+++ /dev/null
-<!-- Used by AAF (ATT inc 2016) -->
-<xs:schema
- xmlns:xs="http://www.w3.org/2001/XMLSchema"
- xmlns:certman="urn:certman:v1_0"
- targetNamespace="urn:certman:v1_0"
- elementFormDefault="qualified">
-
- <!-- jg 4/21/2016 New for Certificate Info -->
- <xs:element name="certInfo">
- <xs:complexType>
- <xs:sequence>
- <!-- Base64 Encoded Private Key -->
- <xs:element name="privatekey" type="xs:string" minOccurs="0" maxOccurs="1"/>
- <!-- Base64 Encoded Certificate -->
- <xs:element name="certs" type="xs:string" minOccurs="1" maxOccurs="unbounded"/>
- <!-- Challenge Password (2 method Auth) -->
- <xs:element name="challenge" type="xs:string" minOccurs="0" maxOccurs="1"/>
- <!-- Notes from Server concerning Cert (not an error) -->
- <xs:element name="notes" type="xs:string" minOccurs="0" maxOccurs="1"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
-
- <xs:complexType name="baseRequest">
- <xs:sequence>
- <xs:element name="mechid" type="xs:string" minOccurs="1" maxOccurs="1"/>
- <!-- Sponsor is only required if the caller is not Sponsor. In that case, the calling ID must be delegated to do the work. -->
- <xs:element name="sponsor" type="xs:string" minOccurs="0" maxOccurs="1"/>
- <xs:element name="start" type="xs:dateTime" minOccurs="1" maxOccurs="1" />
- <xs:element name="end" type="xs:date" minOccurs="1" maxOccurs="1"/>
- </xs:sequence>
- </xs:complexType>
-
- <xs:complexType name="specificRequest">
- <xs:complexContent>
- <xs:extension base="certman:baseRequest">
- <xs:sequence>
- <xs:element name="serial" type="xs:string" minOccurs="1" maxOccurs="1"/>
- <!-- Certificate has been compromised or other security issue -->
- <xs:element name="revoke" type="xs:boolean" minOccurs="0" maxOccurs="1" default="false"/>
- </xs:sequence>
- </xs:extension>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:element name="certificateRequest">
- <xs:complexType>
- <xs:complexContent>
- <xs:extension base="certman:baseRequest">
- <xs:sequence>
- <!-- One FQDN is required. Multiple driven by Policy -->
- <xs:element name="fqdns" type="xs:string" minOccurs="1" maxOccurs="unbounded"/>
- <!-- Optional Email for getting Public Certificate -->
- <xs:element name="email" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:extension>
- </xs:complexContent>
- </xs:complexType>
- </xs:element>
-
- <xs:element name="certificateRenew">
- <xs:complexType>
- <xs:complexContent>
- <xs:extension base="certman:specificRequest">
- <xs:sequence>
- <!-- One FQDN is required. Multiple driven by Policy -->
- <xs:element name="fqdns" type="xs:string" minOccurs="1" maxOccurs="unbounded"/>
- <!-- Challenge Password (for accessing manually) TODO Is it necessary? -->
- <xs:element name="challenge" type="xs:string" minOccurs="0" maxOccurs="1"/>
- <!-- Optional Email for getting Public Certificate -->
- <xs:element name="email" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:extension>
- </xs:complexContent>
- </xs:complexType>
- </xs:element>
-
- <xs:element name="certificateDrop">
- <xs:complexType>
- <xs:complexContent>
- <xs:extension base="certman:specificRequest">
- <xs:sequence>
- <!-- Challenge Password (for accessing manually) TODO Is it necessary? -->
- <xs:element name="challenge" type="xs:string" minOccurs="0" maxOccurs="1"/>
- </xs:sequence>
- </xs:extension>
- </xs:complexContent>
- </xs:complexType>
- </xs:element>
-
- <!-- Placement Structures -->
-
- <xs:element name="artifacts">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="artifact" minOccurs="0" maxOccurs="unbounded">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="mechid" type="xs:string" minOccurs="1" maxOccurs="1"/>
- <xs:element name="machine" type="xs:string" minOccurs="0" maxOccurs="1" />
- <xs:element name="type" minOccurs="1" maxOccurs="3">
- <xs:simpleType>
- <xs:restriction base="xs:string">
- <xs:enumeration value="file"/>
- <xs:enumeration value="jks"/>
- <xs:enumeration value="print"/>
- </xs:restriction>
- </xs:simpleType>
- </xs:element>
- <xs:element name="ca" type="xs:string" minOccurs="1" maxOccurs="1" />
- <xs:element name="dir" type="xs:string" minOccurs="1" maxOccurs="1"/>
- <xs:element name="os_user" type="xs:string" minOccurs="1" maxOccurs="1"/>
- <!-- Ignored on input, and set by TABLES. However, returned on output -->
- <xs:element name="sponsor" type="xs:string" minOccurs="0" maxOccurs="1" />
- <!-- Optional... if empty, will use MechID Namespace -->
- <xs:element name="appName" type="xs:string" minOccurs="0" maxOccurs="1"/>
- <!-- Optional... if empty, will notify Sponsor -->
- <xs:element name="notification" type="xs:string" minOccurs="0" maxOccurs="1"/>
- <!-- Optional... Days before auto renewal. Min is 10. Max is 1/3 expiration (60) -->
- <xs:element name="renewDays" type="xs:int" minOccurs="0" maxOccurs="1" default="30"/>
-
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
-
-
-
-</xs:schema>
\ No newline at end of file
Code Review / aaf / authz.git / blobdiff