Added: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/resources/schemas/ws-securitypolicy-200802.xsd URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/resources/schemas/ws-securitypolicy-200802.xsd?rev=1172285&view=auto ============================================================================== --- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/resources/schemas/ws-securitypolicy-200802.xsd (added) +++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/resources/schemas/ws-securitypolicy-200802.xsd Sun Sep 18 13:51:23 2011 @@ -0,0 +1,103 @@ +<?xml version="1.0" encoding="utf-8"?> +<!-- +OASIS takes no position regarding the validity or scope of any intellectual property or other rights that might be claimed to pertain to the +implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; +neither does it represent that it has made any effort to identify any such rights. Information on OASIS's procedures with respect to rights in OASIS +specifications can be found at the OASIS website. Copies of claims of rights made available for publication and any assurances of licenses to be made +available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementors or users +of this specification, can be obtained from the OASIS Executive Director. +OASIS invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights which may +cover technology that may be required to implement this specification. Please address the information to the OASIS Executive Director. +Copyright © OASIS Open 2002-2008. All Rights Reserved. +This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist +in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the +above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself does not be modified +in any way, such as by removing the copyright notice or references to OASIS, except as needed for the purpose of developing OASIS specifications, +in which case the procedures for copyrights defined in the OASIS Intellectual Property Rights document must be followed, or as required to translate +it into languages other than English. +The limited permissions granted above are perpetual and will not be revoked by OASIS or its successors or assigns. +This document and the information contained herein is provided on an AS IS basis and OASIS DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, +INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF +MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. +--> +<xs:schema + targetNamespace='http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200802' + xmlns:tns='http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200802' + xmlns:sp='http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702' + xmlns:wsa="http://www.w3.org/2005/08/addressing"; + xmlns:xs="http://www.w3.org/2001/XMLSchema"; + elementFormDefault="qualified" + blockDefault="#all" > + + <xs:import namespace="http://www.w3.org/2005/08/addressing"; + schemaLocation="http://www.w3.org/2006/03/addressing/ws-addr.xsd"; /> + + <xs:import namespace="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"; + schemaLocation="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/ws-securitypolicy-1.2-errata-cd-01.xsd"; /> + + <!-- + 4.1.1 New SignedParts assertion parameters + Uses extensibility point defined for sp:SignedElements + --> + <xs:element name="ContentSignatureTransform" type="sp:EmptyType"/> + <xs:element name="AttachmentCompleteSignatureTransform" type="sp:EmptyType"/> + + <!-- + 4.1.2 New XPath 2.0 assertion parameter + Uses extensibility point defined for sp:SignedElements + --> + <xs:element name="XPath2" type="tns:XPath2Type"/> + <xs:complexType name="XPath2Type"> + <xs:simpleContent> + <xs:extension base="xs:string"> + <xs:attribute name="Filter" type="xs:string" use ="required"/> + <!-- Intended values from XPath Filter 2.0 spec http://www.w3.org/TR/xmldsig-filter2/ + <enumeration value="intersect"/> + <enumeration value="subtract"/> + <enumeration value="union"/> + --> + </xs:extension> + </xs:simpleContent> + </xs:complexType> + + <!-- + 5.4.1 New UsernameToken Assertions + --> + + <xs:element name="Created" type="sp:QNameAssertionType" > + <xs:annotation> + <xs:documentation xml:lang="en"> + 5.4.1 UsernameToken Assertion + </xs:documentation> + </xs:annotation> + </xs:element> + + <xs:element name="Nonce" type="sp:QNameAssertionType" > + <xs:annotation> + <xs:documentation xml:lang="en"> + 5.4.1 UsernameToken Assertion + </xs:documentation> + </xs:annotation> + </xs:element> + + <!-- + 10.1 Trust13 Assertion + Added ScopePolicy15, MustSupportInteractiveChallenge assertions + --> + <xs:element name="ScopePolicy15" type="sp:QNameAssertionType" > + <xs:annotation> + <xs:documentation xml:lang="en"> + 10.1 Trust13 Assertion + </xs:documentation> + </xs:annotation> + </xs:element> + + <xs:element name="MustSupportInteractiveChallenge" type="sp:QNameAssertionType" > + <xs:annotation> + <xs:documentation xml:lang="en"> + 10.1 Trust13 Assertion + </xs:documentation> + </xs:annotation> + </xs:element> + +</xs:schema> \ No newline at end of file
Added: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/resources/schemas/xenc-schema.xsd URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/resources/schemas/xenc-schema.xsd?rev=1172285&view=auto ============================================================================== --- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/resources/schemas/xenc-schema.xsd (added) +++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/resources/schemas/xenc-schema.xsd Sun Sep 18 13:51:23 2011 @@ -0,0 +1,146 @@ +<?xml version="1.0" encoding="utf-8"?> +<!DOCTYPE schema PUBLIC "-//W3C//DTD XMLSchema 200102//EN" + "http://www.w3.org/2001/XMLSchema.dtd"; + [ + <!ATTLIST schema + xmlns:xenc CDATA #FIXED 'http://www.w3.org/2001/04/xmlenc#' + xmlns:ds CDATA #FIXED 'http://www.w3.org/2000/09/xmldsig#'> + <!ENTITY xenc 'http://www.w3.org/2001/04/xmlenc#'> + <!ENTITY % p ''> + <!ENTITY % s ''> + ]> + +<schema xmlns='http://www.w3.org/2001/XMLSchema' version='1.0' + xmlns:xenc='http://www.w3.org/2001/04/xmlenc#' + xmlns:ds='http://www.w3.org/2000/09/xmldsig#' + targetNamespace='http://www.w3.org/2001/04/xmlenc#' + elementFormDefault='qualified'> + + <import namespace='http://www.w3.org/2000/09/xmldsig#' + schemaLocation='http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd'/> + + <complexType name='EncryptedType' abstract='true'> + <sequence> + <element name='EncryptionMethod' type='xenc:EncryptionMethodType' + minOccurs='0'/> + <element ref='ds:KeyInfo' minOccurs='0'/> + <element ref='xenc:CipherData'/> + <element ref='xenc:EncryptionProperties' minOccurs='0'/> + </sequence> + <attribute name='Id' type='ID' use='optional'/> + <attribute name='Type' type='anyURI' use='optional'/> + <attribute name='MimeType' type='string' use='optional'/> + <attribute name='Encoding' type='anyURI' use='optional'/> + </complexType> + + <complexType name='EncryptionMethodType' mixed='true'> + <sequence> + <element name='KeySize' minOccurs='0' type='xenc:KeySizeType'/> + <element name='OAEPparams' minOccurs='0' type='base64Binary'/> + <any namespace='##other' minOccurs='0' maxOccurs='unbounded'/> + </sequence> + <attribute name='Algorithm' type='anyURI' use='required'/> + </complexType> + + <simpleType name='KeySizeType'> + <restriction base="integer"/> + </simpleType> + + <element name='CipherData' type='xenc:CipherDataType'/> + <complexType name='CipherDataType'> + <choice> + <element name='CipherValue' type='base64Binary'/> + <element ref='xenc:CipherReference'/> + </choice> + </complexType> + + <element name='CipherReference' type='xenc:CipherReferenceType'/> + <complexType name='CipherReferenceType'> + <choice> + <element name='Transforms' type='xenc:TransformsType' minOccurs='0'/> + </choice> + <attribute name='URI' type='anyURI' use='required'/> + </complexType> + + <complexType name='TransformsType'> + <sequence> + <element ref='ds:Transform' maxOccurs='unbounded'/> + </sequence> + </complexType> + + + <element name='EncryptedData' type='xenc:EncryptedDataType'/> + <complexType name='EncryptedDataType'> + <complexContent> + <extension base='xenc:EncryptedType'> + </extension> + </complexContent> + </complexType> + + <!-- Children of ds:KeyInfo --> + + <element name='EncryptedKey' type='xenc:EncryptedKeyType'/> + <complexType name='EncryptedKeyType'> + <complexContent> + <extension base='xenc:EncryptedType'> + <sequence> + <element ref='xenc:ReferenceList' minOccurs='0'/> + <element name='CarriedKeyName' type='string' minOccurs='0'/> + </sequence> + <attribute name='Recipient' type='string' + use='optional'/> + </extension> + </complexContent> + </complexType> + + <element name="AgreementMethod" type="xenc:AgreementMethodType"/> + <complexType name="AgreementMethodType" mixed="true"> + <sequence> + <element name="KA-Nonce" minOccurs="0" type="base64Binary"/> + <!-- <element ref="ds:DigestMethod" minOccurs="0"/> --> + <any namespace="##other" minOccurs="0" maxOccurs="unbounded"/> + <element name="OriginatorKeyInfo" minOccurs="0" type="ds:KeyInfoType"/> + <element name="RecipientKeyInfo" minOccurs="0" type="ds:KeyInfoType"/> + </sequence> + <attribute name="Algorithm" type="anyURI" use="required"/> + </complexType> + + <!-- End Children of ds:KeyInfo --> + + <element name='ReferenceList'> + <complexType> + <choice minOccurs='1' maxOccurs='unbounded'> + <element name='DataReference' type='xenc:ReferenceType'/> + <element name='KeyReference' type='xenc:ReferenceType'/> + </choice> + </complexType> + </element> + + <complexType name='ReferenceType'> + <sequence> + <any namespace='##other' minOccurs='0' maxOccurs='unbounded'/> + </sequence> + <attribute name='URI' type='anyURI' use='required'/> + </complexType> + + + <element name='EncryptionProperties' type='xenc:EncryptionPropertiesType'/> + <complexType name='EncryptionPropertiesType'> + <sequence> + <element ref='xenc:EncryptionProperty' maxOccurs='unbounded'/> + </sequence> + <attribute name='Id' type='ID' use='optional'/> + </complexType> + + <element name='EncryptionProperty' type='xenc:EncryptionPropertyType'/> + <complexType name='EncryptionPropertyType' mixed='true'> + <choice maxOccurs='unbounded'> + <any namespace='##other' processContents='lax'/> + </choice> + <attribute name='Target' type='anyURI' use='optional'/> + <attribute name='Id' type='ID' use='optional'/> + <anyAttribute namespace="http://www.w3.org/XML/1998/namespace"/> + </complexType> + +</schema> + Added: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/resources/schemas/xml.xsd URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/resources/schemas/xml.xsd?rev=1172285&view=auto ============================================================================== --- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/resources/schemas/xml.xsd (added) +++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/resources/schemas/xml.xsd Sun Sep 18 13:51:23 2011 @@ -0,0 +1,117 @@ +<?xml version='1.0'?> +<!DOCTYPE xs:schema PUBLIC "-//W3C//DTD XMLSCHEMA 200102//EN" "XMLSchema.dtd" > +<xs:schema targetNamespace="http://www.w3.org/XML/1998/namespace"; xmlns:xs="http://www.w3.org/2001/XMLSchema"; xml:lang="en"> + + <xs:annotation> + <xs:documentation> + See http://www.w3.org/XML/1998/namespace.html and + http://www.w3.org/TR/REC-xml for information about this namespace. + + This schema document describes the XML namespace, in a form + suitable for import by other schema documents. + + Note that local names in this namespace are intended to be defined + only by the World Wide Web Consortium or its subgroups. The + following names are currently defined in this namespace and should + not be used with conflicting semantics by any Working Group, + specification, or document instance: + + base (as an attribute name): denotes an attribute whose value + provides a URI to be used as the base for interpreting any + relative URIs in the scope of the element on which it + appears; its value is inherited. This name is reserved + by virtue of its definition in the XML Base specification. + + lang (as an attribute name): denotes an attribute whose value + is a language code for the natural language of the content of + any element; its value is inherited. This name is reserved + by virtue of its definition in the XML specification. + + space (as an attribute name): denotes an attribute whose + value is a keyword indicating what whitespace processing + discipline is intended for the content of the element; its + value is inherited. This name is reserved by virtue of its + definition in the XML specification. + + Father (in any context at all): denotes Jon Bosak, the chair of + the original XML Working Group. This name is reserved by + the following decision of the W3C XML Plenary and + XML Coordination groups: + + In appreciation for his vision, leadership and dedication + the W3C XML Plenary on this 10th day of February, 2000 + reserves for Jon Bosak in perpetuity the XML name + xml:Father + </xs:documentation> + </xs:annotation> + + <xs:annotation> + <xs:documentation>This schema defines attributes and an attribute group + suitable for use by + schemas wishing to allow xml:base, xml:lang or xml:space attributes + on elements they define. + + To enable this, such a schema must import this schema + for the XML namespace, e.g. as follows: + <schema . . .> + . . . + <import namespace="http://www.w3.org/XML/1998/namespace"; + schemaLocation="http://www.w3.org/2001/03/xml.xsd"/> + + Subsequently, qualified reference to any of the attributes + or the group defined below will have the desired effect, e.g. + + <type . . .> + . . . + <attributeGroup ref="xml:specialAttrs"/> + + will define a type which will schema-validate an instance + element with any of those attributes</xs:documentation> + </xs:annotation> + + <xs:annotation> + <xs:documentation>In keeping with the XML Schema WG's standard versioning + policy, this schema document will persist at + http://www.w3.org/2001/03/xml.xsd. + At the date of issue it can also be found at + http://www.w3.org/2001/xml.xsd. + The schema document at that URI may however change in the future, + in order to remain compatible with the latest version of XML Schema + itself. In other words, if the XML Schema namespace changes, the version + of this document at + http://www.w3.org/2001/xml.xsd will change + accordingly; the version at + http://www.w3.org/2001/03/xml.xsd will not change. + </xs:documentation> + </xs:annotation> + + <xs:attribute name="lang" type="xs:language"> + <xs:annotation> + <xs:documentation>In due course, we should install the relevant ISO 2- and 3-letter + codes as the enumerated possible values . . .</xs:documentation> + </xs:annotation> + </xs:attribute> + + <xs:attribute name="space" default="preserve"> + <xs:simpleType> + <xs:restriction base="xs:NCName"> + <xs:enumeration value="default"/> + <xs:enumeration value="preserve"/> + </xs:restriction> + </xs:simpleType> + </xs:attribute> + + <xs:attribute name="base" type="xs:anyURI"> + <xs:annotation> + <xs:documentation>See http://www.w3.org/TR/xmlbase/ for + information about this attribute.</xs:documentation> + </xs:annotation> + </xs:attribute> + + <xs:attributeGroup name="specialAttrs"> + <xs:attribute ref="xml:base"/> + <xs:attribute ref="xml:lang"/> + <xs:attribute ref="xml:space"/> + </xs:attributeGroup> + +</xs:schema> Added: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/resources/schemas/xmldsig-core-schema.xsd URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/resources/schemas/xmldsig-core-schema.xsd?rev=1172285&view=auto ============================================================================== --- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/resources/schemas/xmldsig-core-schema.xsd (added) +++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/resources/schemas/xmldsig-core-schema.xsd Sun Sep 18 13:51:23 2011 @@ -0,0 +1,318 @@ +<?xml version="1.0" encoding="utf-8"?> +<!DOCTYPE schema + PUBLIC "-//W3C//DTD XMLSchema 200102//EN" "http://www.w3.org/2001/XMLSchema.dtd"; + [ + <!ATTLIST schema + xmlns:ds CDATA #FIXED "http://www.w3.org/2000/09/xmldsig#";> + <!ENTITY dsig 'http://www.w3.org/2000/09/xmldsig#'> + <!ENTITY % p ''> + <!ENTITY % s ''> + ]> + +<!-- Schema for XML Signatures + http://www.w3.org/2000/09/xmldsig# + $Revision$ on $Date$ by $Author$ + + Copyright 2001 The Internet Society and W3C (Massachusetts Institute + of Technology, Institut National de Recherche en Informatique et en + Automatique, Keio University). All Rights Reserved. + http://www.w3.org/Consortium/Legal/ + + This document is governed by the W3C Software License [1] as described + in the FAQ [2]. + + [1] http://www.w3.org/Consortium/Legal/copyright-software-19980720 + [2] http://www.w3.org/Consortium/Legal/IPR-FAQ-20000620.html#DTD +--> + + +<schema xmlns="http://www.w3.org/2001/XMLSchema"; + xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; + targetNamespace="http://www.w3.org/2000/09/xmldsig#"; + version="0.1" elementFormDefault="qualified"> + +<!-- Basic Types Defined for Signatures --> + +<simpleType name="CryptoBinary"> + <restriction base="base64Binary"> + </restriction> +</simpleType> + +<!-- Start Signature --> + +<element name="Signature" type="ds:SignatureType"/> +<complexType name="SignatureType"> + <sequence> + <element ref="ds:SignedInfo"/> + <element ref="ds:SignatureValue"/> + <element ref="ds:KeyInfo" minOccurs="0"/> + <element ref="ds:Object" minOccurs="0" maxOccurs="unbounded"/> + </sequence> + <attribute name="Id" type="ID" use="optional"/> +</complexType> + + <element name="SignatureValue" type="ds:SignatureValueType"/> + <complexType name="SignatureValueType"> + <simpleContent> + <extension base="base64Binary"> + <attribute name="Id" type="ID" use="optional"/> + </extension> + </simpleContent> + </complexType> + +<!-- Start SignedInfo --> + +<element name="SignedInfo" type="ds:SignedInfoType"/> +<complexType name="SignedInfoType"> + <sequence> + <element ref="ds:CanonicalizationMethod"/> + <element ref="ds:SignatureMethod"/> + <element ref="ds:Reference" maxOccurs="unbounded"/> + </sequence> + <attribute name="Id" type="ID" use="optional"/> +</complexType> + + <element name="CanonicalizationMethod" type="ds:CanonicalizationMethodType"/> + <complexType name="CanonicalizationMethodType" mixed="true"> + <sequence> + <any namespace="##any" minOccurs="0" maxOccurs="unbounded"/> + <!-- (0,unbounded) elements from (1,1) namespace --> + </sequence> + <attribute name="Algorithm" type="anyURI" use="required"/> + </complexType> + + <element name="SignatureMethod" type="ds:SignatureMethodType"/> + <complexType name="SignatureMethodType" mixed="true"> + <sequence> + <element name="HMACOutputLength" minOccurs="0" type="ds:HMACOutputLengthType"/> + <any namespace="##other" minOccurs="0" maxOccurs="unbounded"/> + <!-- (0,unbounded) elements from (1,1) external namespace --> + </sequence> + <attribute name="Algorithm" type="anyURI" use="required"/> + </complexType> + +<!-- Start Reference --> + +<element name="Reference" type="ds:ReferenceType"/> +<complexType name="ReferenceType"> + <sequence> + <element ref="ds:Transforms" minOccurs="0"/> + <element ref="ds:DigestMethod"/> + <element ref="ds:DigestValue"/> + </sequence> + <attribute name="Id" type="ID" use="optional"/> + <attribute name="URI" type="anyURI" use="optional"/> + <attribute name="Type" type="anyURI" use="optional"/> +</complexType> + + <element name="Transforms" type="ds:TransformsType"/> + <complexType name="TransformsType"> + <sequence> + <element ref="ds:Transform" maxOccurs="unbounded"/> + </sequence> + </complexType> + + <element name="Transform" type="ds:TransformType"/> + <complexType name="TransformType" mixed="true"> + <choice minOccurs="0" maxOccurs="unbounded"> + <any namespace="##other" processContents="lax"/> + <!-- (1,1) elements from (0,unbounded) namespaces --> + <element name="XPath" type="string"/> + </choice> + <attribute name="Algorithm" type="anyURI" use="required"/> + </complexType> + +<!-- End Reference --> + +<element name="DigestMethod" type="ds:DigestMethodType"/> +<complexType name="DigestMethodType" mixed="true"> + <sequence> + <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/> + </sequence> + <attribute name="Algorithm" type="anyURI" use="required"/> +</complexType> + +<element name="DigestValue" type="ds:DigestValueType"/> +<simpleType name="DigestValueType"> + <restriction base="base64Binary"/> +</simpleType> + +<!-- End SignedInfo --> + +<!-- Start KeyInfo --> + +<element name="KeyInfo" type="ds:KeyInfoType"/> +<complexType name="KeyInfoType" mixed="true"> + <choice maxOccurs="unbounded"> + <element ref="ds:KeyName"/> + <element ref="ds:KeyValue"/> + <element ref="ds:RetrievalMethod"/> + <element ref="ds:X509Data"/> + <element ref="ds:PGPData"/> + <element ref="ds:SPKIData"/> + <element ref="ds:MgmtData"/> + <any processContents="lax" namespace="##other"/> + <!-- (1,1) elements from (0,unbounded) namespaces --> + </choice> + <attribute name="Id" type="ID" use="optional"/> +</complexType> + + <element name="KeyName" type="string"/> + <element name="MgmtData" type="string"/> + + <element name="KeyValue" type="ds:KeyValueType"/> + <complexType name="KeyValueType" mixed="true"> + <choice> + <element ref="ds:DSAKeyValue"/> + <element ref="ds:RSAKeyValue"/> + <any namespace="##other" processContents="lax"/> + </choice> + </complexType> + + <element name="RetrievalMethod" type="ds:RetrievalMethodType"/> + <complexType name="RetrievalMethodType"> + <sequence> + <element ref="ds:Transforms" minOccurs="0"/> + </sequence> + <attribute name="URI" type="anyURI"/> + <attribute name="Type" type="anyURI" use="optional"/> + </complexType> + +<!-- Start X509Data --> + +<element name="X509Data" type="ds:X509DataType"/> +<complexType name="X509DataType"> + <sequence maxOccurs="unbounded"> + <choice> + <element name="X509IssuerSerial" type="ds:X509IssuerSerialType"/> + <element name="X509SKI" type="base64Binary"/> + <element name="X509SubjectName" type="string"/> + <element name="X509Certificate" type="base64Binary"/> + <element name="X509CRL" type="base64Binary"/> + <any namespace="##other" processContents="lax"/> + </choice> + </sequence> +</complexType> + +<complexType name="X509IssuerSerialType"> + <sequence> + <element name="X509IssuerName" type="string"/> + <element name="X509SerialNumber" type="integer"/> + </sequence> +</complexType> + +<!-- End X509Data --> + +<!-- Begin PGPData --> + +<element name="PGPData" type="ds:PGPDataType"/> +<complexType name="PGPDataType"> + <choice> + <sequence> + <element name="PGPKeyID" type="base64Binary"/> + <element name="PGPKeyPacket" type="base64Binary" minOccurs="0"/> + <any namespace="##other" processContents="lax" minOccurs="0" + maxOccurs="unbounded"/> + </sequence> + <sequence> + <element name="PGPKeyPacket" type="base64Binary"/> + <any namespace="##other" processContents="lax" minOccurs="0" + maxOccurs="unbounded"/> + </sequence> + </choice> +</complexType> + +<!-- End PGPData --> + +<!-- Begin SPKIData --> + +<element name="SPKIData" type="ds:SPKIDataType"/> +<complexType name="SPKIDataType"> + <sequence maxOccurs="unbounded"> + <element name="SPKISexp" type="base64Binary"/> + <any namespace="##other" processContents="lax" minOccurs="0"/> + </sequence> +</complexType> + +<!-- End SPKIData --> + +<!-- End KeyInfo --> + +<!-- Start Object (Manifest, SignatureProperty) --> + +<element name="Object" type="ds:ObjectType"/> +<complexType name="ObjectType" mixed="true"> + <sequence minOccurs="0" maxOccurs="unbounded"> + <any namespace="##any" processContents="lax"/> + </sequence> + <attribute name="Id" type="ID" use="optional"/> + <attribute name="MimeType" type="string" use="optional"/> <!-- add a grep facet --> + <attribute name="Encoding" type="anyURI" use="optional"/> +</complexType> + +<element name="Manifest" type="ds:ManifestType"/> +<complexType name="ManifestType"> + <sequence> + <element ref="ds:Reference" maxOccurs="unbounded"/> + </sequence> + <attribute name="Id" type="ID" use="optional"/> +</complexType> + +<element name="SignatureProperties" type="ds:SignaturePropertiesType"/> +<complexType name="SignaturePropertiesType"> + <sequence> + <element ref="ds:SignatureProperty" maxOccurs="unbounded"/> + </sequence> + <attribute name="Id" type="ID" use="optional"/> +</complexType> + + <element name="SignatureProperty" type="ds:SignaturePropertyType"/> + <complexType name="SignaturePropertyType" mixed="true"> + <choice maxOccurs="unbounded"> + <any namespace="##other" processContents="lax"/> + <!-- (1,1) elements from (1,unbounded) namespaces --> + </choice> + <attribute name="Target" type="anyURI" use="required"/> + <attribute name="Id" type="ID" use="optional"/> + </complexType> + +<!-- End Object (Manifest, SignatureProperty) --> + +<!-- Start Algorithm Parameters --> + +<simpleType name="HMACOutputLengthType"> + <restriction base="integer"/> +</simpleType> + +<!-- Start KeyValue Element-types --> + +<element name="DSAKeyValue" type="ds:DSAKeyValueType"/> +<complexType name="DSAKeyValueType"> + <sequence> + <sequence minOccurs="0"> + <element name="P" type="ds:CryptoBinary"/> + <element name="Q" type="ds:CryptoBinary"/> + </sequence> + <element name="G" type="ds:CryptoBinary" minOccurs="0"/> + <element name="Y" type="ds:CryptoBinary"/> + <element name="J" type="ds:CryptoBinary" minOccurs="0"/> + <sequence minOccurs="0"> + <element name="Seed" type="ds:CryptoBinary"/> + <element name="PgenCounter" type="ds:CryptoBinary"/> + </sequence> + </sequence> +</complexType> + +<element name="RSAKeyValue" type="ds:RSAKeyValueType"/> +<complexType name="RSAKeyValueType"> + <sequence> + <element name="Modulus" type="ds:CryptoBinary"/> + <element name="Exponent" type="ds:CryptoBinary"/> + </sequence> +</complexType> + +<!-- End KeyValue Element-types --> + +<!-- End Signature --> + +</schema> Propchange: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/resources/schemas/xmldsig-core-schema.xsd ------------------------------------------------------------------------------ svn:keywords = Author Date Id Revision Added: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/resources/security-config.xml URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/resources/security-config.xml?rev=1172285&view=auto ============================================================================== --- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/resources/security-config.xml (added) +++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/resources/security-config.xml Sun Sep 18 13:51:23 2011 @@ -0,0 +1,398 @@ +<?xml version="1.0"?> +<!-- This configuration file is used for configuration of the org.swssf --> +<Configuration target="org.apache.xml.security" xmlns="http://www.xmlsecurity.org/NS/configuration";> + <Properties> + <Property NAME="CACertKeyStorePassword" VAL="changeit"/> + <!--<Property NAME="CertProvider" VAL="BC"/>--> + <!--<Property NAME="DefaultX509Alias" VAL="sigEnc"/>--> + </Properties> + <SecurityHeaderHandlers> + <Handler NAME="BinarySecurityToken" + URI="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"; + JAVACLASS="org.swssf.impl.processor.input.BinarySecurityTokenInputHandler"/> + <Handler NAME="EncryptedKey" + URI="http://www.w3.org/2001/04/xmlenc#"; + JAVACLASS="org.swssf.impl.processor.input.EncryptedKeyInputHandler"/> + <Handler NAME="ReferenceList" + URI="http://www.w3.org/2001/04/xmlenc#"; + JAVACLASS="org.swssf.impl.processor.input.ReferenceListInputHandler"/> + <Handler NAME="Signature" + URI="http://www.w3.org/2000/09/xmldsig#"; + JAVACLASS="org.swssf.impl.processor.input.SignatureInputHandler"/> + <Handler NAME="Timestamp" + URI="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; + JAVACLASS="org.swssf.impl.processor.input.TimestampInputHandler"/> + <Handler NAME="UsernameToken" + URI="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"; + JAVACLASS="org.swssf.impl.processor.input.UsernameTokenInputHandler"/> + <Handler NAME="SignatureConfirmation" + URI="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd"; + JAVACLASS="org.swssf.impl.processor.input.SignatureConfirmationInputHandler"/> + <Handler NAME="SecurityTokenReference" + URI="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"; + JAVACLASS="org.swssf.impl.processor.input.SecurityTokenReferenceInputHandler"/> + <Handler NAME="Assertion" + URI="urn:oasis:names:tc:SAML:1.0:assertion" + JAVACLASS="org.swssf.impl.processor.input.SAMLTokenInputHandler"/> + <Handler NAME="Assertion" + URI="urn:oasis:names:tc:SAML:2.0:assertion" + JAVACLASS="org.swssf.impl.processor.input.SAMLTokenInputHandler"/> + <Handler NAME="SecurityContextToken" + URI="http://schemas.xmlsoap.org/ws/2005/02/sc"; + JAVACLASS="org.swssf.impl.processor.input.SecurityContextTokenInputHandler"/> + <Handler NAME="SecurityContextToken" + URI="http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512"; + JAVACLASS="org.swssf.impl.processor.input.SecurityContextTokenInputHandler"/> + <Handler NAME="DerivedKeyToken" + URI="http://schemas.xmlsoap.org/ws/2005/02/sc"; + JAVACLASS="org.swssf.impl.processor.input.DerivedKeyTokenInputHandler"/> + <Handler NAME="DerivedKeyToken" + URI="http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512"; + JAVACLASS="org.swssf.impl.processor.input.DerivedKeyTokenInputHandler"/> + </SecurityHeaderHandlers> + <TransformAlgorithms> + <!-- c14n omitting comments --> + <TransformAlgorithm URI="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"; + JAVACLASS="org.swssf.impl.transformer.canonicalizer.Canonicalizer20010315_OmitCommentsTransformer" /> + <!-- c14n with comments --> + <TransformAlgorithm URI="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"; + JAVACLASS="org.swssf.impl.transformer.canonicalizer.Canonicalizer20010315_WithCommentsTransformer" /> + <!-- c14n 1.1 omitting comments --> + <TransformAlgorithm URI="http://www.w3.org/2006/12/xml-c14n11"; + JAVACLASS="org.swssf.impl.transformer.canonicalizer.Canonicalizer11_OmitCommentsTransformer" /> + <!-- c14n 1.1 with comments --> + <TransformAlgorithm URI="http://www.w3.org/2006/12/xml-c14n11#WithComments"; + JAVACLASS="org.swssf.impl.transformer.canonicalizer.Canonicalizer11_WithCommentsTransformer" /> + <!-- exclusive c14n omitting comments --> + <TransformAlgorithm URI="http://www.w3.org/2001/10/xml-exc-c14n#"; + JAVACLASS="org.swssf.impl.transformer.canonicalizer.Canonicalizer20010315_ExclOmitCommentsTransformer" /> + <!-- exclusive c14n with comments --> + <TransformAlgorithm URI="http://www.w3.org/2001/10/xml-exc-c14n#WithComments"; + JAVACLASS="org.swssf.impl.transformer.canonicalizer.Canonicalizer20010315_ExclWithCommentsTransformer" /> + + <!-- STR-Transformer --> + <TransformAlgorithm URI="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#STR-Transform"; + JAVACLASS="org.swssf.impl.transformer.STRTransformer" /> + + <!-- Base64 --> + <TransformAlgorithm URI="http://www.w3.org/2000/09/xmldsig#base64"; + JAVACLASS="org.apache.xml.security.transforms.implementations.TransformBase64Decode" /> + + <!-- XPath transform --> + <TransformAlgorithm URI="http://www.w3.org/TR/1999/REC-xpath-19991116"; + JAVACLASS="org.apache.xml.security.transforms.implementations.TransformXPath" /> + <!-- enveloped signature --> + <TransformAlgorithm URI="http://www.w3.org/2000/09/xmldsig#enveloped-signature"; + JAVACLASS="org.apache.xml.security.transforms.implementations.TransformEnvelopedSignature" /> + <!-- XSLT --> + <TransformAlgorithm URI="http://www.w3.org/TR/1999/REC-xslt-19991116"; + JAVACLASS="org.apache.xml.security.transforms.implementations.TransformXSLT" /> + <!-- XPath version 2 --> + <TransformAlgorithm URI="http://www.w3.org/2002/04/xmldsig-filter2"; + JAVACLASS="org.apache.xml.security.transforms.implementations.TransformXPath2Filter" /> + <!-- XPath version 2b --> + <TransformAlgorithm URI="http://www.w3.org/2002/06/xmldsig-filter2"; + JAVACLASS="org.apache.xml.security.transforms.implementations.TransformXPath2Filter" /> + </TransformAlgorithms> + <JCEAlgorithmMappings> + <Algorithms> + <!-- MessageDigest Algorithms --> + <Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#md5"; + Description="MD5 message digest from RFC 1321" + AlgorithmClass="MessageDigest" + RequirementLevel="NOT RECOMMENDED" + SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt"; + KeyLength="128" + JCEProvider="BC" + JCEName="MD5"/> + + <Algorithm URI="http://www.w3.org/2001/04/xmlenc#ripemd160"; + Description="RIPEMD-160 message digest" + AlgorithmClass="MessageDigest" + RequirementLevel="OPTIONAL" + KeyLength="160" + JCEProvider="BC" + JCEName="RIPEMD160"/> + + <Algorithm URI="http://www.w3.org/2000/09/xmldsig#sha1"; + Description="SHA-1 message digest" + AlgorithmClass="MessageDigest" + RequirementLevel="REQUIRED" + KeyLength="160" + JCEProvider="BC" + JCEName="SHA-1"/> + + <Algorithm URI="http://www.w3.org/2001/04/xmlenc#sha256"; + Description="SHA-1 message digest with 256 bit" + AlgorithmClass="MessageDigest" + RequirementLevel="RECOMMENDED" + KeyLength="256" + JCEProvider="BC" + JCEName="SHA-256"/> + + <Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#sha384"; + Description="SHA message digest with 384 bit" + AlgorithmClass="MessageDigest" + RequirementLevel="OPTIONAL" + SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt"; + KeyLength="384" + JCEProvider="BC" + JCEName="SHA-384"/> + + <Algorithm URI="http://www.w3.org/2001/04/xmlenc#sha512"; + Description="SHA-1 message digest with 512 bit" + AlgorithmClass="MessageDigest" + RequirementLevel="OPTIONAL" + KeyLength="512" + JCEProvider="BC" + JCEName="SHA-512"/> + + <!-- Signature Algorithms --> + <Algorithm URI="http://www.w3.org/2000/09/xmldsig#dsa-sha1"; + Description="Digital Signature Algorithm with SHA-1 message digest" + AlgorithmClass="Signature" + RequirementLevel="REQUIRED" + KeyLength="160" + RequiredKey="SHA1withDSA" + JCEProvider="BC" + JCEName="SHA1withDSA"/> + + <Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#rsa-md5"; + Description="RSA Signature with MD5 message digest" + AlgorithmClass="Signature" + RequirementLevel="NOT RECOMMENDED" + SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt"; + KeyLength="128" + RequiredKey="MD5withRSA" + JCEProvider="BC" + JCEName="MD5withRSA"/> + + <Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#rsa-ripemd160"; + Description="RSA Signature with RIPEMD-160 message digest" + AlgorithmClass="Signature" + RequirementLevel="OPTIONAL" + SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt"; + KeyLength="160" + RequiredKey="RIPEMD160withRSA" + JCEProvider="BC" + JCEName="RIPEMD160withRSA"/> + + <Algorithm URI="http://www.w3.org/2000/09/xmldsig#rsa-sha1"; + Description="RSA Signature with SHA-1 message digest" + AlgorithmClass="Signature" + RequirementLevel="RECOMMENDED" + KeyLength="160" + RequiredKey="SHA1withRSA" + JCEProvider="BC" + JCEName="SHA1withRSA"/> + + <Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"; + Description="RSA Signature with SHA-256 message digest" + AlgorithmClass="Signature" + RequirementLevel="OPTIONAL" + SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt"; + KeyLength="256" + RequiredKey="SHA256withRSA" + JCEProvider="BC" + JCEName="SHA256withRSA"/> + + <Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"; + Description="RSA Signature with SHA-384 message digest" + AlgorithmClass="Signature" + RequirementLevel="OPTIONAL" + SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt"; + KeyLength="384" + RequiredKey="SHA384withRSA" + JCEProvider="BC" + JCEName="SHA384withRSA"/> + + <Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"; + Description="RSA Signature with SHA-512 message digest" + AlgorithmClass="Signature" + RequirementLevel="OPTIONAL" + SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt"; + KeyLength="512" + RequiredKey="SHA512withRSA" + JCEProvider="BC" + JCEName="SHA512withRSA"/> + + <Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"; + Description="ECDSA Signature with SHA-1 message digest" + AlgorithmClass="Signature" + RequirementLevel="OPTIONAL" + SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt"; + KeyLength="160" + RequiredKey="ECDSAwithSHA1" + JCEProvider="BC" + JCEName="ECDSAwithSHA1"/> + + <!-- MAC Algorithms --> + <Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#hmac-md5"; + Description="Message Authentication code using MD5" + AlgorithmClass="Mac" + RequirementLevel="NOT RECOMMENDED" + SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt"; + KeyLength="128" + RequiredKey="HmacMD5" + JCEProvider="BC" + JCEName="HmacMD5"/> + + <Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#hmac-ripemd160"; + Description="Message Authentication code using RIPEMD-160" + AlgorithmClass="Mac" + RequirementLevel="OPTIONAL" + SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt"; + KeyLength="160" + RequiredKey="HMACRIPEMD160" + JCEProvider="BC" + JCEName="HMACRIPEMD160"/> + + <Algorithm URI="http://www.w3.org/2000/09/xmldsig#hmac-sha1"; + Description="Message Authentication code using SHA1" + AlgorithmClass="Mac" + RequirementLevel="REQUIRED" + KeyLength="160" + RequiredKey="HmacSHA1" + JCEProvider="BC" + JCEName="HmacSHA1"/> + + <Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256"; + Description="Message Authentication code using SHA-256" + AlgorithmClass="Mac" + RequirementLevel="OPTIONAL" + SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt"; + KeyLength="256" + RequiredKey="HmacSHA256" + JCEProvider="BC" + JCEName="HmacSHA256"/> + + <Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#hmac-sha384"; + Description="Message Authentication code using SHA-384" + AlgorithmClass="Mac" + RequirementLevel="OPTIONAL" + SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt"; + KeyLength="384" + RequiredKey="HmacSHA384" + JCEProvider="BC" + JCEName="HmacSHA384"/> + + <Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#hmac-sha512"; + Description="Message Authentication code using SHA-512" + AlgorithmClass="Mac" + RequirementLevel="OPTIONAL" + SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt"; + KeyLength="512" + RequiredKey="HmacSHA512" + JCEProvider="BC" + JCEName="HmacSHA512"/> + + <!-- Block encryption Algorithms --> + <Algorithm URI="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"; + Description="Block encryption using Triple-DES" + AlgorithmClass="BlockEncryption" + RequirementLevel="REQUIRED" + KeyLength="192" + RequiredKey="DESede" + JCEProvider="BC" + JCEName="DESede/CBC/ISO10126Padding"/> + + <Algorithm URI="http://www.w3.org/2001/04/xmlenc#aes128-cbc"; + Description="Block encryption using AES with a key length of 128 bit" + AlgorithmClass="BlockEncryption" + RequirementLevel="REQUIRED" + KeyLength="128" + RequiredKey="AES" + JCEProvider="BC" + JCEName="AES/CBC/ISO10126Padding"/> + + <Algorithm URI="http://www.w3.org/2001/04/xmlenc#aes192-cbc"; + Description="Block encryption using AES with a key length of 192 bit" + AlgorithmClass="BlockEncryption" + RequirementLevel="OPTIONAL" + KeyLength="192" + RequiredKey="AES" + JCEProvider="BC" + JCEName="AES/CBC/ISO10126Padding"/> + + <Algorithm URI="http://www.w3.org/2001/04/xmlenc#aes256-cbc"; + Description="Block encryption using AES with a key length of 256 bit" + AlgorithmClass="BlockEncryption" + RequirementLevel="REQUIRED" + KeyLength="256" + RequiredKey="AES" + JCEProvider="BC" + JCEName="AES/CBC/ISO10126Padding"/> + + <Algorithm URI="http://www.w3.org/2001/04/xmlenc#rsa-1_5"; + Description="Key Transport RSA-v1.5" + AlgorithmClass="KeyTransport" + RequirementLevel="REQUIRED" + RequiredKey="RSA" + JCEProvider="BC" + JCEName="RSA/ECB/PKCS1Padding"/> + + <Algorithm URI="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"; + Description="Key Transport RSA-OAEP" + AlgorithmClass="KeyTransport" + RequirementLevel="REQUIRED" + RequiredKey="RSA" + JCEProvider="BC" + JCEName="RSA/ECB/OAEPWithSHA1AndMGF1Padding"/> + + <Algorithm URI="http://www.w3.org/2001/04/xmlenc#dh"; + Description="Key Agreement Diffie-Hellman" + AlgorithmClass="KeyAgreement" + RequirementLevel="OPTIONAL" + RequiredKey="DH" + JCEProvider="BC" + JCEName="DH"/> + + <Algorithm URI="http://www.w3.org/2001/04/xmlenc#kw-tripledes"; + Description="Symmetric Key Wrap using Triple DES" + AlgorithmClass="SymmetricKeyWrap" + RequirementLevel="REQUIRED" + KeyLength="192" + RequiredKey="DESede" + JCEProvider="BC" + JCEName="DESedeWrap"/> + + <Algorithm URI="http://www.w3.org/2001/04/xmlenc#kw-aes128"; + Description="Symmetric Key Wrap using AES with a key length of 128 bit" + AlgorithmClass="SymmetricKeyWrap" + RequirementLevel="REQUIRED" + KeyLength="128" + RequiredKey="AES" + JCEProvider="BC" + JCEName="AESWrap"/> + + <Algorithm URI="http://www.w3.org/2001/04/xmlenc#kw-aes192"; + Description="Symmetric Key Wrap using AES with a key length of 192 bit" + AlgorithmClass="SymmetricKeyWrap" + RequirementLevel="OPTIONAL" + KeyLength="192" + RequiredKey="AES" + JCEProvider="BC" + JCEName="AESWrap"/> + + <Algorithm URI="http://www.w3.org/2001/04/xmlenc#kw-aes256"; + Description="Symmetric Key Wrap using AES with a key length of 256 bit" + AlgorithmClass="SymmetricKeyWrap" + RequirementLevel="REQUIRED" + KeyLength="256" + RequiredKey="AES" + JCEProvider="BC" + JCEName="AESWrap"/> + + </Algorithms> + </JCEAlgorithmMappings> + <ResourceResolvers> + <Resolver JAVACLASS="org.apache.xml.security.utils.resolver.implementations.ResolverDirectHTTP" + DESCRIPTION="A simple resolver for requests to HTTP space" /> + <Resolver JAVACLASS="org.apache.xml.security.utils.resolver.implementations.ResolverLocalFilesystem" + DESCRIPTION="A simple resolver for requests to the local file system" /> + <Resolver JAVACLASS="org.apache.xml.security.utils.resolver.implementations.ResolverFragment" + DESCRIPTION="A simple resolver for requests of same-document URIs" /> + <Resolver JAVACLASS="org.apache.xml.security.utils.resolver.implementations.ResolverXPointer" + DESCRIPTION="A simple resolver for requests of XPointer fragents" /> + </ResourceResolvers> +</Configuration> Added: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/resources/security-config.xsd URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/resources/security-config.xsd?rev=1172285&view=auto ============================================================================== --- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/resources/security-config.xsd (added) +++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/resources/security-config.xsd Sun Sep 18 13:51:23 2011 @@ -0,0 +1,121 @@ +<?xml version="1.0" encoding="UTF-8"?> +<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" targetNamespace="http://www.xmlsecurity.org/NS/configuration"; xmlns:xs="http://www.w3.org/2001/XMLSchema";> + <xs:element name="Configuration" type="con:ConfigurationType" xmlns:con="http://www.xmlsecurity.org/NS/configuration";> + <xs:annotation> + <xs:documentation>This configuration file is used for configuration of the org.apache.xml.security package</xs:documentation> + </xs:annotation> + </xs:element> + <xs:complexType name="JCEAlgorithmMappingsType"> + <xs:sequence> + <xs:element type="con:AlgorithmsType" name="Algorithms" xmlns:con="http://www.xmlsecurity.org/NS/configuration"/> + </xs:sequence> + </xs:complexType> + <xs:complexType name="TransformAlgorithmType"> + <xs:simpleContent> + <xs:extension base="xs:string"> + <xs:attribute type="xs:string" name="URI" use="required"/> + <xs:attribute type="xs:string" name="JAVACLASS" use="required"/> + </xs:extension> + </xs:simpleContent> + </xs:complexType> + <xs:complexType name="AlgorithmType"> + <xs:simpleContent> + <xs:extension base="xs:string"> + <xs:attribute type="xs:anyURI" name="URI" use="required"/> + <xs:attribute type="xs:string" name="Description" use="required"/> + <xs:attribute type="xs:string" name="AlgorithmClass" use="required"/> + <xs:attribute type="xs:string" name="RequirementLevel" use="required"/> + <xs:attribute type="xs:string" name="SpecificationURL" use="optional"/> + <xs:attribute type="xs:string" name="JCEProvider" use="required"/> + <xs:attribute type="xs:string" name="JCEName" use="required"/> + <xs:attribute type="xs:int" name="KeyLength" use="optional"/> + <xs:attribute type="xs:string" name="RequiredKey" use="optional"/> + </xs:extension> + </xs:simpleContent> + </xs:complexType> + <xs:complexType name="ResolverType"> + <xs:simpleContent> + <xs:extension base="xs:string"> + <xs:attribute type="xs:string" name="JAVACLASS" use="required"/> + <xs:attribute type="xs:string" name="DESCRIPTION" use="required"/> + </xs:extension> + </xs:simpleContent> + </xs:complexType> + <xs:complexType name="PropertyType"> + <xs:simpleContent> + <xs:extension base="xs:string"> + <xs:attribute type="xs:string" name="NAME"/> + <xs:attribute type="xs:string" name="VAL"/> + </xs:extension> + </xs:simpleContent> + </xs:complexType> + <xs:complexType name="SignatureAlgorithmType"> + <xs:simpleContent> + <xs:extension base="xs:string"> + <xs:attribute type="xs:anyURI" name="URI" use="required"/> + <xs:attribute type="xs:string" name="JAVACLASS" use="required"/> + </xs:extension> + </xs:simpleContent> + </xs:complexType> + <xs:complexType name="TransformAlgorithmsType"> + <xs:sequence> + <xs:element type="con:TransformAlgorithmType" name="TransformAlgorithm" maxOccurs="unbounded" minOccurs="0" xmlns:con="http://www.xmlsecurity.org/NS/configuration";> + <xs:annotation> + <xs:documentation>Base64 c14n omitting comments c14n with comments c14n 1.1 omitting comments c14n 1.1 with comments exclusive c14n omitting comments exclusive c14n with comments XPath transform enveloped signature XSLT XPath version 2 XPath version 2b</xs:documentation> + </xs:annotation> + </xs:element> + </xs:sequence> + </xs:complexType> + <xs:complexType name="HandlerType"> + <xs:simpleContent> + <xs:extension base="xs:string"> + <xs:attribute type="xs:string" name="NAME" use="required"/> + <xs:attribute type="xs:string" name="URI" use="required"/> + <xs:attribute type="xs:string" name="JAVACLASS" use="required"/> + </xs:extension> + </xs:simpleContent> + </xs:complexType> + <xs:complexType name="ResourceBundleType"> + <xs:simpleContent> + <xs:extension base="xs:string"> + <xs:attribute type="xs:string" name="LanguageCode" use="required"/> + <xs:attribute type="xs:string" name="CountryCode" use="required"/> + <xs:attribute type="xs:string" name="LOCATION" use="required"/> + </xs:extension> + </xs:simpleContent> + </xs:complexType> + <xs:complexType name="SecurityHeaderHandlersType"> + <xs:sequence> + <xs:element type="con:HandlerType" name="Handler" maxOccurs="unbounded" minOccurs="0" xmlns:con="http://www.xmlsecurity.org/NS/configuration"/> + </xs:sequence> + </xs:complexType> + <xs:complexType name="ConfigurationType"> + <xs:sequence> + <xs:element type="con:PropertiesType" name="Properties" xmlns:con="http://www.xmlsecurity.org/NS/configuration"/> + <xs:element type="con:SecurityHeaderHandlersType" name="SecurityHeaderHandlers" xmlns:con="http://www.xmlsecurity.org/NS/configuration"/> + <xs:element type="con:TransformAlgorithmsType" name="TransformAlgorithms" xmlns:con="http://www.xmlsecurity.org/NS/configuration"/> + <xs:element type="con:JCEAlgorithmMappingsType" name="JCEAlgorithmMappings" xmlns:con="http://www.xmlsecurity.org/NS/configuration"/> + <xs:element type="con:ResourceResolversType" name="ResourceResolvers" xmlns:con="http://www.xmlsecurity.org/NS/configuration"/> + </xs:sequence> + <xs:attribute type="xs:string" name="target"/> + </xs:complexType> + <xs:complexType name="PropertiesType"> + <xs:sequence> + <xs:element type="con:PropertyType" name="Property" maxOccurs="unbounded" minOccurs="0" xmlns:con="http://www.xmlsecurity.org/NS/configuration"/> + </xs:sequence> + </xs:complexType> + <xs:complexType name="AlgorithmsType"> + <xs:sequence> + <xs:element type="con:AlgorithmType" name="Algorithm" maxOccurs="unbounded" minOccurs="0" xmlns:con="http://www.xmlsecurity.org/NS/configuration";> + <xs:annotation> + <xs:documentation>MessageDigest Algorithms Signature Algorithms MAC Algorithms Block encryption Algorithms</xs:documentation> + </xs:annotation> + </xs:element> + </xs:sequence> + </xs:complexType> + <xs:complexType name="ResourceResolversType"> + <xs:sequence> + <xs:element type="con:ResolverType" name="Resolver" maxOccurs="unbounded" minOccurs="0" xmlns:con="http://www.xmlsecurity.org/NS/configuration"/> + </xs:sequence> + </xs:complexType> +</xs:schema> \ No newline at end of file
