keystore.</xs:documentation>
50                 </xs:annotation>
51                 <xs:complexContent>
52                         <xs:extension base="credentials:BaseCredentialFinder">
53                                 <xs:sequence>
54                                         <xs:element name="Path" type="xs:string"/>
55                                         <xs:element name="KeyAlias" type="xs:string"/>
56                                         <xs:element name="CertAlias" type="xs:string" 
57                                                 minOccurs="0"/>
58                                         <xs:element name="StorePassword" type="xs:string"/>
59                                         <xs:element name="KeyPassword" type="xs:string" 
60                                                 minOccurs="0"/>
61                                 </xs:sequence>
62                                 <xs:attribute name="storeType" type="xs:string" use="optional" 
63                                         default="JKS"/>
64                         </xs:extension>
65                 </xs:complexContent>
66         </xs:complexType>
67         <xs:complexType name ="FileResolverType">
68                 <xs:annotation>
69                         <xs:documentation>Pulls credentials from files.</xs:documentation>
70                 </xs:annotation>
71                 <xs:complexContent>
72                         <xs:extension base="credentials:BaseCredentialFinder">
73                                 <xs:sequence>
74                                         <xs:element name="Key">
75                                                 <xs:complexType>
76                                                         <xs:sequence>
77                                                                 <xs:element name="Path" type="xs:string"/>
78                                                         </xs:sequence>
79                                                         <xs:attribute name="format" 
80                                                                 type="credentials:FormatType" use="optional" 
81                                                                 default="PEM"/>
82                                                         <xs:attribute name="password" type="xs:string" 
83                                                                 use="optional"/>
84                                                 </xs:complexType>
85                                         </xs:element>
86                                         <xs:element name="Certificate" minOccurs="0">
87                                                 <xs:complexType>
88                                                         <xs:sequence>
89                                                                 <xs:element name="Path" type="xs:string"/>
90                                                                 <xs:element name="CAPath" type="xs:string" 
91                                                                         minOccurs="0" maxOccurs="unbounded"/>
92                                                         </xs:sequence>
93                                                         <xs:attribute name="format" 
94                                                                 type="credentials:FormatType" use="optional" 
95                                                                 default="PEM"/>
96                                                         <xs:attribute name="password" type="xs:string" 
97                                                                 use="optional"/>
98                                                 </xs:complexType>
99                                         </xs:element>
100                                 </xs:sequence>
101                         </xs:extension>
102                 </xs:complexContent>
103         </xs:complexType>
104         <xs:complexType name="CustomResolverType">
105                 <xs:annotation>
106                         <xs:documentation>Allows for specification of a Java class that 
107                                 loads credentials from a custom storage mechanism. 
108                                 </xs:documentation>
109                 </xs:annotation>
110                 <xs:complexContent>
111                         <xs:extension base="credentials:BaseCredentialFinder">
112                                 <xs:sequence>
113                                         <xs:any namespace="##any" processContents="lax" 
114                                                 minOccurs="0" maxOccurs="unbounded"/>
115                                 </xs:sequence>
116                                 <xs:attribute name="class" type="xs:string" use="required"/>
117                                 <xs:anyAttribute namespace="##any"/>
118                         </xs:extension>
119                 </xs:complexContent>
120         </xs:complexType>
121 </xs:schema>