<?xml version="1.0" encoding="UTF-8"?>
-<schema xmlns="http://www.w3.org/2001/XMLSchema"
- targetNamespace="urn:mace:shibboleth:2.0:idp-config"
- xmlns:idpc="urn:mace:shibboleth:2.0:idp-config"
- xmlns:idpmd="urn:mace:shibboleth:2.0:metadata"
- xmlns:idpcred="urn:mace:shibboleth:2.0:credential"
- xmlns:idprp="urn:mace:shibboleth:2.0:relying-party">
-
-
- <import namespace="urn:mace:shibboleth:2.0:credential" schemaLocation="/schema/shibboleth-2.0-credential.xsd" />
- <import namespace="urn:mace:shibboleth:2.0:metadata" schemaLocation="/schema/shibboleth-2.0-metadata.xsd" />
- <import namespace="urn:mace:shibboleth:2.0:relying-party" schemaLocation="/schema/shibboleth-2.0-relying-party.xsd" />
+<schema xmlns="http://www.w3.org/2001/XMLSchema" targetNamespace="urn:mace:shibboleth:2.0:idp-config"
+ xmlns:idpconf="urn:mace:shibboleth:2.0:idp-config" xmlns:service="urn:mace:shibboleth:2.0:services"
+ elementFormDefault="qualified">
+
+ <import namespace="urn:mace:shibboleth:2.0:services" schemaLocation="classpath:/schema/shibboleth-2.0-services.xsd" />
+
+ <element name="IdPConfig" type="idpconf:IdPConfigType">
+ <annotation>
+ <documentation>Root of the IdP configuration file.</documentation>
+ </annotation>
+ </element>
- <element name="IdPConfig" type="idpc:IdPConfigType" />
-
<complexType name="IdPConfigType">
<sequence>
- <element ref="idprp:AnonymousRelyingParty" />
- <element ref="idprp:DefaultRelyingParty" />
- <element ref="idprp:RelyingParty" minOccurs="0" maxOccurs="unbounded" />
- <element ref="idpcred:Credential" maxOccurs="unbounded"/>
- <element ref="idpmd:MetadataProvider" />
- <any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded" />
+ <!-- TODO default logging configuration location -->
+ <element name="LoggingConfiguration" type="string" minOccurs="0">
+ <annotation>
+ <documentation>
+ Location, on the filesystem, where the Log4j configuration file is located.
+ </documentation>
+ </annotation>
+ </element>
+ <element ref="service:Service" minOccurs="0" maxOccurs="unbounded">
+ <annotation>
+ <documentation>List of IdP configured services.</documentation>
+ </annotation>
+ </element>
</sequence>
</complexType>
-
+
</schema>
\ No newline at end of file
--- /dev/null
+<IdPConfig xmlns="urn:mace:shibboleth:2.0:idp-config" xmlns:service="urn:mace:shibboleth:2.0:services"
+ xmlns:profile="urn:mace:shibboleth:2.0:profile-handler" xmlns:relyingParty="urn:mace:shibboleth:2.0:relying-party"
+ xmlns:resolver="urn:mace:shibboleth:2.0:resolver" xmlns:afp="urn:mace:shibboleth:2.0:afp"
+ xmlns:res="urn:mace:shibboleth:2.0:resource"
+ xsi:schemaLocation="urn:mace:shibboleth:2.0:idp-config classpath:/schema/shibboleth-2.0-idp-config.xsd
+ urn:mace:shibboleth:2.0:services classpath:/schema/shibboleth-2.0-services.xsd
+ urn:mace:shibboleth:2.0:profile-handler classpath:/schema/shibboleth-2.0-profile-handler.xsd
+ urn:mace:shibboleth:2.0:relying-party classpath:/schema/shibboleth-2.0-relying-party.xsd
+ urn:mace:shibboleth:2.0:resolver classpath:/schema/shibboleth-2.0-attribute-resolver.xsd
+ urn:mace:shibboleth:2.0:afp classpath:/schema/shibboleth-2.0-afp.xsd
+ urn:mace:shibboleth:2.0:resource classpath:/schema/shibboleth-2.0-resource.xsd">
+
+ <LoggingConfiguration>/opt/shibboleth-idp-2/etc/logging.xml</LoggingConfiguration>
+
+ <!-- Reloadable profile handler manager -->
+ <service:Service id="shibboleth.ProfileHandler"
+ type="profile:ShibbolethProfileHandlerManager"
+ configurationResourcePollingFrequency="300000">
+ <resource:ConfigurationResource type="resource:FileSystemResource">
+ /opt/shibboleth-idp-2/etc/profileHandlers.xml
+ </resource:ConfigurationResource>
+ </service:Service>
+
+ <!-- Reloadable relying party configuration manager -->
+ <service:Service id="shibboleth.RelyingPartyConfigurationManager"
+ type="relyingParty:SAMLMDRelyingPartyConfigurationManager"
+ configurationResourcePollingFrequency="300000">
+ <resource:ConfigurationResource type="resource:FileSystemResource">
+ /opt/shibboleth-idp-2/etc/relyingParties.xml
+ </resource:ConfigurationResource>
+ </service:Service>
+
+ <!-- Non-reloadable attribute resolver -->
+ <service:Service id="shibboleth.AttributeResolver"
+ type="resolver:ShibbolethAttributeResolver">
+ <resource:ConfigurationResource type="resource:FileSystemResource">
+ /opt/shibboleth-idp-2/etc/resolver.xml
+ </resource:ConfigurationResource>
+ </service:Service>
+
+ <!-- Reloadable attribute filtering engine overriding the default number of times (3) the engine will try to reload a bad configuration file -->
+ <service:Service id="shibboleth.AttributeFilterEngine"
+ type="afp:ShibbolethAttributeFilteringEngine"
+ configurationResourcePollingFrequency="300000"
+ configurationResourcePollingRetryAttempts="10">
+ <resource:ConfigurationResource type="resource:FileSystemResource">
+ /opt/shibboleth-idp-2/etc/site.filter.xml
+ </resource:ConfigurationResource>
+ <resource:ConfigurationResource type="resource:FileSystemResource">
+ /opt/shibboleth-idp-2/etc/groups.filter.xml
+ </resource:ConfigurationResource>
+ <resource:ConfigurationResource type="resource:FileSystemResource">
+ /opt/shibboleth-idp-2/etc/users.filter.xml
+ </resource:ConfigurationResource>
+ </service:Service>
+
+</IdPConfig>
\ No newline at end of file