diff options
Diffstat (limited to 'common/src')
82 files changed, 20176 insertions, 0 deletions
diff --git a/common/src/main/java/at/gv/egovernment/moa/logging/LogMsg.java b/common/src/main/java/at/gv/egovernment/moa/logging/LogMsg.java new file mode 100644 index 000000000..51667f010 --- /dev/null +++ b/common/src/main/java/at/gv/egovernment/moa/logging/LogMsg.java @@ -0,0 +1,67 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.logging; + +/** + * A unified message type to log messages from inside the MOA subsystem. + * + * @author Patrick Peck + * @version $Id$ + */ +public class LogMsg { + /** The message to log. */ + private Object message; + + /** + * Create a <code>LogMsg</code> object. + * + * @param message The actual message to log. May be <code>null</code>. + */ + public LogMsg(Object message) { + this.message = message; + } + + /** + * Convert this log message to a <code>String</code>. + * + * @return The <code>String</code> representation of this log message. + */ + public String toString() { + StringBuffer msg = new StringBuffer(); + LoggingContext ctx = + LoggingContextManager.getInstance().getLoggingContext(); + String tid = ctx != null ? ctx.getTransactionID() : null; + String nodeId = ctx != null ? ctx.getNodeID() : null; + + msg.append("TID="); + msg.append(tid != null ? tid : "<null>"); + msg.append(" NID="); + msg.append(nodeId != null ? nodeId : "<null>"); + msg.append(" MSG="); + msg.append(message != null ? message.toString() : "<null>"); + + return msg.toString(); + } +} diff --git a/common/src/main/java/at/gv/egovernment/moa/logging/Logger.java b/common/src/main/java/at/gv/egovernment/moa/logging/Logger.java new file mode 100644 index 000000000..07f9e27af --- /dev/null +++ b/common/src/main/java/at/gv/egovernment/moa/logging/Logger.java @@ -0,0 +1,199 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.logging; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +/** + * A utility class acting as a facade to the logging subsystem. + * + * Configure the logging defaultHierarchy that the <code>Logger</code> uses by + * calling <code>setHierarchy</code> once before calling any of the logging + * output functions. + * + * @author Patrick Peck + * @version $Id$ + */ +public class Logger { + + /** The default logging hierarchy. */ + private static String defaultHierarchy = ""; + + /** + * Get the <code>Log</code> object for the default hierarchy. + * + * @return The <code>Log</code> object to write log messages to. + */ + private static Log getLog() { + return LogFactory.getLog(defaultHierarchy); + } + + /** + * Get the <code>Log</code> object for a given hierarchy. + * + * @param hierarchy The logging hierarchy for which to return the logger. + * @return The <code>Log</code> object to write log messages to. + */ + private static Log getLog(String hierarchy) { + return LogFactory.getLog(hierarchy); + } + + /** + * Set the default hierarchy to which the <code>Logger</code> should send its + * logging output. + * @param hierarchy The logging defaultHierarchy. + */ + public static void setHierarchy(String hierarchy) { + defaultHierarchy = hierarchy; + } + + /** + * Test, if the trace log level is enabled. + * + * @return boolean <code>true</code>, if tracing output is enabled + * <code>false</code> otherwise. + */ + public static boolean isTraceEnabled() { + return getLog().isTraceEnabled(); + } + + /** + * Test, if the trace log level is enabled for a given hierarchy. + * + * @param hierarchy requested log hierarchy + * @return boolean <code>true</code>, if tracing output is enabled + * <code>false</code> otherwise. + */ + public static boolean isTraceEnabled(String hierarchy) { + return getLog(hierarchy).isTraceEnabled(); + } + + /** + * Trace a message. + * + * @param message The message to trace. + */ + public static void trace(Object message) { + getLog().trace(message); + } + + /** + * Test, if the debug log level is enabled. + * + * @return boolean <code>true</code>, if debug output is enabled + * <code>false</code> otherwise. + */ + public static boolean isDebugEnabled() { + return getLog().isDebugEnabled(); + } + + /** + * Test, if the debug log level is enabled for a given hierarchy. + * + * @param hierarchy requested log hierarchy + * @return boolean <code>true</code>, if debug output is enabled + * <code>false</code> otherwise. + */ + public static boolean isDebugEnabled(String hierarchy) { + return getLog(hierarchy).isDebugEnabled(); + } + + /** + * Log a debug message. + * + * @param message The message to log. + */ + public static void debug(Object message) { + getLog().debug(message); + } + + /** + * Log an info message. + * + * @param message The message to log. + */ + public static void info(Object message) { + getLog().info(message); + } + + /** + * Log a warning message. + * + * @param message The message to log. + */ + public static void warn(Object message) { + getLog().warn(message); + } + + /** + * Log a warning message. + * + * @param message The message to log. + * @param t An exception that may be the cause of the warning. + */ + public static void warn(Object message, Throwable t) { + getLog().warn(message, t); + } + + /** + * Log an error message. + * + * @param message The message to log. + */ + public static void error(Object message) { + getLog().error(message); + } + + /** + * Log an error message. + * + * @param message The message to log. + * @param t An exception that may be the cause of the error. + */ + public static void error(Object message, Throwable t) { + getLog().error(message, t); + } + + /** + * Log a fatal error message. + * + * @param message The message to log. + */ + public static void fatal(Object message) { + getLog().fatal(message); + } + + /** + * Log a fatal error message. + * + * @param message The message to log. + * @param t An exception that may be the cause of the error. + */ + public static void fatal(Object message, Throwable t) { + getLog().fatal(message, t); + } + +} diff --git a/common/src/main/java/at/gv/egovernment/moa/logging/LoggingContext.java b/common/src/main/java/at/gv/egovernment/moa/logging/LoggingContext.java new file mode 100644 index 000000000..db4b93a0b --- /dev/null +++ b/common/src/main/java/at/gv/egovernment/moa/logging/LoggingContext.java @@ -0,0 +1,70 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.logging; + +/** + * Encapsulates contextual information (i.e. per request information) for + * logging purposes. + * + * @author Patrick Peck + * @version $Id$ + */ +public class LoggingContext { + /** The name of the node ID system property. */ + public static final String NODE_ID_PROPERTY = "moa.node-id"; + + /** The current transaction ID. */ + private String transactionID; + /** The node ID. */ + private String nodeID; + + /** + * Create a new <code>LoggingContext</code>. + * + * @param transactionID The transaction ID. May be <code>null</code>. + */ + public LoggingContext(String transactionID) { + this.transactionID = transactionID; + this.nodeID = System.getProperty(NODE_ID_PROPERTY); + } + + /** + * Return the transaction ID. + * + * @return The transaction ID. + */ + public String getTransactionID() { + return transactionID; + } + + /** + * Return the node ID. + * + * @return The node ID. + */ + public String getNodeID() { + return nodeID; + } +} diff --git a/common/src/main/java/at/gv/egovernment/moa/logging/LoggingContextManager.java b/common/src/main/java/at/gv/egovernment/moa/logging/LoggingContextManager.java new file mode 100644 index 000000000..f0d7b4c07 --- /dev/null +++ b/common/src/main/java/at/gv/egovernment/moa/logging/LoggingContextManager.java @@ -0,0 +1,80 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.logging; + +/** + * Provides each thread with a single instance of <code>LoggingContext</code>. + * + * @author Patrick Peck + * @version $Id$ + */ +public class LoggingContextManager { + /** The single instance of this class. */ + private static LoggingContextManager instance = null; + + /** The <code>LoggingContext</code> for each thread. */ + private ThreadLocal context; + + /** + * Get the single instance of the <code>LoggingContextManager</code> class. + * + * @return LoggingContextManager The single instance. + */ + public static synchronized LoggingContextManager getInstance() { + if (instance == null) { + instance = new LoggingContextManager(); + } + return instance; + } + + /** + * Creates a new <code>LoggingContextManager</code>. + * + * Protected to disallow direct instantiation. + */ + protected LoggingContextManager() { + context = new ThreadLocal(); + } + + /** + * Set the <code>LoggingContext</code> context for the current thread. + * + * @param ctx The <code>LoggingContext</code> for the current thread. + */ + public void setLoggingContext(LoggingContext ctx) { + context.set(ctx); + } + + /** + * Return the <code>LoggingContext</code> for the current thread. + * + * @return LoggingContext The <code>LoggingContext</code> for the current + * thread, or <code>null</code> if none has been set. + */ + public LoggingContext getLoggingContext() { + return (LoggingContext) context.get(); + } + +} diff --git a/common/src/main/java/at/gv/egovernment/moa/util/Base64Utils.java b/common/src/main/java/at/gv/egovernment/moa/util/Base64Utils.java new file mode 100644 index 000000000..27f12ab0f --- /dev/null +++ b/common/src/main/java/at/gv/egovernment/moa/util/Base64Utils.java @@ -0,0 +1,133 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.util; + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.io.InputStream; +import java.io.UnsupportedEncodingException; + +import iaik.utils.Base64InputStream; +import iaik.utils.Base64OutputStream; + +/** + * Utitility functions for encoding/decoding Base64 strings. + * + * @author Patrick Peck + * @version $Id$ + */ +public class Base64Utils { + + /** + * Read the bytes encoded in a Base64 encoded <code>String</code>. + * + * @param base64String The <code>String</code> containing the Base64 encoded + * bytes. + * @param ignoreInvalidChars Whether to ignore invalid Base64 characters. + * @return byte[] The raw bytes contained in the <code>base64String</code>. + * @throws IOException Failed to read the Base64 data. + */ + public static byte[] decode(String base64String, boolean ignoreInvalidChars) + throws IOException { + + Base64InputStream in = + new Base64InputStream( + new ByteArrayInputStream(base64String.getBytes("UTF-8")), + ignoreInvalidChars); + ByteArrayOutputStream out = new ByteArrayOutputStream(); + byte[] bytes = new byte[256]; + int bytesRead; + + while ((bytesRead = in.read(bytes)) > 0) { + out.write(bytes, 0, bytesRead); + } + + return out.toByteArray(); + } + + /** + * Read the bytes encoded in a Base64 encoded <code>String</code> and provide + * them via an <code>InputStream</code>. + * + * @param base64String The <code>String</code> containing the Base64 encoded + * bytes. + * @param ignoreInvalidChars Whether to ignore invalid Base64 characters. + * @return The <code>InputStream</code> from which the binary content of the + * <code>base64String</code> can be read. + */ + public static InputStream decodeToStream( + String base64String, + boolean ignoreInvalidChars) { + + try { + ByteArrayInputStream bin = + new ByteArrayInputStream(base64String.getBytes("UTF-8")); + Base64InputStream in = new Base64InputStream(bin, ignoreInvalidChars); + + return in; + } catch (UnsupportedEncodingException e) { + // cannot occur, since UTF-8 is required to be supported by every JRE + return null; + } + } + + /** + * Convert a byte array to a Base64 encoded <code>String</code>. + * + * @param bytes The bytes to encode. + * @return String The Base64 encoded representation of the <code>bytes</code>. + * @throws IOException Failed to write the bytes as Base64 data. + */ + public static String encode(byte[] bytes) throws IOException { + return encode(new ByteArrayInputStream(bytes)); + } + + /** + * Convert the data contained in the given stream to a Base64 encoded + * <code>String</code>. + * + * @param inputStream The stream containing the data to encode. + * @return The Base64 encoded data of <code>inputStream</code>, as a + * <code>String</code>. + * @throws IOException Failed to convert the data in the stream. + */ + public static String encode(InputStream inputStream) throws IOException { + ByteArrayOutputStream byteStream = new ByteArrayOutputStream(); + Base64OutputStream base64Stream = new Base64OutputStream(byteStream, "\n".getBytes()); + byte[] bytes = new byte[256]; + int bytesRead; + + while ((bytesRead = inputStream.read(bytes)) > 0) { + base64Stream.write(bytes, 0, bytesRead); + } + base64Stream.flush(); + base64Stream.close(); + inputStream.close(); + + return byteStream.toString("UTF-8"); + } + +} diff --git a/common/src/main/java/at/gv/egovernment/moa/util/BoolUtils.java b/common/src/main/java/at/gv/egovernment/moa/util/BoolUtils.java new file mode 100644 index 000000000..492aca994 --- /dev/null +++ b/common/src/main/java/at/gv/egovernment/moa/util/BoolUtils.java @@ -0,0 +1,48 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.util; + +/** + * Utility class for parsing XML schema boolean values. + * + * @author Patrick Peck + * @version $Id$ + */ +public class BoolUtils { + + /** + * Return the boolean value of an <code>xsd:boolean</code> type of DOM + * element/attribute. + * + * @param boolStr The value of the <code>xsd:boolean</code> element/attribute. + * @return <code>true</code>, if <code>boolStr</code> equals + * <code>"true"</code> or <code>"1;"</code>. Otherwise, + * <code>false</code> is returned. + */ + public static boolean valueOf(String boolStr) { + return "true".equals(boolStr) || "1".equals(boolStr); + } + +} diff --git a/common/src/main/java/at/gv/egovernment/moa/util/CollectionUtils.java b/common/src/main/java/at/gv/egovernment/moa/util/CollectionUtils.java new file mode 100644 index 000000000..8597e1eec --- /dev/null +++ b/common/src/main/java/at/gv/egovernment/moa/util/CollectionUtils.java @@ -0,0 +1,60 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.util; + +import java.util.Iterator; +import java.util.List; + +/** + * Various utility methods for dealing with <code>java.util.Collection</code> + * classes. + * + * @author Patrick Peck + * @version $Id$ + */ +public class CollectionUtils { + + /** + * Convert a <code>List</code> of <code>Number</code> objects to an + * <code>int</code> array. + * + * @param nums The <code>List</code> containing the numbers whose integer + * value to put into the result. + * @return The <code>int</code> values of the <code>Number</code>s contained + * in <code>nums</code>. + */ + public static int[] toIntArray(List nums) { + int[] result = new int[nums.size()]; + Iterator iter; + int i; + + for (i = 0, iter = nums.iterator(); iter.hasNext(); i++) { + Number num = (Number) iter.next(); + result[i] = num.intValue(); + } + + return result; + } +} diff --git a/common/src/main/java/at/gv/egovernment/moa/util/Constants.java b/common/src/main/java/at/gv/egovernment/moa/util/Constants.java new file mode 100644 index 000000000..769b651f9 --- /dev/null +++ b/common/src/main/java/at/gv/egovernment/moa/util/Constants.java @@ -0,0 +1,376 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.util; + +import java.util.HashMap; + +/** + * Contains various constants used throughout the system. + * + * @author Patrick Peck + * @version $Id$ + */ +public interface Constants { + /** Root location of the schema files. */ + public static final String SCHEMA_ROOT = "/resources/schemas/"; + + /** URI of the Widerrufregister XML namespace. */ + public static final String WRR_NS_URI = + "http://reference.e-government.gv.at/namespace/moavv/20041223"; + + /** Prefix used for the Widerrufregister XML namespace */ + public static final String WRR_PREFIX = "wrr"; + + /** URI of the StandardTextBlock XML namespace. */ + public static final String STB_NS_URI = + "http://reference.e-government.gv.at/namespace/standardtextblock/20041105#"; + + /** Prefix used for the standard text block XML namespace */ + public static final String STB_PREFIX = "stb"; + + /** URI of the MOA XML namespace. */ + public static final String MOA_NS_URI = + "http://reference.e-government.gv.at/namespace/moa/20020822#"; + + /** Name of the mandates infobox */ + public static final String INFOBOXIDENTIFIER_MANDATES = "Mandates"; + + /** Prefix used for the Mandate XML namespace */ + public static final String MD_PREFIX = "md"; + + /** URI of the Mandate XML namespace. */ + public static final String MD_NS_URI = + "http://reference.e-government.gv.at/namespace/mandates/20040701#"; + + /** Prefix used for the Mandate XML namespace */ + public static final String MVV_PREFIX = "mvv"; + + /** URI of the Mandate XML namespace. */ + public static final String MVV_NS_URI = + "http://reference.e-government.gv.at/namespace/moavv/app2mvv/20041125"; + + /** Prefix used for the MandateCheckProfile XML namespace */ + public static final String MDP_PREFIX = "mdp"; + + /** URI of the Mandate XML namespace. */ + public static final String MDP_NS_URI = + "http://reference.e-government.gv.at/namespace/mandateprofile/20041105#"; + + /** Prefix used for the MOA XML namespace */ + public static final String MOA_PREFIX = "moa"; + + /** Local location of the MOA XML schema definition. */ + public static final String MOA_SCHEMA_LOCATION = + SCHEMA_ROOT + "MOA-SPSS-1.4.7.xsd"; + + /** URI of the MOA configuration XML namespace. */ + public static final String MOA_CONFIG_NS_URI = + "http://reference.e-government.gv.at/namespace/moaconfig/20021122#"; + + /** URI of the MOA ID configuration XML namespace. */ + public static final String MOA_ID_CONFIG_NS_URI = + "http://www.buergerkarte.at/namespaces/moaconfig#"; + + /** Prefix used for the MOA configuration XML namespace */ + public static final String MOA_CONFIG_PREFIX = "conf"; + + /** Prefix used for the MOA configuration XML namespace */ + public static final String MOA_ID_CONFIG_PREFIX = "confID"; + + /** Local location of the MOA configuration XML schema definition. */ + public static final String MOA_CONFIG_SCHEMA_LOCATION = + SCHEMA_ROOT + "MOA-SPSS-config-1.5.1.xsd"; + + /** Local location of the MOA ID configuration XML schema definition. */ + public static final String MOA_ID_CONFIG_SCHEMA_LOCATION = + SCHEMA_ROOT + "MOA-ID-Configuration-1.5.1.xsd"; + + /** URI of the Security Layer 1.0 namespace. */ + public static final String SL10_NS_URI = + "http://www.buergerkarte.at/namespaces/securitylayer/20020225#"; + + /** Prefix used for the Security Layer 1.0 XML namespace */ + public static final String SL10_PREFIX = "sl10"; + + /** Local location of the Security Layer 1.0 XML schema definition */ + public static final String SL10_SCHEMA_LOCATION = + SCHEMA_ROOT + "Core.20020225.xsd"; + + /** URI of the Security Layer 1.1 XML namespace */ + public static final String SL11_NS_URI = + "http://www.buergerkarte.at/namespaces/securitylayer/20020831#"; + + /** Prefix used for the Security Layer 1.1 XML namespace */ + public static final String SL11_PREFIX = "sl11"; + + /** Local location of the Security Layer 1.1 XML schema definition */ + public static final String SL11_SCHEMA_LOCATION = + SCHEMA_ROOT + "Core.20020831.xsd"; + + /** URI of the Security Layer 1.2 XML namespace */ + public static final String SL12_NS_URI = + "http://www.buergerkarte.at/namespaces/securitylayer/1.2#"; + + /** Prefix used for the Security Layer 1.2 XML namespace */ + public static final String SL12_PREFIX = "sl"; + + /** Local location of the Security Layer 1.2 XML schema definition */ + public static final String SL12_SCHEMA_LOCATION = + SCHEMA_ROOT + "Core-1.2.xsd"; + + /** URI of the ECDSA XML namespace */ + public static final String ECDSA_NS_URI = + "http://www.w3.org/2001/04/xmldsig-more#"; + + /** Prefix used for ECDSA namespace */ + public static final String ECDSA_PREFIX = "ecdsa"; + + /** Local location of ECDSA XML schema definition */ + public static final String ECDSA_SCHEMA_LOCATION = + SCHEMA_ROOT + "ECDSAKeyValue.xsd"; + + /** URI of the PersonData XML namespace. */ + public static final String PD_NS_URI = + "http://reference.e-government.gv.at/namespace/persondata/20020228#"; + + /** Prefix used for the PersonData XML namespace */ + public static final String PD_PREFIX = "pr"; + +// /** Local location of the PersonData XML schema definition */ +// public static final String PD_SCHEMA_LOCATION = +// SCHEMA_ROOT + "PersonData.xsd"; + + /** Local location of the PersonData XML schema definition */ + public static final String PD_SCHEMA_LOCATION = + SCHEMA_ROOT + "PersonData_20_en_moaWID.xsd"; + + /** URI of the SAML namespace. */ + public static final String SAML_NS_URI = + "urn:oasis:names:tc:SAML:1.0:assertion"; + + /** Prefix used for the SAML XML namespace */ + public static final String SAML_PREFIX = "saml"; + + /** Local location of the SAML XML schema definition. */ + public static final String SAML_SCHEMA_LOCATION = + SCHEMA_ROOT + "cs-sstc-schema-assertion-01.xsd"; + + /** URI of the SAML request-response protocol namespace. */ + public static final String SAMLP_NS_URI = + "urn:oasis:names:tc:SAML:1.0:protocol"; + + /** Prefix used for the SAML request-response protocol namespace */ + public static final String SAMLP_PREFIX = "samlp"; + + /** Local location of the SAML request-response protocol schema definition. */ + public static final String SAMLP_SCHEMA_LOCATION = + SCHEMA_ROOT + "cs-sstc-schema-protocol-01.xsd"; + + /** URI of the XML namespace. */ + public static final String XML_NS_URI = + "http://www.w3.org/XML/1998/namespace"; + + /** Prefix used for the XML namespace */ + public static final String XML_PREFIX = "xml"; + + /** Local location of the XML schema definition. */ + public static final String XML_SCHEMA_LOCATION = SCHEMA_ROOT + "xml.xsd"; + + /** URI of the XMLNS namespace */ + public static final String XMLNS_NS_URI = "http://www.w3.org/2000/xmlns/"; + + /** Prefix used for the XSI namespace */ + public static final String XSI_PREFIX = "xsi"; + + /** Local location of the XSI schema definition. */ + public static final String XSI_SCHEMA_LOCATION = + SCHEMA_ROOT + "XMLSchema-instance.xsd"; + + /** URI of the XSI XMLNS namespace */ + public static final String XSI_NS_URI = + "http://www.w3.org/2001/XMLSchema-instance"; + + /** URI of the XSLT XML namespace */ + public static final String XSLT_NS_URI = + "http://www.w3.org/1999/XSL/Transform"; + + /** Prefix used for the XSLT XML namespace */ + public static final String XSLT_PREFIX = "xsl"; + + /** URI of the XMLDSig XML namespace. */ + public static final String DSIG_NS_URI = "http://www.w3.org/2000/09/xmldsig#"; + + /** Prefix used for the XMLDSig XML namespace */ + public static final String DSIG_PREFIX = "dsig"; + + /** Local location of the XMLDSig XML schema. */ + public static final String DSIG_SCHEMA_LOCATION = + SCHEMA_ROOT + "xmldsig-core-schema.xsd"; + + /** URI of the XMLDSig XPath Filter XML namespace. */ + public static final String DSIG_FILTER2_NS_URI = + "http://www.w3.org/2002/06/xmldsig-filter2"; + + /** Prefix used for the XMLDSig XPath Filter XML namespace */ + public static final String DSIG_FILTER2_PREFIX = "dsig-filter2"; + + /** Local location of the XMLDSig XPath Filter XML schema definition. */ + public static final String DSIG_FILTER2_SCHEMA_LOCATION = + SCHEMA_ROOT + "xmldsig-filter2.xsd"; + + /** URI of the Exclusive Canonicalization XML namespace */ + public static final String DSIG_EC_NS_URI = + "http://www.w3.org/2001/10/xml-exc-c14n#"; + + /** Prefix used for the Exclusive Canonicalization XML namespace */ + public static final String DSIG_EC_PREFIX = "ec"; + + /** Local location of the Exclusive Canonicalizaion XML schema definition */ + public static final String DSIG_EC_SCHEMA_LOCATION = + SCHEMA_ROOT + "exclusive-canonicalization.xsd"; + + /** URI of the XMLLoginParameterResolver Configuration XML namespace */ + public static final String XMLLPR_NS_URI="http://reference.e-government.gv.at/namespace/moa/20020822#/xmllpr20030814"; + + /** Local location of the XMLLoginParameterResolver Configuration XML schema definition */ + public static final String XMLLPR_SCHEMA_LOCATION = + SCHEMA_ROOT + "MOAIdentities.xsd"; + + /** Local location of the XAdES v1.1.1 schema definition */ + public static final String XADES_1_1_1_SCHEMA_LOCATION = + SCHEMA_ROOT + "XAdES-1.1.1.xsd"; + + /** URI of the XAdES v1.1.1 namespace */ + public static final String XADES_1_1_1_NS_URI = "http://uri.etsi.org/01903/v1.1.1#"; + + /** Local location of the XAdES v1.2.2 schema definition */ + public static final String XADES_1_2_2_SCHEMA_LOCATION = + SCHEMA_ROOT + "XAdES-1.2.2.xsd"; + + /** URI of the XAdES v1.2.2 namespace */ + public static final String XADES_1_2_2_NS_URI = "http://uri.etsi.org/01903/v1.2.2#"; + + /** Local location of the XAdES v1.1.1 schema definition */ + public static final String XADES_1_3_2_SCHEMA_LOCATION = + SCHEMA_ROOT + "XAdES-1.3.2.xsd"; + + /** URI of the XAdES v1.3.2 namespace */ + public static final String XADES_1_3_2_NS_URI = "http://uri.etsi.org/01903/v1.3.2#"; + + /** Local location of the XAdES v1.4.1 schema definition */ + public static final String XADES_1_4_1_SCHEMA_LOCATION = + SCHEMA_ROOT + "XAdES-1.4.1.xsd"; + + /** URI of the XAdES v1.4.1 namespace */ + public static final String XADES_1_4_1_NS_URI = "http://uri.etsi.org/01903/v1.4.1#"; + + /** + * Contains all namespaces and local schema locations for XML schema + * definitions relevant for MOA. For use in validating XML parsers. + */ + public static final String ALL_SCHEMA_LOCATIONS = + (MOA_NS_URI + " " + MOA_SCHEMA_LOCATION + " ") + + (MOA_CONFIG_NS_URI + " " + MOA_CONFIG_SCHEMA_LOCATION + " ") + + (MOA_ID_CONFIG_NS_URI + " " + MOA_ID_CONFIG_SCHEMA_LOCATION + " ") + + (SL10_NS_URI + " " + SL10_SCHEMA_LOCATION + " ") + + (SL11_NS_URI + " " + SL11_SCHEMA_LOCATION + " ") + + (SL12_NS_URI + " " + SL12_SCHEMA_LOCATION + " ") + + (ECDSA_NS_URI + " " + ECDSA_SCHEMA_LOCATION + " ") + + (PD_NS_URI + " " + PD_SCHEMA_LOCATION + " ") + + (SAML_NS_URI + " " + SAML_SCHEMA_LOCATION + " ") + + (SAMLP_NS_URI + " " + SAMLP_SCHEMA_LOCATION + " ") + + (XML_NS_URI + " " + XML_SCHEMA_LOCATION + " ") + + (XSI_NS_URI + " " + XSI_SCHEMA_LOCATION + " ") + + (DSIG_NS_URI + " " + DSIG_SCHEMA_LOCATION + " ") + + (DSIG_FILTER2_NS_URI + " " + DSIG_FILTER2_SCHEMA_LOCATION + " ") + + (DSIG_EC_NS_URI + " " + DSIG_EC_SCHEMA_LOCATION + " ") + + (XMLLPR_NS_URI + " " + XMLLPR_SCHEMA_LOCATION + " ") + + (XADES_1_1_1_NS_URI + " " + XADES_1_1_1_SCHEMA_LOCATION + " ") + + (XADES_1_2_2_NS_URI + " " + XADES_1_2_2_SCHEMA_LOCATION + " ") + + (XADES_1_3_2_NS_URI + " " + XADES_1_3_2_SCHEMA_LOCATION + " ") + + (XADES_1_4_1_NS_URI + " " + XADES_1_4_1_SCHEMA_LOCATION); + + /** URN prefix for bPK and wbPK. */ + public static final String URN_PREFIX = "urn:publicid:gv.at"; + + /** URN prefix for context dependent id. */ + public static final String URN_PREFIX_CDID = URN_PREFIX + ":cdid"; + + /** URN prefix for context dependent id (bPK). */ + public static final String URN_PREFIX_BPK = URN_PREFIX_CDID + "+bpk"; + + /** URN prefix for context dependent id (HPI). */ + public static final String URN_PREFIX_HPI = URN_PREFIX_CDID + "+EHSP"; + + /** URN prefix for context dependent id (wbPK). */ + public static final String URN_PREFIX_WBPK = URN_PREFIX + ":wbpk"; + + /** URN prefix for context dependent id. */ + public static final String URN_PREFIX_BASEID = URN_PREFIX + ":baseid"; + + /** Security Layer manifest type URI. */ + public static final String SL_MANIFEST_TYPE_URI = + "http://www.buergerkarte.at/specifications/Security-Layer/20020225#SignatureManifest"; + + /** URI of the SHA1 digest algorithm */ + public static final String SHA1_URI = + "http://www.w3.org/2000/09/xmldsig#sha1"; + + /** URI of the Canonical XML algorithm */ + public static final String C14N_URI = + "http://www.w3.org/TR/2001/REC-xml-c14n-20010315"; + + /** URI of the Canoncial XML with comments algorithm */ + public static final String C14N_WITH_COMMENTS_URI = + "http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"; + + /** URI of the Exclusive Canonical XML algorithm */ + public static final String EXC_C14N_URI = + "http://www.w3.org/2001/10/xml-exc-c14n#"; + + /** URI of the Exclusive Canonical XML with commments algorithm */ + public static final String EXC_C14N_WITH_COMMENTS_URI = + "http://www.w3.org/2001/10/xml-exc-c14n#WithComments"; + + // + // Local names for elements of the MOA SPSS schema + // + + /** + * Local name of request for creating an XML signature. + */ + public static final String MOA_SPSS_CREATE_XML_REQUEST = "CreateXMLSignatureRequest"; + + /** + * Local name of request for verifying an XML signature. + */ + public static final String MOA_SPSS_VERIFY_XML_REQUEST = "VerifiyXMLSignatureRequest"; + + /** + * A map used to map namespace prefixes to namespace URIs + */ + public static HashMap nSMap = new HashMap(5); + +} diff --git a/common/src/main/java/at/gv/egovernment/moa/util/DOMUtils.java b/common/src/main/java/at/gv/egovernment/moa/util/DOMUtils.java new file mode 100644 index 000000000..102d3a31f --- /dev/null +++ b/common/src/main/java/at/gv/egovernment/moa/util/DOMUtils.java @@ -0,0 +1,1163 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.util; + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.io.InputStream; +import java.util.HashMap; +import java.util.HashSet; +import java.util.Iterator; +import java.util.List; +import java.util.Map; +import java.util.Set; +import java.util.Vector; + +import javax.xml.parsers.DocumentBuilder; +import javax.xml.parsers.DocumentBuilderFactory; +import javax.xml.parsers.ParserConfigurationException; +import javax.xml.transform.OutputKeys; +import javax.xml.transform.Result; +import javax.xml.transform.Source; +import javax.xml.transform.Transformer; +import javax.xml.transform.TransformerException; +import javax.xml.transform.TransformerFactory; +import javax.xml.transform.dom.DOMSource; +import javax.xml.transform.stream.StreamResult; + +import org.apache.xerces.parsers.DOMParser; +import org.apache.xerces.parsers.SAXParser; +import org.apache.xerces.parsers.XMLGrammarPreparser; +import org.apache.xerces.util.SymbolTable; +import org.apache.xerces.util.XMLGrammarPoolImpl; +import org.apache.xerces.xni.grammars.XMLGrammarDescription; +import org.apache.xerces.xni.grammars.XMLGrammarPool; +import org.apache.xerces.xni.parser.XMLInputSource; +import org.w3c.dom.Attr; +import org.w3c.dom.Document; +import org.w3c.dom.DocumentFragment; +import org.w3c.dom.Element; +import org.w3c.dom.NamedNodeMap; +import org.w3c.dom.Node; +import org.w3c.dom.NodeList; +import org.xml.sax.EntityResolver; +import org.xml.sax.ErrorHandler; +import org.xml.sax.InputSource; +import org.xml.sax.SAXException; + +import at.gv.egovernment.moa.logging.Logger; + +/** + * Various utility functions for handling XML DOM trees. + * + * The parsing methods in this class make use of some features internal to the + * Xerces DOM parser, mainly for performance reasons. As soon as JAXP + * (currently at version 1.2) is better at schema handling, it should be used as + * the parser interface. + * + * @author Patrick Peck + * @version $Id$ + */ +public class DOMUtils { + + /** Feature URI for namespace aware parsing. */ + private static final String NAMESPACES_FEATURE = + "http://xml.org/sax/features/namespaces"; + /** Feature URI for validating parsing. */ + private static final String VALIDATION_FEATURE = + "http://xml.org/sax/features/validation"; + /** Feature URI for schema validating parsing. */ + private static final String SCHEMA_VALIDATION_FEATURE = + "http://apache.org/xml/features/validation/schema"; + /** Feature URI for normalization of element/attribute values. */ + private static final String NORMALIZED_VALUE_FEATURE = + "http://apache.org/xml/features/validation/schema/normalized-value"; + /** Feature URI for parsing ignorable whitespace. */ + private static final String INCLUDE_IGNORABLE_WHITESPACE_FEATURE = + "http://apache.org/xml/features/dom/include-ignorable-whitespace"; + /** Feature URI for creating EntityReference nodes in the DOM tree. */ + private static final String CREATE_ENTITY_REF_NODES_FEATURE = + "http://apache.org/xml/features/dom/create-entity-ref-nodes"; + /** Property URI for providing external schema locations. */ + private static final String EXTERNAL_SCHEMA_LOCATION_PROPERTY = + "http://apache.org/xml/properties/schema/external-schemaLocation"; + /** Property URI for providing the external schema location for elements + * without a namespace. */ + private static final String EXTERNAL_NO_NAMESPACE_SCHEMA_LOCATION_PROPERTY = + "http://apache.org/xml/properties/schema/external-noNamespaceSchemaLocation"; + + private static final String EXTERNAL_GENERAL_ENTITIES_FEATURE = + "http://xml.org/sax/features/external-general-entities"; + + private static final String EXTERNAL_PARAMETER_ENTITIES_FEATURE = + "http://xml.org/sax/features/external-parameter-entities"; + + + + + /** Property URI for the Xerces grammar pool. */ + private static final String GRAMMAR_POOL = + org.apache.xerces.impl.Constants.XERCES_PROPERTY_PREFIX + + org.apache.xerces.impl.Constants.XMLGRAMMAR_POOL_PROPERTY; + /** A prime number for initializing the symbol table. */ + private static final int BIG_PRIME = 2039; + /** Symbol table for the grammar pool. */ + private static SymbolTable symbolTable = new SymbolTable(BIG_PRIME); + /** Xerces schema grammar pool. */ + private static XMLGrammarPool grammarPool = new XMLGrammarPoolImpl(); + /** Set holding the NamespaceURIs of the grammarPool, to prevent multiple + * entries of same grammars to the pool */ + private static Set grammarNamespaces; + + static { + grammarPool.lockPool(); + grammarNamespaces = new HashSet(); + } + + /** + * Preparse a schema and add it to the schema pool. + * The method only adds the schema to the pool if a schema having the same + * <code>systemId</code> (namespace URI) is not already present in the pool. + * + * @param inputStream An <code>InputStream</code> providing the contents of + * the schema. + * @param systemId The systemId (namespace URI) to use for the schema. + * @throws IOException An error occurred reading the schema. + */ + public static void addSchemaToPool(InputStream inputStream, String systemId) + throws IOException { + XMLGrammarPreparser preparser; + + if (!grammarNamespaces.contains(systemId)) { + + grammarNamespaces.add(systemId); + + // unlock the pool so that we can add another grammar + grammarPool.unlockPool(); + + // prepare the preparser + preparser = new XMLGrammarPreparser(symbolTable); + preparser.registerPreparser(XMLGrammarDescription.XML_SCHEMA, null); + preparser.setProperty(GRAMMAR_POOL, grammarPool); + preparser.setFeature(NAMESPACES_FEATURE, true); + preparser.setFeature(VALIDATION_FEATURE, true); + + // add the grammar to the pool + preparser.preparseGrammar( + XMLGrammarDescription.XML_SCHEMA, + new XMLInputSource(null, systemId, null, inputStream, null)); + + // lock the pool again so that schemas are not added automatically + grammarPool.lockPool(); + } + } + + /** + * Parse an XML document from an <code>InputStream</code>. + * + * @param inputStream The <code>InputStream</code> containing the XML + * document. + * @param validating If <code>true</code>, parse validating. + * @param externalSchemaLocations A <code>String</code> containing namespace + * URI to schema location pairs, the same way it is accepted by the <code>xsi: + * schemaLocation</code> attribute. + * @param externalNoNamespaceSchemaLocation The schema location of the + * schema for elements without a namespace, the same way it is accepted by the + * <code>xsi:noNamespaceSchemaLocation</code> attribute. + * @param entityResolver An <code>EntityResolver</code> to resolve external + * entities (schemas and DTDs). If <code>null</code>, it will not be set. + * @param errorHandler An <code>ErrorHandler</code> to decide what to do + * with parsing errors. If <code>null</code>, it will not be set. + * @return The parsed XML document as a DOM tree. + * @throws SAXException An error occurred parsing the document. + * @throws IOException An error occurred reading the document. + * @throws ParserConfigurationException An error occurred configuring the XML + * parser. + */ + public static Document parseDocument( + InputStream inputStream, + boolean validating, + String externalSchemaLocations, + String externalNoNamespaceSchemaLocation, + EntityResolver entityResolver, + ErrorHandler errorHandler) + throws SAXException, IOException, ParserConfigurationException { + + DOMParser parser; + +// class MyEntityResolver implements EntityResolver { +// +// public InputSource resolveEntity(String publicId, String systemId) +// throws SAXException, IOException { +// return new InputSource(new ByteArrayInputStream(new byte[0])); +// } +// } + + + //if Debug is enabled make a copy of inputStream to enable debug output in case of SAXException + byte buffer [] = null; + ByteArrayInputStream baStream = null; + if(true == Logger.isDebugEnabled()) { + int len = inputStream.available(); + buffer = new byte[len]; + inputStream.read(buffer); + baStream = new ByteArrayInputStream(buffer); + } + + // create the DOM parser + if (symbolTable != null) { + parser = new DOMParser(symbolTable, grammarPool); + } else { + parser = new DOMParser(); + } + + // set parser features and properties + try { + parser.setFeature(NAMESPACES_FEATURE, true); + parser.setFeature(VALIDATION_FEATURE, validating); + parser.setFeature(SCHEMA_VALIDATION_FEATURE, validating); + parser.setFeature(NORMALIZED_VALUE_FEATURE, false); + parser.setFeature(INCLUDE_IGNORABLE_WHITESPACE_FEATURE, true); + parser.setFeature(CREATE_ENTITY_REF_NODES_FEATURE, false); + parser.setFeature(EXTERNAL_GENERAL_ENTITIES_FEATURE, false); + parser.setFeature(EXTERNAL_PARAMETER_ENTITIES_FEATURE, false); + + if (validating) { + if (externalSchemaLocations != null) { + parser.setProperty( + EXTERNAL_SCHEMA_LOCATION_PROPERTY, + externalSchemaLocations); + } + if (externalNoNamespaceSchemaLocation != null) { + parser.setProperty( + EXTERNAL_NO_NAMESPACE_SCHEMA_LOCATION_PROPERTY, + externalNoNamespaceSchemaLocation); + } + } + + // set entity resolver and error handler + if (entityResolver != null) { + parser.setEntityResolver(entityResolver); + } + if (errorHandler != null) { + parser.setErrorHandler(errorHandler); + } + + // parse the document and return it + // if debug is enabled: use copy of strem (baStream) else use orig stream + if(null != baStream) + parser.parse(new InputSource(baStream)); + else + parser.parse(new InputSource(inputStream)); + } catch(SAXException e) { + if(true == Logger.isDebugEnabled() && null != buffer) { + String xmlContent = new String(buffer); + Logger.debug("SAXException in:\n" + xmlContent); + } + throw(e); + } + + return parser.getDocument(); + } + + /** + * Parse an XML document from an <code>InputStream</code>. + * + * @param inputStream The <code>InputStream</code> containing the XML + * document. + * @param validating If <code>true</code>, parse validating. + * @param externalSchemaLocations A <code>String</code> containing namespace + * URI to schema location pairs, the same way it is accepted by the <code>xsi: + * schemaLocation</code> attribute. + * @param externalNoNamespaceSchemaLocation The schema location of the + * schema for elements without a namespace, the same way it is accepted by the + * <code>xsi:noNamespaceSchemaLocation</code> attribute. + * @param entityResolver An <code>EntityResolver</code> to resolve external + * entities (schemas and DTDs). If <code>null</code>, it will not be set. + * @param errorHandler An <code>ErrorHandler</code> to decide what to do + * with parsing errors. If <code>null</code>, it will not be set. + * @return The parsed XML document as a DOM tree. + * @throws SAXException An error occurred parsing the document. + * @throws IOException An error occurred reading the document. + * @throws ParserConfigurationException An error occurred configuring the XML + * parser. + */ + public static Document parseDocumentSimple(InputStream inputStream) + throws SAXException, IOException, ParserConfigurationException { + + DOMParser parser; + + parser = new DOMParser(); + // set parser features and properties + parser.setFeature(NAMESPACES_FEATURE, true); + parser.setFeature(VALIDATION_FEATURE, false); + parser.setFeature(SCHEMA_VALIDATION_FEATURE, false); + parser.setFeature(NORMALIZED_VALUE_FEATURE, false); + parser.setFeature(INCLUDE_IGNORABLE_WHITESPACE_FEATURE, true); + parser.setFeature(CREATE_ENTITY_REF_NODES_FEATURE, false); + + parser.parse(new InputSource(inputStream)); + + return parser.getDocument(); + } + + + /** + * Parse an XML document from an <code>InputStream</code>. + * + * It uses a <code>MOAEntityResolver</code> as the <code>EntityResolver</code> + * and a <code>MOAErrorHandler</code> as the <code>ErrorHandler</code>. + * + * @param inputStream The <code>InputStream</code> containing the XML + * document. + * @param validating If <code>true</code>, parse validating. + * @param externalSchemaLocations A <code>String</code> containing namespace + * URI to schema location pairs, the same way it is accepted by the <code>xsi: + * schemaLocation</code> attribute. + * @param externalNoNamespaceSchemaLocation The schema location of the + * schema for elements without a namespace, the same way it is accepted by the + * <code>xsi:noNamespaceSchemaLocation</code> attribute. + * @return The parsed XML document as a DOM tree. + * @throws SAXException An error occurred parsing the document. + * @throws IOException An error occurred reading the document. + * @throws ParserConfigurationException An error occurred configuring the XML + * parser. + */ + public static Document parseDocument( + InputStream inputStream, + boolean validating, + String externalSchemaLocations, + String externalNoNamespaceSchemaLocation) + throws SAXException, IOException, ParserConfigurationException { + + + + return parseDocument( + inputStream, + validating, + externalSchemaLocations, + externalNoNamespaceSchemaLocation, + new MOAEntityResolver(), + new MOAErrorHandler()); + } + + /** + * Parse an XML document from a <code>String</code>. + * + * It uses a <code>MOAEntityResolver</code> as the <code>EntityResolver</code> + * and a <code>MOAErrorHandler</code> as the <code>ErrorHandler</code>. + * + * @param xmlString The <code>String</code> containing the XML document. + * @param encoding The encoding of the XML document. + * @param validating If <code>true</code>, parse validating. + * @param externalSchemaLocations A <code>String</code> containing namespace + * URI to schema location pairs, the same way it is accepted by the <code>xsi: + * schemaLocation</code> attribute. + * @param externalNoNamespaceSchemaLocation The schema location of the + * schema for elements without a namespace, the same way it is accepted by the + * <code>xsi:noNamespaceSchemaLocation</code> attribute. + * @return The parsed XML document as a DOM tree. + * @throws SAXException An error occurred parsing the document. + * @throws IOException An error occurred reading the document. + * @throws ParserConfigurationException An error occurred configuring the XML + * parser. + */ + public static Document parseDocument( + String xmlString, + String encoding, + boolean validating, + String externalSchemaLocations, + String externalNoNamespaceSchemaLocation) + throws SAXException, IOException, ParserConfigurationException { + + InputStream in = new ByteArrayInputStream(xmlString.getBytes(encoding)); + return parseDocument( + in, + validating, + externalSchemaLocations, + externalNoNamespaceSchemaLocation); + } + + /** + * Parse an UTF-8 encoded XML document from a <code>String</code>. + * + * @param xmlString The <code>String</code> containing the XML document. + * @param validating If <code>true</code>, parse validating. + * @param externalSchemaLocations A <code>String</code> containing namespace + * URI to schema location pairs, the same way it is accepted by the <code>xsi: + * schemaLocation</code> attribute. + * @param externalNoNamespaceSchemaLocation The schema location of the + * schema for elements without a namespace, the same way it is accepted by the + * <code>xsi:noNamespaceSchemaLocation</code> attribute. + * @return The parsed XML document as a DOM tree. + * @throws SAXException An error occurred parsing the document. + * @throws IOException An error occurred reading the document. + * @throws ParserConfigurationException An error occurred configuring the XML + * parser. + */ + public static Document parseDocument( + String xmlString, + boolean validating, + String externalSchemaLocations, + String externalNoNamespaceSchemaLocation) + throws SAXException, IOException, ParserConfigurationException { + + return parseDocument( + xmlString, + "UTF-8", + validating, + externalSchemaLocations, + externalNoNamespaceSchemaLocation); + } + + /** + * A convenience method to parse an XML document validating. + * + * @param inputStream The <code>InputStream</code> containing the XML + * document. + * @return The root element of the parsed XML document. + * @throws SAXException An error occurred parsing the document. + * @throws IOException An error occurred reading the document. + * @throws ParserConfigurationException An error occurred configuring the XML + * parser. + */ + public static Element parseXmlValidating(InputStream inputStream) + throws ParserConfigurationException, SAXException, IOException { + return DOMUtils + .parseDocument(inputStream, true, Constants.ALL_SCHEMA_LOCATIONS, null) + .getDocumentElement(); + } + + /** + * A convenience method to parse an XML document non validating. + * + * @param inputStream The <code>InputStream</code> containing the XML + * document. + * @return The root element of the parsed XML document. + * @throws SAXException An error occurred parsing the document. + * @throws IOException An error occurred reading the document. + * @throws ParserConfigurationException An error occurred configuring the XML + * parser. + */ + public static Element parseXmlNonValidating(InputStream inputStream) + throws ParserConfigurationException, SAXException, IOException { + return DOMUtils + .parseDocument(inputStream, false, Constants.ALL_SCHEMA_LOCATIONS, null) + .getDocumentElement(); + } + + /** + * Schema validate a given DOM element. + * + * @param element The element to validate. + * @param externalSchemaLocations A <code>String</code> containing namespace + * URI to schema location pairs, the same way it is accepted by the <code>xsi: + * schemaLocation</code> attribute. + * @param externalNoNamespaceSchemaLocation The schema location of the + * schema for elements without a namespace, the same way it is accepted by the + * <code>xsi:noNamespaceSchemaLocation</code> attribute. + * @return <code>true</code>, if the <code>element</code> validates against + * the schemas declared in it. + * @throws SAXException An error occurred parsing the document. + * @throws IOException An error occurred reading the document from its + * serialized representation. + * @throws ParserConfigurationException An error occurred configuring the XML + * @throws TransformerException An error occurred serializing the element. + */ + public static boolean validateElement( + Element element, + String externalSchemaLocations, + String externalNoNamespaceSchemaLocation) + throws + ParserConfigurationException, + IOException, + SAXException, + TransformerException { + + byte[] docBytes; + SAXParser parser; + + // create the SAX parser + if (symbolTable != null) { + parser = new SAXParser(symbolTable, grammarPool); + } else { + parser = new SAXParser(); + } + + // serialize the document + docBytes = serializeNode(element, "UTF-8"); + + // set up parser features and attributes + parser.setFeature(NAMESPACES_FEATURE, true); + parser.setFeature(VALIDATION_FEATURE, true); + parser.setFeature(SCHEMA_VALIDATION_FEATURE, true); + + if (externalSchemaLocations != null) { + parser.setProperty( + EXTERNAL_SCHEMA_LOCATION_PROPERTY, + externalSchemaLocations); + } + if (externalNoNamespaceSchemaLocation != null) { + parser.setProperty( + EXTERNAL_NO_NAMESPACE_SCHEMA_LOCATION_PROPERTY, + "externalNoNamespaceSchemaLocation"); + } + + // set up entity resolver and error handler + parser.setEntityResolver(new MOAEntityResolver()); + parser.setErrorHandler(new MOAErrorHandler()); + + // parse validating + parser.parse(new InputSource(new ByteArrayInputStream(docBytes))); + return true; + } + + + /** + * Schema validate a given DOM element. + * + * @param element The element to validate. + * @param externalSchemaLocations A <code>String</code> containing namespace + * URI to schema location pairs, the same way it is accepted by the <code>xsi: + * schemaLocation</code> attribute. + * @param externalNoNamespaceSchemaLocation The schema location of the + * schema for elements without a namespace, the same way it is accepted by the + * <code>xsi:noNamespaceSchemaLocation</code> attribute. + * @return <code>true</code>, if the <code>element</code> validates against + * the schemas declared in it. + * @throws SAXException An error occurred parsing the document. + * @throws IOException An error occurred reading the document from its + * serialized representation. + * @throws ParserConfigurationException An error occurred configuring the XML + * @throws TransformerException An error occurred serializing the element. + */ + public static boolean validateElement( + Element element, + String externalSchemaLocations, + String externalNoNamespaceSchemaLocation, + EntityResolver entityResolver) + throws + ParserConfigurationException, + IOException, + SAXException, + TransformerException { + + byte[] docBytes; + SAXParser parser; + + // create the SAX parser + if (symbolTable != null) { + parser = new SAXParser(symbolTable, grammarPool); + } else { + parser = new SAXParser(); + } + + // serialize the document + docBytes = serializeNode(element, "UTF-8"); + + // set up parser features and attributes + parser.setFeature(NAMESPACES_FEATURE, true); + parser.setFeature(VALIDATION_FEATURE, true); + parser.setFeature(SCHEMA_VALIDATION_FEATURE, true); + + if (externalSchemaLocations != null) { + parser.setProperty( + EXTERNAL_SCHEMA_LOCATION_PROPERTY, + externalSchemaLocations); + } + if (externalNoNamespaceSchemaLocation != null) { + parser.setProperty( + EXTERNAL_NO_NAMESPACE_SCHEMA_LOCATION_PROPERTY, + "externalNoNamespaceSchemaLocation"); + } + + // set up entity resolver and error handler + parser.setEntityResolver(entityResolver); + parser.setErrorHandler(new MOAErrorHandler()); + + // parse validating + parser.parse(new InputSource(new ByteArrayInputStream(docBytes))); + return true; + } + + /** + * Serialize the given DOM node. + * + * The node will be serialized using the UTF-8 encoding. + * + * @param node The node to serialize. + * @return String The <code>String</code> representation of the given DOM + * node. + * @throws TransformerException An error occurred transforming the + * node to a <code>String</code>. + * @throws IOException An IO error occurred writing the node to a byte array. + */ + public static String serializeNode(Node node) + throws TransformerException, IOException { + return new String(serializeNode(node, "UTF-8", false), "UTF-8"); + } + + + /** + * Serialize the given DOM node. + * + * The node will be serialized using the UTF-8 encoding. + * + * @param node The node to serialize. + * @param omitXmlDeclaration The boolean value for omitting the XML Declaration. + * @return String The <code>String</code> representation of the given DOM + * node. + * @throws TransformerException An error occurred transforming the + * node to a <code>String</code>. + * @throws IOException An IO error occurred writing the node to a byte array. + */ + public static String serializeNode(Node node, boolean omitXmlDeclaration) + throws TransformerException, IOException { + return new String(serializeNode(node, "UTF-8", omitXmlDeclaration), "UTF-8"); + } + + /** + * Serialize the given DOM node. + * + * The node will be serialized using the UTF-8 encoding. + * + * @param node The node to serialize. + * @param omitXmlDeclaration The boolean value for omitting the XML Declaration. + * @param lineSeperator Sets the line seperator String of the parser + * @return String The <code>String</code> representation of the given DOM + * node. + * @throws TransformerException An error occurred transforming the + * node to a <code>String</code>. + * @throws IOException An IO error occurred writing the node to a byte array. + */ + public static String serializeNode(Node node, boolean omitXmlDeclaration, String lineSeperator) + throws TransformerException, IOException { + return new String(serializeNode(node, "UTF-8", omitXmlDeclaration, lineSeperator), "UTF-8"); + } + + /** + * Serialize the given DOM node to a byte array. + * + * @param node The node to serialize. + * @param xmlEncoding The XML encoding to use. + * @return The serialized node, as a byte array. Using a compatible encoding + * this can easily be converted into a <code>String</code>. + * @throws TransformerException An error occurred transforming the node to a + * byte array. + * @throws IOException An IO error occurred writing the node to a byte array. + */ + public static byte[] serializeNode(Node node, String xmlEncoding) + throws TransformerException, IOException { + return serializeNode(node, xmlEncoding, false); + } + + /** + * Serialize the given DOM node to a byte array. + * + * @param node The node to serialize. + * @param xmlEncoding The XML encoding to use. + * @param omitDeclaration The boolean value for omitting the XML Declaration. + * @return The serialized node, as a byte array. Using a compatible encoding + * this can easily be converted into a <code>String</code>. + * @throws TransformerException An error occurred transforming the node to a + * byte array. + * @throws IOException An IO error occurred writing the node to a byte array. + */ + public static byte[] serializeNode(Node node, String xmlEncoding, boolean omitDeclaration) + throws TransformerException, IOException { + return serializeNode(node, xmlEncoding, omitDeclaration, null); + } + + + /** + * Serialize the given DOM node to a byte array. + * + * @param node The node to serialize. + * @param xmlEncoding The XML encoding to use. + * @param omitDeclaration The boolean value for omitting the XML Declaration. + * @param lineSeperator Sets the line seperator String of the parser + * @return The serialized node, as a byte array. Using a compatible encoding + * this can easily be converted into a <code>String</code>. + * @throws TransformerException An error occurred transforming the node to a + * byte array. + * @throws IOException An IO error occurred writing the node to a byte array. + */ + public static byte[] serializeNode(Node node, String xmlEncoding, boolean omitDeclaration, String lineSeperator) + throws TransformerException, IOException { + + TransformerFactory transformerFactory = TransformerFactory.newInstance(); + Transformer transformer = transformerFactory.newTransformer(); + ByteArrayOutputStream bos = new ByteArrayOutputStream(16384); + + transformer.setOutputProperty(OutputKeys.METHOD, "xml"); + transformer.setOutputProperty(OutputKeys.ENCODING, xmlEncoding); + String omit = omitDeclaration ? "yes" : "no"; + transformer.setOutputProperty(OutputKeys.OMIT_XML_DECLARATION, omit); + if (null!=lineSeperator) { + transformer.setOutputProperty("{http://xml.apache.org/xalan}line-separator", lineSeperator);//does not work for xalan <= 2.5.1 + } + transformer.transform(new DOMSource(node), new StreamResult(bos)); + + bos.flush(); + bos.close(); + + return bos.toByteArray(); + } + + /** + * Return the text that a node contains. + * + * This routine: + * <ul> + * <li>Ignores comments and processing instructions.</li> + * <li>Concatenates TEXT nodes, CDATA nodes, and the results recursively + * processing EntityRef nodes.</li> + * <li>Ignores any element nodes in the sublist. (Other possible options are + * to recurse into element sublists or throw an exception.)</li> + * </ul> + * + * @param node A DOM node from which to extract text. + * @return A String representing its contents. + */ + public static String getText(Node node) { + if (!node.hasChildNodes()) { + return ""; + } + + StringBuffer result = new StringBuffer(); + NodeList list = node.getChildNodes(); + + for (int i = 0; i < list.getLength(); i++) { + Node subnode = list.item(i); + if (subnode.getNodeType() == Node.TEXT_NODE) { + result.append(subnode.getNodeValue()); + } else if (subnode.getNodeType() == Node.CDATA_SECTION_NODE) { + result.append(subnode.getNodeValue()); + } else if (subnode.getNodeType() == Node.ENTITY_REFERENCE_NODE) { + // Recurse into the subtree for text + // (and ignore comments) + result.append(getText(subnode)); + } + } + return result.toString(); + } + + /** + * Build the namespace prefix to namespace URL mapping in effect for a given + * node. + * + * @param node The context node for which build the map. + * @return The namespace prefix to namespace URL mapping ( + * a <code>String</code> value to <code>String</code> value mapping). + */ + public static Map getNamespaceDeclarations(Node node) { + Map nsDecls = new HashMap(); + int i; + + do { + if (node.hasAttributes()) { + NamedNodeMap attrs = node.getAttributes(); + + for (i = 0; i < attrs.getLength(); i++) { + Attr attr = (Attr) attrs.item(i); + + // add prefix mapping if none exists + if ("xmlns".equals(attr.getPrefix()) + || "xmlns".equals(attr.getName())) { + + String nsPrefix = + attr.getPrefix() != null ? attr.getLocalName() : ""; + + if (nsDecls.get(nsPrefix) == null) { + nsDecls.put(nsPrefix, attr.getValue()); + } + } + } + } + } while ((node = node.getParentNode()) != null); + + return nsDecls; + } + + /** + * Add all namespace declarations declared in the parent(s) of a given + * element and used in the subtree of the given element to the given element. + * + * @param context The element to which to add the namespaces. + */ + public static void localizeNamespaceDeclarations(Element context) { + Node parent = context.getParentNode(); + + if (parent != null) { + Map namespaces = getNamespaceDeclarations(context.getParentNode()); + Set nsUris = collectNamespaceURIs(context); + Iterator iter; + + for (iter = namespaces.entrySet().iterator(); iter.hasNext();) { + Map.Entry e = (Map.Entry) iter.next(); + + if (nsUris.contains(e.getValue())) { + String prefix = (String) e.getKey(); + String nsUri = (String) e.getValue(); + String nsAttrName = "".equals(prefix) ? "xmlns" : "xmlns:" + prefix; + + context.setAttributeNS(Constants.XMLNS_NS_URI, nsAttrName, nsUri); + } + } + } + } + + /** + * Collect all the namespace URIs used in the subtree of a given element. + * + * @param context The element that should be searched for namespace URIs. + * @return All namespace URIs used in the subtree of <code>context</code>, + * including the ones used in <code>context</code> itself. + */ + public static Set collectNamespaceURIs(Element context) { + Set result = new HashSet(); + + collectNamespaceURIsImpl(context, result); + return result; + } + + /** + * A recursive method to do the work of <code>collectNamespaceURIs</code>. + * + * @param context The context element to evaluate. + * @param result The result, passed as a parameter to avoid unnecessary + * instantiations of <code>Set</code>. + */ + private static void collectNamespaceURIsImpl(Element context, Set result) { + NamedNodeMap attrs = context.getAttributes(); + NodeList childNodes = context.getChildNodes(); + String nsUri; + int i; + + // add the namespace of the context element + nsUri = context.getNamespaceURI(); + if (nsUri != null && nsUri != Constants.XMLNS_NS_URI) { + result.add(nsUri); + } + + // add all namespace URIs from attributes + for (i = 0; i < attrs.getLength(); i++) { + nsUri = attrs.item(i).getNamespaceURI(); + if (nsUri != null && nsUri != Constants.XMLNS_NS_URI) { + result.add(nsUri); + } + } + + // add all namespaces from subelements + for (i = 0; i < childNodes.getLength(); i++) { + Node node = childNodes.item(i); + + if (node.getNodeType() == Node.ELEMENT_NODE) { + collectNamespaceURIsImpl((Element) node, result); + } + } + } + + /** + * Check, that each attribute node in the given <code>NodeList</code> has its + * parent in the <code>NodeList</code> as well. + * + * @param nodes The <code>NodeList</code> to check. + * @return <code>true</code>, if each attribute node in <code>nodes</code> + * has its parent in <code>nodes</code> as well. + */ + public static boolean checkAttributeParentsInNodeList(NodeList nodes) { + Set nodeSet = new HashSet(); + int i; + + // put the nodes into the nodeSet + for (i = 0; i < nodes.getLength(); i++) { + nodeSet.add(nodes.item(i)); + } + + // check that each attribute node's parent is in the node list + for (i = 0; i < nodes.getLength(); i++) { + Node n = nodes.item(i); + + if (n.getNodeType() == Node.ATTRIBUTE_NODE) { + Attr attr = (Attr) n; + Element owner = attr.getOwnerElement(); + + if (owner == null) { + if (!isNamespaceDeclaration(attr)) { + return false; + } + } + + if (!nodeSet.contains(owner) && !isNamespaceDeclaration(attr)) { + return false; + } + } + } + + return true; + } + + /** + * Convert an unstructured <code>NodeList</code> into a + * <code>DocumentFragment</code>. + * + * @param nodeList Contains the node list to be converted into a DOM + * DocumentFragment. + * @return the resulting DocumentFragment. The DocumentFragment will be + * backed by a new DOM Document, i.e. all noded of the node list will be + * cloned. + * @throws ParserConfigurationException An error occurred creating the + * DocumentFragment. + * @precondition The nodes in the node list appear in document order + * @precondition for each Attr node in the node list, the owning Element is + * in the node list as well. + * @precondition each Element or Attr node in the node list is namespace + * aware. + */ + public static DocumentFragment nodeList2DocumentFragment(NodeList nodeList) + throws ParserConfigurationException { + + DocumentBuilder builder = + DocumentBuilderFactory.newInstance().newDocumentBuilder(); + Document doc = builder.newDocument(); + DocumentFragment result = doc.createDocumentFragment(); + + if (null == nodeList || nodeList.getLength() == 0) { + return result; + } + + int currPos = 0; + currPos = + nodeList2DocumentFragment(nodeList, currPos, result, null, null) + 1; + + while (currPos < nodeList.getLength()) { + currPos = + nodeList2DocumentFragment(nodeList, currPos, result, null, null) + 1; + } + return result; + } + + /** + * Helper method for the <code>nodeList2DocumentFragment</code>. + * + * @param nodeList The <code>NodeList</code> to convert. + * @param currPos The current position in the <code>nodeList</code>. + * @param result The resulting <code>DocumentFragment</code>. + * @param currOrgElem The current original element. + * @param currClonedElem The current cloned element. + * @return The current position. + */ + private static int nodeList2DocumentFragment( + NodeList nodeList, + int currPos, + DocumentFragment result, + Element currOrgElem, + Element currClonedElem) { + + while (currPos < nodeList.getLength()) { + Node currentNode = nodeList.item(currPos); + switch (currentNode.getNodeType()) { + case Node.COMMENT_NODE : + case Node.PROCESSING_INSTRUCTION_NODE : + case Node.TEXT_NODE : + { + // Append current node either to resulting DocumentFragment or to + // current cloned Element + if (null == currClonedElem) { + result.appendChild( + result.getOwnerDocument().importNode(currentNode, false)); + } else { + // Stop processing if current Node is not a descendant of + // current Element + if (!isAncestor(currOrgElem, currentNode)) { + return --currPos; + } + + currClonedElem.appendChild( + result.getOwnerDocument().importNode(currentNode, false)); + } + break; + } + + case Node.ELEMENT_NODE : + { + Element nextCurrOrgElem = (Element) currentNode; + Element nextCurrClonedElem = + result.getOwnerDocument().createElementNS( + nextCurrOrgElem.getNamespaceURI(), + nextCurrOrgElem.getNodeName()); + + // Append current Node either to resulting DocumentFragment or to + // current cloned Element + if (null == currClonedElem) { + result.appendChild(nextCurrClonedElem); + currOrgElem = nextCurrOrgElem; + currClonedElem = nextCurrClonedElem; + } else { + // Stop processing if current Node is not a descendant of + // current Element + if (!isAncestor(currOrgElem, currentNode)) { + return --currPos; + } + + currClonedElem.appendChild(nextCurrClonedElem); + } + + // Process current Node (of type Element) recursively + currPos = + nodeList2DocumentFragment( + nodeList, + ++currPos, + result, + nextCurrOrgElem, + nextCurrClonedElem); + + break; + } + + case Node.ATTRIBUTE_NODE : + { + Attr currAttr = (Attr) currentNode; + + // GK 20030411: Hack to overcome problems with IAIK IXSIL + if (currAttr.getOwnerElement() == null) + break; + if (currClonedElem == null) + break; + + // currClonedElem must be the owner Element of currAttr if + // preconditions are met + currClonedElem.setAttributeNS( + currAttr.getNamespaceURI(), + currAttr.getNodeName(), + currAttr.getValue()); + break; + } + + default : + { + // All other nodes will be ignored + } + } + + currPos++; + } + + return currPos; + } + + /** + * Check, if the given attribute is a namespace declaration. + * + * @param attr The attribute to check. + * @return <code>true</code>, if the attribute is a namespace declaration, + * <code>false</code> otherwise. + */ + private static boolean isNamespaceDeclaration(Attr attr) { + return Constants.XMLNS_NS_URI.equals(attr.getNamespaceURI()); + } + + /** + * Check, if a given DOM element is an ancestor of a given node. + * + * @param candAnc The DOM element to check for being the ancestor. + * @param cand The node to check for being the child. + * @return <code>true</code>, if <code>candAnc</code> is an (indirect) + * ancestor of <code>cand</code>; <code>false</code> otherwise. + */ + public static boolean isAncestor(Element candAnc, Node cand) { + Node currPar = cand.getParentNode(); + + while (currPar != null) { + if (candAnc == currPar) + return true; + currPar = currPar.getParentNode(); + } + return false; + } + + /** + * Selects the (first) element from a node list and returns it. + * + * @param nl The NodeList to get the element from. + * @return The (first) element included in the node list or <code>null</code> + * if the node list is <code>null</code> or empty or no element is + * included in the list. + */ + public static Element getElementFromNodeList (NodeList nl) { + if ((nl == null) || (nl.getLength() == 0)) { + return null; + } + for (int i=0; i<nl.getLength(); i++) { + Node node = nl.item(i); + if (node.getNodeType() == Node.ELEMENT_NODE) { + return (Element)node; + } + } + return null; + } + + /** + * Returns all child elements of the given element. + * + * @param parent The element to get the child elements from. + * + * @return A list including all child elements of the given element. + * Maybe empty if the parent element has no child elements. + */ + public static List getChildElements (Element parent) { + Vector v = new Vector(); + NodeList nl = parent.getChildNodes(); + int length = nl.getLength(); + for (int i=0; i < length; i++) { + Node node = nl.item(i); + if (node.getNodeType() == Node.ELEMENT_NODE) { + v.add((Element)node); + } + } + return v; + } + + /** + * Returns a byte array from given node. + * @param node + * @return + * @throws TransformerException + */ + public static byte[] nodeToByteArray(Node node) throws TransformerException { + Source source = new DOMSource(node); + ByteArrayOutputStream out = new ByteArrayOutputStream(); + //StringWriter stringWriter = new StringWriter(); + Result result = new StreamResult(out); + TransformerFactory factory = TransformerFactory.newInstance(); + Transformer transformer = factory.newTransformer(); + transformer.transform(source, result); + return out.toByteArray(); + } + + +} diff --git a/common/src/main/java/at/gv/egovernment/moa/util/DateTimeUtils.java b/common/src/main/java/at/gv/egovernment/moa/util/DateTimeUtils.java new file mode 100644 index 000000000..d70073db8 --- /dev/null +++ b/common/src/main/java/at/gv/egovernment/moa/util/DateTimeUtils.java @@ -0,0 +1,400 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.util; + +import java.io.StringWriter; +import java.text.ParseException; +import java.text.SimpleDateFormat; +import java.util.Calendar; +import java.util.Date; +import java.util.GregorianCalendar; +import java.util.TimeZone; + +/** + * Utility for parsing and building XML type <code>dateTime</code>, + * according to ISO 8601. + * + * @author Patrick Peck + * @version $Id$ + * @see <code>http://www.w3.org/2001/XMLSchema-datatypes"</code> + */ +public class DateTimeUtils { + /** Error messages. */ + private static MessageProvider msg = MessageProvider.getInstance(); + + /** + * Builds a <code>dateTime</code> value from a <code>Calendar</code> value. + * @param cal the <code>Calendar</code> value + * @return the <code>dateTime</code> value + */ + public static String buildDateTime(Calendar cal, boolean useUTC) { + + if (useUTC) + return buildDateTimeUTC(cal); + else { + StringWriter out = new StringWriter(); + out.write("" + cal.get(Calendar.YEAR)); + out.write("-"); + out.write(to2DigitString(cal.get(Calendar.MONTH) + 1)); + out.write("-"); + out.write(to2DigitString(cal.get(Calendar.DAY_OF_MONTH))); + out.write("T"); + out.write(to2DigitString(cal.get(Calendar.HOUR_OF_DAY))); + out.write(":"); + out.write(to2DigitString(cal.get(Calendar.MINUTE))); + out.write(":"); + out.write(to2DigitString(cal.get(Calendar.SECOND))); + int tzOffsetMilliseconds = + cal.get(Calendar.ZONE_OFFSET) + cal.get(Calendar.DST_OFFSET); + if (tzOffsetMilliseconds != 0) { + int tzOffsetMinutes = tzOffsetMilliseconds / (1000 * 60); + int tzOffsetHours = tzOffsetMinutes / 60; + tzOffsetMinutes -= tzOffsetHours * 60; + if (tzOffsetMilliseconds > 0) { + out.write("+"); + out.write(to2DigitString(tzOffsetHours)); + out.write(":"); + out.write(to2DigitString(tzOffsetMinutes)); + } else { + out.write("-"); + out.write(to2DigitString(-tzOffsetHours)); + out.write(":"); + out.write(to2DigitString(-tzOffsetMinutes)); + } + } + return out.toString(); + } + } + + /** + * Builds a <code>dateTime</code> value in UTC from a <code>Calendar</code> value. + * @param cal the <code>Calendar</code> value + * @return the <code>dateTime</code> value + */ + public static String buildDateTimeUTC(Calendar cal) { + + SimpleDateFormat f = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'Z'"); + f.setTimeZone(TimeZone.getTimeZone("UTC")); + + return f.format(cal.getTime()); + } + + /** + * Builds a <code>dateTime</code> value from a <code>Calendar</code> value. + * @param cal the <code>Calendar</code> value + * @return the <code>dateTime</code> value + */ + public static String buildDate(Calendar cal) { + StringWriter out = new StringWriter(); + out.write("" + cal.get(Calendar.YEAR)); + out.write("-"); + out.write(to2DigitString(cal.get(Calendar.MONTH) + 1)); + out.write("-"); + out.write(to2DigitString(cal.get(Calendar.DAY_OF_MONTH))); + return out.toString(); + } + + /** + * Builds a <code>dateTime</code> value from a <code>Calendar</code> value. + * @param cal the <code>Calendar</code> value + * @return the <code>dateTime</code> value + */ + public static String buildTime(Calendar cal) { + StringWriter out = new StringWriter(); + out.write(to2DigitString(cal.get(Calendar.HOUR_OF_DAY))); + out.write(":"); + out.write(to2DigitString(cal.get(Calendar.MINUTE))); + out.write(":"); + out.write(to2DigitString(cal.get(Calendar.SECOND))); + + return out.toString(); + } + + /** + * Converts month, day, hour, minute, or second value + * to a 2 digit String. + * @param number the month, day, hour, minute, or second value + * @return 2 digit String + */ + private static String to2DigitString(int number) { + if (number < 10) + return "0" + number; + else + return "" + number; + } + + /** + * Parse a <code>String</code> containing a date and time instant, given in + * ISO 8601 format. + * + * @param dateTime The <code>String</code> to parse. + * @return The <code>Date</code> representation of the contents of + * <code>dateTime</code>. + * @throws ParseException Parsing the <code>dateTime</code> failed. + */ + public static Date parseDateTime(String dateTime) throws ParseException { + GregorianCalendar calendar; + long time; + int yearSign = 1, year, month, day; + int hour, minute, second; + double fraction = 0.0; + int tzSign = 1, tzHour = 0, tzMinute = 0; + int curPos = 0; + String fractStr; + boolean localTime = false; + char c; + + // parse year sign + ensureChars(dateTime, curPos, 1); + c = dateTime.charAt(curPos); + if (c == '+' || c == '-') { + yearSign = c == '+' ? 1 : -1; + curPos++; + } + + // parse year + year = parseInt(dateTime, curPos, 4); + curPos += 4; + + // parse '-' + ensureChar(dateTime, curPos, '-'); + curPos++; + + // parse month + month = parseInt(dateTime, curPos, 2); + ensureValue(month, 1, 12, curPos); + curPos += 2; + + // parse '-' + ensureChar(dateTime, curPos, '-'); + curPos++; + + // parse day + day = parseInt(dateTime, curPos, 2); + ensureValue(day, 1, 31, curPos); + curPos += 2; + + // parse 'T' + ensureChar(dateTime, curPos, 'T'); + curPos++; + + // parse hour + hour = parseInt(dateTime, curPos, 2); + ensureValue(hour, 0, 23, curPos); + curPos += 2; + + // parse ':' + ensureChar(dateTime, curPos, ':'); + curPos++; + + // parse minute + minute = parseInt(dateTime, curPos, 2); + ensureValue(minute, 0, 59, curPos); + curPos += 2; + + // parse ':' + ensureChar(dateTime, curPos, ':'); + curPos++; + + // parse second + second = parseInt(dateTime, curPos, 2); + ensureValue(second, 0, 59, curPos); + curPos += 2; + + // parse a fraction + if (dateTime.length() > curPos && dateTime.charAt(curPos) == '.') { + curPos++; + ensureDigits(dateTime, curPos, 1); + fractStr = "0."; + fractStr + += dateTime.substring(curPos, curPos + countDigits(dateTime, curPos)); + fraction = Double.parseDouble(fractStr); + curPos += countDigits(dateTime, curPos); + } + + // parse a time zone + if (dateTime.length() > curPos) { + c = dateTime.charAt(curPos); + if (c == 'Z') { + curPos++; + } else if (c == '+' || c == '-') { + // parse time zone sign + tzSign = c == '+' ? 1 : -1; + curPos++; + + // parse time zone hour + tzHour = parseInt(dateTime, curPos, 2); + ensureValue(tzHour, 0, 14, curPos); + curPos += 2; + + // parse ':' + ensureChar(dateTime, curPos, ':'); + curPos++; + + // parse time zone minute + tzMinute = parseInt(dateTime, curPos, 2); + ensureValue(tzMinute, 0, 59, curPos); + curPos += 2; + } + } else { + localTime = true; + } + + // if we have characters left, it's an error + if (dateTime.length() != curPos) { + throw new ParseException(msg.getMessage("datetime.00", null), curPos); + } + + // build the Date object + year = year * yearSign; + try { + calendar = new GregorianCalendar(TimeZone.getTimeZone("GMT")); + calendar.set(year, month - 1, day, hour, minute, second); + calendar.set(Calendar.MILLISECOND, 0); + time = calendar.getTime().getTime(); + time += (long) (fraction * 1000.0); + time -= tzSign * ((tzHour * 60) + tzMinute) * 60 * 1000; + if (localTime) { + time -= TimeZone.getDefault().getRawOffset(); + } + return new Date(time); + } catch (IllegalArgumentException e) { + throw new ParseException(msg.getMessage("datetime.00", null), curPos); + } + + } + + /** + * Parse an integer value. + * + * @param str The <code>String</code> containing the digits. + * @param curPos The starting position. + * @param digits The number of digist making up the integer value. + * @return int The integer representation of the digits contained in + * <code>str</code>. + * @throws ParseException Parsing the integer value failed. + */ + private static int parseInt(String str, int curPos, int digits) + throws ParseException { + + ensureDigits(str, curPos, digits); + return Integer.parseInt(str.substring(curPos, curPos + digits)); + } + + /** + * Count the number of digits following <code>curPos</code>. + * + * @param str The <code>String</code> in which to count digits. + * @param curPos The starting position. + * @return int The number of digits. + */ + private static int countDigits(String str, int curPos) { + int i; + + for (i = curPos; i < str.length() && Character.isDigit(str.charAt(i)); i++); + return i - curPos; + } + + /** + * Ensure that a value falls in a given min/max range. + * + * @param value The value to check. + * @param min The minimum allowed value. + * @param max The maximum allowed value. + * @param curPos To indicate the parsing position in the + * <code>ParseException</code>. + * @throws ParseException Thrown, if <code>value < min || value > + * max</code> + */ + private static void ensureValue(int value, int min, int max, int curPos) + throws ParseException { + + if (value < min || value > max) { + throw new ParseException(msg.getMessage("datetime.00", null), curPos); + } + } + + /** + * Ensure that the given <code>String</code> has a number of characters left. + * + * @param str The <code>String</code> to check for its length. + * @param curPos The starting position. + * @param count The minimum number of characters that <code>str</code> must + * contain, starting at from <code>curPos</code>. + * @throws ParseException Thrown, if + * <code>curPos + count > str.length()</code>. + */ + private static void ensureChars(String str, int curPos, int count) + throws ParseException { + if (curPos + count > str.length()) { + throw new ParseException(msg.getMessage("datetime.00", null), curPos); + } + } + + /** + * Ensure that a given <code>String</code> contains a certain character at a + * certain position. + * + * @param str The <code>String</code> in which to look up the character. + * @param curPos The position in <code>str</code> that must contain the + * character. + * @param c The character value that must be contained at position + * <code>curPos</code>. + * @throws ParseException Thrown, if the characters do not match or + * <code>curPos</code> is out of range. + */ + private static void ensureChar(String str, int curPos, char c) + throws ParseException { + + ensureChars(str, curPos, 1); + if (str.charAt(curPos) != c) { + throw new ParseException(msg.getMessage("datetime.00", null), curPos); + } + } + + /** + * Ensure that a given <code>String</code> contains a number of digits, + * starting at a given position. + * + * @param str The <code>String</code> to scan for digits. + * @param curPos The starting postion. + * @param count The number of digits that must be contained in + * <code>str</code>, starting at <code>curPos</code>. + * @throws ParseException Thrown, if <code>str</code> is not long enough, or + * one of the characters following <code>curPos</code> in <code>str</code> is + * not a digit. + */ + private static void ensureDigits(String str, int curPos, int count) + throws ParseException { + + ensureChars(str, curPos, count); + for (int i = curPos; i < curPos + count; i++) { + if (!Character.isDigit(str.charAt(i))) { + throw new ParseException(msg.getMessage("datetime.00", null), curPos); + } + } + } + +} diff --git a/common/src/main/java/at/gv/egovernment/moa/util/EntityResolverChain.java b/common/src/main/java/at/gv/egovernment/moa/util/EntityResolverChain.java new file mode 100644 index 000000000..7213d036b --- /dev/null +++ b/common/src/main/java/at/gv/egovernment/moa/util/EntityResolverChain.java @@ -0,0 +1,76 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.util; + +import java.io.IOException; +import java.util.ArrayList; +import java.util.Iterator; +import java.util.List; + +import org.xml.sax.EntityResolver; +import org.xml.sax.InputSource; +import org.xml.sax.SAXException; + +/** + * Implementation of the <code>org.xml.sax.EntityResolver</code>, + * for use by a <code>org.apache.xerces.parsers.DOMParser</code>. + * + * @author Patrick Peck + * @version $Id$ + */ +public class EntityResolverChain implements EntityResolver { + /** The <code>EntityResolver</code>s in the chain. */ + private List resolvers = new ArrayList(); + + /** + * @see org.xml.sax.EntityResolver#resolveEntity(java.lang.String, java.lang.String) + */ + public InputSource resolveEntity(String publicId, String systemId) + throws SAXException, IOException { + + Iterator iter; + + for (iter = resolvers.iterator(); iter.hasNext(); ) { + EntityResolver resolver = (EntityResolver) iter.next(); + InputSource is = resolver.resolveEntity(publicId, systemId); + + if (is != null) { + return is; + } + } + + return null; + } + + /** + * Add an <code>EntityResolver</code> to the chain. + * + * @param entityResolver The <code>EntityResolver</code> to add. + */ + public void addEntityResolver(EntityResolver entityResolver) { + resolvers.add(entityResolver); + } + +} diff --git a/common/src/main/java/at/gv/egovernment/moa/util/FileUtils.java b/common/src/main/java/at/gv/egovernment/moa/util/FileUtils.java new file mode 100644 index 000000000..7effe8b4f --- /dev/null +++ b/common/src/main/java/at/gv/egovernment/moa/util/FileUtils.java @@ -0,0 +1,140 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.util; + +import java.io.BufferedInputStream; +import java.io.File; +import java.io.FileInputStream; +import java.io.IOException; +import java.io.InputStream; +import java.net.URL; + +/** + * Utility for accessing files on the file system, and for reading from input streams. + * @author Paul Ivancsics + * @version $Id$ + */ +public class FileUtils { + + /** + * Reads a file, given by URL, into a byte array. + * @param urlString file URL + * @return file content + * @throws IOException on any exception thrown + */ + public static byte[] readURL(String urlString) throws IOException { + URL url = new URL(urlString); + InputStream in = new BufferedInputStream(url.openStream()); + byte[] content = StreamUtils.readStream(in); + in.close(); + return content; + } + /** + * Reads a file, given by URL, into a String. + * @param urlString file URL + * @param encoding character encoding + * @return file content + * @throws IOException on any exception thrown + */ + public static String readURL(String urlString, String encoding) throws IOException { + byte[] content = readURL(urlString); + return new String(content, encoding); + } + /** + * Reads a file, given by filename, into a byte array. + * @param filename filename + * @return file content + * @throws IOException on any exception thrown + */ + public static byte[] readFile(String filename) throws IOException { + BufferedInputStream in = new BufferedInputStream(new FileInputStream(filename)); + byte[] content = StreamUtils.readStream(in); + in.close(); + return content; + } + /** + * Reads a file, given by filename, into a String. + * @param filename filename + * @param encoding character encoding + * @return file content + * @throws IOException on any exception thrown + */ + public static String readFile(String filename, String encoding) throws IOException { + byte[] content = readFile(filename); + return new String(content, encoding); + } + /** + * Reads a file from a resource. + * @param name resource name + * @return file content as a byte array + * @throws IOException on any exception thrown + */ + public static byte[] readResource(String name) throws IOException { + ClassLoader cl = FileUtils.class.getClassLoader(); + BufferedInputStream in = new BufferedInputStream(cl.getResourceAsStream(name)); + byte[] content = StreamUtils.readStream(in); + in.close(); + return content; + } + /** + * Reads a file from a resource. + * @param name filename + * @param encoding character encoding + * @return file content + * @throws IOException on any exception thrown + */ + public static String readResource(String name, String encoding) throws IOException { + byte[] content = readResource(name); + return new String(content, encoding); + } + + /** + * Returns the absolute URL of a given url which is relative to the parameter root + * @param url + * @param root + * @return String + */ + public static String makeAbsoluteURL(String url, String root) { + //if url is relative to rootConfigFileDirName make it absolute + + File keyFile; + String newURL = url; + + if(null == url) return null; + + if (url.startsWith("http:/") || url.startsWith("https:/") || url.startsWith("file:/") || url.startsWith("ftp:/")) { + return url; + } else { + // check if absolute - if not make it absolute + keyFile = new File(url); + if (!keyFile.isAbsolute()) { + keyFile = new File(root, url); + newURL = keyFile.getPath(); + } + return newURL; + } + } + +} diff --git a/common/src/main/java/at/gv/egovernment/moa/util/KeyStoreUtils.java b/common/src/main/java/at/gv/egovernment/moa/util/KeyStoreUtils.java new file mode 100644 index 000000000..78fe8a345 --- /dev/null +++ b/common/src/main/java/at/gv/egovernment/moa/util/KeyStoreUtils.java @@ -0,0 +1,158 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.util; + +import iaik.x509.X509Certificate; + +import java.io.File; +import java.io.FileInputStream; +import java.io.IOException; +import java.io.InputStream; +import java.net.URL; +import java.security.GeneralSecurityException; +import java.security.KeyStore; +import java.security.cert.Certificate; + +/** + * Utility for creating and loading key stores. + * + * @author Paul Ivancsics + * @version $Id$ + */ +public class KeyStoreUtils { + + /** + * Loads a key store from file. + * + * @param keystoreType key store type + * @param urlString URL of key store + * @param password password protecting the key store + * @return key store loaded + * @throws IOException thrown while reading the key store from file + * @throws GeneralSecurityException thrown while creating the key store + */ + public static KeyStore loadKeyStore( + String keystoreType, + String urlString, + String password) + throws IOException, GeneralSecurityException { + + URL keystoreURL = new URL(urlString); + InputStream in = keystoreURL.openStream(); + return loadKeyStore(keystoreType, in, password); + } + /** + * Loads a key store from an <code>InputStream</code>, and + * closes the <code>InputStream</code>. + * + * @param keystoreType key store type + * @param in input stream + * @param password password protecting the key store + * @return key store loaded + * @throws IOException thrown while reading the key store from the stream + * @throws GeneralSecurityException thrown while creating the key store + */ + public static KeyStore loadKeyStore( + String keystoreType, + InputStream in, + String password) + throws IOException, GeneralSecurityException { + + char[] chPassword = null; + if (password != null) + chPassword = password.toCharArray(); + KeyStore ks = KeyStore.getInstance(keystoreType); + ks.load(in, chPassword); + in.close(); + return ks; + } + /** + * Creates a key store from X509 certificate files, aliasing them with + * the index in the <code>String[]</code>, starting with <code>"0"</code>. + * + * @param keyStoreType key store type + * @param certFilenames certificate filenames + * @return key store created + * @throws IOException thrown while reading the certificates from file + * @throws GeneralSecurityException thrown while creating the key store + */ + public static KeyStore createKeyStore( + String keyStoreType, + String[] certFilenames) + throws IOException, GeneralSecurityException { + + KeyStore ks = KeyStore.getInstance(keyStoreType); + ks.load(null, null); + for (int i = 0; i < certFilenames.length; i++) { + Certificate cert = loadCertificate(certFilenames[i]); + ks.setCertificateEntry("" + i, cert); + } + return ks; + } + /** + * Creates a key store from a directory containg X509 certificate files, + * aliasing them with the index in the <code>String[]</code>, starting with <code>"0"</code>. + * All the files in the directory are considered to be certificates. + * + * @param keyStoreType key store type + * @param certDirURLString file URL of directory containing certificate filenames + * @return key store created + * @throws IOException thrown while reading the certificates from file + * @throws GeneralSecurityException thrown while creating the key store + */ + public static KeyStore createKeyStoreFromCertificateDirectory( + String keyStoreType, + String certDirURLString) + throws IOException, GeneralSecurityException { + + URL certDirURL = new URL(certDirURLString); + String certDirname = certDirURL.getFile(); + File certDir = new File(certDirname); + String[] certFilenames = certDir.list(); + String separator = + (certDirname.endsWith(File.separator) ? "" : File.separator); + for (int i = 0; i < certFilenames.length; i++) { + certFilenames[i] = certDirname + separator + certFilenames[i]; + } + return createKeyStore(keyStoreType, certFilenames); + } + + /** + * Loads an X509 certificate from file. + * @param certFilename filename + * @return the certificate loaded + * @throws IOException thrown while reading the certificate from file + * @throws GeneralSecurityException thrown while creating the certificate + */ + private static Certificate loadCertificate(String certFilename) + throws IOException, GeneralSecurityException { + + FileInputStream in = new FileInputStream(certFilename); + Certificate cert = new X509Certificate(in); + in.close(); + return cert; + } + +} diff --git a/common/src/main/java/at/gv/egovernment/moa/util/MOADefaultHandler.java b/common/src/main/java/at/gv/egovernment/moa/util/MOADefaultHandler.java new file mode 100644 index 000000000..7a79bd9e5 --- /dev/null +++ b/common/src/main/java/at/gv/egovernment/moa/util/MOADefaultHandler.java @@ -0,0 +1,106 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.util; + +import java.io.IOException; + +import org.xml.sax.EntityResolver; +import org.xml.sax.ErrorHandler; +import org.xml.sax.InputSource; +import org.xml.sax.SAXException; +import org.xml.sax.SAXParseException; +import org.xml.sax.helpers.DefaultHandler; + +/** + * A <code>DefaultHandler</code> that uses a <code>MOAEntityResolver</code> and + * a <code>MOAErrorHandler</code>. + * + * @author Patrick Peck + * @version $Id$ + */ +public class MOADefaultHandler extends DefaultHandler { + /** The <code>EntityResolver</code> to use. */ + private EntityResolver entityResolver; + /** The <code>ErrorHandler</code> to use. */ + private ErrorHandler errorHandler; + + /** + * Create a new <code>MOADefaultHandler</code>. + */ + public MOADefaultHandler() { + entityResolver = new MOAEntityResolver(); + errorHandler = new MOAErrorHandler(); + } + + /** + * Create a new <code>MOADefaultHandler</code>. + * + * @param entityResolver The <code>EntityResolver</code> to use for resolving + * external entities. + * @param errorHandler The <code>ErrorHandler</code> to use for reporting + * parsing errors. + */ + public MOADefaultHandler( + EntityResolver entityResolver, + ErrorHandler errorHandler) { + + this.entityResolver = entityResolver; + this.errorHandler = errorHandler; + } + + /** + * @see org.xml.sax.EntityResolver#resolveEntity(java.lang.String, java.lang.String) + */ + public InputSource resolveEntity(String publicId, String systemId) + throws SAXException { + try { + return entityResolver.resolveEntity(publicId, systemId); + } catch (IOException e) { + return null; + } + } + + /** + * @see org.xml.sax.ErrorHandler#warning(org.xml.sax.SAXParseException) + */ + public void warning(SAXParseException exception) throws SAXException { + errorHandler.warning(exception); + } + + /** + * @see org.xml.sax.ErrorHandler#error(org.xml.sax.SAXParseException) + */ + public void error(SAXParseException exception) throws SAXException { + errorHandler.error(exception); + } + + /** + * @see org.xml.sax.ErrorHandler#fatalError(org.xml.sax.SAXParseException) + */ + public void fatalError(SAXParseException exception) throws SAXException { + errorHandler.fatalError(exception); + } + +} diff --git a/common/src/main/java/at/gv/egovernment/moa/util/MOAEntityResolver.java b/common/src/main/java/at/gv/egovernment/moa/util/MOAEntityResolver.java new file mode 100644 index 000000000..8f3ffd4c6 --- /dev/null +++ b/common/src/main/java/at/gv/egovernment/moa/util/MOAEntityResolver.java @@ -0,0 +1,129 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.util; + +import java.io.InputStream; + +import org.apache.xerces.util.URI; +import org.apache.xerces.util.URI.MalformedURIException; +import org.xml.sax.EntityResolver; +import org.xml.sax.InputSource; + +import at.gv.egovernment.moa.logging.LogMsg; +import at.gv.egovernment.moa.logging.Logger; + +/** + * An <code>EntityResolver</code> that looks up entities stored as + * local resources. + * + * <p>The following DTDs are mapped to local resources: + * <ul> + * <li>The XMLSchema.dtd</li> + * <li>The datatypes.dtd</li> + * </ul> + * </p> + * <p>For all other resources, an attempt is made to resolve them as resources, + * either absolute or relative to <code>Constants.SCHEMA_ROOT</code>. + * + * @author Patrick Peck + * @author Sven Aigner + */ +public class MOAEntityResolver implements EntityResolver { + + /** + * Resolve an entity. + * + * The <code>systemId</code> parameter is used to perform the lookup of the + * entity as a resource, either by interpreting the <code>systemId</code> as + * an absolute resource path, or by appending the last path component of + * <code>systemId</code> to <code>Constants.SCHEMA_ROOT</code>. + * + * @param publicId The public ID of the resource. + * @param systemId The system ID of the resource. + * @return An <code>InputSource</code> from which the entity can be read, or + * <code>null</code>, if the entity could not be found. + * @see org.xml.sax.EntityResolver#resolveEntity(java.lang.String, java.lang.String) + */ + public InputSource resolveEntity(String publicId, String systemId) { + InputStream stream; + int slashPos; + + if (Logger.isDebugEnabled()) { + Logger.debug( + new LogMsg("resolveEntity: p=" + publicId + " s=" + systemId)); + } + + if (publicId != null) { + // check if we can resolve some standard dtd's + if (publicId.equalsIgnoreCase("-//W3C//DTD XMLSchema 200102//EN")) { + return new InputSource( + getClass().getResourceAsStream( + Constants.SCHEMA_ROOT + "XMLSchema.dtd")); + } else if (publicId.equalsIgnoreCase("datatypes")) { + return new InputSource( + getClass().getResourceAsStream( + Constants.SCHEMA_ROOT + "datatypes.dtd")); + } + } else if (systemId != null) { + // get the URI path + try { + URI uri = new URI(systemId); + systemId = uri.getPath(); + + if (!"file".equals(uri.getScheme()) || "".equals(systemId.trim())) { + return null; + } + + } catch (MalformedURIException e) { + return null; + } + + // try to get the resource from the full path + stream = getClass().getResourceAsStream(systemId); + if (stream != null) { + InputSource source = new InputSource(stream); + + source.setSystemId(systemId); + return source; + } + + // try to get the resource from the last path component + slashPos = systemId.lastIndexOf('/'); + if (slashPos >= 0 && systemId.length() > slashPos) { + systemId = systemId.substring(slashPos + 1, systemId.length()); + stream = + getClass().getResourceAsStream(Constants.SCHEMA_ROOT + systemId); + if (stream != null) { + InputSource source = new InputSource(stream); + + source.setSystemId(systemId); + return source; + } + } + } + + return null; // nothing found - let the parser handle the entity + } +}
\ No newline at end of file diff --git a/common/src/main/java/at/gv/egovernment/moa/util/MOAErrorHandler.java b/common/src/main/java/at/gv/egovernment/moa/util/MOAErrorHandler.java new file mode 100644 index 000000000..3769b264d --- /dev/null +++ b/common/src/main/java/at/gv/egovernment/moa/util/MOAErrorHandler.java @@ -0,0 +1,115 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.util; + +import org.apache.xml.utils.DefaultErrorHandler; +import org.xml.sax.SAXException; +import org.xml.sax.SAXParseException; + +import at.gv.egovernment.moa.logging.LogMsg; +import at.gv.egovernment.moa.logging.Logger; + +/** + * An <code>ErrorHandler</code> that logs a message and throws a + * <code>SAXException</code> upon <code>error</code> and <code>fatal</code> + * parsing errors. + * + * @author Patrick Peck + * @author Sven Aigner + */ +public class MOAErrorHandler extends DefaultErrorHandler { + + + /** + * Logs a warning message. + * + * @see org.xml.sax.ErrorHandler#warning(SAXParseException) + */ + public void warning(SAXParseException exception) throws SAXException { + warn("parser.00", messageParams(exception), null); + } + + /** + * Logs a warning and rethrows the <code>exception</code>. + * + * @see org.xml.sax.ErrorHandler#error(SAXParseException) + */ + public void error(SAXParseException exception) throws SAXException { + warn("parser.01", messageParams(exception), null); + + // if Target attribute is missing in QualifyingProperties - don't throw exception (bug fix for old MOCCA signatures) + if (exception.getMessage().startsWith("cvc-complex-type.4: Attribute 'Target' must appear on element")) + warn("parser.04", new Object[] {"Attribute 'Target' must appear on element 'QualifyingProperties' - ignored for compatibility reasons."}, null); + else + throw exception; + } + + /** + * Logs a warning and rethrows the <code>exception</code>. + * + * @see org.xml.sax.ErrorHandler#fatalError(SAXParseException) + */ + public void fatalError(SAXParseException exception) throws SAXException { + warn("parser.02", messageParams(exception), null); + throw exception; + } + + /** + * Log a warning message. + * + * @param messageId The message ID to log. + * @param parameters Additional message parameters. + * @param t The <code>Throwable</code> to log; usually the cause of this + * warning. + */ + private static void warn( + String messageId, + Object[] parameters, + Throwable t) { + + MessageProvider msg = MessageProvider.getInstance(); + Logger.warn(new LogMsg(msg.getMessage(messageId, parameters)), t); + } + + /** + * Put the system id, line and column number information from the exception + * into an <code>Object</code> array, to provide it as a + * <code>MessageFormat</code> parameter. + * + * @param e The <code>SAXParseException</code> containing the + * source system id and line/column numbers. + * @return An array containing the system id (a <code>String</code>) as well + * as line/column numbers (2 <code>Integer</code> objects) from the + * <code>SAXParseException</code>. + */ + private static Object[] messageParams(SAXParseException e) { + return new Object[] { + e.getMessage(), + e.getSystemId(), + new Integer(e.getLineNumber()), + new Integer(e.getColumnNumber())}; + } + +}
\ No newline at end of file diff --git a/common/src/main/java/at/gv/egovernment/moa/util/MOATimer.java b/common/src/main/java/at/gv/egovernment/moa/util/MOATimer.java new file mode 100644 index 000000000..acc380d1d --- /dev/null +++ b/common/src/main/java/at/gv/egovernment/moa/util/MOATimer.java @@ -0,0 +1,134 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.util; + +import java.util.Map; +import java.util.WeakHashMap; + +/** + * A timer utility for named timers. + * + * @author Sven Aigner + */ +public class MOATimer { + + /** The single instance of this class. */ + private static MOATimer instance = null; + /** The starting points of single timings. */ + private static Map timemapstart = new WeakHashMap(); + /** The end points of single timings. */ + private static Map timemapend = new WeakHashMap(); + + /** + * Return the single instance of this class. + * + * @return The single instance of this class. + */ + public static MOATimer getInstance() { + if (instance == null) { + instance = new MOATimer(); + } + return instance; + } + + /** + * Create a new <code>MOATimer</code>. + * + * Protected to disallow multiple instances. + */ + protected MOATimer() { + super(); + } + + /** + * Start timing a certain action. + * + * The timing belonging to the action ID is garbage collected as soon as there + * exists no other reference to the action ID. + * + * @param id The action ID. + */ + public void startTiming(Object id) { + timemapstart.put(id, new Long(System.currentTimeMillis())); + } + + /** + * Stop timing an action. + * + * @param id The action ID. + */ + public void stopTiming(Object id) { + timemapend.put(id, new Long(System.currentTimeMillis())); + } + + /** + * Get the duration of an action. + * + * @param id The action ID for which to compute the duration. + * @return long The duration in milliseconds between calls to + * <code>startTiming()</code> and <code>stopTiming()</code>. If + * only <code>startTiming()</code> has been called for the action, then + * current difference to the system time is returned. If no timing exists for + * the action, <code>- 1</code> is returned. + */ + public long duration(Object id) { + if (timemapstart.containsKey(id)) { + long start = ((Long) timemapstart.get(id)).longValue(); + if (timemapend.containsKey(id)) { + long end = ((Long) timemapend.get(id)).longValue(); + return end - start; + } else { + return System.currentTimeMillis() - start; + } + } else + return -1; + } + + /** + * Get the duration of an action, as a nicely formatted <code>String</code>. + * + * @param id The action ID. + * @return String The <code>duration()</code> as a <code>String</code>. + */ + public String durationAsString(Object id) { + long dur = duration(id); + long second = dur / 1000; + long mil = (dur) - (second * 1000); + return "Duration: " + second + "." + mil + " seconds"; + } + + /** + * Remove a timing. + * + * @param id The action ID. + */ + public void clearTiming(String id) { + if (timemapstart.containsKey(id)) + timemapstart.remove(id); + if (timemapend.containsKey(id)) + timemapend.remove(id); + } + +} diff --git a/common/src/main/java/at/gv/egovernment/moa/util/MessageProvider.java b/common/src/main/java/at/gv/egovernment/moa/util/MessageProvider.java new file mode 100644 index 000000000..1623ff1b3 --- /dev/null +++ b/common/src/main/java/at/gv/egovernment/moa/util/MessageProvider.java @@ -0,0 +1,87 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.util; + +import java.util.Locale; + +/** + * A singleton wrapper around a <code>Message</code> object. + * + * Provides the messages used in the common project. + * + * @author Patrick Peck + * @version $Id$ + */ +public class MessageProvider { + /** The location of the default message resources. */ + private static final String[] DEFAULT_MESSAGE_RESOURCES = + { "resources/properties/common_messages" }; + /** The locale of the default message resources. */ + private static final Locale[] DEFAULT_MESSAGE_LOCALES = + new Locale[] { new Locale("de", "AT") }; + /** The single instance of this class. */ + private static MessageProvider instance; + + /** The messages provided by this <code>MessageProvider</code>. */ + private Messages messages; + + /** + * Return the single instance of the <code>MessageProvider</code>. + * + * Intialilizes the <code>MessageProvider</code> with the default message + * locations: <code>/resources/properties/common_messages</code>. + * + * @return The single <code>MessageProvider</code>. + */ + public static synchronized MessageProvider getInstance() { + if (instance == null) { + instance = + new MessageProvider(DEFAULT_MESSAGE_RESOURCES, DEFAULT_MESSAGE_LOCALES); + } + return instance; + } + + /** + * Create a <code>MessageProvider</code>. + * + * @param resourceNames The names of the resources containing the messages. + * @param locales The corresponding locales. + */ + protected MessageProvider(String[] resourceNames, Locale[] locales) { + this.messages = new Messages(resourceNames, locales); + } + + /** + * Get the message corresponding to a given message ID. + * + * @param messageId The ID of the message. + * @param parameters The parameters to fill in into the message arguments. + * @return The formatted message. + */ + public String getMessage(String messageId, Object[] parameters) { + return messages.getMessage(messageId, parameters); + } + +} diff --git a/common/src/main/java/at/gv/egovernment/moa/util/Messages.java b/common/src/main/java/at/gv/egovernment/moa/util/Messages.java new file mode 100644 index 000000000..94dc3ab47 --- /dev/null +++ b/common/src/main/java/at/gv/egovernment/moa/util/Messages.java @@ -0,0 +1,141 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.util; + +import java.text.MessageFormat; +import java.util.Locale; +import java.util.MissingResourceException; +import java.util.PropertyResourceBundle; + +import at.gv.egovernment.moa.logging.Logger; + +/** + * Provides access to the system messages resource used for exception handling + * and logging messages. + * + * Messages must be provided as a resource bundle at the path. + * + * @author Patrick Peck + * @version $Id$ + */ +public class Messages { + /** Error message indicating that no messages are avaiable. */ + private static final String ERROR_MESSAGES_UNAVAILABLE = + "Fehler in der Server-Konfiguration. " + + "Die Fehlertexte konnten nicht geladen werden."; + /** Error message indicating that the message is not available. */ + private static final String ERROR_NO_MESSAGE = + "Keine Fehlermeldung für Fehler-Nr.={0}"; + + /** The names of the resources containing the messages. */ + private String[] resourceNames; + /** The corresponding <code>Locale</code>s of the resources. */ + private Locale[] locales; + /** The <code>ResourceBundle</code>s containing the messages. */ + private ResourceBundleChain messages; + + /** + * Create a new <code>Message</code> object containing the messages + * in the given resources. + * + * @param resourceNames The names of the resources containing the messages. + * @param locales The corresponding locales. + */ + public Messages(String[] resourceNames, Locale[] locales) { + this.resourceNames = resourceNames; + this.locales = locales; + this.messages = null; + } + + /** + * Get the message corresponding to a given message ID. + * + * @param messageId The ID of the message. + * @param parameters The parameters to fill in into the message arguments. + * @return The formatted message. + */ + public String getMessage(String messageId, Object[] parameters) { + // initialize messages + if (messages == null) { + initMessages(); + } + + // create the message + if (messages == null) { + return ERROR_MESSAGES_UNAVAILABLE; + } else { + try { + String rawMessage = messages.getString(messageId); + return MessageFormat.format(rawMessage, parameters); + } catch (MissingResourceException e2) { + // couldn't find any message -> set to default error message + return MessageFormat.format( + ERROR_NO_MESSAGE, + new Object[] { messageId }); + } + } + } + + /** + * Return the names of the resources containing the messages. + * + * @return String[] The names of the resource bundles containing the messages. + */ + private String[] getResourceNames() { + return resourceNames; + } + + /** + * Return the <code>Locale</code>s of the resources containing the messages. + * + * @return Locale[] The <code>Locale</code>s of the resource bundles + * containing the messages. + */ + private Locale[] getLocales() { + return locales; + } + + /** + * Initialize the <code>messages</code> <code>ResourceBundle</code> containing + * the MOA error messages. + */ + private void initMessages() { + messages = new ResourceBundleChain(); + int i; + + // initialize the message resources + for (i = 0; i < resourceNames.length; i++) { + try { + messages.addResourceBundle( + PropertyResourceBundle.getBundle( + getResourceNames()[i], + getLocales()[i])); + } catch (MissingResourceException e) { + Logger.error(ERROR_MESSAGES_UNAVAILABLE, e); + } + } + } + +} diff --git a/common/src/main/java/at/gv/egovernment/moa/util/NodeIteratorAdapter.java b/common/src/main/java/at/gv/egovernment/moa/util/NodeIteratorAdapter.java new file mode 100644 index 000000000..fdc823229 --- /dev/null +++ b/common/src/main/java/at/gv/egovernment/moa/util/NodeIteratorAdapter.java @@ -0,0 +1,111 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.util; + +import java.util.ListIterator; + +import org.w3c.dom.DOMException; +import org.w3c.dom.Node; +import org.w3c.dom.traversal.NodeFilter; +import org.w3c.dom.traversal.NodeIterator; + +/** + * A <code>NodeIterator</code> implementation based on a + * <code>ListIterator</code>. + * + * @see java.util.ListIterator + * @see org.w3c.dom.traversal.NodeIterator + * + * @author Patrick Peck + * @version $Id$ + */ +public class NodeIteratorAdapter implements NodeIterator { + + /** The <code>ListIterator</code> to wrap. */ + private ListIterator nodeIterator; + + /** + * Create a new <code>NodeIteratorAdapter</code>. + * @param nodeIterator The <code>ListIterator</code> to iterate over. + */ + public NodeIteratorAdapter(ListIterator nodeIterator) { + this.nodeIterator = nodeIterator; + } + + /** + * @see org.w3c.dom.traversal.NodeIterator#getRoot() + */ + public Node getRoot() { + return null; + } + + /** + * @see org.w3c.dom.traversal.NodeIterator#getWhatToShow() + */ + public int getWhatToShow() { + return NodeFilter.SHOW_ALL; + } + + /** + * @see org.w3c.dom.traversal.NodeIterator#getFilter() + */ + public NodeFilter getFilter() { + return null; + } + + /** + * @see org.w3c.dom.traversal.NodeIterator#getExpandEntityReferences() + */ + public boolean getExpandEntityReferences() { + return false; + } + + /** + * @see org.w3c.dom.traversal.NodeIterator#nextNode() + */ + public Node nextNode() throws DOMException { + if (nodeIterator.hasNext()) { + return (Node) nodeIterator.next(); + } + return null; + } + + /** + * @see org.w3c.dom.traversal.NodeIterator#previousNode() + */ + public Node previousNode() throws DOMException { + if (nodeIterator.hasPrevious()) { + return (Node) nodeIterator.previous(); + } + return null; + } + + /** + * @see org.w3c.dom.traversal.NodeIterator#detach() + */ + public void detach() { + } + +} diff --git a/common/src/main/java/at/gv/egovernment/moa/util/NodeListAdapter.java b/common/src/main/java/at/gv/egovernment/moa/util/NodeListAdapter.java new file mode 100644 index 000000000..e39cc0291 --- /dev/null +++ b/common/src/main/java/at/gv/egovernment/moa/util/NodeListAdapter.java @@ -0,0 +1,68 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.util; + +import java.util.List; + +import org.w3c.dom.Node; +import org.w3c.dom.NodeList; + +/** + * A <code>NodeList</code> implementation based on a <code>List</code>. + * + * @see java.util.List + * @see org.w3c.dom.NodeList + * + * @author Patrick Peck + * @version $Id$ + */ +public class NodeListAdapter implements NodeList { + /** The <code>List</code> to wrap. */ + private List nodeList; + + /** + * Create a new <code>NodeListAdapter</code>. + * + * @param nodeList The <code>List</code> containing the nodes. + */ + public NodeListAdapter(List nodeList) { + this.nodeList = nodeList; + } + + /** + * @see org.w3c.dom.NodeList#item(int) + */ + public Node item(int index) { + return (Node) nodeList.get(index); + } + + /** + * @see org.w3c.dom.NodeList#getLength() + */ + public int getLength() { + return nodeList.size(); + } + +} diff --git a/common/src/main/java/at/gv/egovernment/moa/util/OutputXML2File.java b/common/src/main/java/at/gv/egovernment/moa/util/OutputXML2File.java new file mode 100644 index 000000000..e3f8f75a1 --- /dev/null +++ b/common/src/main/java/at/gv/egovernment/moa/util/OutputXML2File.java @@ -0,0 +1,102 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +/* + * Created on 26.04.2004 + * + * @author rschamberger + * $ID$ + */ +package at.gv.egovernment.moa.util; + +import org.w3c.dom.Element; + +import at.gv.egovernment.moa.logging.Logger; + +/** + * utility functions to write XML data to files + * @author rschamberger + * @version $Id$ + */ +public class OutputXML2File { + + /** + * writes an XML structure to file if debug is enabled in hierarchy (Encoding: UTF-8) + * + * @param filename file name + * @param rootElem root element in DOM tree + * @param hierarchy of the Logger + */ + public static void debugOutputXML2File(String filename, Element rootElem, String hierarchy) { + if (Logger.isDebugEnabled(hierarchy)) { + outputXML2File(filename, rootElem); + } + } + + /** + * writes an XML structure to file if debug is enabled in hierarchy (Encoding: UTF-8) + * + * @param filename file name + * @param xmlString XML string + * @param hierarchy of the Logger + */ + public static void debugOutputXML2File(String filename, String xmlString, String hierarchy) { + if (Logger.isDebugEnabled(hierarchy)) { + outputXML2File(filename, xmlString); + } + } + + /** + * writes an XML structure to file (Encoding: UTF-8) + * + * @param filename file name + * @param rootElem root element in DOM tree + */ + public static void outputXML2File(String filename, Element rootElem) { + try { + String xmlString = new String(DOMUtils.serializeNode(rootElem)); + outputXML2File(filename, xmlString); + } catch (Exception ex) { + ex.printStackTrace(); + } + } + + /** + * writes an XML structure to file (Encoding: UTF-8) + * + * @param filename file name + * @param xmlString XML string + */ + public static void outputXML2File(String filename, String xmlString) { + try { + java.io.OutputStream fout = new java.io.FileOutputStream(filename); + byte[] xmlData = xmlString.getBytes("UTF-8"); + fout.write(xmlData); + fout.close(); + } catch (Exception ex) { + ex.printStackTrace(); + } + } + +} diff --git a/common/src/main/java/at/gv/egovernment/moa/util/ResourceBundleChain.java b/common/src/main/java/at/gv/egovernment/moa/util/ResourceBundleChain.java new file mode 100644 index 000000000..234ed89df --- /dev/null +++ b/common/src/main/java/at/gv/egovernment/moa/util/ResourceBundleChain.java @@ -0,0 +1,90 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.util; + +import java.util.ArrayList; +import java.util.Iterator; +import java.util.List; +import java.util.MissingResourceException; +import java.util.ResourceBundle; + +/** + * A class to chain <code>ResourceBundle</code>s. + * + * @author Patrick Peck + * @version $Id$ + */ +public class ResourceBundleChain { + /** Error message indicating the resource is not available. */ + private static final String ERROR_MISSING_RESOURCE = "Missing resource"; + /** The <code>ResourceBundle</code>s contained in this chain. */ + private List resourceBundles = new ArrayList(); + + /** + * Add a <code>ResourceBundle</code> to the chain. + * + * @param resourceBundle The <code>ResourceBundle</code> to add. + */ + public void addResourceBundle(ResourceBundle resourceBundle) { + resourceBundles.add(resourceBundle); + } + + /** + * Return the value of the resource. + * + * @param key The key to access the <code>String</code> resource. + * @return The resource value. All the registered <code>ResourceBundle</code>s + * are searched in the order in which they have previously been added to this + * <code>ResourceBundleChain</code>. + * @throws MissingResourceException The resource coult not be found in any of + * the bundles. + */ + public String getString(String key) throws MissingResourceException { + MissingResourceException lastException = null; + Iterator iter; + + // handle case where no resource bundles have been added + if (resourceBundles.size() == 0) { + throw new MissingResourceException( + ERROR_MISSING_RESOURCE, + this.getClass().getName(), + key); + } + + // try to find the resource in one of the bundles; if it cannot be found, + // return the exception thrown by the last bundle in the list + for (iter = resourceBundles.iterator(); iter.hasNext();) { + ResourceBundle resourceBundle = (ResourceBundle) iter.next(); + try { + String value = resourceBundle.getString(key); + return value; + } catch (MissingResourceException e) { + lastException = e; + } + } + throw lastException; + } + +} diff --git a/common/src/main/java/at/gv/egovernment/moa/util/SSLUtils.java b/common/src/main/java/at/gv/egovernment/moa/util/SSLUtils.java new file mode 100644 index 000000000..c2c67ec58 --- /dev/null +++ b/common/src/main/java/at/gv/egovernment/moa/util/SSLUtils.java @@ -0,0 +1,244 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.util; + +import java.io.IOException; +import java.io.InputStream; +import java.security.GeneralSecurityException; +import java.security.KeyStore; + +import javax.net.ssl.KeyManager; +import javax.net.ssl.KeyManagerFactory; +import javax.net.ssl.SSLContext; +import javax.net.ssl.SSLSocketFactory; +import javax.net.ssl.TrustManager; +import javax.net.ssl.TrustManagerFactory; + +/** + * Utility for connecting to server applications via SSL. + * + * @author Paul Ivancsics + * @version $Id$ + */ +public class SSLUtils { + + /** + * Creates an <code>SSLSocketFactory</code> which utilizes the given trust store. + * + * @param trustStoreType key store type of trust store + * @param trustStoreInputStream input stream for reading JKS trust store containing + * trusted server certificates; if <code>null</code>, the default + * trust store will be utilized + * @param trustStorePassword if provided, it will be used to check + * the integrity of the trust store; if omitted, it will not be checked + * @return <code>SSLSocketFactory</code> to be used by an <code>HttpsURLConnection</code> + * @throws IOException thrown while reading from the input stream + * @throws GeneralSecurityException thrown while creating the socket factory + */ + public static SSLSocketFactory getSSLSocketFactory( + String trustStoreType, + InputStream trustStoreInputStream, + String trustStorePassword) + throws IOException, GeneralSecurityException { + + TrustManager[] tms = getTrustManagers(trustStoreType, trustStoreInputStream, trustStorePassword); + SSLContext ctx = SSLContext.getInstance("TLS"); + ctx.init(null, tms, null); + + SSLSocketFactory sf = ctx.getSocketFactory(); + return sf; + } + /** + * Creates an <code>SSLSocketFactory</code> which utilizes the + * given trust store and keystore. + * + * @param trustStore trust store containing trusted server certificates; + * if <code>null</code>, the default trust store will be utilized + * @param clientKeyStoreType key store type of <code>clientKeyStore</code> + * @param clientKeyStoreURL URL of key store containing keys to be used for + * client authentication; if <code>null</code>, the default key store will be utilized + * @param clientKeyStorePassword if provided, it will be used to check + * the integrity of the client key store; if omitted, it will not be checked + * @return <code>SSLSocketFactory</code> to be used by an <code>HttpsURLConnection</code> + * @throws IOException thrown while reading key store file + * @throws GeneralSecurityException thrown while creating the socket factory + */ + public static SSLSocketFactory getSSLSocketFactory( + KeyStore trustStore, + String clientKeyStoreType, + String clientKeyStoreURL, + String clientKeyStorePassword) + throws IOException, GeneralSecurityException { + + SSLContext ctx = getSSLContext( + trustStore, clientKeyStoreType, clientKeyStoreURL, clientKeyStorePassword); + SSLSocketFactory sf = ctx.getSocketFactory(); + return sf; + } + /** + * Creates an <code>SSLContext</code> initialized for the + * given trust store and keystore. + * + * @param trustStore trust store containing trusted server certificates; + * if <code>null</code>, the default trust store will be utilized + * @param clientKeyStoreType key store type of <code>clientKeyStore</code> + * @param clientKeyStoreURL URL of key store containing keys to be used for + * client authentication; if <code>null</code>, the default key store will be utilized + * @param clientKeyStorePassword if provided, it will be used to check + * the integrity of the client key store; if omitted, it will not be checked + * @return <code>SSLContext</code> to be used for creating an <code>SSLSocketFactory</code> + * @throws IOException thrown while reading key store file + * @throws GeneralSecurityException thrown while creating the SSL context + */ + public static SSLContext getSSLContext( + KeyStore trustStore, + String clientKeyStoreType, + String clientKeyStoreURL, + String clientKeyStorePassword) + throws IOException, GeneralSecurityException { + + TrustManager[] tms = getTrustManagers(trustStore); + KeyManager[] kms = getKeyManagers(clientKeyStoreType, clientKeyStoreURL, clientKeyStorePassword); + SSLContext ctx = SSLContext.getInstance("TLS"); + ctx.init(kms, tms, null); + return ctx; + } + /** + * Loads the trust store from an input stream and gets the + * <code>TrustManager</code>s from a default <code>TrustManagerFactory</code>, + * initialized from the given trust store. + * @param trustStoreType key store type of trust store + * @param trustStoreInputStream input stream for reading JKS trust store containing + * trusted server certificates; if <code>null</code>, the default + * trust store will be utilized + * @param trustStorePassword if provided, it will be used to check + * the integrity of the trust store; if omitted, it will not be checked + * @return <code>TrustManager</code>s to be used for creating an + * <code>SSLSocketFactory</code> utilizing the given trust store + * @throws IOException thrown while reading from the input stream + * @throws GeneralSecurityException thrown while initializing the + * default <code>TrustManagerFactory</code> + */ + protected static TrustManager[] getTrustManagers( + String trustStoreType, + InputStream trustStoreInputStream, + String trustStorePassword) + throws IOException, GeneralSecurityException { + + if (trustStoreInputStream == null) + return null; + + // Set up the TrustStore to use. We need to load the file into + // a KeyStore instance. + KeyStore trustStore = KeyStoreUtils.loadKeyStore(trustStoreType, trustStoreInputStream, trustStorePassword); + return getTrustManagers(trustStore); + } + /** + * Gets the <code>TrustManager</code>s from a default <code>TrustManagerFactory</code>, + * initialized from the given trust store. + * + * @param trustStore the trust store to use + * @return <code>TrustManager</code>s to be used for creating an + * <code>SSLSocketFactory</code> utilizing the given trust store + * @throws GeneralSecurityException thrown while initializing the + * default <code>TrustManagerFactory</code> + */ + protected static TrustManager[] getTrustManagers(KeyStore trustStore) + throws GeneralSecurityException { + + if (trustStore == null) + return null; + + // Initialize the default TrustManagerFactory with this KeyStore + String alg=TrustManagerFactory.getDefaultAlgorithm(); + TrustManagerFactory tmFact=TrustManagerFactory.getInstance(alg); + tmFact.init(trustStore); + + // And now get the TrustManagers + TrustManager[] tms=tmFact.getTrustManagers(); + return tms; + } + /** + * Loads the client key store from file and gets the + * <code>KeyManager</code>s from a default <code>KeyManagerFactory</code>, + * initialized from the given client key store. + * @param clientKeyStoreType key store type of <code>clientKeyStore</code> + * @param clientKeyStoreURL URL of key store containing keys to be used for + * client authentication; if <code>null</code>, the default key store will be utilized + * @param clientKeyStorePassword password used to check the integrity of the client key store; + * if <code>null</code>, it will not be checked + * @return <code>KeyManager</code>s to be used for creating an + * <code>SSLSocketFactory</code> utilizing the given client key store + * @throws IOException thrown while reading from the key store file + * @throws GeneralSecurityException thrown while initializing the + * default <code>KeyManagerFactory</code> + */ + public static KeyManager[] getKeyManagers ( + String clientKeyStoreType, + String clientKeyStoreURL, + String clientKeyStorePassword) + throws IOException, GeneralSecurityException { + + if (clientKeyStoreURL == null) + return null; + + // Set up the KeyStore to use. We need to load the file into + // a KeyStore instance. + KeyStore clientKeyStore = KeyStoreUtils.loadKeyStore( + clientKeyStoreType, clientKeyStoreURL, clientKeyStorePassword); + return getKeyManagers(clientKeyStore, clientKeyStorePassword); + } + /** + * Gets the <code>KeyManager</code>s from a default <code>KeyManagerFactory</code>, + * initialized from the given client key store. + * @param clientKeyStore client key store + * @param clientKeyStorePassword if provided, it will be used to check + * the integrity of the client key store; if omitted, it will not be checked + * @return <code>KeyManager</code>s to be used for creating an + * <code>SSLSocketFactory</code> utilizing the given client key store + * @throws GeneralSecurityException thrown while initializing the + * default <code>KeyManagerFactory</code> + */ + public static KeyManager[] getKeyManagers ( + KeyStore clientKeyStore, + String clientKeyStorePassword) + throws GeneralSecurityException { + + if (clientKeyStore == null) + return null; + + // Now we initialize the default KeyManagerFactory with this KeyStore + String alg=KeyManagerFactory.getDefaultAlgorithm(); + KeyManagerFactory kmFact=KeyManagerFactory.getInstance(alg); + char[] password = null; + if (clientKeyStorePassword != null) + password = clientKeyStorePassword.toCharArray(); + kmFact.init(clientKeyStore, password); + + // And now get the KeyManagers + KeyManager[] kms=kmFact.getKeyManagers(); + return kms; + } +} diff --git a/common/src/main/java/at/gv/egovernment/moa/util/StreamEntityResolver.java b/common/src/main/java/at/gv/egovernment/moa/util/StreamEntityResolver.java new file mode 100644 index 000000000..b3bc8ae47 --- /dev/null +++ b/common/src/main/java/at/gv/egovernment/moa/util/StreamEntityResolver.java @@ -0,0 +1,88 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.util; + +import java.io.IOException; +import java.io.InputStream; +import java.util.Map; + +import org.xml.sax.EntityResolver; +import org.xml.sax.InputSource; +import org.xml.sax.SAXException; + +/** + * An <code>EntityResolver</code> that maps system IDs to + * <code>InputStream</code>s. + * + * @author Patrick Peck + * @version $Id$ + */ +public class StreamEntityResolver implements EntityResolver { + + /** A mapping from Public ID or System ID to an <code>InputStream</code> + * containing the entity. */ + private Map mappedEntities; + + /** + * Create a <code>StreamEntityResolver</code>. + * + * @param mappedEntities A mapping from public or system IDs + * (<code>String</code> objects) to <code>InputStream</code>s. + */ + public StreamEntityResolver(Map mappedEntities) { + this.mappedEntities = mappedEntities; + } + + /** + * Resolve an entity by looking it up in the mapped entities. + * + * First, the public ID is looked up in the mapping, then the system ID. + * + * @param publicId The public ID of the entity. + * @param systemId The system ID of the entity. + * @return An <code>InputStream</code> containing the entity or + * <code>null</code> if no entity could be found. + * @throws SAXException Signalling a parsing exception. + * @throws IOException Error reading the entity. + */ + public InputSource resolveEntity(String publicId, String systemId) + throws SAXException, IOException { + + InputSource src = null; + + if (publicId != null && mappedEntities.get(publicId) != null) { + src = new InputSource((InputStream) mappedEntities.get(publicId)); + } else if (systemId != null && mappedEntities.get(systemId) != null) { + src = new InputSource((InputStream) mappedEntities.get(systemId)); + } + + if (src != null) { + src.setPublicId(publicId); + src.setSystemId(systemId); + } + + return src; + } +} diff --git a/common/src/main/java/at/gv/egovernment/moa/util/StreamUtils.java b/common/src/main/java/at/gv/egovernment/moa/util/StreamUtils.java new file mode 100644 index 000000000..e4ccd127f --- /dev/null +++ b/common/src/main/java/at/gv/egovernment/moa/util/StreamUtils.java @@ -0,0 +1,197 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.util; + +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.io.InputStream; +import java.io.OutputStream; +import java.io.PrintStream; + +/** + * Utility methods for streams. + * + * @author Patrick Peck + * @version $Id$ + */ +public class StreamUtils { + + /** + * Compare the contents of two <code>InputStream</code>s. + * + * @param is1 The 1st <code>InputStream</code> to compare. + * @param is2 The 2nd <code>InputStream</code> to compare. + * @return boolean <code>true</code>, if both streams contain the exactly the + * same content, <code>false</code> otherwise. + * @throws IOException An error occurred reading one of the streams. + */ + public static boolean compareStreams(InputStream is1, InputStream is2) + throws IOException { + + byte[] buf1 = new byte[256]; + byte[] buf2 = new byte[256]; + int length1; + int length2; + + try { + while (true) { + length1 = is1.read(buf1); + length2 = is2.read(buf2); + + if (length1 != length2) { + return false; + } + if (length1 <= 0) { + return true; + } + if (!compareBytes(buf1, buf2, length1)) { + return false; + } + } + } catch (IOException e) { + throw e; + } finally { + // close both streams + try { + is1.close(); + is2.close(); + } catch (IOException e) { + // ignore this + } + } + } + + /** + * Compare two byte arrays, up to a given maximum length. + * + * @param b1 1st byte array to compare. + * @param b2 2nd byte array to compare. + * @param length The maximum number of bytes to compare. + * @return <code>true</code>, if the byte arrays are equal, <code>false</code> + * otherwise. + */ + private static boolean compareBytes(byte[] b1, byte[] b2, int length) { + if (b1.length != b2.length) { + return false; + } + + for (int i = 0; i < b1.length && i < length; i++) { + if (b1[i] != b2[i]) { + return false; + } + } + + return true; + } + + /** + * Reads a byte array from a stream. + * @param in The <code>InputStream</code> to read. + * @return The bytes contained in the given <code>InputStream</code>. + * @throws IOException on any exception thrown + */ + public static byte[] readStream(InputStream in) throws IOException { + + ByteArrayOutputStream out = new ByteArrayOutputStream(); + copyStream(in, out, null); + + /* + ByteArrayOutputStream out = new ByteArrayOutputStream(); + int b; + while ((b = in.read()) >= 0) + out.write(b); + + */ + in.close(); + return out.toByteArray(); + } + + /** + * Reads a <code>String</code> from a stream, using given encoding. + * @param in The <code>InputStream</code> to read. + * @param encoding The character encoding to use for converting the bytes + * of the <code>InputStream</code> into a <code>String</code>. + * @return The content of the given <code>InputStream</code> converted into + * a <code>String</code>. + * @throws IOException on any exception thrown + */ + public static String readStream(InputStream in, String encoding) throws IOException { + ByteArrayOutputStream out = new ByteArrayOutputStream(); + copyStream(in, out, null); + + /* + ByteArrayOutputStream out = new ByteArrayOutputStream(); + int b; + while ((b = in.read()) >= 0) + out.write(b); + */ + in.close(); + return out.toString(encoding); + } + + /** + * Reads all data (until EOF is reached) from the given source to the + * destination stream. If the destination stream is null, all data is dropped. + * It uses the given buffer to read data and forward it. If the buffer is + * null, this method allocates a buffer. + * + * @param source The stream providing the data. + * @param destination The stream that takes the data. If this is null, all + * data from source will be read and discarded. + * @param buffer The buffer to use for forwarding. If it is null, the method + * allocates a buffer. + * @exception IOException If reading from the source or writing to the + * destination fails. + */ + private static void copyStream(InputStream source, OutputStream destination, byte[] buffer) throws IOException { + if (source == null) { + throw new NullPointerException("Argument \"source\" must not be null."); + } + if (buffer == null) { + buffer = new byte[8192]; + } + + if (destination != null) { + int bytesRead; + while ((bytesRead = source.read(buffer)) >= 0) { + destination.write(buffer, 0, bytesRead); + } + } else { + while (source.read(buffer) >= 0); + } + } + + /** + * Gets the stack trace of the <code>Throwable</code> passed in as a string. + * @param t The <code>Throwable</code>. + * @return a String representing the stack trace of the <code>Throwable</code>. + */ + public static String getStackTraceAsString(Throwable t) + { + ByteArrayOutputStream stackTraceBIS = new ByteArrayOutputStream(); + t.printStackTrace(new PrintStream(stackTraceBIS)); + return new String(stackTraceBIS.toByteArray()); + } +} diff --git a/common/src/main/java/at/gv/egovernment/moa/util/StringUtils.java b/common/src/main/java/at/gv/egovernment/moa/util/StringUtils.java new file mode 100644 index 000000000..ad879d2b6 --- /dev/null +++ b/common/src/main/java/at/gv/egovernment/moa/util/StringUtils.java @@ -0,0 +1,178 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.util; + +import java.util.StringTokenizer; + +/** + * Utitility functions for string manipulations. + * + * @author Harald Bratko + */ +public class StringUtils { + + /** + * Removes all blanks and tabs from the given string. + * + * @param s The string to remove all blanks and tabs from. + * @return The input string with all blanks and tabs removed from. + */ + public static String removeBlanks(String s) { + StringTokenizer st = new StringTokenizer(s); + StringBuffer sb = new StringBuffer(s.length()); + while (st.hasMoreTokens()) { + sb.append(st.nextToken()); + } + return sb.toString(); + } + + /** + * Removes all occurences of the specified token from the the given string. + * + * @param s The string to remove all occurences of the specified token from. + * @return The input string with all occurences of the specified token removed from. + */ + public static String removeToken(String s, String token) { + StringTokenizer st = new StringTokenizer(s, token); + StringBuffer sb = new StringBuffer(s.length()); + while (st.hasMoreTokens()) { + sb.append(st.nextToken()); + } + return sb.toString(); + } + + /** + * Removes all leading zeros from the input string. + * + * @param s The string remove the leading zeros from. + * @return The input string with the leading zeros removed from. + */ + public static String deleteLeadingZeros(String s) { + StringBuffer sb = new StringBuffer(s); + int l = sb.length(); + int j = 0; + for (int i=0; i<l; i++) { + if (sb.charAt(i) == '0') { + j++; + } else { + break; + } + } + return sb.substring(j, l); + } + + /** + * Replaces each substring of string <code>s</code> that matches the given + * <code>search</code> string by the given <code>replace</code> string. + * + * @param s The string where the replacement should take place. + * @param search The pattern that should be replaced. + * @param replace The string that should replace all each <code>search</code> + * string within <code>s</code>. + * @return A string where all occurrence of <code>search</code> are + * replaced with <code>replace</code>. + */ + public static String replaceAll (String s, String search, String replace) + { + StringBuffer sb = new StringBuffer(); + int i = 0, j = 0; + int len = search.length(); + while (j > -1) + { + j = s.indexOf(search, i); + + if (j > -1) + { + sb.append(s.substring(i,j)); + sb.append(replace); + i = j + len; + } + } + + sb.append(s.substring(i, s.length())); + + return sb.toString(); + } + + /** + * Changes the SecurityLayer version in the given string. + * This method usually takes as input an XML structure represented in a string + * format and changes the SecurityLayer namespaces prefixes and URIs from + * one SecurityLayer version to another. + * e.g.: code>sl10</code> to <code>sl</code> and + * <code>http://www.buergerkarte.at/namespaces/securitylayer/20020225#</code> + * to + * <code>http://www.buergerkarte.at/namespaces/securitylayer/1.2#</code> + * + * @param s The string (usally an XML structure) where the + * SecurityLayer version should be changed. + * @param slPrefixOld The SecurityLayer namespace prefix that should be + * replaced by the new one. + * @param slPrefixNew The new SecurityLayer namespace prefix that should + * replace the old one. + * @param slNSUriOld The SecurityLayer namespace URI that should be + * replaced by the new one. + * @param slNSUriNew The new SecurityLayer namespace URI that should + * replace the old one. + * @return A string where the SecurityLayer namespace prefixes + * and URIs are replaced by new ones. + */ + public static String changeSLVersion(String s, String slPrefixOld, String slPrefixNew, String slNSUriOld, String slNSUriNew) { + String retString = replaceAll(s, slPrefixOld, slPrefixNew); + retString = replaceAll(retString, slNSUriOld, slNSUriNew); + return retString ; + } + + /** + * Removes the XML declaration from an XML expression. + * + * @param xmlString XML expression as String + * + * @return XML expression, XML declaration removed + */ + public static String removeXMLDeclaration(String xmlString) { + if (xmlString!=null && xmlString.startsWith("<?xml")) { + int firstElement = xmlString.indexOf("<", 1); + return xmlString.substring(firstElement); + } else { + return xmlString; + } + } + + /** + * Checks if String is empty + * @param s String to be checked if empty + * @return True if String is empty, false otherwise + */ + public static boolean isEmpty(String s) { + if (s == null || s.length() == 0) + return true; + else + return false; + + } + + +} diff --git a/common/src/main/java/at/gv/egovernment/moa/util/URLDecoder.java b/common/src/main/java/at/gv/egovernment/moa/util/URLDecoder.java new file mode 100644 index 000000000..66739a7a4 --- /dev/null +++ b/common/src/main/java/at/gv/egovernment/moa/util/URLDecoder.java @@ -0,0 +1,84 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.util; + +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.io.StringReader; +import java.io.UnsupportedEncodingException; + +/** + * Decodes an URL encoded String using a specified character encoding. + * Provides a function missing in JDK 1.3. + * @author Paul Ivancsics + * @version $Id$ + */ +public class URLDecoder { + + /** + * Decodes an <code>application/x-www-form-urlencoded</code> string using a specific encoding scheme. + * @param s the string to decode + * @param encoding name of character encoding + * @return the newly decoded string + * @throws UnsupportedEncodingException if the encoding is not supported + */ + public static String decode(String s, String encoding) throws UnsupportedEncodingException { + StringReader in = new StringReader(s); + ByteArrayOutputStream bout = new ByteArrayOutputStream(); + for (int b = read(in); b >= 0; b = read(in)) + bout.write(b); + return bout.toString(encoding); + } + /** + * Decodes the next byte from the string reader. + * @param in string reader + * @return the next byte decoded; + * -1 upon end of string, on erroneous data, and on any exception caught + * @todo syntax check on string + */ + private static int read(StringReader in) { + try { + int b = in.read(); + if (b == '+') + return ' '; + if (b == '%') { + char[] hex = new char[2]; + if (in.read(hex, 0, 2) >= 0) { + String hexString = new String(hex); + return Integer.valueOf(hexString, 16).intValue(); + } + else + return -1; + } + return b; + } + catch (IOException ex) { + return -1; + } + catch (NumberFormatException ex) { + return -1; + } + } +} diff --git a/common/src/main/java/at/gv/egovernment/moa/util/URLEncoder.java b/common/src/main/java/at/gv/egovernment/moa/util/URLEncoder.java new file mode 100644 index 000000000..3255b3157 --- /dev/null +++ b/common/src/main/java/at/gv/egovernment/moa/util/URLEncoder.java @@ -0,0 +1,87 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.util; + +import java.io.ByteArrayInputStream; +import java.io.StringWriter; +import java.io.UnsupportedEncodingException; + +/** + * Translates a string into mime format "x-www-form-urlencoded". + * Provides a function missing in JDK 1.3. + * @author Paul Ivancsics + * @version $Id$ + */ +public class URLEncoder { + + /** + * Translates a string into x-www-form-urlencoded format. + * @param s the string to be translated + * @param encoding the encoding to use + * @return the translated string + * @throws UnsupportedEncodingException when the desired encoding is not supported + */ + public static String encode(String s, String encoding) throws UnsupportedEncodingException { + byte[] barr = s.getBytes(encoding); + ByteArrayInputStream bin = new ByteArrayInputStream(barr); + StringWriter out = new StringWriter(); + for (int b = bin.read(); b >= 0; b = bin.read()) + encode(b, out); + return out.toString(); + } + + /** + * Encode a character. + * @param ch The character to encode. + * @param out The <code>StringWriter</code> containing the result. + */ + private static void encode(int ch, StringWriter out) { + if ((ch >= 'a' && ch <= 'z') + || (ch >= 'A' && ch <= 'Z') + || (ch >= '0' && ch <= '9') + || ch == '.' || ch == '-' || ch == '*' || ch == '_') + out.write(ch); + else if (ch == ' ') + out.write('+'); + else + encodeHex(ch, out); + } + + /** + * Encode a character as an escaped hex value. + * @param ch The character to encode. + * @param out The <code>StringWriter</code> containing the result. + */ + private static void encodeHex(int ch, StringWriter out) { + out.write('%'); + String hex = Integer.toHexString(ch).toUpperCase(); + if (hex.length() < 2) + out.write('0'); + else + out.write(hex.charAt(hex.length() - 2)); + out.write(hex.charAt(hex.length() - 1)); + } + +} diff --git a/common/src/main/java/at/gv/egovernment/moa/util/XPathException.java b/common/src/main/java/at/gv/egovernment/moa/util/XPathException.java new file mode 100644 index 000000000..206245a68 --- /dev/null +++ b/common/src/main/java/at/gv/egovernment/moa/util/XPathException.java @@ -0,0 +1,86 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.util; + +import java.io.PrintStream; +import java.io.PrintWriter; + +/** + * An exception occurred evaluating an XPath. + * + * @author Patrick Peck + * @version $Id$ + */ +public class XPathException extends RuntimeException { + /** + * + */ + private static final long serialVersionUID = 1736311265333034392L; +/** The wrapped exception. */ + private Throwable wrapped; + + /** + * Create a <code>XPathException</code>. + * + * @param message The exception message. + * @param wrapped The exception being the likely cause of this exception. + */ + public XPathException(String message, Throwable wrapped) { + super(message); + this.wrapped = wrapped; + } + + /** + * Return the wrapped exception. + * + * @return The wrapped exception being the likely cause of this exception. + */ + public Throwable getWrapped() { + return wrapped; + } + + /** + * @see java.lang.Throwable#printStackTrace(java.io.PrintStream) + */ + public void printStackTrace(PrintStream s) { + super.printStackTrace(s); + if (getWrapped() != null) { + s.print("Caused by: "); + getWrapped().printStackTrace(s); + } + } + + /** + * @see java.lang.Throwable#printStackTrace(java.io.PrintWriter) + */ + public void printStackTrace(PrintWriter s) { + super.printStackTrace(s); + if (getWrapped() != null) { + s.print("Caused by: "); + getWrapped().printStackTrace(s); + } + } + +} diff --git a/common/src/main/java/at/gv/egovernment/moa/util/XPathUtils.java b/common/src/main/java/at/gv/egovernment/moa/util/XPathUtils.java new file mode 100644 index 000000000..7a72c0bfb --- /dev/null +++ b/common/src/main/java/at/gv/egovernment/moa/util/XPathUtils.java @@ -0,0 +1,550 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.util; + +import java.util.List; +import java.util.Map; + +import org.w3c.dom.Attr; +import org.w3c.dom.Element; +import org.w3c.dom.Node; +import org.w3c.dom.NodeList; +import org.w3c.dom.traversal.NodeIterator; + +import org.jaxen.JaxenException; +import org.jaxen.NamespaceContext; +import org.jaxen.SimpleNamespaceContext; +import org.jaxen.dom.DOMXPath; +import org.jaxen.dom.DocumentNavigator; + +/** + * Utility methods to evaluate XPath expressions on DOM nodes. + * + * @author Patrick Peck + * @version $Id$ + */ +public class XPathUtils { + + /** + * The XPath expression selecting all nodes under a given root (including the + * root node itself). + */ + public static final String ALL_NODES_XPATH = + "(.//. | .//@* | .//namespace::*)"; + + /** The <code>DocumentNavigator</code> to use for navigating the document. */ + private static DocumentNavigator documentNavigator = + DocumentNavigator.getInstance(); + /** The default namespace prefix to namespace URI mappings. */ + private static NamespaceContext NS_CONTEXT; + + static { + SimpleNamespaceContext ctx = new SimpleNamespaceContext(); + ctx.addNamespace(Constants.MOA_PREFIX, Constants.MOA_NS_URI); + ctx.addNamespace(Constants.MOA_CONFIG_PREFIX, Constants.MOA_CONFIG_NS_URI); + ctx.addNamespace(Constants.MOA_ID_CONFIG_PREFIX, Constants.MOA_ID_CONFIG_NS_URI); + ctx.addNamespace(Constants.SL10_PREFIX, Constants.SL10_NS_URI); + ctx.addNamespace(Constants.SL11_PREFIX, Constants.SL11_NS_URI); + ctx.addNamespace(Constants.SL12_PREFIX, Constants.SL12_NS_URI); + ctx.addNamespace(Constants.ECDSA_PREFIX, Constants.ECDSA_NS_URI); + ctx.addNamespace(Constants.PD_PREFIX, Constants.PD_NS_URI); + ctx.addNamespace(Constants.SAML_PREFIX, Constants.SAML_NS_URI); + ctx.addNamespace(Constants.SAMLP_PREFIX, Constants.SAMLP_NS_URI); + ctx.addNamespace(Constants.DSIG_PREFIX, Constants.DSIG_NS_URI); + ctx.addNamespace(Constants.XSLT_PREFIX, Constants.XSLT_NS_URI); + ctx.addNamespace(Constants.XSI_PREFIX, Constants.XSI_NS_URI); + ctx.addNamespace(Constants.DSIG_FILTER2_PREFIX, Constants.DSIG_FILTER2_NS_URI); + ctx.addNamespace(Constants.DSIG_EC_PREFIX, Constants.DSIG_EC_NS_URI); + ctx.addNamespace(Constants.MD_PREFIX, Constants.MD_NS_URI); + ctx.addNamespace(Constants.MDP_PREFIX, Constants.MDP_NS_URI); + ctx.addNamespace(Constants.MVV_PREFIX, Constants.MVV_NS_URI); + ctx.addNamespace(Constants.STB_PREFIX, Constants.STB_NS_URI); + ctx.addNamespace(Constants.WRR_PREFIX, Constants.WRR_NS_URI); + NS_CONTEXT = ctx; + } + + /** + * Return a <code>NodeIterator</code> over the nodes matching the XPath + * expression. + * + * All namespace URIs and prefixes declared in the <code>Constants</code> + * interface are used for resolving namespaces. + * + * @param contextNode The root node from which to evaluate the XPath + * expression. + * @param exp The XPath expression to evaluate. + * @return An iterator over the resulting nodes. + * @throws XPathException An error occurred evaluating the XPath expression. + */ + public static NodeIterator selectNodeIterator(Node contextNode, String exp) + throws XPathException { + + return selectNodeIterator(contextNode, NS_CONTEXT, exp); + } + + /** + * Return a <code>NodeIterator</code> over the nodes matching the XPath + * expression. + * + * @param contextNode The root node from which to evaluate the XPath + * expression. + * @param namespaceElement An element from which to build the + * namespace mapping for evaluating the XPath expression + * @param exp The XPath expression to evaluate. + * @return An iterator over the resulting nodes. + * @throws XPathException An error occurred evaluating the XPath expression. + */ + public static NodeIterator selectNodeIterator( + Node contextNode, + Element namespaceElement, + String exp) + throws XPathException { + + try { + SimpleNamespaceContext ctx = new SimpleNamespaceContext(); + ctx.addElementNamespaces(documentNavigator, namespaceElement); + return selectNodeIterator(contextNode, ctx, exp); + } catch (JaxenException e) { + MessageProvider msg = MessageProvider.getInstance(); + String message = msg.getMessage("xpath.00", new Object[] { exp }); + throw new XPathException(message, e); + } + } + + /** + * Return a <code>NodeIterator</code> over the nodes matching the XPath + * expression. + * + * @param contextNode The root node from which to evaluate the XPath + * expression. + * @param namespaceMapping A namespace prefix to namespace URI mapping + * (<code>String</code> to <code>String</code>) for evaluating the XPath + * expression. + * @param exp The XPath expression to evaluate. + * @return An iterator over the resulting nodes. + * @throws XPathException An error occurred evaluating the XPath expression. + */ + public static NodeIterator selectNodeIterator( + Node contextNode, + Map namespaceMapping, + String exp) + throws XPathException { + + SimpleNamespaceContext ctx = new SimpleNamespaceContext(namespaceMapping); + + return selectNodeIterator(contextNode, ctx, exp); + } + + /** + * Return a <code>NodeIterator</code> over the nodes matching the XPath + * expression. + * + * @param contextNode The root node from which to evaluate the XPath + * expression. + * @param nsContext The <code>NamespaceContext</code> for resolving namespace + * prefixes to namespace URIs for evaluating the XPath expression. + * @param exp The XPath expression to evaluate. + * @return An iterator over the resulting nodes. + * @throws XPathException An error occurred evaluating the XPath expression. + */ + private static NodeIterator selectNodeIterator( + Node contextNode, + NamespaceContext nsContext, + String exp) + throws XPathException { + + try { + DOMXPath xpath = new DOMXPath(exp); + List nodes; + + xpath.setNamespaceContext(nsContext); + nodes = xpath.selectNodes(contextNode); + return new NodeIteratorAdapter(nodes.listIterator()); + } catch (JaxenException e) { + MessageProvider msg = MessageProvider.getInstance(); + String message = msg.getMessage("xpath.00", new Object[] { exp }); + throw new XPathException(message, e); + } + } + + /** + * Return a <code>NodeList</code> of all the nodes matching the XPath + * expression. + * + * All namespace URIs and prefixes declared in the <code>Constants</code> + * interface are used for resolving namespaces. + * + * @param contextNode The root node from which to evaluate the XPath + * expression. + * @param exp The XPath expression to evaluate. + * @return A <code>NodeList</code> containing the matching nodes. + * @throws XPathException An error occurred evaluating the XPath expression. + */ + public static NodeList selectNodeList(Node contextNode, String exp) + throws XPathException { + + return selectNodeList(contextNode, NS_CONTEXT, exp); + } + + /** + * Return a <code>NodeList</code> of all the nodes matching the XPath + * expression. + * + * @param contextNode The root node from which to evaluate the XPath + * expression. + * @param namespaceElement An element from which to build the + * namespace mapping for evaluating the XPath expression + * @param exp The XPath expression to evaluate. + * @return A <code>NodeList</code> containing the matching nodes. + * @throws XPathException An error occurred evaluating the XPath expression. + */ + public static NodeList selectNodeList( + Node contextNode, + Element namespaceElement, + String exp) + throws XPathException { + + try { + SimpleNamespaceContext ctx = new SimpleNamespaceContext(); + + ctx.addElementNamespaces(documentNavigator, namespaceElement); + return selectNodeList(contextNode, ctx, exp); + } catch (JaxenException e) { + MessageProvider msg = MessageProvider.getInstance(); + String message = msg.getMessage("xpath.00", new Object[] { exp }); + throw new XPathException(message, e); + } + } + + /** + * Return a <code>NodeList</code> of all the nodes matching the XPath + * expression. + * + * @param contextNode The root node from which to evaluate the XPath + * expression. + * @param namespaceMapping A namespace prefix to namespace URI mapping + * (<code>String</code> to <code>String</code>) for evaluating the XPath + * expression. + * @param exp The XPath expression to evaluate. + * @return A <code>NodeList</code> containing the matching nodes. + * @throws XPathException An error occurred evaluating the XPath expression. + */ + public static NodeList selectNodeList( + Node contextNode, + Map namespaceMapping, + String exp) + throws XPathException { + + SimpleNamespaceContext ctx = new SimpleNamespaceContext(namespaceMapping); + + return selectNodeList(contextNode, ctx, exp); + } + + /** + * Return a <code>NodeList</code> of all the nodes matching the XPath + * expression. + * + * @param contextNode The root node from which to evaluate the XPath + * expression. + * @param nsContext The <code>NamespaceContext</code> for resolving namespace + * prefixes to namespace URIs for evaluating the XPath expression. + * @param exp The XPath expression to evaluate. + * @return A <code>NodeList</code> containing the matching nodes. + * @throws XPathException An error occurred evaluating the XPath expression. + */ + private static NodeList selectNodeList( + Node contextNode, + NamespaceContext nsContext, + String exp) + throws XPathException { + + try { + DOMXPath xpath = new DOMXPath(exp); + List nodes; + + xpath.setNamespaceContext(nsContext); + nodes = xpath.selectNodes(contextNode); + return new NodeListAdapter(nodes); + } catch (JaxenException e) { + MessageProvider msg = MessageProvider.getInstance(); + String message = msg.getMessage("xpath.00", new Object[] { exp }); + throw new XPathException(message, e); + } + } + + /** + * Select the first node matching an XPath expression. + * + * All namespace URIs and prefixes declared in the <code>Constants</code> + * interface are used for resolving namespaces. + * + * @param contextNode The root node from which to evaluate the XPath + * expression. + * @param exp The XPath expression to evaluate. + * @return Node The first node matching the XPath expression, or + * <code>null</code>, if no node matched. + * @throws XPathException An error occurred evaluating the XPath expression. + */ + public static Node selectSingleNode(Node contextNode, String exp) + throws XPathException { + + return selectSingleNode(contextNode, NS_CONTEXT, exp); + } + + /** + * Select the first node matching an XPath expression. + * + * @param contextNode The root node from which to evaluate the XPath + * expression. + * @param namespaceElement An element from which to build the + * namespace mapping for evaluating the XPath expression + * @param exp The XPath expression to evaluate. + * @return Node The first node matching the XPath expression, or + * <code>null</code>, if no node matched. + * @throws XPathException An error occurred evaluating the XPath expression. + */ + public static Node selectSingleNode( + Node contextNode, + Element namespaceElement, + String exp) + throws XPathException { + + try { + SimpleNamespaceContext ctx = new SimpleNamespaceContext(); + ctx.addElementNamespaces(documentNavigator, namespaceElement); + + return selectSingleNode(contextNode, ctx, exp); + } catch (JaxenException e) { + MessageProvider msg = MessageProvider.getInstance(); + String message = msg.getMessage("xpath.00", new Object[] { exp }); + throw new XPathException(message, e); + } + } + + /** + * Select the first node matching an XPath expression. + * + * @param contextNode The root node from which to evaluate the XPath + * expression. + * @param namespaceMapping A namespace prefix to namespace URI mapping + * (<code>String</code> to <code>String</code>) for evaluating the XPath + * expression. + * @param exp The XPath expression to evaluate. + * @return Node The first node matching the XPath expression, or + * <code>null</code>, if no node matched. + * @throws XPathException An error occurred evaluating the XPath expression. + */ + public static Node selectSingleNode( + Node contextNode, + Map namespaceMapping, + String exp) + throws XPathException { + + SimpleNamespaceContext ctx = new SimpleNamespaceContext(namespaceMapping); + + return selectSingleNode(contextNode, ctx, exp); + } + + /** + * Select the first node matching an XPath expression. + * + * @param contextNode The root node from which to evaluate the XPath + * expression. + * @param nsContext The <code>NamespaceContext</code> for resolving namespace + * prefixes to namespace URIs for evaluating the XPath expression. + * @param exp The XPath expression to evaluate. + * @return Node The first node matching the XPath expression, or + * <code>null</code>, if no node matched. + * @throws XPathException An error occurred evaluating the XPath expression. + */ + private static Node selectSingleNode( + Node contextNode, + NamespaceContext nsContext, + String exp) + throws XPathException { + + try { + DOMXPath xpath = new DOMXPath(exp); + xpath.setNamespaceContext(nsContext); + return (Node) xpath.selectSingleNode(contextNode); + } catch (JaxenException e) { + MessageProvider msg = MessageProvider.getInstance(); + String message = msg.getMessage("xpath.00", new Object[] { exp }); + throw new XPathException(message, e); + } + } + + /** + * Return the value of a DOM element whose location is given by an XPath + * expression. + * + * @param root The root element from which to evaluate the XPath. + * @param xpath The XPath expression pointing to the element whose value + * to return. + * @param def The default value to return, if no element can be found using + * the given <code>xpath</code>. + * @return The element value, if it can be located using the + * <code>xpath</code>. Otherwise, <code>def</code> is returned. + */ + public static String getElementValue( + Element root, + String xpath, + String def) { + + Element elem = (Element) XPathUtils.selectSingleNode(root, xpath); + return elem != null ? DOMUtils.getText(elem) : def; + } + + /** + * Return the value of a DOM attribute whose location is given by an XPath + * expression. + * + * @param root The root element from which to evaluate the XPath. + * @param xpath The XPath expression pointing to the attribute whose value to + * return. + * @param def The default value to return, if no attribute can be found using + * the given <code>xpath</code>. + * @return The element value, if it can be located using the + * <code>xpath</code>. Otherwise, <code>def</code> is returned. + */ + public static String getAttributeValue( + Element root, + String xpath, + String def) { + + Attr attr = (Attr) XPathUtils.selectSingleNode(root, xpath); + return attr != null ? attr.getValue() : def; + } + + /** + * Returns the namespace prefix used within <code>XPathUtils</code> for referring to + * the namespace of the specified (Security Layer command) element. + * + * This namespace prefix can be used in various XPath expression evaluation methods + * within <code> XPathUtils</code> without explicitely binding it to the particular + * namespace. + * + * @param contextElement The (Security Layer command) element. + * + * @return the namespace prefix used within <code>XPathUtils</code> for referring to + * the namespace of the specified (Security Layer command) element. + * + * throws XpathException If the specified element has a namespace other than the ones + * known by this implementation as valid Security Layer namespaces (cf. + * @link Constants#SL10_NS_URI, @link Constants#SL11_NS_URI, @link Constants#SL12_NS_URI). + */ + public static String getSlPrefix (Element contextElement) throws XPathException + { + String sLNamespace = contextElement.getNamespaceURI(); + String sLPrefix = null; + + if (sLNamespace.equals(Constants.SL10_NS_URI)) + { + sLPrefix = Constants.SL10_PREFIX; + } + else if (sLNamespace.equals(Constants.SL12_NS_URI)) + { + sLPrefix = Constants.SL12_PREFIX; + } + else if (sLNamespace.equals(Constants.SL11_NS_URI)) + { + sLPrefix = Constants.SL11_PREFIX; + } + else + { + MessageProvider msg = MessageProvider.getInstance(); + String message = msg.getMessage("xpath.00", new Object[] { "Ungültiger Security Layer Namespace: \"" + sLNamespace + "\"."}); + throw new XPathException(message, null); + } + + return sLPrefix; + } + + + /** + * Return the SecurityLayer namespace prefix of the context element. + * If the context element is not the element that lies within the + * SecurityLayer namespace. The Securitylayer namespace is derived from + * the <code>xmlns:sl10</code>, <code>sl11</code> or <code>sl</code> + * attribute of the context element. + * + * The returned prefix is needed for evaluating XPATH expressions. + * + * @param contextElement The element to get a prefix for the Securitylayer namespace, + * that is used within the corresponding document. + * + * @return The string <code>sl10</code>, <code>sl11</code> or <code>sl</code>, + * depending on the SecurityLayer namespace of the contextElement. + * + * throws XPathException If no (vlalid) SecurityLayer namespace prefix or namespace + * is defined. + */ + public static String getSlPrefixFromNoRoot (Element contextElement) throws XPathException { + + String slPrefix = checkSLnsDeclaration(contextElement, Constants.SL10_PREFIX, Constants.SL10_NS_URI); + if (slPrefix == null) { + slPrefix = checkSLnsDeclaration(contextElement, Constants.SL11_PREFIX, Constants.SL11_NS_URI); + } + if (slPrefix == null) { + slPrefix = checkSLnsDeclaration(contextElement, Constants.SL12_PREFIX, Constants.SL12_NS_URI); + } + + return slPrefix; + + } + + /** + * Checks if the context element has an attribute <code>xmlns:slPrefix</code> and + * if the prefix of that attribute corresponds with a valid SecurityLayer namespace. + * + * @param contextElement The element to be checked. + * @param slPrefix The prefix which should be checked. Must be a valid SecurityLayer + * namespace prefix. + * @param slNameSpace The SecurityLayer namespace that corresponds to the specified prefix. + * + * @return The valid SecurityLayer prefix or <code>null</code> if this prefix is + * not used. + * @throws XPathException + */ + private static String checkSLnsDeclaration(Element contextElement, String slPrefix, String slNameSpace) + throws XPathException + { + String nsAtt = "xmlns:" + slPrefix; + String nameSpace = contextElement.getAttribute(nsAtt); + if (nameSpace == "") { + return null; + } else { + // check if namespace is correct + if (nameSpace.equals(slNameSpace)) { + return slPrefix; + } else { + MessageProvider msg = MessageProvider.getInstance(); + String message = msg.getMessage("xpath.00", new Object[] { "Ungültiger SecurityLayer Namespace: \"" + nameSpace + "\"."}); + throw new XPathException(message, null); + } + } + } + +} diff --git a/common/src/main/resources/resources/properties/common_messages_de.properties b/common/src/main/resources/resources/properties/common_messages_de.properties new file mode 100644 index 000000000..a58d07625 --- /dev/null +++ b/common/src/main/resources/resources/properties/common_messages_de.properties @@ -0,0 +1,17 @@ +# This file contains exception messages in the standard Java properties +# format. The messages may contain formatting patterns as definied in the +# java.text.MessageFormat class. + + +# +# Messages private to the MOA common subsystem +# + +parser.00=Leichter Fehler beim Parsen: {0}, SystemID={1}, Zeile={2}, Spalte={3} +parser.01=Fehler beim Parsen: {0}, SystemID={1}, Zeile={2}, Spalte={3} +parser.02=Schwerer Fehler beim Parsen: {0}, SystemID={1}, Zeile={2}, Spalte={3} +parser.04=Fehler beim Parsen: {0} + +xpath.00=Fehler beim Auswerten des XPath-Ausdruckes: {0} + +datetime.00=Fehler beim Parsen der DateTime
\ No newline at end of file diff --git a/common/src/main/resources/resources/schemas/Core-1.2.xsd b/common/src/main/resources/resources/schemas/Core-1.2.xsd new file mode 100644 index 000000000..864fee6d5 --- /dev/null +++ b/common/src/main/resources/resources/schemas/Core-1.2.xsd @@ -0,0 +1,881 @@ +<?xml version="1.0" encoding="UTF-8"?> + +<!-- Securitylayer, Schnittstellenspezifikation --> + +<!-- XML-Schema fuer Schnittstellenspezifikation Version 1.2.2 --> + +<!-- 01. 03. 2005, Bundeskanzleramt, Stabsstelle IKT-Strategie, Technik und Standards --> + +<xsd:schema targetNamespace="http://www.buergerkarte.at/namespaces/securitylayer/1.2#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.2.1" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://www.buergerkarte.at/namespaces/securitylayer/1.2#"> + <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/> + <xsd:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="http://www.w3.org/2001/xml.xsd"/> + <!--###################################################################### --> + <!--# Create CMS Signature # --> + <!--###################################################################### --> + <!--====================================================================== --> + <!--= Create CMS Signature Request = --> + <!--====================================================================== --> + <xsd:element name="CreateCMSSignatureRequest" type="CreateCMSSignatureRequestType"/> + <xsd:complexType name="CreateCMSSignatureRequestType"> + <xsd:sequence> + <xsd:element name="KeyboxIdentifier" type="BoxIdentifierType"/> + <xsd:element name="DataObject" type="CMSDataObjectRequiredMetaType"/> + </xsd:sequence> + <xsd:attribute name="Structure" use="required"> + <xsd:simpleType> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="detached"/> + <xsd:enumeration value="enveloping"/> + </xsd:restriction> + </xsd:simpleType> + </xsd:attribute> + </xsd:complexType> + <xsd:complexType name="CMSDataObjectRequiredMetaType"> + <xsd:complexContent> + <xsd:restriction base="CMSDataObjectOptionalMetaType"> + <xsd:sequence> + <xsd:element name="MetaInfo" type="MetaInfoType"/> + <xsd:element name="Content" type="Base64OptRefContentType"/> + </xsd:sequence> + </xsd:restriction> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="CMSDataObjectOptionalMetaType"> + <xsd:sequence> + <xsd:element name="MetaInfo" type="MetaInfoType" minOccurs="0"/> + <xsd:element name="Content" type="Base64OptRefContentType"/> + </xsd:sequence> + </xsd:complexType> + <!--====================================================================== --> + <!--= Create CMS Siganture Response = --> + <!--====================================================================== --> + <xsd:element name="CreateCMSSignatureResponse" type="CreateCMSSignatureResponseType"/> + <xsd:complexType name="CreateCMSSignatureResponseType"> + <xsd:sequence> + <xsd:element name="CMSSignature" type="xsd:base64Binary"/> + </xsd:sequence> + </xsd:complexType> + <!--###################################################################### --> + <!--# Create XML Signature # --> + <!--###################################################################### --> + <!--====================================================================== --> + <!--= Create XML Signature Request = --> + <!--====================================================================== --> + <xsd:element name="CreateXMLSignatureRequest" type="CreateXMLSignatureRequestType"/> + <xsd:complexType name="CreateXMLSignatureRequestType"> + <xsd:sequence> + <xsd:element name="KeyboxIdentifier" type="BoxIdentifierType"/> + <xsd:element name="DataObjectInfo" type="DataObjectInfoType" maxOccurs="unbounded"/> + <xsd:element name="SignatureInfo" type="SignatureInfoCreationType" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="SignatureInfoCreationType"> + <xsd:sequence> + <xsd:element name="SignatureEnvironment" type="Base64XMLOptRefContentType"/> + <xsd:element name="SignatureLocation"> + <xsd:complexType> + <xsd:simpleContent> + <xsd:extension base="xsd:token"> + <xsd:attribute name="Index" type="xsd:nonNegativeInteger" use="required"/> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> + </xsd:element> + <xsd:element name="Supplement" type="DataObjectAssociationType" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="MetaInfoType"> + <xsd:sequence> + <xsd:element name="MimeType" type="MimeTypeType"/> + <xsd:element name="Description" type="xsd:string" minOccurs="0"/> + <xsd:any namespace="##other" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="DataObjectInfoType"> + <xsd:sequence> + <xsd:element name="DataObject" type="Base64XMLLocRefOptRefContentType"/> + <xsd:element name="TransformsInfo" type="TransformsInfoType" maxOccurs="unbounded"/> + <xsd:element name="Supplement" type="DataObjectAssociationType" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + <xsd:attribute name="Structure" use="required"> + <xsd:simpleType> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="detached"/> + <xsd:enumeration value="enveloping"/> + </xsd:restriction> + </xsd:simpleType> + </xsd:attribute> + </xsd:complexType> + <xsd:complexType name="TransformsInfoType"> + <xsd:sequence> + <xsd:element ref="dsig:Transforms" minOccurs="0"/> + <xsd:element name="FinalDataMetaInfo" type="MetaInfoType"/> + </xsd:sequence> + </xsd:complexType> + <!--====================================================================== --> + <!--= Create XML Signature Response = --> + <!--====================================================================== --> + <xsd:element name="CreateXMLSignatureResponse" type="CreateXMLSignatureResponseType"/> + <xsd:complexType name="CreateXMLSignatureResponseType"> + <xsd:sequence> + <xsd:any namespace="##any" processContents="lax"/> + </xsd:sequence> + </xsd:complexType> + <!--###################################################################### --> + <!--# Verify CMS Signature # --> + <!--###################################################################### --> + <!--====================================================================== --> + <!--= Verify CMS Signature Request = --> + <!--====================================================================== --> + <xsd:element name="VerifyCMSSignatureRequest" type="VerifyCMSSignatureRequestType"/> + <xsd:complexType name="VerifyCMSSignatureRequestType"> + <xsd:sequence> + <xsd:element name="DateTime" type="xsd:dateTime" minOccurs="0"/> + <xsd:element name="CMSSignature" type="xsd:base64Binary"/> + <xsd:element name="DataObject" type="CMSDataObjectOptionalMetaType" minOccurs="0"/> + </xsd:sequence> + <xsd:attribute name="Signatories" type="SignatoriesType" use="optional" default="1"/> + </xsd:complexType> + <xsd:simpleType name="SignatoriesType"> + <xsd:union memberTypes="AllSignatoriesType"> + <xsd:simpleType> + <xsd:list itemType="xsd:positiveInteger"/> + </xsd:simpleType> + </xsd:union> + </xsd:simpleType> + <xsd:simpleType name="AllSignatoriesType"> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="all"/> + </xsd:restriction> + </xsd:simpleType> + <!--====================================================================== --> + <!--= Verify CMS Signature Response = --> + <!--====================================================================== --> + <xsd:element name="VerifyCMSSignatureResponse" type="VerifyCMSSignatureResponseType"/> + <xsd:complexType name="VerifyCMSSignatureResponseType"> + <xsd:sequence maxOccurs="unbounded"> + <xsd:element name="SignerInfo" type="dsig:KeyInfoType"/> + <xsd:element name="SignatureCheck" type="CheckResultType"/> + <xsd:element name="CertificateCheck" type="CheckResultType"/> + </xsd:sequence> + </xsd:complexType> + <xsd:element name="QualifiedCertificate"/> + <!--###################################################################### --> + <!--# Verify XML Signature # --> + <!--###################################################################### --> + <!--====================================================================== --> + <!--= Verify XML Signature Request = --> + <!--====================================================================== --> + <xsd:element name="VerifyXMLSignatureRequest" type="VerifyXMLSignatureRequestType"/> + <xsd:complexType name="VerifyXMLSignatureRequestType"> + <xsd:sequence> + <xsd:element name="DateTime" type="xsd:dateTime" minOccurs="0"/> + <xsd:element name="SignatureInfo" type="SignatureInfoVerificationType"/> + <xsd:element name="Supplement" type="DataObjectAssociationType" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="SignatureInfoVerificationType"> + <xsd:sequence> + <xsd:element name="SignatureEnvironment" type="Base64XMLOptRefContentType"/> + <xsd:element name="SignatureLocation" type="xsd:token"/> + </xsd:sequence> + </xsd:complexType> + <!--====================================================================== --> + <!--= Verify XML Signature Response = --> + <!--====================================================================== --> + <xsd:element name="VerifyXMLSignatureResponse" type="VerifyXMLSignatureResponseType"/> + <xsd:complexType name="VerifyXMLSignatureResponseType"> + <xsd:sequence> + <xsd:element name="SignerInfo" type="dsig:KeyInfoType"/> + <xsd:element name="SignatureCheck" type="ReferencesCheckResultType"/> + <xsd:element name="SignatureManifestCheck" type="ReferencesCheckResultType"/> + <xsd:element name="XMLDSIGManifestCheck" type="ManifestRefsCheckResultType" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="CertificateCheck" type="CheckResultType"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="ReferencesCheckResultType"> + <xsd:sequence> + <xsd:element name="Code" type="xsd:nonNegativeInteger"/> + <xsd:element name="Info" type="ReferencesCheckResultInfoType" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="ReferencesCheckResultInfoType" mixed="true"> + <xsd:sequence> + <xsd:element name="FailedReference" type="xsd:positiveInteger" minOccurs="0" maxOccurs="unbounded"/> + <xsd:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="ManifestRefsCheckResultType"> + <xsd:sequence> + <xsd:element name="Code" type="xsd:nonNegativeInteger"/> + <xsd:element name="Info" type="ManifestRefsCheckResultInfoType"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="ManifestRefsCheckResultInfoType" mixed="true"> + <xsd:sequence> + <xsd:element name="ReferringSigReference" type="xsd:positiveInteger"/> + <xsd:element name="FailedReference" type="xsd:positiveInteger" minOccurs="0" maxOccurs="unbounded"/> + <xsd:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="CheckResultType"> + <xsd:sequence> + <xsd:element name="Code" type="xsd:nonNegativeInteger"/> + <xsd:element name="Info" type="AnyMixedChildrenType" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <!--###################################################################### --> + <!--# Encrypt a CMS message # --> + <!--###################################################################### --> + <!--====================================================================== --> + <!--= Encrypt a CMS message: Request = --> + <!--====================================================================== --> + <xsd:element name="EncryptCMSRequest" type="EncryptCMSRequestType"/> + <xsd:complexType name="EncryptCMSRequestType"> + <xsd:sequence> + <xsd:element name="RecipientPublicKey" type="CMSRecipientPublicKeyType" maxOccurs="unbounded"/> + <xsd:element name="ToBeEncrypted" type="CMSToBeEncryptedType"/> + </xsd:sequence> + <xsd:attribute name="ReturnBinaryResult" type="xsd:boolean" use="optional" default="false"/> + </xsd:complexType> + <xsd:complexType name="CMSToBeEncryptedType"> + <xsd:sequence> + <xsd:element name="MetaInfo" type="MetaInfoType"/> + <xsd:element name="Content" type="Base64OptRefContentType"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="CMSRecipientPublicKeyType"> + <xsd:choice> + <xsd:element name="X509Certificate" type="xsd:base64Binary"/> + </xsd:choice> + </xsd:complexType> + <!--====================================================================== --> + <!--= Encrypt a CMS message: Response = --> + <!--====================================================================== --> + <xsd:element name="EncryptCMSResponse" type="EncryptCMSResponseType"/> + <xsd:complexType name="EncryptCMSResponseType"> + <xsd:sequence> + <xsd:element name="CMSMessage" type="xsd:base64Binary"/> + </xsd:sequence> + </xsd:complexType> + <!--###################################################################### --> + <!--# Decrypt a CMS message # --> + <!--###################################################################### --> + <!--====================================================================== --> + <!--= Decrypt a CMS message: Request = --> + <!--====================================================================== --> + <xsd:element name="DecryptCMSRequest" type="DecryptCMSRequestType"/> + <xsd:complexType name="DecryptCMSRequestType"> + <xsd:sequence> + <xsd:element name="CMSMessage" type="xsd:base64Binary"/> + <xsd:element name="EncryptedContent" type="CMSEncryptedContentType" minOccurs="0"/> + </xsd:sequence> + <xsd:attribute name="ReturnResult" type="ReturnResultType" use="optional" default="xml"/> + </xsd:complexType> + <xsd:complexType name="CMSEncryptedContentType"> + <xsd:sequence> + <xsd:element name="MetaInfo" type="MetaInfoType" minOccurs="0"/> + <xsd:element name="Content" type="Base64OptRefContentType" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <xsd:simpleType name="ReturnResultType"> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="binary"/> + <xsd:enumeration value="xml"/> + <xsd:enumeration value="none"/> + </xsd:restriction> + </xsd:simpleType> + <!--====================================================================== --> + <!--= Decrypt a CMS message: Response = --> + <!--====================================================================== --> + <xsd:element name="DecryptCMSResponse" type="DecryptCMSResponseType"/> + <xsd:complexType name="DecryptCMSResponseType"> + <xsd:sequence> + <xsd:element name="DecryptedData" type="xsd:base64Binary"/> + </xsd:sequence> + </xsd:complexType> + <!--###################################################################### --> + <!--# Encrypt an XML document # --> + <!--###################################################################### --> + <!--====================================================================== --> + <!--= Encrypt an XML document: Request = --> + <!--====================================================================== --> + <xsd:element name="EncryptXMLRequest"> + <xsd:complexType> + <xsd:complexContent> + <xsd:extension base="EncryptXMLRequestType"/> + </xsd:complexContent> + </xsd:complexType> + </xsd:element> + <xsd:complexType name="EncryptXMLRequestType"> + <xsd:sequence> + <xsd:element name="RecipientPublicKey" type="XMLRecipientPublicKeyType" maxOccurs="unbounded"/> + <xsd:element name="ToBeEncrypted" type="ToBeEncryptedType" maxOccurs="unbounded"/> + <xsd:element name="EncryptionInfo" type="EncryptionInfoType" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="ToBeEncryptedType"> + <xsd:choice> + <xsd:element name="Element"> + <xsd:complexType> + <xsd:attribute name="Selector" type="xsd:token" use="required"/> + <xsd:attribute name="EncDataReference" type="xsd:anyURI" use="optional"/> + </xsd:complexType> + </xsd:element> + <xsd:element name="ElementContent"> + <xsd:complexType> + <xsd:attribute name="Selector" type="xsd:token" use="required"/> + <xsd:attribute name="EncDataReference" type="xsd:anyURI" use="optional"/> + </xsd:complexType> + </xsd:element> + <xsd:element name="New" type="XMLToBeEncryptedNewType"/> + </xsd:choice> + </xsd:complexType> + <xsd:complexType name="XMLToBeEncryptedNewType"> + <xsd:sequence> + <xsd:element name="MetaInfo" type="MetaInfoType"/> + <xsd:element name="Content" type="XMLToBeEncryptedNewContentType"/> + </xsd:sequence> + <xsd:attribute name="ParentSelector" type="xsd:token" use="required"/> + <xsd:attribute name="NodeCount" type="xsd:nonNegativeInteger" use="required"/> + </xsd:complexType> + <xsd:complexType name="XMLToBeEncryptedNewContentType"> + <xsd:complexContent> + <xsd:extension base="Base64XMLLocRefContentType"> + <xsd:attribute name="EncDataReference" type="xsd:anyURI" use="optional"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="XMLRecipientPublicKeyType"> + <xsd:choice> + <xsd:element ref="dsig:KeyValue"/> + <xsd:element name="X509Certificate" type="xsd:base64Binary"/> + </xsd:choice> + </xsd:complexType> + <xsd:complexType name="EncryptionInfoType"> + <xsd:sequence> + <xsd:element name="EncryptionEnvironment" type="Base64XMLOptRefContentType"/> + <xsd:element name="EncryptedKeyLocation" minOccurs="0"> + <xsd:complexType> + <xsd:attribute name="ParentSelector" type="xsd:token" use="required"/> + <xsd:attribute name="NodeCount" type="xsd:nonNegativeInteger" use="required"/> + </xsd:complexType> + </xsd:element> + <xsd:element name="Supplement" type="DataObjectAssociationType" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <!--====================================================================== --> + <!--= Encrypt an XML document: Response = --> + <!--====================================================================== --> + <xsd:element name="EncryptXMLResponse" type="EncryptXMLResponseType"/> + <xsd:complexType name="EncryptXMLResponseType"> + <xsd:sequence> + <xsd:element name="EncryptionEnvironment"> + <xsd:complexType> + <xsd:sequence> + <xsd:any namespace="##any" processContents="lax"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="EncryptedData" type="EncryptedDataType" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="EncryptedDataType"> + <xsd:simpleContent> + <xsd:extension base="xsd:base64Binary"> + <xsd:attribute name="EncDataReference" type="xsd:anyURI" use="required"/> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> + <!--###################################################################### --> + <!--# Decrypt an XML document # --> + <!--###################################################################### --> + <!--====================================================================== --> + <!--= Decrypt an XML document: Request = --> + <!--====================================================================== --> + <xsd:element name="DecryptXMLRequest" type="DecryptXMLRequestType"/> + <xsd:complexType name="DecryptXMLRequestType"> + <xsd:sequence> + <xsd:element name="EncryptedContent" type="Base64XMLOptRefContentType"/> + <xsd:element name="EncrElemsSelector" type="xsd:string"/> + <xsd:element name="Supplement" type="DataObjectAssociationType" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + <xsd:attribute name="ReturnResult" type="ReturnResultType" use="optional" default="xml"/> + </xsd:complexType> + <!--====================================================================== --> + <!--= Decrypt an XML document: Response = --> + <!--====================================================================== --> + <xsd:element name="DecryptXMLResponse" type="DecryptXMLResponseType"/> + <xsd:complexType name="DecryptXMLResponseType"> + <xsd:sequence minOccurs="0"> + <xsd:element name="CandidateDocument" type="XMLContentType"/> + <xsd:element name="DecryptedBinaryData" minOccurs="0" maxOccurs="unbounded"> + <xsd:complexType> + <xsd:simpleContent> + <xsd:extension base="xsd:base64Binary"> + <xsd:attribute name="EncrElemSelector" type="xsd:string" use="required"/> + <xsd:attribute name="MimeType" type="xsd:string" use="optional"/> + <xsd:attribute name="Encoding" type="xsd:anyURI" use="optional"/> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + <!--###################################################################### --> + <!--# Hashing # --> + <!--###################################################################### --> + <!--====================================================================== --> + <!--= Hash Computation Request = --> + <!--====================================================================== --> + <xsd:element name="CreateHashRequest" type="CreateHashRequestType"/> + <xsd:complexType name="CreateHashRequestType"> + <xsd:sequence> + <xsd:element name="HashInfo" type="CreateHashInfoRequestType" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="CreateHashInfoRequestType"> + <xsd:sequence> + <xsd:element name="HashData" type="HashDataType"/> + <xsd:element name="HashAlgorithm" type="xsd:anyURI"/> + <xsd:element name="FriendlyName" type="xsd:string" minOccurs="0"/> + </xsd:sequence> + <xsd:attribute name="RespondHashData" type="xsd:boolean" use="required"/> + </xsd:complexType> + <xsd:complexType name="HashDataType"> + <xsd:sequence> + <xsd:element name="MetaInfo" type="MetaInfoType"/> + <xsd:element name="Content" type="Base64XMLOptRefContentType"/> + </xsd:sequence> + </xsd:complexType> + <!--====================================================================== --> + <!--= Hash Computation Response = --> + <!--====================================================================== --> + <xsd:element name="CreateHashResponse" type="CreateHashResponseType"/> + <xsd:complexType name="CreateHashResponseType"> + <xsd:sequence> + <xsd:element name="HashInfo" type="CreateHashInfoResponseType" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="CreateHashInfoResponseType"> + <xsd:sequence> + <xsd:element name="HashData" type="HashDataType" minOccurs="0"/> + <xsd:element name="HashAlgorithm" type="xsd:anyURI"/> + <xsd:element name="FriendlyName" type="xsd:string" minOccurs="0"/> + <xsd:element name="HashValue" type="xsd:base64Binary"/> + </xsd:sequence> + </xsd:complexType> + <!--====================================================================== --> + <!--= Hash Verification Request = --> + <!--====================================================================== --> + <xsd:element name="VerifyHashRequest" type="VerifyHashRequestType"/> + <xsd:complexType name="VerifyHashRequestType"> + <xsd:sequence> + <xsd:element name="HashInfo" type="VerifyHashInfoRequestType" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="VerifyHashInfoRequestType"> + <xsd:sequence> + <xsd:element name="HashData" type="HashDataType"/> + <xsd:element name="HashAlgorithm" type="xsd:anyURI"/> + <xsd:element name="FriendlyName" type="xsd:string" minOccurs="0"/> + <xsd:element name="HashValue" type="xsd:base64Binary"/> + </xsd:sequence> + </xsd:complexType> + <!--====================================================================== --> + <!--= Hash Verification Response = --> + <!--====================================================================== --> + <xsd:element name="VerifyHashResponse" type="VerifyHashResponseType"/> + <xsd:complexType name="VerifyHashResponseType"> + <xsd:sequence> + <xsd:element name="VerificationResult" type="VerificationResultType" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="VerificationResultType"> + <xsd:sequence> + <xsd:element name="FriendlyName" type="xsd:string" minOccurs="0"/> + <xsd:element name="Result" type="xsd:boolean"/> + </xsd:sequence> + </xsd:complexType> + <!--###################################################################### --> + <!--# Infobox Commands # --> + <!--###################################################################### --> + <!--====================================================================== --> + <!--= Check Available Infoboxes Request = --> + <!--====================================================================== --> + <xsd:element name="InfoboxAvailableRequest" type="InfoboxAvailableRequestType"/> + <xsd:complexType name="InfoboxAvailableRequestType"/> + <!--====================================================================== --> + <!--= Check Available Infoboxes Response = --> + <!--====================================================================== --> + <xsd:element name="InfoboxAvailableResponse" type="InfoboxAvailableResponseType"/> + <xsd:complexType name="InfoboxAvailableResponseType"> + <xsd:sequence minOccurs="0" maxOccurs="unbounded"> + <xsd:element name="InfoboxIdentifier" type="BoxIdentifierType"/> + </xsd:sequence> + </xsd:complexType> + <!--====================================================================== --> + <!--= Create Infobox Request = --> + <!--====================================================================== --> + <xsd:element name="InfoboxCreateRequest" type="InfoboxCreateRequestType"/> + <xsd:complexType name="InfoboxCreateRequestType"> + <xsd:sequence> + <xsd:element name="InfoboxIdentifier" type="BoxIdentifierType"/> + <xsd:element name="InfoboxType" type="InfoboxTypeType"/> + <xsd:element name="Creator" type="xsd:string"/> + <xsd:element name="Purpose" type="xsd:string"/> + <xsd:element name="ReadAccessAuthorization" type="AccessAuthorizationType" minOccurs="0"/> + <xsd:element name="UpdateAccessAuthorization" type="AccessAuthorizationType" minOccurs="0"/> + <xsd:element name="ReadUserConfirmation" type="UserConfirmationType" minOccurs="0"/> + <xsd:element name="UpdateUserConfirmation" type="UserConfirmationType" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <xsd:simpleType name="InfoboxTypeType"> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="BinaryFile"/> + <xsd:enumeration value="AssocArray"/> + </xsd:restriction> + </xsd:simpleType> + <xsd:complexType name="AccessAuthorizationType"> + <xsd:sequence> + <xsd:element name="RequesterID" type="RequesterIDType" maxOccurs="unbounded"/> + </xsd:sequence> + <xsd:attribute name="UserMayChange" type="xsd:boolean" use="required"/> + </xsd:complexType> + <xsd:simpleType name="RequesterIDSimpleType"> + <xsd:restriction base="xsd:string"/> + </xsd:simpleType> + <xsd:complexType name="RequesterIDType"> + <xsd:simpleContent> + <xsd:extension base="RequesterIDSimpleType"> + <xsd:attribute name="AuthenticationClass" type="AuthenticationClassType" use="required"/> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> + <xsd:complexType name="UserConfirmationType"> + <xsd:simpleContent> + <xsd:extension base="UserConfirmationSimpleType"> + <xsd:attribute name="UserMayChange" type="xsd:boolean" use="required"/> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> + <xsd:simpleType name="UserConfirmationSimpleType"> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="none"/> + <xsd:enumeration value="info"/> + <xsd:enumeration value="confirm"/> + <xsd:enumeration value="confirmWithSecret"/> + </xsd:restriction> + </xsd:simpleType> + <xsd:simpleType name="AuthenticationClassType"> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="anonym"/> + <xsd:enumeration value="pseudoanonym"/> + <xsd:enumeration value="certified"/> + <xsd:enumeration value="certifiedGovAgency"/> + </xsd:restriction> + </xsd:simpleType> + <!--====================================================================== --> + <!--= Create Infobox Response = --> + <!--====================================================================== --> + <xsd:element name="InfoboxCreateResponse" type="InfoboxCreateResponseType"/> + <xsd:complexType name="InfoboxCreateResponseType"/> + <!--====================================================================== --> + <!--= Delete Infobox Request = --> + <!--====================================================================== --> + <xsd:element name="InfoboxDeleteRequest" type="InfoboxDeleteRequestType"/> + <xsd:complexType name="InfoboxDeleteRequestType"> + <xsd:sequence> + <xsd:element name="InfoboxIdentifier" type="BoxIdentifierType"/> + </xsd:sequence> + </xsd:complexType> + <!--====================================================================== --> + <!--= Delete Infobox Response = --> + <!--====================================================================== --> + <xsd:element name="InfoboxDeleteResponse" type="InfoboxDeleteResponseType"/> + <xsd:complexType name="InfoboxDeleteResponseType"/> + <!--====================================================================== --> + <!--= Read Infobox Request = --> + <!--====================================================================== --> + <xsd:element name="InfoboxReadRequest" type="InfoboxReadRequestType"/> + <xsd:complexType name="InfoboxReadRequestType"> + <xsd:sequence> + <xsd:element name="InfoboxIdentifier" type="BoxIdentifierType"/> + <xsd:choice> + <xsd:element name="BinaryFileParameters" type="InfoboxReadParamsBinaryFileType"/> + <xsd:element name="AssocArrayParameters" type="InfoboxReadParamsAssocArrayType"/> + </xsd:choice> + <xsd:element name="BoxSpecificParameters" type="AnyChildrenType" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="InfoboxReadParamsBinaryFileType"> + <xsd:attribute name="ContentIsXMLEntity" type="xsd:boolean" use="optional" default="false"/> + </xsd:complexType> + <xsd:complexType name="InfoboxReadParamsAssocArrayType"> + <xsd:choice> + <xsd:element name="ReadKeys"> + <xsd:complexType> + <xsd:attribute name="SearchString" type="WildCardSearchStringType" use="required"/> + <xsd:attribute name="UserMakesUnique" type="xsd:boolean" use="optional" default="false"/> + </xsd:complexType> + </xsd:element> + <xsd:element name="ReadPairs"> + <xsd:complexType> + <xsd:attribute name="SearchString" type="WildCardSearchStringType" use="required"/> + <xsd:attribute name="UserMakesUnique" type="xsd:boolean" use="optional" default="false"/> + <xsd:attribute name="ValuesAreXMLEntities" type="xsd:boolean" use="optional" default="false"/> + </xsd:complexType> + </xsd:element> + <xsd:element name="ReadValue"> + <xsd:complexType> + <xsd:attribute name="Key" type="BoxIdentifierType" use="required"/> + <xsd:attribute name="ValueIsXMLEntity" type="xsd:boolean" use="optional" default="false"/> + </xsd:complexType> + </xsd:element> + </xsd:choice> + </xsd:complexType> + <xsd:element name="IdentityLinkDomainIdentifier" type="xsd:anyURI"/> + <!--====================================================================== --> + <!--= Read Infobox Response = --> + <!--====================================================================== --> + <xsd:element name="InfoboxReadResponse" type="InfoboxReadResponseType"/> + <xsd:complexType name="InfoboxReadResponseType"> + <xsd:choice> + <xsd:element name="BinaryFileData" type="Base64XMLContentType"/> + <xsd:element name="AssocArrayData" type="InfoboxReadDataAssocArrayType"/> + </xsd:choice> + </xsd:complexType> + <xsd:complexType name="InfoboxReadDataAssocArrayType"> + <xsd:choice> + <xsd:sequence minOccurs="0" maxOccurs="unbounded"> + <xsd:element name="Key" type="BoxIdentifierType"/> + </xsd:sequence> + <xsd:sequence minOccurs="0" maxOccurs="unbounded"> + <xsd:element name="Pair" type="InfoboxAssocArrayPairType"/> + </xsd:sequence> + </xsd:choice> + </xsd:complexType> + <!--====================================================================== --> + <!--= Update Infobox Request = --> + <!--====================================================================== --> + <xsd:element name="InfoboxUpdateRequest" type="InfoboxUpdateRequestType"/> + <xsd:complexType name="InfoboxUpdateRequestType"> + <xsd:sequence> + <xsd:element name="InfoboxIdentifier" type="BoxIdentifierType"/> + <xsd:choice> + <xsd:element name="BinaryFileParameters" type="Base64XMLContentType"/> + <xsd:element name="AssocArrayParameters" type="InfoboxUpdateParamsAssocArrayType"/> + </xsd:choice> + <xsd:element name="BoxSpecificParameters" type="AnyChildrenType" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="InfoboxUpdateParamsAssocArrayType"> + <xsd:choice> + <xsd:element name="UpdateKey"> + <xsd:complexType> + <xsd:attribute name="Key" type="xsd:token" use="required"/> + <xsd:attribute name="NewKey" type="xsd:token" use="required"/> + </xsd:complexType> + </xsd:element> + <xsd:element name="UpdateValue" type="InfoboxAssocArrayPairType"/> + <xsd:element name="DeletePair"> + <xsd:complexType> + <xsd:attribute name="Key" type="xsd:token" use="required"/> + </xsd:complexType> + </xsd:element> + </xsd:choice> + </xsd:complexType> + <!--====================================================================== --> + <!--= Update Infobox Response = --> + <!--====================================================================== --> + <xsd:element name="InfoboxUpdateResponse" type="InfoboxUpdateResponseType"/> + <xsd:complexType name="InfoboxUpdateResponseType"/> + <!--###################################################################### --> + <!--# Null-Operation # --> + <!--###################################################################### --> + <!--====================================================================== --> + <!--= Null-Operation ReQuest = --> + <!--====================================================================== --> + <xsd:element name="NullOperationRequest" type="NullOperationRequestType"/> + <xsd:complexType name="NullOperationRequestType"/> + <!--====================================================================== --> + <!--= Null-Operation Response = --> + <!--====================================================================== --> + <xsd:element name="NullOperationResponse" type="NullOperationResponseType"/> + <xsd:complexType name="NullOperationResponseType"/> + <!--###################################################################### --> + <!--# Get Properties # --> + <!--###################################################################### --> + <xsd:element name="GetPropertiesRequest"> + <xsd:complexType> + <xsd:complexContent> + <xsd:extension base="GetPropertiesRequestType"/> + </xsd:complexContent> + </xsd:complexType> + </xsd:element> + <xsd:complexType name="GetPropertiesRequestType"/> + <!--====================================================================== --> + <!--= Get Properties Response = --> + <!--====================================================================== --> + <xsd:element name="GetPropertiesResponse" type="GetPropertiesResponseType"/> + <xsd:complexType name="GetPropertiesResponseType"> + <xsd:sequence> + <xsd:element name="ViewerMediaType" type="MimeTypeType" maxOccurs="unbounded"/> + <xsd:element name="XMLSignatureTransform" type="xsd:anyURI" maxOccurs="unbounded"/> + <xsd:element name="KeyboxIdentifier" type="QualifiedBoxIdentifierType" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="Binding" type="BindingType" maxOccurs="unbounded"/> + <xsd:element name="ProtocolVersion" type="xsd:token" maxOccurs="unbounded"/> + <xsd:any namespace="##other" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="BindingType"> + <xsd:complexContent> + <xsd:extension base="AnyChildrenType"> + <xsd:attribute name="Identifier" type="xsd:token" use="required"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="QualifiedBoxIdentifierType"> + <xsd:simpleContent> + <xsd:extension base="BoxIdentifierType"> + <xsd:attribute name="Signature" type="xsd:boolean" use="required"/> + <xsd:attribute name="Encryption" type="xsd:boolean" use="required"/> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> + <!--###################################################################### --> + <!--# Get Token Status # --> + <!--###################################################################### --> + <!--====================================================================== --> + <!--= Get Token Status Request = --> + <!--====================================================================== --> + <xsd:element name="GetStatusRequest" type="GetStatusRequestType"/> + <xsd:complexType name="GetStatusRequestType"> + <xsd:sequence minOccurs="0"> + <xsd:element name="TokenStatus" type="TokenStatusType"/> + <xsd:element name="MaxDelay" type="xsd:nonNegativeInteger"/> + </xsd:sequence> + </xsd:complexType> + <!--====================================================================== --> + <!--= Get Token Status Response = --> + <!--====================================================================== --> + <xsd:element name="GetStatusResponse" type="GetStatusResponseType"/> + <xsd:complexType name="GetStatusResponseType"> + <xsd:sequence> + <xsd:element name="TokenStatus" type="TokenStatusType"/> + </xsd:sequence> + </xsd:complexType> + <xsd:simpleType name="TokenStatusType"> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="ready"/> + <xsd:enumeration value="removed"/> + </xsd:restriction> + </xsd:simpleType> + <!--###################################################################### --> + <!--# Error Response # --> + <!--###################################################################### --> + <xsd:element name="ErrorResponse" type="ErrorResponseType"/> + <xsd:complexType name="ErrorResponseType"> + <xsd:sequence> + <xsd:element name="ErrorCode" type="ErrorCodeType"/> + <xsd:element name="Info" type="xsd:string"/> + </xsd:sequence> + </xsd:complexType> + <xsd:simpleType name="ErrorCodeType"> + <xsd:restriction base="xsd:integer"> + <xsd:minInclusive value="1000"/> + <xsd:maxInclusive value="99999"/> + </xsd:restriction> + </xsd:simpleType> + <!--###################################################################### --> + <!--# Auxiliary Types # --> + <!--###################################################################### --> + <xsd:simpleType name="BoxIdentifierType"> + <xsd:restriction base="xsd:token"/> + </xsd:simpleType> + <xsd:simpleType name="MimeTypeType"> + <xsd:restriction base="xsd:token"/> + </xsd:simpleType> + <xsd:simpleType name="WildCardSearchStringType"> + <xsd:restriction base="xsd:string"> + <xsd:pattern value="[^\*/]*(\*[^\*/]*)?(/[^\*/]*(\*[^\*/]*)?)*"/> + <xsd:pattern value="\*\*"/> + </xsd:restriction> + </xsd:simpleType> + <xsd:complexType name="InfoboxAssocArrayPairType"> + <xsd:complexContent> + <xsd:extension base="Base64XMLContentType"> + <xsd:attribute name="Key" type="xsd:string" use="required"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="AnyChildrenType" mixed="false"> + <xsd:sequence minOccurs="0" maxOccurs="unbounded"> + <xsd:any namespace="##any" processContents="lax"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="AnyMixedChildrenType" mixed="true"> + <xsd:sequence minOccurs="0" maxOccurs="unbounded"> + <xsd:any namespace="##any" processContents="skip"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="XMLContentType" mixed="true"> + <xsd:complexContent mixed="true"> + <xsd:extension base="AnyMixedChildrenType"> + <xsd:attribute ref="xml:space" use="optional"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="Base64XMLLocRefOptRefContentType"> + <xsd:complexContent> + <xsd:extension base="Base64XMLLocRefContentType"> + <xsd:attribute name="Reference" type="xsd:anyURI" use="optional"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="Base64XMLLocRefReqRefContentType"> + <xsd:complexContent> + <xsd:extension base="Base64XMLLocRefContentType"> + <xsd:attribute name="Reference" type="xsd:anyURI" use="required"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="Base64XMLOptRefContentType"> + <xsd:complexContent> + <xsd:extension base="Base64XMLContentType"> + <xsd:attribute name="Reference" type="xsd:anyURI" use="optional"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="Base64OptRefContentType"> + <xsd:complexContent> + <xsd:extension base="Base64ContentType"> + <xsd:attribute name="Reference" type="xsd:anyURI" use="optional"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="Base64ContentType"> + <xsd:choice minOccurs="0"> + <xsd:element name="Base64Content" type="xsd:base64Binary"/> + </xsd:choice> + </xsd:complexType> + <xsd:complexType name="Base64XMLContentType"> + <xsd:choice minOccurs="0"> + <xsd:element name="Base64Content" type="xsd:base64Binary"/> + <xsd:element name="XMLContent" type="XMLContentType"/> + </xsd:choice> + </xsd:complexType> + <xsd:complexType name="Base64XMLLocRefContentType"> + <xsd:choice minOccurs="0"> + <xsd:element name="Base64Content" type="xsd:base64Binary"/> + <xsd:element name="XMLContent" type="XMLContentType"/> + <xsd:element name="LocRefContent" type="xsd:anyURI"/> + </xsd:choice> + </xsd:complexType> + <xsd:complexType name="DataObjectAssociationType"> + <xsd:sequence> + <xsd:element name="MetaInfo" type="MetaInfoType" minOccurs="0"/> + <xsd:element name="Content" type="Base64XMLLocRefReqRefContentType"/> + </xsd:sequence> + </xsd:complexType> +</xsd:schema> diff --git a/common/src/main/resources/resources/schemas/Core.20020225.xsd b/common/src/main/resources/resources/schemas/Core.20020225.xsd new file mode 100644 index 000000000..5dd2836a0 --- /dev/null +++ b/common/src/main/resources/resources/schemas/Core.20020225.xsd @@ -0,0 +1,399 @@ +<?xml version="1.0" encoding="UTF-8"?>
+<!-- Securitylayer, Schnittstellenspezifikation -->
+<!-- XML-Schema für Schnittstellenspezifikation Version 1.1.0, Protokollelemente im datierten Namespace 20020225 -->
+<!-- 31. 08. 2002, Operative Unit, CIO, BMOeLS -->
+<xsd:schema xmlns="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" targetNamespace="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.1.0">
+ <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/>
+ <xsd:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="http://www.w3.org/2001/xml.xsd"/>
+ <!--########### Create CMS Signature ###-->
+ <!--### Create CMS Signature Request ###-->
+ <xsd:element name="CreateCMSSignatureRequest" type="CreateCMSSignatureRequestType"/>
+ <xsd:complexType name="CreateCMSSignatureRequestType">
+ <xsd:sequence>
+ <xsd:element name="KeyboxIdentifier" type="BoxIdentifierType"/>
+ <xsd:element name="DataObject" type="CMSDataObjectRequiredMetaType"/>
+ </xsd:sequence>
+ <xsd:attribute name="Structure" use="required">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="detached"/>
+ <xsd:enumeration value="enveloping"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ </xsd:attribute>
+ </xsd:complexType>
+ <xsd:complexType name="CMSDataObjectRequiredMetaType">
+ <xsd:complexContent>
+ <xsd:restriction base="CMSDataObjectOptionalMetaType">
+ <xsd:sequence>
+ <xsd:element name="MetaInfo" type="MetaInfoType"/>
+ <xsd:element name="Content" type="CMSContentBaseType"/>
+ </xsd:sequence>
+ </xsd:restriction>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="CMSDataObjectOptionalMetaType">
+ <xsd:sequence>
+ <xsd:element name="MetaInfo" type="MetaInfoType" minOccurs="0"/>
+ <xsd:element name="Content" type="CMSContentBaseType"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="CMSContentBaseType">
+ <xsd:complexContent>
+ <xsd:restriction base="ContentOptionalRefType">
+ <xsd:choice minOccurs="0">
+ <xsd:element name="Base64Content" type="xsd:base64Binary"/>
+ </xsd:choice>
+ </xsd:restriction>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <!--### Create CMS Siganture Response ###-->
+ <xsd:element name="CreateCMSSignatureResponse" type="CreateCMSSignatureResponseType"/>
+ <xsd:complexType name="CreateCMSSignatureResponseType">
+ <xsd:sequence>
+ <xsd:element name="CMSSignature" type="xsd:base64Binary"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--########## Create XML Signature ###-->
+ <!--### Create XML Signature Request ###-->
+ <xsd:element name="CreateXMLSignatureRequest" type="CreateXMLSignatureRequestType"/>
+ <xsd:complexType name="CreateXMLSignatureRequestType">
+ <xsd:sequence>
+ <xsd:element name="KeyboxIdentifier" type="BoxIdentifierType"/>
+ <xsd:element name="DataObjectInfo" type="DataObjectInfoType" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="MetaInfoType">
+ <xsd:sequence>
+ <xsd:element name="MimeType" type="MimeTypeType"/>
+ <xsd:element name="Description" type="xsd:anyURI" minOccurs="0"/>
+ <xsd:any namespace="##other" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="DataObjectInfoType">
+ <xsd:sequence>
+ <xsd:element name="DataObject" type="ContentOptionalRefType"/>
+ <xsd:element name="TransformsInfo" type="TransformsInfoType" maxOccurs="unbounded"/>
+ <xsd:element name="Supplement" type="XMLDataObjectAssociationType" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ <xsd:attribute name="Structure" use="required">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="detached"/>
+ <xsd:enumeration value="enveloping"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ </xsd:attribute>
+ </xsd:complexType>
+ <xsd:complexType name="TransformsInfoType">
+ <xsd:sequence>
+ <xsd:element ref="dsig:Transforms" minOccurs="0"/>
+ <xsd:element name="FinalDataMetaInfo" type="MetaInfoType"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="XMLDataObjectAssociationType">
+ <xsd:sequence>
+ <xsd:element name="MetaInfo" type="MetaInfoType" minOccurs="0"/>
+ <xsd:element name="Content" type="ContentRequiredRefType"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--### Create XML Signature Response ###-->
+ <xsd:element name="CreateXMLSignatureResponse" type="CreateXMLSignatureResponseType"/>
+ <xsd:complexType name="CreateXMLSignatureResponseType">
+ <xsd:sequence>
+ <xsd:element ref="dsig:Signature"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--########## Verify CMS Signature ###-->
+ <!--### Verifiy CMS Signature Request ###-->
+ <xsd:element name="VerifyCMSSignatureRequest" type="VerifyCMSSignatureRequestType"/>
+ <xsd:complexType name="VerifyCMSSignatureRequestType">
+ <xsd:sequence>
+ <xsd:element name="DateTime" type="xsd:dateTime" minOccurs="0"/>
+ <xsd:element name="CMSSignature" type="xsd:base64Binary"/>
+ <xsd:element name="DataObject" type="CMSDataObjectOptionalMetaType" minOccurs="0"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--### Verify CMS Signature Response ###-->
+ <xsd:element name="VerifyCMSSignatureResponse" type="VerifyCMSSignatureResponseType"/>
+ <xsd:complexType name="VerifyCMSSignatureResponseType">
+ <xsd:sequence>
+ <xsd:element name="SignerInfo" type="dsig:KeyInfoType"/>
+ <xsd:element name="SignatureCheck" type="CheckResultType"/>
+ <xsd:element name="CertificateCheck" type="CheckResultType"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--########## Verify XML Signature ###-->
+ <!--### Verify XML Signature Request ###-->
+ <xsd:element name="VerifyXMLSignatureRequest" type="VerifyXMLSignatureRequestType"/>
+ <xsd:complexType name="VerifyXMLSignatureRequestType">
+ <xsd:sequence>
+ <xsd:element name="DateTime" type="xsd:dateTime" minOccurs="0"/>
+ <xsd:element name="SignatureInfo">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="SignatureEnvironment">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:any namespace="##any" processContents="skip"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="SignatureLocation" type="xsd:token"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="Supplement" type="XMLDataObjectAssociationType" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--### Verify XML Signature Response ###-->
+ <xsd:element name="VerifyXMLSignatureResponse" type="VerifyXMLSignatureResponseType"/>
+ <xsd:complexType name="VerifyXMLSignatureResponseType">
+ <xsd:sequence>
+ <xsd:element name="SignerInfo" type="dsig:KeyInfoType"/>
+ <xsd:element name="SignatureCheck" type="CheckResultType"/>
+ <xsd:element name="SignatureManifestCheck" type="CheckResultType"/>
+ <xsd:element name="CertificateCheck" type="CheckResultType"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="CheckResultType">
+ <xsd:sequence>
+ <xsd:element name="Code" type="xsd:nonNegativeInteger"/>
+ <xsd:element name="Info" type="AnyChildrenType" minOccurs="0"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--########## Infobox Commands ###-->
+ <!--### Check Available Infoboxes Request ###-->
+ <xsd:element name="InfoboxAvailableRequest" type="InfoboxAvailableRequestType"/>
+ <xsd:complexType name="InfoboxAvailableRequestType"/>
+ <!--### Check Available Infoboxes Response ###-->
+ <xsd:element name="InfoboxAvailableResponse" type="InfoboxAvailableResponseType"/>
+ <xsd:complexType name="InfoboxAvailableResponseType">
+ <xsd:sequence minOccurs="0" maxOccurs="unbounded">
+ <xsd:element name="InfoboxIdentifier" type="BoxIdentifierType"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--### Read Infobox Request ###-->
+ <xsd:element name="InfoboxReadRequest" type="InfoboxReadRequestType"/>
+ <xsd:complexType name="InfoboxReadRequestType">
+ <xsd:sequence>
+ <xsd:element name="InfoboxIdentifier" type="BoxIdentifierType"/>
+ <xsd:choice>
+ <xsd:element name="BinaryFileParameters" type="InfoboxReadParamsBinaryFileType"/>
+ <xsd:element name="AssocArrayParameters" type="InfoboxReadParamsAssocArrayType"/>
+ </xsd:choice>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="InfoboxReadParamsBinaryFileType">
+ <xsd:attribute name="ContentIsXMLEntity" type="xsd:boolean" use="optional" default="false"/>
+ </xsd:complexType>
+ <xsd:complexType name="InfoboxReadParamsAssocArrayType">
+ <xsd:choice>
+ <xsd:element name="ReadKeys">
+ <xsd:complexType>
+ <xsd:attribute name="SearchString" type="WildCardSearchStringType" use="required"/>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="ReadPairs">
+ <xsd:complexType>
+ <xsd:attribute name="SearchString" type="WildCardSearchStringType" use="required"/>
+ <xsd:attribute name="ValuesAreXMLEntities" type="xsd:boolean" use="optional" default="false"/>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="ReadValue">
+ <xsd:complexType>
+ <xsd:attribute name="Key" type="BoxIdentifierType" use="required"/>
+ <xsd:attribute name="ValueIsXMLEntity" type="xsd:boolean" use="optional" default="false"/>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:choice>
+ </xsd:complexType>
+ <!--### Read Infobox Response ###-->
+ <xsd:element name="InfoboxReadResponse" type="InfoboxReadResponseType"/>
+ <xsd:complexType name="InfoboxReadResponseType">
+ <xsd:choice>
+ <xsd:element name="BinaryFileData" type="ContentBaseType"/>
+ <xsd:element name="AssocArrayData" type="InfoboxReadDataAssocArrayType"/>
+ </xsd:choice>
+ </xsd:complexType>
+ <xsd:complexType name="InfoboxReadDataAssocArrayType">
+ <xsd:choice>
+ <xsd:sequence minOccurs="0" maxOccurs="unbounded">
+ <xsd:element name="Key" type="BoxIdentifierType"/>
+ </xsd:sequence>
+ <xsd:sequence minOccurs="0" maxOccurs="unbounded">
+ <xsd:element name="Pair" type="InfoboxAssocArrayPairType"/>
+ </xsd:sequence>
+ </xsd:choice>
+ </xsd:complexType>
+ <!--### Update Infobox Request ###-->
+ <xsd:element name="InfoboxUpdateRequest" type="InfoboxUpdateRequestType"/>
+ <xsd:complexType name="InfoboxUpdateRequestType">
+ <xsd:sequence>
+ <xsd:element name="InfoboxIdentifier" type="BoxIdentifierType"/>
+ <xsd:choice>
+ <xsd:element name="BinaryFileParameters" type="ContentBaseType"/>
+ <xsd:element name="AssocArrayParameters" type="InfoboxUpdateParamsAssocArrayType"/>
+ </xsd:choice>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="InfoboxUpdateParamsAssocArrayType">
+ <xsd:choice>
+ <xsd:element name="UpdateKey">
+ <xsd:complexType>
+ <xsd:attribute name="Key" type="xsd:token" use="required"/>
+ <xsd:attribute name="NewKey" type="xsd:token" use="required"/>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="UpdateValue" type="InfoboxAssocArrayPairType"/>
+ <xsd:element name="DeletePair">
+ <xsd:complexType>
+ <xsd:attribute name="Key" type="xsd:token" use="required"/>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:choice>
+ </xsd:complexType>
+ <!--### Update Infobox Response ###-->
+ <xsd:element name="InfoboxUpdateResponse" type="InfoboxUpdateResponseType"/>
+ <xsd:complexType name="InfoboxUpdateResponseType"/>
+ <!--########## Create Session Certificate ###-->
+ <!--### Create Session Certificate Request ###-->
+ <xsd:element name="CreateSessionKeyRequest" type="CreateSessionKeyRequestType"/>
+ <xsd:complexType name="CreateSessionKeyRequestType">
+ <xsd:sequence>
+ <xsd:element name="KeyboxIdentifier" type="BoxIdentifierType"/>
+ <xsd:element name="Password" type="xsd:string"/>
+ <xsd:element name="Minutes" type="xsd:positiveInteger"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--### Create Session Certificate Response ###-->
+ <xsd:element name="CreateSessionKeyResponse" type="CreateSessionKeyResponseType"/>
+ <xsd:complexType name="CreateSessionKeyResponseType">
+ <xsd:sequence>
+ <xsd:element name="PKCS12Object" type="xsd:base64Binary"/>
+ <xsd:element name="Certificate" type="xsd:base64Binary"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--########## Create Symmetric Key ###-->
+ <!--### Create SymmetricKey Request ###-->
+ <xsd:element name="CreateSymmetricSecretRequest" type="CreateSymmetricSecretRequestType"/>
+ <xsd:complexType name="CreateSymmetricSecretRequestType" mixed="false">
+ <xsd:sequence>
+ <xsd:element name="KeyboxIdentifier" type="BoxIdentifierType"/>
+ <xsd:element ref="dsig:KeyInfo"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--### Create SymmetricKey Response ###-->
+ <xsd:element name="CreateSymmetricSecretResponse" type="CreateSymmetricSecretResponseType"/>
+ <xsd:complexType name="CreateSymmetricSecretResponseType" mixed="false">
+ <xsd:sequence>
+ <xsd:element name="SymmetricSecretValue" type="xsd:base64Binary"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--########## Get Properties ###-->
+ <!--### Get Properties Request ###-->
+ <xsd:element name="GetPropertiesRequest" type="GetPropertiesRequestType"/>
+ <xsd:complexType name="GetPropertiesRequestType"/>
+ <!--### Get Properties Response ###-->
+ <xsd:element name="GetPropertiesResponse" type="GetPropertiesResponseType"/>
+ <xsd:complexType name="GetPropertiesResponseType">
+ <xsd:sequence>
+ <xsd:element name="ViewerMediaType" type="MimeTypeType" maxOccurs="unbounded"/>
+ <xsd:element name="XMLSignatureTransform" type="xsd:anyURI" minOccurs="5" maxOccurs="unbounded"/>
+ <xsd:element name="KeyboxIdentifier" type="BoxIdentifierType" minOccurs="2" maxOccurs="unbounded"/>
+ <xsd:element name="Binding" type="BindingType" minOccurs="2" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="BindingType" mixed="true">
+ <xsd:complexContent mixed="true">
+ <xsd:extension base="AnyChildrenType">
+ <xsd:attribute name="Identifier" type="xsd:token" use="required"/>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <!--########### Get Token Status ###-->
+ <!--### Get Token Status Reqeust ###-->
+ <xsd:element name="GetStatusRequest" type="GetStatusRequestType"/>
+ <xsd:complexType name="GetStatusRequestType">
+ <xsd:sequence minOccurs="0">
+ <xsd:element name="TokenStatus" type="TokenStatusType"/>
+ <xsd:element name="MaxDelay" type="xsd:nonNegativeInteger"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--### Get Token Status Response ###-->
+ <xsd:element name="GetStatusResponse" type="GetStatusResponseType"/>
+ <xsd:complexType name="GetStatusResponseType">
+ <xsd:sequence>
+ <xsd:element name="TokenStatus" type="TokenStatusType"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:simpleType name="TokenStatusType">
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="ready"/>
+ <xsd:enumeration value="removed"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ <!--########## Error Response ###-->
+ <xsd:element name="ErrorResponse" type="ErrorResponseType"/>
+ <xsd:complexType name="ErrorResponseType">
+ <xsd:sequence>
+ <xsd:element name="ErrorCode" type="xsd:integer"/>
+ <xsd:element name="Info" type="xsd:string"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--########## Auxiliary Types ###-->
+ <xsd:simpleType name="BoxIdentifierType">
+ <xsd:restriction base="xsd:token"/>
+ </xsd:simpleType>
+ <xsd:simpleType name="MimeTypeType">
+ <xsd:restriction base="xsd:token"/>
+ </xsd:simpleType>
+ <xsd:simpleType name="WildCardSearchStringType">
+ <xsd:restriction base="xsd:string">
+ <xsd:pattern value="[^\*/]*(\*[^\*/]*)?(/[^\*/]*(\*[^\*/]*)?)*"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ <xsd:complexType name="AnyChildrenType" mixed="true">
+ <xsd:sequence minOccurs="0" maxOccurs="unbounded">
+ <xsd:any namespace="##any" processContents="skip"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="XMLContentType" mixed="true">
+ <xsd:complexContent mixed="true">
+ <xsd:extension base="AnyChildrenType">
+ <xsd:attribute ref="xml:space" use="optional"/>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="ContentBaseType">
+ <xsd:choice minOccurs="0">
+ <xsd:element name="Base64Content" type="xsd:base64Binary"/>
+ <xsd:element name="XMLContent" type="XMLContentType"/>
+ </xsd:choice>
+ </xsd:complexType>
+ <xsd:complexType name="ContentOptionalRefType">
+ <xsd:complexContent>
+ <xsd:extension base="ContentBaseType">
+ <xsd:attribute name="Reference" type="xsd:anyURI" use="optional"/>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="ContentRequiredRefType">
+ <xsd:complexContent>
+ <xsd:restriction base="ContentOptionalRefType">
+ <xsd:choice>
+ <xsd:element name="Base64Content" type="xsd:base64Binary"/>
+ <xsd:element name="XMLContent" type="XMLContentType"/>
+ </xsd:choice>
+ <xsd:attribute name="Reference" type="xsd:anyURI" use="required"/>
+ </xsd:restriction>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="InfoboxAssocArrayPairType">
+ <xsd:complexContent>
+ <xsd:extension base="ContentBaseType">
+ <xsd:attribute name="Key" type="xsd:string" use="required"/>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+</xsd:schema>
diff --git a/common/src/main/resources/resources/schemas/Core.20020831.xsd b/common/src/main/resources/resources/schemas/Core.20020831.xsd new file mode 100644 index 000000000..6ec40be63 --- /dev/null +++ b/common/src/main/resources/resources/schemas/Core.20020831.xsd @@ -0,0 +1,153 @@ +<?xml version="1.0" encoding="UTF-8"?>
+<!-- Securitylayer, Schnittstellenspezifikation -->
+<!-- XML-Schema für Schnittstellenspezifikation Version 1.1.0, Protokollelemente im datierten Namespace 20020831 -->
+<!-- 31. 08. 2002, Operative Unit, CIO, BMOeLS -->
+<xsd:schema targetNamespace="http://www.buergerkarte.at/namespaces/securitylayer/20020831#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://www.buergerkarte.at/namespaces/securitylayer/20020831#" xmlns:sl10="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.1.0">
+ <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/>
+ <xsd:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="http://www.w3.org/2001/xml.xsd"/>
+ <xsd:import namespace="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" schemaLocation="Core.20020225.xsd"/>
+ <!--########## Create XML Signature ###-->
+ <!--### Create XML Signature Request ###-->
+ <xsd:element name="CreateXMLSignatureRequest" type="CreateXMLSignatureRequestType"/>
+ <xsd:complexType name="CreateXMLSignatureRequestType">
+ <xsd:sequence>
+ <xsd:element name="KeyboxIdentifier" type="sl10:BoxIdentifierType"/>
+ <xsd:element name="DataObjectInfo" type="sl10:DataObjectInfoType" maxOccurs="unbounded"/>
+ <xsd:element name="SignatureInfo" type="SignatureInfoCreationType" minOccurs="0"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="SignatureInfoCreationType">
+ <xsd:sequence>
+ <xsd:element name="SignatureEnvironment" type="sl10:ContentOptionalRefType"/>
+ <xsd:element name="SignatureLocation">
+ <xsd:complexType>
+ <xsd:simpleContent>
+ <xsd:extension base="xsd:token">
+ <xsd:attribute name="Index" type="xsd:nonNegativeInteger" use="required"/>
+ </xsd:extension>
+ </xsd:simpleContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="Supplement" type="sl10:XMLDataObjectAssociationType" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--### Create XML Signature Response ###-->
+ <xsd:element name="CreateXMLSignatureResponse" type="CreateXMLSignatureResponseType"/>
+ <xsd:complexType name="CreateXMLSignatureResponseType">
+ <xsd:sequence>
+ <xsd:any namespace="##any" processContents="lax"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--########## Verify CMS Signature ###-->
+ <!--### Verifiy CMS Signature Request ###-->
+ <xsd:element name="VerifyCMSSignatureRequest" type="VerifyCMSSignatureRequestType"/>
+ <xsd:complexType name="VerifyCMSSignatureRequestType">
+ <xsd:sequence>
+ <xsd:element name="DateTime" type="xsd:dateTime" minOccurs="0"/>
+ <xsd:element name="CMSSignature" type="xsd:base64Binary"/>
+ <xsd:element name="DataObject" type="sl10:CMSDataObjectOptionalMetaType" minOccurs="0"/>
+ </xsd:sequence>
+ <xsd:attribute name="Signatories" type="SignatoriesType" use="optional" default="1"/>
+ </xsd:complexType>
+ <xsd:simpleType name="SignatoriesType">
+ <xsd:union memberTypes="AllSignatoriesType">
+ <xsd:simpleType>
+ <xsd:list itemType="xsd:positiveInteger"/>
+ </xsd:simpleType>
+ </xsd:union>
+ </xsd:simpleType>
+ <xsd:simpleType name="AllSignatoriesType">
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="all"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ <!--### Verify CMS Signature Response ###-->
+ <xsd:element name="VerifyCMSSignatureResponse" type="VerifyCMSSignatureResponseType"/>
+ <xsd:complexType name="VerifyCMSSignatureResponseType">
+ <xsd:sequence maxOccurs="unbounded">
+ <xsd:element name="SignerInfo" type="dsig:KeyInfoType"/>
+ <xsd:element name="SignatureCheck" type="sl10:CheckResultType"/>
+ <xsd:element name="CertificateCheck" type="sl10:CheckResultType"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:element name="QualifiedCertificate"/>
+ <!--########## Verify XML Signature ###-->
+ <!--### Verify XML Signature Request ###-->
+ <xsd:element name="VerifyXMLSignatureRequest" type="VerifyXMLSignatureRequestType"/>
+ <xsd:complexType name="VerifyXMLSignatureRequestType">
+ <xsd:sequence>
+ <xsd:element name="DateTime" type="xsd:dateTime" minOccurs="0"/>
+ <xsd:element name="SignatureInfo" type="SignatureInfoVerificationType"/>
+ <xsd:element name="Supplement" type="sl10:XMLDataObjectAssociationType" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="SignatureInfoVerificationType">
+ <xsd:sequence>
+ <xsd:element name="SignatureEnvironment" type="sl10:ContentOptionalRefType"/>
+ <xsd:element name="SignatureLocation" type="xsd:token"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--### Verify XML Signature Response ###-->
+ <xsd:element name="VerifyXMLSignatureResponse" type="VerifyXMLSignatureResponseType"/>
+ <xsd:complexType name="VerifyXMLSignatureResponseType">
+ <xsd:sequence>
+ <xsd:element name="SignerInfo" type="dsig:KeyInfoType"/>
+ <xsd:element name="SignatureCheck" type="ReferencesCheckResultType"/>
+ <xsd:element name="SignatureManifestCheck" type="ReferencesCheckResultType"/>
+ <xsd:element name="XMLDSIGManifestCheck" type="ManifestRefsCheckResultType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="CertificateCheck" type="sl10:CheckResultType"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="ReferencesCheckResultType">
+ <xsd:complexContent>
+ <xsd:restriction base="sl10:CheckResultType">
+ <xsd:sequence>
+ <xsd:element name="Code" type="xsd:nonNegativeInteger"/>
+ <xsd:element name="Info" type="ReferencesCheckResultInfoType" minOccurs="0"/>
+ </xsd:sequence>
+ </xsd:restriction>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="ReferencesCheckResultInfoType" mixed="true">
+ <xsd:complexContent mixed="true">
+ <xsd:restriction base="sl10:AnyChildrenType">
+ <xsd:sequence>
+ <xsd:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="FailedReference" type="xsd:positiveInteger" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:restriction>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="ManifestRefsCheckResultType">
+ <xsd:complexContent>
+ <xsd:restriction base="sl10:CheckResultType">
+ <xsd:sequence>
+ <xsd:element name="Code" type="xsd:nonNegativeInteger"/>
+ <xsd:element name="Info" type="ManifestRefsCheckResultInfoType"/>
+ </xsd:sequence>
+ </xsd:restriction>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="ManifestRefsCheckResultInfoType" mixed="true">
+ <xsd:complexContent mixed="true">
+ <xsd:extension base="ReferencesCheckResultInfoType">
+ <xsd:sequence>
+ <xsd:element name="ReferringSigReference" type="xsd:positiveInteger"/>
+ </xsd:sequence>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <!--########## Get Properties ###-->
+ <!--### Get Properties Response ###-->
+ <xsd:element name="GetPropertiesResponse" type="GetPropertiesResponseType"/>
+ <xsd:complexType name="GetPropertiesResponseType">
+ <xsd:sequence>
+ <xsd:element name="ViewerMediaType" type="sl10:MimeTypeType" maxOccurs="unbounded"/>
+ <xsd:element name="XMLSignatureTransform" type="xsd:anyURI" maxOccurs="unbounded"/>
+ <xsd:element name="KeyboxIdentifier" type="sl10:BoxIdentifierType" maxOccurs="unbounded"/>
+ <xsd:element name="Binding" type="sl10:BindingType" maxOccurs="unbounded"/>
+ <xsd:element name="ProtocolVersion" type="xsd:anyURI" maxOccurs="unbounded"/>
+ <xsd:any namespace="##other" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+</xsd:schema>
diff --git a/common/src/main/resources/resources/schemas/ECDSAKeyValue.ancient.xsd b/common/src/main/resources/resources/schemas/ECDSAKeyValue.ancient.xsd new file mode 100644 index 000000000..833d327f2 --- /dev/null +++ b/common/src/main/resources/resources/schemas/ECDSAKeyValue.ancient.xsd @@ -0,0 +1,122 @@ +<?xml version="1.0" encoding="UTF-8"?> +<xs:schema targetNamespace="http://www.buergerkarte.at/namespaces/ecdsa/200206030#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:ecdsa="http://www.buergerkarte.at/namespaces/ecdsa/200206030#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="0.3"> + <!--ECDSA key value root element--> + <xs:element name="ECDSAKeyValue" type="ecdsa:ECDSAKeyValueType"/> + <xs:complexType name="ECDSAKeyValueType"> + <xs:sequence> + <xs:element name="DomainParameters" type="ecdsa:DomainParamsType" minOccurs="0"/> + <xs:element name="PublicKey" type="ecdsa:ECPointType"/> + </xs:sequence> + </xs:complexType> + <!--EC domain parameters--> + <xs:complexType name="DomainParamsType"> + <xs:choice> + <xs:element name="ExplicitParams" type="ecdsa:ExplicitParamsType"/> + <xs:element name="NamedCurve"> + <xs:complexType> + <xs:attribute name="URN" type="xs:anyURI" use="required"/> + </xs:complexType> + </xs:element> + </xs:choice> + </xs:complexType> + <xs:complexType name="FieldParamsType" abstract="true"/> + <xs:complexType name="PrimeFieldParamsType"> + <xs:complexContent> + <xs:extension base="ecdsa:FieldParamsType"> + <xs:sequence> + <xs:element name="P" type="xs:positiveInteger"/> + </xs:sequence> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <xs:complexType name="CharTwoFieldParamsType" abstract="true"> + <xs:complexContent> + <xs:extension base="ecdsa:FieldParamsType"> + <xs:sequence> + <xs:element name="M" type="xs:positiveInteger"/> + </xs:sequence> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <xs:complexType name="OddCharExtensionFieldParamsType"> + <xs:complexContent> + <xs:extension base="ecdsa:FieldParamsType"> + <xs:sequence> + <xs:element name="M" type="xs:positiveInteger"/> + <xs:element name="W" type="xs:positiveInteger"/> + </xs:sequence> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <xs:complexType name="TnBFieldParamsType"> + <xs:complexContent> + <xs:extension base="ecdsa:CharTwoFieldParamsType"> + <xs:sequence> + <xs:element name="K" type="xs:positiveInteger"/> + </xs:sequence> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <xs:complexType name="PnBFieldParamsType"> + <xs:complexContent> + <xs:extension base="ecdsa:CharTwoFieldParamsType"> + <xs:sequence> + <xs:element name="K1" type="xs:positiveInteger"/> + <xs:element name="K2" type="xs:positiveInteger"/> + <xs:element name="K3" type="xs:positiveInteger"/> + </xs:sequence> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <xs:complexType name="ExplicitParamsType"> + <xs:sequence> + <xs:element name="FieldParams" type="ecdsa:FieldParamsType"/> + <xs:element name="CurveParams" type="ecdsa:CurveParamsType"/> + <xs:element name="BasePointParams" type="ecdsa:BasePointParamsType"/> + </xs:sequence> + </xs:complexType> + <xs:complexType name="CurveParamsType"> + <xs:sequence> + <xs:element name="A" type="ecdsa:FieldElemType"/> + <xs:element name="B" type="ecdsa:FieldElemType"/> + <xs:element name="Seed" type="xs:hexBinary" minOccurs="0"/> + </xs:sequence> + </xs:complexType> + <xs:complexType name="BasePointParamsType"> + <xs:sequence> + <xs:element name="BasePoint" type="ecdsa:ECPointType"/> + <xs:element name="Order" type="xs:positiveInteger"/> + <xs:element name="Cofactor" type="xs:positiveInteger" minOccurs="0"/> + </xs:sequence> + </xs:complexType> + <!--EC point--> + <xs:complexType name="ECPointType"> + <xs:sequence minOccurs="0"> + <xs:element name="X" type="ecdsa:FieldElemType"/> + <xs:element name="Y" type="ecdsa:FieldElemType"/> + </xs:sequence> + </xs:complexType> + <!--Field element--> + <xs:complexType name="FieldElemType" abstract="true"/> + <xs:complexType name="PrimeFieldElemType"> + <xs:complexContent> + <xs:extension base="ecdsa:FieldElemType"> + <xs:attribute name="Value" type="xs:nonNegativeInteger" use="required"/> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <xs:complexType name="CharTwoFieldElemType"> + <xs:complexContent> + <xs:extension base="ecdsa:FieldElemType"> + <xs:attribute name="Value" type="xs:hexBinary" use="required"/> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <xs:complexType name="OddCharExtensionFieldElemType"> + <xs:complexContent> + <xs:extension base="ecdsa:FieldElemType"> + <xs:attribute name="Value" type="xs:nonNegativeInteger" use="required"/> + </xs:extension> + </xs:complexContent> + </xs:complexType> +</xs:schema> diff --git a/common/src/main/resources/resources/schemas/ECDSAKeyValue.wrong.xsd b/common/src/main/resources/resources/schemas/ECDSAKeyValue.wrong.xsd new file mode 100644 index 000000000..db83c9df5 --- /dev/null +++ b/common/src/main/resources/resources/schemas/ECDSAKeyValue.wrong.xsd @@ -0,0 +1,122 @@ +<?xml version="1.0" encoding="UTF-8"?> +<xs:schema targetNamespace="http://www.w3.org/2004/01/xmldsig-more#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:ecdsa="http://www.w3.org/2004/01/xmldsig-more#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="0.3"> + <!--ECDSA key value root element--> + <xs:element name="ECDSAKeyValue" type="ecdsa:ECDSAKeyValueType"/> + <xs:complexType name="ECDSAKeyValueType"> + <xs:sequence> + <xs:element name="DomainParameters" type="ecdsa:DomainParamsType" minOccurs="0"/> + <xs:element name="PublicKey" type="ecdsa:ECPointType"/> + </xs:sequence> + </xs:complexType> + <!--EC domain parameters--> + <xs:complexType name="DomainParamsType"> + <xs:choice> + <xs:element name="ExplicitParams" type="ecdsa:ExplicitParamsType"/> + <xs:element name="NamedCurve"> + <xs:complexType> + <xs:attribute name="URN" type="xs:anyURI" use="required"/> + </xs:complexType> + </xs:element> + </xs:choice> + </xs:complexType> + <xs:complexType name="FieldParamsType" abstract="true"/> + <xs:complexType name="PrimeFieldParamsType"> + <xs:complexContent> + <xs:extension base="ecdsa:FieldParamsType"> + <xs:sequence> + <xs:element name="P" type="xs:positiveInteger"/> + </xs:sequence> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <xs:complexType name="CharTwoFieldParamsType" abstract="true"> + <xs:complexContent> + <xs:extension base="ecdsa:FieldParamsType"> + <xs:sequence> + <xs:element name="M" type="xs:positiveInteger"/> + </xs:sequence> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <xs:complexType name="OddCharExtensionFieldParamsType"> + <xs:complexContent> + <xs:extension base="ecdsa:FieldParamsType"> + <xs:sequence> + <xs:element name="M" type="xs:positiveInteger"/> + <xs:element name="W" type="xs:positiveInteger"/> + </xs:sequence> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <xs:complexType name="TnBFieldParamsType"> + <xs:complexContent> + <xs:extension base="ecdsa:CharTwoFieldParamsType"> + <xs:sequence> + <xs:element name="K" type="xs:positiveInteger"/> + </xs:sequence> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <xs:complexType name="PnBFieldParamsType"> + <xs:complexContent> + <xs:extension base="ecdsa:CharTwoFieldParamsType"> + <xs:sequence> + <xs:element name="K1" type="xs:positiveInteger"/> + <xs:element name="K2" type="xs:positiveInteger"/> + <xs:element name="K3" type="xs:positiveInteger"/> + </xs:sequence> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <xs:complexType name="ExplicitParamsType"> + <xs:sequence> + <xs:element name="FieldParams" type="ecdsa:FieldParamsType"/> + <xs:element name="CurveParams" type="ecdsa:CurveParamsType"/> + <xs:element name="BasePointParams" type="ecdsa:BasePointParamsType"/> + </xs:sequence> + </xs:complexType> + <xs:complexType name="CurveParamsType"> + <xs:sequence> + <xs:element name="A" type="ecdsa:FieldElemType"/> + <xs:element name="B" type="ecdsa:FieldElemType"/> + <xs:element name="Seed" type="xs:hexBinary" minOccurs="0"/> + </xs:sequence> + </xs:complexType> + <xs:complexType name="BasePointParamsType"> + <xs:sequence> + <xs:element name="BasePoint" type="ecdsa:ECPointType"/> + <xs:element name="Order" type="xs:positiveInteger"/> + <xs:element name="Cofactor" type="xs:positiveInteger" minOccurs="0"/> + </xs:sequence> + </xs:complexType> + <!--EC point--> + <xs:complexType name="ECPointType"> + <xs:sequence minOccurs="0"> + <xs:element name="X" type="ecdsa:FieldElemType"/> + <xs:element name="Y" type="ecdsa:FieldElemType"/> + </xs:sequence> + </xs:complexType> + <!--Field element--> + <xs:complexType name="FieldElemType" abstract="true"/> + <xs:complexType name="PrimeFieldElemType"> + <xs:complexContent> + <xs:extension base="ecdsa:FieldElemType"> + <xs:attribute name="Value" type="xs:nonNegativeInteger" use="required"/> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <xs:complexType name="CharTwoFieldElemType"> + <xs:complexContent> + <xs:extension base="ecdsa:FieldElemType"> + <xs:attribute name="Value" type="xs:hexBinary" use="required"/> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <xs:complexType name="OddCharExtensionFieldElemType"> + <xs:complexContent> + <xs:extension base="ecdsa:FieldElemType"> + <xs:attribute name="Value" type="xs:nonNegativeInteger" use="required"/> + </xs:extension> + </xs:complexContent> + </xs:complexType> +</xs:schema> diff --git a/common/src/main/resources/resources/schemas/ECDSAKeyValue.xsd b/common/src/main/resources/resources/schemas/ECDSAKeyValue.xsd new file mode 100644 index 000000000..7a01b23d1 --- /dev/null +++ b/common/src/main/resources/resources/schemas/ECDSAKeyValue.xsd @@ -0,0 +1,122 @@ +<?xml version="1.0" encoding="UTF-8"?> +<xs:schema targetNamespace="http://www.w3.org/2001/04/xmldsig-more#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:ecdsa="http://www.w3.org/2001/04/xmldsig-more#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="0.3"> + <!--ECDSA key value root element--> + <xs:element name="ECDSAKeyValue" type="ecdsa:ECDSAKeyValueType"/> + <xs:complexType name="ECDSAKeyValueType"> + <xs:sequence> + <xs:element name="DomainParameters" type="ecdsa:DomainParamsType" minOccurs="0"/> + <xs:element name="PublicKey" type="ecdsa:ECPointType"/> + </xs:sequence> + </xs:complexType> + <!--EC domain parameters--> + <xs:complexType name="DomainParamsType"> + <xs:choice> + <xs:element name="ExplicitParams" type="ecdsa:ExplicitParamsType"/> + <xs:element name="NamedCurve"> + <xs:complexType> + <xs:attribute name="URN" type="xs:anyURI" use="required"/> + </xs:complexType> + </xs:element> + </xs:choice> + </xs:complexType> + <xs:complexType name="FieldParamsType" abstract="true"/> + <xs:complexType name="PrimeFieldParamsType"> + <xs:complexContent> + <xs:extension base="ecdsa:FieldParamsType"> + <xs:sequence> + <xs:element name="P" type="xs:positiveInteger"/> + </xs:sequence> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <xs:complexType name="CharTwoFieldParamsType" abstract="true"> + <xs:complexContent> + <xs:extension base="ecdsa:FieldParamsType"> + <xs:sequence> + <xs:element name="M" type="xs:positiveInteger"/> + </xs:sequence> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <xs:complexType name="OddCharExtensionFieldParamsType"> + <xs:complexContent> + <xs:extension base="ecdsa:FieldParamsType"> + <xs:sequence> + <xs:element name="M" type="xs:positiveInteger"/> + <xs:element name="W" type="xs:positiveInteger"/> + </xs:sequence> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <xs:complexType name="TnBFieldParamsType"> + <xs:complexContent> + <xs:extension base="ecdsa:CharTwoFieldParamsType"> + <xs:sequence> + <xs:element name="K" type="xs:positiveInteger"/> + </xs:sequence> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <xs:complexType name="PnBFieldParamsType"> + <xs:complexContent> + <xs:extension base="ecdsa:CharTwoFieldParamsType"> + <xs:sequence> + <xs:element name="K1" type="xs:positiveInteger"/> + <xs:element name="K2" type="xs:positiveInteger"/> + <xs:element name="K3" type="xs:positiveInteger"/> + </xs:sequence> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <xs:complexType name="ExplicitParamsType"> + <xs:sequence> + <xs:element name="FieldParams" type="ecdsa:FieldParamsType"/> + <xs:element name="CurveParams" type="ecdsa:CurveParamsType"/> + <xs:element name="BasePointParams" type="ecdsa:BasePointParamsType"/> + </xs:sequence> + </xs:complexType> + <xs:complexType name="CurveParamsType"> + <xs:sequence> + <xs:element name="A" type="ecdsa:FieldElemType"/> + <xs:element name="B" type="ecdsa:FieldElemType"/> + <xs:element name="Seed" type="xs:hexBinary" minOccurs="0"/> + </xs:sequence> + </xs:complexType> + <xs:complexType name="BasePointParamsType"> + <xs:sequence> + <xs:element name="BasePoint" type="ecdsa:ECPointType"/> + <xs:element name="Order" type="xs:positiveInteger"/> + <xs:element name="Cofactor" type="xs:positiveInteger" minOccurs="0"/> + </xs:sequence> + </xs:complexType> + <!--EC point--> + <xs:complexType name="ECPointType"> + <xs:sequence minOccurs="0"> + <xs:element name="X" type="ecdsa:FieldElemType"/> + <xs:element name="Y" type="ecdsa:FieldElemType"/> + </xs:sequence> + </xs:complexType> + <!--Field element--> + <xs:complexType name="FieldElemType" abstract="true"/> + <xs:complexType name="PrimeFieldElemType"> + <xs:complexContent> + <xs:extension base="ecdsa:FieldElemType"> + <xs:attribute name="Value" type="xs:nonNegativeInteger" use="required"/> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <xs:complexType name="CharTwoFieldElemType"> + <xs:complexContent> + <xs:extension base="ecdsa:FieldElemType"> + <xs:attribute name="Value" type="xs:hexBinary" use="required"/> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <xs:complexType name="OddCharExtensionFieldElemType"> + <xs:complexContent> + <xs:extension base="ecdsa:FieldElemType"> + <xs:attribute name="Value" type="xs:nonNegativeInteger" use="required"/> + </xs:extension> + </xs:complexContent> + </xs:complexType> +</xs:schema> diff --git a/common/src/main/resources/resources/schemas/MOA-ID-Configuration-1.2.xsd b/common/src/main/resources/resources/schemas/MOA-ID-Configuration-1.2.xsd new file mode 100644 index 000000000..4b018db64 --- /dev/null +++ b/common/src/main/resources/resources/schemas/MOA-ID-Configuration-1.2.xsd @@ -0,0 +1,350 @@ +<?xml version="1.0" encoding="UTF-8"?>
+<!-- edited with XMLSPY v5 rel. 4 U (http://www.xmlspy.com) by Rudolf Schamberger (Stabsstelle IKT-Strategie) (Bundesrechenzentrum GmbH) -->
+<xsd:schema targetNamespace="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:sl10="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.1.1">
+ <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/>
+ <xsd:import namespace="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" schemaLocation="http://www.buergerkarte.at/konzept/securitylayer/spezifikation/20020831/core/Core.20020225.xsd"/>
+ <xsd:element name="Configuration">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="LoginType" type="LoginType" default="stateful"/>
+ <xsd:element name="Binding" minOccurs="0" maxOccurs="1">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="full"/>
+ <xsd:enumeration value="userName"/>
+ <xsd:enumeration value="none"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ </xsd:element>
+ <xsd:choice>
+ <xsd:element ref="ParamAuth"/>
+ <xsd:element ref="BasicAuth"/>
+ <xsd:element ref="HeaderAuth"/>
+ </xsd:choice>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:simpleType name="LoginType">
+ <xsd:restriction base="xsd:token">
+ <xsd:enumeration value="stateless"/>
+ <xsd:enumeration value="stateful"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ <xsd:element name="ParamAuth">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="Parameter" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="Parameter">
+ <xsd:complexType>
+ <xsd:attribute name="Name" type="xsd:token" use="required"/>
+ <xsd:attribute name="Value" type="MOAAuthDataType" use="required"/>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="BasicAuth">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="UserID" type="MOAAuthDataType"/>
+ <xsd:element name="Password" type="MOAAuthDataType"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="HeaderAuth">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="Header" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="Header">
+ <xsd:complexType>
+ <xsd:attribute name="Name" type="xsd:token" use="required"/>
+ <xsd:attribute name="Value" type="MOAAuthDataType" use="required"/>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:simpleType name="MOAAuthDataType">
+ <xsd:restriction base="xsd:token">
+ <xsd:enumeration value="MOAGivenName"/>
+ <xsd:enumeration value="MOAFamilyName"/>
+ <xsd:enumeration value="MOADateOfBirth"/>
+ <xsd:enumeration value="MOABPK"/>
+ <xsd:enumeration value="MOAPublicAuthority"/>
+ <xsd:enumeration value="MOABKZ"/>
+ <xsd:enumeration value="MOAQualifiedCertificate"/>
+ <xsd:enumeration value="MOAStammzahl"/>
+ <xsd:enumeration value="MOAIdentificationValueType"/>
+ <xsd:enumeration value="MOAIPAddress"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ <xsd:simpleType name="MOAKeyBoxSelector">
+ <xsd:restriction base="xsd:token">
+ <xsd:enumeration value="SecureSignatureKeypair"/>
+ <xsd:enumeration value="CertifiedKeypair"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ <!--Konfiguration für Authentisierungs- und Proxy-Komponente und Online-Applikation-->
+ <xsd:element name="MOA-IDConfiguration">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="AuthComponent" type="AuthComponentType" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter der
+ Authentisierungs-Komponente</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="ProxyComponent" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>enthält Konfigurationsparameter der
+ Proxy-Komponente</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="AuthComponent">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter für die Kommunikation zw.
+ Proxykomponente und Authenttisierungskomponente</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter für die SOAP-Verbindung von der
+ Proxy-Komponente zur Auth-Komponente (vgl.
+ AuthComponent/MOA-SP/ConnectionParameter)</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="OnlineApplication" maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter für die OA</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="OnlineApplicationType">
+ <xsd:attribute name="publicURLPrefix" type="xsd:anyURI" use="required"/>
+ <xsd:attribute name="keyBoxIdentifier" type="MOAKeyBoxSelector" use="optional" default="SecureSignatureKeypair"/>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="ChainingModes" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>spezifiziert den Algorithmus ("pkix" oder "chaining") für die
+ Zertifikatspfadvalidierung</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence minOccurs="0" maxOccurs="unbounded">
+ <xsd:element name="TrustAnchor">
+ <xsd:annotation>
+ <xsd:documentation>ein vom SystemDefaultMode abweichender ChiningMode kann
+ für jeden TrustAnchor gesetzt werden</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="dsig:X509IssuerSerialType">
+ <xsd:attribute name="mode" type="ChainingModeType" use="required"/>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ <xsd:attribute name="systemDefaultMode" type="ChainingModeType" use="optional" default="pkix"/>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="TrustedCACertificates" type="xsd:anyURI" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>verweist auf ein Verzeichnis, das vertrauenswürdige CA
+ (Zwischen-CA, Wurzel-CA) Zertifikate enthält.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="GenericConfiguration" minOccurs="0" maxOccurs="unbounded">
+ <xsd:complexType>
+ <xsd:attribute name="name" type="xsd:string" use="required"/>
+ <xsd:attribute name="value" type="xsd:string" use="required"/>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:complexType name="AuthComponentType">
+ <xsd:sequence>
+ <xsd:element name="BKUSelection" minOccurs="0">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="ConnectionParameter" type="ConnectionParameterServerAuthType"/>
+ </xsd:sequence>
+ <xsd:attribute name="BKUSelectionAlternative" type="BKUSelectionType" use="optional" default="HTMLComplete"/>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="SecurityLayer">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter für die Kommunikation mit dem
+ Security-Layer</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="TransformsInfo" maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>das Attribut filename verweist auf eine Datei mit globalem
+ Element TransformsInfo vom Typ sl10:TransformsInfo; diese TransformsInfo
+ werden in den CreateXMLSignatureRequest für die Signatur des AUTH-Blocks
+ inkludiert</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:attribute name="filename" type="xsd:anyURI" use="required"/>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="MOA-SP">
+ <xsd:annotation>
+ <xsd:documentation>enthält Konfiguratiosnparameter für die Kommunikation mit dem MOA
+ SP Modul</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter für die SOAP-Verbindung von der
+ AUTH-Komponente zu MOA-SP; das Attribut URL enthält den Endpunkt des Server;
+ wird das Schema "https" verwendet müssen die Kind-Elemente angegeben werden;
+ wird das Schema "http" verwendet dürfen keine Kind-Elemente angegeben
+ werden; wird das Element nicht verwendet dann wird MOA-SP über das API
+ aufgerufen</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="VerifyIdentityLink">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter für die Überprüfung der
+ Personenbindung</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="TrustProfileID"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="VerifyAuthBlock">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter für die Überprüfung des
+ AUTH-Blocks</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="TrustProfileID"/>
+ <xsd:element name="VerifyTransformsInfoProfileID" type="xsd:string" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="IdentityLinkSigners">
+ <xsd:annotation>
+ <xsd:documentation>enthält Informationen über akzeptierte Signers des
+ IdentityLinks</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="X509SubjectName" type="xsd:string" maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>akzeptierte Signer des IdentityLinks werden per
+ X509SubjectName (Kodierung nach RFC 2253) identifiziert</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="ProxyComponentType"/>
+ <xsd:complexType name="OnlineApplicationType">
+ <xsd:sequence>
+ <xsd:element name="AuthComponent" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter über die OA, die die
+ Authentisierungs-Komponente betreffen</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:attribute name="provideStammzahl" type="xsd:boolean" use="optional" default="false"/>
+ <xsd:attribute name="provideAUTHBlock" type="xsd:boolean" use="optional" default="false"/>
+ <xsd:attribute name="provideIdentityLink" type="xsd:boolean" use="optional" default="false"/>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="ProxyComponent" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter über die OA, die die Proxy-Komponente
+ betreffen</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter über die OA, die die Proxy-Komponente
+ betreffen</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ <xsd:attribute name="configFileURL" type="xsd:anyURI" use="optional"/>
+ <xsd:attribute name="sessionTimeOut" type="xsd:int" use="optional"/>
+ <xsd:attribute name="loginParameterResolverImpl" type="xsd:string" use="optional"/>
+ <xsd:attribute name="loginParameterResolverConfiguration" type="xsd:string" use="optional"/>
+ <xsd:attribute name="connectionBuilderImpl" type="xsd:string" use="optional"/>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="ConnectionParameterServerAuthType">
+ <xsd:sequence>
+ <xsd:element name="AcceptedServerCertificates" type="xsd:anyURI" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>URL zu einem Verzeichnis, das akzeptierte Server-Zertifikate der
+ TLS-Verbindung enthält (keine CA-Zertifikate)</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ <xsd:attribute name="URL" type="xsd:anyURI" use="required"/>
+ </xsd:complexType>
+ <xsd:complexType name="ConnectionParameterClientAuthType">
+ <xsd:complexContent>
+ <xsd:extension base="ConnectionParameterServerAuthType">
+ <xsd:sequence>
+ <xsd:element name="ClientKeyStore" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>URL zu einem KeyStore, der den privaten Schlüssel, der für
+ die TLS-Client-Authentisierung verwendetwird, enthält</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:simpleContent>
+ <xsd:extension base="xsd:anyURI">
+ <xsd:attribute name="password" type="xsd:string" use="optional"/>
+ </xsd:extension>
+ </xsd:simpleContent>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:element name="TrustProfileID" type="xsd:string"/>
+ <xsd:simpleType name="ChainingModeType">
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="chaining"/>
+ <xsd:enumeration value="pkix"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ <xsd:simpleType name="BKUSelectionType">
+ <xsd:restriction base="xsd:token">
+ <xsd:enumeration value="HTMLComplete"/>
+ <xsd:enumeration value="HTMLSelect"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+</xsd:schema>
diff --git a/common/src/main/resources/resources/schemas/MOA-ID-Configuration-1.3.xsd b/common/src/main/resources/resources/schemas/MOA-ID-Configuration-1.3.xsd new file mode 100644 index 000000000..66c6e1832 --- /dev/null +++ b/common/src/main/resources/resources/schemas/MOA-ID-Configuration-1.3.xsd @@ -0,0 +1,424 @@ +<?xml version="1.0" encoding="UTF-8"?>
+<!-- edited with XMLSPY v5 rel. 4 U (http://www.xmlspy.com) by Rudolf Schamberger (Stabsstelle IKT-Strategie) (Bundesrechenzentrum GmbH) -->
+<xsd:schema targetNamespace="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:sl10="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.1.1">
+ <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/>
+ <xsd:import namespace="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" schemaLocation="http://www.buergerkarte.at/konzept/securitylayer/spezifikation/20020831/core/Core.20020225.xsd"/>
+ <xsd:import namespace="http://reference.e-government.gv.at/namespace/persondata/20020228#" schemaLocation="PersonData_20_en_moaWID.xsd"/>
+ <xsd:element name="Configuration">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="LoginType" type="LoginType" default="stateful"/>
+ <xsd:element name="Binding" minOccurs="0">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="full"/>
+ <xsd:enumeration value="userName"/>
+ <xsd:enumeration value="none"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ </xsd:element>
+ <xsd:choice>
+ <xsd:element ref="ParamAuth"/>
+ <xsd:element ref="BasicAuth"/>
+ <xsd:element ref="HeaderAuth"/>
+ </xsd:choice>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:simpleType name="LoginType">
+ <xsd:restriction base="xsd:token">
+ <xsd:enumeration value="stateless"/>
+ <xsd:enumeration value="stateful"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ <xsd:element name="ParamAuth">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="Parameter" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="Parameter">
+ <xsd:complexType>
+ <xsd:attribute name="Name" type="xsd:token" use="required"/>
+ <xsd:attribute name="Value" type="MOAAuthDataType" use="required"/>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="BasicAuth">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="UserID" type="MOAAuthDataType"/>
+ <xsd:element name="Password" type="MOAAuthDataType"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="HeaderAuth">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="Header" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="Header">
+ <xsd:complexType>
+ <xsd:attribute name="Name" type="xsd:token" use="required"/>
+ <xsd:attribute name="Value" type="MOAAuthDataType" use="required"/>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:simpleType name="MOAAuthDataType">
+ <xsd:restriction base="xsd:token">
+ <xsd:enumeration value="MOAGivenName"/>
+ <xsd:enumeration value="MOAFamilyName"/>
+ <xsd:enumeration value="MOADateOfBirth"/>
+ <xsd:enumeration value="MOABPK"/>
+ <xsd:enumeration value="MOAWBPK"/>
+ <xsd:enumeration value="MOAPublicAuthority"/>
+ <xsd:enumeration value="MOABKZ"/>
+ <xsd:enumeration value="MOAQualifiedCertificate"/>
+ <xsd:enumeration value="MOAStammzahl"/>
+ <xsd:enumeration value="MOAIdentificationValueType"/>
+ <xsd:enumeration value="MOAIPAddress"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ <xsd:simpleType name="MOAKeyBoxSelector">
+ <xsd:restriction base="xsd:token">
+ <xsd:enumeration value="SecureSignatureKeypair"/>
+ <xsd:enumeration value="CertifiedKeypair"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ <!--Konfiguration für Authentisierungs- und Proxy-Komponente und Online-Applikation-->
+ <xsd:element name="MOA-IDConfiguration">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="AuthComponent" type="AuthComponentType" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter der
+ Authentisierungs-Komponente</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="ProxyComponent" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>enthält Konfigurationsparameter der
+ Proxy-Komponente</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="AuthComponent">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter für die Kommunikation zw.
+ Proxykomponente und Authenttisierungskomponente</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter für die SOAP-Verbindung von der
+ Proxy-Komponente zur Auth-Komponente (vgl.
+ AuthComponent/MOA-SP/ConnectionParameter)</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="OnlineApplication" maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter für die OA</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="OnlineApplicationType">
+ <xsd:attribute name="publicURLPrefix" type="xsd:anyURI" use="required"/>
+ <xsd:attribute name="keyBoxIdentifier" type="MOAKeyBoxSelector" use="optional" default="SecureSignatureKeypair"/>
+ <xsd:attribute name="type" use="optional" default="publicService">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:NMTOKEN">
+ <xsd:enumeration value="businessService"/>
+ <xsd:enumeration value="publicService"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ </xsd:attribute>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="ChainingModes" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>spezifiziert den Algorithmus ("pkix" oder "chaining") für die
+ Zertifikatspfadvalidierung</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence minOccurs="0" maxOccurs="unbounded">
+ <xsd:element name="TrustAnchor">
+ <xsd:annotation>
+ <xsd:documentation>ein vom SystemDefaultMode abweichender ChiningMode kann
+ für jeden TrustAnchor gesetzt werden</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="dsig:X509IssuerSerialType">
+ <xsd:attribute name="mode" type="ChainingModeType" use="required"/>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ <xsd:attribute name="systemDefaultMode" type="ChainingModeType" use="optional" default="pkix"/>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="TrustedCACertificates" type="xsd:anyURI" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>verweist auf ein Verzeichnis, das vertrauenswürdige CA
+ (Zwischen-CA, Wurzel-CA) Zertifikate enthält.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="GenericConfiguration" minOccurs="0" maxOccurs="unbounded">
+ <xsd:complexType>
+ <xsd:attribute name="name" use="required">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="DirectoryCertStoreParameters.RootDir"/>
+ <xsd:enumeration value="AuthenticationSession.TimeOut"/>
+ <xsd:enumeration value="AuthenticationData.TimeOut"/>
+ <xsd:enumeration value="TrustManager.RevocationChecking"/>
+ <xsd:enumeration value="FrontendServlets.EnableHTTPConnection"/>
+ <xsd:enumeration value="FrontendServlets.DataURLPrefix"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ </xsd:attribute>
+ <xsd:attribute name="value" type="xsd:string" use="required"/>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:complexType name="AuthComponentType">
+ <xsd:sequence>
+ <xsd:element name="BKUSelection" minOccurs="0">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="ConnectionParameter" type="ConnectionParameterServerAuthType"/>
+ </xsd:sequence>
+ <xsd:attribute name="BKUSelectionAlternative" type="BKUSelectionType" use="optional" default="HTMLComplete"/>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="Templates" type="TemplatesType" minOccurs="0" maxOccurs="1" />
+ <xsd:element name="SecurityLayer">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter für die Kommunikation mit dem
+ Security-Layer</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="TransformsInfo" type="TransformsInfoType" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="MOA-SP">
+ <xsd:annotation>
+ <xsd:documentation>enthält Konfiguratiosnparameter für die Kommunikation mit dem MOA
+ SP Modul</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter für die SOAP-Verbindung von der
+ AUTH-Komponente zu MOA-SP; das Attribut URL enthält den Endpunkt des Server;
+ wird das Schema "https" verwendet müssen die Kind-Elemente angegeben werden;
+ wird das Schema "http" verwendet dürfen keine Kind-Elemente angegeben
+ werden; wird das Element nicht verwendet dann wird MOA-SP über das API
+ aufgerufen</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="VerifyIdentityLink">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter für die Überprüfung der
+ Personenbindung</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="TrustProfileID"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="VerifyAuthBlock">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter für die Überprüfung des
+ AUTH-Blocks</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="TrustProfileID"/>
+ <xsd:element name="VerifyTransformsInfoProfileID" type="xsd:string" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="IdentityLinkSigners">
+ <xsd:annotation>
+ <xsd:documentation>enthält Informationen über akzeptierte Signers des
+ IdentityLinks</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="X509SubjectName" type="xsd:string" maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>akzeptierte Signer des IdentityLinks werden per
+ X509SubjectName (Kodierung nach RFC 2253) identifiziert</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="TransformsInfoType">
+ <xsd:annotation>
+ <xsd:documentation>das Attribut filename verweist auf eine Datei mit globalem
+ Element TransformsInfo vom Typ sl10:TransformsInfo; diese TransformsInfo
+ werden in den CreateXMLSignatureRequest für die Signatur des AUTH-Blocks
+ inkludiert</xsd:documentation>
+ </xsd:annotation>
+ <xsd:attribute name="filename" type="xsd:anyURI" use="required"/>
+ </xsd:complexType>
+ <xsd:complexType name="TemplatesType">
+ <xsd:sequence>
+ <xsd:element name="BKUSelectionTemplate" type="TemplateType" minOccurs="0" maxOccurs="1"/>
+ <xsd:element name="Template" type="TemplateType" minOccurs="0" maxOccurs="1"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="TemplateType">
+ <xsd:annotation>
+ <xsd:documentation>das Attribut URL spezifiziert die Lage des Templates</xsd:documentation>
+ </xsd:annotation>
+ <xsd:attribute name="URL" type="xsd:anyURI" use="required"/>
+ </xsd:complexType>
+ <xsd:complexType name="ProxyComponentType"/>
+ <xsd:complexType name="OnlineApplicationType">
+ <xsd:sequence>
+ <xsd:element name="AuthComponent" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter über die OA, die die
+ Authentisierungs-Komponente betreffen</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <!--xsd:element name="IdentificationNumber" minOccurs="0">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="pr:AbstractSimpleIdentification"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element-->
+ <xsd:element name="IdentificationNumber" minOccurs="0">
+ <xsd:complexType>
+ <xsd:choice>
+ <xsd:element ref="pr:Firmenbuchnummer"/>
+ <xsd:element ref="pr:ZMRzahl"/>
+ <xsd:element ref="pr:Vereinsnummer"/>
+ <xsd:element ref="pr:ERJPZahl"/>
+ <xsd:element name="AnyNumber">
+ <xsd:complexType>
+ <xsd:simpleContent>
+ <xsd:extension base="xsd:string">
+ <xsd:attribute name="Identifier" type="xsd:string" use="required"/>
+ </xsd:extension>
+ </xsd:simpleContent>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:choice>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="Templates" type="TemplatesType" minOccurs="0" maxOccurs="1" />
+ <xsd:element name="TransformsInfo" type="TransformsInfoType" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ <xsd:attribute name="slVersion" use="optional" default="1.1">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="1.1"/>
+ <xsd:enumeration value="1.2"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ </xsd:attribute>
+ <xsd:attribute name="provideStammzahl" type="xsd:boolean" use="optional" default="false"/>
+ <xsd:attribute name="provideAUTHBlock" type="xsd:boolean" use="optional" default="false"/>
+ <xsd:attribute name="provideIdentityLink" type="xsd:boolean" use="optional" default="false"/>
+ <xsd:attribute name="provideCertificate" type="xsd:boolean" use="optional" default="false"/>
+ <!--xsd:element ref="pr:AbstractSimpleIdentification" minOccurs="0" maxOccurs="1"/-->
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="ProxyComponent" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter über die OA, die die Proxy-Komponente
+ betreffen</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter über die OA, die die Proxy-Komponente
+ betreffen</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ <xsd:attribute name="configFileURL" type="xsd:anyURI" use="optional"/>
+ <xsd:attribute name="sessionTimeOut" type="xsd:int" use="optional"/>
+ <xsd:attribute name="loginParameterResolverImpl" type="xsd:string" use="optional"/>
+ <xsd:attribute name="loginParameterResolverConfiguration" type="xsd:string" use="optional"/>
+ <xsd:attribute name="connectionBuilderImpl" type="xsd:string" use="optional"/>
+ </xsd:complexType>
+ </xsd:element>
+ <!--xsd:element ref="pr:CorporateBody" minOccurs="0" maxOccurs="1"/-->
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="ConnectionParameterServerAuthType">
+ <xsd:sequence>
+ <xsd:element name="AcceptedServerCertificates" type="xsd:anyURI" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>URL zu einem Verzeichnis, das akzeptierte Server-Zertifikate der
+ TLS-Verbindung enthält (keine CA-Zertifikate)</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ <xsd:attribute name="URL" type="xsd:anyURI" use="required"/>
+ </xsd:complexType>
+ <xsd:complexType name="ConnectionParameterClientAuthType">
+ <xsd:complexContent>
+ <xsd:extension base="ConnectionParameterServerAuthType">
+ <xsd:sequence>
+ <xsd:element name="ClientKeyStore" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>URL zu einem KeyStore, der den privaten Schlüssel, der für
+ die TLS-Client-Authentisierung verwendetwird, enthält</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:simpleContent>
+ <xsd:extension base="xsd:anyURI">
+ <xsd:attribute name="password" type="xsd:string" use="optional"/>
+ </xsd:extension>
+ </xsd:simpleContent>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:element name="TrustProfileID" type="xsd:string"/>
+ <xsd:simpleType name="ChainingModeType">
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="chaining"/>
+ <xsd:enumeration value="pkix"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ <xsd:simpleType name="BKUSelectionType">
+ <xsd:restriction base="xsd:token">
+ <xsd:enumeration value="HTMLComplete"/>
+ <xsd:enumeration value="HTMLSelect"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+</xsd:schema>
diff --git a/common/src/main/resources/resources/schemas/MOA-ID-Configuration-1.4.2.xsd b/common/src/main/resources/resources/schemas/MOA-ID-Configuration-1.4.2.xsd new file mode 100644 index 000000000..360789834 --- /dev/null +++ b/common/src/main/resources/resources/schemas/MOA-ID-Configuration-1.4.2.xsd @@ -0,0 +1,616 @@ +<?xml version="1.0" encoding="UTF-8"?>
+<xsd:schema xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" targetNamespace="http://www.buergerkarte.at/namespaces/moaconfig#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.4.2">
+ <!-- es werden lokale Schemas referenziert für real aufgelöste Schemas bitte ersetzen: http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd -->
+ <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd"/>
+ <xsd:import namespace="http://reference.e-government.gv.at/namespace/persondata/20020228#" schemaLocation="PersonData_20_en_moaWID.xsd"/>
+ <xsd:element name="Configuration">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="LoginType" type="LoginType" default="stateful"/>
+ <xsd:element name="Binding" minOccurs="0">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="full"/>
+ <xsd:enumeration value="userName"/>
+ <xsd:enumeration value="none"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ </xsd:element>
+ <xsd:choice>
+ <xsd:element ref="ParamAuth"/>
+ <xsd:element ref="BasicAuth"/>
+ <xsd:element ref="HeaderAuth"/>
+ </xsd:choice>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:simpleType name="LoginType">
+ <xsd:restriction base="xsd:token">
+ <xsd:enumeration value="stateless"/>
+ <xsd:enumeration value="stateful"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ <xsd:element name="ParamAuth">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="Parameter" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="Parameter">
+ <xsd:complexType>
+ <xsd:attribute name="Name" type="xsd:token" use="required"/>
+ <xsd:attribute name="Value" type="MOAAuthDataType" use="required"/>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="BasicAuth">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="UserID" type="MOAAuthDataType"/>
+ <xsd:element name="Password" type="MOAAuthDataType"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="HeaderAuth">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="Header" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="Header">
+ <xsd:complexType>
+ <xsd:attribute name="Name" type="xsd:token" use="required"/>
+ <xsd:attribute name="Value" type="MOAAuthDataType" use="required"/>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:simpleType name="MOAAuthDataType">
+ <xsd:restriction base="xsd:token">
+ <xsd:enumeration value="MOAGivenName"/>
+ <xsd:enumeration value="MOAFamilyName"/>
+ <xsd:enumeration value="MOADateOfBirth"/>
+ <xsd:enumeration value="MOABPK"/>
+ <xsd:enumeration value="MOAWBPK"/>
+ <xsd:enumeration value="MOAPublicAuthority"/>
+ <xsd:enumeration value="MOABKZ"/>
+ <xsd:enumeration value="MOAQualifiedCertificate"/>
+ <xsd:enumeration value="MOAStammzahl"/>
+ <xsd:enumeration value="MOAIdentificationValueType"/>
+ <xsd:enumeration value="MOAIPAddress"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ <xsd:simpleType name="MOAKeyBoxSelector">
+ <xsd:restriction base="xsd:token">
+ <xsd:enumeration value="SecureSignatureKeypair"/>
+ <xsd:enumeration value="CertifiedKeypair"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ <!--Konfiguration für Authentisierungs- und Proxy-Komponente und Online-Applikation-->
+ <xsd:element name="MOA-IDConfiguration">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="AuthComponent" type="AuthComponentType" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter der Authentisierungs-Komponente</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="ProxyComponent" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>enthält Konfigurationsparameter der Proxy-Komponente</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="AuthComponent">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter für die Kommunikation zw. Proxykomponente und Authenttisierungskomponente</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter für die SOAP-Verbindung von der Proxy-Komponente zur Auth-Komponente (vgl. AuthComponent/MOA-SP/ConnectionParameter)</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="OnlineApplication" maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter für die OA</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="OnlineApplicationType">
+ <xsd:attribute name="publicURLPrefix" type="xsd:anyURI" use="required"/>
+ <xsd:attribute name="keyBoxIdentifier" type="MOAKeyBoxSelector" use="optional" default="SecureSignatureKeypair"/>
+ <xsd:attribute name="type" use="optional" default="publicService">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:NMTOKEN">
+ <xsd:enumeration value="businessService"/>
+ <xsd:enumeration value="publicService"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ </xsd:attribute>
+ <xsd:attribute name="calculateHPI" type="xsd:boolean" use="optional" default="false"/>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="ChainingModes" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>spezifiziert den Algorithmus ("pkix" oder "chaining") für die Zertifikatspfadvalidierung</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence minOccurs="0" maxOccurs="unbounded">
+ <xsd:element name="TrustAnchor">
+ <xsd:annotation>
+ <xsd:documentation>ein vom SystemDefaultMode abweichender ChiningMode kann für jeden TrustAnchor gesetzt werden</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="dsig:X509IssuerSerialType">
+ <xsd:attribute name="mode" type="ChainingModeType" use="required"/>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ <xsd:attribute name="systemDefaultMode" type="ChainingModeType" use="optional" default="pkix"/>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="TrustedCACertificates" type="xsd:anyURI" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>verweist auf ein Verzeichnis, das vertrauenswürdige CA (Zwischen-CA, Wurzel-CA) Zertifikate enthält.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="GenericConfiguration" minOccurs="0" maxOccurs="unbounded">
+ <xsd:complexType>
+ <xsd:attribute name="name" use="required">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="DirectoryCertStoreParameters.RootDir"/>
+ <xsd:enumeration value="AuthenticationSession.TimeOut"/>
+ <xsd:enumeration value="AuthenticationData.TimeOut"/>
+ <xsd:enumeration value="TrustManager.RevocationChecking"/>
+ <xsd:enumeration value="FrontendServlets.EnableHTTPConnection"/>
+ <xsd:enumeration value="FrontendServlets.DataURLPrefix"/>
+ <xsd:enumeration value="AuthenticationServer.KeepAssertion"/>
+ <xsd:enumeration value="AuthenticationServer.WriteAssertionToFile"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ </xsd:attribute>
+ <xsd:attribute name="value" type="xsd:string" use="required"/>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:complexType name="AuthComponentType">
+ <xsd:sequence>
+ <xsd:element name="BKUSelection" minOccurs="0">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="ConnectionParameter" type="ConnectionParameterServerAuthType"/>
+ </xsd:sequence>
+ <xsd:attribute name="BKUSelectionAlternative" type="BKUSelectionType" use="optional" default="HTMLComplete"/>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="Templates" type="TemplatesType" minOccurs="0"/>
+ <xsd:element name="SecurityLayer">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter für die Kommunikation mit dem Security-Layer</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="TransformsInfo" type="TransformsInfoType" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="MOA-SP">
+ <xsd:annotation>
+ <xsd:documentation>enthält Konfiguratiosnparameter für die Kommunikation mit dem MOA SP Modul</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter für die SOAP-Verbindung von der AUTH-Komponente zu MOA-SP; das Attribut URL enthält den Endpunkt des Server; wird das Schema "https" verwendet müssen die Kind-Elemente angegeben werden; wird das Schema "http" verwendet dürfen keine Kind-Elemente angegeben werden; wird das Element nicht verwendet dann wird MOA-SP über das API aufgerufen</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="VerifyIdentityLink">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter für die Überprüfung der Personenbindung</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="TrustProfileID"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="VerifyAuthBlock">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter für die Überprüfung des AUTH-Blocks</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="TrustProfileID"/>
+ <xsd:element name="VerifyTransformsInfoProfileID" type="xsd:string" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="IdentityLinkSigners" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>enthält Informationen über akzeptierte Signers des IdentityLinks</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="X509SubjectName" type="xsd:string" maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>akzeptierte Signer des IdentityLinks werden per X509SubjectName (Kodierung nach RFC 2253) identifiziert</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="VerifyInfoboxes" type="VerifyInfoboxesType" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>enthält Defaultparameter für die Überprüfung weiterer Infoboxen</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="TransformsInfoType">
+ <xsd:annotation>
+ <xsd:documentation>das Attribut filename verweist auf eine Datei mit globalem Element TransformsInfo vom Typ sl10:TransformsInfo; diese TransformsInfo werden in den CreateXMLSignatureRequest für die Signatur des AUTH-Blocks inkludiert</xsd:documentation>
+ </xsd:annotation>
+ <xsd:attribute name="filename" type="xsd:anyURI" use="required"/>
+ </xsd:complexType>
+ <xsd:complexType name="TemplatesType">
+ <xsd:sequence>
+ <xsd:element name="BKUSelectionTemplate" type="TemplateType" minOccurs="0"/>
+ <xsd:element name="Template" type="TemplateType" minOccurs="0"/>
+ <xsd:element name="InputProcessorSignTemplate" type="TemplateType" minOccurs="0"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="TemplateType">
+ <xsd:annotation>
+ <xsd:documentation>das Attribut URL spezifiziert die Lage des Templates</xsd:documentation>
+ </xsd:annotation>
+ <xsd:attribute name="URL" type="xsd:anyURI" use="required"/>
+ </xsd:complexType>
+ <xsd:complexType name="VerifyInfoboxesType">
+ <xsd:annotation>
+ <xsd:documentation>Verifikation zusätzlicher Infoboxen</xsd:documentation>
+ </xsd:annotation>
+ <xsd:sequence>
+ <xsd:element name="DefaultTrustProfile" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>Optionales DefaultTrustprofil für die Überprüfung aller weiteren Infoboxen</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="TrustProfileID"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="Infobox" type="InfoboxType" minOccurs="0" maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>Parameter für Überprüfung weiterer Infoboxen</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="InfoboxType">
+ <xsd:annotation>
+ <xsd:documentation>Parameter zur Überprüfung einzelner Infoboxen</xsd:documentation>
+ </xsd:annotation>
+ <xsd:sequence>
+ <xsd:element name="FriendlyName" type="xsd:string" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>optionalervName, der für Fehlermeldungen verwendet werden soll; z.B.: "Stellvertretungen" für "Mandates"; fehlt dieser Parameter, dann wird das Identifier-Attribut verwendet</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="TrustProfileID" type="xsd:string" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>TrustProfil, das für die Überprüfung der Infobox verwendet werden soll</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="ValidatorClass" type="xsd:string" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>Validatorklasse, die für die Prüfung der Infobox verwendet werden soll; muss gesetzt werden, wenn Package- und Klassenname vom Default Package- und Klassennamen abweichen</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="SchemaLocations" type="SchemaLocationType" minOccurs="0"/>
+ <xsd:element name="ApplicationSpecificParameters" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>Infobox spezifische Parameter, die der jeweiligen Prüfapplikation übergeben werden</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:any namespace="##any" processContents="skip" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="ParepSpecificParameters" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>Infobox spezifische Parameter, die der Prüfapplikation für berufliche Parteienvertretung übergeben werden. Dies ist logisch Teil der ApplicationSpecificParameters, kann jedoch aufgrund der Strukturierung validierend geparst werden und dadurch wird eine funktionierende Konfiguration bei Programmstart garantiert.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="CompatibilityMode" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>Legt fest ob Machtgeber und Machtnehmer in den Anmeldedaten ausgetauscht werden sollen. Lediglich die übermittelte Vollmacht gibt dann Aufschluss darüber, dass eine Vertretung vorliegt. Ziel dieses Schalters ist, dass bisherige Applikationen mit Vollmachten und beruflicher Parteienvertretung nachgerüstet werden können, ohne der Erfordernis Änderungen durchführen zu müssen.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element ref="EnableInfoboxValidator" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>Falls Infoboxinhalte für die berufliche Parteienvertretung in der Vollmachten Infobox "mandates" abgelegt werden und Vertretung für berufliche Parteienvertreter aktiviert ist, so kann mit diesem Schalter die Vollmachtsprüfung für normale Vollmachten deaktiviert werden. Damit wird erreicht, dass mittels der Vollmachten Infobox ausschließlich berufliche Parteienvertretung aktiviert ist. Dieser Schalter ist nur für die Vollmachten Infobox "mandates" relevant.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="PartyRepresentation" type="PartyRepresentationType">
+ <xsd:annotation>
+ <xsd:documentation>Eigentlicher Konfigurationsteil für berufliche Parteienvertretung</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ <xsd:attribute name="Identifier" type="xsd:string" use="required"/>
+ <xsd:attribute name="required" type="xsd:boolean" use="optional" default="false"/>
+ <xsd:attribute name="provideStammzahl" type="xsd:boolean" use="optional" default="false"/>
+ <xsd:attribute name="provideIdentityLink" type="xsd:boolean" use="optional" default="false"/>
+ </xsd:complexType>
+ <xsd:complexType name="SchemaLocationType">
+ <xsd:annotation>
+ <xsd:documentation>Spezifiziert die Lage von XML Schemas</xsd:documentation>
+ </xsd:annotation>
+ <xsd:sequence>
+ <xsd:element name="Schema" maxOccurs="unbounded">
+ <xsd:complexType>
+ <xsd:attribute name="namespace" type="xsd:anyURI" use="required"/>
+ <xsd:attribute name="schemaLocation" type="xsd:anyURI" use="required"/>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="ProxyComponentType"/>
+ <xsd:complexType name="OnlineApplicationType">
+ <xsd:sequence>
+ <xsd:element name="AuthComponent" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter über die OA, die die Authentisierungs-Komponente betreffen</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <!--xsd:element name="IdentificationNumber" minOccurs="0">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="pr:AbstractSimpleIdentification"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element-->
+ <xsd:element name="IdentificationNumber" minOccurs="0">
+ <xsd:complexType>
+ <xsd:choice>
+ <xsd:element ref="pr:Firmenbuchnummer"/>
+ <xsd:element ref="pr:ZMRzahl"/>
+ <xsd:element ref="pr:Vereinsnummer"/>
+ <xsd:element ref="pr:ERJPZahl"/>
+ <xsd:element name="AnyNumber">
+ <xsd:complexType>
+ <xsd:simpleContent>
+ <xsd:extension base="xsd:string">
+ <xsd:attribute name="Identifier" type="xsd:string" use="required"/>
+ </xsd:extension>
+ </xsd:simpleContent>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:choice>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="Templates" type="TemplatesType" minOccurs="0"/>
+ <xsd:element name="TransformsInfo" type="TransformsInfoType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="VerifyInfoboxes" type="VerifyInfoboxesType" minOccurs="0"/>
+ </xsd:sequence>
+ <xsd:attribute name="slVersion" use="optional" default="1.1">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="1.1"/>
+ <xsd:enumeration value="1.2"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ </xsd:attribute>
+ <xsd:attribute name="provideStammzahl" type="xsd:boolean" use="optional" default="false"/>
+ <xsd:attribute name="provideAUTHBlock" type="xsd:boolean" use="optional" default="false"/>
+ <xsd:attribute name="provideIdentityLink" type="xsd:boolean" use="optional" default="false"/>
+ <xsd:attribute name="provideCertificate" type="xsd:boolean" use="optional" default="false"/>
+ <!--xsd:element ref="pr:AbstractSimpleIdentification" minOccurs="0" maxOccurs="1"/-->
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="ProxyComponent" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter über die OA, die die Proxy-Komponente betreffen</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter über die OA, die die Proxy-Komponente betreffen</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ <xsd:attribute name="configFileURL" type="xsd:anyURI" use="optional"/>
+ <xsd:attribute name="sessionTimeOut" type="xsd:int" use="optional"/>
+ <xsd:attribute name="loginParameterResolverImpl" type="xsd:string" use="optional"/>
+ <xsd:attribute name="loginParameterResolverConfiguration" type="xsd:string" use="optional"/>
+ <xsd:attribute name="connectionBuilderImpl" type="xsd:string" use="optional"/>
+ </xsd:complexType>
+ </xsd:element>
+ <!--xsd:element ref="pr:CorporateBody" minOccurs="0" maxOccurs="1"/-->
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="ConnectionParameterServerAuthType">
+ <xsd:sequence>
+ <xsd:element name="AcceptedServerCertificates" type="xsd:anyURI" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>URL zu einem Verzeichnis, das akzeptierte Server-Zertifikate der TLS-Verbindung enthält (keine CA-Zertifikate)</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ <xsd:attribute name="URL" type="xsd:anyURI" use="required"/>
+ </xsd:complexType>
+ <xsd:complexType name="ConnectionParameterClientAuthType">
+ <xsd:complexContent>
+ <xsd:extension base="ConnectionParameterServerAuthType">
+ <xsd:sequence>
+ <xsd:element name="ClientKeyStore" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>URL zu einem KeyStore, der den privaten Schlüssel, der für die TLS-Client-Authentisierung verwendet wird, enthält</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:simpleContent>
+ <xsd:extension base="xsd:anyURI">
+ <xsd:attribute name="password" type="xsd:string" use="optional"/>
+ </xsd:extension>
+ </xsd:simpleContent>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:element name="TrustProfileID" type="xsd:string"/>
+ <xsd:simpleType name="ChainingModeType">
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="chaining"/>
+ <xsd:enumeration value="pkix"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ <xsd:simpleType name="BKUSelectionType">
+ <xsd:restriction base="xsd:token">
+ <xsd:enumeration value="HTMLComplete"/>
+ <xsd:enumeration value="HTMLSelect"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ <xsd:element name="CompatibilityMode" default="false">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:boolean"/>
+ </xsd:simpleType>
+ </xsd:element>
+ <xsd:element name="EnableInfoboxValidator" default="true">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:boolean"/>
+ </xsd:simpleType>
+ </xsd:element>
+ <xsd:element name="AlwaysShowForm" default="false">
+ <xsd:annotation>
+ <xsd:documentation>Soll nicht nur bei leerer oder standardisierter Vollmacht mit unvollständigen Daten, sondern beispielsweise zu Kontrollzwecken das Eingabeformular immer angezeigt werden, wenn ein Einschreiten durch berufliche Parteienvertretung geschieht so kann dies mittels dieses Schalters veranlasst werden</xsd:documentation>
+ </xsd:annotation>
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:boolean"/>
+ </xsd:simpleType>
+ </xsd:element>
+ <xsd:complexType name="InputProcessorType">
+ <xsd:simpleContent>
+ <xsd:extension base="xsd:string">
+ <xsd:attribute name="template" type="xsd:anyURI" use="optional">
+ <xsd:annotation>
+ <xsd:documentation>Das Attribut spezifiziert die Lage des Templates, welches der InputProcessor zur Darstellung des Eingabeformulars nutzen soll</xsd:documentation>
+ </xsd:annotation>
+ </xsd:attribute>
+ </xsd:extension>
+ </xsd:simpleContent>
+ </xsd:complexType>
+ <xsd:complexType name="PartyRepresentationType">
+ <xsd:sequence>
+ <xsd:element name="InputProcessor" type="InputProcessorType" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>Default InputProcessor. Konfiguration eines vom Standardprozess abweichenden Verarbeitungsvorgangs bei der beruflichen Parteienvertretung. Der Wert dieses Elements ist der vollständige Klassenname des InputProzessors</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element ref="AlwaysShowForm" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>Default Wert für Formularanzeige. Soll nicht nur bei leerer oder standardisierter Vollmacht mit unvollständigen Daten, sondern beispielsweise zu Kontrollzwecken das Eingabeformular zur vervollständigung der Vertretenendaten immer angezeigt werden, wenn ein Einschreiten durch berufliche Parteienvertretung geschieht so kann dies mittels dieses Schalters veranlasst werden</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>Default Verbindungsparameter zum SZR-Gateway (für den EGIZ-Demonstrator im internen Netzwerk: https://129.27.142.5:8443/szr-gateway/services/MandateCreation)</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="PartyRepresentative" type="PartyRepresentativeType" minOccurs="0" maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>Falls keine speziellen beruflichen ParteienvertreterInnen definiert sind (Element kommt nicht vor), werden ausschließlich standardisierte Vollmachten mit einer MandateID="*" akzeptiert</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="PartyRepresentativeType">
+ <xsd:sequence>
+ <xsd:element name="InputProcessor" type="InputProcessorType" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>Konfiguration eines vom Standardprozess abweichenden Verarbeitungsvorgangs bei der beruflichen Parteienvertretung. Der Wert dieses Elements ist der vollständige Klassenname des InputProzessors</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element ref="AlwaysShowForm" minOccurs="0"/>
+ <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>Optionale Verbindungsparameter zu speziellem (SZR-)Gateway</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ <xsd:attribute name="oid" use="required">
+ <xsd:annotation>
+ <xsd:documentation>OID der Parteienvertretung lt. "Object Identifier der öffentlichen Verwaltung" - Konvention, Empfehlung. Diese ID muss mit der MandateID der übermittelten standardisierten Vollmacht übereinstimmen. Eine Parteienvertretung für standardisierte Vollmachten mit der MandateID "*" muss nicht definiert werden und erlaubt eine allgemeine berufliche Parteienvertretung mit Standardtexten. In anderen Fällen ist eine erlaubte OID mitttels dieses Attributs zu definieren</xsd:documentation>
+ </xsd:annotation>
+ <!--xsd:simpleType>
+ <xsd:restriction/>
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="1.2.40.0.10.3.1"/>
+ <xsd:enumeration value="1.2.40.0.10.3.2"/>
+ <xsd:enumeration value="1.2.40.0.10.3.3"/>
+ <xsd:enumeration value="1.2.40.0.10.3.10"/>
+ <xsd:enumeration value="1.2.40.0.10.3.10.IdentifiedVoiceChannel"/>
+ </xsd:restriction>
+ </xsd:simpleType-->
+ </xsd:attribute>
+ <xsd:attribute name="representPhysicalParty" use="optional" default="false">
+ <xsd:annotation>
+ <xsd:documentation>Legt fest, ob berufliche Parteienvertretung für natürliche Personen erlaubt ist</xsd:documentation>
+ </xsd:annotation>
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:boolean"/>
+ </xsd:simpleType>
+ </xsd:attribute>
+ <xsd:attribute name="representCorporateParty" use="optional" default="false">
+ <xsd:annotation>
+ <xsd:documentation>Legt fest, ob berufliche Parteienvertretung für juristische Personen erlaubt ist (welche z.B. ein Organwalter nicht vertreten darf und dieser Wert aus diesem Grund dort false sein muss)</xsd:documentation>
+ </xsd:annotation>
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:boolean"/>
+ </xsd:simpleType>
+ </xsd:attribute>
+ <xsd:attribute name="representationText" use="optional">
+ <xsd:annotation>
+ <xsd:documentation>Beschreibender Text, der an Stelle des Standardtexts bei der Signatur der Anmeldedaten im Falle einer vorliegenden beruflichen Parteienvertretung zur Signatur vorgelegt wird</xsd:documentation>
+ </xsd:annotation>
+ <!--xsd:simpleType>
+ <xsd:restriction/>
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="berufsmäßige(r) Parteienvertreter(in) mit Notariatseigenschaft"/>
+ <xsd:enumeration value="berufsmäßige(r) Parteienvertreter(in) mit Rechtsanwaltseigenschaft"/>
+ <xsd:enumeration value="berufsmäßige(r) Parteienvertreter(in) mit Ziviltechnikerinneneigenschaft)"/>
+ <xsd:enumeration value="Organwalter"/>
+ <xsd:enumeration value="Parteienvertreter(in) über einen identifizierten Sprachkanal"/>
+ </xsd:restriction>
+ </xsd:simpleType-->
+ </xsd:attribute>
+ </xsd:complexType>
+</xsd:schema>
diff --git a/common/src/main/resources/resources/schemas/MOA-ID-Configuration-1.4.3.xsd b/common/src/main/resources/resources/schemas/MOA-ID-Configuration-1.4.3.xsd new file mode 100644 index 000000000..570bebd37 --- /dev/null +++ b/common/src/main/resources/resources/schemas/MOA-ID-Configuration-1.4.3.xsd @@ -0,0 +1,612 @@ +<?xml version="1.0" encoding="UTF-8"?>
+<xsd:schema xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" targetNamespace="http://www.buergerkarte.at/namespaces/moaconfig#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.4.3">
+ <!-- es werden lokale Schemas referenziert für real aufgelöste Schemas bitte ersetzen: http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd -->
+ <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd"/>
+ <xsd:import namespace="http://reference.e-government.gv.at/namespace/persondata/20020228#" schemaLocation="PersonData_20_en_moaWID.xsd"/>
+ <xsd:element name="Configuration">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="LoginType" type="LoginType" default="stateful"/>
+ <xsd:element name="Binding" minOccurs="0">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="full"/>
+ <xsd:enumeration value="userName"/>
+ <xsd:enumeration value="none"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ </xsd:element>
+ <xsd:choice>
+ <xsd:element ref="ParamAuth"/>
+ <xsd:element ref="BasicAuth"/>
+ <xsd:element ref="HeaderAuth"/>
+ </xsd:choice>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:simpleType name="LoginType">
+ <xsd:restriction base="xsd:token">
+ <xsd:enumeration value="stateless"/>
+ <xsd:enumeration value="stateful"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ <xsd:element name="ParamAuth">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="Parameter" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="Parameter">
+ <xsd:complexType>
+ <xsd:attribute name="Name" type="xsd:token" use="required"/>
+ <xsd:attribute name="Value" type="MOAAuthDataType" use="required"/>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="BasicAuth">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="UserID" type="MOAAuthDataType"/>
+ <xsd:element name="Password" type="MOAAuthDataType"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="HeaderAuth">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="Header" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="Header">
+ <xsd:complexType>
+ <xsd:attribute name="Name" type="xsd:token" use="required"/>
+ <xsd:attribute name="Value" type="MOAAuthDataType" use="required"/>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:simpleType name="MOAAuthDataType">
+ <xsd:restriction base="xsd:token">
+ <xsd:enumeration value="MOAGivenName"/>
+ <xsd:enumeration value="MOAFamilyName"/>
+ <xsd:enumeration value="MOADateOfBirth"/>
+ <xsd:enumeration value="MOABPK"/>
+ <xsd:enumeration value="MOAWBPK"/>
+ <xsd:enumeration value="MOAPublicAuthority"/>
+ <xsd:enumeration value="MOABKZ"/>
+ <xsd:enumeration value="MOAQualifiedCertificate"/>
+ <xsd:enumeration value="MOAStammzahl"/>
+ <xsd:enumeration value="MOAIdentificationValueType"/>
+ <xsd:enumeration value="MOAIPAddress"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ <xsd:simpleType name="MOAKeyBoxSelector">
+ <xsd:restriction base="xsd:token">
+ <xsd:enumeration value="SecureSignatureKeypair"/>
+ <xsd:enumeration value="CertifiedKeypair"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ <!--Konfiguration für Authentisierungs- und Proxy-Komponente und Online-Applikation-->
+ <xsd:element name="MOA-IDConfiguration">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="AuthComponent" type="AuthComponentType" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter der Authentisierungs-Komponente</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="ProxyComponent" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>enthält Konfigurationsparameter der Proxy-Komponente</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="AuthComponent">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter für die Kommunikation zw. Proxykomponente und Authenttisierungskomponente</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter für die SOAP-Verbindung von der Proxy-Komponente zur Auth-Komponente (vgl. AuthComponent/MOA-SP/ConnectionParameter)</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="OnlineApplication" maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter für die OA</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="OnlineApplicationType">
+ <xsd:attribute name="publicURLPrefix" type="xsd:anyURI" use="required"/>
+ <xsd:attribute name="keyBoxIdentifier" type="MOAKeyBoxSelector" use="optional" default="SecureSignatureKeypair"/>
+ <xsd:attribute name="type" use="optional" default="publicService">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:NMTOKEN">
+ <xsd:enumeration value="businessService"/>
+ <xsd:enumeration value="publicService"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ </xsd:attribute>
+ <xsd:attribute name="calculateHPI" type="xsd:boolean" use="optional" default="false"/>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="ChainingModes" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>spezifiziert den Algorithmus ("pkix" oder "chaining") für die Zertifikatspfadvalidierung</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence minOccurs="0" maxOccurs="unbounded">
+ <xsd:element name="TrustAnchor">
+ <xsd:annotation>
+ <xsd:documentation>ein vom SystemDefaultMode abweichender ChiningMode kann für jeden TrustAnchor gesetzt werden</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="dsig:X509IssuerSerialType">
+ <xsd:attribute name="mode" type="ChainingModeType" use="required"/>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ <xsd:attribute name="systemDefaultMode" type="ChainingModeType" use="optional" default="pkix"/>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="TrustedCACertificates" type="xsd:anyURI" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>verweist auf ein Verzeichnis, das vertrauenswürdige CA (Zwischen-CA, Wurzel-CA) Zertifikate enthält.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="GenericConfiguration" minOccurs="0" maxOccurs="unbounded">
+ <xsd:complexType>
+ <xsd:attribute name="name" use="required">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="DirectoryCertStoreParameters.RootDir"/>
+ <xsd:enumeration value="AuthenticationSession.TimeOut"/>
+ <xsd:enumeration value="AuthenticationData.TimeOut"/>
+ <xsd:enumeration value="TrustManager.RevocationChecking"/>
+ <xsd:enumeration value="FrontendServlets.EnableHTTPConnection"/>
+ <xsd:enumeration value="FrontendServlets.DataURLPrefix"/>
+ <xsd:enumeration value="AuthenticationServer.KeepAssertion"/>
+ <xsd:enumeration value="AuthenticationServer.WriteAssertionToFile"/>
+ <xsd:enumeration value="AuthenticationServer.SourceID"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ </xsd:attribute>
+ <xsd:attribute name="value" type="xsd:string" use="required"/>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:complexType name="AuthComponentType">
+ <xsd:sequence>
+ <xsd:element name="BKUSelection" minOccurs="0">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="ConnectionParameter" type="ConnectionParameterServerAuthType"/>
+ </xsd:sequence>
+ <xsd:attribute name="BKUSelectionAlternative" type="BKUSelectionType" use="optional" default="HTMLComplete"/>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="Templates" type="TemplatesType" minOccurs="0"/>
+ <xsd:element name="SecurityLayer">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter für die Kommunikation mit dem Security-Layer</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="TransformsInfo" type="TransformsInfoType" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="MOA-SP">
+ <xsd:annotation>
+ <xsd:documentation>enthält Konfiguratiosnparameter für die Kommunikation mit dem MOA SP Modul</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter für die SOAP-Verbindung von der AUTH-Komponente zu MOA-SP; das Attribut URL enthält den Endpunkt des Server; wird das Schema "https" verwendet müssen die Kind-Elemente angegeben werden; wird das Schema "http" verwendet dürfen keine Kind-Elemente angegeben werden; wird das Element nicht verwendet dann wird MOA-SP über das API aufgerufen</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="VerifyIdentityLink">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter für die Überprüfung der Personenbindung</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="TrustProfileID"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="VerifyAuthBlock">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter für die Überprüfung des AUTH-Blocks</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="TrustProfileID"/>
+ <xsd:element name="VerifyTransformsInfoProfileID" type="xsd:string" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="IdentityLinkSigners" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>enthält Informationen über akzeptierte Signers des IdentityLinks</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="X509SubjectName" type="xsd:string" maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>akzeptierte Signer des IdentityLinks werden per X509SubjectName (Kodierung nach RFC 2253) identifiziert</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="VerifyInfoboxes" type="VerifyInfoboxesType" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>enthält Defaultparameter für die Überprüfung weiterer Infoboxen</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="TransformsInfoType">
+ <xsd:annotation>
+ <xsd:documentation>das Attribut filename verweist auf eine Datei mit globalem Element TransformsInfo vom Typ sl10:TransformsInfo; diese TransformsInfo werden in den CreateXMLSignatureRequest für die Signatur des AUTH-Blocks inkludiert</xsd:documentation>
+ </xsd:annotation>
+ <xsd:attribute name="filename" type="xsd:anyURI" use="required"/>
+ </xsd:complexType>
+ <xsd:complexType name="TemplatesType">
+ <xsd:sequence>
+ <xsd:element name="BKUSelectionTemplate" type="TemplateType" minOccurs="0"/>
+ <xsd:element name="Template" type="TemplateType" minOccurs="0"/>
+ <xsd:element name="InputProcessorSignTemplate" type="TemplateType" minOccurs="0"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="TemplateType">
+ <xsd:annotation>
+ <xsd:documentation>das Attribut URL spezifiziert die Lage des Templates</xsd:documentation>
+ </xsd:annotation>
+ <xsd:attribute name="URL" type="xsd:anyURI" use="required"/>
+ </xsd:complexType>
+ <xsd:complexType name="VerifyInfoboxesType">
+ <xsd:annotation>
+ <xsd:documentation>Verifikation zusätzlicher Infoboxen</xsd:documentation>
+ </xsd:annotation>
+ <xsd:sequence>
+ <xsd:element name="DefaultTrustProfile" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>Optionales DefaultTrustprofil für die Überprüfung aller weiteren Infoboxen</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="TrustProfileID"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="Infobox" type="InfoboxType" minOccurs="0" maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>Parameter für Überprüfung weiterer Infoboxen</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="InfoboxType">
+ <xsd:annotation>
+ <xsd:documentation>Parameter zur Überprüfung einzelner Infoboxen</xsd:documentation>
+ </xsd:annotation>
+ <xsd:sequence>
+ <xsd:element name="FriendlyName" type="xsd:string" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>optionalervName, der für Fehlermeldungen verwendet werden soll; z.B.: "Stellvertretungen" für "Mandates"; fehlt dieser Parameter, dann wird das Identifier-Attribut verwendet</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="TrustProfileID" type="xsd:string" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>TrustProfil, das für die Überprüfung der Infobox verwendet werden soll</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="ValidatorClass" type="xsd:string" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>Validatorklasse, die für die Prüfung der Infobox verwendet werden soll; muss gesetzt werden, wenn Package- und Klassenname vom Default Package- und Klassennamen abweichen</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="SchemaLocations" type="SchemaLocationType" minOccurs="0"/>
+ <xsd:element name="ApplicationSpecificParameters" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>Infobox spezifische Parameter, die der jeweiligen Prüfapplikation übergeben werden</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:any namespace="##any" processContents="skip" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="ParepSpecificParameters" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>Infobox spezifische Parameter, die der Prüfapplikation für berufliche Parteienvertretung übergeben werden. Dies ist logisch Teil der ApplicationSpecificParameters, kann jedoch aufgrund der Strukturierung validierend geparst werden und dadurch wird eine funktionierende Konfiguration bei Programmstart garantiert.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="EnableInfoboxValidator" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>Falls Infoboxinhalte für die berufliche Parteienvertretung in der Vollmachten Infobox "mandates" abgelegt werden und Vertretung für berufliche Parteienvertreter aktiviert ist, so kann mit diesem Schalter die Vollmachtsprüfung für normale Vollmachten deaktiviert werden. Damit wird erreicht, dass mittels der Vollmachten Infobox ausschließlich berufliche Parteienvertretung aktiviert ist. Dieser Schalter ist nur für die Vollmachten Infobox "mandates" relevant.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="PartyRepresentation" type="PartyRepresentationType">
+ <xsd:annotation>
+ <xsd:documentation>Eigentlicher Konfigurationsteil für berufliche Parteienvertretung</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ <xsd:attribute name="Identifier" type="xsd:string" use="required"/>
+ <xsd:attribute name="required" type="xsd:boolean" use="optional" default="false"/>
+ <xsd:attribute name="provideStammzahl" type="xsd:boolean" use="optional" default="false"/>
+ <xsd:attribute name="provideIdentityLink" type="xsd:boolean" use="optional" default="false"/>
+ </xsd:complexType>
+ <xsd:complexType name="SchemaLocationType">
+ <xsd:annotation>
+ <xsd:documentation>Spezifiziert die Lage von XML Schemas</xsd:documentation>
+ </xsd:annotation>
+ <xsd:sequence>
+ <xsd:element name="Schema" maxOccurs="unbounded">
+ <xsd:complexType>
+ <xsd:attribute name="namespace" type="xsd:anyURI" use="required"/>
+ <xsd:attribute name="schemaLocation" type="xsd:anyURI" use="required"/>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="ProxyComponentType"/>
+ <xsd:complexType name="OnlineApplicationType">
+ <xsd:sequence>
+ <xsd:element name="AuthComponent" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter über die OA, die die Authentisierungs-Komponente betreffen</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <!--xsd:element name="IdentificationNumber" minOccurs="0">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="pr:AbstractSimpleIdentification"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element-->
+ <xsd:element name="IdentificationNumber" minOccurs="0">
+ <xsd:complexType>
+ <xsd:choice>
+ <xsd:element ref="pr:Firmenbuchnummer"/>
+ <xsd:element ref="pr:ZMRzahl"/>
+ <xsd:element ref="pr:Vereinsnummer"/>
+ <xsd:element ref="pr:ERJPZahl"/>
+ <xsd:element name="AnyNumber">
+ <xsd:complexType>
+ <xsd:simpleContent>
+ <xsd:extension base="xsd:string">
+ <xsd:attribute name="Identifier" type="xsd:string" use="required"/>
+ </xsd:extension>
+ </xsd:simpleContent>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:choice>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="Templates" type="TemplatesType" minOccurs="0"/>
+ <xsd:element name="TransformsInfo" type="TransformsInfoType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="VerifyInfoboxes" type="VerifyInfoboxesType" minOccurs="0"/>
+ </xsd:sequence>
+ <xsd:attribute name="slVersion" use="optional" default="1.1">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="1.1"/>
+ <xsd:enumeration value="1.2"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ </xsd:attribute>
+ <xsd:attribute name="provideStammzahl" type="xsd:boolean" use="optional" default="false"/>
+ <xsd:attribute name="provideAUTHBlock" type="xsd:boolean" use="optional" default="false"/>
+ <xsd:attribute name="provideIdentityLink" type="xsd:boolean" use="optional" default="false"/>
+ <xsd:attribute name="provideCertificate" type="xsd:boolean" use="optional" default="false"/>
+ <!--xsd:element ref="pr:AbstractSimpleIdentification" minOccurs="0" maxOccurs="1"/-->
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="ProxyComponent" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter über die OA, die die Proxy-Komponente betreffen</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter über die OA, die die Proxy-Komponente betreffen</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ <xsd:attribute name="configFileURL" type="xsd:anyURI" use="optional"/>
+ <xsd:attribute name="sessionTimeOut" type="xsd:int" use="optional"/>
+ <xsd:attribute name="loginParameterResolverImpl" type="xsd:string" use="optional"/>
+ <xsd:attribute name="loginParameterResolverConfiguration" type="xsd:string" use="optional"/>
+ <xsd:attribute name="connectionBuilderImpl" type="xsd:string" use="optional"/>
+ </xsd:complexType>
+ </xsd:element>
+ <!--xsd:element ref="pr:CorporateBody" minOccurs="0" maxOccurs="1"/-->
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="ConnectionParameterServerAuthType">
+ <xsd:sequence>
+ <xsd:element name="AcceptedServerCertificates" type="xsd:anyURI" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>URL zu einem Verzeichnis, das akzeptierte Server-Zertifikate der TLS-Verbindung enthält (keine CA-Zertifikate)</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ <xsd:attribute name="URL" type="xsd:anyURI" use="required"/>
+ </xsd:complexType>
+ <xsd:complexType name="ConnectionParameterClientAuthType">
+ <xsd:complexContent>
+ <xsd:extension base="ConnectionParameterServerAuthType">
+ <xsd:sequence>
+ <xsd:element name="ClientKeyStore" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>URL zu einem KeyStore, der den privaten Schlüssel, der für die TLS-Client-Authentisierung verwendet wird, enthält</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:simpleContent>
+ <xsd:extension base="xsd:anyURI">
+ <xsd:attribute name="password" type="xsd:string" use="optional"/>
+ </xsd:extension>
+ </xsd:simpleContent>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:element name="TrustProfileID" type="xsd:string"/>
+ <xsd:simpleType name="ChainingModeType">
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="chaining"/>
+ <xsd:enumeration value="pkix"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ <xsd:simpleType name="BKUSelectionType">
+ <xsd:restriction base="xsd:token">
+ <xsd:enumeration value="HTMLComplete"/>
+ <xsd:enumeration value="HTMLSelect"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ <xsd:element name="CompatibilityMode" default="false">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:boolean"/>
+ </xsd:simpleType>
+ </xsd:element>
+ <xsd:element name="EnableInfoboxValidator" default="true">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:boolean"/>
+ </xsd:simpleType>
+ </xsd:element>
+ <xsd:element name="AlwaysShowForm" default="false">
+ <xsd:annotation>
+ <xsd:documentation>Soll nicht nur bei leerer oder standardisierter Vollmacht mit unvollständigen Daten, sondern beispielsweise zu Kontrollzwecken das Eingabeformular immer angezeigt werden, wenn ein Einschreiten durch berufliche Parteienvertretung geschieht so kann dies mittels dieses Schalters veranlasst werden</xsd:documentation>
+ </xsd:annotation>
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:boolean"/>
+ </xsd:simpleType>
+ </xsd:element>
+ <xsd:complexType name="InputProcessorType">
+ <xsd:simpleContent>
+ <xsd:extension base="xsd:string">
+ <xsd:attribute name="template" type="xsd:anyURI" use="optional">
+ <xsd:annotation>
+ <xsd:documentation>Das Attribut spezifiziert die Lage des Templates, welches der InputProcessor zur Darstellung des Eingabeformulars nutzen soll</xsd:documentation>
+ </xsd:annotation>
+ </xsd:attribute>
+ </xsd:extension>
+ </xsd:simpleContent>
+ </xsd:complexType>
+ <xsd:complexType name="PartyRepresentationType">
+ <xsd:sequence>
+ <xsd:element name="InputProcessor" type="InputProcessorType" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>Default InputProcessor. Konfiguration eines vom Standardprozess abweichenden Verarbeitungsvorgangs bei der beruflichen Parteienvertretung. Der Wert dieses Elements ist der vollständige Klassenname des InputProzessors</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element ref="AlwaysShowForm" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>Default Wert für Formularanzeige. Soll nicht nur bei leerer oder standardisierter Vollmacht mit unvollständigen Daten, sondern beispielsweise zu Kontrollzwecken das Eingabeformular zur vervollständigung der Vertretenendaten immer angezeigt werden, wenn ein Einschreiten durch berufliche Parteienvertretung geschieht so kann dies mittels dieses Schalters veranlasst werden</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>Default Verbindungsparameter zum SZR-Gateway (für den EGIZ-Demonstrator im internen Netzwerk: https://129.27.142.5:8443/szr-gateway/services/MandateCreation)</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="PartyRepresentative" type="PartyRepresentativeType" minOccurs="0" maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>Falls keine speziellen beruflichen ParteienvertreterInnen definiert sind (Element kommt nicht vor), werden ausschließlich standardisierte Vollmachten mit einer MandateID="*" akzeptiert</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="PartyRepresentativeType">
+ <xsd:sequence>
+ <xsd:element name="InputProcessor" type="InputProcessorType" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>Konfiguration eines vom Standardprozess abweichenden Verarbeitungsvorgangs bei der beruflichen Parteienvertretung. Der Wert dieses Elements ist der vollständige Klassenname des InputProzessors</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element ref="AlwaysShowForm" minOccurs="0"/>
+ <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>Optionale Verbindungsparameter zu speziellem (SZR-)Gateway</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ <xsd:attribute name="oid" use="required">
+ <xsd:annotation>
+ <xsd:documentation>OID der Parteienvertretung lt. "Object Identifier der öffentlichen Verwaltung" - Konvention, Empfehlung. Diese ID muss mit der MandateID der übermittelten standardisierten Vollmacht übereinstimmen. Eine Parteienvertretung für standardisierte Vollmachten mit der MandateID "*" muss nicht definiert werden und erlaubt eine allgemeine berufliche Parteienvertretung mit Standardtexten. In anderen Fällen ist eine erlaubte OID mitttels dieses Attributs zu definieren</xsd:documentation>
+ </xsd:annotation>
+ <!--xsd:simpleType>
+ <xsd:restriction/>
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="1.2.40.0.10.3.1"/>
+ <xsd:enumeration value="1.2.40.0.10.3.2"/>
+ <xsd:enumeration value="1.2.40.0.10.3.3"/>
+ <xsd:enumeration value="1.2.40.0.10.3.10"/>
+ <xsd:enumeration value="1.2.40.0.10.3.10.IdentifiedVoiceChannel"/>
+ </xsd:restriction>
+ </xsd:simpleType-->
+ </xsd:attribute>
+ <xsd:attribute name="representPhysicalParty" use="optional" default="false">
+ <xsd:annotation>
+ <xsd:documentation>Legt fest, ob berufliche Parteienvertretung für natürliche Personen erlaubt ist</xsd:documentation>
+ </xsd:annotation>
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:boolean"/>
+ </xsd:simpleType>
+ </xsd:attribute>
+ <xsd:attribute name="representCorporateParty" use="optional" default="false">
+ <xsd:annotation>
+ <xsd:documentation>Legt fest, ob berufliche Parteienvertretung für juristische Personen erlaubt ist (welche z.B. ein Organwalter nicht vertreten darf und dieser Wert aus diesem Grund dort false sein muss)</xsd:documentation>
+ </xsd:annotation>
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:boolean"/>
+ </xsd:simpleType>
+ </xsd:attribute>
+ <xsd:attribute name="representationText" use="optional">
+ <xsd:annotation>
+ <xsd:documentation>Beschreibender Text, der an Stelle des Standardtexts bei der Signatur der Anmeldedaten im Falle einer vorliegenden beruflichen Parteienvertretung zur Signatur vorgelegt wird</xsd:documentation>
+ </xsd:annotation>
+ <!--xsd:simpleType>
+ <xsd:restriction/>
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="berufsmäßige(r) Parteienvertreter(in) mit Notariatseigenschaft"/>
+ <xsd:enumeration value="berufsmäßige(r) Parteienvertreter(in) mit Rechtsanwaltseigenschaft"/>
+ <xsd:enumeration value="berufsmäßige(r) Parteienvertreter(in) mit Ziviltechnikerinneneigenschaft)"/>
+ <xsd:enumeration value="Organwalter"/>
+ <xsd:enumeration value="Parteienvertreter(in) über einen identifizierten Sprachkanal"/>
+ </xsd:restriction>
+ </xsd:simpleType-->
+ </xsd:attribute>
+ </xsd:complexType>
+</xsd:schema>
diff --git a/common/src/main/resources/resources/schemas/MOA-ID-Configuration-1.4.7.xsd b/common/src/main/resources/resources/schemas/MOA-ID-Configuration-1.4.7.xsd new file mode 100644 index 000000000..dffca2167 --- /dev/null +++ b/common/src/main/resources/resources/schemas/MOA-ID-Configuration-1.4.7.xsd @@ -0,0 +1,625 @@ +<?xml version="1.0" encoding="UTF-8"?>
+<!-- edited with XMLSpy v2010 (http://www.altova.com) by ks (ks) -->
+<xsd:schema xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" targetNamespace="http://www.buergerkarte.at/namespaces/moaconfig#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.4.3">
+ <!-- es werden lokale Schemas referenziert für real aufgelöste Schemas bitte ersetzen: http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd -->
+ <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd"/>
+ <xsd:import namespace="http://reference.e-government.gv.at/namespace/persondata/20020228#" schemaLocation="PersonData_20_en_moaWID.xsd"/>
+ <xsd:element name="Configuration">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="LoginType" type="LoginType" default="stateful"/>
+ <xsd:element name="Binding" minOccurs="0">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="full"/>
+ <xsd:enumeration value="userName"/>
+ <xsd:enumeration value="none"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ </xsd:element>
+ <xsd:choice>
+ <xsd:element ref="ParamAuth"/>
+ <xsd:element ref="BasicAuth"/>
+ <xsd:element ref="HeaderAuth"/>
+ </xsd:choice>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:simpleType name="LoginType">
+ <xsd:restriction base="xsd:token">
+ <xsd:enumeration value="stateless"/>
+ <xsd:enumeration value="stateful"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ <xsd:element name="ParamAuth">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="Parameter" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="Parameter">
+ <xsd:complexType>
+ <xsd:attribute name="Name" type="xsd:token" use="required"/>
+ <xsd:attribute name="Value" type="MOAAuthDataType" use="required"/>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="BasicAuth">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="UserID" type="MOAAuthDataType"/>
+ <xsd:element name="Password" type="MOAAuthDataType"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="HeaderAuth">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="Header" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="Header">
+ <xsd:complexType>
+ <xsd:attribute name="Name" type="xsd:token" use="required"/>
+ <xsd:attribute name="Value" type="MOAAuthDataType" use="required"/>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:simpleType name="MOAAuthDataType">
+ <xsd:restriction base="xsd:token">
+ <xsd:enumeration value="MOAGivenName"/>
+ <xsd:enumeration value="MOAFamilyName"/>
+ <xsd:enumeration value="MOADateOfBirth"/>
+ <xsd:enumeration value="MOABPK"/>
+ <xsd:enumeration value="MOAWBPK"/>
+ <xsd:enumeration value="MOAPublicAuthority"/>
+ <xsd:enumeration value="MOABKZ"/>
+ <xsd:enumeration value="MOAQualifiedCertificate"/>
+ <xsd:enumeration value="MOAStammzahl"/>
+ <xsd:enumeration value="MOAIdentificationValueType"/>
+ <xsd:enumeration value="MOAIPAddress"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ <xsd:simpleType name="MOAKeyBoxSelector">
+ <xsd:restriction base="xsd:token">
+ <xsd:enumeration value="SecureSignatureKeypair"/>
+ <xsd:enumeration value="CertifiedKeypair"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ <!--Konfiguration für Authentisierungs- und Proxy-Komponente und Online-Applikation-->
+ <xsd:element name="MOA-IDConfiguration">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="AuthComponent" type="AuthComponentType" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter der Authentisierungs-Komponente</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="ProxyComponent" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>enthält Konfigurationsparameter der Proxy-Komponente</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="AuthComponent">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter für die Kommunikation zw. Proxykomponente und Authenttisierungskomponente</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter für die SOAP-Verbindung von der Proxy-Komponente zur Auth-Komponente (vgl. AuthComponent/MOA-SP/ConnectionParameter)</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="OnlineApplication" maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter für die OA</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="OnlineApplicationType">
+ <xsd:attribute name="publicURLPrefix" type="xsd:anyURI" use="required"/>
+ <xsd:attribute name="keyBoxIdentifier" type="MOAKeyBoxSelector" use="optional" default="SecureSignatureKeypair"/>
+ <xsd:attribute name="type" use="optional" default="publicService">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:NMTOKEN">
+ <xsd:enumeration value="businessService"/>
+ <xsd:enumeration value="publicService"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ </xsd:attribute>
+ <xsd:attribute name="calculateHPI" type="xsd:boolean" use="optional" default="false"/>
+ <xsd:attribute name="friendlyName" type="xsd:string" use="optional"/>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="ChainingModes" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>spezifiziert den Algorithmus ("pkix" oder "chaining") für die Zertifikatspfadvalidierung</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence minOccurs="0" maxOccurs="unbounded">
+ <xsd:element name="TrustAnchor">
+ <xsd:annotation>
+ <xsd:documentation>ein vom SystemDefaultMode abweichender ChiningMode kann für jeden TrustAnchor gesetzt werden</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="dsig:X509IssuerSerialType">
+ <xsd:attribute name="mode" type="ChainingModeType" use="required"/>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ <xsd:attribute name="systemDefaultMode" type="ChainingModeType" use="optional" default="pkix"/>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="TrustedCACertificates" type="xsd:anyURI" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>verweist auf ein Verzeichnis, das vertrauenswürdige CA (Zwischen-CA, Wurzel-CA) Zertifikate enthält.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="GenericConfiguration" minOccurs="0" maxOccurs="unbounded">
+ <xsd:complexType>
+ <xsd:attribute name="name" use="required">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="DirectoryCertStoreParameters.RootDir"/>
+ <xsd:enumeration value="AuthenticationSession.TimeOut"/>
+ <xsd:enumeration value="AuthenticationData.TimeOut"/>
+ <xsd:enumeration value="TrustManager.RevocationChecking"/>
+ <xsd:enumeration value="FrontendServlets.EnableHTTPConnection"/>
+ <xsd:enumeration value="FrontendServlets.DataURLPrefix"/>
+ <xsd:enumeration value="AuthenticationServer.KeepAssertion"/>
+ <xsd:enumeration value="AuthenticationServer.WriteAssertionToFile"/>
+ <xsd:enumeration value="AuthenticationServer.SourceID"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ </xsd:attribute>
+ <xsd:attribute name="value" type="xsd:string" use="required"/>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:complexType name="AuthComponentType">
+ <xsd:sequence>
+ <xsd:element name="BKUSelection" minOccurs="0">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="ConnectionParameter" type="ConnectionParameterServerAuthType"/>
+ </xsd:sequence>
+ <xsd:attribute name="BKUSelectionAlternative" type="BKUSelectionType" use="optional" default="HTMLComplete"/>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="Templates" type="TemplatesType" minOccurs="0"/>
+ <xsd:element name="SecurityLayer">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter für die Kommunikation mit dem Security-Layer</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="TransformsInfo" type="TransformsInfoType" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="MOA-SP">
+ <xsd:annotation>
+ <xsd:documentation>enthält Konfiguratiosnparameter für die Kommunikation mit dem MOA SP Modul</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter für die SOAP-Verbindung von der AUTH-Komponente zu MOA-SP; das Attribut URL enthält den Endpunkt des Server; wird das Schema "https" verwendet müssen die Kind-Elemente angegeben werden; wird das Schema "http" verwendet dürfen keine Kind-Elemente angegeben werden; wird das Element nicht verwendet dann wird MOA-SP über das API aufgerufen</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="VerifyIdentityLink">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter für die Überprüfung der Personenbindung</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="TrustProfileID"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="VerifyAuthBlock">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter für die Überprüfung des AUTH-Blocks</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="TrustProfileID"/>
+ <xsd:element name="VerifyTransformsInfoProfileID" type="xsd:string" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="IdentityLinkSigners" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>enthält Informationen über akzeptierte Signers des IdentityLinks</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="X509SubjectName" type="xsd:string" maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>akzeptierte Signer des IdentityLinks werden per X509SubjectName (Kodierung nach RFC 2253) identifiziert</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="VerifyInfoboxes" type="VerifyInfoboxesType" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>enthält Defaultparameter für die Überprüfung weiterer Infoboxen</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="ForeignIdentities" minOccurs="0">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType">
+ <xsd:annotation>
+ <xsd:documentation>Default Verbindungsparameter zum SZR-Gateway (GetIdentityLink)</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="TransformsInfoType">
+ <xsd:annotation>
+ <xsd:documentation>das Attribut filename verweist auf eine Datei mit globalem Element TransformsInfo vom Typ sl10:TransformsInfo; diese TransformsInfo werden in den CreateXMLSignatureRequest für die Signatur des AUTH-Blocks inkludiert</xsd:documentation>
+ </xsd:annotation>
+ <xsd:attribute name="filename" type="xsd:anyURI" use="required"/>
+ </xsd:complexType>
+ <xsd:complexType name="TemplatesType">
+ <xsd:sequence>
+ <xsd:element name="BKUSelectionTemplate" type="TemplateType" minOccurs="0"/>
+ <xsd:element name="Template" type="TemplateType" minOccurs="0"/>
+ <xsd:element name="InputProcessorSignTemplate" type="TemplateType" minOccurs="0"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="TemplateType">
+ <xsd:annotation>
+ <xsd:documentation>das Attribut URL spezifiziert die Lage des Templates</xsd:documentation>
+ </xsd:annotation>
+ <xsd:attribute name="URL" type="xsd:anyURI" use="required"/>
+ </xsd:complexType>
+ <xsd:complexType name="VerifyInfoboxesType">
+ <xsd:annotation>
+ <xsd:documentation>Verifikation zusätzlicher Infoboxen</xsd:documentation>
+ </xsd:annotation>
+ <xsd:sequence>
+ <xsd:element name="DefaultTrustProfile" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>Optionales DefaultTrustprofil für die Überprüfung aller weiteren Infoboxen</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="TrustProfileID"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="Infobox" type="InfoboxType" minOccurs="0" maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>Parameter für Überprüfung weiterer Infoboxen</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="InfoboxType">
+ <xsd:annotation>
+ <xsd:documentation>Parameter zur Überprüfung einzelner Infoboxen</xsd:documentation>
+ </xsd:annotation>
+ <xsd:sequence>
+ <xsd:element name="FriendlyName" type="xsd:string" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>optionalervName, der für Fehlermeldungen verwendet werden soll; z.B.: "Stellvertretungen" für "Mandates"; fehlt dieser Parameter, dann wird das Identifier-Attribut verwendet</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="TrustProfileID" type="xsd:string" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>TrustProfil, das für die Überprüfung der Infobox verwendet werden soll</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="ValidatorClass" type="xsd:string" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>Validatorklasse, die für die Prüfung der Infobox verwendet werden soll; muss gesetzt werden, wenn Package- und Klassenname vom Default Package- und Klassennamen abweichen</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="SchemaLocations" type="SchemaLocationType" minOccurs="0"/>
+ <xsd:element name="ApplicationSpecificParameters" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>Infobox spezifische Parameter, die der jeweiligen Prüfapplikation übergeben werden</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:any namespace="##any" processContents="skip" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="ParepSpecificParameters" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>Infobox spezifische Parameter, die der Prüfapplikation für berufliche Parteienvertretung übergeben werden. Dies ist logisch Teil der ApplicationSpecificParameters, kann jedoch aufgrund der Strukturierung validierend geparst werden und dadurch wird eine funktionierende Konfiguration bei Programmstart garantiert.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="EnableInfoboxValidator" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>Falls Infoboxinhalte für die berufliche Parteienvertretung in der Vollmachten Infobox "mandates" abgelegt werden und Vertretung für berufliche Parteienvertreter aktiviert ist, so kann mit diesem Schalter die Vollmachtsprüfung für normale Vollmachten deaktiviert werden. Damit wird erreicht, dass mittels der Vollmachten Infobox ausschließlich berufliche Parteienvertretung aktiviert ist. Dieser Schalter ist nur für die Vollmachten Infobox "mandates" relevant.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="PartyRepresentation" type="PartyRepresentationType">
+ <xsd:annotation>
+ <xsd:documentation>Eigentlicher Konfigurationsteil für berufliche Parteienvertretung</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ <xsd:attribute name="Identifier" type="xsd:string" use="required"/>
+ <xsd:attribute name="required" type="xsd:boolean" use="optional" default="false"/>
+ <xsd:attribute name="provideStammzahl" type="xsd:boolean" use="optional" default="false"/>
+ <xsd:attribute name="provideIdentityLink" type="xsd:boolean" use="optional" default="false"/>
+ </xsd:complexType>
+ <xsd:complexType name="SchemaLocationType">
+ <xsd:annotation>
+ <xsd:documentation>Spezifiziert die Lage von XML Schemas</xsd:documentation>
+ </xsd:annotation>
+ <xsd:sequence>
+ <xsd:element name="Schema" maxOccurs="unbounded">
+ <xsd:complexType>
+ <xsd:attribute name="namespace" type="xsd:anyURI" use="required"/>
+ <xsd:attribute name="schemaLocation" type="xsd:anyURI" use="required"/>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="ProxyComponentType"/>
+ <xsd:complexType name="OnlineApplicationType">
+ <xsd:sequence>
+ <xsd:element name="AuthComponent" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter über die OA, die die Authentisierungs-Komponente betreffen</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <!--xsd:element name="IdentificationNumber" minOccurs="0">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="pr:AbstractSimpleIdentification"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element-->
+ <xsd:element name="IdentificationNumber" minOccurs="0">
+ <xsd:complexType>
+ <xsd:choice>
+ <xsd:element ref="pr:Firmenbuchnummer"/>
+ <xsd:element ref="pr:ZMRzahl"/>
+ <xsd:element ref="pr:Vereinsnummer"/>
+ <xsd:element ref="pr:ERJPZahl"/>
+ <xsd:element name="AnyNumber">
+ <xsd:complexType>
+ <xsd:simpleContent>
+ <xsd:extension base="xsd:string">
+ <xsd:attribute name="Identifier" type="xsd:string" use="required"/>
+ </xsd:extension>
+ </xsd:simpleContent>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:choice>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="Templates" type="TemplatesType" minOccurs="0"/>
+ <xsd:element name="TransformsInfo" type="TransformsInfoType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="VerifyInfoboxes" type="VerifyInfoboxesType" minOccurs="0"/>
+ </xsd:sequence>
+ <xsd:attribute name="slVersion" use="optional" default="1.1">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="1.1"/>
+ <xsd:enumeration value="1.2"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ </xsd:attribute>
+ <xsd:attribute name="provideStammzahl" type="xsd:boolean" use="optional" default="false"/>
+ <xsd:attribute name="provideAUTHBlock" type="xsd:boolean" use="optional" default="false"/>
+ <xsd:attribute name="provideIdentityLink" type="xsd:boolean" use="optional" default="false"/>
+ <xsd:attribute name="provideCertificate" type="xsd:boolean" use="optional" default="false"/>
+ <!--xsd:element ref="pr:AbstractSimpleIdentification" minOccurs="0" maxOccurs="1"/-->
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="ProxyComponent" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter über die OA, die die Proxy-Komponente betreffen</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter über die OA, die die Proxy-Komponente betreffen</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ <xsd:attribute name="configFileURL" type="xsd:anyURI" use="optional"/>
+ <xsd:attribute name="sessionTimeOut" type="xsd:int" use="optional"/>
+ <xsd:attribute name="loginParameterResolverImpl" type="xsd:string" use="optional"/>
+ <xsd:attribute name="loginParameterResolverConfiguration" type="xsd:string" use="optional"/>
+ <xsd:attribute name="connectionBuilderImpl" type="xsd:string" use="optional"/>
+ </xsd:complexType>
+ </xsd:element>
+ <!--xsd:element ref="pr:CorporateBody" minOccurs="0" maxOccurs="1"/-->
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="ConnectionParameterServerAuthType">
+ <xsd:sequence>
+ <xsd:element name="AcceptedServerCertificates" type="xsd:anyURI" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>URL zu einem Verzeichnis, das akzeptierte Server-Zertifikate der TLS-Verbindung enthält (keine CA-Zertifikate)</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ <xsd:attribute name="URL" type="xsd:anyURI" use="required"/>
+ </xsd:complexType>
+ <xsd:complexType name="ConnectionParameterClientAuthType">
+ <xsd:complexContent>
+ <xsd:extension base="ConnectionParameterServerAuthType">
+ <xsd:sequence>
+ <xsd:element name="ClientKeyStore" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>URL zu einem KeyStore, der den privaten Schlüssel, der für die TLS-Client-Authentisierung verwendet wird, enthält</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:simpleContent>
+ <xsd:extension base="xsd:anyURI">
+ <xsd:attribute name="password" type="xsd:string" use="optional"/>
+ </xsd:extension>
+ </xsd:simpleContent>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:element name="TrustProfileID" type="xsd:string"/>
+ <xsd:simpleType name="ChainingModeType">
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="chaining"/>
+ <xsd:enumeration value="pkix"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ <xsd:simpleType name="BKUSelectionType">
+ <xsd:restriction base="xsd:token">
+ <xsd:enumeration value="HTMLComplete"/>
+ <xsd:enumeration value="HTMLSelect"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ <xsd:element name="CompatibilityMode" default="false">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:boolean"/>
+ </xsd:simpleType>
+ </xsd:element>
+ <xsd:element name="EnableInfoboxValidator" default="true">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:boolean"/>
+ </xsd:simpleType>
+ </xsd:element>
+ <xsd:element name="AlwaysShowForm" default="false">
+ <xsd:annotation>
+ <xsd:documentation>Soll nicht nur bei leerer oder standardisierter Vollmacht mit unvollständigen Daten, sondern beispielsweise zu Kontrollzwecken das Eingabeformular immer angezeigt werden, wenn ein Einschreiten durch berufliche Parteienvertretung geschieht so kann dies mittels dieses Schalters veranlasst werden</xsd:documentation>
+ </xsd:annotation>
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:boolean"/>
+ </xsd:simpleType>
+ </xsd:element>
+ <xsd:complexType name="InputProcessorType">
+ <xsd:simpleContent>
+ <xsd:extension base="xsd:string">
+ <xsd:attribute name="template" type="xsd:anyURI" use="optional">
+ <xsd:annotation>
+ <xsd:documentation>Das Attribut spezifiziert die Lage des Templates, welches der InputProcessor zur Darstellung des Eingabeformulars nutzen soll</xsd:documentation>
+ </xsd:annotation>
+ </xsd:attribute>
+ </xsd:extension>
+ </xsd:simpleContent>
+ </xsd:complexType>
+ <xsd:complexType name="PartyRepresentationType">
+ <xsd:sequence>
+ <xsd:element name="InputProcessor" type="InputProcessorType" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>Default InputProcessor. Konfiguration eines vom Standardprozess abweichenden Verarbeitungsvorgangs bei der beruflichen Parteienvertretung. Der Wert dieses Elements ist der vollständige Klassenname des InputProzessors</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element ref="AlwaysShowForm" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>Default Wert für Formularanzeige. Soll nicht nur bei leerer oder standardisierter Vollmacht mit unvollständigen Daten, sondern beispielsweise zu Kontrollzwecken das Eingabeformular zur vervollständigung der Vertretenendaten immer angezeigt werden, wenn ein Einschreiten durch berufliche Parteienvertretung geschieht so kann dies mittels dieses Schalters veranlasst werden</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>Default Verbindungsparameter zum SZR-Gateway (für den EGIZ-Demonstrator im internen Netzwerk: https://129.27.142.5:8443/szr-gateway/services/MandateCreation)</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="PartyRepresentative" type="PartyRepresentativeType" minOccurs="0" maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>Falls keine speziellen beruflichen ParteienvertreterInnen definiert sind (Element kommt nicht vor), werden ausschließlich standardisierte Vollmachten mit einer MandateID="*" akzeptiert</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="PartyRepresentativeType">
+ <xsd:sequence>
+ <xsd:element name="InputProcessor" type="InputProcessorType" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>Konfiguration eines vom Standardprozess abweichenden Verarbeitungsvorgangs bei der beruflichen Parteienvertretung. Der Wert dieses Elements ist der vollständige Klassenname des InputProzessors</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element ref="AlwaysShowForm" minOccurs="0"/>
+ <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>Optionale Verbindungsparameter zu speziellem (SZR-)Gateway</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ <xsd:attribute name="oid" use="required">
+ <xsd:annotation>
+ <xsd:documentation>OID der Parteienvertretung lt. "Object Identifier der öffentlichen Verwaltung" - Konvention, Empfehlung. Diese ID muss mit der MandateID der übermittelten standardisierten Vollmacht übereinstimmen. Eine Parteienvertretung für standardisierte Vollmachten mit der MandateID "*" muss nicht definiert werden und erlaubt eine allgemeine berufliche Parteienvertretung mit Standardtexten. In anderen Fällen ist eine erlaubte OID mitttels dieses Attributs zu definieren</xsd:documentation>
+ </xsd:annotation>
+ <!--xsd:simpleType>
+ <xsd:restriction/>
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="1.2.40.0.10.3.1"/>
+ <xsd:enumeration value="1.2.40.0.10.3.2"/>
+ <xsd:enumeration value="1.2.40.0.10.3.3"/>
+ <xsd:enumeration value="1.2.40.0.10.3.10"/>
+ <xsd:enumeration value="1.2.40.0.10.3.10.IdentifiedVoiceChannel"/>
+ </xsd:restriction>
+ </xsd:simpleType-->
+ </xsd:attribute>
+ <xsd:attribute name="representPhysicalParty" use="optional" default="false">
+ <xsd:annotation>
+ <xsd:documentation>Legt fest, ob berufliche Parteienvertretung für natürliche Personen erlaubt ist</xsd:documentation>
+ </xsd:annotation>
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:boolean"/>
+ </xsd:simpleType>
+ </xsd:attribute>
+ <xsd:attribute name="representCorporateParty" use="optional" default="false">
+ <xsd:annotation>
+ <xsd:documentation>Legt fest, ob berufliche Parteienvertretung für juristische Personen erlaubt ist (welche z.B. ein Organwalter nicht vertreten darf und dieser Wert aus diesem Grund dort false sein muss)</xsd:documentation>
+ </xsd:annotation>
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:boolean"/>
+ </xsd:simpleType>
+ </xsd:attribute>
+ <xsd:attribute name="representationText" use="optional">
+ <xsd:annotation>
+ <xsd:documentation>Beschreibender Text, der an Stelle des Standardtexts bei der Signatur der Anmeldedaten im Falle einer vorliegenden beruflichen Parteienvertretung zur Signatur vorgelegt wird</xsd:documentation>
+ </xsd:annotation>
+ <!--xsd:simpleType>
+ <xsd:restriction/>
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="berufsmäßige(r) Parteienvertreter(in) mit Notariatseigenschaft"/>
+ <xsd:enumeration value="berufsmäßige(r) Parteienvertreter(in) mit Rechtsanwaltseigenschaft"/>
+ <xsd:enumeration value="berufsmäßige(r) Parteienvertreter(in) mit Ziviltechnikerinneneigenschaft)"/>
+ <xsd:enumeration value="Organwalter"/>
+ <xsd:enumeration value="Parteienvertreter(in) über einen identifizierten Sprachkanal"/>
+ </xsd:restriction>
+ </xsd:simpleType-->
+ </xsd:attribute>
+ </xsd:complexType>
+</xsd:schema>
diff --git a/common/src/main/resources/resources/schemas/MOA-ID-Configuration-1.4.xsd b/common/src/main/resources/resources/schemas/MOA-ID-Configuration-1.4.xsd new file mode 100644 index 000000000..66a9c0ed4 --- /dev/null +++ b/common/src/main/resources/resources/schemas/MOA-ID-Configuration-1.4.xsd @@ -0,0 +1,505 @@ +<?xml version="1.0" encoding="UTF-8"?>
+<!-- edited with XMLSPY v5 rel. 4 U (http://www.xmlspy.com) by Rudolf Schamberger (Stabsstelle IKT-Strategie) (Bundesrechenzentrum GmbH) -->
+<xsd:schema xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" targetNamespace="http://www.buergerkarte.at/namespaces/moaconfig#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.1.1">
+ <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/>
+ <xsd:import namespace="http://reference.e-government.gv.at/namespace/persondata/20020228#" schemaLocation="PersonData_20_en_moaWID.xsd"/>
+ <xsd:element name="Configuration">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="LoginType" type="LoginType" default="stateful"/>
+ <xsd:element name="Binding" minOccurs="0">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="full"/>
+ <xsd:enumeration value="userName"/>
+ <xsd:enumeration value="none"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ </xsd:element>
+ <xsd:choice>
+ <xsd:element ref="ParamAuth"/>
+ <xsd:element ref="BasicAuth"/>
+ <xsd:element ref="HeaderAuth"/>
+ </xsd:choice>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:simpleType name="LoginType">
+ <xsd:restriction base="xsd:token">
+ <xsd:enumeration value="stateless"/>
+ <xsd:enumeration value="stateful"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ <xsd:element name="ParamAuth">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="Parameter" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="Parameter">
+ <xsd:complexType>
+ <xsd:attribute name="Name" type="xsd:token" use="required"/>
+ <xsd:attribute name="Value" type="MOAAuthDataType" use="required"/>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="BasicAuth">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="UserID" type="MOAAuthDataType"/>
+ <xsd:element name="Password" type="MOAAuthDataType"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="HeaderAuth">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="Header" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="Header">
+ <xsd:complexType>
+ <xsd:attribute name="Name" type="xsd:token" use="required"/>
+ <xsd:attribute name="Value" type="MOAAuthDataType" use="required"/>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:simpleType name="MOAAuthDataType">
+ <xsd:restriction base="xsd:token">
+ <xsd:enumeration value="MOAGivenName"/>
+ <xsd:enumeration value="MOAFamilyName"/>
+ <xsd:enumeration value="MOADateOfBirth"/>
+ <xsd:enumeration value="MOABPK"/>
+ <xsd:enumeration value="MOAWBPK"/>
+ <xsd:enumeration value="MOAPublicAuthority"/>
+ <xsd:enumeration value="MOABKZ"/>
+ <xsd:enumeration value="MOAQualifiedCertificate"/>
+ <xsd:enumeration value="MOAStammzahl"/>
+ <xsd:enumeration value="MOAIdentificationValueType"/>
+ <xsd:enumeration value="MOAIPAddress"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ <xsd:simpleType name="MOAKeyBoxSelector">
+ <xsd:restriction base="xsd:token">
+ <xsd:enumeration value="SecureSignatureKeypair"/>
+ <xsd:enumeration value="CertifiedKeypair"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ <!--Konfiguration für Authentisierungs- und Proxy-Komponente und Online-Applikation-->
+ <xsd:element name="MOA-IDConfiguration">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="AuthComponent" type="AuthComponentType" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter der
+ Authentisierungs-Komponente</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="ProxyComponent" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>enthält Konfigurationsparameter der
+ Proxy-Komponente</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="AuthComponent">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter für die Kommunikation zw.
+ Proxykomponente und Authenttisierungskomponente</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter für die SOAP-Verbindung von der
+ Proxy-Komponente zur Auth-Komponente (vgl.
+ AuthComponent/MOA-SP/ConnectionParameter)</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="OnlineApplication" maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter für die OA</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="OnlineApplicationType">
+ <xsd:attribute name="publicURLPrefix" type="xsd:anyURI" use="required"/>
+ <xsd:attribute name="keyBoxIdentifier" type="MOAKeyBoxSelector" use="optional" default="SecureSignatureKeypair"/>
+ <xsd:attribute name="type" use="optional" default="publicService">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:NMTOKEN">
+ <xsd:enumeration value="businessService"/>
+ <xsd:enumeration value="publicService"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ </xsd:attribute>
+ <xsd:attribute name="calculateHPI" type="xsd:boolean" use="optional" default="false"/>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="ChainingModes" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>spezifiziert den Algorithmus ("pkix" oder "chaining") für die
+ Zertifikatspfadvalidierung</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence minOccurs="0" maxOccurs="unbounded">
+ <xsd:element name="TrustAnchor">
+ <xsd:annotation>
+ <xsd:documentation>ein vom SystemDefaultMode abweichender ChiningMode kann
+ für jeden TrustAnchor gesetzt werden</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="dsig:X509IssuerSerialType">
+ <xsd:attribute name="mode" type="ChainingModeType" use="required"/>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ <xsd:attribute name="systemDefaultMode" type="ChainingModeType" use="optional" default="pkix"/>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="TrustedCACertificates" type="xsd:anyURI" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>verweist auf ein Verzeichnis, das vertrauenswürdige CA
+ (Zwischen-CA, Wurzel-CA) Zertifikate enthält.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="GenericConfiguration" minOccurs="0" maxOccurs="unbounded">
+ <xsd:complexType>
+ <xsd:attribute name="name" use="required">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="DirectoryCertStoreParameters.RootDir"/>
+ <xsd:enumeration value="AuthenticationSession.TimeOut"/>
+ <xsd:enumeration value="AuthenticationData.TimeOut"/>
+ <xsd:enumeration value="TrustManager.RevocationChecking"/>
+ <xsd:enumeration value="FrontendServlets.EnableHTTPConnection"/>
+ <xsd:enumeration value="FrontendServlets.DataURLPrefix"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ </xsd:attribute>
+ <xsd:attribute name="value" type="xsd:string" use="required"/>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:complexType name="AuthComponentType">
+ <xsd:sequence>
+ <xsd:element name="BKUSelection" minOccurs="0">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="ConnectionParameter" type="ConnectionParameterServerAuthType"/>
+ </xsd:sequence>
+ <xsd:attribute name="BKUSelectionAlternative" type="BKUSelectionType" use="optional" default="HTMLComplete"/>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="Templates" type="TemplatesType" minOccurs="0"/>
+ <xsd:element name="SecurityLayer">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter für die Kommunikation mit dem
+ Security-Layer</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="TransformsInfo" type="TransformsInfoType" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="MOA-SP">
+ <xsd:annotation>
+ <xsd:documentation>enthält Konfiguratiosnparameter für die Kommunikation mit dem MOA
+ SP Modul</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter für die SOAP-Verbindung von der
+ AUTH-Komponente zu MOA-SP; das Attribut URL enthält den Endpunkt des Server;
+ wird das Schema "https" verwendet müssen die Kind-Elemente angegeben werden;
+ wird das Schema "http" verwendet dürfen keine Kind-Elemente angegeben
+ werden; wird das Element nicht verwendet dann wird MOA-SP über das API
+ aufgerufen</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="VerifyIdentityLink">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter für die Überprüfung der
+ Personenbindung</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="TrustProfileID"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="VerifyAuthBlock">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter für die Überprüfung des
+ AUTH-Blocks</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="TrustProfileID"/>
+ <xsd:element name="VerifyTransformsInfoProfileID" type="xsd:string" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="IdentityLinkSigners" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>enthält Informationen über akzeptierte Signers des
+ IdentityLinks</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="X509SubjectName" type="xsd:string" maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>akzeptierte Signer des IdentityLinks werden per
+ X509SubjectName (Kodierung nach RFC 2253) identifiziert</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="VerifyInfoboxes" type="VerifyInfoboxesType" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>enthält Defaultparameter für die Überprüfung weiterer Infoboxen</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="TransformsInfoType">
+ <xsd:annotation>
+ <xsd:documentation>das Attribut filename verweist auf eine Datei mit globalem
+ Element TransformsInfo vom Typ sl10:TransformsInfo; diese TransformsInfo
+ werden in den CreateXMLSignatureRequest für die Signatur des AUTH-Blocks
+ inkludiert</xsd:documentation>
+ </xsd:annotation>
+ <xsd:attribute name="filename" type="xsd:anyURI" use="required"/>
+ </xsd:complexType>
+ <xsd:complexType name="TemplatesType">
+ <xsd:sequence>
+ <xsd:element name="BKUSelectionTemplate" type="TemplateType" minOccurs="0"/>
+ <xsd:element name="Template" type="TemplateType" minOccurs="0"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="TemplateType">
+ <xsd:annotation>
+ <xsd:documentation>das Attribut URL spezifiziert die Lage des Templates</xsd:documentation>
+ </xsd:annotation>
+ <xsd:attribute name="URL" type="xsd:anyURI" use="required"/>
+ </xsd:complexType>
+ <xsd:complexType name="VerifyInfoboxesType">
+ <xsd:annotation>
+ <xsd:documentation>Verifikation zusätzlicher Infoboxen</xsd:documentation>
+ </xsd:annotation>
+ <xsd:sequence>
+ <xsd:element name="DefaultTrustProfile" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>Optionales DefaultTrustprofil für die Überprüfung aller weiteren Infoboxen</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="TrustProfileID"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="Infobox" maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>Parameter für Überprüfung weiterer Infoboxen</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="FriendlyName" type="xsd:string" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>optionalervName, der für Fehlermeldungen verwendet werden soll;
+ z.B.: "Stellvertretungen" für "Mandates"; fehlt dieser Parameter, dann wird
+ das Identifier-Attribut verwendet</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="TrustProfileID" type="xsd:string" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>TrustProfil, das für die Überprüfung der Infobox
+ verwendet werden soll</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="ValidatorClass" type="xsd:string" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>Validatorklasse, die für die Prüfung der Infobox
+ verwendet werden soll; muss gesetzt werden, wenn Package- und Klassenname
+ vom Default Package- und Klassennamen abweichen</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="SchemaLocations" type="SchemaLocationType" minOccurs="0"/>
+ <xsd:element name="ApplicationSpecificParameters" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>Infobox spezifische Parameter, die der jeweiligen Prüfapplikation
+ übergeben werden</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:any namespace="##any" processContents="skip" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ <xsd:attribute name="Identifier" type="xsd:string" use="required"/>
+ <xsd:attribute name="required" type="xsd:boolean" use="optional" default="false"/>
+ <xsd:attribute name="provideStammzahl" type="xsd:boolean" use="optional" default="false"/>
+ <xsd:attribute name="provideIdentityLink" type="xsd:boolean" use="optional" default="false"/>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="SchemaLocationType">
+ <xsd:annotation>
+ <xsd:documentation>Spezifiziert die Lage von XML Schemas</xsd:documentation>
+ </xsd:annotation>
+ <xsd:sequence>
+ <xsd:element name="Schema" maxOccurs="unbounded">
+ <xsd:complexType>
+ <xsd:attribute name="namespace" type="xsd:anyURI" use="required"/>
+ <xsd:attribute name="schemaLocation" type="xsd:anyURI" use="required"/>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="ProxyComponentType"/>
+ <xsd:complexType name="OnlineApplicationType">
+ <xsd:sequence>
+ <xsd:element name="AuthComponent" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter über die OA, die die
+ Authentisierungs-Komponente betreffen</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <!--xsd:element name="IdentificationNumber" minOccurs="0">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="pr:AbstractSimpleIdentification"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element-->
+ <xsd:element name="IdentificationNumber" minOccurs="0">
+ <xsd:complexType>
+ <xsd:choice>
+ <xsd:element ref="pr:Firmenbuchnummer"/>
+ <xsd:element ref="pr:ZMRzahl"/>
+ <xsd:element ref="pr:Vereinsnummer"/>
+ <xsd:element ref="pr:ERJPZahl"/>
+ <xsd:element name="AnyNumber">
+ <xsd:complexType>
+ <xsd:simpleContent>
+ <xsd:extension base="xsd:string">
+ <xsd:attribute name="Identifier" type="xsd:string" use="required"/>
+ </xsd:extension>
+ </xsd:simpleContent>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:choice>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="Templates" type="TemplatesType" minOccurs="0"/>
+ <xsd:element name="TransformsInfo" type="TransformsInfoType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="VerifyInfoboxes" type="VerifyInfoboxesType" minOccurs="0"/>
+ </xsd:sequence>
+ <xsd:attribute name="slVersion" use="optional" default="1.1">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="1.1"/>
+ <xsd:enumeration value="1.2"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ </xsd:attribute>
+ <xsd:attribute name="provideStammzahl" type="xsd:boolean" use="optional" default="false"/>
+ <xsd:attribute name="provideAUTHBlock" type="xsd:boolean" use="optional" default="false"/>
+ <xsd:attribute name="provideIdentityLink" type="xsd:boolean" use="optional" default="false"/>
+ <xsd:attribute name="provideCertificate" type="xsd:boolean" use="optional" default="false"/>
+ <!--xsd:element ref="pr:AbstractSimpleIdentification" minOccurs="0" maxOccurs="1"/-->
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="ProxyComponent" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter über die OA, die die Proxy-Komponente
+ betreffen</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter über die OA, die die Proxy-Komponente
+ betreffen</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ <xsd:attribute name="configFileURL" type="xsd:anyURI" use="optional"/>
+ <xsd:attribute name="sessionTimeOut" type="xsd:int" use="optional"/>
+ <xsd:attribute name="loginParameterResolverImpl" type="xsd:string" use="optional"/>
+ <xsd:attribute name="loginParameterResolverConfiguration" type="xsd:string" use="optional"/>
+ <xsd:attribute name="connectionBuilderImpl" type="xsd:string" use="optional"/>
+ </xsd:complexType>
+ </xsd:element>
+ <!--xsd:element ref="pr:CorporateBody" minOccurs="0" maxOccurs="1"/-->
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="ConnectionParameterServerAuthType">
+ <xsd:sequence>
+ <xsd:element name="AcceptedServerCertificates" type="xsd:anyURI" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>URL zu einem Verzeichnis, das akzeptierte Server-Zertifikate der
+ TLS-Verbindung enthält (keine CA-Zertifikate)</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ <xsd:attribute name="URL" type="xsd:anyURI" use="required"/>
+ </xsd:complexType>
+ <xsd:complexType name="ConnectionParameterClientAuthType">
+ <xsd:complexContent>
+ <xsd:extension base="ConnectionParameterServerAuthType">
+ <xsd:sequence>
+ <xsd:element name="ClientKeyStore" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>URL zu einem KeyStore, der den privaten Schlüssel, der für
+ die TLS-Client-Authentisierung verwendetwird, enthält</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:simpleContent>
+ <xsd:extension base="xsd:anyURI">
+ <xsd:attribute name="password" type="xsd:string" use="optional"/>
+ </xsd:extension>
+ </xsd:simpleContent>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:element name="TrustProfileID" type="xsd:string"/>
+ <xsd:simpleType name="ChainingModeType">
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="chaining"/>
+ <xsd:enumeration value="pkix"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ <xsd:simpleType name="BKUSelectionType">
+ <xsd:restriction base="xsd:token">
+ <xsd:enumeration value="HTMLComplete"/>
+ <xsd:enumeration value="HTMLSelect"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+</xsd:schema>
diff --git a/common/src/main/resources/resources/schemas/MOA-ID-Configuration-1.5.0.xsd b/common/src/main/resources/resources/schemas/MOA-ID-Configuration-1.5.0.xsd new file mode 100644 index 000000000..19b793fdb --- /dev/null +++ b/common/src/main/resources/resources/schemas/MOA-ID-Configuration-1.5.0.xsd @@ -0,0 +1,665 @@ +<?xml version="1.0" encoding="UTF-8"?>
+<!-- edited with XMLSpy v2006 sp2 U (http://www.altova.com) by Klaus Stranacher (Technische Universität Graz) -->
+<xsd:schema xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" targetNamespace="http://www.buergerkarte.at/namespaces/moaconfig#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.4.3">
+ <!-- es werden lokale Schemas referenziert für real aufgelöste Schemas bitte ersetzen: http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd -->
+ <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd"/>
+ <xsd:import namespace="http://reference.e-government.gv.at/namespace/persondata/20020228#" schemaLocation="PersonData_20_en_moaWID.xsd"/>
+ <xsd:element name="Configuration">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="LoginType" type="LoginType" default="stateful"/>
+ <xsd:element name="Binding" minOccurs="0">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="full"/>
+ <xsd:enumeration value="userName"/>
+ <xsd:enumeration value="none"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ </xsd:element>
+ <xsd:choice>
+ <xsd:element ref="ParamAuth"/>
+ <xsd:element ref="BasicAuth"/>
+ <xsd:element ref="HeaderAuth"/>
+ </xsd:choice>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:simpleType name="LoginType">
+ <xsd:restriction base="xsd:token">
+ <xsd:enumeration value="stateless"/>
+ <xsd:enumeration value="stateful"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ <xsd:element name="ParamAuth">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="Parameter" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="Parameter">
+ <xsd:complexType>
+ <xsd:attribute name="Name" type="xsd:token" use="required"/>
+ <xsd:attribute name="Value" type="MOAAuthDataType" use="required"/>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="BasicAuth">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="UserID" type="MOAAuthDataType"/>
+ <xsd:element name="Password" type="MOAAuthDataType"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="HeaderAuth">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="Header" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="Header">
+ <xsd:complexType>
+ <xsd:attribute name="Name" type="xsd:token" use="required"/>
+ <xsd:attribute name="Value" type="MOAAuthDataType" use="required"/>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:simpleType name="MOAAuthDataType">
+ <xsd:restriction base="xsd:token">
+ <xsd:enumeration value="MOAGivenName"/>
+ <xsd:enumeration value="MOAFamilyName"/>
+ <xsd:enumeration value="MOADateOfBirth"/>
+ <xsd:enumeration value="MOABPK"/>
+ <xsd:enumeration value="MOAWBPK"/>
+ <xsd:enumeration value="MOAPublicAuthority"/>
+ <xsd:enumeration value="MOABKZ"/>
+ <xsd:enumeration value="MOAQualifiedCertificate"/>
+ <xsd:enumeration value="MOAStammzahl"/>
+ <xsd:enumeration value="MOAIdentificationValueType"/>
+ <xsd:enumeration value="MOAIPAddress"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ <xsd:simpleType name="MOAKeyBoxSelector">
+ <xsd:restriction base="xsd:token">
+ <xsd:enumeration value="SecureSignatureKeypair"/>
+ <xsd:enumeration value="CertifiedKeypair"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ <!--Konfiguration für Authentisierungs- und Proxy-Komponente und Online-Applikation-->
+ <xsd:element name="MOA-IDConfiguration">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="AuthComponent" type="AuthComponentType" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter der Authentisierungs-Komponente</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="ProxyComponent" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>enthält Konfigurationsparameter der Proxy-Komponente</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="AuthComponent">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter für die Kommunikation zw. Proxykomponente und Authenttisierungskomponente</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter für die SOAP-Verbindung von der Proxy-Komponente zur Auth-Komponente (vgl. AuthComponent/MOA-SP/ConnectionParameter)</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="OnlineApplication" maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter für die OA</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="OnlineApplicationType">
+ <xsd:attribute name="publicURLPrefix" type="xsd:anyURI" use="required"/>
+ <xsd:attribute name="keyBoxIdentifier" type="MOAKeyBoxSelector" use="optional" default="SecureSignatureKeypair"/>
+ <xsd:attribute name="type" use="optional" default="publicService">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:NMTOKEN">
+ <xsd:enumeration value="businessService"/>
+ <xsd:enumeration value="publicService"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ </xsd:attribute>
+ <xsd:attribute name="calculateHPI" type="xsd:boolean" use="optional" default="false"/>
+ <xsd:attribute name="friendlyName" type="xsd:string" use="optional"/>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="ChainingModes" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>spezifiziert den Algorithmus ("pkix" oder "chaining") für die Zertifikatspfadvalidierung</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence minOccurs="0" maxOccurs="unbounded">
+ <xsd:element name="TrustAnchor">
+ <xsd:annotation>
+ <xsd:documentation>ein vom SystemDefaultMode abweichender ChiningMode kann für jeden TrustAnchor gesetzt werden</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="dsig:X509IssuerSerialType">
+ <xsd:attribute name="mode" type="ChainingModeType" use="required"/>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ <xsd:attribute name="systemDefaultMode" type="ChainingModeType" use="optional" default="pkix"/>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="TrustedCACertificates" type="xsd:anyURI" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>verweist auf ein Verzeichnis, das vertrauenswürdige CA (Zwischen-CA, Wurzel-CA) Zertifikate enthält.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="GenericConfiguration" minOccurs="0" maxOccurs="unbounded">
+ <xsd:complexType>
+ <xsd:attribute name="name" use="required">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="DirectoryCertStoreParameters.RootDir"/>
+ <xsd:enumeration value="AuthenticationSession.TimeOut"/>
+ <xsd:enumeration value="AuthenticationData.TimeOut"/>
+ <xsd:enumeration value="TrustManager.RevocationChecking"/>
+ <xsd:enumeration value="FrontendServlets.EnableHTTPConnection"/>
+ <xsd:enumeration value="FrontendServlets.DataURLPrefix"/>
+ <xsd:enumeration value="AuthenticationServer.KeepAssertion"/>
+ <xsd:enumeration value="AuthenticationServer.WriteAssertionToFile"/>
+ <xsd:enumeration value="AuthenticationServer.SourceID"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ </xsd:attribute>
+ <xsd:attribute name="value" type="xsd:string" use="required"/>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="TrustedBKUs" minOccurs="0">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="BKUURL" type="xsd:anyURI" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:complexType name="AuthComponentType">
+ <xsd:sequence>
+ <xsd:element name="BKUSelection" minOccurs="0">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="ConnectionParameter" type="ConnectionParameterServerAuthType"/>
+ </xsd:sequence>
+ <xsd:attribute name="BKUSelectionAlternative" type="BKUSelectionType" use="optional" default="HTMLComplete"/>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="Templates" type="TemplatesType" minOccurs="0"/>
+ <xsd:element name="SecurityLayer">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter für die Kommunikation mit dem Security-Layer</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="TransformsInfo" type="TransformsInfoType" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="MOA-SP">
+ <xsd:annotation>
+ <xsd:documentation>enthält Konfiguratiosnparameter für die Kommunikation mit dem MOA SP Modul</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter für die SOAP-Verbindung von der AUTH-Komponente zu MOA-SP; das Attribut URL enthält den Endpunkt des Server; wird das Schema "https" verwendet müssen die Kind-Elemente angegeben werden; wird das Schema "http" verwendet dürfen keine Kind-Elemente angegeben werden; wird das Element nicht verwendet dann wird MOA-SP über das API aufgerufen</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="VerifyIdentityLink">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter für die Überprüfung der Personenbindung</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="TrustProfileID"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="VerifyAuthBlock">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter für die Überprüfung des AUTH-Blocks</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="TrustProfileID"/>
+ <xsd:element name="VerifyTransformsInfoProfileID" type="xsd:string" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="IdentityLinkSigners" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>enthält Informationen über akzeptierte Signers des IdentityLinks</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="X509SubjectName" type="xsd:string" maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>akzeptierte Signer des IdentityLinks werden per X509SubjectName (Kodierung nach RFC 2253) identifiziert</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="VerifyInfoboxes" type="VerifyInfoboxesType" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>enthält Defaultparameter für die Überprüfung weiterer Infoboxen</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="ForeignIdentities" minOccurs="0">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType">
+ <xsd:annotation>
+ <xsd:documentation>Verbindungsparameter zum SZR-Gateway (GetIdentityLink)</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="OnlineMandates" minOccurs="0">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType">
+ <xsd:annotation>
+ <xsd:documentation>Verbindungsparameter zum Online-Vollmachten-Service</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="TransformsInfoType">
+ <xsd:annotation>
+ <xsd:documentation>das Attribut filename verweist auf eine Datei mit globalem Element TransformsInfo vom Typ sl10:TransformsInfo; diese TransformsInfo werden in den CreateXMLSignatureRequest für die Signatur des AUTH-Blocks inkludiert</xsd:documentation>
+ </xsd:annotation>
+ <xsd:attribute name="filename" type="xsd:anyURI" use="required"/>
+ </xsd:complexType>
+ <xsd:complexType name="TemplatesType">
+ <xsd:sequence>
+ <xsd:element name="BKUSelectionTemplate" type="TemplateType" minOccurs="0"/>
+ <xsd:element name="Template" type="TemplateType" minOccurs="0"/>
+ <xsd:element name="InputProcessorSignTemplate" type="TemplateType" minOccurs="0"/>
+ <xsd:element name="OnlineMandates" minOccurs="0">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="BKU" maxOccurs="unbounded">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="MOA-ID-Template" type="TemplateType"/>
+ <xsd:element name="MandateTemplate" type="TemplateType"/>
+ </xsd:sequence>
+ <xsd:attribute name="URL" use="required"/>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="TemplateType">
+ <xsd:annotation>
+ <xsd:documentation>das Attribut URL spezifiziert die Lage des Templates</xsd:documentation>
+ </xsd:annotation>
+ <xsd:attribute name="URL" type="xsd:anyURI" use="required"/>
+ </xsd:complexType>
+ <xsd:complexType name="VerifyInfoboxesType">
+ <xsd:annotation>
+ <xsd:documentation>Verifikation zusätzlicher Infoboxen</xsd:documentation>
+ </xsd:annotation>
+ <xsd:sequence>
+ <xsd:element name="DefaultTrustProfile" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>Optionales DefaultTrustprofil für die Überprüfung aller weiteren Infoboxen</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="TrustProfileID"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="Infobox" type="InfoboxType" minOccurs="0" maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>Parameter für Überprüfung weiterer Infoboxen</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="InfoboxType">
+ <xsd:annotation>
+ <xsd:documentation>Parameter zur Überprüfung einzelner Infoboxen</xsd:documentation>
+ </xsd:annotation>
+ <xsd:sequence>
+ <xsd:element name="FriendlyName" type="xsd:string" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>optionalervName, der für Fehlermeldungen verwendet werden soll; z.B.: "Stellvertretungen" für "Mandates"; fehlt dieser Parameter, dann wird das Identifier-Attribut verwendet</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="TrustProfileID" type="xsd:string" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>TrustProfil, das für die Überprüfung der Infobox verwendet werden soll</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="ValidatorClass" type="xsd:string" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>Validatorklasse, die für die Prüfung der Infobox verwendet werden soll; muss gesetzt werden, wenn Package- und Klassenname vom Default Package- und Klassennamen abweichen</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="SchemaLocations" type="SchemaLocationType" minOccurs="0"/>
+ <xsd:element name="ApplicationSpecificParameters" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>Infobox spezifische Parameter, die der jeweiligen Prüfapplikation übergeben werden</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:any namespace="##any" processContents="skip" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="ParepSpecificParameters" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>Infobox spezifische Parameter, die der Prüfapplikation für berufliche Parteienvertretung übergeben werden. Dies ist logisch Teil der ApplicationSpecificParameters, kann jedoch aufgrund der Strukturierung validierend geparst werden und dadurch wird eine funktionierende Konfiguration bei Programmstart garantiert.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="EnableInfoboxValidator" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>Falls Infoboxinhalte für die berufliche Parteienvertretung in der Vollmachten Infobox "mandates" abgelegt werden und Vertretung für berufliche Parteienvertreter aktiviert ist, so kann mit diesem Schalter die Vollmachtsprüfung für normale Vollmachten deaktiviert werden. Damit wird erreicht, dass mittels der Vollmachten Infobox ausschließlich berufliche Parteienvertretung aktiviert ist. Dieser Schalter ist nur für die Vollmachten Infobox "mandates" relevant.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="PartyRepresentation" type="PartyRepresentationType">
+ <xsd:annotation>
+ <xsd:documentation>Eigentlicher Konfigurationsteil für berufliche Parteienvertretung</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ <xsd:attribute name="Identifier" type="xsd:string" use="required"/>
+ <xsd:attribute name="required" type="xsd:boolean" use="optional" default="false"/>
+ <xsd:attribute name="provideStammzahl" type="xsd:boolean" use="optional" default="false"/>
+ <xsd:attribute name="provideIdentityLink" type="xsd:boolean" use="optional" default="false"/>
+ </xsd:complexType>
+ <xsd:complexType name="SchemaLocationType">
+ <xsd:annotation>
+ <xsd:documentation>Spezifiziert die Lage von XML Schemas</xsd:documentation>
+ </xsd:annotation>
+ <xsd:sequence>
+ <xsd:element name="Schema" maxOccurs="unbounded">
+ <xsd:complexType>
+ <xsd:attribute name="namespace" type="xsd:anyURI" use="required"/>
+ <xsd:attribute name="schemaLocation" type="xsd:anyURI" use="required"/>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="ProxyComponentType"/>
+ <xsd:complexType name="OnlineApplicationType">
+ <xsd:sequence>
+ <xsd:element name="AuthComponent" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter über die OA, die die Authentisierungs-Komponente betreffen</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <!--xsd:element name="IdentificationNumber" minOccurs="0">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="pr:AbstractSimpleIdentification"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element-->
+ <xsd:element name="IdentificationNumber" minOccurs="0">
+ <xsd:complexType>
+ <xsd:choice>
+ <xsd:element ref="pr:Firmenbuchnummer"/>
+ <xsd:element ref="pr:ZMRzahl"/>
+ <xsd:element ref="pr:Vereinsnummer"/>
+ <xsd:element ref="pr:ERJPZahl"/>
+ <xsd:element name="AnyNumber">
+ <xsd:complexType>
+ <xsd:simpleContent>
+ <xsd:extension base="xsd:string">
+ <xsd:attribute name="Identifier" type="xsd:string" use="required"/>
+ </xsd:extension>
+ </xsd:simpleContent>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:choice>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="Templates" type="TemplatesType" minOccurs="0"/>
+ <xsd:element name="TransformsInfo" type="TransformsInfoType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="VerifyInfoboxes" type="VerifyInfoboxesType" minOccurs="0"/>
+ <xsd:element name="Mandates" minOccurs="0">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="Profiles" type="xsd:string"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ <xsd:attribute name="slVersion" use="optional" default="1.1">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="1.1"/>
+ <xsd:enumeration value="1.2"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ </xsd:attribute>
+ <xsd:attribute name="provideStammzahl" type="xsd:boolean" use="optional" default="false"/>
+ <xsd:attribute name="provideAUTHBlock" type="xsd:boolean" use="optional" default="false"/>
+ <xsd:attribute name="provideIdentityLink" type="xsd:boolean" use="optional" default="false"/>
+ <xsd:attribute name="provideCertificate" type="xsd:boolean" use="optional" default="false"/>
+ <!--xsd:element ref="pr:AbstractSimpleIdentification" minOccurs="0" maxOccurs="1"/-->
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="ProxyComponent" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter über die OA, die die Proxy-Komponente betreffen</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter über die OA, die die Proxy-Komponente betreffen</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ <xsd:attribute name="configFileURL" type="xsd:anyURI" use="optional"/>
+ <xsd:attribute name="sessionTimeOut" type="xsd:int" use="optional"/>
+ <xsd:attribute name="loginParameterResolverImpl" type="xsd:string" use="optional"/>
+ <xsd:attribute name="loginParameterResolverConfiguration" type="xsd:string" use="optional"/>
+ <xsd:attribute name="connectionBuilderImpl" type="xsd:string" use="optional"/>
+ </xsd:complexType>
+ </xsd:element>
+ <!--xsd:element ref="pr:CorporateBody" minOccurs="0" maxOccurs="1"/-->
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="ConnectionParameterServerAuthType">
+ <xsd:sequence>
+ <xsd:element name="AcceptedServerCertificates" type="xsd:anyURI" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>URL zu einem Verzeichnis, das akzeptierte Server-Zertifikate der TLS-Verbindung enthält (keine CA-Zertifikate)</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ <xsd:attribute name="URL" type="xsd:anyURI" use="required"/>
+ </xsd:complexType>
+ <xsd:complexType name="ConnectionParameterClientAuthType">
+ <xsd:complexContent>
+ <xsd:extension base="ConnectionParameterServerAuthType">
+ <xsd:sequence>
+ <xsd:element name="ClientKeyStore" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>URL zu einem KeyStore, der den privaten Schlüssel, der für die TLS-Client-Authentisierung verwendet wird, enthält</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:simpleContent>
+ <xsd:extension base="xsd:anyURI">
+ <xsd:attribute name="password" type="xsd:string" use="optional"/>
+ </xsd:extension>
+ </xsd:simpleContent>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:element name="TrustProfileID" type="xsd:string"/>
+ <xsd:simpleType name="ChainingModeType">
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="chaining"/>
+ <xsd:enumeration value="pkix"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ <xsd:simpleType name="BKUSelectionType">
+ <xsd:restriction base="xsd:token">
+ <xsd:enumeration value="HTMLComplete"/>
+ <xsd:enumeration value="HTMLSelect"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ <xsd:element name="CompatibilityMode" default="false">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:boolean"/>
+ </xsd:simpleType>
+ </xsd:element>
+ <xsd:element name="EnableInfoboxValidator" default="true">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:boolean"/>
+ </xsd:simpleType>
+ </xsd:element>
+ <xsd:element name="AlwaysShowForm" default="false">
+ <xsd:annotation>
+ <xsd:documentation>Soll nicht nur bei leerer oder standardisierter Vollmacht mit unvollständigen Daten, sondern beispielsweise zu Kontrollzwecken das Eingabeformular immer angezeigt werden, wenn ein Einschreiten durch berufliche Parteienvertretung geschieht so kann dies mittels dieses Schalters veranlasst werden</xsd:documentation>
+ </xsd:annotation>
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:boolean"/>
+ </xsd:simpleType>
+ </xsd:element>
+ <xsd:complexType name="InputProcessorType">
+ <xsd:simpleContent>
+ <xsd:extension base="xsd:string">
+ <xsd:attribute name="template" type="xsd:anyURI" use="optional">
+ <xsd:annotation>
+ <xsd:documentation>Das Attribut spezifiziert die Lage des Templates, welches der InputProcessor zur Darstellung des Eingabeformulars nutzen soll</xsd:documentation>
+ </xsd:annotation>
+ </xsd:attribute>
+ </xsd:extension>
+ </xsd:simpleContent>
+ </xsd:complexType>
+ <xsd:complexType name="PartyRepresentationType">
+ <xsd:sequence>
+ <xsd:element name="InputProcessor" type="InputProcessorType" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>Default InputProcessor. Konfiguration eines vom Standardprozess abweichenden Verarbeitungsvorgangs bei der beruflichen Parteienvertretung. Der Wert dieses Elements ist der vollständige Klassenname des InputProzessors</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element ref="AlwaysShowForm" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>Default Wert für Formularanzeige. Soll nicht nur bei leerer oder standardisierter Vollmacht mit unvollständigen Daten, sondern beispielsweise zu Kontrollzwecken das Eingabeformular zur vervollständigung der Vertretenendaten immer angezeigt werden, wenn ein Einschreiten durch berufliche Parteienvertretung geschieht so kann dies mittels dieses Schalters veranlasst werden</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>Default Verbindungsparameter zum SZR-Gateway (für den EGIZ-Demonstrator im internen Netzwerk: https://129.27.142.5:8443/szr-gateway/services/MandateCreation)</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="PartyRepresentative" type="PartyRepresentativeType" minOccurs="0" maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>Falls keine speziellen beruflichen ParteienvertreterInnen definiert sind (Element kommt nicht vor), werden ausschließlich standardisierte Vollmachten mit einer MandateID="*" akzeptiert</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="PartyRepresentativeType">
+ <xsd:sequence>
+ <xsd:element name="InputProcessor" type="InputProcessorType" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>Konfiguration eines vom Standardprozess abweichenden Verarbeitungsvorgangs bei der beruflichen Parteienvertretung. Der Wert dieses Elements ist der vollständige Klassenname des InputProzessors</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element ref="AlwaysShowForm" minOccurs="0"/>
+ <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>Optionale Verbindungsparameter zu speziellem (SZR-)Gateway</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ <xsd:attribute name="oid" use="required">
+ <xsd:annotation>
+ <xsd:documentation>OID der Parteienvertretung lt. "Object Identifier der öffentlichen Verwaltung" - Konvention, Empfehlung. Diese ID muss mit der MandateID der übermittelten standardisierten Vollmacht übereinstimmen. Eine Parteienvertretung für standardisierte Vollmachten mit der MandateID "*" muss nicht definiert werden und erlaubt eine allgemeine berufliche Parteienvertretung mit Standardtexten. In anderen Fällen ist eine erlaubte OID mitttels dieses Attributs zu definieren</xsd:documentation>
+ </xsd:annotation>
+ <!--xsd:simpleType>
+ <xsd:restriction/>
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="1.2.40.0.10.3.1"/>
+ <xsd:enumeration value="1.2.40.0.10.3.2"/>
+ <xsd:enumeration value="1.2.40.0.10.3.3"/>
+ <xsd:enumeration value="1.2.40.0.10.3.10"/>
+ <xsd:enumeration value="1.2.40.0.10.3.10.IdentifiedVoiceChannel"/>
+ </xsd:restriction>
+ </xsd:simpleType-->
+ </xsd:attribute>
+ <xsd:attribute name="representPhysicalParty" use="optional" default="false">
+ <xsd:annotation>
+ <xsd:documentation>Legt fest, ob berufliche Parteienvertretung für natürliche Personen erlaubt ist</xsd:documentation>
+ </xsd:annotation>
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:boolean"/>
+ </xsd:simpleType>
+ </xsd:attribute>
+ <xsd:attribute name="representCorporateParty" use="optional" default="false">
+ <xsd:annotation>
+ <xsd:documentation>Legt fest, ob berufliche Parteienvertretung für juristische Personen erlaubt ist (welche z.B. ein Organwalter nicht vertreten darf und dieser Wert aus diesem Grund dort false sein muss)</xsd:documentation>
+ </xsd:annotation>
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:boolean"/>
+ </xsd:simpleType>
+ </xsd:attribute>
+ <xsd:attribute name="representationText" use="optional">
+ <xsd:annotation>
+ <xsd:documentation>Beschreibender Text, der an Stelle des Standardtexts bei der Signatur der Anmeldedaten im Falle einer vorliegenden beruflichen Parteienvertretung zur Signatur vorgelegt wird</xsd:documentation>
+ </xsd:annotation>
+ <!--xsd:simpleType>
+ <xsd:restriction/>
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="berufsmäßige(r) Parteienvertreter(in) mit Notariatseigenschaft"/>
+ <xsd:enumeration value="berufsmäßige(r) Parteienvertreter(in) mit Rechtsanwaltseigenschaft"/>
+ <xsd:enumeration value="berufsmäßige(r) Parteienvertreter(in) mit Ziviltechnikerinneneigenschaft)"/>
+ <xsd:enumeration value="Organwalter"/>
+ <xsd:enumeration value="Parteienvertreter(in) über einen identifizierten Sprachkanal"/>
+ </xsd:restriction>
+ </xsd:simpleType-->
+ </xsd:attribute>
+ </xsd:complexType>
+</xsd:schema>
diff --git a/common/src/main/resources/resources/schemas/MOA-ID-Configuration-1.5.1.xsd b/common/src/main/resources/resources/schemas/MOA-ID-Configuration-1.5.1.xsd new file mode 100644 index 000000000..d16953eab --- /dev/null +++ b/common/src/main/resources/resources/schemas/MOA-ID-Configuration-1.5.1.xsd @@ -0,0 +1,659 @@ +<?xml version="1.0" encoding="UTF-8"?>
+<xsd:schema xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" targetNamespace="http://www.buergerkarte.at/namespaces/moaconfig#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.4.3">
+ <!-- es werden lokale Schemas referenziert für real aufgelöste Schemas bitte ersetzen: http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd -->
+ <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd"/>
+ <xsd:import namespace="http://reference.e-government.gv.at/namespace/persondata/20020228#" schemaLocation="PersonData_20_en_moaWID.xsd"/>
+ <xsd:element name="Configuration">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="LoginType" type="LoginType" default="stateful"/>
+ <xsd:element name="Binding" minOccurs="0">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="full"/>
+ <xsd:enumeration value="userName"/>
+ <xsd:enumeration value="none"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ </xsd:element>
+ <xsd:choice>
+ <xsd:element ref="ParamAuth"/>
+ <xsd:element ref="BasicAuth"/>
+ <xsd:element ref="HeaderAuth"/>
+ </xsd:choice>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:simpleType name="LoginType">
+ <xsd:restriction base="xsd:token">
+ <xsd:enumeration value="stateless"/>
+ <xsd:enumeration value="stateful"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ <xsd:element name="ParamAuth">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="Parameter" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="Parameter">
+ <xsd:complexType>
+ <xsd:attribute name="Name" type="xsd:token" use="required"/>
+ <xsd:attribute name="Value" type="MOAAuthDataType" use="required"/>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="BasicAuth">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="UserID" type="MOAAuthDataType"/>
+ <xsd:element name="Password" type="MOAAuthDataType"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="HeaderAuth">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="Header" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="Header">
+ <xsd:complexType>
+ <xsd:attribute name="Name" type="xsd:token" use="required"/>
+ <xsd:attribute name="Value" type="MOAAuthDataType" use="required"/>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:simpleType name="MOAAuthDataType">
+ <xsd:restriction base="xsd:token">
+ <xsd:enumeration value="MOAGivenName"/>
+ <xsd:enumeration value="MOAFamilyName"/>
+ <xsd:enumeration value="MOADateOfBirth"/>
+ <xsd:enumeration value="MOABPK"/>
+ <xsd:enumeration value="MOAWBPK"/>
+ <xsd:enumeration value="MOAPublicAuthority"/>
+ <xsd:enumeration value="MOABKZ"/>
+ <xsd:enumeration value="MOAQualifiedCertificate"/>
+ <xsd:enumeration value="MOAStammzahl"/>
+ <xsd:enumeration value="MOAIdentificationValueType"/>
+ <xsd:enumeration value="MOAIPAddress"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ <xsd:simpleType name="MOAKeyBoxSelector">
+ <xsd:restriction base="xsd:token">
+ <xsd:enumeration value="SecureSignatureKeypair"/>
+ <xsd:enumeration value="CertifiedKeypair"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ <!--Konfiguration für Authentisierungs- und Proxy-Komponente und Online-Applikation-->
+ <xsd:element name="MOA-IDConfiguration">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="AuthComponent" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter der Authentisierungs-Komponente</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="AuthComponentType">
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="ProxyComponent" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>enthält Konfigurationsparameter der Proxy-Komponente</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="AuthComponent">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter für die Kommunikation zw. Proxykomponente und Authenttisierungskomponente</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter für die SOAP-Verbindung von der Proxy-Komponente zur Auth-Komponente (vgl. AuthComponent/MOA-SP/ConnectionParameter)</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="OnlineApplication" maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter für die OA</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="OnlineApplicationType">
+ <xsd:attribute name="publicURLPrefix" type="xsd:anyURI" use="required"/>
+ <xsd:attribute name="keyBoxIdentifier" type="MOAKeyBoxSelector" use="optional" default="SecureSignatureKeypair"/>
+ <xsd:attribute name="type" use="optional" default="publicService">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:NMTOKEN">
+ <xsd:enumeration value="businessService"/>
+ <xsd:enumeration value="publicService"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ </xsd:attribute>
+ <xsd:attribute name="calculateHPI" type="xsd:boolean" use="optional" default="false"/>
+ <xsd:attribute name="friendlyName" type="xsd:string" use="optional"/>
+ <xsd:attribute name="target" type="xsd:string" use="optional"/>
+ <xsd:attribute name="targetFriendlyName" type="xsd:string" use="optional"/>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="ChainingModes" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>spezifiziert den Algorithmus ("pkix" oder "chaining") für die Zertifikatspfadvalidierung</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence minOccurs="0" maxOccurs="unbounded">
+ <xsd:element name="TrustAnchor">
+ <xsd:annotation>
+ <xsd:documentation>ein vom SystemDefaultMode abweichender ChiningMode kann für jeden TrustAnchor gesetzt werden</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="dsig:X509IssuerSerialType">
+ <xsd:attribute name="mode" type="ChainingModeType" use="required"/>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ <xsd:attribute name="systemDefaultMode" type="ChainingModeType" use="optional" default="pkix"/>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="TrustedCACertificates" type="xsd:anyURI" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>verweist auf ein Verzeichnis, das vertrauenswürdige CA (Zwischen-CA, Wurzel-CA) Zertifikate enthält.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="GenericConfiguration" minOccurs="0" maxOccurs="unbounded">
+ <xsd:complexType>
+ <xsd:attribute name="name" use="required">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="DirectoryCertStoreParameters.RootDir"/>
+ <xsd:enumeration value="AuthenticationSession.TimeOut"/>
+ <xsd:enumeration value="AuthenticationData.TimeOut"/>
+ <xsd:enumeration value="TrustManager.RevocationChecking"/>
+ <xsd:enumeration value="FrontendServlets.EnableHTTPConnection"/>
+ <xsd:enumeration value="FrontendServlets.DataURLPrefix"/>
+ <xsd:enumeration value="AuthenticationServer.KeepAssertion"/>
+ <xsd:enumeration value="AuthenticationServer.WriteAssertionToFile"/>
+ <xsd:enumeration value="AuthenticationServer.SourceID"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ </xsd:attribute>
+ <xsd:attribute name="value" type="xsd:string" use="required"/>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="TrustedBKUs" minOccurs="0">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="BKUURL" type="xsd:anyURI" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:complexType name="AuthComponentType">
+ <xsd:sequence>
+ <xsd:element name="BKUSelection" minOccurs="0">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="ConnectionParameter" type="ConnectionParameterServerAuthType"/>
+ </xsd:sequence>
+ <xsd:attribute name="BKUSelectionAlternative" type="BKUSelectionType" use="optional" default="HTMLComplete"/>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="Templates" type="TemplatesType" minOccurs="0"/>
+ <xsd:element name="SecurityLayer">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter für die Kommunikation mit dem Security-Layer</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="TransformsInfo" type="TransformsInfoType" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="MOA-SP">
+ <xsd:annotation>
+ <xsd:documentation>enthält Konfiguratiosnparameter für die Kommunikation mit dem MOA SP Modul</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter für die SOAP-Verbindung von der AUTH-Komponente zu MOA-SP; das Attribut URL enthält den Endpunkt des Server; wird das Schema "https" verwendet müssen die Kind-Elemente angegeben werden; wird das Schema "http" verwendet dürfen keine Kind-Elemente angegeben werden; wird das Element nicht verwendet dann wird MOA-SP über das API aufgerufen</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="VerifyIdentityLink">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter für die Überprüfung der Personenbindung</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="TrustProfileID"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="VerifyAuthBlock">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter für die Überprüfung des AUTH-Blocks</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="TrustProfileID"/>
+ <xsd:element name="VerifyTransformsInfoProfileID" type="xsd:string" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="IdentityLinkSigners" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>enthält Informationen über akzeptierte Signers des IdentityLinks</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="X509SubjectName" type="xsd:string" maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>akzeptierte Signer des IdentityLinks werden per X509SubjectName (Kodierung nach RFC 2253) identifiziert</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="VerifyInfoboxes" type="VerifyInfoboxesType" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>enthält Defaultparameter für die Überprüfung weiterer Infoboxen</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="ForeignIdentities" minOccurs="0">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType">
+ <xsd:annotation>
+ <xsd:documentation>Verbindungsparameter zum SZR-Gateway (GetIdentityLink)</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="OnlineMandates" minOccurs="0">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType">
+ <xsd:annotation>
+ <xsd:documentation>Verbindungsparameter zum Online-Vollmachten-Service</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="TransformsInfoType">
+ <xsd:annotation>
+ <xsd:documentation>das Attribut filename verweist auf eine Datei mit globalem Element TransformsInfo vom Typ sl10:TransformsInfo; diese TransformsInfo werden in den CreateXMLSignatureRequest für die Signatur des AUTH-Blocks inkludiert</xsd:documentation>
+ </xsd:annotation>
+ <xsd:attribute name="filename" type="xsd:anyURI" use="required"/>
+ </xsd:complexType>
+ <xsd:complexType name="TemplatesType">
+ <xsd:sequence>
+ <xsd:element name="BKUSelectionTemplate" type="TemplateType" minOccurs="0"/>
+ <xsd:element name="Template" type="TemplateType" minOccurs="0"/>
+ <xsd:element name="InputProcessorSignTemplate" type="TemplateType" minOccurs="0"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="TemplateType">
+ <xsd:annotation>
+ <xsd:documentation>das Attribut URL spezifiziert die Lage des Templates</xsd:documentation>
+ </xsd:annotation>
+ <xsd:attribute name="URL" type="xsd:anyURI" use="required"/>
+ </xsd:complexType>
+ <xsd:complexType name="VerifyInfoboxesType">
+ <xsd:annotation>
+ <xsd:documentation>Verifikation zusätzlicher Infoboxen</xsd:documentation>
+ </xsd:annotation>
+ <xsd:sequence>
+ <xsd:element name="DefaultTrustProfile" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>Optionales DefaultTrustprofil für die Überprüfung aller weiteren Infoboxen</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="TrustProfileID"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="Infobox" type="InfoboxType" minOccurs="0" maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>Parameter für Überprüfung weiterer Infoboxen</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="InfoboxType">
+ <xsd:annotation>
+ <xsd:documentation>Parameter zur Überprüfung einzelner Infoboxen</xsd:documentation>
+ </xsd:annotation>
+ <xsd:sequence>
+ <xsd:element name="FriendlyName" type="xsd:string" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>optionalervName, der für Fehlermeldungen verwendet werden soll; z.B.: "Stellvertretungen" für "Mandates"; fehlt dieser Parameter, dann wird das Identifier-Attribut verwendet</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="TrustProfileID" type="xsd:string" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>TrustProfil, das für die Überprüfung der Infobox verwendet werden soll</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="ValidatorClass" type="xsd:string" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>Validatorklasse, die für die Prüfung der Infobox verwendet werden soll; muss gesetzt werden, wenn Package- und Klassenname vom Default Package- und Klassennamen abweichen</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="SchemaLocations" type="SchemaLocationType" minOccurs="0"/>
+ <xsd:element name="ApplicationSpecificParameters" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>Infobox spezifische Parameter, die der jeweiligen Prüfapplikation übergeben werden</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:any namespace="##any" processContents="skip" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="ParepSpecificParameters" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>Infobox spezifische Parameter, die der Prüfapplikation für berufliche Parteienvertretung übergeben werden. Dies ist logisch Teil der ApplicationSpecificParameters, kann jedoch aufgrund der Strukturierung validierend geparst werden und dadurch wird eine funktionierende Konfiguration bei Programmstart garantiert.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="EnableInfoboxValidator" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>Falls Infoboxinhalte für die berufliche Parteienvertretung in der Vollmachten Infobox "mandates" abgelegt werden und Vertretung für berufliche Parteienvertreter aktiviert ist, so kann mit diesem Schalter die Vollmachtsprüfung für normale Vollmachten deaktiviert werden. Damit wird erreicht, dass mittels der Vollmachten Infobox ausschließlich berufliche Parteienvertretung aktiviert ist. Dieser Schalter ist nur für die Vollmachten Infobox "mandates" relevant.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="PartyRepresentation" type="PartyRepresentationType">
+ <xsd:annotation>
+ <xsd:documentation>Eigentlicher Konfigurationsteil für berufliche Parteienvertretung</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ <xsd:attribute name="Identifier" type="xsd:string" use="required"/>
+ <xsd:attribute name="required" type="xsd:boolean" use="optional" default="false"/>
+ <xsd:attribute name="provideStammzahl" type="xsd:boolean" use="optional" default="false"/>
+ <xsd:attribute name="provideIdentityLink" type="xsd:boolean" use="optional" default="false"/>
+ </xsd:complexType>
+ <xsd:complexType name="SchemaLocationType">
+ <xsd:annotation>
+ <xsd:documentation>Spezifiziert die Lage von XML Schemas</xsd:documentation>
+ </xsd:annotation>
+ <xsd:sequence>
+ <xsd:element name="Schema" maxOccurs="unbounded">
+ <xsd:complexType>
+ <xsd:attribute name="namespace" type="xsd:anyURI" use="required"/>
+ <xsd:attribute name="schemaLocation" type="xsd:anyURI" use="required"/>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="ProxyComponentType"/>
+ <xsd:complexType name="OnlineApplicationType">
+ <xsd:sequence>
+ <xsd:element name="AuthComponent" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter über die OA, die die Authentisierungs-Komponente betreffen</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <!--xsd:element name="IdentificationNumber" minOccurs="0">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="pr:AbstractSimpleIdentification"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element-->
+ <xsd:element name="IdentificationNumber" minOccurs="0">
+ <xsd:complexType>
+ <xsd:choice>
+ <xsd:element ref="pr:Firmenbuchnummer"/>
+ <xsd:element ref="pr:ZMRzahl"/>
+ <xsd:element ref="pr:Vereinsnummer"/>
+ <xsd:element ref="pr:ERJPZahl"/>
+ <xsd:element name="AnyNumber">
+ <xsd:complexType>
+ <xsd:simpleContent>
+ <xsd:extension base="xsd:string">
+ <xsd:attribute name="Identifier" type="xsd:string" use="required"/>
+ </xsd:extension>
+ </xsd:simpleContent>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:choice>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="Templates" type="TemplatesType" minOccurs="0"/>
+ <xsd:element name="TransformsInfo" type="TransformsInfoType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="VerifyInfoboxes" type="VerifyInfoboxesType" minOccurs="0"/>
+ <xsd:element name="Mandates" minOccurs="0">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="Profiles" type="xsd:string"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ <xsd:attribute name="slVersion" use="optional" default="1.1">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="1.1"/>
+ <xsd:enumeration value="1.2"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ </xsd:attribute>
+ <xsd:attribute name="provideStammzahl" type="xsd:boolean" use="optional" default="false"/>
+ <xsd:attribute name="provideAUTHBlock" type="xsd:boolean" use="optional" default="false"/>
+ <xsd:attribute name="provideIdentityLink" type="xsd:boolean" use="optional" default="false"/>
+ <xsd:attribute name="provideCertificate" type="xsd:boolean" use="optional" default="false"/>
+ <xsd:attribute name="provideFullMandatorData" type="xsd:boolean" use="optional" default="false"/>
+ <xsd:attribute name="useUTC" type="xsd:boolean" use="optional" default="false"/>
+ <!--xsd:element ref="pr:AbstractSimpleIdentification" minOccurs="0" maxOccurs="1"/-->
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="ProxyComponent" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter über die OA, die die Proxy-Komponente betreffen</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType">
+ <xsd:annotation>
+ <xsd:documentation>enthält Parameter über die OA, die die Proxy-Komponente betreffen</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ <xsd:attribute name="configFileURL" type="xsd:anyURI" use="optional"/>
+ <xsd:attribute name="sessionTimeOut" type="xsd:int" use="optional"/>
+ <xsd:attribute name="loginParameterResolverImpl" type="xsd:string" use="optional"/>
+ <xsd:attribute name="loginParameterResolverConfiguration" type="xsd:string" use="optional"/>
+ <xsd:attribute name="connectionBuilderImpl" type="xsd:string" use="optional"/>
+ </xsd:complexType>
+ </xsd:element>
+ <!--xsd:element ref="pr:CorporateBody" minOccurs="0" maxOccurs="1"/-->
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="ConnectionParameterServerAuthType">
+ <xsd:sequence>
+ <xsd:element name="AcceptedServerCertificates" type="xsd:anyURI" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>URL zu einem Verzeichnis, das akzeptierte Server-Zertifikate der TLS-Verbindung enthält (keine CA-Zertifikate)</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ <xsd:attribute name="URL" type="xsd:anyURI" use="required"/>
+ </xsd:complexType>
+ <xsd:complexType name="ConnectionParameterClientAuthType">
+ <xsd:complexContent>
+ <xsd:extension base="ConnectionParameterServerAuthType">
+ <xsd:sequence>
+ <xsd:element name="ClientKeyStore" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>URL zu einem KeyStore, der den privaten Schlüssel, der für die TLS-Client-Authentisierung verwendet wird, enthält</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:simpleContent>
+ <xsd:extension base="xsd:anyURI">
+ <xsd:attribute name="password" type="xsd:string" use="optional"/>
+ </xsd:extension>
+ </xsd:simpleContent>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:element name="TrustProfileID" type="xsd:string"/>
+ <xsd:simpleType name="ChainingModeType">
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="chaining"/>
+ <xsd:enumeration value="pkix"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ <xsd:simpleType name="BKUSelectionType">
+ <xsd:restriction base="xsd:token">
+ <xsd:enumeration value="HTMLComplete"/>
+ <xsd:enumeration value="HTMLSelect"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ <xsd:element name="CompatibilityMode" default="false">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:boolean"/>
+ </xsd:simpleType>
+ </xsd:element>
+ <xsd:element name="EnableInfoboxValidator" default="true">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:boolean"/>
+ </xsd:simpleType>
+ </xsd:element>
+ <xsd:element name="AlwaysShowForm" default="false">
+ <xsd:annotation>
+ <xsd:documentation>Soll nicht nur bei leerer oder standardisierter Vollmacht mit unvollständigen Daten, sondern beispielsweise zu Kontrollzwecken das Eingabeformular immer angezeigt werden, wenn ein Einschreiten durch berufliche Parteienvertretung geschieht so kann dies mittels dieses Schalters veranlasst werden</xsd:documentation>
+ </xsd:annotation>
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:boolean"/>
+ </xsd:simpleType>
+ </xsd:element>
+ <xsd:complexType name="InputProcessorType">
+ <xsd:simpleContent>
+ <xsd:extension base="xsd:string">
+ <xsd:attribute name="template" type="xsd:anyURI" use="optional">
+ <xsd:annotation>
+ <xsd:documentation>Das Attribut spezifiziert die Lage des Templates, welches der InputProcessor zur Darstellung des Eingabeformulars nutzen soll</xsd:documentation>
+ </xsd:annotation>
+ </xsd:attribute>
+ </xsd:extension>
+ </xsd:simpleContent>
+ </xsd:complexType>
+ <xsd:complexType name="PartyRepresentationType">
+ <xsd:sequence>
+ <xsd:element name="InputProcessor" type="InputProcessorType" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>Default InputProcessor. Konfiguration eines vom Standardprozess abweichenden Verarbeitungsvorgangs bei der beruflichen Parteienvertretung. Der Wert dieses Elements ist der vollständige Klassenname des InputProzessors</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element ref="AlwaysShowForm" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>Default Wert für Formularanzeige. Soll nicht nur bei leerer oder standardisierter Vollmacht mit unvollständigen Daten, sondern beispielsweise zu Kontrollzwecken das Eingabeformular zur vervollständigung der Vertretenendaten immer angezeigt werden, wenn ein Einschreiten durch berufliche Parteienvertretung geschieht so kann dies mittels dieses Schalters veranlasst werden</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>Default Verbindungsparameter zum SZR-Gateway (für den EGIZ-Demonstrator im internen Netzwerk: https://129.27.142.5:8443/szr-gateway/services/MandateCreation)</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="PartyRepresentative" type="PartyRepresentativeType" minOccurs="0" maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>Falls keine speziellen beruflichen ParteienvertreterInnen definiert sind (Element kommt nicht vor), werden ausschließlich standardisierte Vollmachten mit einer MandateID="*" akzeptiert</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="PartyRepresentativeType">
+ <xsd:sequence>
+ <xsd:element name="InputProcessor" type="InputProcessorType" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>Konfiguration eines vom Standardprozess abweichenden Verarbeitungsvorgangs bei der beruflichen Parteienvertretung. Der Wert dieses Elements ist der vollständige Klassenname des InputProzessors</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element ref="AlwaysShowForm" minOccurs="0"/>
+ <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>Optionale Verbindungsparameter zu speziellem (SZR-)Gateway</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ <xsd:attribute name="oid" use="required">
+ <xsd:annotation>
+ <xsd:documentation>OID der Parteienvertretung lt. "Object Identifier der öffentlichen Verwaltung" - Konvention, Empfehlung. Diese ID muss mit der MandateID der übermittelten standardisierten Vollmacht übereinstimmen. Eine Parteienvertretung für standardisierte Vollmachten mit der MandateID "*" muss nicht definiert werden und erlaubt eine allgemeine berufliche Parteienvertretung mit Standardtexten. In anderen Fällen ist eine erlaubte OID mitttels dieses Attributs zu definieren</xsd:documentation>
+ </xsd:annotation>
+ <!--xsd:simpleType>
+ <xsd:restriction/>
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="1.2.40.0.10.3.1"/>
+ <xsd:enumeration value="1.2.40.0.10.3.2"/>
+ <xsd:enumeration value="1.2.40.0.10.3.3"/>
+ <xsd:enumeration value="1.2.40.0.10.3.10"/>
+ <xsd:enumeration value="1.2.40.0.10.3.10.IdentifiedVoiceChannel"/>
+ </xsd:restriction>
+ </xsd:simpleType-->
+ </xsd:attribute>
+ <xsd:attribute name="representPhysicalParty" use="optional" default="false">
+ <xsd:annotation>
+ <xsd:documentation>Legt fest, ob berufliche Parteienvertretung für natürliche Personen erlaubt ist</xsd:documentation>
+ </xsd:annotation>
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:boolean"/>
+ </xsd:simpleType>
+ </xsd:attribute>
+ <xsd:attribute name="representCorporateParty" use="optional" default="false">
+ <xsd:annotation>
+ <xsd:documentation>Legt fest, ob berufliche Parteienvertretung für juristische Personen erlaubt ist (welche z.B. ein Organwalter nicht vertreten darf und dieser Wert aus diesem Grund dort false sein muss)</xsd:documentation>
+ </xsd:annotation>
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:boolean"/>
+ </xsd:simpleType>
+ </xsd:attribute>
+ <xsd:attribute name="representationText" use="optional">
+ <xsd:annotation>
+ <xsd:documentation>Beschreibender Text, der an Stelle des Standardtexts bei der Signatur der Anmeldedaten im Falle einer vorliegenden beruflichen Parteienvertretung zur Signatur vorgelegt wird</xsd:documentation>
+ </xsd:annotation>
+ <!--xsd:simpleType>
+ <xsd:restriction/>
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="berufsmäßige(r) Parteienvertreter(in) mit Notariatseigenschaft"/>
+ <xsd:enumeration value="berufsmäßige(r) Parteienvertreter(in) mit Rechtsanwaltseigenschaft"/>
+ <xsd:enumeration value="berufsmäßige(r) Parteienvertreter(in) mit Ziviltechnikerinneneigenschaft)"/>
+ <xsd:enumeration value="Organwalter"/>
+ <xsd:enumeration value="Parteienvertreter(in) über einen identifizierten Sprachkanal"/>
+ </xsd:restriction>
+ </xsd:simpleType-->
+ </xsd:attribute>
+ </xsd:complexType>
+</xsd:schema>
diff --git a/common/src/main/resources/resources/schemas/MOA-SPSS-1.3.xsd b/common/src/main/resources/resources/schemas/MOA-SPSS-1.3.xsd new file mode 100644 index 000000000..756b51279 --- /dev/null +++ b/common/src/main/resources/resources/schemas/MOA-SPSS-1.3.xsd @@ -0,0 +1,469 @@ +<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ MOA SP/SS 1.3 Schema
+-->
+<xsd:schema targetNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.2" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://reference.e-government.gv.at/namespace/moa/20020822#">
+ <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/>
+ <xsd:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="http://www.w3.org/2001/xml.xsd"/>
+ <!--########## Create XML Signature ###-->
+ <!--### Create XML Signature Request ###-->
+ <xsd:element name="CreateXMLSignatureRequest">
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="CreateXMLSignatureRequestType"/>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:complexType name="CreateXMLSignatureRequestType">
+ <xsd:sequence>
+ <xsd:element name="KeyIdentifier" type="KeyIdentifierType"/>
+ <xsd:element name="SingleSignatureInfo" maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>Ermöglichung der Stapelsignatur durch wiederholte Angabe dieses Elements</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="DataObjectInfo" maxOccurs="unbounded">
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="DataObjectInfoType">
+ <xsd:attribute name="ChildOfManifest" type="xsd:boolean" use="optional" default="false"/>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="CreateSignatureInfo" minOccurs="0">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="CreateSignatureEnvironment" type="ContentOptionalRefType"/>
+ <xsd:choice>
+ <xsd:annotation>
+ <xsd:documentation>Auswahl: Entweder explizite Angabe des Signaturorts sowie ggf. sinnvoller Supplements im Zshg. mit der Signaturumgebung, oder Verweis auf ein benanntes Profil</xsd:documentation>
+ </xsd:annotation>
+ <xsd:element ref="CreateSignatureEnvironmentProfile"/>
+ <xsd:element name="CreateSignatureEnvironmentProfileID" type="ProfileIdentifierType"/>
+ </xsd:choice>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ <xsd:attribute name="SecurityLayerConformity" type="xsd:boolean" use="optional" default="true"/>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--### Create XML Signature Response ###-->
+ <xsd:complexType name="CreateXMLSignatureResponseType">
+ <xsd:choice maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>Kardinalität 1..oo erlaubt die Antwort auf eine Stapelsignatur-Anfrage</xsd:documentation>
+ </xsd:annotation>
+ <xsd:element name="SignatureEnvironment">
+ <xsd:annotation>
+ <xsd:documentation>Resultat, falls die Signaturerstellung erfolgreich war</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:any namespace="##any" processContents="lax"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element ref="ErrorResponse"/>
+ </xsd:choice>
+ </xsd:complexType>
+ <xsd:element name="CreateXMLSignatureResponse" type="CreateXMLSignatureResponseType"/>
+ <!--########## Verify CMS Signature ###-->
+ <!--### Verifiy CMS Signature Request ###-->
+ <xsd:element name="VerifyCMSSignatureRequest">
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="VerifyCMSSignatureRequestType">
+ <xsd:attribute name="Signatories" type="SignatoriesType" use="optional" default="1"/>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:complexType name="VerifyCMSSignatureRequestType">
+ <xsd:sequence>
+ <xsd:element name="DateTime" type="xsd:dateTime" minOccurs="0"/>
+ <xsd:element name="CMSSignature" type="xsd:base64Binary"/>
+ <xsd:element name="DataObject" type="CMSDataObjectOptionalMetaType" minOccurs="0"/>
+ <xsd:element name="TrustProfileID" type="xsd:token">
+ <xsd:annotation>
+ <xsd:documentation>mit diesem Profil wird eine Menge von vertrauenswürdigen Wurzelzertifikaten spezifiziert</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--### Verify CMS Signature Response ###-->
+ <xsd:element name="VerifyCMSSignatureResponse" type="VerifyCMSSignatureResponseType"/>
+ <xsd:complexType name="VerifyCMSSignatureResponseType">
+ <xsd:sequence maxOccurs="unbounded">
+ <xsd:element name="SignerInfo" type="dsig:KeyInfoType">
+ <xsd:annotation>
+ <xsd:documentation>only ds:X509Data and RetrievalMethod is supported; QualifiedCertificate is included as X509Data/any;publicAuthority is included as X509Data/any</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="SignatureCheck" type="CheckResultType"/>
+ <xsd:element name="CertificateCheck" type="CheckResultType"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--########## Verify XML Signature ###-->
+ <!--### Verify XML Signature Request ###-->
+ <xsd:element name="VerifyXMLSignatureRequest" type="VerifyXMLSignatureRequestType"/>
+ <xsd:complexType name="VerifyXMLSignatureRequestType">
+ <xsd:sequence>
+ <xsd:element name="DateTime" type="xsd:dateTime" minOccurs="0"/>
+ <xsd:element name="VerifySignatureInfo">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="VerifySignatureEnvironment" type="ContentOptionalRefType"/>
+ <xsd:element name="VerifySignatureLocation" type="xsd:token"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:choice minOccurs="0" maxOccurs="unbounded">
+ <xsd:element ref="SupplementProfile"/>
+ <xsd:element name="SupplementProfileID" type="xsd:string"/>
+ </xsd:choice>
+ <xsd:element name="SignatureManifestCheckParams" minOccurs="0">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="ReferenceInfo" type="VerifyTransformsDataType" maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>Pro dsig:Reference-Element in der zu überprüfenden XML-Signatur muss hier ein ReferenceInfo-Element erscheinen. Die Reihenfolge der einzelnen ReferenceInfo Elemente entspricht jener der dsig:Reference Elemente in der XML-Signatur.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ <xsd:attribute name="ReturnReferenceInputData" type="xsd:boolean" use="optional" default="true"/>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="ReturnHashInputData" minOccurs="0"/>
+ <xsd:element name="TrustProfileID" type="xsd:token">
+ <xsd:annotation>
+ <xsd:documentation>mit diesem Profil wird eine Menge von vertrauenswürdigen Wurzelzertifikaten spezifiziert</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--### Verify XML Signature Response ###-->
+ <xsd:element name="VerifyXMLSignatureResponse" type="VerifyXMLSignatureResponseType"/>
+ <xsd:complexType name="VerifyXMLSignatureResponseType">
+ <xsd:sequence>
+ <xsd:element name="SignerInfo" type="dsig:KeyInfoType">
+ <xsd:annotation>
+ <xsd:documentation>only ds:X509Data and ds:RetrievalMethod is supported; QualifiedCertificate is included as X509Data/any; PublicAuthority is included as X509Data/any</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="HashInputData" type="InputDataType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="ReferenceInputData" type="InputDataType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="SignatureCheck" type="ReferencesCheckResultType"/>
+ <xsd:element name="SignatureManifestCheck" type="ReferencesCheckResultType" minOccurs="0"/>
+ <xsd:element name="XMLDSIGManifestCheck" type="ManifestRefsCheckResultType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="CertificateCheck" type="CheckResultType"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:simpleType name="ProfileIdentifierType">
+ <xsd:restriction base="xsd:token"/>
+ </xsd:simpleType>
+ <xsd:complexType name="InputDataType">
+ <xsd:complexContent>
+ <xsd:extension base="ContentExLocRefBaseType">
+ <xsd:attribute name="PartOf" use="optional" default="SignedInfo">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:token">
+ <xsd:enumeration value="SignedInfo"/>
+ <xsd:enumeration value="XMLDSIGManifest"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ </xsd:attribute>
+ <xsd:attribute name="ReferringSigReference" type="xsd:nonNegativeInteger" use="optional"/>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="MetaInfoType">
+ <xsd:sequence>
+ <xsd:element name="MimeType" type="MimeTypeType"/>
+ <xsd:element name="Description" type="xsd:anyURI" minOccurs="0"/>
+ <xsd:any namespace="##other" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="FinalDataMetaInfoType">
+ <xsd:complexContent>
+ <xsd:extension base="MetaInfoType">
+ <xsd:sequence>
+ <xsd:element name="Type" type="xsd:anyURI" minOccurs="0"/>
+ </xsd:sequence>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="DataObjectInfoType">
+ <xsd:sequence>
+ <xsd:element name="DataObject">
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="ContentOptionalRefType"/>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:choice>
+ <xsd:annotation>
+ <xsd:documentation>Auswahl: Entweder explizite Angabe EINER Transformationskette inklusive ggf. sinnvoller Supplements oder Verweis auf ein benanntes Profil</xsd:documentation>
+ </xsd:annotation>
+ <xsd:element ref="CreateTransformsInfoProfile"/>
+ <xsd:element name="CreateTransformsInfoProfileID" type="ProfileIdentifierType"/>
+ </xsd:choice>
+ </xsd:sequence>
+ <xsd:attribute name="Structure" use="required">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="detached"/>
+ <xsd:enumeration value="enveloping"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ </xsd:attribute>
+ </xsd:complexType>
+ <xsd:complexType name="TransformsInfoType">
+ <xsd:sequence>
+ <xsd:element ref="dsig:Transforms" minOccurs="0"/>
+ <xsd:element name="FinalDataMetaInfo" type="FinalDataMetaInfoType"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="XMLDataObjectAssociationType">
+ <xsd:sequence>
+ <xsd:element name="MetaInfo" type="MetaInfoType" minOccurs="0"/>
+ <xsd:element name="Content" type="ContentRequiredRefType"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="CMSDataObjectOptionalMetaType">
+ <xsd:sequence>
+ <xsd:element name="MetaInfo" type="MetaInfoType" minOccurs="0"/>
+ <xsd:element name="Content" type="CMSContentBaseType"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="CMSContentBaseType">
+ <xsd:complexContent>
+ <xsd:restriction base="ContentOptionalRefType">
+ <xsd:choice minOccurs="0">
+ <xsd:element name="Base64Content" type="xsd:base64Binary"/>
+ </xsd:choice>
+ </xsd:restriction>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="CheckResultType">
+ <xsd:sequence>
+ <xsd:element name="Code" type="xsd:nonNegativeInteger"/>
+ <xsd:element name="Info" type="AnyChildrenType" minOccurs="0"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="ReferencesCheckResultType">
+ <xsd:complexContent>
+ <xsd:restriction base="CheckResultType">
+ <xsd:sequence>
+ <xsd:element name="Code" type="xsd:nonNegativeInteger"/>
+ <xsd:element name="Info" type="ReferencesCheckResultInfoType" minOccurs="0"/>
+ </xsd:sequence>
+ </xsd:restriction>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="ReferencesCheckResultInfoType" mixed="true">
+ <xsd:complexContent mixed="true">
+ <xsd:restriction base="AnyChildrenType">
+ <xsd:sequence>
+ <xsd:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="FailedReference" type="xsd:positiveInteger" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:restriction>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="ManifestRefsCheckResultType">
+ <xsd:complexContent>
+ <xsd:restriction base="CheckResultType">
+ <xsd:sequence>
+ <xsd:element name="Code" type="xsd:nonNegativeInteger"/>
+ <xsd:element name="Info" type="ManifestRefsCheckResultInfoType"/>
+ </xsd:sequence>
+ </xsd:restriction>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="ManifestRefsCheckResultInfoType" mixed="true">
+ <xsd:complexContent mixed="true">
+ <xsd:restriction base="AnyChildrenType">
+ <xsd:sequence>
+ <xsd:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="FailedReference" type="xsd:positiveInteger" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="ReferringSigReference" type="xsd:positiveInteger"/>
+ </xsd:sequence>
+ </xsd:restriction>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <!--########## Error Response ###-->
+ <xsd:element name="ErrorResponse" type="ErrorResponseType">
+ <xsd:annotation>
+ <xsd:documentation>Resultat, falls die Signaturerstellung gescheitert ist</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:complexType name="ErrorResponseType">
+ <xsd:sequence>
+ <xsd:element name="ErrorCode" type="xsd:integer"/>
+ <xsd:element name="Info" type="xsd:string"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--########## Auxiliary Types ###-->
+ <xsd:simpleType name="KeyIdentifierType">
+ <xsd:restriction base="xsd:string"/>
+ </xsd:simpleType>
+ <xsd:simpleType name="KeyStorageType">
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="Software"/>
+ <xsd:enumeration value="Hardware"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ <xsd:simpleType name="MimeTypeType">
+ <xsd:restriction base="xsd:token"/>
+ </xsd:simpleType>
+ <xsd:complexType name="AnyChildrenType" mixed="true">
+ <xsd:sequence>
+ <xsd:any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="XMLContentType" mixed="true">
+ <xsd:complexContent mixed="true">
+ <xsd:extension base="AnyChildrenType">
+ <xsd:attribute ref="xml:space" use="optional"/>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="ContentBaseType">
+ <xsd:choice minOccurs="0">
+ <xsd:element name="Base64Content" type="xsd:base64Binary"/>
+ <xsd:element name="XMLContent" type="XMLContentType"/>
+ <xsd:element name="LocRefContent" type="xsd:anyURI"/>
+ </xsd:choice>
+ </xsd:complexType>
+ <xsd:complexType name="ContentExLocRefBaseType">
+ <xsd:complexContent>
+ <xsd:restriction base="ContentBaseType">
+ <xsd:choice minOccurs="0">
+ <xsd:element name="Base64Content" type="xsd:base64Binary"/>
+ <xsd:element name="XMLContent" type="XMLContentType"/>
+ </xsd:choice>
+ </xsd:restriction>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="ContentOptionalRefType">
+ <xsd:complexContent>
+ <xsd:extension base="ContentBaseType">
+ <xsd:attribute name="Reference" type="xsd:anyURI" use="optional"/>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="ContentRequiredRefType">
+ <xsd:complexContent>
+ <xsd:restriction base="ContentOptionalRefType">
+ <xsd:choice minOccurs="0">
+ <xsd:element name="Base64Content" type="xsd:base64Binary"/>
+ <xsd:element name="XMLContent" type="XMLContentType"/>
+ <xsd:element name="LocRefContent" type="xsd:anyURI"/>
+ </xsd:choice>
+ <xsd:attribute name="Reference" type="xsd:anyURI" use="required"/>
+ </xsd:restriction>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="VerifyTransformsDataType">
+ <xsd:choice maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>Ein oder mehrere Transformationswege können von der Applikation an MOA mitgeteilt werden. Die zu prüfende Signatur hat zumindest einem dieser Transformationswege zu entsprechen. Die Angabe kann explizit oder als Profilbezeichner erfolgen.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:element ref="VerifyTransformsInfoProfile"/>
+ <xsd:element name="VerifyTransformsInfoProfileID" type="xsd:string">
+ <xsd:annotation>
+ <xsd:documentation>Profilbezeichner für einen Transformationsweg</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:choice>
+ </xsd:complexType>
+ <xsd:element name="QualifiedCertificate"/>
+ <xsd:element name="PublicAuthority" type="PublicAuthorityType"/>
+ <xsd:complexType name="PublicAuthorityType">
+ <xsd:sequence>
+ <xsd:element name="Code" type="xsd:string" minOccurs="0"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:simpleType name="SignatoriesType">
+ <xsd:union memberTypes="AllSignatoriesType">
+ <xsd:simpleType>
+ <xsd:list itemType="xsd:positiveInteger"/>
+ </xsd:simpleType>
+ </xsd:union>
+ </xsd:simpleType>
+ <xsd:simpleType name="AllSignatoriesType">
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="all"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ <xsd:complexType name="CreateSignatureLocationType">
+ <xsd:simpleContent>
+ <xsd:extension base="xsd:token">
+ <xsd:attribute name="Index" type="xsd:integer" use="required"/>
+ </xsd:extension>
+ </xsd:simpleContent>
+ </xsd:complexType>
+ <xsd:complexType name="TransformParameterType">
+ <xsd:choice minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>Die Angabe des Transformationsparameters (explizit oder als Hashwert) kann unterlassen werden, wenn die Applikation von der Unveränderlichkeit des Inhalts der in "Transformationsparamter", Attribut "URI" angegebenen URI ausgehen kann.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:element name="Base64Content" type="xsd:base64Binary">
+ <xsd:annotation>
+ <xsd:documentation>Der Transformationsparameter explizit angegeben.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="Hash">
+ <xsd:annotation>
+ <xsd:documentation>Der Hashwert des Transformationsparameters.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="dsig:DigestMethod"/>
+ <xsd:element ref="dsig:DigestValue"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:choice>
+ <xsd:attribute name="URI" type="xsd:anyURI" use="required"/>
+ </xsd:complexType>
+ <xsd:element name="CreateSignatureEnvironmentProfile">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="CreateSignatureLocation" type="CreateSignatureLocationType"/>
+ <xsd:element name="Supplement" type="XMLDataObjectAssociationType" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="VerifyTransformsInfoProfile">
+ <xsd:annotation>
+ <xsd:documentation>Explizite Angabe des Transformationswegs</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="dsig:Transforms" minOccurs="0"/>
+ <xsd:element name="TransformParameter" type="TransformParameterType" minOccurs="0" maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>Alle impliziten Transformationsparameter, die zum Durchlaufen der oben angeführten Transformationskette bekannt sein müssen, müssen hier angeführt werden. Das Attribut "URI" bezeichnet den Transformationsparameter in exakt jener Weise, wie er in der zu überprüfenden Signatur gebraucht wird.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="Supplement" type="XMLDataObjectAssociationType"/>
+ <xsd:element name="SupplementProfile" type="XMLDataObjectAssociationType"/>
+ <xsd:element name="CreateTransformsInfoProfile">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="CreateTransformsInfo" type="TransformsInfoType"/>
+ <xsd:element ref="Supplement" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+</xsd:schema>
diff --git a/common/src/main/resources/resources/schemas/MOA-SPSS-1.4.7.xsd b/common/src/main/resources/resources/schemas/MOA-SPSS-1.4.7.xsd new file mode 100644 index 000000000..653bec578 --- /dev/null +++ b/common/src/main/resources/resources/schemas/MOA-SPSS-1.4.7.xsd @@ -0,0 +1,470 @@ +<?xml version="1.0" encoding="UTF-8"?>
+<!-- edited with XMLSPY v2004 rel. 4 U (http://www.xmlspy.com) by Klaus Stranacher (ORiON) -->
+<!--
+ MOA SP/SS 1.3 Schema
+-->
+<xsd:schema targetNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.2" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://reference.e-government.gv.at/namespace/moa/20020822#">
+ <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/>
+ <xsd:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="http://www.w3.org/2001/xml.xsd"/>
+ <!--########## Create XML Signature ###-->
+ <!--### Create XML Signature Request ###-->
+ <xsd:element name="CreateXMLSignatureRequest">
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="CreateXMLSignatureRequestType"/>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:complexType name="CreateXMLSignatureRequestType">
+ <xsd:sequence>
+ <xsd:element name="KeyIdentifier" type="KeyIdentifierType"/>
+ <xsd:element name="SingleSignatureInfo" maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>Ermöglichung der Stapelsignatur durch wiederholte Angabe dieses Elements</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="DataObjectInfo" maxOccurs="unbounded">
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="DataObjectInfoType">
+ <xsd:attribute name="ChildOfManifest" type="xsd:boolean" use="optional" default="false"/>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="CreateSignatureInfo" minOccurs="0">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="CreateSignatureEnvironment" type="ContentOptionalRefType"/>
+ <xsd:choice>
+ <xsd:annotation>
+ <xsd:documentation>Auswahl: Entweder explizite Angabe des Signaturorts sowie ggf. sinnvoller Supplements im Zshg. mit der Signaturumgebung, oder Verweis auf ein benanntes Profil</xsd:documentation>
+ </xsd:annotation>
+ <xsd:element ref="CreateSignatureEnvironmentProfile"/>
+ <xsd:element name="CreateSignatureEnvironmentProfileID" type="ProfileIdentifierType"/>
+ </xsd:choice>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ <xsd:attribute name="SecurityLayerConformity" type="xsd:boolean" use="optional" default="true"/>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--### Create XML Signature Response ###-->
+ <xsd:complexType name="CreateXMLSignatureResponseType">
+ <xsd:choice maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>Kardinalität 1..oo erlaubt die Antwort auf eine Stapelsignatur-Anfrage</xsd:documentation>
+ </xsd:annotation>
+ <xsd:element name="SignatureEnvironment">
+ <xsd:annotation>
+ <xsd:documentation>Resultat, falls die Signaturerstellung erfolgreich war</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:any namespace="##any" processContents="lax"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element ref="ErrorResponse"/>
+ </xsd:choice>
+ </xsd:complexType>
+ <xsd:element name="CreateXMLSignatureResponse" type="CreateXMLSignatureResponseType"/>
+ <!--########## Verify CMS Signature ###-->
+ <!--### Verifiy CMS Signature Request ###-->
+ <xsd:element name="VerifyCMSSignatureRequest">
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="VerifyCMSSignatureRequestType">
+ <xsd:attribute name="Signatories" type="SignatoriesType" use="optional" default="1"/>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:complexType name="VerifyCMSSignatureRequestType">
+ <xsd:sequence>
+ <xsd:element name="DateTime" type="xsd:dateTime" minOccurs="0"/>
+ <xsd:element name="CMSSignature" type="xsd:base64Binary"/>
+ <xsd:element name="DataObject" type="CMSDataObjectOptionalMetaType" minOccurs="0"/>
+ <xsd:element name="TrustProfileID" type="xsd:token">
+ <xsd:annotation>
+ <xsd:documentation>mit diesem Profil wird eine Menge von vertrauenswürdigen Wurzelzertifikaten spezifiziert</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--### Verify CMS Signature Response ###-->
+ <xsd:element name="VerifyCMSSignatureResponse" type="VerifyCMSSignatureResponseType"/>
+ <xsd:complexType name="VerifyCMSSignatureResponseType">
+ <xsd:sequence maxOccurs="unbounded">
+ <xsd:element name="SignerInfo" type="dsig:KeyInfoType">
+ <xsd:annotation>
+ <xsd:documentation>only ds:X509Data and RetrievalMethod is supported; QualifiedCertificate is included as X509Data/any;publicAuthority is included as X509Data/any</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="SignatureCheck" type="CheckResultType"/>
+ <xsd:element name="CertificateCheck" type="CheckResultType"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--########## Verify XML Signature ###-->
+ <!--### Verify XML Signature Request ###-->
+ <xsd:element name="VerifyXMLSignatureRequest" type="VerifyXMLSignatureRequestType"/>
+ <xsd:complexType name="VerifyXMLSignatureRequestType">
+ <xsd:sequence>
+ <xsd:element name="DateTime" type="xsd:dateTime" minOccurs="0"/>
+ <xsd:element name="VerifySignatureInfo">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="VerifySignatureEnvironment" type="ContentOptionalRefType"/>
+ <xsd:element name="VerifySignatureLocation" type="xsd:token"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:choice minOccurs="0" maxOccurs="unbounded">
+ <xsd:element ref="SupplementProfile"/>
+ <xsd:element name="SupplementProfileID" type="xsd:string"/>
+ </xsd:choice>
+ <xsd:element name="SignatureManifestCheckParams" minOccurs="0">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="ReferenceInfo" type="VerifyTransformsDataType" maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>Pro dsig:Reference-Element in der zu überprüfenden XML-Signatur muss hier ein ReferenceInfo-Element erscheinen. Die Reihenfolge der einzelnen ReferenceInfo Elemente entspricht jener der dsig:Reference Elemente in der XML-Signatur.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ <xsd:attribute name="ReturnReferenceInputData" type="xsd:boolean" use="optional" default="true"/>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="ReturnHashInputData" minOccurs="0"/>
+ <xsd:element name="TrustProfileID" type="xsd:token">
+ <xsd:annotation>
+ <xsd:documentation>mit diesem Profil wird eine Menge von vertrauenswürdigen Wurzelzertifikaten spezifiziert</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--### Verify XML Signature Response ###-->
+ <xsd:element name="VerifyXMLSignatureResponse" type="VerifyXMLSignatureResponseType"/>
+ <xsd:complexType name="VerifyXMLSignatureResponseType">
+ <xsd:sequence>
+ <xsd:element name="SignerInfo" type="dsig:KeyInfoType">
+ <xsd:annotation>
+ <xsd:documentation>only ds:X509Data and ds:RetrievalMethod is supported; QualifiedCertificate is included as X509Data/any; PublicAuthority is included as X509Data/any</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="HashInputData" type="InputDataType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="ReferenceInputData" type="InputDataType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="SignatureCheck" type="ReferencesCheckResultType"/>
+ <xsd:element name="SignatureManifestCheck" type="ReferencesCheckResultType" minOccurs="0"/>
+ <xsd:element name="XMLDSIGManifestCheck" type="ManifestRefsCheckResultType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="CertificateCheck" type="CheckResultType"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:simpleType name="ProfileIdentifierType">
+ <xsd:restriction base="xsd:token"/>
+ </xsd:simpleType>
+ <xsd:complexType name="InputDataType">
+ <xsd:complexContent>
+ <xsd:extension base="ContentExLocRefBaseType">
+ <xsd:attribute name="PartOf" use="optional" default="SignedInfo">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:token">
+ <xsd:enumeration value="SignedInfo"/>
+ <xsd:enumeration value="XMLDSIGManifest"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ </xsd:attribute>
+ <xsd:attribute name="ReferringSigReference" type="xsd:nonNegativeInteger" use="optional"/>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="MetaInfoType">
+ <xsd:sequence>
+ <xsd:element name="MimeType" type="MimeTypeType"/>
+ <xsd:element name="Description" type="xsd:anyURI" minOccurs="0"/>
+ <xsd:any namespace="##other" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="FinalDataMetaInfoType">
+ <xsd:complexContent>
+ <xsd:extension base="MetaInfoType">
+ <xsd:sequence>
+ <xsd:element name="Type" type="xsd:anyURI" minOccurs="0"/>
+ </xsd:sequence>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="DataObjectInfoType">
+ <xsd:sequence>
+ <xsd:element name="DataObject">
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="ContentOptionalRefType"/>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:choice>
+ <xsd:annotation>
+ <xsd:documentation>Auswahl: Entweder explizite Angabe EINER Transformationskette inklusive ggf. sinnvoller Supplements oder Verweis auf ein benanntes Profil</xsd:documentation>
+ </xsd:annotation>
+ <xsd:element ref="CreateTransformsInfoProfile"/>
+ <xsd:element name="CreateTransformsInfoProfileID" type="ProfileIdentifierType"/>
+ </xsd:choice>
+ </xsd:sequence>
+ <xsd:attribute name="Structure" use="required">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="detached"/>
+ <xsd:enumeration value="enveloping"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ </xsd:attribute>
+ </xsd:complexType>
+ <xsd:complexType name="TransformsInfoType">
+ <xsd:sequence>
+ <xsd:element ref="dsig:Transforms" minOccurs="0"/>
+ <xsd:element name="FinalDataMetaInfo" type="FinalDataMetaInfoType"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="XMLDataObjectAssociationType">
+ <xsd:sequence>
+ <xsd:element name="MetaInfo" type="MetaInfoType" minOccurs="0"/>
+ <xsd:element name="Content" type="ContentRequiredRefType"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="CMSDataObjectOptionalMetaType">
+ <xsd:sequence>
+ <xsd:element name="MetaInfo" type="MetaInfoType" minOccurs="0"/>
+ <xsd:element name="Content" type="CMSContentBaseType"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="CMSContentBaseType">
+ <xsd:complexContent>
+ <xsd:restriction base="ContentOptionalRefType">
+ <xsd:choice minOccurs="0">
+ <xsd:element name="Base64Content" type="xsd:base64Binary"/>
+ </xsd:choice>
+ </xsd:restriction>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="CheckResultType">
+ <xsd:sequence>
+ <xsd:element name="Code" type="xsd:nonNegativeInteger"/>
+ <xsd:element name="Info" type="AnyChildrenType" minOccurs="0"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="ReferencesCheckResultType">
+ <xsd:complexContent>
+ <xsd:restriction base="CheckResultType">
+ <xsd:sequence>
+ <xsd:element name="Code" type="xsd:nonNegativeInteger"/>
+ <xsd:element name="Info" type="ReferencesCheckResultInfoType" minOccurs="0"/>
+ </xsd:sequence>
+ </xsd:restriction>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="ReferencesCheckResultInfoType" mixed="true">
+ <xsd:complexContent mixed="true">
+ <xsd:restriction base="AnyChildrenType">
+ <xsd:sequence>
+ <xsd:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="FailedReference" type="xsd:positiveInteger" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:restriction>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="ManifestRefsCheckResultType">
+ <xsd:complexContent>
+ <xsd:restriction base="CheckResultType">
+ <xsd:sequence>
+ <xsd:element name="Code" type="xsd:nonNegativeInteger"/>
+ <xsd:element name="Info" type="ManifestRefsCheckResultInfoType"/>
+ </xsd:sequence>
+ </xsd:restriction>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="ManifestRefsCheckResultInfoType" mixed="true">
+ <xsd:complexContent mixed="true">
+ <xsd:restriction base="AnyChildrenType">
+ <xsd:sequence>
+ <xsd:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="FailedReference" type="xsd:positiveInteger" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="ReferringSigReference" type="xsd:positiveInteger"/>
+ </xsd:sequence>
+ </xsd:restriction>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <!--########## Error Response ###-->
+ <xsd:element name="ErrorResponse" type="ErrorResponseType">
+ <xsd:annotation>
+ <xsd:documentation>Resultat, falls die Signaturerstellung gescheitert ist</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:complexType name="ErrorResponseType">
+ <xsd:sequence>
+ <xsd:element name="ErrorCode" type="xsd:integer"/>
+ <xsd:element name="Info" type="xsd:string"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--########## Auxiliary Types ###-->
+ <xsd:simpleType name="KeyIdentifierType">
+ <xsd:restriction base="xsd:string"/>
+ </xsd:simpleType>
+ <xsd:simpleType name="KeyStorageType">
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="Software"/>
+ <xsd:enumeration value="Hardware"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ <xsd:simpleType name="MimeTypeType">
+ <xsd:restriction base="xsd:token"/>
+ </xsd:simpleType>
+ <xsd:complexType name="AnyChildrenType" mixed="true">
+ <xsd:sequence>
+ <xsd:any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="XMLContentType" mixed="true">
+ <xsd:complexContent mixed="true">
+ <xsd:extension base="AnyChildrenType">
+ <xsd:attribute ref="xml:space" use="optional"/>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="ContentBaseType">
+ <xsd:choice minOccurs="0">
+ <xsd:element name="Base64Content" type="xsd:base64Binary"/>
+ <xsd:element name="XMLContent" type="XMLContentType"/>
+ <xsd:element name="LocRefContent" type="xsd:anyURI"/>
+ </xsd:choice>
+ </xsd:complexType>
+ <xsd:complexType name="ContentExLocRefBaseType">
+ <xsd:complexContent>
+ <xsd:restriction base="ContentBaseType">
+ <xsd:choice minOccurs="0">
+ <xsd:element name="Base64Content" type="xsd:base64Binary"/>
+ <xsd:element name="XMLContent" type="XMLContentType"/>
+ </xsd:choice>
+ </xsd:restriction>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="ContentOptionalRefType">
+ <xsd:complexContent>
+ <xsd:extension base="ContentBaseType">
+ <xsd:attribute name="Reference" type="xsd:anyURI" use="optional"/>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="ContentRequiredRefType">
+ <xsd:complexContent>
+ <xsd:restriction base="ContentOptionalRefType">
+ <xsd:choice minOccurs="0">
+ <xsd:element name="Base64Content" type="xsd:base64Binary"/>
+ <xsd:element name="XMLContent" type="XMLContentType"/>
+ <xsd:element name="LocRefContent" type="xsd:anyURI"/>
+ </xsd:choice>
+ <xsd:attribute name="Reference" type="xsd:anyURI" use="required"/>
+ </xsd:restriction>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="VerifyTransformsDataType">
+ <xsd:choice maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>Ein oder mehrere Transformationswege können von der Applikation an MOA mitgeteilt werden. Die zu prüfende Signatur hat zumindest einem dieser Transformationswege zu entsprechen. Die Angabe kann explizit oder als Profilbezeichner erfolgen.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:element ref="VerifyTransformsInfoProfile"/>
+ <xsd:element name="VerifyTransformsInfoProfileID" type="xsd:string">
+ <xsd:annotation>
+ <xsd:documentation>Profilbezeichner für einen Transformationsweg</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:choice>
+ </xsd:complexType>
+ <xsd:element name="QualifiedCertificate"/>
+ <xsd:element name="PublicAuthority" type="PublicAuthorityType"/>
+ <xsd:complexType name="PublicAuthorityType">
+ <xsd:sequence>
+ <xsd:element name="Code" type="xsd:string" minOccurs="0"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:simpleType name="SignatoriesType">
+ <xsd:union memberTypes="AllSignatoriesType">
+ <xsd:simpleType>
+ <xsd:list itemType="xsd:positiveInteger"/>
+ </xsd:simpleType>
+ </xsd:union>
+ </xsd:simpleType>
+ <xsd:simpleType name="AllSignatoriesType">
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="all"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ <xsd:complexType name="CreateSignatureLocationType">
+ <xsd:simpleContent>
+ <xsd:extension base="xsd:token">
+ <xsd:attribute name="Index" type="xsd:integer" use="required"/>
+ </xsd:extension>
+ </xsd:simpleContent>
+ </xsd:complexType>
+ <xsd:complexType name="TransformParameterType">
+ <xsd:choice minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>Die Angabe des Transformationsparameters (explizit oder als Hashwert) kann unterlassen werden, wenn die Applikation von der Unveränderlichkeit des Inhalts der in "Transformationsparamter", Attribut "URI" angegebenen URI ausgehen kann.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:element name="Base64Content" type="xsd:base64Binary">
+ <xsd:annotation>
+ <xsd:documentation>Der Transformationsparameter explizit angegeben.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="Hash">
+ <xsd:annotation>
+ <xsd:documentation>Der Hashwert des Transformationsparameters.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="dsig:DigestMethod"/>
+ <xsd:element ref="dsig:DigestValue"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:choice>
+ <xsd:attribute name="URI" type="xsd:anyURI" use="required"/>
+ </xsd:complexType>
+ <xsd:element name="CreateSignatureEnvironmentProfile">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="CreateSignatureLocation" type="CreateSignatureLocationType"/>
+ <xsd:element name="Supplement" type="XMLDataObjectAssociationType" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="VerifyTransformsInfoProfile">
+ <xsd:annotation>
+ <xsd:documentation>Explizite Angabe des Transformationswegs</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="dsig:Transforms" minOccurs="0"/>
+ <xsd:element name="TransformParameter" type="TransformParameterType" minOccurs="0" maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>Alle impliziten Transformationsparameter, die zum Durchlaufen der oben angeführten Transformationskette bekannt sein müssen, müssen hier angeführt werden. Das Attribut "URI" bezeichnet den Transformationsparameter in exakt jener Weise, wie er in der zu überprüfenden Signatur gebraucht wird.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="Supplement" type="XMLDataObjectAssociationType"/>
+ <xsd:element name="SupplementProfile" type="XMLDataObjectAssociationType"/>
+ <xsd:element name="CreateTransformsInfoProfile">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="CreateTransformsInfo" type="TransformsInfoType"/>
+ <xsd:element ref="Supplement" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+</xsd:schema>
diff --git a/common/src/main/resources/resources/schemas/MOA-SPSS-config-1.3.xsd b/common/src/main/resources/resources/schemas/MOA-SPSS-config-1.3.xsd new file mode 100644 index 000000000..8ab3d62aa --- /dev/null +++ b/common/src/main/resources/resources/schemas/MOA-SPSS-config-1.3.xsd @@ -0,0 +1,253 @@ +<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ MOA SP/SS 1.3 Configuration Schema
+-->
+<xs:schema targetNamespace="http://reference.e-government.gv.at/namespace/moaconfig/20021122#" elementFormDefault="qualified" attributeFormDefault="unqualified" xmlns:config="http://reference.e-government.gv.at/namespace/moaconfig/20021122#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xs="http://www.w3.org/2001/XMLSchema">
+ <xs:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/>
+ <xs:element name="MOAConfiguration">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="Common" minOccurs="0">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="HardwareCryptoModule" minOccurs="0" maxOccurs="unbounded">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="Name" type="xs:string"/>
+ <xs:element name="SlotId" type="xs:string" minOccurs="0"/>
+ <xs:element name="UserPIN" type="xs:string"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="SignatureCreation" minOccurs="0">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="KeyModules">
+ <xs:complexType>
+ <xs:choice maxOccurs="unbounded">
+ <xs:element name="HardwareKeyModule">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="Id" type="xs:token"/>
+ <xs:element name="Name" type="xs:string"/>
+ <xs:element name="SlotId" type="xs:string" minOccurs="0"/>
+ <xs:element name="UserPIN" type="xs:string"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="SoftwareKeyModule">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="Id" type="xs:token"/>
+ <xs:element name="FileName" type="xs:string"/>
+ <xs:element name="Password" type="xs:string" minOccurs="0"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:choice>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="KeyGroup" maxOccurs="unbounded">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="Id" type="xs:token"/>
+ <xs:sequence maxOccurs="unbounded">
+ <xs:element name="Key">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="KeyModuleId" type="xs:token"/>
+ <xs:element name="KeyCertIssuerSerial" type="dsig:X509IssuerSerialType"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="KeyGroupMapping" maxOccurs="unbounded">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="CustomerId" type="dsig:X509IssuerSerialType" minOccurs="0"/>
+ <xs:element name="KeyGroupId" type="xs:token" maxOccurs="unbounded"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="XMLDSig">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="CanonicalizationAlgorithm" type="xs:anyURI" minOccurs="0"/>
+ <xs:element name="DigestMethodAlgorithm" type="xs:anyURI" minOccurs="0"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="CreateTransformsInfoProfile" type="config:ProfileType" minOccurs="0" maxOccurs="unbounded"/>
+ <xs:element name="CreateSignatureEnvironmentProfile" type="config:ProfileType" minOccurs="0" maxOccurs="unbounded"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="SignatureVerification" minOccurs="0">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="CertificateValidation">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="PathConstruction">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="AutoAddCertificates" type="xs:boolean"/>
+ <xs:element name="UseAuthorityInformationAccess" type="xs:boolean"/>
+ <xs:element name="CertificateStore">
+ <xs:complexType>
+ <xs:choice>
+ <xs:element name="DirectoryStore">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="Location" type="xs:token"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:choice>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="PathValidation">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="ChainingMode">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="DefaultMode" type="config:ChainingModeType"/>
+ <xs:element name="TrustAnchor" minOccurs="0" maxOccurs="unbounded">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="Identification" type="dsig:X509IssuerSerialType"/>
+ <xs:element name="Mode" type="config:ChainingModeType"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="TrustProfile" maxOccurs="unbounded">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="Id" type="xs:token"/>
+ <xs:element name="TrustAnchorsLocation" type="xs:anyURI"/>
+ <xs:element name="SignerCertsLocation" type="xs:anyURI" minOccurs="0"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="RevocationChecking">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="EnableChecking" type="xs:boolean"/>
+ <xs:element name="MaxRevocationAge" type="xs:integer"/>
+ <xs:element name="ServiceOrder" minOccurs="0">
+ <xs:complexType>
+ <xs:sequence minOccurs="2" maxOccurs="2">
+ <xs:element name="Service">
+ <xs:simpleType>
+ <xs:restriction base="xs:token">
+ <xs:enumeration value="OCSP"/>
+ <xs:enumeration value="CRL"/>
+ </xs:restriction>
+ </xs:simpleType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="Archiving">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="EnableArchiving" type="xs:boolean"/>
+ <xs:element name="ArchiveDuration" type="xs:nonNegativeInteger" minOccurs="0"/>
+ <xs:element name="Archive" minOccurs="0">
+ <xs:complexType>
+ <xs:choice>
+ <xs:element name="DatabaseArchive">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="JDBCURL" type="xs:anyURI"/>
+ <xs:element name="JDBCDriverClassName" type="xs:token"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:choice>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="DistributionPoint" minOccurs="0" maxOccurs="unbounded">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="CAIssuerDN" type="xs:token"/>
+ <xs:choice maxOccurs="unbounded">
+ <xs:element name="CRLDP">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="Location" type="xs:anyURI"/>
+ <xs:element name="ReasonCode" minOccurs="0" maxOccurs="unbounded">
+ <xs:simpleType>
+ <xs:restriction base="xs:token">
+ <xs:enumeration value="unused"/>
+ <xs:enumeration value="keyCompromise"/>
+ <xs:enumeration value="cACompromise"/>
+ <xs:enumeration value="affiliationChanged"/>
+ <xs:enumeration value="superseded"/>
+ <xs:enumeration value="cessationOfOperation"/>
+ <xs:enumeration value="certificateHold"/>
+ <xs:enumeration value="privilegeWithdrawn"/>
+ <xs:enumeration value="aACompromise"/>
+ </xs:restriction>
+ </xs:simpleType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="OCSPDP">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="Location" type="xs:anyURI"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:choice>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="VerifyTransformsInfoProfile" type="config:ProfileType" minOccurs="0" maxOccurs="unbounded"/>
+ <xs:element name="SupplementProfile" type="config:ProfileType" minOccurs="0" maxOccurs="unbounded"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:simpleType name="ChainingModeType">
+ <xs:restriction base="xs:string">
+ <xs:enumeration value="chaining"/>
+ <xs:enumeration value="pkix"/>
+ </xs:restriction>
+ </xs:simpleType>
+ <xs:complexType name="ProfileType">
+ <xs:sequence>
+ <xs:element name="Id" type="xs:token"/>
+ <xs:element name="Location" type="xs:anyURI"/>
+ </xs:sequence>
+ </xs:complexType>
+</xs:schema>
diff --git a/common/src/main/resources/resources/schemas/MOA-SPSS-config-1.4.3.xsd b/common/src/main/resources/resources/schemas/MOA-SPSS-config-1.4.3.xsd new file mode 100644 index 000000000..2b2f1d689 --- /dev/null +++ b/common/src/main/resources/resources/schemas/MOA-SPSS-config-1.4.3.xsd @@ -0,0 +1,312 @@ +<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ MOA SP/SS 1.4.3 Configuration Schema
+-->
+<xs:schema targetNamespace="http://reference.e-government.gv.at/namespace/moaconfig/20021122#" elementFormDefault="qualified" attributeFormDefault="unqualified" xmlns:config="http://reference.e-government.gv.at/namespace/moaconfig/20021122#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xs="http://www.w3.org/2001/XMLSchema">
+ <xs:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/>
+ <xs:element name="MOAConfiguration">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="Common" minOccurs="0">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="HardwareCryptoModule" minOccurs="0" maxOccurs="unbounded">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="Name" type="xs:string"/>
+ <xs:element name="SlotId" type="xs:string" minOccurs="0"/>
+ <xs:element name="UserPIN" type="xs:string"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="SignatureCreation" minOccurs="0">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="KeyModules">
+ <xs:complexType>
+ <xs:choice maxOccurs="unbounded">
+ <xs:element name="HardwareKeyModule">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="Id" type="xs:token"/>
+ <xs:element name="Name" type="xs:string"/>
+ <xs:element name="SlotId" type="xs:string" minOccurs="0"/>
+ <xs:element name="UserPIN" type="xs:string"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="SoftwareKeyModule">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="Id" type="xs:token"/>
+ <xs:element name="FileName" type="xs:string"/>
+ <xs:element name="Password" type="xs:string" minOccurs="0"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:choice>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="KeyGroup" maxOccurs="unbounded">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="Id" type="xs:token"/>
+ <xs:sequence maxOccurs="unbounded">
+ <xs:element name="Key">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="KeyModuleId" type="xs:token"/>
+ <xs:element name="KeyCertIssuerSerial" type="dsig:X509IssuerSerialType"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="KeyGroupMapping" maxOccurs="unbounded">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="CustomerId" type="dsig:X509IssuerSerialType" minOccurs="0"/>
+ <xs:element name="KeyGroupId" type="xs:token" maxOccurs="unbounded"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="XMLDSig">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="CanonicalizationAlgorithm" type="xs:anyURI" minOccurs="0"/>
+ <xs:element name="DigestMethodAlgorithm" type="xs:anyURI" minOccurs="0"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="CreateTransformsInfoProfile" type="config:ProfileType" minOccurs="0" maxOccurs="unbounded"/>
+ <xs:element name="CreateSignatureEnvironmentProfile" type="config:ProfileType" minOccurs="0" maxOccurs="unbounded"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="SignatureVerification" minOccurs="0">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="CertificateValidation">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="PathConstruction">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element
+ name="AutoAddCertificates" type="xs:boolean" />
+ <xs:element
+ name="UseAuthorityInformationAccess"
+ type="xs:boolean" />
+ <xs:element
+ name="CertificateStore">
+ <xs:complexType>
+ <xs:choice>
+ <xs:element
+ name="DirectoryStore">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element
+ name="Location" type="xs:token" />
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:choice>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="PathValidation">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element
+ name="ChainingMode">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element
+ name="DefaultMode"
+ type="config:ChainingModeType" />
+ <xs:element
+ name="TrustAnchor" minOccurs="0"
+ maxOccurs="unbounded">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element
+ name="Identification"
+ type="dsig:X509IssuerSerialType" />
+ <xs:element
+ name="Mode" type="config:ChainingModeType" />
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="TrustProfile"
+ maxOccurs="unbounded">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element
+ name="Id" type="xs:token" />
+ <xs:element
+ name="TrustAnchorsLocation" type="xs:anyURI" />
+ <xs:element
+ name="SignerCertsLocation" type="xs:anyURI"
+ minOccurs="0" />
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="RevocationChecking">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element
+ name="EnableChecking" type="xs:boolean" />
+ <xs:element
+ name="MaxRevocationAge" type="xs:integer" />
+ <xs:element name="ServiceOrder"
+ minOccurs="0">
+ <xs:complexType>
+ <xs:sequence
+ minOccurs="2" maxOccurs="2">
+ <xs:element
+ name="Service">
+ <xs:simpleType>
+ <xs:restriction
+ base="xs:token">
+ <xs:enumeration
+ value="OCSP" />
+ <xs:enumeration
+ value="CRL" />
+ </xs:restriction>
+ </xs:simpleType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="Archiving">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element
+ name="EnableArchiving" type="xs:boolean" />
+ <xs:element
+ name="ArchiveDuration"
+ type="xs:nonNegativeInteger" minOccurs="0" />
+ <xs:element
+ name="Archive" minOccurs="0">
+ <xs:complexType>
+ <xs:choice>
+ <xs:element
+ name="DatabaseArchive">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element
+ name="JDBCURL" type="xs:anyURI" />
+ <xs:element
+ name="JDBCDriverClassName" type="xs:token" />
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:choice>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element
+ name="DistributionPoint" minOccurs="0"
+ maxOccurs="unbounded">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element
+ name="CAIssuerDN" type="xs:token" />
+ <xs:choice
+ maxOccurs="unbounded">
+ <xs:element
+ name="CRLDP">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element
+ name="Location" type="xs:anyURI" />
+ <xs:element
+ name="ReasonCode" minOccurs="0"
+ maxOccurs="unbounded">
+ <xs:simpleType>
+ <xs:restriction
+ base="xs:token">
+ <xs:enumeration
+ value="unused" />
+ <xs:enumeration
+ value="keyCompromise" />
+ <xs:enumeration
+ value="cACompromise" />
+ <xs:enumeration
+ value="affiliationChanged" />
+ <xs:enumeration
+ value="superseded" />
+ <xs:enumeration
+ value="cessationOfOperation" />
+ <xs:enumeration
+ value="certificateHold" />
+ <xs:enumeration
+ value="privilegeWithdrawn" />
+ <xs:enumeration
+ value="aACompromise" />
+ </xs:restriction>
+ </xs:simpleType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element
+ name="OCSPDP">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element
+ name="Location" type="xs:anyURI" />
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:choice>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="VerifyTransformsInfoProfile"
+ type="config:ProfileType" minOccurs="0"
+ maxOccurs="unbounded" />
+ <xs:element name="SupplementProfile"
+ type="config:ProfileType" minOccurs="0"
+ maxOccurs="unbounded" />
+ <xs:element name="PermitFileURIs" type="xs:boolean" minOccurs="0" maxOccurs="1" default="false"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:simpleType name="ChainingModeType">
+ <xs:restriction base="xs:string">
+ <xs:enumeration value="chaining"/>
+ <xs:enumeration value="pkix"/>
+ </xs:restriction>
+ </xs:simpleType>
+ <xs:complexType name="ProfileType">
+ <xs:sequence>
+ <xs:element name="Id" type="xs:token"/>
+ <xs:element name="Location" type="xs:anyURI"/>
+ </xs:sequence>
+ </xs:complexType>
+</xs:schema>
diff --git a/common/src/main/resources/resources/schemas/MOA-SPSS-config-1.4.5.xsd b/common/src/main/resources/resources/schemas/MOA-SPSS-config-1.4.5.xsd new file mode 100644 index 000000000..8da3a72b0 --- /dev/null +++ b/common/src/main/resources/resources/schemas/MOA-SPSS-config-1.4.5.xsd @@ -0,0 +1,268 @@ +<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ MOA SP/SS 1.4.5 Configuration Schema
+-->
+<xs:schema targetNamespace="http://reference.e-government.gv.at/namespace/moaconfig/20021122#" elementFormDefault="qualified" attributeFormDefault="unqualified" xmlns:config="http://reference.e-government.gv.at/namespace/moaconfig/20021122#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xs="http://www.w3.org/2001/XMLSchema">
+ <xs:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/>
+ <xs:element name="MOAConfiguration">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="Common" minOccurs="0">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="HardwareCryptoModule" minOccurs="0" maxOccurs="unbounded">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="Name" type="xs:string"/>
+ <xs:element name="SlotId" type="xs:string" minOccurs="0"/>
+ <xs:element name="UserPIN" type="xs:string"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="SignatureCreation" minOccurs="0">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="KeyModules">
+ <xs:complexType>
+ <xs:choice maxOccurs="unbounded">
+ <xs:element name="HardwareKeyModule">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="Id" type="xs:token"/>
+ <xs:element name="Name" type="xs:string"/>
+ <xs:element name="SlotId" type="xs:string" minOccurs="0"/>
+ <xs:element name="UserPIN" type="xs:string"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="SoftwareKeyModule">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="Id" type="xs:token"/>
+ <xs:element name="FileName" type="xs:string"/>
+ <xs:element name="Password" type="xs:string" minOccurs="0"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:choice>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="KeyGroup" maxOccurs="unbounded">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="Id" type="xs:token"/>
+ <xs:sequence maxOccurs="unbounded">
+ <xs:element name="Key">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="KeyModuleId" type="xs:token"/>
+ <xs:element name="KeyCertIssuerSerial" type="dsig:X509IssuerSerialType"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="KeyGroupMapping" maxOccurs="unbounded">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="CustomerId" type="dsig:X509IssuerSerialType" minOccurs="0"/>
+ <xs:element name="KeyGroupId" type="xs:token" maxOccurs="unbounded"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="XMLDSig">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="CanonicalizationAlgorithm" type="xs:anyURI" minOccurs="0"/>
+ <xs:element name="DigestMethodAlgorithm" type="xs:anyURI" minOccurs="0"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="CreateTransformsInfoProfile" type="config:ProfileType" minOccurs="0" maxOccurs="unbounded"/>
+ <xs:element name="CreateSignatureEnvironmentProfile" type="config:ProfileType" minOccurs="0" maxOccurs="unbounded"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="SignatureVerification" minOccurs="0">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="CertificateValidation">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="PathConstruction">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="AutoAddCertificates" type="xs:boolean"/>
+ <xs:element name="UseAuthorityInformationAccess" type="xs:boolean"/>
+ <xs:element name="CertificateStore">
+ <xs:complexType>
+ <xs:choice>
+ <xs:element name="DirectoryStore">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="Location" type="xs:token"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:choice>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="PathValidation">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="ChainingMode">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="DefaultMode" type="config:ChainingModeType"/>
+ <xs:element name="TrustAnchor" minOccurs="0" maxOccurs="unbounded">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="Identification" type="dsig:X509IssuerSerialType"/>
+ <xs:element name="Mode" type="config:ChainingModeType"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="TrustProfile" maxOccurs="unbounded">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="Id" type="xs:token"/>
+ <xs:element name="TrustAnchorsLocation" type="xs:anyURI"/>
+ <xs:element name="SignerCertsLocation" type="xs:anyURI" minOccurs="0"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="RevocationChecking">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="EnableChecking" type="xs:boolean"/>
+ <xs:element name="MaxRevocationAge" type="xs:integer"/>
+ <xs:element name="ServiceOrder" minOccurs="0">
+ <xs:complexType>
+ <xs:sequence minOccurs="1" maxOccurs="2">
+ <xs:element name="Service">
+ <xs:simpleType>
+ <xs:restriction base="xs:token">
+ <xs:enumeration value="OCSP"/>
+ <xs:enumeration value="CRL"/>
+ </xs:restriction>
+ </xs:simpleType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="Archiving">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="EnableArchiving" type="xs:boolean"/>
+ <xs:element name="ArchiveDuration" type="xs:nonNegativeInteger" minOccurs="0"/>
+ <xs:element name="Archive" minOccurs="0">
+ <xs:complexType>
+ <xs:choice>
+ <xs:element name="DatabaseArchive">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="JDBCURL" type="xs:anyURI"/>
+ <xs:element name="JDBCDriverClassName" type="xs:token"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:choice>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="DistributionPoint" minOccurs="0" maxOccurs="unbounded">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="CAIssuerDN" type="xs:token"/>
+ <xs:choice maxOccurs="unbounded">
+ <xs:element name="CRLDP">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="Location" type="xs:anyURI"/>
+ <xs:element name="ReasonCode" minOccurs="0" maxOccurs="unbounded">
+ <xs:simpleType>
+ <xs:restriction base="xs:token">
+ <xs:enumeration value="unused"/>
+ <xs:enumeration value="keyCompromise"/>
+ <xs:enumeration value="cACompromise"/>
+ <xs:enumeration value="affiliationChanged"/>
+ <xs:enumeration value="superseded"/>
+ <xs:enumeration value="cessationOfOperation"/>
+ <xs:enumeration value="certificateHold"/>
+ <xs:enumeration value="privilegeWithdrawn"/>
+ <xs:enumeration value="aACompromise"/>
+ </xs:restriction>
+ </xs:simpleType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="OCSPDP">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="Location" type="xs:anyURI"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:choice>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="CrlRetentionIntervals" minOccurs="0">
+ <xs:complexType>
+ <xs:sequence maxOccurs="unbounded">
+ <xs:element name="CA">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="X509IssuerName" type="xs:string"/>
+ <xs:element name="Interval" type="xs:integer"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="VerifyTransformsInfoProfile" type="config:ProfileType" minOccurs="0" maxOccurs="unbounded"/>
+ <xs:element name="SupplementProfile" type="config:ProfileType" minOccurs="0" maxOccurs="unbounded"/>
+ <xs:element name="PermitFileURIs" type="xs:boolean" default="false" minOccurs="0"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:simpleType name="ChainingModeType">
+ <xs:restriction base="xs:string">
+ <xs:enumeration value="chaining"/>
+ <xs:enumeration value="pkix"/>
+ </xs:restriction>
+ </xs:simpleType>
+ <xs:complexType name="ProfileType">
+ <xs:sequence>
+ <xs:element name="Id" type="xs:token"/>
+ <xs:element name="Location" type="xs:anyURI"/>
+ </xs:sequence>
+ </xs:complexType>
+</xs:schema>
diff --git a/common/src/main/resources/resources/schemas/MOA-SPSS-config-1.4.7.xsd b/common/src/main/resources/resources/schemas/MOA-SPSS-config-1.4.7.xsd new file mode 100644 index 000000000..4808f3cb7 --- /dev/null +++ b/common/src/main/resources/resources/schemas/MOA-SPSS-config-1.4.7.xsd @@ -0,0 +1,268 @@ +<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ MOA SP/SS 1.4.7 Configuration Schema
+-->
+<xs:schema targetNamespace="http://reference.e-government.gv.at/namespace/moaconfig/20021122#" elementFormDefault="qualified" attributeFormDefault="unqualified" xmlns:config="http://reference.e-government.gv.at/namespace/moaconfig/20021122#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xs="http://www.w3.org/2001/XMLSchema">
+ <xs:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/>
+ <xs:element name="MOAConfiguration">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="Common" minOccurs="0">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="HardwareCryptoModule" minOccurs="0" maxOccurs="unbounded">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="Name" type="xs:string"/>
+ <xs:element name="SlotId" type="xs:string" minOccurs="0"/>
+ <xs:element name="UserPIN" type="xs:string"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="SignatureCreation" minOccurs="0">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="KeyModules">
+ <xs:complexType>
+ <xs:choice maxOccurs="unbounded">
+ <xs:element name="HardwareKeyModule">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="Id" type="xs:token"/>
+ <xs:element name="Name" type="xs:string"/>
+ <xs:element name="SlotId" type="xs:string" minOccurs="0"/>
+ <xs:element name="UserPIN" type="xs:string"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="SoftwareKeyModule">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="Id" type="xs:token"/>
+ <xs:element name="FileName" type="xs:string"/>
+ <xs:element name="Password" type="xs:string" minOccurs="0"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:choice>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="KeyGroup" maxOccurs="unbounded">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="Id" type="xs:token"/>
+ <xs:sequence maxOccurs="unbounded">
+ <xs:element name="Key">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="KeyModuleId" type="xs:token"/>
+ <xs:element name="KeyCertIssuerSerial" type="dsig:X509IssuerSerialType"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="KeyGroupMapping" maxOccurs="unbounded">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="CustomerId" type="dsig:X509IssuerSerialType" minOccurs="0"/>
+ <xs:element name="KeyGroupId" type="xs:token" maxOccurs="unbounded"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="XMLDSig">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="CanonicalizationAlgorithm" type="xs:anyURI" minOccurs="0"/>
+ <xs:element name="DigestMethodAlgorithm" type="xs:anyURI" minOccurs="0"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="CreateTransformsInfoProfile" type="config:ProfileType" minOccurs="0" maxOccurs="unbounded"/>
+ <xs:element name="CreateSignatureEnvironmentProfile" type="config:ProfileType" minOccurs="0" maxOccurs="unbounded"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="SignatureVerification" minOccurs="0">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="CertificateValidation">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="PathConstruction">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="AutoAddCertificates" type="xs:boolean"/>
+ <xs:element name="UseAuthorityInformationAccess" type="xs:boolean"/>
+ <xs:element name="CertificateStore">
+ <xs:complexType>
+ <xs:choice>
+ <xs:element name="DirectoryStore">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="Location" type="xs:token"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:choice>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="PathValidation">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="ChainingMode">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="DefaultMode" type="config:ChainingModeType"/>
+ <xs:element name="TrustAnchor" minOccurs="0" maxOccurs="unbounded">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="Identification" type="dsig:X509IssuerSerialType"/>
+ <xs:element name="Mode" type="config:ChainingModeType"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="TrustProfile" maxOccurs="unbounded">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="Id" type="xs:token"/>
+ <xs:element name="TrustAnchorsLocation" type="xs:anyURI"/>
+ <xs:element name="SignerCertsLocation" type="xs:anyURI" minOccurs="0"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="RevocationChecking">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="EnableChecking" type="xs:boolean"/>
+ <xs:element name="MaxRevocationAge" type="xs:integer"/>
+ <xs:element name="ServiceOrder" minOccurs="0">
+ <xs:complexType>
+ <xs:sequence minOccurs="1" maxOccurs="2">
+ <xs:element name="Service">
+ <xs:simpleType>
+ <xs:restriction base="xs:token">
+ <xs:enumeration value="OCSP"/>
+ <xs:enumeration value="CRL"/>
+ </xs:restriction>
+ </xs:simpleType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="Archiving">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="EnableArchiving" type="xs:boolean"/>
+ <xs:element name="ArchiveDuration" type="xs:nonNegativeInteger" minOccurs="0"/>
+ <xs:element name="Archive" minOccurs="0">
+ <xs:complexType>
+ <xs:choice>
+ <xs:element name="DatabaseArchive">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="JDBCURL" type="xs:anyURI"/>
+ <xs:element name="JDBCDriverClassName" type="xs:token"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:choice>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="DistributionPoint" minOccurs="0" maxOccurs="unbounded">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="CAIssuerDN" type="xs:token"/>
+ <xs:choice maxOccurs="unbounded">
+ <xs:element name="CRLDP">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="Location" type="xs:anyURI"/>
+ <xs:element name="ReasonCode" minOccurs="0" maxOccurs="unbounded">
+ <xs:simpleType>
+ <xs:restriction base="xs:token">
+ <xs:enumeration value="unused"/>
+ <xs:enumeration value="keyCompromise"/>
+ <xs:enumeration value="cACompromise"/>
+ <xs:enumeration value="affiliationChanged"/>
+ <xs:enumeration value="superseded"/>
+ <xs:enumeration value="cessationOfOperation"/>
+ <xs:enumeration value="certificateHold"/>
+ <xs:enumeration value="privilegeWithdrawn"/>
+ <xs:enumeration value="aACompromise"/>
+ </xs:restriction>
+ </xs:simpleType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="OCSPDP">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="Location" type="xs:anyURI"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:choice>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="CrlRetentionIntervals" minOccurs="0">
+ <xs:complexType>
+ <xs:sequence maxOccurs="unbounded">
+ <xs:element name="CA">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="X509IssuerName" type="xs:string"/>
+ <xs:element name="Interval" type="xs:integer"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="VerifyTransformsInfoProfile" type="config:ProfileType" minOccurs="0" maxOccurs="unbounded"/>
+ <xs:element name="SupplementProfile" type="config:ProfileType" minOccurs="0" maxOccurs="unbounded"/>
+ <xs:element name="PermitFileURIs" type="xs:boolean" default="false" minOccurs="0"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:simpleType name="ChainingModeType">
+ <xs:restriction base="xs:string">
+ <xs:enumeration value="chaining"/>
+ <xs:enumeration value="pkix"/>
+ </xs:restriction>
+ </xs:simpleType>
+ <xs:complexType name="ProfileType">
+ <xs:sequence>
+ <xs:element name="Id" type="xs:token"/>
+ <xs:element name="Location" type="xs:anyURI"/>
+ </xs:sequence>
+ </xs:complexType>
+</xs:schema>
diff --git a/common/src/main/resources/resources/schemas/MOA-SPSS-config-1.5.1.xsd b/common/src/main/resources/resources/schemas/MOA-SPSS-config-1.5.1.xsd new file mode 100644 index 000000000..01cd7c426 --- /dev/null +++ b/common/src/main/resources/resources/schemas/MOA-SPSS-config-1.5.1.xsd @@ -0,0 +1,282 @@ +<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ MOA SP/SS 1.5.1 Configuration Schema
+-->
+<xs:schema xmlns:config="http://reference.e-government.gv.at/namespace/moaconfig/20021122#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xs="http://www.w3.org/2001/XMLSchema" targetNamespace="http://reference.e-government.gv.at/namespace/moaconfig/20021122#" elementFormDefault="qualified" attributeFormDefault="unqualified">
+ <xs:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/>
+ <xs:element name="MOAConfiguration">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="Common" minOccurs="0">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="HardwareCryptoModule" minOccurs="0" maxOccurs="unbounded">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="Name" type="xs:string"/>
+ <xs:element name="SlotId" type="xs:string" minOccurs="0"/>
+ <xs:element name="UserPIN" type="xs:string"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="PermitExternalUris" minOccurs="0">
+ <xs:complexType>
+ <xs:sequence minOccurs="0" maxOccurs="unbounded">
+ <xs:element name="BlackListUri">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="IP" type="xs:string"/>
+ <xs:element name="Port" type="xs:int" minOccurs="0"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="SignatureCreation" minOccurs="0">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="KeyModules">
+ <xs:complexType>
+ <xs:choice maxOccurs="unbounded">
+ <xs:element name="HardwareKeyModule">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="Id" type="xs:token"/>
+ <xs:element name="Name" type="xs:string"/>
+ <xs:element name="SlotId" type="xs:string" minOccurs="0"/>
+ <xs:element name="UserPIN" type="xs:string"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="SoftwareKeyModule">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="Id" type="xs:token"/>
+ <xs:element name="FileName" type="xs:string"/>
+ <xs:element name="Password" type="xs:string" minOccurs="0"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:choice>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="KeyGroup" maxOccurs="unbounded">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="Id" type="xs:token"/>
+ <xs:sequence maxOccurs="unbounded">
+ <xs:element name="Key">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="KeyModuleId" type="xs:token"/>
+ <xs:element name="KeyCertIssuerSerial" type="dsig:X509IssuerSerialType"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="KeyGroupMapping" maxOccurs="unbounded">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="CustomerId" type="dsig:X509IssuerSerialType" minOccurs="0"/>
+ <xs:element name="KeyGroupId" type="xs:token" maxOccurs="unbounded"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="XMLDSig">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="CanonicalizationAlgorithm" type="xs:anyURI" minOccurs="0"/>
+ <xs:element name="DigestMethodAlgorithm" type="xs:anyURI" minOccurs="0"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="CreateTransformsInfoProfile" type="config:ProfileType" minOccurs="0" maxOccurs="unbounded"/>
+ <xs:element name="CreateSignatureEnvironmentProfile" type="config:ProfileType" minOccurs="0" maxOccurs="unbounded"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="SignatureVerification" minOccurs="0">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="CertificateValidation">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="PathConstruction">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="AutoAddCertificates" type="xs:boolean"/>
+ <xs:element name="UseAuthorityInformationAccess" type="xs:boolean"/>
+ <xs:element name="CertificateStore">
+ <xs:complexType>
+ <xs:choice>
+ <xs:element name="DirectoryStore">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="Location" type="xs:token"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:choice>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="PathValidation">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="ChainingMode">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="DefaultMode" type="config:ChainingModeType"/>
+ <xs:element name="TrustAnchor" minOccurs="0" maxOccurs="unbounded">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="Identification" type="dsig:X509IssuerSerialType"/>
+ <xs:element name="Mode" type="config:ChainingModeType"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="TrustProfile" maxOccurs="unbounded">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="Id" type="xs:token"/>
+ <xs:element name="TrustAnchorsLocation" type="xs:anyURI"/>
+ <xs:element name="SignerCertsLocation" type="xs:anyURI" minOccurs="0"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="RevocationChecking">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="EnableChecking" type="xs:boolean"/>
+ <xs:element name="MaxRevocationAge" type="xs:integer"/>
+ <xs:element name="ServiceOrder" minOccurs="0">
+ <xs:complexType>
+ <xs:sequence maxOccurs="2">
+ <xs:element name="Service">
+ <xs:simpleType>
+ <xs:restriction base="xs:token">
+ <xs:enumeration value="OCSP"/>
+ <xs:enumeration value="CRL"/>
+ </xs:restriction>
+ </xs:simpleType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="Archiving">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="EnableArchiving" type="xs:boolean"/>
+ <xs:element name="ArchiveDuration" type="xs:nonNegativeInteger" minOccurs="0"/>
+ <xs:element name="Archive" minOccurs="0">
+ <xs:complexType>
+ <xs:choice>
+ <xs:element name="DatabaseArchive">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="JDBCURL" type="xs:anyURI"/>
+ <xs:element name="JDBCDriverClassName" type="xs:token"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:choice>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="DistributionPoint" minOccurs="0" maxOccurs="unbounded">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="CAIssuerDN" type="xs:token"/>
+ <xs:choice maxOccurs="unbounded">
+ <xs:element name="CRLDP">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="Location" type="xs:anyURI"/>
+ <xs:element name="ReasonCode" minOccurs="0" maxOccurs="unbounded">
+ <xs:simpleType>
+ <xs:restriction base="xs:token">
+ <xs:enumeration value="unused"/>
+ <xs:enumeration value="keyCompromise"/>
+ <xs:enumeration value="cACompromise"/>
+ <xs:enumeration value="affiliationChanged"/>
+ <xs:enumeration value="superseded"/>
+ <xs:enumeration value="cessationOfOperation"/>
+ <xs:enumeration value="certificateHold"/>
+ <xs:enumeration value="privilegeWithdrawn"/>
+ <xs:enumeration value="aACompromise"/>
+ </xs:restriction>
+ </xs:simpleType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="OCSPDP">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="Location" type="xs:anyURI"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:choice>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="CrlRetentionIntervals" minOccurs="0">
+ <xs:complexType>
+ <xs:sequence maxOccurs="unbounded">
+ <xs:element name="CA">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="X509IssuerName" type="xs:string"/>
+ <xs:element name="Interval" type="xs:integer"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="VerifyTransformsInfoProfile" type="config:ProfileType" minOccurs="0" maxOccurs="unbounded"/>
+ <xs:element name="SupplementProfile" type="config:ProfileType" minOccurs="0" maxOccurs="unbounded"/>
+ <xs:element name="PermitFileURIs" type="xs:boolean" default="false" minOccurs="0"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:simpleType name="ChainingModeType">
+ <xs:restriction base="xs:string">
+ <xs:enumeration value="chaining"/>
+ <xs:enumeration value="pkix"/>
+ </xs:restriction>
+ </xs:simpleType>
+ <xs:complexType name="ProfileType">
+ <xs:sequence>
+ <xs:element name="Id" type="xs:token"/>
+ <xs:element name="Location" type="xs:anyURI"/>
+ </xs:sequence>
+ </xs:complexType>
+</xs:schema>
diff --git a/common/src/main/resources/resources/schemas/MOAIdentities.xsd b/common/src/main/resources/resources/schemas/MOAIdentities.xsd new file mode 100644 index 000000000..de9d9d4e4 --- /dev/null +++ b/common/src/main/resources/resources/schemas/MOAIdentities.xsd @@ -0,0 +1,51 @@ +<?xml version="1.0" encoding="UTF-8"?>
+<!-- edited with XMLSPY v5 rel. 4 U (http://www.xmlspy.com) by Rudolf Schamberger (Stabsstelle IKT-Strategie) (Bundesrechenzentrum GmbH) -->
+<xs:schema targetNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#/xmllpr20030814" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:tns="http://reference.e-government.gv.at/namespace/moa/20020822#/xmllpr20030814" elementFormDefault="qualified" attributeFormDefault="unqualified">
+ <xs:element name="MOAIdentities">
+ <xs:annotation>
+ <xs:documentation>MOAIdentities provides a mapping from identities to parameters used in the XMLLoginParameterResolver of MOA-ID</xs:documentation>
+ </xs:annotation>
+ <xs:complexType>
+ <xs:sequence maxOccurs="unbounded">
+ <xs:element name="Mapping">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="Identity">
+ <xs:complexType>
+ <xs:choice>
+ <xs:element name="NamedIdentity" type="tns:NamedIdentityType"/>
+ <xs:element name="bPKIdentity" type="tns:bPKIdentitiyType"/>
+ </xs:choice>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="Parameters" type="tns:ParametersType"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:complexType name="bPKIdentitiyType">
+ <xs:simpleContent>
+ <xs:extension base="xs:boolean">
+ <xs:attribute name="bPK" type="xs:string" use="required"/>
+ </xs:extension>
+ </xs:simpleContent>
+ </xs:complexType>
+ <xs:complexType name="NamedIdentityType">
+ <xs:simpleContent>
+ <xs:extension base="xs:boolean">
+ <xs:attribute name="SurName" type="xs:string" use="required"/>
+ <xs:attribute name="GivenName" type="xs:string" use="required"/>
+ <xs:attribute name="BirthDate" type="xs:string" use="optional"/>
+ </xs:extension>
+ </xs:simpleContent>
+ </xs:complexType>
+ <xs:complexType name="ParametersType">
+ <xs:attribute name="UN" type="xs:string" use="optional"/>
+ <xs:attribute name="PW" type="xs:string" use="optional"/>
+ <xs:attribute name="Param1" type="xs:string" use="optional"/>
+ <xs:attribute name="Param2" type="xs:string" use="optional"/>
+ <xs:attribute name="Param3" type="xs:string" use="optional"/>
+ </xs:complexType>
+</xs:schema>
diff --git a/common/src/main/resources/resources/schemas/PersonData.xsd b/common/src/main/resources/resources/schemas/PersonData.xsd new file mode 100644 index 000000000..0e3bc6b3b --- /dev/null +++ b/common/src/main/resources/resources/schemas/PersonData.xsd @@ -0,0 +1,426 @@ +<?xml version="1.0" encoding="ISO-8859-1"?> +<!-- edited with XML Spy v4.1 U (http://www.xmlspy.com) by Peter Reichstädter (CIO) --> +<!--Generisches Schema zum Speichern und Austauschen von Personendaten + (c) 2001-2002 Chief Information Office Austria, Stabsstelle IKT-Strategie des Bundes, BMÖLS + Kontakt: Peter Reichstädter (peter.reichstaedter@cio.gv.at), Arno Hollosi (arno.hollosi@cio.gv.at) + Die freie Verwendung dieses Schemas in Applikationen (behördenintern, kommerziell, privat) ist erlaubt und erwünscht. +--> +<xs:schema targetNamespace="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.0.0"> + <xs:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="W3C-XMLDSig.xsd"/> + <!-- ### include definitions from hr-xml schemas ###--> + <xs:include schemaLocation="PersonName-1_2.xsd"/> + <xs:include schemaLocation="PostalAddress-1_2.xsd"/> + <xs:include schemaLocation="TelcomNumber-1_0.xsd"/> + <!-- ### type definition of Unique Identifier Entities ### --> + <xs:complexType name="IdentificationType"> + <xs:annotation> + <xs:documentation>unique identifier</xs:documentation> + </xs:annotation> + <xs:sequence> + <xs:element name="Value"> + <xs:annotation> + <xs:documentation>actual value of the identifier.</xs:documentation> + </xs:annotation> + <xs:complexType> + <xs:simpleContent> + <xs:extension base="xs:string"> + <xs:attribute name="Id" type="xs:ID" use="optional"/> + </xs:extension> + </xs:simpleContent> + </xs:complexType> + </xs:element> + <xs:element name="Type" type="xs:anyURI"> + <xs:annotation> + <xs:documentation>type of value (eg 'ZMR', 'SV-Nummer', 'Martrikelnummer', database identification, ...)</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="Authority" type="xs:anyURI" minOccurs="0"> + <xs:annotation> + <xs:documentation>authority, which is reponsible for generation of the identifier (eg university in case of 'MatrikelNummer')</xs:documentation> + </xs:annotation> + </xs:element> + <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"> + <xs:annotation> + <xs:documentation>any additional properties</xs:documentation> + </xs:annotation> + </xs:any> + </xs:sequence> + <xs:attribute name="Id" type="xs:ID" use="optional"/> + <xs:anyAttribute namespace="##other"/> + </xs:complexType> + <!-- ### base type for person data ### --> + <xs:element name="Person" type="AbstractPersonType"> + <xs:annotation> + <xs:documentation>element of person type</xs:documentation> + </xs:annotation> + </xs:element> + <xs:complexType name="AbstractPersonType" abstract="true"> + <xs:annotation> + <xs:documentation>main structure of person data</xs:documentation> + </xs:annotation> + <xs:sequence minOccurs="0"> + <xs:element name="Identification" type="IdentificationType" maxOccurs="unbounded"> + <xs:annotation> + <xs:documentation>unique identification entities</xs:documentation> + </xs:annotation> + </xs:element> + </xs:sequence> + <xs:attribute name="Id" type="xs:ID" use="optional"/> + <xs:anyAttribute namespace="##other"/> + </xs:complexType> + <!-- ### physical person and corporate body ### --> + <xs:element name="PhysicalPerson" type="PhysicalPersonType"> + <xs:annotation> + <xs:documentation>element of physical person type</xs:documentation> + </xs:annotation> + </xs:element> + <xs:complexType name="PhysicalPersonType"> + <xs:annotation> + <xs:documentation>physical person</xs:documentation> + </xs:annotation> + <xs:complexContent> + <xs:extension base="AbstractPersonType"> + <xs:sequence minOccurs="0"> + <xs:element name="Name" type="PersonNameType" minOccurs="0"> + <xs:annotation> + <xs:documentation>data related to the person's name</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="AlternativeName" minOccurs="0" maxOccurs="unbounded"> + <xs:annotation> + <xs:documentation>Former name, Artist name, changes of Given name ...</xs:documentation> + </xs:annotation> + <xs:complexType> + <xs:complexContent> + <xs:extension base="PersonNameType"> + <xs:attribute name="Type" type="AlternativeNameTypeType"/> + </xs:extension> + </xs:complexContent> + </xs:complexType> + </xs:element> + <xs:element name="MaritalStatus" type="MaritalStatusType" minOccurs="0"> + <xs:annotation> + <xs:documentation>status of a person in the cycle of life</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="Sex" type="SexType" minOccurs="0"> + <xs:annotation> + <xs:documentation>gender</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="DateOfBirth" type="DateOfBirthType" minOccurs="0"> + <xs:annotation> + <xs:documentation>date of birth</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="PlaceOfBirth" type="xs:token" minOccurs="0"> + <xs:annotation> + <xs:documentation>place of birth</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="CountryOfBirth" type="xs:token" minOccurs="0"> + <xs:annotation> + <xs:documentation>country of birth</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="Nationality" type="xs:token" minOccurs="0" maxOccurs="unbounded"> + <xs:annotation> + <xs:documentation>nationality of Person (Staatsbürgerschaft)</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="Confession" type="xs:token" minOccurs="0"> + <xs:annotation> + <xs:documentation>confession (religion) of Person</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="relatedPerson" minOccurs="0" maxOccurs="unbounded"> + <xs:annotation> + <xs:documentation>relatives (parents, ...)</xs:documentation> + </xs:annotation> + <xs:complexType> + <xs:sequence> + <xs:element name="TypeOfRelation" type="RelationType" maxOccurs="unbounded"> + <xs:annotation> + <xs:documentation>type of the relationship</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element ref="Person"/> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"> + <xs:annotation> + <xs:documentation>any additional properties</xs:documentation> + </xs:annotation> + </xs:any> + </xs:sequence> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <xs:element name="CorporateBody" type="CorporateBodyType"> + <xs:annotation> + <xs:documentation>element of corporate body type</xs:documentation> + </xs:annotation> + </xs:element> + <xs:complexType name="CorporateBodyType"> + <xs:annotation> + <xs:documentation>juridical person, organisation</xs:documentation> + </xs:annotation> + <xs:complexContent> + <xs:extension base="AbstractPersonType"> + <xs:sequence minOccurs="0"> + <xs:element name="Type" type="xs:anyURI" minOccurs="0" maxOccurs="unbounded"> + <xs:annotation> + <xs:documentation>category (eg organisation, function, sector, ...)</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="FullName" type="xs:token" minOccurs="0"> + <xs:annotation> + <xs:documentation>name of corporate body (whole name)</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="AlternativeName" type="xs:token" minOccurs="0" maxOccurs="unbounded"> + <xs:annotation> + <xs:documentation>alternative names of corporate body (abbreviations, short name, synonyms, ...)</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="LegalForm" type="xs:anyURI" minOccurs="0"> + <xs:annotation> + <xs:documentation>type of company (eg AG, OHG, ...)</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="Organisation" type="xs:token" minOccurs="0"> + <xs:annotation> + <xs:documentation>part of an organisation, see also X.500 ou (eg departement, section, branch, ...) </xs:documentation> + </xs:annotation> + </xs:element> + <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"> + <xs:annotation> + <xs:documentation>any additional properties</xs:documentation> + </xs:annotation> + </xs:any> + </xs:sequence> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <!-- ### signed structure of a person ### --> + <xs:element name="PersonData" type="PersonDataType"> + <xs:annotation> + <xs:documentation>element of signed person datastructure type</xs:documentation> + </xs:annotation> + </xs:element> + <xs:complexType name="PersonDataType"> + <xs:annotation> + <xs:documentation>signed person datastructure. The first Identification elements (from the base type) denote the record as such (e.g. database key for this record) - not to be mistaken for identifiers of the person or of an address (they have their own Identification elements).</xs:documentation> + </xs:annotation> + <xs:complexContent> + <xs:extension base="AbstractPersonType"> + <xs:sequence> + <xs:element ref="Person"/> + <xs:element ref="Address" minOccurs="0" maxOccurs="unbounded"/> + <xs:element ref="dsig:Signature" minOccurs="0" maxOccurs="unbounded"> + <xs:annotation> + <xs:documentation>one or more electronic signatures applied on fields above</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="AdditionalData" minOccurs="0"> + <xs:complexType mixed="true"> + <xs:sequence minOccurs="0" maxOccurs="unbounded"> + <xs:any namespace="##any" processContents="lax"> + <xs:annotation> + <xs:documentation>any additional properties</xs:documentation> + </xs:annotation> + </xs:any> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <!-- ### auxiliary types ### --> + <xs:simpleType name="SexType"> + <xs:annotation> + <xs:documentation>simple type for sex (gender) of person</xs:documentation> + </xs:annotation> + <xs:restriction base="xs:token"> + <xs:enumeration value="male"/> + <xs:enumeration value="female"/> + <xs:enumeration value="unknown"/> + </xs:restriction> + </xs:simpleType> + <xs:simpleType name="DateOfBirthType"> + <xs:annotation> + <xs:documentation>simple type for dates (union), which may omit day and/or month</xs:documentation> + </xs:annotation> + <xs:union memberTypes="xs:date xs:gYearMonth xs:gYear"/> + </xs:simpleType> + <xs:simpleType name="MaritalStatusType"> + <xs:annotation> + <xs:documentation>simple type for marital status of a person</xs:documentation> + </xs:annotation> + <xs:restriction base="xs:token"> + <xs:enumeration value="single"/> + <xs:enumeration value="married"/> + <xs:enumeration value="divorced"/> + <xs:enumeration value="widowed"/> + </xs:restriction> + </xs:simpleType> + <xs:simpleType name="xStringPatternExtensionType"> + <xs:annotation> + <xs:documentation>pattern type for enlargement of type definitions</xs:documentation> + </xs:annotation> + <xs:restriction base="xs:string"> + <xs:pattern value="x:\S.*"/> + </xs:restriction> + </xs:simpleType> + <xs:simpleType name="DefinedRelationType"> + <xs:annotation> + <xs:documentation>known relations (family + functional)</xs:documentation> + </xs:annotation> + <xs:restriction base="xs:string"> + <xs:enumeration value="family:Parent"/> + <xs:enumeration value="family:Child"/> + <xs:enumeration value="family:Sibling"/> + <xs:enumeration value="family:Grandparent"/> + <xs:enumeration value="family:Grandchild"/> + <xs:enumeration value="family:Spouse"/> + <xs:enumeration value="function:LegalGuardian"/> + <xs:enumeration value="function:IsGuardedBy"/> + <xs:enumeration value="function:Cohabitant"/> + </xs:restriction> + </xs:simpleType> + <xs:simpleType name="RelationType"> + <xs:annotation> + <xs:documentation>known + any other relation</xs:documentation> + </xs:annotation> + <xs:union memberTypes="xStringPatternExtensionType DefinedRelationType"/> + </xs:simpleType> + <xs:simpleType name="DefinedAlternativeNameTypeType"> + <xs:annotation> + <xs:documentation>known types of alternative names</xs:documentation> + </xs:annotation> + <xs:restriction base="xs:string"> + <xs:enumeration value="ArtistName"/> + <xs:enumeration value="NickName"/> + <xs:enumeration value="FormerName"/> + <xs:enumeration value="Alias"/> + <xs:enumeration value="MaidenName"/> + </xs:restriction> + </xs:simpleType> + <xs:simpleType name="AlternativeNameTypeType"> + <xs:annotation> + <xs:documentation>known + any other alternative name types</xs:documentation> + </xs:annotation> + <xs:union memberTypes="xStringPatternExtensionType DefinedAlternativeNameTypeType"/> + </xs:simpleType> + <!-- ### adress data for various types of communications ### --> + <xs:element name="Address" type="AbstractAddressType"> + <xs:annotation> + <xs:documentation>element of address type</xs:documentation> + </xs:annotation> + </xs:element> + <xs:complexType name="AbstractAddressType" abstract="true"> + <xs:annotation> + <xs:documentation>main structure of address data</xs:documentation> + </xs:annotation> + <xs:sequence minOccurs="0"> + <xs:element name="Identification" type="IdentificationType" maxOccurs="unbounded"> + <xs:annotation> + <xs:documentation>unique identification entities</xs:documentation> + </xs:annotation> + </xs:element> + </xs:sequence> + <xs:attribute name="Id" type="xs:ID" use="optional"/> + <xs:anyAttribute namespace="##other"/> + </xs:complexType> + <xs:element name="TypedPostalAddress" type="TypedPostalAddressType"> + <xs:annotation> + <xs:documentation>element of postal address type</xs:documentation> + </xs:annotation> + </xs:element> + <xs:complexType name="TypedPostalAddressType"> + <xs:annotation> + <xs:documentation>postal address</xs:documentation> + </xs:annotation> + <xs:complexContent> + <xs:extension base="AbstractAddressType"> + <xs:sequence minOccurs="0"> + <xs:element name="Type" type="xs:anyURI" minOccurs="0"> + <xs:annotation> + <xs:documentation>type of address - category (eg 'Wohnsitz', 'Zentrale', ...)</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element ref="PostalAddress"/> + <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"> + <xs:annotation> + <xs:documentation>any additional properties</xs:documentation> + </xs:annotation> + </xs:any> + </xs:sequence> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <xs:element name="TelephoneAddress" type="TelephoneAddressType"> + <xs:annotation> + <xs:documentation>element of telephone address type</xs:documentation> + </xs:annotation> + </xs:element> + <xs:complexType name="TelephoneAddressType"> + <xs:annotation> + <xs:documentation>phone numbers</xs:documentation> + </xs:annotation> + <xs:complexContent> + <xs:extension base="AbstractAddressType"> + <xs:sequence minOccurs="0"> + <xs:element name="Type" type="xs:anyURI" minOccurs="0" maxOccurs="unbounded"> + <xs:annotation> + <xs:documentation>type of phononumber - category (eg 'Festnetz', 'Mobile', 'fax', ...)</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="Number" type="TelcomNumberType"> + <xs:annotation> + <xs:documentation>phonenumber</xs:documentation> + </xs:annotation> + </xs:element> + <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"> + <xs:annotation> + <xs:documentation>any additional properties</xs:documentation> + </xs:annotation> + </xs:any> + </xs:sequence> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <xs:element name="InternetAddress" type="InternetAddressType"> + <xs:annotation> + <xs:documentation>element of internet address type</xs:documentation> + </xs:annotation> + </xs:element> + <xs:complexType name="InternetAddressType"> + <xs:annotation> + <xs:documentation>internet based communication</xs:documentation> + </xs:annotation> + <xs:complexContent> + <xs:extension base="AbstractAddressType"> + <xs:sequence minOccurs="0"> + <xs:element ref="dsig:KeyInfo" minOccurs="0"> + <xs:annotation> + <xs:documentation>certificate for secure communication</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="Address" type="xs:anyURI"> + <xs:annotation> + <xs:documentation>email-Address, Web, FTP, LDAP, ...</xs:documentation> + </xs:annotation> + </xs:element> + <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"> + <xs:annotation> + <xs:documentation>any additional properties</xs:documentation> + </xs:annotation> + </xs:any> + </xs:sequence> + </xs:extension> + </xs:complexContent> + </xs:complexType> +</xs:schema> diff --git a/common/src/main/resources/resources/schemas/PersonData_20_en_moaWID.xsd b/common/src/main/resources/resources/schemas/PersonData_20_en_moaWID.xsd new file mode 100644 index 000000000..cf8f796db --- /dev/null +++ b/common/src/main/resources/resources/schemas/PersonData_20_en_moaWID.xsd @@ -0,0 +1,1229 @@ +<?xml version="1.0" encoding="ISO-8859-1"?>
+<!-- edited with XMLSPY v2004 rel. 3 U (http://www.xmlspy.com) by Larissa Naber (Bundeskanzleramt) -->
+<!-- edited with XML Spy v4.1 U (http://www.xmlspy.com) by Peter Reichstädter (CIO) -->
+<!--Generisches Schema zum Speichern und Austauschen von Personendaten
+ (c) 2001-2002 Chief Information Office Austria, Stabsstelle IKT-Strategie des Bundes, BMÖLS
+ Kontakt: Peter Reichstädter (peter.reichstaedter@cio.gv.at), Arno Hollosi (arno.hollosi@cio.gv.at)
+ Die freie Verwendung dieses Schemas in Applikationen (behördenintern, kommerziell, privat) ist erlaubt und erwünscht.
+-->
+<?xml-stylesheet type="text/xsl" href="getelementnames.xslt"?>
+<xs:schema targetNamespace="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.0.0">
+ <xs:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd"/>
+ <xs:annotation>
+ <xs:documentation>This version of person deploys only global elements. All types derived from abstract types have been replaced by substitution groups</xs:documentation>
+ </xs:annotation>
+ <!-- ### signed structure of a person ### -->
+ <xs:element name="AbstractPersonData" type="AbstractPersonType">
+ <xs:annotation>
+ <xs:documentation>dummy abstract Peson Data element needed for bi-lingual schema (substitution groups)</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="PersonData" type="PersonDataType" substitutionGroup="AbstractPersonData">
+ <xs:annotation>
+ <xs:documentation>element of signed person datastructure type</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="CompactPersonData">
+ <xs:annotation>
+ <xs:documentation>element of signed person datastructure type</xs:documentation>
+ </xs:annotation>
+ <xs:complexType>
+ <xs:sequence>
+ <xs:choice>
+ <xs:element ref="CompactPhysicalPerson"/>
+ <xs:element ref="CompactCorporateBody"/>
+ </xs:choice>
+ <xs:choice minOccurs="0" maxOccurs="unbounded">
+ <xs:element ref="InternetAddress"/>
+ <xs:element ref="TelephoneAddress"/>
+ <xs:element ref="CompactPostalAddress"/>
+ </xs:choice>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <!-- ### base type for person data ### -->
+ <xs:element name="Person" type="AbstractPersonType">
+ <xs:annotation>
+ <xs:documentation>element of person type, essential abstract, subsitute PhysicalPerson or CorporateBody instead or use with xsi:type="..."</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <!-- ### physical person and corporate body ### -->
+ <xs:element name="PhysicalPerson" type="PhysicalPersonType" substitutionGroup="Person">
+ <xs:annotation>
+ <xs:documentation>element of physical person type, dreived from Person (abstract)</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="CompactPhysicalPerson" type="CompactPhysicalPersonType" substitutionGroup="Person">
+ <xs:annotation>
+ <xs:documentation>element of physical person type, dreived from Person (abstract)</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="CorporateBody" type="CorporateBodyType" substitutionGroup="Person">
+ <xs:annotation>
+ <xs:documentation>element of corporate body type, derived from Person</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="CompactCorporateBody" type="CompactCorporateBodyType" substitutionGroup="Person">
+ <xs:annotation>
+ <xs:documentation>element of corporate body type, derived from Person</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <!--### complex child elements of person, also available as standalone ###-->
+ <xs:element name="Name" type="PersonNameType">
+ <xs:annotation>
+ <xs:documentation>data related to the person's name</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="CompactName" type="CompactPersonNameType">
+ <xs:annotation>
+ <xs:documentation>data related to the person's name</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="AlternativeName">
+ <xs:annotation>
+ <xs:documentation>Former name, Artist name, changes of Given name ..., compare AlternativName</xs:documentation>
+ </xs:annotation>
+ <xs:complexType>
+ <xs:complexContent>
+ <xs:extension base="PersonNameType">
+ <xs:attribute name="Type" type="AlternativeNameTypeType"/>
+ </xs:extension>
+ </xs:complexContent>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="relatedPerson">
+ <xs:annotation>
+ <xs:documentation>relatives (parents, ...), compare Verwandter</xs:documentation>
+ </xs:annotation>
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="TypeOfRelation" type="RelationType" minOccurs="0" maxOccurs="unbounded">
+ <xs:annotation>
+ <xs:documentation>type of the relationship, compare Verwandschftsgrad</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element ref="PhysicalPerson"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <!-- ### adress data for various types of communications ### -->
+ <xs:element name="Address" type="AbstractAddressType">
+ <xs:annotation>
+ <xs:documentation>element of address type, essentially abstract. Use InternetAddress, TelephoneAddress, PostalAddress, TypedPostalAddress instead, or use Address with xsi:type Attribute</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="PostalAddress" type="PostalAddressType" substitutionGroup="Address">
+ <xs:annotation>
+ <xs:documentation>Postal or ZMR Address, compare PostAdresse</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="CompactPostalAddress" type="CompactPostalAddressType" substitutionGroup="Address">
+ <xs:annotation>
+ <xs:documentation>Postal or ZMR Address, compare PostAdresse</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="TypedPostalAddress" type="TypedPostalAddressType" substitutionGroup="Address">
+ <xs:annotation>
+ <xs:documentation>Typed Postal or ZMR Address, compare TypisiertePostAdresse</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="InternetAddress" type="InternetAddressType" substitutionGroup="Address">
+ <xs:annotation>
+ <xs:documentation>InternetAdress such as e-mail or website, compare InternetAdresse</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="TelephoneAddress" type="TelephoneAddressType" substitutionGroup="Address">
+ <xs:annotation>
+ <xs:documentation>Typed TelephoneAddress, compare TelefonAdresse</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="BankConnection" type="BankConnectionType">
+ <xs:annotation>
+ <xs:documentation>National or international bank connection, compare Bankverbindung</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <!-- ### Identification elements ###-->
+ <xs:element name="AbstractSimpleIdentification" type="AbstractSimpleIdentificationType">
+ <xs:annotation>
+ <xs:documentation>possibility to include common austrian primary keys in human readable way, english translation not available</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="ZMRzahl" substitutionGroup="AbstractSimpleIdentification">
+ <xs:complexType>
+ <xs:simpleContent>
+ <xs:extension base="AbstractSimpleIdentificationType">
+ <xs:attribute name="Identifier" type="xs:string" fixed="ZMR"/>
+ </xs:extension>
+ </xs:simpleContent>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="Stammzahl" type="AbstractSimpleIdentificationType" substitutionGroup="AbstractSimpleIdentification"/>
+ <xs:element name="Firmenbuchnummer" substitutionGroup="AbstractSimpleIdentification">
+ <xs:complexType>
+ <xs:simpleContent>
+ <xs:extension base="AbstractSimpleIdentificationType">
+ <xs:attribute name="Identifier" type="xs:string" fixed="FN"/>
+ </xs:extension>
+ </xs:simpleContent>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="ERJPZahl" substitutionGroup="AbstractSimpleIdentification">
+ <xs:annotation>
+ <xs:documentation>Ergänzungsregister für nicht-natürliche Personen (CorporateBody)</xs:documentation>
+ </xs:annotation>
+ <xs:complexType>
+ <xs:simpleContent>
+ <xs:extension base="AbstractSimpleIdentificationType">
+ <xs:attribute name="Identifier" type="xs:string" fixed="ERJ"/>
+ </xs:extension>
+ </xs:simpleContent>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="Vereinsnummer" substitutionGroup="AbstractSimpleIdentification">
+ <xs:complexType>
+ <xs:simpleContent>
+ <xs:extension base="AbstractSimpleIdentificationType">
+ <xs:attribute name="Identifier" type="xs:string" fixed="VR"/>
+ </xs:extension>
+ </xs:simpleContent>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="Sozialversicherungsnummer" type="AbstractSimpleIdentificationType" substitutionGroup="AbstractSimpleIdentification"/>
+ <xs:element name="Steuernummer" type="AbstractSimpleIdentificationType" substitutionGroup="AbstractSimpleIdentification"/>
+ <xs:element name="Matrikelnummer" type="AbstractSimpleIdentificationType" substitutionGroup="AbstractSimpleIdentification"/>
+ <!-- ### additional telecom elements - not used internally - german translation not available ###-->
+ <xs:element name="Telephone" type="TelcomNumberType"/>
+ <xs:element name="Mobile" type="MobileTelcomNumberType"/>
+ <xs:element name="Fax" type="TelcomNumberType"/>
+ <xs:element name="Pager" type="TelcomNumberType"/>
+ <xs:element name="TTYTDD" type="TelcomNumberType">
+ <xs:annotation>
+ <xs:documentation>teletyper or telephone for the hearing impaired</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <!--### elements of simple type ####-->
+ <xs:element name="MaritalStatus" type="MaritalStatusType">
+ <xs:annotation>
+ <xs:documentation>status of a person in the cycle of life, compare Familienstand</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="Sex" type="SexType">
+ <xs:annotation>
+ <xs:documentation>gender, comapre Geschlecht</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="DateOfBirth" type="DateOfBirthType">
+ <xs:annotation>
+ <xs:documentation>date of birth, compare Geburtsdatum</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="DateOfDeath" type="DateOfDeathType">
+ <xs:annotation>
+ <xs:documentation>date of death, compare Sterbedatum</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="PlaceOfBirth" type="xs:token">
+ <xs:annotation>
+ <xs:documentation>place of birth, compare Geburtsort</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="CountryOfBirth" type="xs:token">
+ <xs:annotation>
+ <xs:documentation>country of birth, compare Geburtsland</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="StateOfBirth" type="xs:token">
+ <xs:annotation>
+ <xs:documentation>state of birth, comapre Geburtsbundesland</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="Nationality" type="NationalityType">
+ <xs:annotation>
+ <xs:documentation>nationality of Person, compare Staatsangehoerigkeit. attention! New Fomrat is complex, string value accepted for compatibility only</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="Confession" type="xs:token">
+ <xs:annotation>
+ <xs:documentation>confession (religion) of Person - xs:token? gibt es wirklich keine Staaten mit Leerzeichen im Namen?</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="Occupation" type="xs:string">
+ <xs:annotation>
+ <xs:documentation>occupation, compare Beruf</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <!--### complex telephone types ###-->
+ <xs:element name="InternationalCountryCode" type="xs:string">
+ <xs:annotation>
+ <xs:documentation>compare InternationalerLaendercode</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="NationalNumber" type="xs:string">
+ <xs:annotation>
+ <xs:documentation>compare NationalNummer</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="AreaCityCode" type="xs:string">
+ <xs:annotation>
+ <xs:documentation>compare Vorwahl</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="SubscriberNumber" type="xs:string">
+ <xs:annotation>
+ <xs:documentation>compare Anschlussnummer</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="FormattedNumber" type="xs:string">
+ <xs:annotation>
+ <xs:documentation>Complete number, ready formated - e.g. +43 1 5131345 4664 compare FormatierteNummer</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="Extension" type="xs:string">
+ <xs:annotation>
+ <xs:documentation>compare Klappe</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="Identification" type ="IdentificationType">
+ <xs:annotation>
+ <xs:documentation>unique identifier</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <!--### complex types ###-->
+ <xs:complexType name="PersonDataType">
+ <xs:annotation>
+ <xs:documentation>signed person datastructure. The first Identification elements (from the base type) denote the record as such (e.g. database key for this record) - not to be mistaken for identifiers of the person or of an address (they have their own Identification elements).</xs:documentation>
+ </xs:annotation>
+ <xs:complexContent>
+ <xs:extension base="AbstractPersonType">
+ <xs:sequence>
+ <xs:element ref="Person"/>
+ <xs:element ref="Address" minOccurs="0" maxOccurs="unbounded"/>
+ <xs:element ref="dsig:Signature" minOccurs="0" maxOccurs="unbounded">
+ <xs:annotation>
+ <xs:documentation>one or more electronic signatures applied on fields above</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="AdditionalData" minOccurs="0">
+ <xs:annotation>
+ <xs:documentation>container for your Information needs. Contained Elements must reside in a different Namespace</xs:documentation>
+ </xs:annotation>
+ <xs:complexType mixed="true">
+ <xs:sequence minOccurs="0" maxOccurs="unbounded">
+ <xs:any namespace="##any" processContents="lax">
+ <xs:annotation>
+ <xs:documentation>any additional properties</xs:documentation>
+ </xs:annotation>
+ </xs:any>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:extension>
+ </xs:complexContent>
+ </xs:complexType>
+ <xs:complexType name="CompactPersonDataType">
+ <xs:annotation>
+ <xs:documentation>signed person datastructure. The first Identification elements (from the base type) denote the record as such (e.g. database key for this record) - not to be mistaken for identifiers of the person or of an address (they have their own Identification elements).</xs:documentation>
+ </xs:annotation>
+ <xs:complexContent>
+ <xs:extension base="AbstractPersonType">
+ <xs:sequence>
+ <xs:element ref="Person"/>
+ <xs:element ref="Address" minOccurs="0" maxOccurs="unbounded"/>
+ <xs:element ref="dsig:Signature" minOccurs="0" maxOccurs="unbounded">
+ <xs:annotation>
+ <xs:documentation>one or more electronic signatures applied on fields above</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="AdditionalData" minOccurs="0">
+ <xs:annotation>
+ <xs:documentation>container for your Information needs. Contained Elements must reside in a different Namespace</xs:documentation>
+ </xs:annotation>
+ <xs:complexType mixed="true">
+ <xs:sequence minOccurs="0" maxOccurs="unbounded">
+ <xs:any namespace="##any" processContents="lax">
+ <xs:annotation>
+ <xs:documentation>any additional properties</xs:documentation>
+ </xs:annotation>
+ </xs:any>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:extension>
+ </xs:complexContent>
+ </xs:complexType>
+ <xs:complexType name="AbstractSimpleIdentificationType">
+ <xs:simpleContent>
+ <xs:extension base="xs:string"/>
+ </xs:simpleContent>
+ </xs:complexType>
+ <xs:complexType name="IdentificationType">
+ <xs:annotation>
+ <xs:documentation>unique identifier</xs:documentation>
+ </xs:annotation>
+ <xs:sequence>
+ <xs:element name="Value">
+ <xs:annotation>
+ <xs:documentation>actual value of the identifier.</xs:documentation>
+ </xs:annotation>
+ <xs:complexType>
+ <xs:simpleContent>
+ <xs:extension base="xs:string">
+ <xs:attribute name="Id" type="xs:ID" use="optional"/>
+ </xs:extension>
+ </xs:simpleContent>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="Type" type="xs:anyURI">
+ <xs:annotation>
+ <xs:documentation>type of value (eg 'ZMR', 'SV-Nummer', 'Martrikelnummer', database identification, ...)</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="Authority" type="xs:anyURI" minOccurs="0">
+ <xs:annotation>
+ <xs:documentation>authority, which is reponsible for generation of the identifier (eg university in case of 'MatrikelNummer')</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded">
+ <xs:annotation>
+ <xs:documentation>any additional properties</xs:documentation>
+ </xs:annotation>
+ </xs:any>
+ </xs:sequence>
+ <xs:attribute name="Id" type="xs:ID" use="optional"/>
+ <xs:anyAttribute namespace="##other"/>
+ </xs:complexType>
+ <xs:complexType name="AbstractPersonType">
+ <xs:annotation>
+ <xs:documentation>main structure of person data</xs:documentation>
+ </xs:annotation>
+ <xs:choice minOccurs="0">
+ <xs:element ref="Identification" minOccurs="0" maxOccurs="unbounded">
+ <xs:annotation>
+ <xs:documentation>unique identification entities</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element ref="AbstractSimpleIdentification" minOccurs="0" maxOccurs="unbounded"/>
+ </xs:choice>
+ <xs:attribute name="Id" type="xs:ID" use="optional"/>
+ <xs:anyAttribute namespace="##other"/>
+ </xs:complexType>
+ <xs:complexType name="PhysicalPersonType">
+ <xs:annotation>
+ <xs:documentation>physical person, compare NatuerlichePersonTyp</xs:documentation>
+ </xs:annotation>
+ <xs:complexContent>
+ <xs:extension base="AbstractPersonType">
+ <xs:sequence minOccurs="0">
+ <xs:element ref="Name" minOccurs="0"/>
+ <xs:element ref="AlternativeName" minOccurs="0" maxOccurs="unbounded"/>
+ <xs:element ref="MaritalStatus" minOccurs="0"/>
+ <xs:element ref="Sex" minOccurs="0"/>
+ <xs:element ref="DateOfBirth" minOccurs="0"/>
+ <xs:element ref="PlaceOfBirth" minOccurs="0"/>
+ <xs:element ref="StateOfBirth" minOccurs="0"/>
+ <xs:element ref="CountryOfBirth" minOccurs="0"/>
+ <xs:element ref="DateOfDeath" minOccurs="0"/>
+ <xs:element ref="Nationality" minOccurs="0" maxOccurs="unbounded"/>
+ <xs:element ref="Confession" minOccurs="0"/>
+ <xs:element ref="Occupation" minOccurs="0"/>
+ <xs:element ref="relatedPerson" minOccurs="0" maxOccurs="unbounded"/>
+ <xs:element ref="BankConnection" minOccurs="0" maxOccurs="unbounded"/>
+ <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded">
+ <xs:annotation>
+ <xs:documentation>any additional properties</xs:documentation>
+ </xs:annotation>
+ </xs:any>
+ </xs:sequence>
+ </xs:extension>
+ </xs:complexContent>
+ </xs:complexType>
+ <xs:complexType name="CompactPhysicalPersonType">
+ <xs:annotation>
+ <xs:documentation>physical person, compare NatuerlichePersonTyp</xs:documentation>
+ </xs:annotation>
+ <xs:complexContent>
+ <xs:extension base="AbstractPersonType">
+ <xs:sequence minOccurs="0">
+ <xs:element ref="CompactName"/>
+ <xs:element ref="MaritalStatus" minOccurs="0"/>
+ <xs:element ref="Sex" minOccurs="0"/>
+ <xs:element ref="DateOfBirth" minOccurs="0"/>
+ <xs:element ref="PlaceOfBirth" minOccurs="0"/>
+ <xs:element ref="Nationality" minOccurs="0" maxOccurs="unbounded"/>
+ <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded">
+ <xs:annotation>
+ <xs:documentation>any additional properties</xs:documentation>
+ </xs:annotation>
+ </xs:any>
+ </xs:sequence>
+ </xs:extension>
+ </xs:complexContent>
+ </xs:complexType>
+ <xs:complexType name="CorporateBodyType">
+ <xs:annotation>
+ <xs:documentation>juridical person, organisation, compare NichtNatuerlichePersonTyp</xs:documentation>
+ </xs:annotation>
+ <xs:complexContent>
+ <xs:extension base="AbstractPersonType">
+ <xs:sequence minOccurs="0">
+ <xs:element name="Type" type="xs:anyURI" minOccurs="0" maxOccurs="unbounded">
+ <xs:annotation>
+ <xs:documentation>URI pointing to a predefined Class of CorporateBodies, compare Typ</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="FullName" type="xs:token" minOccurs="0">
+ <xs:annotation>
+ <xs:documentation>name of corporate body (whole name), compare VollerName</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="AlternativeName" type="xs:token" minOccurs="0" maxOccurs="unbounded">
+ <xs:annotation>
+ <xs:documentation>alternative names of corporate body (abbreviations, short name, synonyms, ...), comapre AlternativName</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="LegalForm" type="xs:anyURI" minOccurs="0">
+ <xs:annotation>
+ <xs:documentation>type of company (eg AG, OHG, ...), URI pointing to predefined LegalForm, compare Rechtsform</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="Organization" type="xs:token" minOccurs="0">
+ <xs:annotation>
+ <xs:documentation>part of an organisation, see also X.500 ou (eg departement, section, branch, ...) , compare Organisation</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element ref="BankConnection" minOccurs="0" maxOccurs="unbounded"/>
+ <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded">
+ <xs:annotation>
+ <xs:documentation>any additional properties</xs:documentation>
+ </xs:annotation>
+ </xs:any>
+ </xs:sequence>
+ </xs:extension>
+ </xs:complexContent>
+ </xs:complexType>
+ <xs:complexType name="CompactCorporateBodyType">
+ <xs:annotation>
+ <xs:documentation>juridical person, organisation, compare NichtNatuerlichePersonTyp</xs:documentation>
+ </xs:annotation>
+ <xs:complexContent>
+ <xs:extension base="AbstractPersonType">
+ <xs:sequence minOccurs="0">
+ <xs:element name="Type" type="xs:anyURI" minOccurs="0" maxOccurs="unbounded">
+ <xs:annotation>
+ <xs:documentation>URI pointing to a predefined Class of CorporateBodies, compare Typ</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="FullName" type="xs:token">
+ <xs:annotation>
+ <xs:documentation>name of corporate body (whole name), compare VollerName</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="LegalForm" type="xs:anyURI" minOccurs="0">
+ <xs:annotation>
+ <xs:documentation>type of company (eg AG, OHG, ...), URI pointing to predefined LegalForm, compare Rechtsform</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="Organization" type="xs:token" minOccurs="0">
+ <xs:annotation>
+ <xs:documentation>part of an organisation, see also X.500 ou (eg departement, section, branch, ...) , compare Organisation</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded">
+ <xs:annotation>
+ <xs:documentation>any additional properties</xs:documentation>
+ </xs:annotation>
+ </xs:any>
+ </xs:sequence>
+ </xs:extension>
+ </xs:complexContent>
+ </xs:complexType>
+ <xs:complexType name="PersonNameType">
+ <xs:annotation>
+ <xs:documentation>container for parts of a name, comapre PersonenNameTyp</xs:documentation>
+ </xs:annotation>
+ <xs:sequence>
+ <xs:element name="FormattedName" minOccurs="0" maxOccurs="unbounded">
+ <xs:annotation>
+ <xs:documentation>Complete Name (including Affixes) of the Person, especially useful for names from different cultural environments</xs:documentation>
+ </xs:annotation>
+ <xs:complexType>
+ <xs:simpleContent>
+ <xs:extension base="xs:string">
+ <xs:attribute name="type" default="presentation">
+ <xs:simpleType>
+ <xs:restriction base="xs:string">
+ <xs:enumeration value="presentation"/>
+ <xs:enumeration value="legal"/>
+ <xs:enumeration value="sortOrder"/>
+ </xs:restriction>
+ </xs:simpleType>
+ </xs:attribute>
+ </xs:extension>
+ </xs:simpleContent>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="LegalName" type="xs:string" minOccurs="0"/>
+ <xs:element name="GivenName" type="xs:string" minOccurs="0" maxOccurs="unbounded">
+ <xs:annotation>
+ <xs:documentation>Every given name should be contained inside a GivenName Tag. If that is not possible due to dabase contraints, ... putting several given names inside one GivenName Element is acceptable</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="PreferredGivenName" type="xs:string" minOccurs="0">
+ <xs:annotation>
+ <xs:documentation>A Person in possesion of more than one GivenName frequently preferrs the use of a Name other than the first GivenName</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="MiddleName" type="xs:string" minOccurs="0">
+ <xs:annotation>
+ <xs:documentation>MiddleNames are not commonly found in central Europe. The field is mainly for compatibility reasons</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="FamilyName" minOccurs="0" maxOccurs="unbounded">
+ <xs:annotation>
+ <xs:documentation>Every family name should be contained inside a FamilyName Tag. If that is not possible due to dabase contraints, ... putting several family names inside one FamilyName Element is acceptable</xs:documentation>
+ </xs:annotation>
+ <xs:complexType>
+ <xs:simpleContent>
+ <xs:extension base="xs:string">
+ <xs:attribute name="primary" default="undefined">
+ <xs:simpleType>
+ <xs:restriction base="xs:string">
+ <xs:enumeration value="true"/>
+ <xs:enumeration value="false"/>
+ <xs:enumeration value="undefined"/>
+ </xs:restriction>
+ </xs:simpleType>
+ </xs:attribute>
+ <xs:attribute name="prefix" type="xs:string"/>
+ </xs:extension>
+ </xs:simpleContent>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="Affix" minOccurs="0" maxOccurs="unbounded">
+ <xs:annotation>
+ <xs:documentation>Inlcudes all Information that is not exactly a name: academic or aristocratic titles, ... the new position attribute can contain a suffx or prefix value</xs:documentation>
+ </xs:annotation>
+ <xs:complexType>
+ <xs:simpleContent>
+ <xs:extension base="xs:string">
+ <xs:attribute name="type" use="optional">
+ <xs:simpleType>
+ <xs:restriction base="xs:string">
+ <xs:enumeration value="academicGrade"/>
+ <xs:enumeration value="aristocraticPrefix"/>
+ <xs:enumeration value="aristocraticTitle"/>
+ <xs:enumeration value="familyNamePrefix"/>
+ <xs:enumeration value="familyNameSuffix"/>
+ <xs:enumeration value="formOfAddress"/>
+ <xs:enumeration value="generation"/>
+ <xs:enumeration value="qualification"/>
+ </xs:restriction>
+ </xs:simpleType>
+ </xs:attribute>
+ <xs:attribute name="position" use="optional">
+ <xs:simpleType>
+ <xs:restriction base="xs:string">
+ <xs:enumeration value="prefix"/>
+ <xs:enumeration value="suffix"/>
+ </xs:restriction>
+ </xs:simpleType>
+ </xs:attribute>
+ </xs:extension>
+ </xs:simpleContent>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ <xs:complexType name="CompactPersonNameType">
+ <xs:annotation>
+ <xs:documentation>container for parts of a name, comapre PersonenNameTyp</xs:documentation>
+ </xs:annotation>
+ <xs:sequence>
+ <xs:element name="GivenName" type="xs:string" maxOccurs="unbounded">
+ <xs:annotation>
+ <xs:documentation>Every given name should be contained inside a GivenName Tag. If that is not possible due to dabase contraints, ... putting several given names inside one GivenName Element is acceptable</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="FamilyName" maxOccurs="unbounded">
+ <xs:annotation>
+ <xs:documentation>Every family name should be contained inside a FamilyName Tag. If that is not possible due to dabase contraints, ... putting several family names inside one FamilyName Element is acceptable</xs:documentation>
+ </xs:annotation>
+ <xs:complexType>
+ <xs:simpleContent>
+ <xs:extension base="xs:string">
+ <xs:attribute name="primary" default="undefined">
+ <xs:simpleType>
+ <xs:restriction base="xs:string">
+ <xs:enumeration value="true"/>
+ <xs:enumeration value="false"/>
+ <xs:enumeration value="undefined"/>
+ </xs:restriction>
+ </xs:simpleType>
+ </xs:attribute>
+ <xs:attribute name="prefix" type="xs:string"/>
+ </xs:extension>
+ </xs:simpleContent>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="Affix" minOccurs="0" maxOccurs="unbounded">
+ <xs:annotation>
+ <xs:documentation>Inlcudes all Information that is not exactly a name: academic or aristocratic titles, ... the new position attribute can contain a suffx or prefix value</xs:documentation>
+ </xs:annotation>
+ <xs:complexType>
+ <xs:simpleContent>
+ <xs:extension base="xs:string">
+ <xs:attribute name="type" use="optional">
+ <xs:simpleType>
+ <xs:restriction base="xs:string">
+ <xs:enumeration value="academicGrade"/>
+ <xs:enumeration value="aristocraticPrefix"/>
+ <xs:enumeration value="aristocraticTitle"/>
+ <xs:enumeration value="familyNamePrefix"/>
+ <xs:enumeration value="familyNameSuffix"/>
+ <xs:enumeration value="formOfAddress"/>
+ <xs:enumeration value="generation"/>
+ <xs:enumeration value="qualification"/>
+ </xs:restriction>
+ </xs:simpleType>
+ </xs:attribute>
+ <xs:attribute name="position" use="optional">
+ <xs:simpleType>
+ <xs:restriction base="xs:string">
+ <xs:enumeration value="prefix"/>
+ <xs:enumeration value="suffix"/>
+ </xs:restriction>
+ </xs:simpleType>
+ </xs:attribute>
+ </xs:extension>
+ </xs:simpleContent>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ <xs:complexType name="NationalityType" mixed="true">
+ <xs:annotation>
+ <xs:documentation>comapre, StaatsangehoerigkeitTyp</xs:documentation>
+ </xs:annotation>
+ <xs:sequence>
+ <xs:element name="ISOCode3" minOccurs="0">
+ <xs:simpleType>
+ <xs:restriction base="xs:string">
+ <xs:length value="3"/>
+ </xs:restriction>
+ </xs:simpleType>
+ </xs:element>
+ <xs:element name="CountryNameDE" type="xs:string" minOccurs="0"/>
+ <xs:element name="CountryNameEN" type="xs:string" minOccurs="0"/>
+ <xs:element name="CountryNameFR" type="xs:string" minOccurs="0"/>
+ <xs:any namespace="##other" processContents="lax"/>
+ </xs:sequence>
+ </xs:complexType>
+ <xs:complexType name="BankConnectionType">
+ <xs:annotation>
+ <xs:documentation>compare BankverbindungTyp</xs:documentation>
+ </xs:annotation>
+ <xs:sequence>
+ <xs:element name="Holder" type="xs:string">
+ <xs:annotation>
+ <xs:documentation>Account holder, compare Inhaber</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="BankName" type="xs:string">
+ <xs:annotation>
+ <xs:documentation>compare BankName</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:choice>
+ <xs:element name="NationalBankConnection">
+ <xs:annotation>
+ <xs:documentation>compare NationaleBankverbindung</xs:documentation>
+ </xs:annotation>
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="AccountNumber" type="xs:integer">
+ <xs:annotation>
+ <xs:documentation>compare Kontonummer</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="BankCode" type="xs:integer">
+ <xs:annotation>
+ <xs:documentation>compare BLZ</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="InternationalBankConnection">
+ <xs:annotation>
+ <xs:documentation>compare InternationaleBankverbindung</xs:documentation>
+ </xs:annotation>
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="IBAN" type="xs:string">
+ <xs:annotation>
+ <xs:documentation>compare IBAN</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="BIC" type="xs:string">
+ <xs:annotation>
+ <xs:documentation>comapre BIC</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:choice>
+ </xs:sequence>
+ </xs:complexType>
+ <xs:complexType name="AbstractAddressType">
+ <xs:annotation>
+ <xs:documentation>main structure of address data</xs:documentation>
+ </xs:annotation>
+ <xs:sequence minOccurs="0">
+ <xs:element ref="Identification" minOccurs="0" maxOccurs="unbounded">
+ <xs:annotation>
+ <xs:documentation>unique identification entities</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ </xs:sequence>
+ <xs:attribute name="Id" type="xs:ID" use="optional"/>
+ <xs:anyAttribute namespace="##other"/>
+ </xs:complexType>
+ <xs:complexType name="TypedPostalAddressType">
+ <xs:annotation>
+ <xs:documentation>postal address with type information, compare TypisiertePostAdresseTyp</xs:documentation>
+ </xs:annotation>
+ <xs:complexContent>
+ <xs:extension base="AbstractAddressType">
+ <xs:sequence minOccurs="0">
+ <xs:element name="Type" type="xs:anyURI" minOccurs="0">
+ <xs:annotation>
+ <xs:documentation>type of address - category (eg 'Wohnsitz', 'Zentrale', ...)</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element ref="PostalAddress"/>
+ <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded">
+ <xs:annotation>
+ <xs:documentation>any additional properties</xs:documentation>
+ </xs:annotation>
+ </xs:any>
+ </xs:sequence>
+ </xs:extension>
+ </xs:complexContent>
+ </xs:complexType>
+ <xs:complexType name="PostalAddressType">
+ <xs:annotation>
+ <xs:documentation>compare PostAdresseTyp</xs:documentation>
+ </xs:annotation>
+ <xs:complexContent>
+ <xs:extension base="AbstractAddressType">
+ <xs:sequence>
+ <xs:element name="CountryCode" minOccurs="0">
+ <xs:annotation>
+ <xs:documentation>Code for the country, use ISO or internatinal Postalstandard, compare Staatscode</xs:documentation>
+ </xs:annotation>
+ <xs:simpleType>
+ <xs:restriction base="xs:string">
+ <xs:pattern value="[A-Z]{2}"/>
+ </xs:restriction>
+ </xs:simpleType>
+ </xs:element>
+ <xs:element name="CountryName" type="xs:string" minOccurs="0">
+ <xs:annotation>
+ <xs:documentation>Name of the country, use ISO Name, or international Postal Standard, compare Staatsname</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="PostalCode" type="xs:string" minOccurs="0">
+ <xs:annotation>
+ <xs:documentation>ZIP, compare Postleitzahl</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="Region" type="xs:string" minOccurs="0" maxOccurs="unbounded">
+ <xs:annotation>
+ <xs:documentation>compare Region</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="State" type="xs:string" minOccurs="0">
+ <xs:annotation>
+ <xs:documentation>compare Bundesland</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="Municipality" type="xs:string" minOccurs="0">
+ <xs:annotation>
+ <xs:documentation>compare Gemeinde</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="MunicipalityNumber" type="xs:string" minOccurs="0">
+ <xs:annotation>
+ <xs:documentation>compare Gemeindekennzahl</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="Hamlet" type="xs:string" minOccurs="0">
+ <xs:annotation>
+ <xs:documentation>ZMR use, compare Ortschaft</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="HamletBilingual" type="xs:string" minOccurs="0">
+ <xs:annotation>
+ <xs:documentation>ZMR use, comapre OrtschaftZweisprachig</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="DeliveryAddress" minOccurs="0">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="AddressLine" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
+ <xs:element name="StreetName" type="xs:string" minOccurs="0"/>
+ <xs:element name="BuildingNumber" type="xs:string" minOccurs="0"/>
+ <xs:element name="Unit" type="xs:string" minOccurs="0"/>
+ <xs:element name="DoorNumber" type="xs:string" minOccurs="0"/>
+ <xs:element name="PostOfficeBox" type="xs:string" minOccurs="0"/>
+ <xs:element name="LivingQuality" type="xs:string" minOccurs="0">
+ <xs:annotation>
+ <xs:documentation>zmr use only</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="DropOffPoint" type="xs:boolean" minOccurs="0">
+ <xs:annotation>
+ <xs:documentation>zmr use only</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="AreaNumber" type="xs:string" minOccurs="0"/>
+ <xs:element name="AddressRegisterEntry" minOccurs="0">
+ <xs:annotation>
+ <xs:documentation>Addressregister database keys used to identify Addresses</xs:documentation>
+ </xs:annotation>
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="AddressCode" type="string7"/>
+ <xs:element name="SubCode" type="string3" minOccurs="0"/>
+ <xs:element name="ObjectNumber" type="string7" minOccurs="0"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="Recipient" minOccurs="0" maxOccurs="unbounded">
+ <xs:annotation>
+ <xs:documentation>If Addressis used outside of PersonData a recipient can be specified</xs:documentation>
+ </xs:annotation>
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="PersonName" type="PersonNameType" minOccurs="0"/>
+ <xs:element name="AdditionalText" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
+ <xs:element name="Organization" type="xs:string" minOccurs="0">
+ <xs:annotation>
+ <xs:documentation>rather OrganizationUnit e.G Sales Departement</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="OrganizationName" type="xs:string" minOccurs="0">
+ <xs:annotation>
+ <xs:documentation>e.g. Smith Ltd</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ <xs:attribute name="type" default="undefined">
+ <xs:simpleType>
+ <xs:restriction base="xs:string">
+ <xs:enumeration value="postOfficeBoxAddress"/>
+ <xs:enumeration value="streetAddress"/>
+ <xs:enumeration value="militaryAddress"/>
+ <xs:enumeration value="undefined"/>
+ </xs:restriction>
+ </xs:simpleType>
+ </xs:attribute>
+ </xs:extension>
+ </xs:complexContent>
+ </xs:complexType>
+ <xs:complexType name="CompactPostalAddressType">
+ <xs:annotation>
+ <xs:documentation>compare PostAdresseTyp</xs:documentation>
+ </xs:annotation>
+ <xs:complexContent>
+ <xs:extension base="AbstractAddressType">
+ <xs:sequence>
+ <xs:element name="CountryCode" minOccurs="0">
+ <xs:annotation>
+ <xs:documentation>Code for the country, use ISO or internatinal Postalstandard, compare Staatscode</xs:documentation>
+ </xs:annotation>
+ <xs:simpleType>
+ <xs:restriction base="xs:string">
+ <xs:pattern value="[A-Z]{2}"/>
+ </xs:restriction>
+ </xs:simpleType>
+ </xs:element>
+ <xs:element name="CountryName" type="xs:string" minOccurs="0">
+ <xs:annotation>
+ <xs:documentation>Name of the country, use ISO Name, or international Postal Standard, compare Staatsname</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="PostalCode" type="xs:string">
+ <xs:annotation>
+ <xs:documentation>ZIP, compare Postleitzahl</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="Municipality" type="xs:string">
+ <xs:annotation>
+ <xs:documentation>compare Gemeinde</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="DeliveryAddress">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="StreetName" type="xs:string">
+ <xs:annotation>
+ <xs:documentation>if streetname not available use name of Ortschaft</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="BuildingNumber" type="xs:string"/>
+ <xs:element name="Unit" type="xs:string" minOccurs="0"/>
+ <xs:element name="DoorNumber" type="xs:string" minOccurs="0"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ <xs:attribute name="type" default="undefined">
+ <xs:simpleType>
+ <xs:restriction base="xs:string">
+ <xs:enumeration value="postOfficeBoxAddress"/>
+ <xs:enumeration value="streetAddress"/>
+ <xs:enumeration value="militaryAddress"/>
+ <xs:enumeration value="undefined"/>
+ </xs:restriction>
+ </xs:simpleType>
+ </xs:attribute>
+ </xs:extension>
+ </xs:complexContent>
+ </xs:complexType>
+ <xs:complexType name="InternetAddressType">
+ <xs:annotation>
+ <xs:documentation>e.g. e-mail, webiste, compare InternetAdresseTyp</xs:documentation>
+ </xs:annotation>
+ <xs:complexContent>
+ <xs:extension base="AbstractAddressType">
+ <xs:sequence minOccurs="0">
+ <xs:element ref="dsig:KeyInfo" minOccurs="0">
+ <xs:annotation>
+ <xs:documentation>certificate for secure communication</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="Address" type="xs:anyURI">
+ <xs:annotation>
+ <xs:documentation>URI: email-Address, Web, FTP, LDAP, ..., comapre Adress</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded">
+ <xs:annotation>
+ <xs:documentation>any additional properties</xs:documentation>
+ </xs:annotation>
+ </xs:any>
+ </xs:sequence>
+ </xs:extension>
+ </xs:complexContent>
+ </xs:complexType>
+ <xs:complexType name="TelephoneAddressType">
+ <xs:annotation>
+ <xs:documentation>phone numbers, conmpare TelephoneAdresseTyp</xs:documentation>
+ </xs:annotation>
+ <xs:complexContent>
+ <xs:extension base="AbstractAddressType">
+ <xs:sequence minOccurs="0">
+ <xs:element name="Type" type="xs:anyURI" minOccurs="0" maxOccurs="unbounded">
+ <xs:annotation>
+ <xs:documentation>type of phononumber - category (eg 'Festnetz', 'Mobile', 'fax', ...)</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="Number" type="TelcomNumberType">
+ <xs:annotation>
+ <xs:documentation>phonenumber</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded">
+ <xs:annotation>
+ <xs:documentation>any additional properties</xs:documentation>
+ </xs:annotation>
+ </xs:any>
+ </xs:sequence>
+ </xs:extension>
+ </xs:complexContent>
+ </xs:complexType>
+ <xs:complexType name="MobileTelcomNumberType">
+ <xs:annotation>
+ <xs:documentation>like TelephoneAddresseType but with additional smsEnabled attribute</xs:documentation>
+ </xs:annotation>
+ <xs:complexContent>
+ <xs:extension base="TelcomNumberType">
+ <xs:attribute name="smsEnabled" type="xs:boolean" use="optional"/>
+ </xs:extension>
+ </xs:complexContent>
+ </xs:complexType>
+ <xs:complexType name="TelcomNumberType">
+ <xs:annotation>
+ <xs:documentation>formated number or set of telephone number parts</xs:documentation>
+ </xs:annotation>
+ <xs:choice>
+ <xs:element ref="FormattedNumber"/>
+ <xs:group ref="TelcomNumberGroup"/>
+ </xs:choice>
+ </xs:complexType>
+ <xs:group name="TelcomNumberGroup">
+ <xs:annotation>
+ <xs:documentation>set of telephone number parts</xs:documentation>
+ </xs:annotation>
+ <xs:sequence>
+ <xs:element ref="InternationalCountryCode" minOccurs="0"/>
+ <xs:element ref="NationalNumber" minOccurs="0"/>
+ <xs:element ref="AreaCityCode" minOccurs="0"/>
+ <xs:element ref="SubscriberNumber"/>
+ <xs:element ref="Extension" minOccurs="0"/>
+ </xs:sequence>
+ </xs:group>
+ <!-- ### auxiliary types ### -->
+ <xs:simpleType name="SexType">
+ <xs:annotation>
+ <xs:documentation>simple type for sex (gender) of person</xs:documentation>
+ </xs:annotation>
+ <xs:restriction base="xs:token">
+ <xs:enumeration value="male"/>
+ <xs:enumeration value="female"/>
+ <xs:enumeration value="unknown"/>
+ </xs:restriction>
+ </xs:simpleType>
+ <xs:simpleType name="DateOfBirthType">
+ <xs:annotation>
+ <xs:documentation>simple type for dates (union), which may omit day and/or month</xs:documentation>
+ </xs:annotation>
+ <xs:union memberTypes="xs:date xs:gYearMonth xs:gYear"/>
+ </xs:simpleType>
+ <xs:simpleType name="DateOfDeathType">
+ <xs:annotation>
+ <xs:documentation>simple type for dates (union), which may omit day and/or month</xs:documentation>
+ </xs:annotation>
+ <xs:union memberTypes="xs:date xs:gYearMonth xs:gYear"/>
+ </xs:simpleType>
+ <xs:simpleType name="MaritalStatusType">
+ <xs:annotation>
+ <xs:documentation>simple type for marital status of a person</xs:documentation>
+ </xs:annotation>
+ <xs:restriction base="xs:token">
+ <xs:enumeration value="single"/>
+ <xs:enumeration value="married"/>
+ <xs:enumeration value="divorced"/>
+ <xs:enumeration value="widowed"/>
+ </xs:restriction>
+ </xs:simpleType>
+ <xs:simpleType name="xStringPatternExtensionType">
+ <xs:annotation>
+ <xs:documentation>pattern type for enlargement of type definitions. Contents as follows
+x:sometext or 12345 or _ or other symbols
+</xs:documentation>
+ </xs:annotation>
+ <xs:restriction base="xs:string">
+ <xs:pattern value="x:\S.*"/>
+ </xs:restriction>
+ </xs:simpleType>
+ <xs:simpleType name="DefinedRelationType">
+ <xs:annotation>
+ <xs:documentation>known relations (family + functional)</xs:documentation>
+ </xs:annotation>
+ <xs:restriction base="xs:string">
+ <xs:enumeration value="family:Parent"/>
+ <xs:enumeration value="family:Child"/>
+ <xs:enumeration value="family:Sibling"/>
+ <xs:enumeration value="family:Grandparent"/>
+ <xs:enumeration value="family:Grandchild"/>
+ <xs:enumeration value="family:Spouse"/>
+ <xs:enumeration value="function:LegalGuardian"/>
+ <xs:enumeration value="function:IsGuardedBy"/>
+ <xs:enumeration value="function:Cohabitant"/>
+ </xs:restriction>
+ </xs:simpleType>
+ <xs:simpleType name="RelationType">
+ <xs:annotation>
+ <xs:documentation>known + any other relation</xs:documentation>
+ </xs:annotation>
+ <xs:union memberTypes="xStringPatternExtensionType DefinedRelationType"/>
+ </xs:simpleType>
+ <xs:simpleType name="DefinedAlternativeNameTypeType">
+ <xs:annotation>
+ <xs:documentation>known types of alternative names</xs:documentation>
+ </xs:annotation>
+ <xs:restriction base="xs:string">
+ <xs:enumeration value="ArtistName"/>
+ <xs:enumeration value="NickName"/>
+ <xs:enumeration value="FormerName"/>
+ <xs:enumeration value="Alias"/>
+ <xs:enumeration value="MaidenName"/>
+ </xs:restriction>
+ </xs:simpleType>
+ <xs:simpleType name="AlternativeNameTypeType">
+ <xs:annotation>
+ <xs:documentation>known + any other alternative name types</xs:documentation>
+ </xs:annotation>
+ <xs:union memberTypes="xStringPatternExtensionType DefinedAlternativeNameTypeType"/>
+ </xs:simpleType>
+ <!-- ### additional data types for ZMR address #### -->
+ <xs:simpleType name="FederalStateType">
+ <xs:annotation>
+ <xs:documentation>zmr use only</xs:documentation>
+ </xs:annotation>
+ <xs:restriction base="xs:string">
+ <xs:enumeration value="Wien"/>
+ <xs:enumeration value="Niederösterreich"/>
+ <xs:enumeration value="Burgenland"/>
+ <xs:enumeration value="Oberösterreich"/>
+ <xs:enumeration value="Steiermark"/>
+ <xs:enumeration value="Salzburg"/>
+ <xs:enumeration value="Kärnten"/>
+ <xs:enumeration value="Tirol"/>
+ <xs:enumeration value="Vorarlberg"/>
+ </xs:restriction>
+ </xs:simpleType>
+ <!-- ### strings of defined maximum lenght for use with ZMR address ###-->
+ <xs:simpleType name="string3">
+ <xs:restriction base="xs:string">
+ <xs:maxLength value="3"/>
+ </xs:restriction>
+ </xs:simpleType>
+ <xs:simpleType name="string4">
+ <xs:restriction base="xs:string">
+ <xs:maxLength value="4"/>
+ </xs:restriction>
+ </xs:simpleType>
+ <xs:simpleType name="string7">
+ <xs:restriction base="xs:string">
+ <xs:maxLength value="7"/>
+ </xs:restriction>
+ </xs:simpleType>
+ <xs:simpleType name="string20">
+ <xs:restriction base="xs:string">
+ <xs:maxLength value="20"/>
+ </xs:restriction>
+ </xs:simpleType>
+ <xs:simpleType name="string30">
+ <xs:restriction base="xs:string">
+ <xs:maxLength value="30"/>
+ </xs:restriction>
+ </xs:simpleType>
+ <xs:simpleType name="string50">
+ <xs:restriction base="xs:string">
+ <xs:maxLength value="50"/>
+ </xs:restriction>
+ </xs:simpleType>
+ <xs:simpleType name="string100">
+ <xs:restriction base="xs:string">
+ <xs:maxLength value="100"/>
+ </xs:restriction>
+ </xs:simpleType>
+ <xs:simpleType name="integer5">
+ <xs:restriction base="xs:integer">
+ <xs:minInclusive value="10000"/>
+ <xs:maxInclusive value="99999"/>
+ </xs:restriction>
+ </xs:simpleType>
+</xs:schema>
diff --git a/common/src/main/resources/resources/schemas/PersonName-1_2.xsd b/common/src/main/resources/resources/schemas/PersonName-1_2.xsd new file mode 100644 index 000000000..347ed3d7f --- /dev/null +++ b/common/src/main/resources/resources/schemas/PersonName-1_2.xsd @@ -0,0 +1,115 @@ +<?xml version="1.0" encoding="UTF-8"?>
+<!-- CHANGES from original HR-XML schema for use with PersonData.xsd:
+ * elementFormDefault set to "qualified" -->
+<!--
+"Copyright The HR-XML Consortium. All Rights Reserved. http://www.hr-xml.org"
+Name: PersonName-1_2.xsd, Second Edition
+Status: Recommendation
+Date this version: 2001-12-17
+Date last version: 2001-09-05
+Purpose: Defines the schema for PersonName
+Author(s): Paul Kiel, Kim Bartkus, CPO Workgroup
+
+Note: This Second Edition corrects an inconsistency between the schema in this xsd file and the schema in the pdf documentation. The documentation is correct. This schema was changed in syntax only, not functionality. When adding attributes to elements, "xsd:restriction" was used. This Second Edition correctly changes it to "xsd:extension".
+
+This HR-XML Consortium Work (including specifications, documents,
+software, and related items) is provided by the copyright holders
+under the following license. By obtaining, using and/or copying
+this work, you (the licensee) agree that you have read, understood,
+and will comply with the following terms and conditions.
+
+Permission to use, copy, modify, or redistribute this Work and
+its documentation, with or without modification, for any purpose
+and without fee or royalty is hereby granted, provided that you
+include the following on ALL copies of the software and
+documentation or portions thereof, including modifications,
+that you make:
+
+1. This notice: "Copyright The HR-XML Consortium. All Rights
+ Reserved. http://www.hr-xml.org"
+2. Notice of any changes or modifications to the The HR-XML
+ Consortium files.
+
+THIS WORK, INCLUDING SPECIFICATIONS, DOCUMENTS, SOFTWARE, OR OTHER
+RELATED ITEMS, IS PROVIDED "AS IS," AND COPYRIGHT HOLDERS MAKE NO
+REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT
+NOT LIMITED TO, WARRANTIES OF MERCHANTABILITY OR FITNESS FOR ANY
+PARTICULAR PURPOSE OR THAT THE USE OF THE SOFTWARE OR DOCUMENTATION
+WILL NOT INFRINGE ANY THIRD PARTY PATENTS, COPYRIGHTS, TRADEMARKS
+OR OTHER RIGHTS.
+
+COPYRIGHT HOLDERS WILL NOT BE LIABLE FOR ANY DIRECT, INDIRECT,
+SPECIAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF ANY USE OF THE
+SOFTWARE OR DOCUMENTATION.
+
+TITLE TO COPYRIGHT IN THIS WORK AND ANY ASSOCIATED DOCUMENTATION
+WILL AT ALL TIMES REMAIN WITH COPYRIGHT HOLDERS.
+-->
+<xsd:schema xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" elementFormDefault="qualified" attributeFormDefault="unqualified">
+ <xsd:complexType name="PersonNameType">
+ <xsd:sequence>
+ <xsd:element name="FormattedName" minOccurs="0" maxOccurs="unbounded">
+ <xsd:complexType>
+ <xsd:simpleContent>
+ <xsd:extension base="xsd:string">
+ <xsd:attribute name="type" default="presentation">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="presentation"/>
+ <xsd:enumeration value="legal"/>
+ <xsd:enumeration value="sortOrder"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ </xsd:attribute>
+ </xsd:extension>
+ </xsd:simpleContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="LegalName" type="xsd:string" minOccurs="0"/>
+ <xsd:element name="GivenName" type="xsd:string" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="PreferredGivenName" type="xsd:string" minOccurs="0"/>
+ <xsd:element name="MiddleName" type="xsd:string" minOccurs="0"/>
+ <xsd:element name="FamilyName" minOccurs="0" maxOccurs="unbounded">
+ <xsd:complexType>
+ <xsd:simpleContent>
+ <xsd:extension base="xsd:string">
+ <xsd:attribute name="primary" default="undefined">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="true"/>
+ <xsd:enumeration value="false"/>
+ <xsd:enumeration value="undefined"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ </xsd:attribute>
+ <xsd:attribute name="prefix" type="xsd:string"/>
+ </xsd:extension>
+ </xsd:simpleContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="Affix" minOccurs="0" maxOccurs="unbounded">
+ <xsd:complexType>
+ <xsd:simpleContent>
+ <xsd:extension base="xsd:string">
+ <xsd:attribute name="type" use="required">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="academicGrade"/>
+ <xsd:enumeration value="aristocraticPrefix"/>
+ <xsd:enumeration value="aristocraticTitle"/>
+ <xsd:enumeration value="familyNamePrefix"/>
+ <xsd:enumeration value="familyNameSuffix"/>
+ <xsd:enumeration value="formOfAddress"/>
+ <xsd:enumeration value="generation"/>
+ <xsd:enumeration value="qualification"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ </xsd:attribute>
+ </xsd:extension>
+ </xsd:simpleContent>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:element name="PersonName" type="PersonNameType"/>
+</xsd:schema>
diff --git a/common/src/main/resources/resources/schemas/PostalAddress-1_2.xsd b/common/src/main/resources/resources/schemas/PostalAddress-1_2.xsd new file mode 100644 index 000000000..b3d89abbb --- /dev/null +++ b/common/src/main/resources/resources/schemas/PostalAddress-1_2.xsd @@ -0,0 +1,95 @@ +<?xml version="1.0" encoding="UTF-8"?>
+<!-- CHANGES from original HR-XML schema for use with PersonData.xsd:
+ * elementFormDefault set to "qualified"
+ * CountryCode set to minOccurs="0" -->
+<!--
+"Copyright The HR-XML Consortium. All Rights Reserved. http://www.hr-xml.org"
+Name: PostalAddress-1_2.xsd
+Status: Recommendation
+Date this version: 2001-08-20
+Date last version: 2001-07-20
+Purpose: Defines the schema for Postal Address
+Author(s): Paul Kiel, Kim Bartkus, CPO Workgroup
+
+This HR-XML Consortium Work (including specifications, documents,
+software, and related items) is provided by the copyright holders
+under the following license. By obtaining, using and/or copying
+this work, you (the licensee) agree that you have read, understood,
+and will comply with the following terms and conditions.
+
+Permission to use, copy, modify, or redistribute this Work and
+its documentation, with or without modification, for any purpose
+and without fee or royalty is hereby granted, provided that you
+include the following on ALL copies of the software and
+documentation or portions thereof, including modifications,
+that you make:
+
+1. This notice: "Copyright The HR-XML Consortium. All Rights
+ Reserved. http://www.hr-xml.org"
+2. Notice of any changes or modifications to the The HR-XML
+ Consortium files.
+
+THIS WORK, INCLUDING SPECIFICATIONS, DOCUMENTS, SOFTWARE, OR OTHER
+RELATED ITEMS, IS PROVIDED "AS IS," AND COPYRIGHT HOLDERS MAKE NO
+REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT
+NOT LIMITED TO, WARRANTIES OF MERCHANTABILITY OR FITNESS FOR ANY
+PARTICULAR PURPOSE OR THAT THE USE OF THE SOFTWARE OR DOCUMENTATION
+WILL NOT INFRINGE ANY THIRD PARTY PATENTS, COPYRIGHTS, TRADEMARKS
+OR OTHER RIGHTS.
+
+COPYRIGHT HOLDERS WILL NOT BE LIABLE FOR ANY DIRECT, INDIRECT,
+SPECIAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF ANY USE OF THE
+SOFTWARE OR DOCUMENTATION.
+
+TITLE TO COPYRIGHT IN THIS WORK AND ANY ASSOCIATED DOCUMENTATION
+WILL AT ALL TIMES REMAIN WITH COPYRIGHT HOLDERS.
+-->
+<xsd:schema xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" elementFormDefault="qualified" attributeFormDefault="unqualified">
+ <xsd:include schemaLocation="PersonName-1_2.xsd"/>
+ <xsd:complexType name="PostalAddressType">
+ <xsd:sequence>
+ <xsd:element name="CountryCode" minOccurs="0">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:string">
+ <xsd:pattern value="[A-Z]{2}"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ </xsd:element>
+ <xsd:element name="PostalCode" type="xsd:string" minOccurs="0"/>
+ <xsd:element name="Region" type="xsd:string" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="Municipality" type="xsd:string" minOccurs="0"/>
+ <xsd:element name="DeliveryAddress" minOccurs="0">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="AddressLine" type="xsd:string" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="StreetName" type="xsd:string" minOccurs="0"/>
+ <xsd:element name="BuildingNumber" type="xsd:string" minOccurs="0"/>
+ <xsd:element name="Unit" type="xsd:string" minOccurs="0"/>
+ <xsd:element name="PostOfficeBox" type="xsd:string" minOccurs="0"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="Recipient" minOccurs="0" maxOccurs="unbounded">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="PersonName" type="PersonNameType" minOccurs="0"/>
+ <xsd:element name="AdditionalText" type="xsd:string" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="Organization" type="xsd:string" minOccurs="0"/>
+ <xsd:element name="OrganizationName" type="xsd:string" minOccurs="0"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ <xsd:attribute name="type" default="undefined">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="postOfficeBoxAddress"/>
+ <xsd:enumeration value="streetAddress"/>
+ <xsd:enumeration value="militaryAddress"/>
+ <xsd:enumeration value="undefined"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ </xsd:attribute>
+ </xsd:complexType>
+ <xsd:element name="PostalAddress" type="PostalAddressType"/>
+</xsd:schema>
diff --git a/common/src/main/resources/resources/schemas/TelcomNumber-1_0.xsd b/common/src/main/resources/resources/schemas/TelcomNumber-1_0.xsd new file mode 100644 index 000000000..f89702aeb --- /dev/null +++ b/common/src/main/resources/resources/schemas/TelcomNumber-1_0.xsd @@ -0,0 +1,89 @@ +<?xml version="1.0" encoding="UTF-8"?>
+<!-- CHANGES from original HR-XML schema for use with PersonData.xsd:
+ * elementFormDefault set to "qualified" -->
+<!--
+"Copyright The HR-XML Consortium. All Rights Reserved. http://www.hr-xml.org"
+Name: TelcomNumber-1_0.xsd
+Status:Recommendation
+Date this version: 2002-01-31
+Date last version: 2001-12-20
+Purpose: Schema for Telecommunications data.
+Author(s): Don Simonson, Robert Half Int'l., CPO Workgroup
+
+This HR-XML Consortium Work (including specifications, documents,
+software, and related items) is provided by the copyright holders
+under the following license. By obtaining, using and/or copying
+this work, you (the licensee) agree that you have read, understood,
+and will comply with the following terms and conditions.
+
+Permission to use, copy, modify, or redistribute this Work and
+its documentation, with or without modification, for any purpose
+and without fee or royalty is hereby granted, provided that you
+include the following on ALL copies of the software and
+documentation or portions thereof, including modifications,
+that you make:
+
+1. This notice: "Copyright The HR-XML Consortium. All Rights
+ Reserved. http://www.hr-xml.org"
+2. Notice of any changes or modifications to the The HR-XML
+ Consortium files.
+
+THIS WORK, INCLUDING SPECIFICATIONS, DOCUMENTS, SOFTWARE, OR OTHER
+RELATED ITEMS, IS PROVIDED "AS IS," AND COPYRIGHT HOLDERS MAKE NO
+REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT
+NOT LIMITED TO, WARRANTIES OF MERCHANTABILITY OR FITNESS FOR ANY
+PARTICULAR PURPOSE OR THAT THE USE OF THE SOFTWARE OR DOCUMENTATION
+WILL NOT INFRINGE ANY THIRD PARTY PATENTS, COPYRIGHTS, TRADEMARKS
+OR OTHER RIGHTS.
+
+COPYRIGHT HOLDERS WILL NOT BE LIABLE FOR ANY DIRECT, INDIRECT,
+SPECIAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF ANY USE OF THE
+SOFTWARE OR DOCUMENTATION.
+
+TITLE TO COPYRIGHT IN THIS WORK AND ANY ASSOCIATED DOCUMENTATION
+WILL AT ALL TIMES REMAIN WITH COPYRIGHT HOLDERS.
+-->
+<xsd:schema xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" elementFormDefault="qualified" attributeFormDefault="unqualified">
+ <xsd:group name="TelcomNumberGroup">
+ <xsd:sequence>
+ <xsd:element ref="InternationalCountryCode" minOccurs="0"/>
+ <xsd:element ref="NationalNumber" minOccurs="0"/>
+ <xsd:element ref="AreaCityCode" minOccurs="0"/>
+ <xsd:element ref="SubscriberNumber"/>
+ <xsd:element ref="Extension" minOccurs="0"/>
+ </xsd:sequence>
+ </xsd:group>
+ <xsd:element name="FormattedNumber" type="xsd:string"/>
+ <xsd:element name="InternationalCountryCode" type="xsd:string"/>
+ <xsd:element name="NationalNumber" type="xsd:string"/>
+ <xsd:element name="AreaCityCode" type="xsd:string"/>
+ <xsd:element name="SubscriberNumber" type="xsd:string"/>
+ <xsd:complexType name="TelcomNumberType">
+ <xsd:choice>
+ <xsd:element ref="FormattedNumber"/>
+ <xsd:group ref="TelcomNumberGroup"/>
+ </xsd:choice>
+ </xsd:complexType>
+ <xsd:element name="Extension" type="xsd:string"/>
+ <xsd:element name="Telephone" type="TelcomNumberType"/>
+ <xsd:element name="Mobile" type="MobileTelcomNumberType"/>
+ <xsd:element name="Fax" type="TelcomNumberType"/>
+ <xsd:element name="Pager" type="TelcomNumberType"/>
+ <xsd:element name="TTYTDD" type="TelcomNumberType"/>
+ <xsd:complexType name="MobileTelcomNumberType">
+ <xsd:complexContent>
+ <xsd:extension base="TelcomNumberType">
+ <xsd:attribute name="smsEnabled" type="xsd:boolean" use="optional"/>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="TelcomNumberListType">
+ <xsd:sequence>
+ <xsd:element ref="Telephone" minOccurs="0"/>
+ <xsd:element ref="Mobile" minOccurs="0"/>
+ <xsd:element ref="Fax" minOccurs="0"/>
+ <xsd:element ref="Pager" minOccurs="0"/>
+ <xsd:element ref="TTYTDD" minOccurs="0"/>
+ </xsd:sequence>
+ </xsd:complexType>
+</xsd:schema>
diff --git a/common/src/main/resources/resources/schemas/XAdES-1.1.1.xsd b/common/src/main/resources/resources/schemas/XAdES-1.1.1.xsd new file mode 100644 index 000000000..718061048 --- /dev/null +++ b/common/src/main/resources/resources/schemas/XAdES-1.1.1.xsd @@ -0,0 +1,545 @@ +<?xml version="1.0" encoding="UTF-8"?>
+<xsd:schema targetNamespace="http://uri.etsi.org/01903/v1.1.1#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://uri.etsi.org/01903/v1.1.1#"
+xmlns:ds="http://www.w3.org/2000/09/xmldsig#" elementFormDefault="qualified">
+
+ <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd"/>
+
+<!-- Start auxiliary types definitions: AnyType, ObjectIdentifierType,
+EncapsulatedPKIDataType and TimestampType-->
+
+<!-- Start AnyType -->
+
+ <xsd:element name="Any" type="AnyType"/>
+ <xsd:complexType name="AnyType" mixed="true">
+ <xsd:sequence>
+ <xsd:any namespace="##any"/>
+ </xsd:sequence>
+ <xsd:anyAttribute namespace="##any"/>
+ </xsd:complexType>
+
+<!-- End AnyType -->
+
+<!-- Start ObjectIdentifierType-->
+
+ <xsd:element name="ObjectIdentifier" type="ObjectIdentifierType"/>
+ <xsd:complexType name="ObjectIdentifierType">
+ <xsd:sequence>
+ <xsd:element name="Identifier" type="IdentifierType"/>
+ <xsd:element name="Description" type="xsd:string" minOccurs="0"/>
+ <xsd:element name="DocumentationReferences" type="DocumentationReferencesType" minOccurs="0"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="IdentifierType">
+ <xsd:simpleContent>
+ <xsd:extension base="xsd:anyURI">
+ <xsd:attribute name="Qualifier" type="QualifierType" use="optional"/>
+ </xsd:extension>
+ </xsd:simpleContent>
+ </xsd:complexType>
+ <xsd:simpleType name="QualifierType">
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="OIDAsURI"/>
+ <xsd:enumeration value="OIDAsURN"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ <xsd:complexType name="DocumentationReferencesType">
+ <xsd:sequence maxOccurs="unbounded">
+ <xsd:element name="DocumentationReference" type="xsd:anyURI"/>
+ </xsd:sequence>
+ </xsd:complexType>
+
+<!-- End ObjectIdentifierType-->
+
+<!-- Start EncapsulatedPKIDataType-->
+
+ <xsd:element name="EncapsulatedPKIData" type="EncapsulatedPKIDataType"/>
+ <xsd:complexType name="EncapsulatedPKIDataType">
+ <xsd:simpleContent>
+ <xsd:extension base="xsd:base64Binary">
+ <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
+ </xsd:extension>
+ </xsd:simpleContent>
+ </xsd:complexType>
+
+<!-- End EncapsulatedPKIDataType -->
+
+<!-- Start TimeStampType -->
+
+ <xsd:element name="TimeStamp" type="TimeStampType"/>
+ <xsd:complexType name="TimeStampType">
+ <xsd:sequence>
+ <xsd:element name="HashDataInfo" type="HashDataInfoType" maxOccurs="unbounded"/>
+ <xsd:choice>
+ <xsd:element name="EncapsulatedTimeStamp" type="EncapsulatedPKIDataType"/>
+ <xsd:element name="XMLTimeStamp" type="AnyType"/>
+ </xsd:choice>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="HashDataInfoType">
+ <xsd:sequence>
+ <xsd:element name="Transforms" type="ds:TransformsType" minOccurs="0"/>
+ </xsd:sequence>
+ <xsd:attribute name="uri" type="xsd:anyURI" use="required"/>
+ </xsd:complexType>
+
+<!-- End TimeStampType -->
+
+<!-- End auxiliary types definitions-->
+
+<!-- Start container types -->
+
+<!-- Start QualifyingProperties -->
+
+ <xsd:element name="QualifyingProperties" type="QualifyingPropertiesType"/>
+
+ <xsd:complexType name="QualifyingPropertiesType">
+ <xsd:sequence>
+ <xsd:element name="SignedProperties" type="SignedPropertiesType" minOccurs="0"/>
+ <xsd:element name="UnsignedProperties" type="UnsignedPropertiesType" minOccurs="0"/>
+ </xsd:sequence>
+ <xsd:attribute name="Target" type="xsd:anyURI" use="required"/>
+ <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
+ </xsd:complexType>
+
+<!-- End QualifyingProperties -->
+
+<!-- Start SignedProperties-->
+
+ <xsd:element name="SignedProperties" type="SignedPropertiesType"/>
+
+ <xsd:complexType name="SignedPropertiesType">
+ <xsd:sequence>
+ <xsd:element name="SignedSignatureProperties" type="SignedSignaturePropertiesType"/>
+ <xsd:element name="SignedDataObjectProperties" type="SignedDataObjectPropertiesType" minOccurs="0"/>
+ </xsd:sequence>
+ <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
+ </xsd:complexType>
+
+<!-- End SignedProperties-->
+
+<!-- Start UnsignedProperties-->
+
+<xsd:element name="UnsignedProperties" type="UnsignedPropertiesType" />
+
+ <xsd:complexType name="UnsignedPropertiesType">
+ <xsd:sequence>
+ <xsd:element name="UnsignedSignatureProperties"
+ type="UnsignedSignaturePropertiesType" minOccurs="0"/>
+ <xsd:element name="UnsignedDataObjectProperties"
+ type="UnsignedDataObjectPropertiesType" minOccurs="0"/>
+ </xsd:sequence>
+ <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
+ </xsd:complexType>
+
+<!-- End UnsignedProperties-->
+
+<!-- Start SignedSignatureProperties-->
+
+<xsd:element name="SignedSignatureProperties"
+ type="SignedSignaturePropertiesType" />
+
+<xsd:complexType name="SignedSignaturePropertiesType">
+ <xsd:sequence>
+ <xsd:element name="SigningTime" type="xsd:dateTime"/>
+ <xsd:element name="SigningCertificate" type="CertIDListType"/>
+ <xsd:element name="SignaturePolicyIdentifier"
+ type="SignaturePolicyIdentifierType"/>
+ <xsd:element name="SignatureProductionPlace" type="SignatureProductionPlaceType"
+ minOccurs="0"/>
+ <xsd:element name="SignerRole" type="SignerRoleType" minOccurs="0"/>
+ </xsd:sequence>
+</xsd:complexType>
+
+<!-- End SignedSignatureProperties-->
+
+
+<!-- Start SignedDataObjectProperties-->
+
+<xsd:element name="SignedDataObjectProperties"
+ type="SignedDataObjectPropertiesType"/>
+
+<xsd:complexType name="SignedDataObjectPropertiesType">
+ <xsd:sequence>
+ <xsd:element name="DataObjectFormat" type="DataObjectFormatType"
+ minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="CommitmentTypeIndication"
+ type="CommitmentTypeIndicationType" minOccurs="0"
+ maxOccurs="unbounded"/>
+ <xsd:element name="AllDataObjectsTimeStamp" type="TimeStampType"
+ minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="IndividualDataObjectsTimeStamp" type="TimeStampType"
+ minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+</xsd:complexType>
+
+<!-- End SignedDataObjectProperties-->
+
+
+<!-- Start UnsignedSignatureProperties-->
+
+<xsd:element name="UnsignedSignatureProperties"
+ type="UnsignedSignaturePropertiesType"/>
+
+<xsd:complexType name="UnsignedSignaturePropertiesType">
+ <xsd:sequence>
+ <xsd:element name="CounterSignature" type="CounterSignatureType"
+ minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="SignatureTimeStamp" type="TimeStampType"
+ minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="CompleteCertificateRefs"
+ type="CompleteCertificateRefsType" minOccurs="0"/>
+ <xsd:element name="CompleteRevocationRefs"
+ type="CompleteRevocationRefsType" minOccurs="0"/>
+ <xsd:choice>
+ <xsd:element name="SigAndRefsTimeStamp" type="TimeStampType"
+ minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="RefsOnlyTimeStamp" type="TimeStampType"
+ minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:choice>
+ <xsd:element name="CertificateValues" type="CertificateValuesType"
+ minOccurs="0"/>
+ <xsd:element name="RevocationValues" type="RevocationValuesType"
+ minOccurs="0"/>
+ <xsd:element name="ArchiveTimeStamp" type="TimeStampType"
+ minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+
+
+<!-- End UnsignedSignatureProperties-->
+
+
+<!-- Start UnsignedDataObjectProperties-->
+
+<xsd:element name="UnsignedDataObjectProperties"
+ type="UnsignedDataObjectPropertiesType" />
+
+<xsd:complexType name="UnsignedDataObjectPropertiesType">
+ <xsd:sequence>
+ <xsd:element name="UnsignedDataObjectProperty" type="AnyType"
+ minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+</xsd:complexType>
+
+<!-- End UnsignedDataObjectProperties-->
+
+<!-- Start QualifyingPropertiesReference-->
+
+<xsd:element name="QualifyingPropertiesReference"
+ type="QualifyingPropertiesReferenceType"/>
+
+<xsd:complexType name="QualifyingPropertiesReferenceType">
+ <xsd:sequence>
+ <xsd:element name="Transforms" type="ds:TransformsType" minOccurs="0"/>
+ </xsd:sequence>
+ <xsd:attribute name="URI" type="xsd:anyURI" use="required"/>
+ <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
+</xsd:complexType>
+
+<!-- End QualifyingPropertiesReference-->
+
+<!-- End container types -->
+
+
+<!-- Start SigningTime element -->
+ <xsd:element name="SigningTime" type="xsd:dateTime"/>
+
+<!-- End SigningTime element -->
+
+<!-- Start SigningCertificate -->
+ <xsd:element name="SigningCertificate" type="CertIDListType"/>
+ <xsd:complexType name="CertIDListType">
+ <xsd:sequence>
+ <xsd:element name="Cert" type="CertIDType" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="CertIDType">
+ <xsd:sequence>
+ <xsd:element name="CertDigest" type="DigestAlgAndValueType"/>
+ <xsd:element name="IssuerSerial" type="ds:X509IssuerSerialType"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="DigestAlgAndValueType">
+ <xsd:sequence>
+ <xsd:element name="DigestMethod" type="ds:DigestMethodType"/>
+ <xsd:element name="DigestValue" type="ds:DigestValueType"/>
+ </xsd:sequence>
+ </xsd:complexType>
+
+<!-- End SigningCertificate -->
+
+<!-- Start SignaturePolicyIdentifier -->
+
+ <xsd:element name="SignaturePolicyIdentifier" type="SignaturePolicyIdentifierType"/>
+ <xsd:complexType name="SignaturePolicyIdentifierType">
+ <xsd:choice>
+ <xsd:element name="SignaturePolicyId" type="SignaturePolicyIdType"/>
+ <xsd:element name="SignaturePolicyImplied"/>
+ </xsd:choice>
+ </xsd:complexType>
+ <xsd:complexType name="SignaturePolicyIdType">
+ <xsd:sequence>
+ <xsd:element name="SigPolicyId" type="ObjectIdentifierType"/>
+ <xsd:element ref="ds:Transforms" minOccurs="0"/>
+ <xsd:element name="SigPolicyHash" type="DigestAlgAndValueType"/>
+ <xsd:element name="SigPolicyQualifiers" type="SigPolicyQualifiersListType" minOccurs="0"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="SigPolicyQualifiersListType">
+ <xsd:sequence>
+ <xsd:element name="SigPolicyQualifier" type="AnyType" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:element name="SPURI" type="xsd:anyURI"/>
+ <xsd:element name="SPUserNotice" type="SPUserNoticeType"/>
+ <xsd:complexType name="SPUserNoticeType">
+ <xsd:sequence>
+ <xsd:element name="NoticeRef" type="NoticeReferenceType" minOccurs="0"/>
+ <xsd:element name="ExplicitText" type="xsd:string" minOccurs="0"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="NoticeReferenceType">
+ <xsd:sequence>
+ <xsd:element name="Organization" type="xsd:string"/>
+ <xsd:element name="NoticeNumbers" type="IntegerListType"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="IntegerListType">
+ <xsd:sequence>
+ <xsd:element name="int" type="xsd:integer" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+
+<!-- End SignaturePolicyIdentifier -->
+
+
+<!-- Start CounterSignature -->
+ <xsd:element name="CounterSignature" type="CounterSignatureType"/>
+ <xsd:complexType name="CounterSignatureType">
+ <xsd:sequence>
+ <xsd:element ref="ds:Signature"/>
+ </xsd:sequence>
+ </xsd:complexType>
+
+<!-- End CounterSignature -->
+
+<!-- Start DataObjectFormat -->
+
+ <xsd:element name="DataObjectFormat" type="DataObjectFormatType"/>
+ <xsd:complexType name="DataObjectFormatType">
+ <xsd:sequence>
+ <xsd:element name="Description" type="xsd:string" minOccurs="0"/>
+ <xsd:element name="ObjectIdentifier" type="ObjectIdentifierType" minOccurs="0"/>
+ <xsd:element name="MimeType" type="xsd:string" minOccurs="0"/>
+ <xsd:element name="Encoding" type="xsd:anyURI" minOccurs="0"/>
+ </xsd:sequence>
+ <xsd:attribute name="ObjectReference" type="xsd:anyURI" use="required"/>
+ </xsd:complexType>
+
+<!-- End DataObjectFormat -->
+
+<!-- Start CommitmentTypeIndication -->
+
+ <xsd:element name="CommitmentTypeIndication" type="CommitmentTypeIndicationType"/>
+ <xsd:complexType name="CommitmentTypeIndicationType">
+ <xsd:sequence>
+ <xsd:element name="CommitmentTypeId" type="ObjectIdentifierType"/>
+ <xsd:choice>
+ <xsd:element name="ObjectReference" type="xsd:anyURI" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="AllSignedDataObjects"/>
+ </xsd:choice>
+ <xsd:element name="CommitmentTypeQualifiers" type="CommitmentTypeQualifiersListType" minOccurs="0"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="CommitmentTypeQualifiersListType">
+ <xsd:sequence>
+ <xsd:element name="CommitmentTypeQualifier" type="AnyType" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+
+<!-- End CommitmentTypeIndication -->
+
+<!-- Start SignatureProductionPlace -->
+
+ <xsd:element name="SignatureProductionPlace" type="SignatureProductionPlaceType"/>
+ <xsd:complexType name="SignatureProductionPlaceType">
+ <xsd:sequence>
+ <xsd:element name="City" type="xsd:string" minOccurs="0"/>
+ <xsd:element name="StateOrProvince" type="xsd:string" minOccurs="0"/>
+ <xsd:element name="PostalCode" type="xsd:string" minOccurs="0"/>
+ <xsd:element name="CountryName" type="xsd:string" minOccurs="0"/>
+ </xsd:sequence>
+ </xsd:complexType>
+
+<!-- End SignatureProductionPlace -->
+
+<!-- Start SignerRole -->
+
+<xsd:element name="SignerRole" type="SignerRoleType"/>
+<xsd:complexType name="SignerRoleType">
+ <xsd:sequence>
+ <xsd:element name="ClaimedRoles" type="ClaimedRolesListType"
+ minOccurs="0"/>
+ <xsd:element name="CertifiedRoles" type="CertifiedRolesListType"
+ minOccurs="0"/>
+ </xsd:sequence>
+</xsd:complexType>
+
+<xsd:complexType name="ClaimedRolesListType">
+ <xsd:sequence>
+ <xsd:element name="ClaimedRole" type="AnyType" maxOccurs="unbounded"/>
+ </xsd:sequence>
+</xsd:complexType>
+
+<xsd:complexType name="CertifiedRolesListType">
+ <xsd:sequence>
+ <xsd:element name="CertifiedRole" type="EncapsulatedPKIDataType"
+ maxOccurs="unbounded"/>
+ </xsd:sequence>
+</xsd:complexType>
+
+<!-- End SignerRole -->
+
+
+ <xsd:element name="AllDataObjectsTimeStamp" type="TimeStampType"/>
+
+ <xsd:element name="IndividualDataObjectsTimeStamp" type="TimeStampType"/>
+
+ <xsd:element name="SignatureTimeStamp" type="TimeStampType"/>
+
+<!-- Start CompleteCertificateRefs -->
+
+<xsd:element name="CompleteCertificateRefs" type="CompleteCertificateRefsType"/>
+
+<xsd:complexType name="CompleteCertificateRefsType">
+ <xsd:sequence>
+ <xsd:element name="CertRefs" type="CertIDListType" />
+ </xsd:sequence>
+ <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
+</xsd:complexType>
+
+<!-- End CompleteCertificateRefs -->
+
+
+<!-- Start CompleteRevocationRefs-->
+
+<xsd:element name="CompleteRevocationRefs" type="CompleteRevocationRefsType"/>
+
+<xsd:complexType name="CompleteRevocationRefsType">
+ <xsd:sequence>
+ <xsd:element name="CRLRefs" type="CRLRefsType" minOccurs="0"/>
+ <xsd:element name="OCSPRefs" type="OCSPRefsType" minOccurs="0"/>
+ <xsd:element name="OtherRefs" type="OtherCertStatusRefsType" minOccurs="0"/>
+ </xsd:sequence>
+ <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
+</xsd:complexType>
+
+<xsd:complexType name="CRLRefsType">
+ <xsd:sequence>
+ <xsd:element name="CRLRef" type="CRLRefType" maxOccurs="unbounded"/>
+ </xsd:sequence>
+</xsd:complexType>
+
+<xsd:complexType name="CRLRefType">
+ <xsd:sequence>
+ <xsd:element name="DigestAlgAndValue" type="DigestAlgAndValueType"/>
+ <xsd:element name="CRLIdentifier" type="CRLIdentifierType" minOccurs="0"/>
+ </xsd:sequence>
+</xsd:complexType>
+
+<xsd:complexType name="CRLIdentifierType">
+ <xsd:sequence>
+ <xsd:element name="Issuer" type="xsd:string"/>
+ <xsd:element name="IssueTime" type="xsd:dateTime" />
+ <xsd:element name="Number" type="xsd:integer" minOccurs="0"/>
+ </xsd:sequence>
+ <xsd:attribute name="URI" type="xsd:anyURI" use="optional"/>
+</xsd:complexType>
+
+<xsd:complexType name="OCSPRefsType">
+ <xsd:sequence>
+ <xsd:element name="OCSPRef" type="OCSPRefType" maxOccurs="unbounded"/>
+ </xsd:sequence>
+</xsd:complexType>
+
+<xsd:complexType name="OCSPRefType">
+ <xsd:sequence>
+ <xsd:element name="OCSPIdentifier" type="OCSPIdentifierType"/>
+ <xsd:element name="DigestAlgAndValue" type="DigestAlgAndValueType"
+ minOccurs="0"/>
+ </xsd:sequence>
+</xsd:complexType>
+
+<xsd:complexType name="OCSPIdentifierType">
+ <xsd:sequence>
+ <xsd:element name="ResponderID" type="xsd:string"/>
+ <xsd:element name="ProducedAt" type="xsd:dateTime"/>
+ </xsd:sequence>
+ <xsd:attribute name="URI" type="xsd:anyURI" use="optional"/>
+</xsd:complexType>
+
+<xsd:complexType name="OtherCertStatusRefsType">
+ <xsd:sequence>
+ <xsd:element name="OtherRef" type="AnyType" maxOccurs="unbounded"/>
+ </xsd:sequence>
+</xsd:complexType>
+
+<!-- End CompleteRevocationRefs-->
+
+
+<xsd:element name="SigAndRefsTimeStamp" type="TimeStampType"/>
+
+<xsd:element name="RefsOnlyTimeStamp" type="TimeStampType"/>
+
+<!-- Start CertificateValues -->
+
+<xsd:element name="CertificateValues" type="CertificateValuesType"/>
+
+<xsd:complexType name="CertificateValuesType">
+ <xsd:choice minOccurs="0" maxOccurs="unbounded">
+ <xsd:element name="EncapsulatedX509Certificate" type="EncapsulatedPKIDataType"/>
+ <xsd:element name="OtherCertificate" type="AnyType"/>
+ </xsd:choice>
+ <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
+</xsd:complexType>
+
+<!-- End CertificateValues -->
+
+<!-- Start RevocationValues-->
+
+<xsd:element name="RevocationValues" type="RevocationValuesType"/>
+
+<xsd:complexType name="RevocationValuesType">
+ <xsd:sequence>
+ <xsd:element name="CRLValues" type="CRLValuesType" minOccurs="0"/>
+ <xsd:element name="OCSPValues" type="OCSPValuesType" minOccurs="0"/>
+ <xsd:element name="OtherValues" type="OtherCertStatusValuesType" minOccurs="0"/>
+ </xsd:sequence>
+ <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
+</xsd:complexType>
+
+<xsd:complexType name="CRLValuesType">
+ <xsd:sequence>
+ <xsd:element name="EncapsulatedCRLValue" type="EncapsulatedPKIDataType"
+ maxOccurs="unbounded"/>
+ </xsd:sequence>
+</xsd:complexType>
+
+<xsd:complexType name="OCSPValuesType">
+ <xsd:sequence>
+ <xsd:element name="EncapsulatedOCSPValue"
+ type="EncapsulatedPKIDataType" maxOccurs="unbounded"/>
+ </xsd:sequence>
+</xsd:complexType>
+<xsd:complexType name="OtherCertStatusValuesType">
+ <xsd:sequence>
+ <xsd:element name="OtherValue" type="AnyType" maxOccurs="unbounded"/>
+ </xsd:sequence>
+</xsd:complexType>
+
+<!-- End RevocationValues-->
+
+<xsd:element name="ArchiveTimeStamp" type="TimeStampType"/>
+
+
+</xsd:schema>
diff --git a/common/src/main/resources/resources/schemas/XAdES-1.2.2.xsd b/common/src/main/resources/resources/schemas/XAdES-1.2.2.xsd new file mode 100644 index 000000000..80ccf1289 --- /dev/null +++ b/common/src/main/resources/resources/schemas/XAdES-1.2.2.xsd @@ -0,0 +1,551 @@ +<?xml version="1.0" encoding="UTF-8"?>
+<xsd:schema targetNamespace="http://uri.etsi.org/01903/v1.2.2#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://uri.etsi.org/01903/v1.2.2#"
+xmlns:ds="http://www.w3.org/2000/09/xmldsig#" elementFormDefault="qualified">
+
+ <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd"/>
+
+<!-- Start auxiliary types definitions: AnyType, ObjectIdentifierType,
+EncapsulatedPKIDataType and TimestampType-->
+
+<!-- Start AnyType -->
+
+ <xsd:element name="Any" type="AnyType"/>
+ <xsd:complexType name="AnyType" mixed="true">
+ <xsd:sequence minOccurs="0" maxOccurs="unbounded">
+ <xsd:any namespace="##any" processContents="lax"/>
+ </xsd:sequence>
+ <xsd:anyAttribute namespace="##any"/>
+ </xsd:complexType>
+
+<!-- End AnyType -->
+
+<!-- Start ObjectIdentifierType-->
+
+ <xsd:element name="ObjectIdentifier" type="ObjectIdentifierType"/>
+ <xsd:complexType name="ObjectIdentifierType">
+ <xsd:sequence>
+ <xsd:element name="Identifier" type="IdentifierType"/>
+ <xsd:element name="Description" type="xsd:string" minOccurs="0"/>
+ <xsd:element name="DocumentationReferences" type="DocumentationReferencesType" minOccurs="0"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="IdentifierType">
+ <xsd:simpleContent>
+ <xsd:extension base="xsd:anyURI">
+ <xsd:attribute name="Qualifier" type="QualifierType" use="optional"/>
+ </xsd:extension>
+ </xsd:simpleContent>
+ </xsd:complexType>
+ <xsd:simpleType name="QualifierType">
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="OIDAsURI"/>
+ <xsd:enumeration value="OIDAsURN"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ <xsd:complexType name="DocumentationReferencesType">
+ <xsd:sequence maxOccurs="unbounded">
+ <xsd:element name="DocumentationReference" type="xsd:anyURI"/>
+ </xsd:sequence>
+ </xsd:complexType>
+
+<!-- End ObjectIdentifierType-->
+
+<!-- Start EncapsulatedPKIDataType-->
+
+ <xsd:element name="EncapsulatedPKIData" type="EncapsulatedPKIDataType"/>
+ <xsd:complexType name="EncapsulatedPKIDataType">
+ <xsd:simpleContent>
+ <xsd:extension base="xsd:base64Binary">
+ <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
+ </xsd:extension>
+ </xsd:simpleContent>
+ </xsd:complexType>
+
+<!-- End EncapsulatedPKIDataType -->
+
+<!-- Start TimeStampType -->
+
+ <xsd:element name="TimeStamp" type="TimeStampType"/>
+ <xsd:complexType name="TimeStampType">
+ <xsd:sequence>
+ <xsd:element name="Include" type="IncludeType" maxOccurs="unbounded"/>
+ <xsd:element ref="ds:CanonicalizationMethod" minOccurs="0"/>
+ <xsd:choice>
+ <xsd:element name="EncapsulatedTimeStamp" type="EncapsulatedPKIDataType"/>
+ <xsd:element name="XMLTimeStamp" type="AnyType"/>
+ </xsd:choice>
+ </xsd:sequence>
+ <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
+ </xsd:complexType>
+
+ <xsd:complexType name="IncludeType">
+ <xsd:attribute name="URI" type="xsd:anyURI" use="required"/>
+ <xsd:attribute name="referencedData" type="xsd:boolean" use="optional"/>
+ </xsd:complexType>
+
+<!-- End TimeStampType -->
+
+<!-- End auxiliary types definitions-->
+
+<!-- Start container types -->
+
+<!-- Start QualifyingProperties -->
+
+ <xsd:element name="QualifyingProperties" type="QualifyingPropertiesType"/>
+
+ <xsd:complexType name="QualifyingPropertiesType">
+ <xsd:sequence>
+ <xsd:element name="SignedProperties" type="SignedPropertiesType" minOccurs="0"/>
+ <xsd:element name="UnsignedProperties" type="UnsignedPropertiesType" minOccurs="0"/>
+ </xsd:sequence>
+ <xsd:attribute name="Target" type="xsd:anyURI" use="required"/>
+ <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
+ </xsd:complexType>
+
+<!-- End QualifyingProperties -->
+
+<!-- Start SignedProperties-->
+
+ <xsd:element name="SignedProperties" type="SignedPropertiesType"/>
+
+ <xsd:complexType name="SignedPropertiesType">
+ <xsd:sequence>
+ <xsd:element name="SignedSignatureProperties" type="SignedSignaturePropertiesType"/>
+ <xsd:element name="SignedDataObjectProperties" type="SignedDataObjectPropertiesType" minOccurs="0"/>
+ </xsd:sequence>
+ <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
+ </xsd:complexType>
+
+<!-- End SignedProperties-->
+
+<!-- Start UnsignedProperties-->
+
+<xsd:element name="UnsignedProperties" type="UnsignedPropertiesType" />
+
+ <xsd:complexType name="UnsignedPropertiesType">
+ <xsd:sequence>
+ <xsd:element name="UnsignedSignatureProperties"
+ type="UnsignedSignaturePropertiesType" minOccurs="0"/>
+ <xsd:element name="UnsignedDataObjectProperties"
+ type="UnsignedDataObjectPropertiesType" minOccurs="0"/>
+ </xsd:sequence>
+ <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
+ </xsd:complexType>
+
+<!-- End UnsignedProperties-->
+
+<!-- Start SignedSignatureProperties-->
+
+<xsd:element name="SignedSignatureProperties"
+ type="SignedSignaturePropertiesType" />
+
+<xsd:complexType name="SignedSignaturePropertiesType">
+ <xsd:sequence>
+ <xsd:element name="SigningTime" type="xsd:dateTime" minOccurs="0"/>
+ <xsd:element name="SigningCertificate" type="CertIDListType" minOccurs="0"/>
+ <xsd:element name="SignaturePolicyIdentifier"
+type="SignaturePolicyIdentifierType" minOccurs="0"/>
+ <xsd:element name="SignatureProductionPlace" type="SignatureProductionPlaceType"
+ minOccurs="0"/>
+ <xsd:element name="SignerRole" type="SignerRoleType" minOccurs="0"/>
+ </xsd:sequence>
+</xsd:complexType>
+
+<!-- End SignedSignatureProperties-->
+
+
+<!-- Start SignedDataObjectProperties-->
+
+<xsd:element name="SignedDataObjectProperties"
+ type="SignedDataObjectPropertiesType"/>
+
+<xsd:complexType name="SignedDataObjectPropertiesType">
+ <xsd:sequence>
+ <xsd:element name="DataObjectFormat" type="DataObjectFormatType"
+ minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="CommitmentTypeIndication"
+ type="CommitmentTypeIndicationType" minOccurs="0"
+ maxOccurs="unbounded"/>
+ <xsd:element name="AllDataObjectsTimeStamp" type="TimeStampType"
+ minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="IndividualDataObjectsTimeStamp" type="TimeStampType"
+ minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+</xsd:complexType>
+
+<!-- End SignedDataObjectProperties-->
+
+
+<!-- Start UnsignedSignatureProperties-->
+
+<xsd:element name="UnsignedSignatureProperties"
+ type="UnsignedSignaturePropertiesType"/>
+
+<xsd:complexType name="UnsignedSignaturePropertiesType">
+ <xsd:sequence>
+ <xsd:element name="CounterSignature" type="CounterSignatureType"
+ minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="SignatureTimeStamp" type="TimeStampType"
+ minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="CompleteCertificateRefs"
+ type="CompleteCertificateRefsType" minOccurs="0"/>
+ <xsd:element name="CompleteRevocationRefs"
+ type="CompleteRevocationRefsType" minOccurs="0"/>
+ <xsd:element name="AttributeCertificateRefs"
+ type="CompleteCertificateRefsType" minOccurs="0"/>
+ <xsd:element name="AttributeRevocationRefs"
+ type="CompleteRevocationRefsType" minOccurs="0"/>
+ <xsd:choice>
+ <xsd:element name="SigAndRefsTimeStamp" type="TimeStampType"
+ minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="RefsOnlyTimeStamp" type="TimeStampType"
+ minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:choice>
+ <xsd:element name="CertificateValues"
+ type="CertificateValuesType" minOccurs="0"/>
+ <xsd:element name="RevocationValues" type="RevocationValuesType"
+ minOccurs="0"/>
+ <xsd:element name="ArchiveTimeStamp" type="TimeStampType"
+ minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+
+
+<!-- End UnsignedSignatureProperties-->
+
+
+<!-- Start UnsignedDataObjectProperties-->
+
+<xsd:element name="UnsignedDataObjectProperties"
+ type="UnsignedDataObjectPropertiesType" />
+
+<xsd:complexType name="UnsignedDataObjectPropertiesType">
+ <xsd:sequence>
+ <xsd:element name="UnsignedDataObjectProperty" type="AnyType"
+ minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+</xsd:complexType>
+
+<!-- End UnsignedDataObjectProperties-->
+
+<!-- Start QualifyingPropertiesReference-->
+
+<xsd:element name="QualifyingPropertiesReference"
+ type="QualifyingPropertiesReferenceType"/>
+
+<xsd:complexType name="QualifyingPropertiesReferenceType">
+ <xsd:sequence>
+ <xsd:element ref="ds:Transforms" minOccurs="0"/>
+ </xsd:sequence>
+ <xsd:attribute name="URI" type="xsd:anyURI" use="required"/>
+ <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
+</xsd:complexType>
+
+<!-- End QualifyingPropertiesReference-->
+
+<!-- End container types -->
+
+
+<!-- Start SigningTime element -->
+ <xsd:element name="SigningTime" type="xsd:dateTime"/>
+
+<!-- End SigningTime element -->
+
+<!-- Start SigningCertificate -->
+ <xsd:element name="SigningCertificate" type="CertIDListType"/>
+ <xsd:complexType name="CertIDListType">
+ <xsd:sequence>
+ <xsd:element name="Cert" type="CertIDType" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="CertIDType">
+ <xsd:sequence>
+ <xsd:element name="CertDigest" type="DigestAlgAndValueType"/>
+ <xsd:element name="IssuerSerial" type="ds:X509IssuerSerialType"/>
+ </xsd:sequence>
+ <xsd:attribute name="URI" type="xsd:anyURI" use="optional"/>
+ </xsd:complexType>
+ <xsd:complexType name="DigestAlgAndValueType">
+ <xsd:sequence>
+ <xsd:element ref="ds:DigestMethod"/>
+ <xsd:element ref="ds:DigestValue"/>
+ </xsd:sequence>
+ </xsd:complexType>
+
+<!-- End SigningCertificate -->
+
+<!-- Start SignaturePolicyIdentifier -->
+
+ <xsd:element name="SignaturePolicyIdentifier" type="SignaturePolicyIdentifierType"/>
+ <xsd:complexType name="SignaturePolicyIdentifierType">
+ <xsd:choice>
+ <xsd:element name="SignaturePolicyId" type="SignaturePolicyIdType"/>
+ <xsd:element name="SignaturePolicyImplied"/>
+ </xsd:choice>
+ </xsd:complexType>
+ <xsd:complexType name="SignaturePolicyIdType">
+ <xsd:sequence>
+ <xsd:element name="SigPolicyId" type="ObjectIdentifierType"/>
+ <xsd:element ref="ds:Transforms" minOccurs="0"/>
+ <xsd:element name="SigPolicyHash" type="DigestAlgAndValueType"/>
+ <xsd:element name="SigPolicyQualifiers" type="SigPolicyQualifiersListType" minOccurs="0"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="SigPolicyQualifiersListType">
+ <xsd:sequence>
+ <xsd:element name="SigPolicyQualifier" type="AnyType" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:element name="SPURI" type="xsd:anyURI"/>
+ <xsd:element name="SPUserNotice" type="SPUserNoticeType"/>
+ <xsd:complexType name="SPUserNoticeType">
+ <xsd:sequence>
+ <xsd:element name="NoticeRef" type="NoticeReferenceType" minOccurs="0"/>
+ <xsd:element name="ExplicitText" type="xsd:string" minOccurs="0"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="NoticeReferenceType">
+ <xsd:sequence>
+ <xsd:element name="Organization" type="xsd:string"/>
+ <xsd:element name="NoticeNumbers" type="IntegerListType"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="IntegerListType">
+ <xsd:sequence>
+ <xsd:element name="int" type="xsd:integer" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+
+<!-- End SignaturePolicyIdentifier -->
+
+
+<!-- Start CounterSignature -->
+ <xsd:element name="CounterSignature" type="CounterSignatureType"/>
+ <xsd:complexType name="CounterSignatureType">
+ <xsd:sequence>
+ <xsd:element ref="ds:Signature"/>
+ </xsd:sequence>
+ </xsd:complexType>
+
+<!-- End CounterSignature -->
+
+<!-- Start DataObjectFormat -->
+
+ <xsd:element name="DataObjectFormat" type="DataObjectFormatType"/>
+ <xsd:complexType name="DataObjectFormatType">
+ <xsd:sequence>
+ <xsd:element name="Description" type="xsd:string" minOccurs="0"/>
+ <xsd:element name="ObjectIdentifier" type="ObjectIdentifierType" minOccurs="0"/>
+ <xsd:element name="MimeType" type="xsd:string" minOccurs="0"/>
+ <xsd:element name="Encoding" type="xsd:anyURI" minOccurs="0"/>
+ </xsd:sequence>
+ <xsd:attribute name="ObjectReference" type="xsd:anyURI" use="required"/>
+ </xsd:complexType>
+
+<!-- End DataObjectFormat -->
+
+<!-- Start CommitmentTypeIndication -->
+
+ <xsd:element name="CommitmentTypeIndication" type="CommitmentTypeIndicationType"/>
+ <xsd:complexType name="CommitmentTypeIndicationType">
+ <xsd:sequence>
+ <xsd:element name="CommitmentTypeId" type="ObjectIdentifierType"/>
+ <xsd:choice>
+ <xsd:element name="ObjectReference" type="xsd:anyURI" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="AllSignedDataObjects"/>
+ </xsd:choice>
+ <xsd:element name="CommitmentTypeQualifiers" type="CommitmentTypeQualifiersListType" minOccurs="0"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="CommitmentTypeQualifiersListType">
+ <xsd:sequence>
+ <xsd:element name="CommitmentTypeQualifier" type="AnyType" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+
+<!-- End CommitmentTypeIndication -->
+
+<!-- Start SignatureProductionPlace -->
+
+ <xsd:element name="SignatureProductionPlace" type="SignatureProductionPlaceType"/>
+ <xsd:complexType name="SignatureProductionPlaceType">
+ <xsd:sequence>
+ <xsd:element name="City" type="xsd:string" minOccurs="0"/>
+ <xsd:element name="StateOrProvince" type="xsd:string" minOccurs="0"/>
+ <xsd:element name="PostalCode" type="xsd:string" minOccurs="0"/>
+ <xsd:element name="CountryName" type="xsd:string" minOccurs="0"/>
+ </xsd:sequence>
+ </xsd:complexType>
+
+<!-- End SignatureProductionPlace -->
+
+<!-- Start SignerRole -->
+
+<xsd:element name="SignerRole" type="SignerRoleType"/>
+<xsd:complexType name="SignerRoleType">
+ <xsd:sequence>
+ <xsd:element name="ClaimedRoles" type="ClaimedRolesListType"
+ minOccurs="0"/>
+ <xsd:element name="CertifiedRoles" type="CertifiedRolesListType"
+ minOccurs="0"/>
+ </xsd:sequence>
+</xsd:complexType>
+
+<xsd:complexType name="ClaimedRolesListType">
+ <xsd:sequence>
+ <xsd:element name="ClaimedRole" type="AnyType" maxOccurs="unbounded"/>
+ </xsd:sequence>
+</xsd:complexType>
+
+<xsd:complexType name="CertifiedRolesListType">
+ <xsd:sequence>
+ <xsd:element name="CertifiedRole" type="EncapsulatedPKIDataType"
+ maxOccurs="unbounded"/>
+ </xsd:sequence>
+</xsd:complexType>
+
+<!-- End SignerRole -->
+
+
+ <xsd:element name="AllDataObjectsTimeStamp" type="TimeStampType"/>
+
+ <xsd:element name="IndividualDataObjectsTimeStamp" type="TimeStampType"/>
+
+ <xsd:element name="SignatureTimeStamp" type="TimeStampType"/>
+
+<!-- Start CompleteCertificateRefs -->
+
+<xsd:element name="CompleteCertificateRefs" type="CompleteCertificateRefsType"/>
+
+<xsd:complexType name="CompleteCertificateRefsType">
+ <xsd:sequence>
+ <xsd:element name="CertRefs" type="CertIDListType" />
+ </xsd:sequence>
+ <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
+</xsd:complexType>
+
+<!-- End CompleteCertificateRefs -->
+
+
+<!-- Start CompleteRevocationRefs-->
+
+<xsd:element name="CompleteRevocationRefs" type="CompleteRevocationRefsType"/>
+
+<xsd:complexType name="CompleteRevocationRefsType">
+ <xsd:sequence>
+ <xsd:element name="CRLRefs" type="CRLRefsType" minOccurs="0"/>
+ <xsd:element name="OCSPRefs" type="OCSPRefsType" minOccurs="0"/>
+ <xsd:element name="OtherRefs" type="OtherCertStatusRefsType" minOccurs="0"/>
+ </xsd:sequence>
+ <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
+</xsd:complexType>
+
+<xsd:complexType name="CRLRefsType">
+ <xsd:sequence>
+ <xsd:element name="CRLRef" type="CRLRefType" maxOccurs="unbounded"/>
+ </xsd:sequence>
+</xsd:complexType>
+
+<xsd:complexType name="CRLRefType">
+ <xsd:sequence>
+ <xsd:element name="DigestAlgAndValue" type="DigestAlgAndValueType"/>
+ <xsd:element name="CRLIdentifier" type="CRLIdentifierType" minOccurs="0"/>
+ </xsd:sequence>
+</xsd:complexType>
+
+<xsd:complexType name="CRLIdentifierType">
+ <xsd:sequence>
+ <xsd:element name="Issuer" type="xsd:string"/>
+ <xsd:element name="IssueTime" type="xsd:dateTime" />
+ <xsd:element name="Number" type="xsd:integer" minOccurs="0"/>
+ </xsd:sequence>
+ <xsd:attribute name="URI" type="xsd:anyURI" use="optional"/>
+</xsd:complexType>
+
+<xsd:complexType name="OCSPRefsType">
+ <xsd:sequence>
+ <xsd:element name="OCSPRef" type="OCSPRefType" maxOccurs="unbounded"/>
+ </xsd:sequence>
+</xsd:complexType>
+
+<xsd:complexType name="OCSPRefType">
+ <xsd:sequence>
+ <xsd:element name="OCSPIdentifier" type="OCSPIdentifierType"/>
+ <xsd:element name="DigestAlgAndValue" type="DigestAlgAndValueType"
+ minOccurs="0"/>
+ </xsd:sequence>
+</xsd:complexType>
+
+<xsd:complexType name="OCSPIdentifierType">
+ <xsd:sequence>
+ <xsd:element name="ResponderID" type="xsd:string"/>
+ <xsd:element name="ProducedAt" type="xsd:dateTime"/>
+ </xsd:sequence>
+ <xsd:attribute name="URI" type="xsd:anyURI" use="optional"/>
+</xsd:complexType>
+
+<xsd:complexType name="OtherCertStatusRefsType">
+ <xsd:sequence>
+ <xsd:element name="OtherRef" type="AnyType" maxOccurs="unbounded"/>
+ </xsd:sequence>
+</xsd:complexType>
+
+<!-- End CompleteRevocationRefs-->
+
+
+<xsd:element name="SigAndRefsTimeStamp" type="TimeStampType"/>
+
+<xsd:element name="RefsOnlyTimeStamp" type="TimeStampType"/>
+
+<!-- Start CertificateValues -->
+
+<xsd:element name="CertificateValues" type="CertificateValuesType"/>
+
+<xsd:complexType name="CertificateValuesType">
+ <xsd:choice minOccurs="0" maxOccurs="unbounded">
+ <xsd:element name="EncapsulatedX509Certificate" type="EncapsulatedPKIDataType"/>
+ <xsd:element name="OtherCertificate" type="AnyType"/>
+ </xsd:choice>
+ <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
+</xsd:complexType>
+
+<!-- End CertificateValues -->
+
+<!-- Start RevocationValues-->
+
+<xsd:element name="RevocationValues" type="RevocationValuesType"/>
+
+<xsd:complexType name="RevocationValuesType">
+ <xsd:sequence>
+ <xsd:element name="CRLValues" type="CRLValuesType" minOccurs="0"/>
+ <xsd:element name="OCSPValues" type="OCSPValuesType" minOccurs="0"/>
+ <xsd:element name="OtherValues" type="OtherCertStatusValuesType" minOccurs="0"/>
+ </xsd:sequence>
+ <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
+</xsd:complexType>
+
+<xsd:complexType name="CRLValuesType">
+ <xsd:sequence>
+ <xsd:element name="EncapsulatedCRLValue" type="EncapsulatedPKIDataType"
+ maxOccurs="unbounded"/>
+ </xsd:sequence>
+</xsd:complexType>
+
+<xsd:complexType name="OCSPValuesType">
+ <xsd:sequence>
+ <xsd:element name="EncapsulatedOCSPValue"
+ type="EncapsulatedPKIDataType" maxOccurs="unbounded"/>
+ </xsd:sequence>
+</xsd:complexType>
+<xsd:complexType name="OtherCertStatusValuesType">
+ <xsd:sequence>
+ <xsd:element name="OtherValue" type="AnyType" maxOccurs="unbounded"/>
+ </xsd:sequence>
+</xsd:complexType>
+
+<!-- End RevocationValues-->
+
+<xsd:element name="ArchiveTimeStamp" type="TimeStampType"/>
+
+
+</xsd:schema>
diff --git a/common/src/main/resources/resources/schemas/XAdES-1.3.2.xsd b/common/src/main/resources/resources/schemas/XAdES-1.3.2.xsd new file mode 100644 index 000000000..d0ce075de --- /dev/null +++ b/common/src/main/resources/resources/schemas/XAdES-1.3.2.xsd @@ -0,0 +1,466 @@ +<?xml version="1.0" encoding="UTF-8"?>
+<xsd:schema targetNamespace="http://uri.etsi.org/01903/v1.3.2#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://uri.etsi.org/01903/v1.3.2#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" elementFormDefault="qualified">
+ <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd"/>
+ <!-- Start auxiliary types definitions: AnyType, ObjectIdentifierType,
+EncapsulatedPKIDataType and containers for time-stamp tokens -->
+ <!-- Start AnyType -->
+ <xsd:element name="Any" type="AnyType"/>
+ <xsd:complexType name="AnyType" mixed="true">
+ <xsd:sequence minOccurs="0" maxOccurs="unbounded">
+ <xsd:any namespace="##any" processContents="lax"/>
+ </xsd:sequence>
+ <xsd:anyAttribute namespace="##any"/>
+ </xsd:complexType>
+ <!-- End AnyType -->
+ <!-- Start ObjectIdentifierType-->
+ <xsd:element name="ObjectIdentifier" type="ObjectIdentifierType"/>
+ <xsd:complexType name="ObjectIdentifierType">
+ <xsd:sequence>
+ <xsd:element name="Identifier" type="IdentifierType"/>
+ <xsd:element name="Description" type="xsd:string" minOccurs="0"/>
+ <xsd:element name="DocumentationReferences" type="DocumentationReferencesType" minOccurs="0"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="IdentifierType">
+ <xsd:simpleContent>
+ <xsd:extension base="xsd:anyURI">
+ <xsd:attribute name="Qualifier" type="QualifierType" use="optional"/>
+ </xsd:extension>
+ </xsd:simpleContent>
+ </xsd:complexType>
+ <xsd:simpleType name="QualifierType">
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="OIDAsURI"/>
+ <xsd:enumeration value="OIDAsURN"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ <xsd:complexType name="DocumentationReferencesType">
+ <xsd:sequence maxOccurs="unbounded">
+ <xsd:element name="DocumentationReference" type="xsd:anyURI"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!-- End ObjectIdentifierType-->
+ <!-- Start EncapsulatedPKIDataType-->
+ <xsd:element name="EncapsulatedPKIData" type="EncapsulatedPKIDataType"/>
+ <xsd:complexType name="EncapsulatedPKIDataType">
+ <xsd:simpleContent>
+ <xsd:extension base="xsd:base64Binary">
+ <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
+ <xsd:attribute name="Encoding" type="xsd:anyURI" use="optional"/>
+ </xsd:extension>
+ </xsd:simpleContent>
+ </xsd:complexType>
+ <!-- End EncapsulatedPKIDataType -->
+ <!-- Start time-stamp containers types -->
+ <!-- Start GenericTimeStampType -->
+ <xsd:element name="Include" type="IncludeType"/>
+ <xsd:complexType name="IncludeType">
+ <xsd:attribute name="URI" type="xsd:anyURI" use="required"/>
+ <xsd:attribute name="referencedData" type="xsd:boolean" use="optional"/>
+ </xsd:complexType>
+ <xsd:element name="ReferenceInfo" type="ReferenceInfoType"/>
+ <xsd:complexType name="ReferenceInfoType">
+ <xsd:sequence>
+ <xsd:element ref="ds:DigestMethod"/>
+ <xsd:element ref="ds:DigestValue"/>
+ </xsd:sequence>
+ <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
+ <xsd:attribute name="URI" type="xsd:anyURI" use="optional"/>
+ </xsd:complexType>
+ <xsd:complexType name="GenericTimeStampType" abstract="true">
+ <xsd:sequence>
+ <xsd:choice minOccurs="0">
+ <xsd:element ref="Include" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element ref="ReferenceInfo" maxOccurs="unbounded"/>
+ </xsd:choice>
+ <xsd:element ref="ds:CanonicalizationMethod" minOccurs="0"/>
+ <xsd:choice maxOccurs="unbounded">
+ <xsd:element name="EncapsulatedTimeStamp" type="EncapsulatedPKIDataType"/>
+ <xsd:element name="XMLTimeStamp" type="AnyType"/>
+ </xsd:choice>
+ </xsd:sequence>
+ <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
+ </xsd:complexType>
+ <!-- End GenericTimeStampType -->
+ <!-- Start XAdESTimeStampType -->
+ <xsd:element name="XAdESTimeStamp" type="XAdESTimeStampType"/>
+ <xsd:complexType name="XAdESTimeStampType">
+ <xsd:complexContent>
+ <xsd:restriction base="GenericTimeStampType">
+ <xsd:sequence>
+ <xsd:element ref="Include" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element ref="ds:CanonicalizationMethod" minOccurs="0"/>
+ <xsd:choice maxOccurs="unbounded">
+ <xsd:element name="EncapsulatedTimeStamp" type="EncapsulatedPKIDataType"/>
+ <xsd:element name="XMLTimeStamp" type="AnyType"/>
+ </xsd:choice>
+ </xsd:sequence>
+ <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
+ </xsd:restriction>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <!-- End XAdESTimeStampType -->
+ <!-- Start OtherTimeStampType -->
+ <xsd:element name="OtherTimeStamp" type="OtherTimeStampType"/>
+ <xsd:complexType name="OtherTimeStampType">
+ <xsd:complexContent>
+ <xsd:restriction base="GenericTimeStampType">
+ <xsd:sequence>
+ <xsd:element ref="ReferenceInfo" maxOccurs="unbounded"/>
+ <xsd:element ref="ds:CanonicalizationMethod" minOccurs="0"/>
+ <xsd:choice>
+ <xsd:element name="EncapsulatedTimeStamp" type="EncapsulatedPKIDataType"/>
+ <xsd:element name="XMLTimeStamp" type="AnyType"/>
+ </xsd:choice>
+ </xsd:sequence>
+ <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
+ </xsd:restriction>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <!-- End OtherTimeStampType -->
+ <!-- End time-stamp containers types -->
+ <!-- End auxiliary types definitions-->
+ <!-- Start container types -->
+ <!-- Start QualifyingProperties -->
+ <xsd:element name="QualifyingProperties" type="QualifyingPropertiesType"/>
+ <xsd:complexType name="QualifyingPropertiesType">
+ <xsd:sequence>
+ <xsd:element name="SignedProperties" type="SignedPropertiesType" minOccurs="0"/>
+ <xsd:element name="UnsignedProperties" type="UnsignedPropertiesType" minOccurs="0"/>
+ </xsd:sequence>
+ <xsd:attribute name="Target" type="xsd:anyURI" use="required"/>
+ <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
+ </xsd:complexType>
+ <!-- End QualifyingProperties -->
+ <!-- Start SignedProperties-->
+ <xsd:element name="SignedProperties" type="SignedPropertiesType"/>
+ <xsd:complexType name="SignedPropertiesType">
+ <xsd:sequence>
+ <xsd:element name="SignedSignatureProperties" type="SignedSignaturePropertiesType" minOccurs="0"/>
+ <xsd:element name="SignedDataObjectProperties" type="SignedDataObjectPropertiesType" minOccurs="0"/>
+ </xsd:sequence>
+ <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
+ </xsd:complexType>
+ <!-- End SignedProperties-->
+ <!-- Start UnsignedProperties-->
+ <xsd:element name="UnsignedProperties" type="UnsignedPropertiesType"/>
+ <xsd:complexType name="UnsignedPropertiesType">
+ <xsd:sequence>
+ <xsd:element name="UnsignedSignatureProperties" type="UnsignedSignaturePropertiesType" minOccurs="0"/>
+ <xsd:element name="UnsignedDataObjectProperties" type="UnsignedDataObjectPropertiesType" minOccurs="0"/>
+ </xsd:sequence>
+ <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
+ </xsd:complexType>
+ <!-- End UnsignedProperties-->
+ <!-- Start SignedSignatureProperties-->
+ <xsd:element name="SignedSignatureProperties" type="SignedSignaturePropertiesType"/>
+ <xsd:complexType name="SignedSignaturePropertiesType">
+ <xsd:sequence>
+ <xsd:element name="SigningTime" type="xsd:dateTime" minOccurs="0"/>
+ <xsd:element name="SigningCertificate" type="CertIDListType" minOccurs="0"/>
+ <xsd:element name="SignaturePolicyIdentifier" type="SignaturePolicyIdentifierType" minOccurs="0"/>
+ <xsd:element name="SignatureProductionPlace" type="SignatureProductionPlaceType" minOccurs="0"/>
+ <xsd:element name="SignerRole" type="SignerRoleType" minOccurs="0"/>
+ </xsd:sequence>
+ <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
+ </xsd:complexType>
+ <!-- End SignedSignatureProperties-->
+ <!-- Start SignedDataObjectProperties-->
+ <xsd:element name="SignedDataObjectProperties" type="SignedDataObjectPropertiesType"/>
+ <xsd:complexType name="SignedDataObjectPropertiesType">
+ <xsd:sequence>
+ <xsd:element name="DataObjectFormat" type="DataObjectFormatType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="CommitmentTypeIndication" type="CommitmentTypeIndicationType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="AllDataObjectsTimeStamp" type="XAdESTimeStampType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="IndividualDataObjectsTimeStamp" type="XAdESTimeStampType" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
+ </xsd:complexType>
+ <!-- End SignedDataObjectProperties-->
+ <!-- Start UnsignedSignatureProperties-->
+ <xsd:element name="UnsignedSignatureProperties" type="UnsignedSignaturePropertiesType"/>
+ <xsd:complexType name="UnsignedSignaturePropertiesType">
+ <xsd:choice maxOccurs="unbounded">
+ <xsd:element name="CounterSignature" type="CounterSignatureType"/>
+ <xsd:element name="SignatureTimeStamp" type="XAdESTimeStampType"/>
+ <xsd:element name="CompleteCertificateRefs" type="CompleteCertificateRefsType"/>
+ <xsd:element name="CompleteRevocationRefs" type="CompleteRevocationRefsType"/>
+ <xsd:element name="AttributeCertificateRefs" type="CompleteCertificateRefsType"/>
+ <xsd:element name="AttributeRevocationRefs" type="CompleteRevocationRefsType"/>
+ <xsd:element name="SigAndRefsTimeStamp" type="XAdESTimeStampType"/>
+ <xsd:element name="RefsOnlyTimeStamp" type="XAdESTimeStampType"/>
+ <xsd:element name="CertificateValues" type="CertificateValuesType"/>
+ <xsd:element name="RevocationValues" type="RevocationValuesType"/>
+ <xsd:element name="AttrAuthoritiesCertValues" type="CertificateValuesType"/>
+ <xsd:element name="AttributeRevocationValues" type="RevocationValuesType"/>
+ <xsd:element name="ArchiveTimeStamp" type="XAdESTimeStampType"/>
+ <xsd:any namespace="##other"/>
+ </xsd:choice>
+ <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
+ </xsd:complexType>
+ <!-- End UnsignedSignatureProperties-->
+ <!-- Start UnsignedDataObjectProperties-->
+ <xsd:element name="UnsignedDataObjectProperties" type="UnsignedDataObjectPropertiesType"/>
+ <xsd:complexType name="UnsignedDataObjectPropertiesType">
+ <xsd:sequence>
+ <xsd:element name="UnsignedDataObjectProperty" type="AnyType" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
+ </xsd:complexType>
+ <!-- End UnsignedDataObjectProperties-->
+ <!-- Start QualifyingPropertiesReference-->
+ <xsd:element name="QualifyingPropertiesReference" type="QualifyingPropertiesReferenceType"/>
+ <xsd:complexType name="QualifyingPropertiesReferenceType">
+ <xsd:attribute name="URI" type="xsd:anyURI" use="required"/>
+ <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
+ </xsd:complexType>
+ <!-- End QualifyingPropertiesReference-->
+ <!-- End container types -->
+ <!-- Start SigningTime element -->
+ <xsd:element name="SigningTime" type="xsd:dateTime"/>
+ <!-- End SigningTime element -->
+ <!-- Start SigningCertificate -->
+ <xsd:element name="SigningCertificate" type="CertIDListType"/>
+ <xsd:complexType name="CertIDListType">
+ <xsd:sequence>
+ <xsd:element name="Cert" type="CertIDType" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="CertIDType">
+ <xsd:sequence>
+ <xsd:element name="CertDigest" type="DigestAlgAndValueType"/>
+ <xsd:element name="IssuerSerial" type="ds:X509IssuerSerialType"/>
+ </xsd:sequence>
+ <xsd:attribute name="URI" type="xsd:anyURI" use="optional"/>
+ </xsd:complexType>
+ <xsd:complexType name="DigestAlgAndValueType">
+ <xsd:sequence>
+ <xsd:element ref="ds:DigestMethod"/>
+ <xsd:element ref="ds:DigestValue"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!-- End SigningCertificate -->
+ <!-- Start SignaturePolicyIdentifier -->
+ <xsd:element name="SignaturePolicyIdentifier" type="SignaturePolicyIdentifierType"/>
+ <xsd:complexType name="SignaturePolicyIdentifierType">
+ <xsd:choice>
+ <xsd:element name="SignaturePolicyId" type="SignaturePolicyIdType"/>
+ <xsd:element name="SignaturePolicyImplied"/>
+ </xsd:choice>
+ </xsd:complexType>
+ <xsd:complexType name="SignaturePolicyIdType">
+ <xsd:sequence>
+ <xsd:element name="SigPolicyId" type="ObjectIdentifierType"/>
+ <xsd:element ref="ds:Transforms" minOccurs="0"/>
+ <xsd:element name="SigPolicyHash" type="DigestAlgAndValueType"/>
+ <xsd:element name="SigPolicyQualifiers" type="SigPolicyQualifiersListType" minOccurs="0"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="SigPolicyQualifiersListType">
+ <xsd:sequence>
+ <xsd:element name="SigPolicyQualifier" type="AnyType" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:element name="SPURI" type="xsd:anyURI"/>
+ <xsd:element name="SPUserNotice" type="SPUserNoticeType"/>
+ <xsd:complexType name="SPUserNoticeType">
+ <xsd:sequence>
+ <xsd:element name="NoticeRef" type="NoticeReferenceType" minOccurs="0"/>
+ <xsd:element name="ExplicitText" type="xsd:string" minOccurs="0"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="NoticeReferenceType">
+ <xsd:sequence>
+ <xsd:element name="Organization" type="xsd:string"/>
+ <xsd:element name="NoticeNumbers" type="IntegerListType"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="IntegerListType">
+ <xsd:sequence>
+ <xsd:element name="int" type="xsd:integer" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!-- End SignaturePolicyIdentifier -->
+ <!-- Start CounterSignature -->
+ <xsd:element name="CounterSignature" type="CounterSignatureType"/>
+ <xsd:complexType name="CounterSignatureType">
+ <xsd:sequence>
+ <xsd:element ref="ds:Signature"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!-- End CounterSignature -->
+ <!-- Start DataObjectFormat -->
+ <xsd:element name="DataObjectFormat" type="DataObjectFormatType"/>
+ <xsd:complexType name="DataObjectFormatType">
+ <xsd:sequence>
+ <xsd:element name="Description" type="xsd:string" minOccurs="0"/>
+ <xsd:element name="ObjectIdentifier" type="ObjectIdentifierType" minOccurs="0"/>
+ <xsd:element name="MimeType" type="xsd:string" minOccurs="0"/>
+ <xsd:element name="Encoding" type="xsd:anyURI" minOccurs="0"/>
+ </xsd:sequence>
+ <xsd:attribute name="ObjectReference" type="xsd:anyURI" use="required"/>
+ </xsd:complexType>
+ <!-- End DataObjectFormat -->
+ <!-- Start CommitmentTypeIndication -->
+ <xsd:element name="CommitmentTypeIndication" type="CommitmentTypeIndicationType"/>
+ <xsd:complexType name="CommitmentTypeIndicationType">
+ <xsd:sequence>
+ <xsd:element name="CommitmentTypeId" type="ObjectIdentifierType"/>
+ <xsd:choice>
+ <xsd:element name="ObjectReference" type="xsd:anyURI" maxOccurs="unbounded"/>
+ <xsd:element name="AllSignedDataObjects"/>
+ </xsd:choice>
+ <xsd:element name="CommitmentTypeQualifiers" type="CommitmentTypeQualifiersListType" minOccurs="0"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="CommitmentTypeQualifiersListType">
+ <xsd:sequence>
+ <xsd:element name="CommitmentTypeQualifier" type="AnyType" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!-- End CommitmentTypeIndication -->
+ <!-- Start SignatureProductionPlace -->
+ <xsd:element name="SignatureProductionPlace" type="SignatureProductionPlaceType"/>
+ <xsd:complexType name="SignatureProductionPlaceType">
+ <xsd:sequence>
+ <xsd:element name="City" type="xsd:string" minOccurs="0"/>
+ <xsd:element name="StateOrProvince" type="xsd:string" minOccurs="0"/>
+ <xsd:element name="PostalCode" type="xsd:string" minOccurs="0"/>
+ <xsd:element name="CountryName" type="xsd:string" minOccurs="0"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!-- End SignatureProductionPlace -->
+ <!-- Start SignerRole -->
+ <xsd:element name="SignerRole" type="SignerRoleType"/>
+ <xsd:complexType name="SignerRoleType">
+ <xsd:sequence>
+ <xsd:element name="ClaimedRoles" type="ClaimedRolesListType" minOccurs="0"/>
+ <xsd:element name="CertifiedRoles" type="CertifiedRolesListType" minOccurs="0"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="ClaimedRolesListType">
+ <xsd:sequence>
+ <xsd:element name="ClaimedRole" type="AnyType" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="CertifiedRolesListType">
+ <xsd:sequence>
+ <xsd:element name="CertifiedRole" type="EncapsulatedPKIDataType" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!-- End SignerRole -->
+ <xsd:element name="AllDataObjectsTimeStamp" type="XAdESTimeStampType"/>
+ <xsd:element name="IndividualDataObjectsTimeStamp" type="XAdESTimeStampType"/>
+ <xsd:element name="SignatureTimeStamp" type="XAdESTimeStampType"/>
+ <!-- Start CompleteCertificateRefs -->
+ <xsd:element name="CompleteCertificateRefs" type="CompleteCertificateRefsType"/>
+ <xsd:complexType name="CompleteCertificateRefsType">
+ <xsd:sequence>
+ <xsd:element name="CertRefs" type="CertIDListType"/>
+ </xsd:sequence>
+ <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
+ </xsd:complexType>
+ <!-- End CompleteCertificateRefs -->
+ <!-- Start CompleteRevocationRefs-->
+ <xsd:element name="CompleteRevocationRefs" type="CompleteRevocationRefsType"/>
+ <xsd:complexType name="CompleteRevocationRefsType">
+ <xsd:sequence>
+ <xsd:element name="CRLRefs" type="CRLRefsType" minOccurs="0"/>
+ <xsd:element name="OCSPRefs" type="OCSPRefsType" minOccurs="0"/>
+ <xsd:element name="OtherRefs" type="OtherCertStatusRefsType" minOccurs="0"/>
+ </xsd:sequence>
+ <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
+ </xsd:complexType>
+ <xsd:complexType name="CRLRefsType">
+ <xsd:sequence>
+ <xsd:element name="CRLRef" type="CRLRefType" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="CRLRefType">
+ <xsd:sequence>
+ <xsd:element name="DigestAlgAndValue" type="DigestAlgAndValueType"/>
+ <xsd:element name="CRLIdentifier" type="CRLIdentifierType" minOccurs="0"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="CRLIdentifierType">
+ <xsd:sequence>
+ <xsd:element name="Issuer" type="xsd:string"/>
+ <xsd:element name="IssueTime" type="xsd:dateTime"/>
+ <xsd:element name="Number" type="xsd:integer" minOccurs="0"/>
+ </xsd:sequence>
+ <xsd:attribute name="URI" type="xsd:anyURI" use="optional"/>
+ </xsd:complexType>
+ <xsd:complexType name="OCSPRefsType">
+ <xsd:sequence>
+ <xsd:element name="OCSPRef" type="OCSPRefType" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="OCSPRefType">
+ <xsd:sequence>
+ <xsd:element name="OCSPIdentifier" type="OCSPIdentifierType"/>
+ <xsd:element name="DigestAlgAndValue" type="DigestAlgAndValueType" minOccurs="0"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="ResponderIDType">
+ <xsd:choice>
+ <xsd:element name="ByName" type="xsd:string"/>
+ <xsd:element name="ByKey" type="xsd:base64Binary"/>
+ </xsd:choice>
+ </xsd:complexType>
+ <xsd:complexType name="OCSPIdentifierType">
+ <xsd:sequence>
+ <xsd:element name="ResponderID" type="ResponderIDType"/>
+ <xsd:element name="ProducedAt" type="xsd:dateTime"/>
+ </xsd:sequence>
+ <xsd:attribute name="URI" type="xsd:anyURI" use="optional"/>
+ </xsd:complexType>
+ <xsd:complexType name="OtherCertStatusRefsType">
+ <xsd:sequence>
+ <xsd:element name="OtherRef" type="AnyType" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!-- End CompleteRevocationRefs-->
+ <xsd:element name="AttributeCertificateRefs" type="CompleteCertificateRefsType"/>
+ <xsd:element name="AttributeRevocationRefs" type="CompleteRevocationRefsType"/>
+ <xsd:element name="SigAndRefsTimeStamp" type="XAdESTimeStampType"/>
+ <xsd:element name="RefsOnlyTimeStamp" type="XAdESTimeStampType"/>
+ <!-- Start CertificateValues -->
+ <xsd:element name="CertificateValues" type="CertificateValuesType"/>
+ <xsd:complexType name="CertificateValuesType">
+ <xsd:choice minOccurs="0" maxOccurs="unbounded">
+ <xsd:element name="EncapsulatedX509Certificate" type="EncapsulatedPKIDataType"/>
+ <xsd:element name="OtherCertificate" type="AnyType"/>
+ </xsd:choice>
+ <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
+ </xsd:complexType>
+ <!-- End CertificateValues -->
+ <!-- Start RevocationValues-->
+ <xsd:element name="RevocationValues" type="RevocationValuesType"/>
+ <xsd:complexType name="RevocationValuesType">
+ <xsd:sequence>
+ <xsd:element name="CRLValues" type="CRLValuesType" minOccurs="0"/>
+ <xsd:element name="OCSPValues" type="OCSPValuesType" minOccurs="0"/>
+ <xsd:element name="OtherValues" type="OtherCertStatusValuesType" minOccurs="0"/>
+ </xsd:sequence>
+ <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
+ </xsd:complexType>
+ <xsd:complexType name="CRLValuesType">
+ <xsd:sequence>
+ <xsd:element name="EncapsulatedCRLValue" type="EncapsulatedPKIDataType" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="OCSPValuesType">
+ <xsd:sequence>
+ <xsd:element name="EncapsulatedOCSPValue" type="EncapsulatedPKIDataType" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="OtherCertStatusValuesType">
+ <xsd:sequence>
+ <xsd:element name="OtherValue" type="AnyType" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!-- End RevocationValues-->
+ <xsd:element name="AttrAuthoritiesCertValues" type="CertificateValuesType"/>
+ <xsd:element name="AttributeRevocationValues" type="RevocationValuesType"/>
+ <xsd:element name="ArchiveTimeStamp" type="XAdESTimeStampType"/>
+</xsd:schema>
diff --git a/common/src/main/resources/resources/schemas/XAdES-1.4.1.xsd b/common/src/main/resources/resources/schemas/XAdES-1.4.1.xsd new file mode 100644 index 000000000..383fcbdec --- /dev/null +++ b/common/src/main/resources/resources/schemas/XAdES-1.4.1.xsd @@ -0,0 +1,15 @@ +<?xml version="1.0" encoding="UTF-8"?>
+<xsd:schema targetNamespace="http://uri.etsi.org/01903/v1.4.1#" xmlns="http://uri.etsi.org/01903/v1.4.1#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xades="http://uri.etsi.org/01903/v1.3.2#" elementFormDefault="qualified">
+ <xsd:import namespace="http://uri.etsi.org/01903/v1.3.2#" schemaLocation="XAdES-1.3.2.xsd"/>
+ <!-- Start CertificateValues -->
+ <xsd:element name="TimeStampValidationData" type="ValidationDataType"/>
+ <xsd:complexType name="ValidationDataType">
+ <xsd:sequence>
+ <xsd:element ref="xades:CertificateValues" minOccurs="0" />
+ <xsd:element ref="xades:RevocationValues" minOccurs="0" />
+ </xsd:sequence>
+ <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
+ <xsd:attribute name="UR" type="xsd:anyURI" use="optional"/>
+ </xsd:complexType>
+ <xsd:element name="ArchiveTimeStampV2" type="xades:XAdESTimeStampType"/>
+</xsd:schema>
diff --git a/common/src/main/resources/resources/schemas/XMLSchema-instance.xsd b/common/src/main/resources/resources/schemas/XMLSchema-instance.xsd new file mode 100644 index 000000000..f47577b8a --- /dev/null +++ b/common/src/main/resources/resources/schemas/XMLSchema-instance.xsd @@ -0,0 +1,37 @@ +<?xml version='1.0'?> +<!DOCTYPE xs:schema SYSTEM "XMLSchema.dtd" [ +<!ELEMENT p ANY> +<!ELEMENT a ANY> +<!ATTLIST a href CDATA #IMPLIED> +<!ELEMENT hr ANY> +<!ELEMENT h1 ANY> +<!ELEMENT br ANY> +]> +<xs:schema targetNamespace="http://www.w3.org/2001/XMLSchema-instance" + xmlns:xs="http://www.w3.org/2001/XMLSchema" + xmlns="http://www.w3.org/1999/xhtml"> + <xs:annotation> + <xs:documentation> + <h1>XML Schema instance namespace</h1> + <p>See <a href="http://www.w3.org/TR/xmlschema-1/">the XML Schema + Recommendation</a> for an introduction</p> + + + <hr /> + $Date: 2001/03/16 20:25:57 $<br /> + $Id: XMLSchema-instance.xsd,v 1.4 2001/03/16 20:25:57 ht Exp $ + </xs:documentation> + </xs:annotation> + <xs:annotation> + <xs:documentation><p>This schema should never be used as such: + <a href="http://www.w3.org/TR/xmlschema-1/#no-xsi">the XML + Schema Recommendation</a> forbids the declaration of + attributes in this namespace</p> + </xs:documentation> + </xs:annotation> + + <xs:attribute name="nil"/> + <xs:attribute name="type"/> + <xs:attribute name="schemaLocation"/> + <xs:attribute name="noNamespaceSchemaLocation"/> +</xs:schema> diff --git a/common/src/main/resources/resources/schemas/XMLSchema.dtd b/common/src/main/resources/resources/schemas/XMLSchema.dtd new file mode 100644 index 000000000..e8e8f7625 --- /dev/null +++ b/common/src/main/resources/resources/schemas/XMLSchema.dtd @@ -0,0 +1,402 @@ +<!-- DTD for XML Schemas: Part 1: Structures + Public Identifier: "-//W3C//DTD XMLSCHEMA 200102//EN" + Official Location: http://www.w3.org/2001/XMLSchema.dtd --> +<!-- $Id: XMLSchema.dtd,v 1.31 2001/10/24 15:50:16 ht Exp $ --> +<!-- Note this DTD is NOT normative, or even definitive. --> <!--d--> +<!-- prose copy in the structures REC is the definitive version --> <!--d--> +<!-- (which shouldn't differ from this one except for this --> <!--d--> +<!-- comment and entity expansions, but just in case) --> <!--d--> +<!-- With the exception of cases with multiple namespace + prefixes for the XML Schema namespace, any XML document which is + not valid per this DTD given redefinitions in its internal subset of the + 'p' and 's' parameter entities below appropriate to its namespace + declaration of the XML Schema namespace is almost certainly not + a valid schema. --> + +<!-- The simpleType element and its constituent parts + are defined in XML Schema: Part 2: Datatypes --> +<!ENTITY % xs-datatypes PUBLIC 'datatypes' 'datatypes.dtd' > + +<!ENTITY % p 'xs:'> <!-- can be overriden in the internal subset of a + schema document to establish a different + namespace prefix --> +<!ENTITY % s ':xs'> <!-- if %p is defined (e.g. as foo:) then you must + also define %s as the suffix for the appropriate + namespace declaration (e.g. :foo) --> +<!ENTITY % nds 'xmlns%s;'> + +<!-- Define all the element names, with optional prefix --> +<!ENTITY % schema "%p;schema"> +<!ENTITY % complexType "%p;complexType"> +<!ENTITY % complexContent "%p;complexContent"> +<!ENTITY % simpleContent "%p;simpleContent"> +<!ENTITY % extension "%p;extension"> +<!ENTITY % element "%p;element"> +<!ENTITY % unique "%p;unique"> +<!ENTITY % key "%p;key"> +<!ENTITY % keyref "%p;keyref"> +<!ENTITY % selector "%p;selector"> +<!ENTITY % field "%p;field"> +<!ENTITY % group "%p;group"> +<!ENTITY % all "%p;all"> +<!ENTITY % choice "%p;choice"> +<!ENTITY % sequence "%p;sequence"> +<!ENTITY % any "%p;any"> +<!ENTITY % anyAttribute "%p;anyAttribute"> +<!ENTITY % attribute "%p;attribute"> +<!ENTITY % attributeGroup "%p;attributeGroup"> +<!ENTITY % include "%p;include"> +<!ENTITY % import "%p;import"> +<!ENTITY % redefine "%p;redefine"> +<!ENTITY % notation "%p;notation"> + +<!-- annotation elements --> +<!ENTITY % annotation "%p;annotation"> +<!ENTITY % appinfo "%p;appinfo"> +<!ENTITY % documentation "%p;documentation"> + +<!-- Customisation entities for the ATTLIST of each element type. + Define one of these if your schema takes advantage of the + anyAttribute='##other' in the schema for schemas --> + +<!ENTITY % schemaAttrs ''> +<!ENTITY % complexTypeAttrs ''> +<!ENTITY % complexContentAttrs ''> +<!ENTITY % simpleContentAttrs ''> +<!ENTITY % extensionAttrs ''> +<!ENTITY % elementAttrs ''> +<!ENTITY % groupAttrs ''> +<!ENTITY % allAttrs ''> +<!ENTITY % choiceAttrs ''> +<!ENTITY % sequenceAttrs ''> +<!ENTITY % anyAttrs ''> +<!ENTITY % anyAttributeAttrs ''> +<!ENTITY % attributeAttrs ''> +<!ENTITY % attributeGroupAttrs ''> +<!ENTITY % uniqueAttrs ''> +<!ENTITY % keyAttrs ''> +<!ENTITY % keyrefAttrs ''> +<!ENTITY % selectorAttrs ''> +<!ENTITY % fieldAttrs ''> +<!ENTITY % includeAttrs ''> +<!ENTITY % importAttrs ''> +<!ENTITY % redefineAttrs ''> +<!ENTITY % notationAttrs ''> +<!ENTITY % annotationAttrs ''> +<!ENTITY % appinfoAttrs ''> +<!ENTITY % documentationAttrs ''> + +<!ENTITY % complexDerivationSet "CDATA"> + <!-- #all or space-separated list drawn from derivationChoice --> +<!ENTITY % blockSet "CDATA"> + <!-- #all or space-separated list drawn from + derivationChoice + 'substitution' --> + +<!ENTITY % mgs '%all; | %choice; | %sequence;'> +<!ENTITY % cs '%choice; | %sequence;'> +<!ENTITY % formValues '(qualified|unqualified)'> + + +<!ENTITY % attrDecls '((%attribute;| %attributeGroup;)*,(%anyAttribute;)?)'> + +<!ENTITY % particleAndAttrs '((%mgs; | %group;)?, %attrDecls;)'> + +<!-- This is used in part2 --> +<!ENTITY % restriction1 '((%mgs; | %group;)?)'> + +%xs-datatypes; + +<!-- the duplication below is to produce an unambiguous content model + which allows annotation everywhere --> +<!ELEMENT %schema; ((%include; | %import; | %redefine; | %annotation;)*, + ((%simpleType; | %complexType; + | %element; | %attribute; + | %attributeGroup; | %group; + | %notation; ), + (%annotation;)*)* )> +<!ATTLIST %schema; + targetNamespace %URIref; #IMPLIED + version CDATA #IMPLIED + %nds; %URIref; #FIXED 'http://www.w3.org/2001/XMLSchema' + xmlns CDATA #IMPLIED + finalDefault %complexDerivationSet; '' + blockDefault %blockSet; '' + id ID #IMPLIED + elementFormDefault %formValues; 'unqualified' + attributeFormDefault %formValues; 'unqualified' + xml:lang CDATA #IMPLIED + %schemaAttrs;> +<!-- Note the xmlns declaration is NOT in the Schema for Schemas, + because at the Infoset level where schemas operate, + xmlns(:prefix) is NOT an attribute! --> +<!-- The declaration of xmlns is a convenience for schema authors --> + +<!-- The id attribute here and below is for use in external references + from non-schemas using simple fragment identifiers. + It is NOT used for schema-to-schema reference, internal or + external. --> + +<!-- a type is a named content type specification which allows attribute + declarations--> +<!-- --> + +<!ELEMENT %complexType; ((%annotation;)?, + (%simpleContent;|%complexContent;| + %particleAndAttrs;))> + +<!ATTLIST %complexType; + name %NCName; #IMPLIED + id ID #IMPLIED + abstract %boolean; #IMPLIED + final %complexDerivationSet; #IMPLIED + block %complexDerivationSet; #IMPLIED + mixed (true|false) 'false' + %complexTypeAttrs;> + +<!-- particleAndAttrs is shorthand for a root type --> +<!-- mixed is disallowed if simpleContent, overriden if complexContent + has one too. --> + +<!-- If anyAttribute appears in one or more referenced attributeGroups + and/or explicitly, the intersection of the permissions is used --> + +<!ELEMENT %complexContent; ((%annotation;)?, (%restriction;|%extension;))> +<!ATTLIST %complexContent; + mixed (true|false) #IMPLIED + id ID #IMPLIED + %complexContentAttrs;> + +<!-- restriction should use the branch defined above, not the simple + one from part2; extension should use the full model --> + +<!ELEMENT %simpleContent; ((%annotation;)?, (%restriction;|%extension;))> +<!ATTLIST %simpleContent; + id ID #IMPLIED + %simpleContentAttrs;> + +<!-- restriction should use the simple branch from part2, not the + one defined above; extension should have no particle --> + +<!ELEMENT %extension; ((%annotation;)?, (%particleAndAttrs;))> +<!ATTLIST %extension; + base %QName; #REQUIRED + id ID #IMPLIED + %extensionAttrs;> + +<!-- an element is declared by either: + a name and a type (either nested or referenced via the type attribute) + or a ref to an existing element declaration --> + +<!ELEMENT %element; ((%annotation;)?, (%complexType;| %simpleType;)?, + (%unique; | %key; | %keyref;)*)> +<!-- simpleType or complexType only if no type|ref attribute --> +<!-- ref not allowed at top level --> +<!ATTLIST %element; + name %NCName; #IMPLIED + id ID #IMPLIED + ref %QName; #IMPLIED + type %QName; #IMPLIED + minOccurs %nonNegativeInteger; #IMPLIED + maxOccurs CDATA #IMPLIED + nillable %boolean; #IMPLIED + substitutionGroup %QName; #IMPLIED + abstract %boolean; #IMPLIED + final %complexDerivationSet; #IMPLIED + block %blockSet; #IMPLIED + default CDATA #IMPLIED + fixed CDATA #IMPLIED + form %formValues; #IMPLIED + %elementAttrs;> +<!-- type and ref are mutually exclusive. + name and ref are mutually exclusive, one is required --> +<!-- In the absence of type AND ref, type defaults to type of + substitutionGroup, if any, else the ur-type, i.e. unconstrained --> +<!-- default and fixed are mutually exclusive --> + +<!ELEMENT %group; ((%annotation;)?,(%mgs;)?)> +<!ATTLIST %group; + name %NCName; #IMPLIED + ref %QName; #IMPLIED + minOccurs %nonNegativeInteger; #IMPLIED + maxOccurs CDATA #IMPLIED + id ID #IMPLIED + %groupAttrs;> + +<!ELEMENT %all; ((%annotation;)?, (%element;)*)> +<!ATTLIST %all; + minOccurs (1) #IMPLIED + maxOccurs (1) #IMPLIED + id ID #IMPLIED + %allAttrs;> + +<!ELEMENT %choice; ((%annotation;)?, (%element;| %group;| %cs; | %any;)*)> +<!ATTLIST %choice; + minOccurs %nonNegativeInteger; #IMPLIED + maxOccurs CDATA #IMPLIED + id ID #IMPLIED + %choiceAttrs;> + +<!ELEMENT %sequence; ((%annotation;)?, (%element;| %group;| %cs; | %any;)*)> +<!ATTLIST %sequence; + minOccurs %nonNegativeInteger; #IMPLIED + maxOccurs CDATA #IMPLIED + id ID #IMPLIED + %sequenceAttrs;> + +<!-- an anonymous grouping in a model, or + a top-level named group definition, or a reference to same --> + +<!-- Note that if order is 'all', group is not allowed inside. + If order is 'all' THIS group must be alone (or referenced alone) at + the top level of a content model --> +<!-- If order is 'all', minOccurs==maxOccurs==1 on element/any inside --> +<!-- Should allow minOccurs=0 inside order='all' . . . --> + +<!ELEMENT %any; (%annotation;)?> +<!ATTLIST %any; + namespace CDATA '##any' + processContents (skip|lax|strict) 'strict' + minOccurs %nonNegativeInteger; '1' + maxOccurs CDATA '1' + id ID #IMPLIED + %anyAttrs;> + +<!-- namespace is interpreted as follows: + ##any - - any non-conflicting WFXML at all + + ##other - - any non-conflicting WFXML from namespace other + than targetNamespace + + ##local - - any unqualified non-conflicting WFXML/attribute + one or - - any non-conflicting WFXML from + more URI the listed namespaces + references + + ##targetNamespace ##local may appear in the above list, + with the obvious meaning --> + +<!ELEMENT %anyAttribute; (%annotation;)?> +<!ATTLIST %anyAttribute; + namespace CDATA '##any' + processContents (skip|lax|strict) 'strict' + id ID #IMPLIED + %anyAttributeAttrs;> +<!-- namespace is interpreted as for 'any' above --> + +<!-- simpleType only if no type|ref attribute --> +<!-- ref not allowed at top level, name iff at top level --> +<!ELEMENT %attribute; ((%annotation;)?, (%simpleType;)?)> +<!ATTLIST %attribute; + name %NCName; #IMPLIED + id ID #IMPLIED + ref %QName; #IMPLIED + type %QName; #IMPLIED + use (prohibited|optional|required) #IMPLIED + default CDATA #IMPLIED + fixed CDATA #IMPLIED + form %formValues; #IMPLIED + %attributeAttrs;> +<!-- type and ref are mutually exclusive. + name and ref are mutually exclusive, one is required --> +<!-- default for use is optional when nested, none otherwise --> +<!-- default and fixed are mutually exclusive --> +<!-- type attr and simpleType content are mutually exclusive --> + +<!-- an attributeGroup is a named collection of attribute decls, or a + reference thereto --> +<!ELEMENT %attributeGroup; ((%annotation;)?, + (%attribute; | %attributeGroup;)*, + (%anyAttribute;)?) > +<!ATTLIST %attributeGroup; + name %NCName; #IMPLIED + id ID #IMPLIED + ref %QName; #IMPLIED + %attributeGroupAttrs;> + +<!-- ref iff no content, no name. ref iff not top level --> + +<!-- better reference mechanisms --> +<!ELEMENT %unique; ((%annotation;)?, %selector;, (%field;)+)> +<!ATTLIST %unique; + name %NCName; #REQUIRED + id ID #IMPLIED + %uniqueAttrs;> + +<!ELEMENT %key; ((%annotation;)?, %selector;, (%field;)+)> +<!ATTLIST %key; + name %NCName; #REQUIRED + id ID #IMPLIED + %keyAttrs;> + +<!ELEMENT %keyref; ((%annotation;)?, %selector;, (%field;)+)> +<!ATTLIST %keyref; + name %NCName; #REQUIRED + refer %QName; #REQUIRED + id ID #IMPLIED + %keyrefAttrs;> + +<!ELEMENT %selector; ((%annotation;)?)> +<!ATTLIST %selector; + xpath %XPathExpr; #REQUIRED + id ID #IMPLIED + %selectorAttrs;> +<!ELEMENT %field; ((%annotation;)?)> +<!ATTLIST %field; + xpath %XPathExpr; #REQUIRED + id ID #IMPLIED + %fieldAttrs;> + +<!-- Schema combination mechanisms --> +<!ELEMENT %include; (%annotation;)?> +<!ATTLIST %include; + schemaLocation %URIref; #REQUIRED + id ID #IMPLIED + %includeAttrs;> + +<!ELEMENT %import; (%annotation;)?> +<!ATTLIST %import; + namespace %URIref; #IMPLIED + schemaLocation %URIref; #IMPLIED + id ID #IMPLIED + %importAttrs;> + +<!ELEMENT %redefine; (%annotation; | %simpleType; | %complexType; | + %attributeGroup; | %group;)*> +<!ATTLIST %redefine; + schemaLocation %URIref; #REQUIRED + id ID #IMPLIED + %redefineAttrs;> + +<!ELEMENT %notation; (%annotation;)?> +<!ATTLIST %notation; + name %NCName; #REQUIRED + id ID #IMPLIED + public CDATA #REQUIRED + system %URIref; #IMPLIED + %notationAttrs;> + +<!-- Annotation is either application information or documentation --> +<!-- By having these here they are available for datatypes as well + as all the structures elements --> + +<!ELEMENT %annotation; (%appinfo; | %documentation;)*> +<!ATTLIST %annotation; %annotationAttrs;> + +<!-- User must define annotation elements in internal subset for this + to work --> +<!ELEMENT %appinfo; ANY> <!-- too restrictive --> +<!ATTLIST %appinfo; + source %URIref; #IMPLIED + id ID #IMPLIED + %appinfoAttrs;> +<!ELEMENT %documentation; ANY> <!-- too restrictive --> +<!ATTLIST %documentation; + source %URIref; #IMPLIED + id ID #IMPLIED + xml:lang CDATA #IMPLIED + %documentationAttrs;> + +<!NOTATION XMLSchemaStructures PUBLIC + 'structures' 'http://www.w3.org/2001/XMLSchema.xsd' > +<!NOTATION XML PUBLIC + 'REC-xml-1998-0210' 'http://www.w3.org/TR/1998/REC-xml-19980210' > diff --git a/common/src/main/resources/resources/schemas/cs-sstc-schema-assertion-01.xsd b/common/src/main/resources/resources/schemas/cs-sstc-schema-assertion-01.xsd new file mode 100644 index 000000000..8bc5af147 --- /dev/null +++ b/common/src/main/resources/resources/schemas/cs-sstc-schema-assertion-01.xsd @@ -0,0 +1,194 @@ +<?xml version="1.0" encoding="UTF-8"?>
+<!-- edited with XML Spy v3.5 NT (http://www.xmlspy.com) by Phill Hallam-Baker (VeriSign Inc.) -->
+<schema targetNamespace="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns="http://www.w3.org/2001/XMLSchema" elementFormDefault="unqualified">
+ <import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/>
+ <annotation>
+ <documentation>
+ Document identifier: cs-sstc-schema-assertion-01
+ Location: http://www.oasis-open.org/committees/security/docs/
+ </documentation>
+ </annotation>
+ <simpleType name="IDType">
+ <restriction base="string"/>
+ </simpleType>
+ <simpleType name="IDReferenceType">
+ <restriction base="string"/>
+ </simpleType>
+ <simpleType name="DecisionType">
+ <restriction base="string">
+ <enumeration value="Permit"/>
+ <enumeration value="Deny"/>
+ <enumeration value="Indeterminate"/>
+ </restriction>
+ </simpleType>
+ <element name="AssertionIDReference" type="saml:IDReferenceType"/>
+ <element name="Assertion" type="saml:AssertionType"/>
+ <complexType name="AssertionType">
+ <sequence>
+ <element ref="saml:Conditions" minOccurs="0"/>
+ <element ref="saml:Advice" minOccurs="0"/>
+ <choice maxOccurs="unbounded">
+ <element ref="saml:Statement"/>
+ <element ref="saml:SubjectStatement"/>
+ <element ref="saml:AuthenticationStatement"/>
+ <element ref="saml:AuthorizationDecisionStatement"/>
+ <element ref="saml:AttributeStatement"/>
+ </choice>
+ <element ref="ds:Signature" minOccurs="0"/>
+ </sequence>
+ <attribute name="MajorVersion" type="integer" use="required"/>
+ <attribute name="MinorVersion" type="integer" use="required"/>
+ <attribute name="AssertionID" type="saml:IDType" use="required"/>
+ <attribute name="Issuer" type="string" use="required"/>
+ <attribute name="IssueInstant" type="dateTime" use="required"/>
+ </complexType>
+ <element name="Conditions" type="saml:ConditionsType"/>
+ <complexType name="ConditionsType">
+ <choice minOccurs="0" maxOccurs="unbounded">
+ <element ref="saml:AudienceRestrictionCondition"/>
+ <element ref="saml:Condition"/>
+ </choice>
+ <attribute name="NotBefore" type="dateTime" use="optional"/>
+ <attribute name="NotOnOrAfter" type="dateTime" use="optional"/>
+ </complexType>
+ <element name="Condition" type="saml:ConditionAbstractType"/>
+ <complexType name="ConditionAbstractType" abstract="true"/>
+ <element name="AudienceRestrictionCondition" type="saml:AudienceRestrictionConditionType"/>
+ <complexType name="AudienceRestrictionConditionType">
+ <complexContent>
+ <extension base="saml:ConditionAbstractType">
+ <sequence>
+ <element ref="saml:Audience" maxOccurs="unbounded"/>
+ </sequence>
+ </extension>
+ </complexContent>
+ </complexType>
+ <element name="Audience" type="anyURI"/>
+ <element name="Advice" type="saml:AdviceType"/>
+ <complexType name="AdviceType">
+ <choice minOccurs="0" maxOccurs="unbounded">
+ <element ref="saml:AssertionIDReference"/>
+ <element ref="saml:Assertion"/>
+ <any namespace="##other" processContents="lax"/>
+ </choice>
+ </complexType>
+ <element name="Statement" type="saml:StatementAbstractType"/>
+ <complexType name="StatementAbstractType" abstract="true"/>
+ <element name="SubjectStatement" type="saml:SubjectStatementAbstractType"/>
+ <complexType name="SubjectStatementAbstractType" abstract="true">
+ <complexContent>
+ <extension base="saml:StatementAbstractType">
+ <sequence>
+ <element ref="saml:Subject"/>
+ </sequence>
+ </extension>
+ </complexContent>
+ </complexType>
+ <element name="Subject" type="saml:SubjectType"/>
+ <complexType name="SubjectType">
+ <choice>
+ <sequence>
+ <element ref="saml:NameIdentifier"/>
+ <element ref="saml:SubjectConfirmation" minOccurs="0"/>
+ </sequence>
+ <element ref="saml:SubjectConfirmation"/>
+ </choice>
+ </complexType>
+ <element name="NameIdentifier" type="saml:NameIdentifierType"/>
+ <complexType name="NameIdentifierType">
+ <simpleContent>
+ <extension base="string">
+ <attribute name="NameQualifier" type="string" use="optional"/>
+ <attribute name="Format" type="anyURI" use="optional"/>
+ </extension>
+ </simpleContent>
+ </complexType>
+ <element name="SubjectConfirmation" type="saml:SubjectConfirmationType"/>
+ <complexType name="SubjectConfirmationType">
+ <sequence>
+ <element ref="saml:ConfirmationMethod" maxOccurs="unbounded"/>
+ <element ref="saml:SubjectConfirmationData" minOccurs="0"/>
+ <element ref="ds:KeyInfo" minOccurs="0"/>
+ </sequence>
+ </complexType>
+ <element name="SubjectConfirmationData" type="anyType"/>
+ <element name="ConfirmationMethod" type="anyURI"/>
+ <element name="AuthenticationStatement" type="saml:AuthenticationStatementType"/>
+ <complexType name="AuthenticationStatementType">
+ <complexContent>
+ <extension base="saml:SubjectStatementAbstractType">
+ <sequence>
+ <element ref="saml:SubjectLocality" minOccurs="0"/>
+ <element ref="saml:AuthorityBinding" minOccurs="0" maxOccurs="unbounded"/>
+ </sequence>
+ <attribute name="AuthenticationMethod" type="anyURI" use="required"/>
+ <attribute name="AuthenticationInstant" type="dateTime" use="required"/>
+ </extension>
+ </complexContent>
+ </complexType>
+ <element name="SubjectLocality" type="saml:SubjectLocalityType"/>
+ <complexType name="SubjectLocalityType">
+ <attribute name="IPAddress" type="string" use="optional"/>
+ <attribute name="DNSAddress" type="string" use="optional"/>
+ </complexType>
+ <element name="AuthorityBinding" type="saml:AuthorityBindingType"/>
+ <complexType name="AuthorityBindingType">
+ <attribute name="AuthorityKind" type="QName" use="required"/>
+ <attribute name="Location" type="anyURI" use="required"/>
+ <attribute name="Binding" type="anyURI" use="required"/>
+ </complexType>
+ <element name="AuthorizationDecisionStatement" type="saml:AuthorizationDecisionStatementType"/>
+ <complexType name="AuthorizationDecisionStatementType">
+ <complexContent>
+ <extension base="saml:SubjectStatementAbstractType">
+ <sequence>
+ <element ref="saml:Action" maxOccurs="unbounded"/>
+ <element ref="saml:Evidence" minOccurs="0"/>
+ </sequence>
+ <attribute name="Resource" type="anyURI" use="required"/>
+ <attribute name="Decision" type="saml:DecisionType" use="required"/>
+ </extension>
+ </complexContent>
+ </complexType>
+ <element name="Action" type="saml:ActionType"/>
+ <complexType name="ActionType">
+ <simpleContent>
+ <extension base="string">
+ <attribute name="Namespace" type="anyURI"/>
+ </extension>
+ </simpleContent>
+ </complexType>
+ <element name="Evidence" type="saml:EvidenceType"/>
+ <complexType name="EvidenceType">
+ <choice maxOccurs="unbounded">
+ <element ref="saml:AssertionIDReference"/>
+ <element ref="saml:Assertion"/>
+ </choice>
+ </complexType>
+ <element name="AttributeStatement" type="saml:AttributeStatementType"/>
+ <complexType name="AttributeStatementType">
+ <complexContent>
+ <extension base="saml:SubjectStatementAbstractType">
+ <sequence>
+ <element ref="saml:Attribute" maxOccurs="unbounded"/>
+ </sequence>
+ </extension>
+ </complexContent>
+ </complexType>
+ <element name="AttributeDesignator" type="saml:AttributeDesignatorType"/>
+ <complexType name="AttributeDesignatorType">
+ <attribute name="AttributeName" type="string" use="required"/>
+ <attribute name="AttributeNamespace" type="anyURI" use="required"/>
+ </complexType>
+ <element name="Attribute" type="saml:AttributeType"/>
+ <complexType name="AttributeType">
+ <complexContent>
+ <extension base="saml:AttributeDesignatorType">
+ <sequence>
+ <element ref="saml:AttributeValue" maxOccurs="unbounded"/>
+ </sequence>
+ </extension>
+ </complexContent>
+ </complexType>
+ <element name="AttributeValue" type="anyType"/>
+</schema>
diff --git a/common/src/main/resources/resources/schemas/cs-sstc-schema-protocol-01.xsd b/common/src/main/resources/resources/schemas/cs-sstc-schema-protocol-01.xsd new file mode 100644 index 000000000..ecad05b0f --- /dev/null +++ b/common/src/main/resources/resources/schemas/cs-sstc-schema-protocol-01.xsd @@ -0,0 +1,127 @@ +<?xml version="1.0" encoding="UTF-8"?>
+<!-- edited with XML Spy v4.2 U (http://www.xmlspy.com) by Phillip Hallam-Baker (Phillip Hallam-Baker) -->
+<schema targetNamespace="urn:oasis:names:tc:SAML:1.0:protocol" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol" xmlns="http://www.w3.org/2001/XMLSchema" elementFormDefault="unqualified">
+ <import namespace="urn:oasis:names:tc:SAML:1.0:assertion" schemaLocation="cs-sstc-schema-assertion-01.xsd"/>
+ <import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/>
+ <annotation>
+ <documentation>
+ Document identifier: cs-sstc-schema-protocol-01
+ Location: http://www.oasis-open.org/committees/security/docs/
+ </documentation>
+ </annotation>
+ <complexType name="RequestAbstractType" abstract="true">
+ <sequence>
+ <element ref="samlp:RespondWith" minOccurs="0" maxOccurs="unbounded"/>
+ <element ref="ds:Signature" minOccurs="0"/>
+ </sequence>
+ <attribute name="RequestID" type="saml:IDType" use="required"/>
+ <attribute name="MajorVersion" type="integer" use="required"/>
+ <attribute name="MinorVersion" type="integer" use="required"/>
+ <attribute name="IssueInstant" type="dateTime" use="required"/>
+ </complexType>
+ <element name="RespondWith" type="QName"/>
+ <element name="Request" type="samlp:RequestType"/>
+ <complexType name="RequestType">
+ <complexContent>
+ <extension base="samlp:RequestAbstractType">
+ <choice>
+ <element ref="samlp:Query"/>
+ <element ref="samlp:SubjectQuery"/>
+ <element ref="samlp:AuthenticationQuery"/>
+ <element ref="samlp:AttributeQuery"/>
+ <element ref="samlp:AuthorizationDecisionQuery"/>
+ <element ref="saml:AssertionIDReference" maxOccurs="unbounded"/>
+ <element ref="samlp:AssertionArtifact" maxOccurs="unbounded"/>
+ </choice>
+ </extension>
+ </complexContent>
+ </complexType>
+ <element name="AssertionArtifact" type="string"/>
+ <element name="Query" type="samlp:QueryAbstractType"/>
+ <complexType name="QueryAbstractType" abstract="true"/>
+ <element name="SubjectQuery" type="samlp:SubjectQueryAbstractType"/>
+ <complexType name="SubjectQueryAbstractType" abstract="true">
+ <complexContent>
+ <extension base="samlp:QueryAbstractType">
+ <sequence>
+ <element ref="saml:Subject"/>
+ </sequence>
+ </extension>
+ </complexContent>
+ </complexType>
+ <element name="AuthenticationQuery" type="samlp:AuthenticationQueryType"/>
+ <complexType name="AuthenticationQueryType">
+ <complexContent>
+ <extension base="samlp:SubjectQueryAbstractType">
+ <attribute name="AuthenticationMethod" type="anyURI"/>
+ </extension>
+ </complexContent>
+ </complexType>
+ <element name="AttributeQuery" type="samlp:AttributeQueryType"/>
+ <complexType name="AttributeQueryType">
+ <complexContent>
+ <extension base="samlp:SubjectQueryAbstractType">
+ <sequence>
+ <element ref="saml:AttributeDesignator" minOccurs="0" maxOccurs="unbounded"/>
+ </sequence>
+ <attribute name="Resource" type="anyURI" use="optional"/>
+ </extension>
+ </complexContent>
+ </complexType>
+ <element name="AuthorizationDecisionQuery" type="samlp:AuthorizationDecisionQueryType"/>
+ <complexType name="AuthorizationDecisionQueryType">
+ <complexContent>
+ <extension base="samlp:SubjectQueryAbstractType">
+ <sequence>
+ <element ref="saml:Action" maxOccurs="unbounded"/>
+ <element ref="saml:Evidence" minOccurs="0" maxOccurs="1"/>
+ </sequence>
+ <attribute name="Resource" type="anyURI" use="required"/>
+ </extension>
+ </complexContent>
+ </complexType>
+ <complexType name="ResponseAbstractType" abstract="true">
+ <sequence>
+ <element ref="ds:Signature" minOccurs="0"/>
+ </sequence>
+ <attribute name="ResponseID" type="saml:IDType" use="required"/>
+ <attribute name="InResponseTo" type="saml:IDReferenceType" use="optional"/>
+ <attribute name="MajorVersion" type="integer" use="required"/>
+ <attribute name="MinorVersion" type="integer" use="required"/>
+ <attribute name="IssueInstant" type="dateTime" use="required"/>
+ <attribute name="Recipient" type="anyURI" use="optional"/>
+ </complexType>
+ <element name="Response" type="samlp:ResponseType"/>
+ <complexType name="ResponseType">
+ <complexContent>
+ <extension base="samlp:ResponseAbstractType">
+ <sequence>
+ <element ref="samlp:Status"/>
+ <element ref="saml:Assertion" minOccurs="0" maxOccurs="unbounded"/>
+ </sequence>
+ </extension>
+ </complexContent>
+ </complexType>
+ <element name="Status" type="samlp:StatusType"/>
+ <complexType name="StatusType">
+ <sequence>
+ <element ref="samlp:StatusCode"/>
+ <element ref="samlp:StatusMessage" minOccurs="0" maxOccurs="1"/>
+ <element ref="samlp:StatusDetail" minOccurs="0"/>
+ </sequence>
+ </complexType>
+ <element name="StatusCode" type="samlp:StatusCodeType"/>
+ <complexType name="StatusCodeType">
+ <sequence>
+ <element ref="samlp:StatusCode" minOccurs="0"/>
+ </sequence>
+ <attribute name="Value" type="QName" use="required"/>
+ </complexType>
+ <element name="StatusMessage" type="string"/>
+ <element name="StatusDetail" type="samlp:StatusDetailType"/>
+ <complexType name="StatusDetailType">
+ <sequence>
+ <any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
+ </sequence>
+ </complexType>
+</schema>
diff --git a/common/src/main/resources/resources/schemas/datatypes.dtd b/common/src/main/resources/resources/schemas/datatypes.dtd new file mode 100644 index 000000000..8e48553be --- /dev/null +++ b/common/src/main/resources/resources/schemas/datatypes.dtd @@ -0,0 +1,203 @@ +<!-- + DTD for XML Schemas: Part 2: Datatypes + $Id: datatypes.dtd,v 1.23 2001/03/16 17:36:30 ht Exp $ + Note this DTD is NOT normative, or even definitive. - - the + prose copy in the datatypes REC is the definitive version + (which shouldn't differ from this one except for this comment + and entity expansions, but just in case) + --> + +<!-- + This DTD cannot be used on its own, it is intended + only for incorporation in XMLSchema.dtd, q.v. + --> + +<!-- Define all the element names, with optional prefix --> +<!ENTITY % simpleType "%p;simpleType"> +<!ENTITY % restriction "%p;restriction"> +<!ENTITY % list "%p;list"> +<!ENTITY % union "%p;union"> +<!ENTITY % maxExclusive "%p;maxExclusive"> +<!ENTITY % minExclusive "%p;minExclusive"> +<!ENTITY % maxInclusive "%p;maxInclusive"> +<!ENTITY % minInclusive "%p;minInclusive"> +<!ENTITY % totalDigits "%p;totalDigits"> +<!ENTITY % fractionDigits "%p;fractionDigits"> +<!ENTITY % length "%p;length"> +<!ENTITY % minLength "%p;minLength"> +<!ENTITY % maxLength "%p;maxLength"> +<!ENTITY % enumeration "%p;enumeration"> +<!ENTITY % whiteSpace "%p;whiteSpace"> +<!ENTITY % pattern "%p;pattern"> + +<!-- + Customisation entities for the ATTLIST of each element + type. Define one of these if your schema takes advantage + of the anyAttribute='##other' in the schema for schemas + --> + +<!ENTITY % simpleTypeAttrs ""> +<!ENTITY % restrictionAttrs ""> +<!ENTITY % listAttrs ""> +<!ENTITY % unionAttrs ""> +<!ENTITY % maxExclusiveAttrs ""> +<!ENTITY % minExclusiveAttrs ""> +<!ENTITY % maxInclusiveAttrs ""> +<!ENTITY % minInclusiveAttrs ""> +<!ENTITY % totalDigitsAttrs ""> +<!ENTITY % fractionDigitsAttrs ""> +<!ENTITY % lengthAttrs ""> +<!ENTITY % minLengthAttrs ""> +<!ENTITY % maxLengthAttrs ""> +<!ENTITY % enumerationAttrs ""> +<!ENTITY % whiteSpaceAttrs ""> +<!ENTITY % patternAttrs ""> + +<!-- Define some entities for informative use as attribute + types --> +<!ENTITY % URIref "CDATA"> +<!ENTITY % XPathExpr "CDATA"> +<!ENTITY % QName "NMTOKEN"> +<!ENTITY % QNames "NMTOKENS"> +<!ENTITY % NCName "NMTOKEN"> +<!ENTITY % nonNegativeInteger "NMTOKEN"> +<!ENTITY % boolean "(true|false)"> +<!ENTITY % simpleDerivationSet "CDATA"> +<!-- + #all or space-separated list drawn from derivationChoice + --> + +<!-- + Note that the use of 'facet' below is less restrictive + than is really intended: There should in fact be no + more than one of each of minInclusive, minExclusive, + maxInclusive, maxExclusive, totalDigits, fractionDigits, + length, maxLength, minLength within datatype, + and the min- and max- variants of Inclusive and Exclusive + are mutually exclusive. On the other hand, pattern and + enumeration may repeat. + --> +<!ENTITY % minBound "(%minInclusive; | %minExclusive;)"> +<!ENTITY % maxBound "(%maxInclusive; | %maxExclusive;)"> +<!ENTITY % bounds "%minBound; | %maxBound;"> +<!ENTITY % numeric "%totalDigits; | %fractionDigits;"> +<!ENTITY % ordered "%bounds; | %numeric;"> +<!ENTITY % unordered + "%pattern; | %enumeration; | %whiteSpace; | %length; | + %maxLength; | %minLength;"> +<!ENTITY % facet "%ordered; | %unordered;"> +<!ENTITY % facetAttr + "value CDATA #REQUIRED + id ID #IMPLIED"> +<!ENTITY % fixedAttr "fixed %boolean; #IMPLIED"> +<!ENTITY % facetModel "(%annotation;)?"> +<!ELEMENT %simpleType; + ((%annotation;)?, (%restriction; | %list; | %union;))> +<!ATTLIST %simpleType; + name %NCName; #IMPLIED + final %simpleDerivationSet; #IMPLIED + id ID #IMPLIED + %simpleTypeAttrs;> +<!-- name is required at top level --> +<!ELEMENT %restriction; ((%annotation;)?, + (%restriction1; | + ((%simpleType;)?,(%facet;)*)), + (%attrDecls;))> +<!ATTLIST %restriction; + base %QName; #IMPLIED + id ID #IMPLIED + %restrictionAttrs;> +<!-- + base and simpleType child are mutually exclusive, + one is required. + + restriction is shared between simpleType and + simpleContent and complexContent (in XMLSchema.xsd). + restriction1 is for the latter cases, when this + is restricting a complex type, as is attrDecls. + --> +<!ELEMENT %list; ((%annotation;)?,(%simpleType;)?)> +<!ATTLIST %list; + itemType %QName; #IMPLIED + id ID #IMPLIED + %listAttrs;> +<!-- + itemType and simpleType child are mutually exclusive, + one is required + --> +<!ELEMENT %union; ((%annotation;)?,(%simpleType;)*)> +<!ATTLIST %union; + id ID #IMPLIED + memberTypes %QNames; #IMPLIED + %unionAttrs;> +<!-- + At least one item in memberTypes or one simpleType + child is required + --> + +<!ELEMENT %maxExclusive; %facetModel;> +<!ATTLIST %maxExclusive; + %facetAttr; + %fixedAttr; + %maxExclusiveAttrs;> +<!ELEMENT %minExclusive; %facetModel;> +<!ATTLIST %minExclusive; + %facetAttr; + %fixedAttr; + %minExclusiveAttrs;> + +<!ELEMENT %maxInclusive; %facetModel;> +<!ATTLIST %maxInclusive; + %facetAttr; + %fixedAttr; + %maxInclusiveAttrs;> +<!ELEMENT %minInclusive; %facetModel;> +<!ATTLIST %minInclusive; + %facetAttr; + %fixedAttr; + %minInclusiveAttrs;> + +<!ELEMENT %totalDigits; %facetModel;> +<!ATTLIST %totalDigits; + %facetAttr; + %fixedAttr; + %totalDigitsAttrs;> +<!ELEMENT %fractionDigits; %facetModel;> +<!ATTLIST %fractionDigits; + %facetAttr; + %fixedAttr; + %fractionDigitsAttrs;> + +<!ELEMENT %length; %facetModel;> +<!ATTLIST %length; + %facetAttr; + %fixedAttr; + %lengthAttrs;> +<!ELEMENT %minLength; %facetModel;> +<!ATTLIST %minLength; + %facetAttr; + %fixedAttr; + %minLengthAttrs;> +<!ELEMENT %maxLength; %facetModel;> +<!ATTLIST %maxLength; + %facetAttr; + %fixedAttr; + %maxLengthAttrs;> + +<!-- This one can be repeated --> +<!ELEMENT %enumeration; %facetModel;> +<!ATTLIST %enumeration; + %facetAttr; + %enumerationAttrs;> + +<!ELEMENT %whiteSpace; %facetModel;> +<!ATTLIST %whiteSpace; + %facetAttr; + %fixedAttr; + %whiteSpaceAttrs;> + +<!-- This one can be repeated --> +<!ELEMENT %pattern; %facetModel;> +<!ATTLIST %pattern; + %facetAttr; + %patternAttrs;> diff --git a/common/src/main/resources/resources/schemas/exclusive-canonicalization.xsd b/common/src/main/resources/resources/schemas/exclusive-canonicalization.xsd new file mode 100644 index 000000000..d4a2d82ec --- /dev/null +++ b/common/src/main/resources/resources/schemas/exclusive-canonicalization.xsd @@ -0,0 +1,22 @@ +<?xml version="1.0" encoding="utf-8"?>
+<!-- commented out for compatibility with Xerces 2.0.2
+<!DOCTYPE schema
+ PUBLIC "-//W3C//DTD XMLSchema 200102//EN" "http://www.w3.org/2001/XMLSchema.dtd"
+ [
+ <!ATTLIST schema
+ xmlns:ec CDATA #FIXED 'http://www.w3.org/2001/10/xml-exc-c14n#'>
+ <!ENTITY ec 'http://www.w3.org/2001/10/xml-exc-c14n#'>
+ <!ENTITY % p ''>
+ <!ENTITY % s ''>
+ ]>
+-->
+<schema xmlns="http://www.w3.org/2001/XMLSchema"
+ xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"
+ targetNamespace="http://www.w3.org/2001/10/xml-exc-c14n#"
+ version="0.1" elementFormDefault="qualified">
+ <element name="InclusiveNamespaces"
+ type="ec:InclusiveNamespaces"/>
+ <complexType name="InclusiveNamespaces">
+ <attribute name="PrefixList" type="string"/>
+ </complexType>
+</schema>
\ No newline at end of file diff --git a/common/src/main/resources/resources/schemas/xml.xsd b/common/src/main/resources/resources/schemas/xml.xsd new file mode 100644 index 000000000..79dbc02ba --- /dev/null +++ b/common/src/main/resources/resources/schemas/xml.xsd @@ -0,0 +1,83 @@ +<?xml version='1.0'?>
+<!-- documented out for compatibility with Xerces-2.0.2
+<!DOCTYPE xs:schema PUBLIC "-//W3C//DTD XMLSCHEMA 200102//EN" "XMLSchema.dtd" >
+-->
+<xs:schema targetNamespace="http://www.w3.org/XML/1998/namespace" xmlns:xs="http://www.w3.org/2001/XMLSchema" xml:lang="en">
+
+ <xs:annotation>
+ <xs:documentation>
+ See http://www.w3.org/XML/1998/namespace.html and
+ http://www.w3.org/TR/REC-xml for information about this namespace.
+ </xs:documentation>
+ </xs:annotation>
+
+ <xs:annotation>
+ <xs:documentation>This schema defines attributes and an attribute group
+ suitable for use by
+ schemas wishing to allow xml:base, xml:lang or xml:space attributes
+ on elements they define.
+
+ To enable this, such a schema must import this schema
+ for the XML namespace, e.g. as follows:
+ <schema . . .>
+ . . .
+ <import namespace="http://www.w3.org/XML/1998/namespace"
+ schemaLocation="http://www.w3.org/2001/03/xml.xsd"/>
+
+ Subsequently, qualified reference to any of the attributes
+ or the group defined below will have the desired effect, e.g.
+
+ <type . . .>
+ . . .
+ <attributeGroup ref="xml:specialAttrs"/>
+
+ will define a type which will schema-validate an instance
+ element with any of those attributes</xs:documentation>
+ </xs:annotation>
+
+ <xs:annotation>
+ <xs:documentation>In keeping with the XML Schema WG's standard versioning
+ policy, this schema document will persist at
+ http://www.w3.org/2001/03/xml.xsd.
+ At the date of issue it can also be found at
+ http://www.w3.org/2001/xml.xsd.
+ The schema document at that URI may however change in the future,
+ in order to remain compatible with the latest version of XML Schema
+ itself. In other words, if the XML Schema namespace changes, the version
+ of this document at
+ http://www.w3.org/2001/xml.xsd will change
+ accordingly; the version at
+ http://www.w3.org/2001/03/xml.xsd will not change.
+ </xs:documentation>
+ </xs:annotation>
+
+ <xs:attribute name="lang" type="xs:language">
+ <xs:annotation>
+ <xs:documentation>In due course, we should install the relevant ISO 2- and 3-letter
+ codes as the enumerated possible values . . .</xs:documentation>
+ </xs:annotation>
+ </xs:attribute>
+
+ <xs:attribute name="space" default="preserve">
+ <xs:simpleType>
+ <xs:restriction base="xs:NCName">
+ <xs:enumeration value="default"/>
+ <xs:enumeration value="preserve"/>
+ </xs:restriction>
+ </xs:simpleType>
+ </xs:attribute>
+
+ <xs:attribute name="base" type="xs:anyURI">
+ <xs:annotation>
+ <xs:documentation>See http://www.w3.org/TR/xmlbase/ for
+ information about this attribute.</xs:documentation>
+ </xs:annotation>
+ </xs:attribute>
+
+ <xs:attributeGroup name="specialAttrs">
+ <xs:attribute ref="xml:base"/>
+ <xs:attribute ref="xml:lang"/>
+ <xs:attribute ref="xml:space"/>
+ </xs:attributeGroup>
+
+</xs:schema>
diff --git a/common/src/main/resources/resources/schemas/xmldsig-core-schema.xsd b/common/src/main/resources/resources/schemas/xmldsig-core-schema.xsd new file mode 100644 index 000000000..a7e302373 --- /dev/null +++ b/common/src/main/resources/resources/schemas/xmldsig-core-schema.xsd @@ -0,0 +1,264 @@ +<?xml version="1.0" encoding="utf-8"?>
+<!-- documented out for compatibility with Xerces-2.0.2
+<!DOCTYPE schema PUBLIC "-//W3C//DTD XMLSchema 200102//EN" "XMLSchema.dtd" [
+ <!ATTLIST schema
+ xmlns:ds CDATA #FIXED "http://www.w3.org/2000/09/xmldsig#"
+>
+ <!ENTITY dsig 'http://www.w3.org/2000/09/xmldsig#'>
+ <!ENTITY % p ''>
+ <!ENTITY % s ''>
+]>
+-->
+<!-- Schema for XML Signatures
+ http://www.w3.org/2000/09/xmldsig#
+ $Revision: 1.1 $ on $Date: 2003/03/11 10:10:34 $ by $Author: peck $
+
+ Copyright 2001 The Internet Society and W3C (Massachusetts Institute
+ of Technology, Institut National de Recherche en Informatique et en
+ Automatique, Keio University). All Rights Reserved.
+ http://www.w3.org/Consortium/Legal/
+
+ This document is governed by the W3C Software License [1] as described
+ in the FAQ [2].
+
+ [1] http://www.w3.org/Consortium/Legal/copyright-software-19980720
+ [2] http://www.w3.org/Consortium/Legal/IPR-FAQ-20000620.html#DTD
+-->
+<schema targetNamespace="http://www.w3.org/2000/09/xmldsig#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns="http://www.w3.org/2001/XMLSchema" elementFormDefault="qualified" version="0.1">
+ <!-- Basic Types Defined for Signatures -->
+ <simpleType name="CryptoBinary">
+ <restriction base="base64Binary"/>
+ </simpleType>
+ <!-- Start Signature -->
+ <element name="Signature" type="ds:SignatureType"/>
+ <complexType name="SignatureType">
+ <sequence>
+ <element ref="ds:SignedInfo"/>
+ <element ref="ds:SignatureValue"/>
+ <element ref="ds:KeyInfo" minOccurs="0"/>
+ <element ref="ds:Object" minOccurs="0" maxOccurs="unbounded"/>
+ </sequence>
+ <attribute name="Id" type="ID" use="optional"/>
+ </complexType>
+ <element name="SignatureValue" type="ds:SignatureValueType"/>
+ <complexType name="SignatureValueType">
+ <simpleContent>
+ <extension base="base64Binary">
+ <attribute name="Id" type="ID" use="optional"/>
+ </extension>
+ </simpleContent>
+ </complexType>
+ <!-- Start SignedInfo -->
+ <element name="SignedInfo" type="ds:SignedInfoType"/>
+ <complexType name="SignedInfoType">
+ <sequence>
+ <element ref="ds:CanonicalizationMethod"/>
+ <element ref="ds:SignatureMethod"/>
+ <element ref="ds:Reference" maxOccurs="unbounded"/>
+ </sequence>
+ <attribute name="Id" type="ID" use="optional"/>
+ </complexType>
+ <element name="CanonicalizationMethod" type="ds:CanonicalizationMethodType"/>
+ <complexType name="CanonicalizationMethodType" mixed="true">
+ <sequence>
+ <any namespace="##any" minOccurs="0" maxOccurs="unbounded"/>
+ <!-- (0,unbounded) elements from (1,1) namespace -->
+ </sequence>
+ <attribute name="Algorithm" type="anyURI" use="required"/>
+ </complexType>
+ <element name="SignatureMethod" type="ds:SignatureMethodType"/>
+ <complexType name="SignatureMethodType" mixed="true">
+ <sequence>
+ <element name="HMACOutputLength" type="ds:HMACOutputLengthType" minOccurs="0"/>
+ <any namespace="##other" minOccurs="0" maxOccurs="unbounded"/>
+ <!-- (0,unbounded) elements from (1,1) external namespace -->
+ </sequence>
+ <attribute name="Algorithm" type="anyURI" use="required"/>
+ </complexType>
+ <!-- Start Reference -->
+ <element name="Reference" type="ds:ReferenceType"/>
+ <complexType name="ReferenceType">
+ <sequence>
+ <element ref="ds:Transforms" minOccurs="0"/>
+ <element ref="ds:DigestMethod"/>
+ <element ref="ds:DigestValue"/>
+ </sequence>
+ <attribute name="Id" type="ID" use="optional"/>
+ <attribute name="URI" type="anyURI" use="optional"/>
+ <attribute name="Type" type="anyURI" use="optional"/>
+ </complexType>
+ <element name="Transforms" type="ds:TransformsType"/>
+ <complexType name="TransformsType">
+ <sequence>
+ <element ref="ds:Transform" maxOccurs="unbounded"/>
+ </sequence>
+ </complexType>
+ <element name="Transform" type="ds:TransformType"/>
+ <complexType name="TransformType" mixed="true">
+ <choice minOccurs="0" maxOccurs="unbounded">
+ <any namespace="##other" processContents="lax"/>
+ <element name="XPath" type="string"/>
+ <!-- (1,1) elements from (0,unbounded) namespaces -->
+ </choice>
+ <attribute name="Algorithm" type="anyURI" use="required"/>
+ </complexType>
+ <!-- End Reference -->
+ <element name="DigestMethod" type="ds:DigestMethodType"/>
+ <complexType name="DigestMethodType" mixed="true">
+ <sequence>
+ <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
+ </sequence>
+ <attribute name="Algorithm" type="anyURI" use="required"/>
+ </complexType>
+ <element name="DigestValue" type="ds:DigestValueType"/>
+ <simpleType name="DigestValueType">
+ <restriction base="base64Binary"/>
+ </simpleType>
+ <!-- End SignedInfo -->
+ <!-- Start KeyInfo -->
+ <element name="KeyInfo" type="ds:KeyInfoType"/>
+ <complexType name="KeyInfoType" mixed="true">
+ <choice maxOccurs="unbounded">
+ <element ref="ds:KeyName"/>
+ <element ref="ds:KeyValue"/>
+ <element ref="ds:RetrievalMethod"/>
+ <element ref="ds:X509Data"/>
+ <element ref="ds:PGPData"/>
+ <element ref="ds:SPKIData"/>
+ <element ref="ds:MgmtData"/>
+ <any namespace="##other" processContents="lax"/>
+ <!-- (1,1) elements from (0,unbounded) namespaces -->
+ </choice>
+ <attribute name="Id" type="ID" use="optional"/>
+ </complexType>
+ <element name="KeyName" type="string"/>
+ <element name="MgmtData" type="string"/>
+ <element name="KeyValue" type="ds:KeyValueType"/>
+ <complexType name="KeyValueType" mixed="true">
+ <choice>
+ <element ref="ds:DSAKeyValue"/>
+ <element ref="ds:RSAKeyValue"/>
+ <any namespace="##other" processContents="lax"/>
+ </choice>
+ </complexType>
+ <element name="RetrievalMethod" type="ds:RetrievalMethodType"/>
+ <complexType name="RetrievalMethodType">
+ <sequence>
+ <element ref="ds:Transforms" minOccurs="0"/>
+ </sequence>
+ <attribute name="URI" type="anyURI"/>
+ <attribute name="Type" type="anyURI" use="optional"/>
+ </complexType>
+ <!-- Start X509Data -->
+ <element name="X509Data" type="ds:X509DataType"/>
+ <complexType name="X509DataType">
+ <sequence maxOccurs="unbounded">
+ <choice>
+ <element name="X509IssuerSerial" type="ds:X509IssuerSerialType"/>
+ <element name="X509SKI" type="base64Binary"/>
+ <element name="X509SubjectName" type="string"/>
+ <element name="X509Certificate" type="base64Binary"/>
+ <element name="X509CRL" type="base64Binary"/>
+ <any namespace="##other" processContents="lax"/>
+ </choice>
+ </sequence>
+ </complexType>
+ <complexType name="X509IssuerSerialType">
+ <sequence>
+ <element name="X509IssuerName" type="string"/>
+ <element name="X509SerialNumber" type="integer"/>
+ </sequence>
+ </complexType>
+ <!-- End X509Data -->
+ <!-- Begin PGPData -->
+ <element name="PGPData" type="ds:PGPDataType"/>
+ <complexType name="PGPDataType">
+ <choice>
+ <sequence>
+ <element name="PGPKeyID" type="base64Binary"/>
+ <element name="PGPKeyPacket" type="base64Binary" minOccurs="0"/>
+ <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
+ </sequence>
+ <sequence>
+ <element name="PGPKeyPacket" type="base64Binary"/>
+ <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
+ </sequence>
+ </choice>
+ </complexType>
+ <!-- End PGPData -->
+ <!-- Begin SPKIData -->
+ <element name="SPKIData" type="ds:SPKIDataType"/>
+ <complexType name="SPKIDataType">
+ <sequence maxOccurs="unbounded">
+ <element name="SPKISexp" type="base64Binary"/>
+ <any namespace="##other" processContents="lax" minOccurs="0"/>
+ </sequence>
+ </complexType>
+ <!-- End SPKIData -->
+ <!-- End KeyInfo -->
+ <!-- Start Object (Manifest, SignatureProperty) -->
+ <element name="Object" type="ds:ObjectType"/>
+ <complexType name="ObjectType" mixed="true">
+ <sequence minOccurs="0" maxOccurs="unbounded">
+ <any namespace="##any" processContents="lax"/>
+ </sequence>
+ <attribute name="Id" type="ID" use="optional"/>
+ <attribute name="MimeType" type="string" use="optional"/>
+ <attribute name="Encoding" type="anyURI" use="optional"/>
+ <!-- add a grep facet -->
+ </complexType>
+ <element name="Manifest" type="ds:ManifestType"/>
+ <complexType name="ManifestType">
+ <sequence>
+ <element ref="ds:Reference" maxOccurs="unbounded"/>
+ </sequence>
+ <attribute name="Id" type="ID" use="optional"/>
+ </complexType>
+ <element name="SignatureProperties" type="ds:SignaturePropertiesType"/>
+ <complexType name="SignaturePropertiesType">
+ <sequence>
+ <element ref="ds:SignatureProperty" maxOccurs="unbounded"/>
+ </sequence>
+ <attribute name="Id" type="ID" use="optional"/>
+ </complexType>
+ <element name="SignatureProperty" type="ds:SignaturePropertyType"/>
+ <complexType name="SignaturePropertyType" mixed="true">
+ <choice maxOccurs="unbounded">
+ <any namespace="##other" processContents="lax"/>
+ <!-- (1,1) elements from (1,unbounded) namespaces -->
+ </choice>
+ <attribute name="Target" type="anyURI" use="required"/>
+ <attribute name="Id" type="ID" use="optional"/>
+ </complexType>
+ <!-- End Object (Manifest, SignatureProperty) -->
+ <!-- Start Algorithm Parameters -->
+ <simpleType name="HMACOutputLengthType">
+ <restriction base="integer"/>
+ </simpleType>
+ <!-- Start KeyValue Element-types -->
+ <element name="DSAKeyValue" type="ds:DSAKeyValueType"/>
+ <complexType name="DSAKeyValueType">
+ <sequence>
+ <sequence minOccurs="0">
+ <element name="P" type="ds:CryptoBinary"/>
+ <element name="Q" type="ds:CryptoBinary"/>
+ </sequence>
+ <element name="G" type="ds:CryptoBinary" minOccurs="0"/>
+ <element name="Y" type="ds:CryptoBinary"/>
+ <element name="J" type="ds:CryptoBinary" minOccurs="0"/>
+ <sequence minOccurs="0">
+ <element name="Seed" type="ds:CryptoBinary"/>
+ <element name="PgenCounter" type="ds:CryptoBinary"/>
+ </sequence>
+ </sequence>
+ </complexType>
+ <element name="RSAKeyValue" type="ds:RSAKeyValueType"/>
+ <complexType name="RSAKeyValueType">
+ <sequence>
+ <element name="Modulus" type="ds:CryptoBinary"/>
+ <element name="Exponent" type="ds:CryptoBinary"/>
+ </sequence>
+ </complexType>
+ <!-- End KeyValue Element-types -->
+ <!-- End Signature -->
+</schema>
diff --git a/common/src/main/resources/resources/schemas/xmldsig-filter2.xsd b/common/src/main/resources/resources/schemas/xmldsig-filter2.xsd new file mode 100644 index 000000000..330eafd19 --- /dev/null +++ b/common/src/main/resources/resources/schemas/xmldsig-filter2.xsd @@ -0,0 +1,38 @@ +<?xml version="1.0" encoding="utf-8"?>
+<!-- documented out for compatibility with Xerces-2.0.2
+ <!DOCTYPE schema
+ PUBLIC "-//W3C//DTD XMLSchema 200102//EN" "http://www.w3.org/2001/XMLSchema.dtd"
+ [
+ <!ATTLIST schema
+ xmlns:xf CDATA #FIXED 'http://www.w3.org/2002/06/xmldsig-filter2'>
+ <!ENTITY xf 'http://www.w3.org/2002/06/xmldsig-filter2'>
+ <!ENTITY % p ''>
+ <!ENTITY % s ''>
+ ]>
+-->
+
+ <schema xmlns="http://www.w3.org/2001/XMLSchema"
+ xmlns:xf="http://www.w3.org/2002/06/xmldsig-filter2"
+ targetNamespace="http://www.w3.org/2002/06/xmldsig-filter2"
+ version="0.1" elementFormDefault="qualified">
+
+ <element name="XPath"
+ type="xf:XPathType"/>
+
+ <complexType name="XPathType">
+ <simpleContent>
+ <extension base="string">
+ <attribute name="Filter">
+ <simpleType>
+ <restriction base="string">
+ <enumeration value="intersect"/>
+ <enumeration value="subtract"/>
+ <enumeration value="union"/>
+ </restriction>
+ </simpleType>
+ </attribute>
+ </extension>
+ </simpleContent>
+ </complexType>
+
+ </schema>
\ No newline at end of file diff --git a/common/src/test/java/test/at/gv/egovernment/moa/AllTests.java b/common/src/test/java/test/at/gv/egovernment/moa/AllTests.java new file mode 100644 index 000000000..949258360 --- /dev/null +++ b/common/src/test/java/test/at/gv/egovernment/moa/AllTests.java @@ -0,0 +1,62 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package test.at.gv.egovernment.moa; + +import test.at.gv.egovernment.moa.util.DOMUtilsTest; +import test.at.gv.egovernment.moa.util.DateTimeUtilsTest; +import test.at.gv.egovernment.moa.util.KeyStoreUtilsTest; +import test.at.gv.egovernment.moa.util.SSLUtilsTest; +import test.at.gv.egovernment.moa.util.XPathUtilsTest; + +import junit.awtui.TestRunner; +import junit.framework.Test; +import junit.framework.TestSuite; + +/** + * @author patrick + * @version $Id$ + */ +public class AllTests { + + public static Test suite() { + TestSuite suite = new TestSuite(); + + suite.addTestSuite(DOMUtilsTest.class); + suite.addTestSuite(DateTimeUtilsTest.class); + suite.addTestSuite(XPathUtilsTest.class); + suite.addTestSuite(KeyStoreUtilsTest.class); + suite.addTestSuite(SSLUtilsTest.class); + + return suite; + } + + public static void main(String[] args) { + try { + TestRunner.run(AllTests.class); + } catch (Exception e) { + e.printStackTrace(); + } + } +} diff --git a/common/src/test/java/test/at/gv/egovernment/moa/MOATestCase.java b/common/src/test/java/test/at/gv/egovernment/moa/MOATestCase.java new file mode 100644 index 000000000..5d1c5371a --- /dev/null +++ b/common/src/test/java/test/at/gv/egovernment/moa/MOATestCase.java @@ -0,0 +1,99 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package test.at.gv.egovernment.moa; + +import java.io.FileInputStream; +import java.io.StringReader; + +import javax.xml.parsers.DocumentBuilder; +import javax.xml.parsers.DocumentBuilderFactory; + +import org.w3c.dom.Document; + +import org.xml.sax.InputSource; + +import junit.framework.TestCase; + +import at.gv.egovernment.moa.util.Constants; +import at.gv.egovernment.moa.util.DOMUtils; + +/** + * Base class for MOA test cases. + * + * Provides some utility functions. + * + * @author Patrick Peck + * @version $Id$ + */ +public class MOATestCase extends TestCase { + + protected static final String TESTDATA_ROOT = "data/test/"; + + /** + * Constructor for MOATestCase. + * @param arg0 + */ + public MOATestCase(String name) { + super(name); + } + + /** + * Parse an XML file non-validating. + */ + public static Document parseXml(String fileName) throws Exception { + return DOMUtils.parseDocument( + new FileInputStream(fileName), + false, + null, + null); + } + + /** + * Parse an XML validating with a given file name. + * + * Uses the local schema resources. + */ + public static Document parseXmlValidating(String fileName) throws Exception { + return DOMUtils.parseDocument( + new FileInputStream(fileName), + true, + Constants.ALL_SCHEMA_LOCATIONS, + null); + } + + /** + * Parse an XML from a String. + */ + public static Document parseXmlString(String xml) throws Exception { + DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); + DocumentBuilder builder; + + factory.setNamespaceAware(true); + builder = factory.newDocumentBuilder(); + + return builder.parse(new InputSource(new StringReader(xml))); + } + +} diff --git a/common/src/test/java/test/at/gv/egovernment/moa/util/DOMUtilsTest.java b/common/src/test/java/test/at/gv/egovernment/moa/util/DOMUtilsTest.java new file mode 100644 index 000000000..1a2b6904d --- /dev/null +++ b/common/src/test/java/test/at/gv/egovernment/moa/util/DOMUtilsTest.java @@ -0,0 +1,161 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package test.at.gv.egovernment.moa.util; +import java.io.FileInputStream; +import java.util.Map; + +import org.w3c.dom.Document; +import org.w3c.dom.Element; +import org.w3c.dom.NodeList; + +import test.at.gv.egovernment.moa.*; + +import at.gv.egovernment.moa.util.Constants; +import at.gv.egovernment.moa.util.DOMUtils; + +/** + * @author Patrick Peck + * @version $Id$ + */ +public class DOMUtilsTest extends MOATestCase { + private static final String TESTDATA_BASE = TESTDATA_ROOT + "xml/"; + private static boolean grammarsInitialized = false; + + /** + * Constructor for DOMUtilsTest. + * @param name + */ + public DOMUtilsTest(String name) { + super(name); + } + + protected void setUp() throws Exception { + if (!grammarsInitialized) { + // preparse XML schema + DOMUtils.addSchemaToPool( + getClass().getResourceAsStream(Constants.XML_SCHEMA_LOCATION), + Constants.XML_NS_URI); + // preparse XMLDsig Filter2 schema + DOMUtils.addSchemaToPool( + getClass().getResourceAsStream(Constants.DSIG_FILTER2_SCHEMA_LOCATION), + Constants.DSIG_FILTER2_NS_URI); + // preparse XMLDsig schema + DOMUtils.addSchemaToPool( + getClass().getResourceAsStream(Constants.DSIG_SCHEMA_LOCATION), + Constants.DSIG_NS_URI); + // preparse MOA schema + DOMUtils.addSchemaToPool( + getClass().getResourceAsStream(Constants.MOA_SCHEMA_LOCATION), + Constants.MOA_NS_URI); + grammarsInitialized = true; + } + } + + private Document parse(String fileName) throws Exception { + return DOMUtils.parseDocument( + new FileInputStream(fileName), + true, + Constants.ALL_SCHEMA_LOCATIONS, + null); + } + + public void testParseCreateXMLSignature() throws Exception { + parse(TESTDATA_BASE + "CreateXMLSignature/TestGeneratorCX2.005.Req.xml"); + parse(TESTDATA_BASE + "CreateXMLSignature/Req000.xml"); + parse(TESTDATA_BASE + "CreateXMLSignature/Req001.xml"); + parse(TESTDATA_BASE + "CreateXMLSignature/Req002.xml"); + parse(TESTDATA_BASE + "CreateXMLSignature/Req004.xml"); + } + + public void testParseVerifyCMSSignature() throws Exception { + parse(TESTDATA_BASE + "VerifyCMSSignature/Req000.xml"); + } + + public void testParseVerifyXMLSignature() throws Exception { + parse(TESTDATA_BASE + "VerifyXMLSignature/Req000.xml"); + parse(TESTDATA_BASE + "VerifyXMLSignature/Req001.xml"); + parse(TESTDATA_BASE + "VerifyXMLSignature/Req002.xml"); + parse(TESTDATA_BASE + "VerifyXMLSignature/TestGeneratorVX.002.Req.xml"); + //parse(TESTDATA_BASE + "VerifyXMLSignature/TestGeneratorVX.006.Req.xml"); + parse(TESTDATA_BASE + "VerifyXMLSignature/VerifySAMLRequest.xml"); + } + + public void testParseInfobox() throws Exception { + parse(TESTDATA_BASE + "Infobox/InfoboxReadResponseMOA4.xml"); + parse(TESTDATA_BASE + "Infobox/InfoboxReadResponse.xml"); + } + + + private Document parsePlain(String fileName) throws Exception { + return DOMUtils.parseDocument( + new FileInputStream(fileName), + false, + null, + null); + } + + public void testValidateCreateXMLSignature() throws Exception { + Document doc; + boolean valid; + + // test a valid request + doc = parsePlain(TESTDATA_BASE + "CreateXMLSignature/Req000.xml"); + valid = + DOMUtils.validateElement( + doc.getDocumentElement(), + Constants.ALL_SCHEMA_LOCATIONS, + null); + assertTrue(valid); + + // test an invalid request + doc = parsePlain(TESTDATA_BASE + "CreateXMLSignature/invalid.xml"); + try { + valid = + DOMUtils.validateElement( + doc.getDocumentElement(), + Constants.ALL_SCHEMA_LOCATIONS, + null); + fail(); + } catch (Exception e) { + } + } + + public void testGetNamespaceDeclarations() throws Exception { + Document doc; + NodeList nl; + Element elem; + Map nsDecls; + + doc = parse(TESTDATA_BASE + "VerifyXMLSignature/Req002.xml"); + nl = doc.getElementsByTagNameNS(Constants.DSIG_NS_URI, "Reference"); + elem = (Element) nl.item(0); + nsDecls = DOMUtils.getNamespaceDeclarations(elem); + + assertEquals(2, nsDecls.size()); + assertEquals(Constants.DSIG_NS_URI, nsDecls.get("dsig")); + assertEquals(Constants.MOA_NS_URI, nsDecls.get("")); + } + +} diff --git a/common/src/test/java/test/at/gv/egovernment/moa/util/DateTimeUtilsTest.java b/common/src/test/java/test/at/gv/egovernment/moa/util/DateTimeUtilsTest.java new file mode 100644 index 000000000..3364e9888 --- /dev/null +++ b/common/src/test/java/test/at/gv/egovernment/moa/util/DateTimeUtilsTest.java @@ -0,0 +1,128 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package test.at.gv.egovernment.moa.util; +import java.text.DateFormat; +import java.text.ParseException; +import java.text.SimpleDateFormat; +import java.util.Calendar; +import java.util.Date; +import java.util.GregorianCalendar; +import java.util.TimeZone; + +import junit.framework.TestCase; + +import at.gv.egovernment.moa.util.DateTimeUtils; + +/** + * @author Patrick Peck + * @version $Id$ + */ +public class DateTimeUtilsTest extends TestCase { + + /** + * Constructor for DateTimeUtilsTest. + * @param arg0 + */ + public DateTimeUtilsTest(String arg0) { + super(arg0); + } + + public void testParseDateTimeValid() throws Exception { + Date date; + DateFormat format = SimpleDateFormat.getDateTimeInstance(); + String dateStr; + + format.setTimeZone(TimeZone.getTimeZone("GMT")); + date = DateTimeUtils.parseDateTime("+1971-12-12T06:30:15"); + date.setTime(date.getTime() + TimeZone.getDefault().getRawOffset()); + dateStr = format.format(date); + assertEquals("12.12.1971 06:30:15", dateStr); + + date = DateTimeUtils.parseDateTime("2000-01-01T23:59:59.012Z"); + dateStr = format.format(date); + assertEquals("01.01.2000 23:59:59", dateStr); + + date = DateTimeUtils.parseDateTime("2003-05-20T12:17:30-05:00"); + dateStr = format.format(date); + assertEquals("20.05.2003 17:17:30", dateStr); + + + date = DateTimeUtils.parseDateTime("2002-02-02T02:02:02.33+04:30"); + dateStr = format.format(date); + assertEquals("01.02.2002 21:32:02", dateStr); + } + + public void testParseDateTimeInvalid() { + try { + DateTimeUtils.parseDateTime("+1971-12-12T6:30:15"); + fail(); + } catch (ParseException e) { + } + + try { + DateTimeUtils.parseDateTime("2000-01-0123:59:59.999999Z"); + fail(); + } catch (ParseException e) { + } + + try { + DateTimeUtils.parseDateTime("2003-05-20T12:17:3005:00"); + fail(); + } catch (ParseException e) { + } + + try { + DateTimeUtils.parseDateTime(" 2002-02-02T02:02:02.33+04:00"); + fail(); + } catch (ParseException e) { + } + + } + + public void testBuildDateTimeGMTMinus3() { + String should = "2002-01-01T01:01:01-03:00"; + doTestBuildDateTime(2002, 1, 1, 1, 1, 1, "GMT-03:00", should); + } + public void testBuildDateTimeMEZSommerzeit() { + String should = "2002-07-31T23:59:59+02:00"; + doTestBuildDateTime(2002, 7, 31, 23, 59, 59, "GMT+01:00", should); + } + public void testBuildDateTimeGMT() { + String should = "2002-01-01T01:01:01"; + doTestBuildDateTime(2002, 1, 1, 1, 1, 1, "GMT+00:00", should); + } + private void doTestBuildDateTime( + int year, int month, int day, + int hour, int min, int sec, + String timeZone, String dateTimeShould) { + + Calendar cal = new GregorianCalendar(TimeZone.getTimeZone(timeZone)); + cal.set(year,month, day, hour, min, sec); + cal.set(Calendar.MILLISECOND, 0); + String dateTimeBuilt = DateTimeUtils.buildDateTime(cal, false); + assertEquals(dateTimeShould, dateTimeBuilt); + } + +} diff --git a/common/src/test/java/test/at/gv/egovernment/moa/util/KeyStoreUtilsTest.java b/common/src/test/java/test/at/gv/egovernment/moa/util/KeyStoreUtilsTest.java new file mode 100644 index 000000000..2433eca89 --- /dev/null +++ b/common/src/test/java/test/at/gv/egovernment/moa/util/KeyStoreUtilsTest.java @@ -0,0 +1,114 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package test.at.gv.egovernment.moa.util; + +import java.io.File; +import java.io.FileInputStream; +import java.io.FileOutputStream; +import java.io.IOException; +import java.math.BigInteger; +import java.security.KeyStore; +import java.security.Security; +import java.security.cert.X509Certificate; +import java.util.Enumeration; + +import at.gv.egovernment.moa.util.KeyStoreUtils; + +import junit.framework.TestCase; + +/** + * @author Paul Ivancsics + * @version $Id$ + */ +public class KeyStoreUtilsTest extends TestCase { + private String tmpDir = "tmp/KeyStoreUtilsTest"; + private String tmpDirURL = "file:" + tmpDir; + + public KeyStoreUtilsTest(String arg0) { + super(arg0); + } + + protected void setUp() throws Exception { + Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider()); + new File(tmpDir).mkdirs(); + } + protected void tearDown() throws Exception { + new File(tmpDir).delete(); + } + public void testCreateKeyStoreJKS() throws Exception { + String[] certFilenames = new String[] { + "data/test/security/server-certs/baltimore.cer" + }; + KeyStore ks = KeyStoreUtils.createKeyStore("jks", certFilenames); + assertEquals(1, ks.size()); + X509Certificate cert = (X509Certificate)ks.getCertificate("0"); + assertEquals(3424, cert.getSerialNumber().intValue()); + } + public void testCreateKeyStorePKCS12() throws Exception { + String[] certFilenames = new String[] { + "data/test/security/server-certs/baltimore.cer" + }; + KeyStore ks = KeyStoreUtils.createKeyStore("pkcs12", certFilenames); + assertEquals(1, ks.size()); + X509Certificate cert = (X509Certificate)ks.getCertificate("0"); + assertEquals(3424, cert.getSerialNumber().intValue()); + } + public void testCreateKeyStoreFromCertificateDirectory() throws Exception { + // copy certificate files to a temporary directory, + // omitting the "CVS" directory in the source directory + copyCertificates("data/test/security/server-certs", tmpDir); + KeyStore ks = KeyStoreUtils.createKeyStoreFromCertificateDirectory("jks", tmpDirURL); + assertEquals(2, ks.size()); + X509Certificate cert0 = (X509Certificate)ks.getCertificate("0"); + X509Certificate cert1 = (X509Certificate)ks.getCertificate("1"); + assertTrue(3424 == cert0.getSerialNumber().intValue() || 3424 == cert1.getSerialNumber().intValue()); + } + private void copyCertificates(String from, String to) throws IOException { + String[] fromList = new File(from).list(); + for (int i = 0; i < fromList.length; i++) { + File fromFile = new File(from + File.separator + fromList[i]); + if (fromFile.isFile()) { + String toFile = to + "/" + fromList[i]; + FileInputStream in = new FileInputStream(fromFile); + FileOutputStream out = new FileOutputStream(toFile); + for (int ch = in.read(); ch >= 0; ch = in.read()) + out.write(ch); + out.close(); + in.close(); + } + } + + } + public void testLoadKeyStore() throws Exception { + String keyStoreURL = "file:data/test/security/client-certs/sicher-demo(buergerkarte).p12"; + KeyStore ks = KeyStoreUtils.loadKeyStore("pkcs12", keyStoreURL, "buergerkarte"); + assertEquals(1, ks.size()); + Enumeration aliases = ks.aliases(); + String alias = (String)aliases.nextElement(); + X509Certificate cert = (X509Certificate)ks.getCertificate(alias); + assertEquals(new BigInteger("1044289238331").intValue(), cert.getSerialNumber().intValue()); + } + +} diff --git a/common/src/test/java/test/at/gv/egovernment/moa/util/SSLUtilsTest.java b/common/src/test/java/test/at/gv/egovernment/moa/util/SSLUtilsTest.java new file mode 100644 index 000000000..2b5094fb8 --- /dev/null +++ b/common/src/test/java/test/at/gv/egovernment/moa/util/SSLUtilsTest.java @@ -0,0 +1,181 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package test.at.gv.egovernment.moa.util; + +import java.net.URL; +import java.security.KeyStore; +import java.security.Security; + +import javax.net.ssl.SSLException; +import javax.net.ssl.SSLSocketFactory; + +import junit.framework.TestCase; +import at.gv.egovernment.moa.util.KeyStoreUtils; +import at.gv.egovernment.moa.util.SSLUtils; + +import com.sun.net.ssl.HostnameVerifier; +import com.sun.net.ssl.HttpsURLConnection; + +/** + * @author Paul Ivancsics + * @version $Id$ + */ +public class SSLUtilsTest extends TestCase { + + public SSLUtilsTest(String arg0) { + super(arg0); + } + + + protected void setUp() throws Exception { + //System.setProperty("javax.net.debug", "all"); + Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider()); + System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol"); + System.setProperty("https.cipherSuites", "SSL_DHE_DSS_WITH_DES_CBC_SHA,SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA,SSL_RSA_WITH_DES_CBC_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA,SSL_RSA_EXPORT_WITH_RC4_40_MD5"); + } + + public void testGetSSLSocketFactoryBaltimoreOK() throws Exception { + doTestGetSSLSocketFactory( + "GET", + "https://www.baltimore.com/", + false, + "file:data/test/security/cacerts+gt_cybertrust_root", + "changeit", + true); + } + public void testGetSSLSocketFactoryBaltimoreNOK() throws Exception { + doTestGetSSLSocketFactory( + "GET", + "https://www.baltimore.com/", + false, + "file:data/test/security/cacerts", + "changeit", + false); + } + public void testGetSSLSocketFactoryVerisignOK() throws Exception { + doTestGetSSLSocketFactory( + "GET", + "https://www.verisign.com/", + false, + "file:data/test/security/cacerts", + "changeit", + true); + } + public void testGetSSLSocketFactoryVerisignNoTruststoreOK() throws Exception { + doTestGetSSLSocketFactory( + "GET", + "https://www.verisign.com/", + false, + null, + null, + true); + } + public void testGetSSLSocketFactoryLocalhostOK() throws Exception { + String urlString = "https://localhost:8443/moa-id-auth/index.jsp"; + doTestGetSSLSocketFactory( + "GET", + urlString, + true, + "file:data/test/security/server.keystore.tomcat", + "changeit", + true); + } + public void testGetSSLSocketFactoryLocalhostNOK() throws Exception { + String urlString = "https://localhost:8443/moa-id-auth/index.jsp"; + doTestGetSSLSocketFactory( + "GET", + urlString, + true, + null, + null, + false); + } + + public void doTestGetSSLSocketFactory( + String requestMethod, + String urlString, + boolean useHostnameVerifierHack, + String truststoreurl, + String trustpassword, + boolean shouldOk + ) throws Exception { + + doTestGetSSLSocketFactory( + requestMethod, urlString, useHostnameVerifierHack, truststoreurl, trustpassword, null, null, null, shouldOk); + } + public void doTestGetSSLSocketFactory( + String requestMethod, + String urlString, + boolean useHostnameVerifierHack, + String truststoreurl, + String trustpassword, + String keystoretype, + String keystoreurl, + String keypassword, + boolean shouldOk + ) throws Exception { + + KeyStore truststore = null; + if (truststoreurl != null) + truststore = KeyStoreUtils.loadKeyStore("jks", truststoreurl, trustpassword); + SSLSocketFactory sf = SSLUtils.getSSLSocketFactory( + truststore, keystoretype, keystoreurl, keypassword); + System.out.println(requestMethod + " " + urlString); + + URL url = new URL(urlString); + HttpsURLConnection conn = (HttpsURLConnection)url.openConnection(); + conn.setRequestMethod(requestMethod); + conn.setDoInput(true); + conn.setDoOutput(true); + conn.setUseCaches(false); + conn.setAllowUserInteraction(false); + conn.setSSLSocketFactory(sf); + if (useHostnameVerifierHack) + conn.setHostnameVerifier(new HostnameVerifierHack()); + try { + conn.connect(); + assertTrue(shouldOk); + assertEquals(200, conn.getResponseCode()); + conn.disconnect(); + } + catch (SSLException ex) { + assertFalse(shouldOk); + } + } +// private byte[] readTruststore(String filename) throws IOException { +// if (filename == null) +// return null; +// FileInputStream in = new FileInputStream(filename); +// byte[] buffer = new byte[in.available()]; +// in.read(buffer); +// in.close(); +// return buffer; +// } + private class HostnameVerifierHack implements HostnameVerifier { + public boolean verify(String arg0, String arg1) { + return true; + } + } +} diff --git a/common/src/test/java/test/at/gv/egovernment/moa/util/URLDecoderTest.java b/common/src/test/java/test/at/gv/egovernment/moa/util/URLDecoderTest.java new file mode 100644 index 000000000..59163f112 --- /dev/null +++ b/common/src/test/java/test/at/gv/egovernment/moa/util/URLDecoderTest.java @@ -0,0 +1,53 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package test.at.gv.egovernment.moa.util; + +import java.net.URLEncoder; + +import at.gv.egovernment.moa.util.FileUtils; +import at.gv.egovernment.moa.util.URLDecoder; + +import junit.framework.TestCase; + +/* + * @author Paul Ivancsics + * @version $Id$ + */ +public class URLDecoderTest extends TestCase { + + public void test() throws Exception { + String s = "immerZUA0129<>%==$$%&/()@?{()=} \\\"äöüÄÖÜ?§"; + String senc = URLEncoder.encode(s); + String sdec = URLDecoder.decode(senc, "ISO-8859-1"); + assertEquals(s, sdec); + } + public void testUTF8() throws Exception { + String s = new String(FileUtils.readFile("data/test/xml/CreateXMLSignature/CreateXMLSignatureResponse.xml")); + String senc = URLEncoder.encode(s); + String sdec = URLDecoder.decode(senc, "UTF-8"); + String sutf8 = FileUtils.readFile("data/test/xml/CreateXMLSignature/CreateXMLSignatureResponse.xml", "UTF-8"); + assertEquals(sutf8, sdec); + } +} diff --git a/common/src/test/java/test/at/gv/egovernment/moa/util/URLEncoderTest.java b/common/src/test/java/test/at/gv/egovernment/moa/util/URLEncoderTest.java new file mode 100644 index 000000000..88c74f3ae --- /dev/null +++ b/common/src/test/java/test/at/gv/egovernment/moa/util/URLEncoderTest.java @@ -0,0 +1,67 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package test.at.gv.egovernment.moa.util; + +import at.gv.egovernment.moa.util.FileUtils; +import at.gv.egovernment.moa.util.URLDecoder; +import at.gv.egovernment.moa.util.URLEncoder; +import junit.framework.TestCase; + +/* + * @author Paul Ivancsics + * @version $Id$ + */ +public class URLEncoderTest extends TestCase { + + public void testUnchangedString() throws Exception { + String s = "AZaz0123456789.-*_"; + String senc = URLEncoder.encode(s, "UTF-8"); + assertEquals(s, senc); + } + public void testAumlUTF8() throws Exception { + String s = "ä"; + String senc = URLEncoder.encode(s, "UTF-8"); + assertEquals("%C3%A4", senc); + } + public void testEncodeDecode() throws Exception { + String s = "AZaz09.-*_ <>%=$%&/()@?{}[]\\\"'äöüÄÖÜߧ"; + String senc = URLEncoder.encode(s, "UTF-8"); + String sdec = URLDecoder.decode(senc, "UTF-8"); + assertEquals(s, sdec); + } + public void testCertInfo() throws Exception { + String s = new String(FileUtils.readFile("data/test/xml/VerifyXMLSignature/CertInfoVerifyXMLSignatureRequest.xml", "UTF-8")); + String senc = URLEncoder.encode(s, "UTF-8"); + String sdec = URLDecoder.decode(senc, "UTF-8"); + assertEquals(s, sdec); + } + /*public void testJDK14() throws Exception { + String s = new String(FileUtils.readFile("data/test/xml/VerifyXMLSignature/CertInfoVerifyXMLSignatureRequest.xml", "UTF-8")); + String senc = URLEncoder.encode(s, "UTF-8"); + String senc14 = java.net.URLEncoder.encode(s, "UTF-8"); + assertEquals(senc, senc14); + }*/ + +} diff --git a/common/src/test/java/test/at/gv/egovernment/moa/util/XMLGrammarBuilderTest.java b/common/src/test/java/test/at/gv/egovernment/moa/util/XMLGrammarBuilderTest.java new file mode 100644 index 000000000..dfe7a5358 --- /dev/null +++ b/common/src/test/java/test/at/gv/egovernment/moa/util/XMLGrammarBuilderTest.java @@ -0,0 +1,123 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package test.at.gv.egovernment.moa.util; +import java.io.FileInputStream; +import java.io.InputStream; + +import org.apache.xerces.parsers.DOMParser; +import org.apache.xerces.parsers.XMLGrammarPreparser; +import org.apache.xerces.util.SymbolTable; +import org.apache.xerces.util.XMLGrammarPoolImpl; +import org.apache.xerces.xni.grammars.Grammar; +import org.apache.xerces.xni.grammars.XMLGrammarDescription; +import org.apache.xerces.xni.parser.XMLInputSource; +import org.xml.sax.InputSource; + +import test.at.gv.egovernment.moa.MOATestCase; + +import at.gv.egovernment.moa.util.Constants; + + +/** + * Experimentation with Xerces grammar caching. + * + * Used the Xerces sample 'XMLGrammarBuilder' as a starting point. + * + * @author Patrick Peck + * @version $Id$ + */ +public class XMLGrammarBuilderTest extends MOATestCase { + + private static final String GRAMMAR_POOL = + org.apache.xerces.impl.Constants.XERCES_PROPERTY_PREFIX + + org.apache.xerces.impl.Constants.XMLGRAMMAR_POOL_PROPERTY; + + protected static final String NAMESPACES_FEATURE_ID = + "http://xml.org/sax/features/namespaces"; + protected static final String VALIDATION_FEATURE_ID = + "http://xml.org/sax/features/validation"; + protected static final String SCHEMA_VALIDATION_FEATURE_ID = + "http://apache.org/xml/features/validation/schema"; + protected static final String SCHEMA_FULL_CHECKING_FEATURE_ID = + "http://apache.org/xml/features/validation/schema-full-checking"; + + private static final int BIG_PRIME = 2039; + private SymbolTable symbolTable; + private XMLGrammarPoolImpl grammarPool; + + /** + * Constructor for XMLGrammarBuilderTest. + * @param name + */ + public XMLGrammarBuilderTest(String name) { + super(name); + } + + protected void setUp() throws Exception { + XMLGrammarPreparser preparser; + + // set up symbol table and grammar pool + symbolTable = new SymbolTable(BIG_PRIME); + grammarPool = new XMLGrammarPoolImpl(); + preparser = new XMLGrammarPreparser(symbolTable); + preparser.registerPreparser(XMLGrammarDescription.XML_SCHEMA, null); + preparser.setProperty(GRAMMAR_POOL, grammarPool); + preparser.setFeature(NAMESPACES_FEATURE_ID, true); + preparser.setFeature(VALIDATION_FEATURE_ID, true); + // now we can still do schema features just in case, + // so long as it's our configuraiton...... + preparser.setFeature(SCHEMA_VALIDATION_FEATURE_ID, true); + preparseSchemaResource( + preparser, + Constants.DSIG_SCHEMA_LOCATION, + "/resources/schemas/xmldsig-core-schema.xsd"); + } + + private static Grammar preparseSchemaResource( + XMLGrammarPreparser preparser, + String systemId, + String resource) + throws Exception { + + InputStream is = XMLGrammarBuilderTest.class.getResourceAsStream(resource); + return preparser.preparseGrammar( + XMLGrammarDescription.XML_SCHEMA, + new XMLInputSource(null, systemId, null, is, null)); + } + + public void testParseValidating() throws Exception { + DOMParser parser = new DOMParser(symbolTable, grammarPool); + + parser.setFeature(NAMESPACES_FEATURE_ID, true); + parser.setFeature(VALIDATION_FEATURE_ID, true); + parser.setFeature(SCHEMA_VALIDATION_FEATURE_ID, true); + + parser.parse( + new InputSource( + new FileInputStream(TESTDATA_ROOT + "xml/dsigTransform/base64.xml"))); + parser.getDocument(); + } + +} diff --git a/common/src/test/java/test/at/gv/egovernment/moa/util/XPathUtilsTest.java b/common/src/test/java/test/at/gv/egovernment/moa/util/XPathUtilsTest.java new file mode 100644 index 000000000..15e6a62f3 --- /dev/null +++ b/common/src/test/java/test/at/gv/egovernment/moa/util/XPathUtilsTest.java @@ -0,0 +1,75 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package test.at.gv.egovernment.moa.util; +import org.w3c.dom.Document; +import org.w3c.dom.NodeList; + +import test.at.gv.egovernment.moa.MOATestCase; + +import at.gv.egovernment.moa.util.XPathUtils; + + +/** + * @author Patrick Peck + * @version $Id$ + */ +public class XPathUtilsTest extends MOATestCase { + + private Document doc1; + + /** + * Constructor for XPathUtilsTest. + * @param name + */ + public XPathUtilsTest(String name) { + super(name); + } + + /** + * @see TestCase#setUp() + */ + protected void setUp() throws Exception { + super.setUp(); + doc1 = + parseXml(TESTDATA_ROOT + "xml/VerifyXMLSignature/Req000.xml"); + } + + public void testSelectNodeList() throws Exception { + NodeList nodes; + + nodes = + XPathUtils.selectNodeList( + doc1.getDocumentElement(), + doc1.getDocumentElement(), + "/VerifyXMLSignatureRequest"); + assertEquals(1, nodes.getLength()); + nodes = + XPathUtils.selectNodeList( + doc1.getDocumentElement(), + "//dsig:Signature"); + assertEquals(1, nodes.getLength()); + } + +} |