1 <?xml version="1.0" encoding="UTF-8"?>
2 <!-- edited with XMLSPY v2004 rel. 2 U (http://www.xmlspy.com) by Walter F Hoehn, Jr (Columbia University in the City of New York) -->
3 <xs:schema targetNamespace="urn:mace:shibboleth:credentials:1.0" xmlns:credentials="urn:mace:shibboleth:credentials:1.0" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" elementFormDefault="qualified" attributeFormDefault="unqualified">
4 <xs:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd"/>
5 <xs:element name="Credentials">
7 <xs:choice maxOccurs="unbounded">
8 <xs:element ref="ds:KeyInfo"/>
9 <xs:element name="KeyStoreResolver">
11 <xs:documentation>Pulls credentials from a Java keystore.</xs:documentation>
15 <xs:extension base="credentials:BaseCredentialFinder">
17 <xs:element name="Path" type="xs:string"/>
18 <xs:element name="KeyAlias" type="xs:string"/>
19 <xs:element name="CertAlias" type="xs:string" minOccurs="0"/>
20 <xs:element name="StorePassword" type="xs:string"/>
21 <xs:element name="KeyPassword" type="xs:string" minOccurs="0"/>
23 <xs:attribute name="storeType" type="xs:string" use="optional" default="JKS"/>
28 <xs:element name="FileResolver">
30 <xs:documentation>Pulls credentials from files.</xs:documentation>
34 <xs:extension base="credentials:BaseCredentialFinder">
36 <xs:element name="Key">
39 <xs:element name="Path" type="xs:string"/>
41 <xs:attribute name="format" type="credentials:FormatType" use="optional" default="PEM"/>
42 <xs:attribute name="password" type="xs:string" use="optional"/>
45 <xs:element name="Certificate" minOccurs="0">
48 <xs:element name="Path" type="xs:string"/>
49 <xs:element name="CAPath" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
51 <xs:attribute name="format" type="credentials:FormatType" use="optional" default="PEM"/>
59 <xs:element name="CustomResolver">
61 <xs:documentation>Allows for specification of a Java class that loads credentials from a custom storage mechanism. </xs:documentation>
65 <xs:extension base="credentials:BaseCredentialFinder">
67 <xs:any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
69 <xs:attribute name="class" type="xs:string" use="required"/>
70 <xs:anyAttribute namespace="##any"/>
76 <xs:attribute name="uri" type="anyURI" use="optional"/>
77 <xs:anyAttribute namespace="##any" processContents="lax"/>
80 <xs:simpleType name="FormatType">
81 <xs:restriction base="xs:string">
82 <xs:enumeration value="PEM"/>
83 <xs:enumeration value="DER"/>
86 <xs:complexType name="BaseCredentialFinder">
87 <xs:attribute name="Id" type="xs:string" use="required"/>