From dd45e938564249a5e6897bd92dd29808d8990868 Mon Sep 17 00:00:00 2001
From: rudolf <rudolf@d688527b-c9ab-4aba-bd8d-4036d912da1d>
Date: Fri, 24 Oct 2003 08:34:56 +0000
Subject: MOA-ID version 1.1 (initial)

git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/trunk@19 d688527b-c9ab-4aba-bd8d-4036d912da1d
---
 .../ixsil/init/properties/algorithms.properties    |  94 +++++
 .../test/ixsil/init/properties/init.properties     | 214 +++++++++++
 .../ixsil/init/properties/keyManager.properties    |  74 ++++
 .../data/test/ixsil/init/schemas/Signature.xsd     | 328 +++++++++++++++++
 .../data/test/ixsil/init/schemas/XMLSchema.dtd     | 402 +++++++++++++++++++++
 .../data/test/ixsil/init/schemas/datatypes.dtd     | 203 +++++++++++
 6 files changed, 1315 insertions(+)
 create mode 100644 id.server/data/test/ixsil/init/properties/algorithms.properties
 create mode 100644 id.server/data/test/ixsil/init/properties/init.properties
 create mode 100644 id.server/data/test/ixsil/init/properties/keyManager.properties
 create mode 100644 id.server/data/test/ixsil/init/schemas/Signature.xsd
 create mode 100644 id.server/data/test/ixsil/init/schemas/XMLSchema.dtd
 create mode 100644 id.server/data/test/ixsil/init/schemas/datatypes.dtd

(limited to 'id.server/data/test/ixsil')

diff --git a/id.server/data/test/ixsil/init/properties/algorithms.properties b/id.server/data/test/ixsil/init/properties/algorithms.properties
new file mode 100644
index 000000000..35a41cfdd
--- /dev/null
+++ b/id.server/data/test/ixsil/init/properties/algorithms.properties
@@ -0,0 +1,94 @@
+# IXSIL algorithm properties
+#
+# This file contains the properties which IXSIL uses to maintain the available algorithms.
+
+
+
+#----------------------------------------------------------------------------------------------------------
+# Canonicalization algorithms
+#
+# The following properties (starting with "Canonicalization.") are associations between canonicalization
+# algorithm URIs and their corresponding implementation classes.
+#
+# For instance, if you would like to specify the implementation class for the canonicalization algorithm
+# with the identifying URI "http://www.w3.org/TR/2001/REC-xml-c14n-20010315", the name of the algorithm
+# property is "Canonicalization.http://www.w3.org/TR/2001/REC-xml-c14n-20010315", i.e. the identifying URI,
+# prepended by the canonicalization algorithm property identifier ("Canonicalization."). The value of the
+# property is the fully qualified class name of the implementation for this algorithm, for instance the
+# standard impl. shipped with IXSIL, "iaik.ixsil.algorithms.CanonicalizationAlgorithmImplCanonicalXML".
+#
+# PLEASE NOTE: The colon character (":") must be escaped by a leading backslash, if it appears in the
+#              property name.
+
+Canonicalization.http\://www.w3.org/TR/2001/REC-xml-c14n-20010315 = iaik.ixsil.algorithms.CanonicalizationAlgorithmImplCanonicalXML
+Canonicalization.http\://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments = iaik.ixsil.algorithms.CanonicalizationAlgorithmImplCanonicalXMLWithComments
+Canonicalization.http\://www.w3.org/2001/10/xml-exc-c14n# = iaik.ixsil.algorithms.CanonicalizationAlgorithmImplExclusiveCanonicalXML
+Canonicalization.http\://www.w3.org/2001/10/xml-exc-c14n#WithComments = iaik.ixsil.algorithms.CanonicalizationAlgorithmImplExclusiveCanonicalXMLWithComments
+
+#----------------------------------------------------------------------------------------------------------
+# Signature algorithms
+#
+# The following properties (starting with "Signature.") are associations between signature algorithm URIs and
+# their corresponding implementation classes.
+#
+# For instance, if you would like to specify the implementation class for the signature algorithm
+# with the identifying URI "http://www.w3.org/2000/09/xmldsig#rsa-sha1", the name of the algorithm
+# property is "Signature.http://www.w3.org/2000/09/xmldsig#rsa-sha1", i.e. the identifying URI,
+# prepended by the signature algorithm property identifier ("Signature."). The value of the
+# property is the fully qualified class name of the implementation for this algorithm, for instance the
+# standard implementation shipped with IXSIL, "iaik.ixsil.algorithms.SignatureAlgorithmImplRSA".
+#
+# PLEASE NOTE: The colon character (":") must be escaped by a leading backslash, if it appears in the
+#              property name.
+
+Signature.http\://www.w3.org/2000/09/xmldsig#rsa-sha1 = iaik.ixsil.algorithms.SignatureAlgorithmImplRSA
+Signature.http\://www.w3.org/2000/09/xmldsig#dsa-sha1 = iaik.ixsil.algorithms.SignatureAlgorithmImplDSA
+Signature.http\://www.w3.org/2000/09/xmldsig#hmac-sha1 = iaik.ixsil.algorithms.SignatureAlgorithmImplHMAC
+
+
+
+#----------------------------------------------------------------------------------------------------------
+# Digest algorithms
+#
+# The following properties (starting with "Digest.") are associations between digest algorithm URIs and
+# their corresponding implementation classes.
+#
+# For instance, if you would like to specify the implementation class for the digest algorithm
+# with the identifying URI "http://www.w3.org/2000/09/xmldsig#sha1", the name of the algorithm
+# property is "Digest.http://www.w3.org/2000/09/xmldsig#sha1", i.e. the identifying URI,
+# prepended by the digest algorithm property identifier ("Digest."). The value of the
+# property is the fully qualified class name of the implementation for this algorithm, for instance the
+# standard implementation shipped with IXSIL, "iaik.ixsil.algorithms.DigestAlgorithmImplSHA1".
+#
+# PLEASE NOTE: The colon character (":") must be escaped by a leading backslash, if it appears in the
+#              property name.
+
+Digest.http\://www.w3.org/2000/09/xmldsig#sha1 = iaik.ixsil.algorithms.DigestAlgorithmImplSHA1
+
+
+
+#----------------------------------------------------------------------------------------------------------
+# Transform algorithms
+#
+# The following properties (starting with "Transform.") are associations between digest algorithm URIs and
+# their corresponding implementation classes.
+#
+# For instance, if you would like to specify the implementation class for the transform algorithm
+# with the identifying URI "http://www.w3.org/2000/09/xmldsig#base64", the name of the algorithm
+# property is "Transform.http://www.w3.org/2000/09/xmldsig#base64", i.e. the identifying URI,
+# prepended by the transform algorithm property identifier ("Transform."). The value of the
+# property is the fully qualified class name of the implementation for this algorithm, for instance the
+# standard implementation shipped with IXSIL, "iaik.ixsil.algorithms.TransformImplBase64Decode".
+#
+# PLEASE NOTE: The colon character (":") must be escaped by a leading backslash, if it appears in the
+#              property name.
+
+Transform.http\://www.w3.org/TR/2001/REC-xml-c14n-20010315 = iaik.ixsil.algorithms.TransformImplCanonicalXML
+Transform.http\://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments = iaik.ixsil.algorithms.TransformImplCanonicalXMLWithComments
+Transform.http\://www.w3.org/2001/10/xml-exc-c14n# = iaik.ixsil.algorithms.TransformImplExclusiveCanonicalXML
+Transform.http\://www.w3.org/2001/10/xml-exc-c14n#WithComments = iaik.ixsil.algorithms.TransformImplExclusiveCanonicalXMLWithComments
+Transform.http\://www.w3.org/2000/09/xmldsig#base64 = iaik.ixsil.algorithms.TransformImplBase64Decode
+Transform.http\://www.w3.org/TR/1999/REC-xpath-19991116 = iaik.ixsil.algorithms.TransformImplXPath
+Transform.http\://www.w3.org/2000/09/xmldsig#enveloped-signature = iaik.ixsil.algorithms.TransformImplEnvelopedSignature
+Transform.http\://www.w3.org/TR/1999/REC-xslt-19991116 = iaik.ixsil.algorithms.TransformImplXSLT
+Transform.http\://www.w3.org/2002/06/xmldsig-filter2 = iaik.ixsil.algorithms.TransformImplXPath2
diff --git a/id.server/data/test/ixsil/init/properties/init.properties b/id.server/data/test/ixsil/init/properties/init.properties
new file mode 100644
index 000000000..a679a2635
--- /dev/null
+++ b/id.server/data/test/ixsil/init/properties/init.properties
@@ -0,0 +1,214 @@
+# IXSIL init properties
+#
+# This file contains the basic initialization properties for IXSIL.
+
+#----------------------------------------------------------------------------------------------------------
+# Properties for localizing exeption messages
+
+# This property specifies the ISO language code, which is used to select the appropriate exception message
+# file. Please see the documentation for Java class "java.util.RessourceBundle" for further information.
+
+IXSILException.ISOLanguageCode = "en"
+
+
+
+# This property specifies the ISO country code, which is used to select the appropriate exception message
+# file. Please see the documentation for Java class "java.util.RessourceBundle" for further information.
+
+IXSILException.ISOCountryCode = "US"
+
+
+#----------------------------------------------------------------------------------------------------------
+# Other property files
+
+# This property contains a URI specifying the (virtual) location of the IXSIL init properties file (i. e.
+# this file). The URI MUST be absolute.
+#
+# The use of this property is optional. It is only needed by IXSIL, if the library will be initialized using
+# the method IXSILInit.init(Properties, Properties, Properties). In this case it is used by IXSIL as the
+# base URI for absolutizing other property URIs, such as "DOMUtils.SignatureSchema" (see below).
+#
+# PLEASE NOTE: Contrary to URIs under e.g. http or ftp scheme, URIs under file and jar scheme do not have an
+#              authority component. This means that the part following the scheme identifier starts with "/"
+#              (single slash character), and not with "//" (two slash characters).
+#
+# Example 1 (absolute URI under file scheme): "file:/c:/path1/path2/init.properties"
+# Example 2 (absolute URI under jar scheme): "jar:/file:/c:/path1/path2/archive.jar!/init.properties"
+# Example 3 (absolute URI under http scheme): "http://somewhere.org/path1/path2/init.properties"
+
+location.initProperties = file:data/test/ixsil/init/properties/init.properties
+
+
+
+# This property contains a URI specifying the location of the IXSIL algorithm properties file. The URI can
+# be absolute or relative. If a relative URI is used, it will be absolutized using this init property file's
+# URI as the base.
+#
+# PLEASE NOTE: Contrary to URIs under e.g. http or ftp scheme, URIs under file and jar scheme do not have an
+#              authority component. This means that the part following the scheme identifier starts with "/"
+#              (single slash character), and not with "//" (two slash characters).
+#
+# Example 1 (absolute URI under file scheme): "file:/c:/path1/path2/algorithms.properties"
+# Example 2 (absolute URI under jar scheme): "jar:/file:/c:/path1/path2/archive.jar!/algorithms.properties"
+# Example 3 (absolute URI under http scheme): "http://somewhere.org/path1/path2/algorithms.properties"
+# Example 4 (relative URI): "../otherpath/algorithms.properties"
+# Example 5 (relative URI): "algorithms.properties"
+
+location.algorithmsProperties = file:data/test/ixsil/init/properties/algorithms.properties
+
+
+
+# This property contains a URI specifying the location of the IXSIL keyManager properties file. The URI can
+# be absolute or relative. If a relative URI is used, it will be absolutized using this init property file's
+# URI as the base.
+#
+# PLEASE NOTE: Contrary to URIs under e.g. http or ftp scheme, URIs under file and jar scheme do not have an
+#              authority component. This means that the part following the scheme identifier starts with "/"
+#              (single slash character), and not with "//" (two slash characters).
+#
+# Example 1 (absolute URI under file scheme): "file:/c:/path1/path2/keyManager.properties"
+# Example 2 (absolute URI under jar scheme): "jar:/file:/c:/path1/path2/archive.jar!/keyManager.properties"
+# Example 3 (absolute URI under http scheme): "http://somewhere.org/path1/path2/keyManager.properties"
+# Example 4 (relative URI): "../otherpath/keyManager.properties"
+# Example 5 (relative URI): "keyManager.properties"
+
+location.keyManagerProperties = file:data/test/ixsil/init/properties/keyManager.properties
+
+
+
+#----------------------------------------------------------------------------------------------------------
+# AlgorithmFactory properties
+
+
+
+This property specifies the extension class for the abstract class
+iaik.ixsil.algorithms.AlgorithmFactory, which is instantiated at invokation of method
+iaik.ixsil.algorithms.AlgorithmFactory.createFactory().
+Please specifiy the fully qualified java class name for the class to be instantiated.
+
+AlgorithmFactory.ImplementingClass = iaik.ixsil.algorithms.AlgorithmFactoryDefaultImpl
+
+
+
+#----------------------------------------------------------------------------------------------------------
+# VerifierKeyManager properties
+
+# This property specifies the implementation class for the interface
+# iaik.ixsil.keyinfo.VerifierKeyManager, which is instantiated by IXSIL in the verification use case, if the
+# signature algorithm does not know about the verification key, and if the XML signature bears a KeyInfo
+# element which contains hints that can be used to deduce the verification key.
+# Please specifiy the fully qualified java class name for the class to be instantiated.
+
+VerifierKeyManager.ImplementingClass = iaik.ixsil.keyinfo.KeyManagerImpl
+
+
+
+#----------------------------------------------------------------------------------------------------------
+# XML namespace prefix properties
+
+# This property specifies the namespace prefix used for XML elements from the XML-Signature namespace.
+#
+# PLEASE NOTE: The prefix must not be empty.
+
+namespacePrefix.XMLSignature = dsig:
+
+
+
+# This property specifies the namespace prefix used for XML elements from the XML Schema instance namespace.
+#
+# PLEASE NOTE: The prefix must not be empty.
+
+namespacePrefix.XMLSchemaInstance = xsi:
+
+
+#----------------------------------------------------------------------------------------------------------
+# DOMUtils properties
+
+
+
+# This property specifies the implementation class IXSIL should use for the interface
+# iaik.ixsil.util.DOMUtilsInterface, which contains a couple of DOM utility methods, which IXSIL relies
+# on. If you would like to employ a parser different from Apache Xerces, you must implement the
+# DOMUtilsInterface and specify your implementation class using this property.
+# Please specifiy the fully qualified java class name for the class to be instantiated.
+
+DOMUtils.ImplementingClass = iaik.ixsil.util.DOMUtilsImpl
+
+
+
+# This property is used by the standard implementation class for the interface
+# iaik.ixsil.util.DOMUtilsInterface, namely iaik.ixsil.util.DOMUtilsImpl, which ships with IXSIL.
+# It specifies, wheter WARNINGS generated by the Apache Xerces parser should lead to a parser exception
+# or not.
+
+DOMUtils.ErrorHandler.reportWarnings = true
+
+
+
+# This property is used by the standard implementation class for the interface
+# iaik.ixsil.util.DOMUtilsInterface, namely iaik.ixsil.util.DOMUtilsImpl, which ships with IXSIL.
+# It specifies, wheter ERRORS generated by the Apache Xerces parser should lead to a parser exception
+# or not.
+
+DOMUtils.ErrorHandler.reportErrors = true
+
+
+
+# This property is used by the standard implementation class for the interface
+# iaik.ixsil.util.DOMUtilsInterface, namely iaik.ixsil.util.DOMUtilsImpl, which ships with IXSIL.
+# It specifies, wheter FATAL ERRORS generated by the Apache Xerces parser should lead to a parser
+# exception or not.
+
+DOMUtils.ErrorHandler.reportFatalErrors = true
+
+
+
+# This property is used by the standard implementation class for the interface
+# iaik.ixsil.util.DOMUtilsInterface, namely iaik.ixsil.util.DOMUtilsImpl, which ships with IXSIL.
+# It specifies an URI for the location of the XML schema for an XML signature, which is used as the
+# reference grammar in method iaik.ixsil.util.DOMUtilsImpl.schemaValidateSignatureElement.
+# The URI can be absolute or relative. If the URI is relative, it will be absolutized using the URI for
+# this init property file as the base.
+
+DOMUtils.SignatureSchema = ../schemas/Signature.xsd
+
+
+
+#----------------------------------------------------------------------------------------------------------
+# XPathUtils properties
+
+# This property specifies the implementation class IXSIL should use for the interface
+# iaik.ixsil.util.XPathUtilsInterface, which contains a couple of XPath utility methods, which IXSIL relies
+# on. If you would like to employ a XPath engine different from Apache Xalan, you must implement the
+# XPathUtilsInterface and specify your implementation class using this property.
+# Please specifiy the fully qualified java class name for the class to be instantiated.
+
+XPathUtils.ImplementingClass = iaik.ixsil.util.XPathUtilsImpl
+
+
+
+#----------------------------------------------------------------------------------------------------------
+# CanonicalXMLSerializer properties
+
+
+
+# This property specifies the implementation class IXSIL should use for the interface
+# iaik.ixsil.util.CanonicalXMLSerialierInterface. IXSIL relies on this interface to serialize XML according
+# to "Canonical XML" (see http://www.w3.org/TR/2001/REC-xml-c14n-20010315). If you would like to employ an
+# implemenation different from the standard implementation shipped with IXSIL, you must implement the
+# CanonicalXMLSerialierInterface and specify your implementation class using this property.
+# Please specifiy the fully qualified java class name for the class to be instantiated.
+
+CanonicalXMLSerializer.CanonicalXMLImplementingClass = iaik.ixsil.util.CanonicalXMLSerializerImpl
+
+
+
+# This property specifies the implementation class IXSIL should use for the interface
+# iaik.ixsil.util.ExclusiveCanonicalXMLSerialierInterface. IXSIL relies on this interface to serialize XML
+# according to "Exclusive XML Canonicalization" (see http://www.w3.org/TR/2001/WD-xml-exc-c14n-20011120).
+# If you would like to employ an implemenation different from the standard implementation shipped with
+# IXSIL, you must implement the ExclusiveCanonicalXMLSerialierInterface and specify your implementation
+# class using this property.
+# Please specifiy the fully qualified java class name for the class to be instantiated.
+
+CanonicalXMLSerializer.ExclusiveCanonicalXMLImplementingClass = iaik.ixsil.util.CanonicalXMLSerializerImpl
diff --git a/id.server/data/test/ixsil/init/properties/keyManager.properties b/id.server/data/test/ixsil/init/properties/keyManager.properties
new file mode 100644
index 000000000..24ece437a
--- /dev/null
+++ b/id.server/data/test/ixsil/init/properties/keyManager.properties
@@ -0,0 +1,74 @@
+# IXSIL algorithm properties
+#
+# This file contains the properties which IXSIL uses in context of key management.
+
+
+
+#----------------------------------------------------------------------------------------------------------
+#
+# The following properties are associations between the fully qualified XMLname of a "KeyInfo" subelement,
+# as used in an XML signature to specify hints how the verifier can obtain the verification key, and that
+# implementation class of the interface iaik.ixsil.keyinfo.KeyProviderInterface, which will manage
+# subelements of that type.
+#
+# These properties are only of interest, if you are using the standard key manager shipped with IXISL
+# (which is class iaik.ixsil.keyInfo.KeyManagerImpl).
+#
+# For instance, if you would like to specify the key provider implementation for "KeyValue" subelements,
+# the property name is the fully qualified XML name for the "KeyValue" element, namely
+# "http://www.w3.org/2000/09/xmldsig#:KeyValue". The value of the property is the fully qualified class
+# name of the key provider implementation class, for instance the standard implementation which ships with
+# IXSIL: "iaik.ixsil.keyinfo.KeyProviderImplKeyValue".
+#
+# PLEASE NOTE (I): A fully qualified name for an XML element consists of an URI indicating the namespace the
+#                  element belongs to (e.g. "http://www.w3.org/2000/09/xmldsig#") and the local name of the
+#                  element (e.g. "KeyValue"). Both components are seperated by a colon.
+#
+# PLEASE NOTE (II): The colon character (":") must be escaped by a leading backslash, if it appears in the
+#                   property name.
+
+http\://www.w3.org/2000/09/xmldsig#\:KeyValue = iaik.ixsil.keyinfo.KeyProviderImplKeyValue
+http\://www.w3.org/2000/09/xmldsig#\:X509Data = iaik.ixsil.keyinfo.x509.KeyProviderImplX509Data
+http\://www.w3.org/2000/09/xmldsig#\:RetrievalMethod = iaik.ixsil.keyinfo.retrieval.KeyProviderImplRetrievalMethod
+
+
+
+#----------------------------------------------------------------------------------------------------------
+#
+# The following properties specify the order in which the different types of "KeyInfo" subelements are used
+# by the key manager to deduce the verification key.
+#
+# These properties are only of interest, if you are using the standard key manager shipped with IXISL
+# (which is class iaik.ixsil.keyInfo.KeyManagerImpl).
+#
+# The properties are associations between a two digit number and the fully qualified XML name of a "KeyInfo"
+# subelement. The lower the number, the more important is the associated "KeyInfo" sublement. Consider an
+# example configuration:
+#
+# Subelement.01 = http://www.w3.org/2000/09/xmldsig#:KeyValue
+# Subelement.02 = http://www.w3.org/2000/09/xmldsig#:X509Data
+#
+# In this configuration, the key manager first tries to use "KeyValue" subelements to deduce the
+# verification key. Only if this does not succeed, the key manager uses "X509Data" subelements as a second
+# chance. Of course you can specify more than only two different subelement types.
+#
+# PLEASE NOTE: A fully qualified name for an XML element consists of an URI indicating the namespace the
+#              element belongs to (e.g. "http://www.w3.org/2000/09/xmldsig#") and the local name of the
+#              element (e.g. "KeyValue"). Both components are seperated by a colon.
+
+Subelement.01 = http://www.w3.org/2000/09/xmldsig#:KeyValue
+Subelement.02 = http://www.w3.org/2000/09/xmldsig#:X509Data
+Subelement.03 = http://www.w3.org/2000/09/xmldsig#:RetrievalMethod
+
+
+
+#----------------------------------------------------------------------------------------------------------
+#
+# The following property is used by standard implementation of the "X509Data" key provider, which ships
+# with IXSIL, namely "KeyProviderImplX509Data". It specifies the implementation class for the interface
+# iaik.ixsil.keyinfo.x509.X509TrustManagerInterface, which is to be instantiated as the backbone trust
+# manager for this key provider.
+# Please specifiy the fully qualified java class name for the class to be instantiated.
+
+KeyProviderImplX509Data.X509TrustManagerDefaultImplementingClass = iaik.ixsil.keyinfo.x509.X509TrustManagerDummyImpl
+
diff --git a/id.server/data/test/ixsil/init/schemas/Signature.xsd b/id.server/data/test/ixsil/init/schemas/Signature.xsd
new file mode 100644
index 000000000..7867883f9
--- /dev/null
+++ b/id.server/data/test/ixsil/init/schemas/Signature.xsd
@@ -0,0 +1,328 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!DOCTYPE schema
+  SYSTEM "XMLSchema.dtd"
+ [
+   <!ATTLIST schema 
+     xmlns:ds CDATA #FIXED "http://www.w3.org/2000/09/xmldsig#">
+   <!ENTITY dsig 'http://www.w3.org/2000/09/xmldsig#'>
+   <!ENTITY % p ''>
+   <!ENTITY % s ''>
+  ]>
+
+<!-- Schema for XML Signatures
+    http://www.w3.org/2000/09/xmldsig#
+    $Revision: 1.3 $ on $Date: 2001/08/28 16:14:01 $ by $Author: reagle $
+
+    Copyright 2001 The Internet Society and W3C (Massachusetts Institute
+    of Technology, Institut National de Recherche en Informatique et en
+    Automatique, Keio University). All Rights Reserved.
+    http://www.w3.org/Consortium/Legal/
+
+    This document is governed by the W3C Software License [1] as described
+    in the FAQ [2].
+
+    [1] http://www.w3.org/Consortium/Legal/copyright-software-19980720
+    [2] http://www.w3.org/Consortium/Legal/IPR-FAQ-20000620.html#DTD
+-->
+
+
+<schema xmlns="http://www.w3.org/2001/XMLSchema"
+        xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
+        targetNamespace="http://www.w3.org/2000/09/xmldsig#"
+        version="0.1" elementFormDefault="qualified"> 
+
+<!-- Basic Types Defined for Signatures -->
+
+<!-- modified to ensure that whiteSpace is preserved
+<simpleType name="CryptoBinary">
+  <restriction base="base64Binary">
+  </restriction>
+</simpleType>
+ -->
+ 
+<simpleType name="CryptoBinary">
+  <restriction base="string">
+   <whiteSpace value="preserve"/>
+   <pattern value="[A-Za-z0-9\+/=\n\r\t ]*"/> 
+  </restriction>
+</simpleType>
+
+<!-- Start Signature -->
+
+<element name="Signature" type="ds:SignatureType"/>
+<complexType name="SignatureType">
+  <sequence> 
+    <element ref="ds:SignedInfo"/> 
+    <element ref="ds:SignatureValue"/> 
+    <element ref="ds:KeyInfo" minOccurs="0"/> 
+    <element ref="ds:Object" minOccurs="0" maxOccurs="unbounded"/> 
+  </sequence>  
+  <attribute name="Id" type="ID" use="optional"/>
+</complexType>
+
+  <element name="SignatureValue" type="ds:SignatureValueType"/> 
+  <complexType name="SignatureValueType">
+    <simpleContent>
+      <extension base="ds:CryptoBinary">
+        <attribute name="Id" type="ID" use="optional"/>
+      </extension>
+    </simpleContent>
+  </complexType>
+
+<!-- Start SignedInfo -->
+
+<element name="SignedInfo" type="ds:SignedInfoType"/>
+<complexType name="SignedInfoType">
+  <sequence> 
+    <element ref="ds:CanonicalizationMethod"/> 
+    <element ref="ds:SignatureMethod"/> 
+    <element ref="ds:Reference" maxOccurs="unbounded"/> 
+  </sequence>  
+  <attribute name="Id" type="ID" use="optional"/> 
+</complexType>
+
+  <element name="CanonicalizationMethod" type="ds:CanonicalizationMethodType"/> 
+  <complexType name="CanonicalizationMethodType" mixed="true">
+    <sequence>
+      <any namespace="##any" minOccurs="0" maxOccurs="unbounded"/>
+      <!-- (0,unbounded) elements from (1,1) namespace -->
+    </sequence>
+    <attribute name="Algorithm" type="anyURI" use="required"/> 
+  </complexType>
+
+  <element name="SignatureMethod" type="ds:SignatureMethodType"/>
+  <complexType name="SignatureMethodType" mixed="true">
+    <sequence>
+      <element name="HMACOutputLength" minOccurs="0" type="ds:HMACOutputLengthType"/>
+      <any namespace="##other" minOccurs="0" maxOccurs="unbounded"/>
+      <!-- (0,unbounded) elements from (1,1) external namespace -->
+    </sequence>
+    <attribute name="Algorithm" type="anyURI" use="required"/> 
+  </complexType>
+
+<!-- Start Reference -->
+
+<element name="Reference" type="ds:ReferenceType"/>
+<complexType name="ReferenceType">
+  <sequence> 
+    <element ref="ds:Transforms" minOccurs="0"/> 
+    <element ref="ds:DigestMethod"/> 
+    <element ref="ds:DigestValue"/> 
+  </sequence>
+  <attribute name="Id" type="ID" use="optional"/> 
+  <attribute name="URI" type="anyURI" use="optional"/> 
+  <attribute name="Type" type="anyURI" use="optional"/> 
+</complexType>
+
+  <element name="Transforms" type="ds:TransformsType"/>
+  <complexType name="TransformsType">
+    <sequence>
+      <element ref="ds:Transform" maxOccurs="unbounded"/>  
+    </sequence>
+  </complexType>
+
+  <element name="Transform" type="ds:TransformType"/>
+  <complexType name="TransformType" mixed="true">
+    <choice minOccurs="0" maxOccurs="unbounded"> 
+      <any namespace="##other" processContents="lax"/>
+      <!-- (1,1) elements from (0,unbounded) namespaces -->
+      <element name="XPath" type="string"/> 
+    </choice>
+    <attribute name="Algorithm" type="anyURI" use="required"/> 
+  </complexType>
+
+<!-- End Reference -->
+
+<element name="DigestMethod" type="ds:DigestMethodType"/>
+<complexType name="DigestMethodType" mixed="true"> 
+  <sequence>
+    <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
+  </sequence>    
+  <attribute name="Algorithm" type="anyURI" use="required"/> 
+</complexType>
+
+<element name="DigestValue" type="ds:DigestValueType"/>
+<simpleType name="DigestValueType">
+  <restriction base="ds:CryptoBinary"/>
+</simpleType>
+
+<!-- End SignedInfo -->
+
+<!-- Start KeyInfo -->
+
+<element name="KeyInfo" type="ds:KeyInfoType"/> 
+<complexType name="KeyInfoType" mixed="true">
+  <choice maxOccurs="unbounded">     
+    <element ref="ds:KeyName"/> 
+    <element ref="ds:KeyValue"/> 
+    <element ref="ds:RetrievalMethod"/> 
+    <element ref="ds:X509Data"/> 
+    <element ref="ds:PGPData"/> 
+    <element ref="ds:SPKIData"/>
+    <element ref="ds:MgmtData"/>
+    <any processContents="lax" namespace="##other"/>
+    <!-- (1,1) elements from (0,unbounded) namespaces -->
+  </choice>
+  <attribute name="Id" type="ID" use="optional"/> 
+</complexType>
+
+  <element name="KeyName" type="string"/>
+  <element name="MgmtData" type="string"/>
+
+  <element name="KeyValue" type="ds:KeyValueType"/> 
+  <complexType name="KeyValueType" mixed="true">
+   <choice>
+     <element ref="ds:DSAKeyValue"/>
+     <element ref="ds:RSAKeyValue"/>
+     <any namespace="##other" processContents="lax"/>
+   </choice>
+  </complexType>
+
+  <element name="RetrievalMethod" type="ds:RetrievalMethodType"/> 
+  <complexType name="RetrievalMethodType">
+    <sequence>
+      <element name="Transforms" type="ds:TransformsType" minOccurs="0"/> 
+    </sequence>  
+    <attribute name="URI" type="anyURI"/>
+    <attribute name="Type" type="anyURI" use="optional"/>
+  </complexType>
+
+<!-- Start X509Data -->
+
+<element name="X509Data" type="ds:X509DataType"/> 
+<complexType name="X509DataType">
+  <sequence maxOccurs="unbounded">
+    <choice>
+      <element name="X509IssuerSerial" type="ds:X509IssuerSerialType"/>
+      <element name="X509SKI" type="ds:CryptoBinary"/>
+      <element name="X509SubjectName" type="string"/>
+      <element name="X509Certificate" type="ds:CryptoBinary"/>
+      <element name="X509CRL" type="ds:CryptoBinary"/>
+      <any namespace="##other" processContents="lax"/>
+    </choice>
+  </sequence>
+</complexType>
+
+<complexType name="X509IssuerSerialType"> 
+  <sequence> 
+    <element name="X509IssuerName" type="string"/> 
+    <element name="X509SerialNumber" type="integer"/> 
+  </sequence>
+</complexType>
+
+<!-- End X509Data -->
+
+<!-- Begin PGPData -->
+
+<element name="PGPData" type="ds:PGPDataType"/> 
+<complexType name="PGPDataType"> 
+  <choice>
+    <sequence>
+      <element name="PGPKeyID" type="ds:CryptoBinary"/> 
+      <element name="PGPKeyPacket" type="ds:CryptoBinary" minOccurs="0"/> 
+      <any namespace="##other" processContents="lax" minOccurs="0"
+       maxOccurs="unbounded"/>
+    </sequence>
+    <sequence>
+      <element name="PGPKeyPacket" type="ds:CryptoBinary"/> 
+      <any namespace="##other" processContents="lax" minOccurs="0"
+       maxOccurs="unbounded"/>
+    </sequence>
+  </choice>
+</complexType>
+
+<!-- End PGPData -->
+
+<!-- Begin SPKIData -->
+
+<element name="SPKIData" type="ds:SPKIDataType"/> 
+<complexType name="SPKIDataType">
+  <sequence maxOccurs="unbounded">
+    <element name="SPKISexp" type="ds:CryptoBinary"/>
+    <any namespace="##other" processContents="lax" minOccurs="0"/>
+  </sequence>
+</complexType> 
+
+<!-- End SPKIData -->
+
+<!-- End KeyInfo -->
+
+<!-- Start Object (Manifest, SignatureProperty) -->
+
+<element name="Object" type="ds:ObjectType"/> 
+<complexType name="ObjectType" mixed="true">
+  <sequence minOccurs="0" maxOccurs="unbounded">
+    <any namespace="##any" processContents="lax"/>
+  </sequence>
+  <attribute name="Id" type="ID" use="optional"/> 
+  <attribute name="MimeType" type="string" use="optional"/> <!-- add a grep facet -->
+  <attribute name="Encoding" type="anyURI" use="optional"/> 
+</complexType>
+
+<element name="Manifest" type="ds:ManifestType"/> 
+<complexType name="ManifestType">
+  <sequence>
+    <element ref="ds:Reference" maxOccurs="unbounded"/> 
+  </sequence>
+  <attribute name="Id" type="ID" use="optional"/> 
+</complexType>
+
+<element name="SignatureProperties" type="ds:SignaturePropertiesType"/> 
+<complexType name="SignaturePropertiesType">
+  <sequence>
+    <element ref="ds:SignatureProperty" maxOccurs="unbounded"/> 
+  </sequence>
+  <attribute name="Id" type="ID" use="optional"/> 
+</complexType>
+
+   <element name="SignatureProperty" type="ds:SignaturePropertyType"/> 
+   <complexType name="SignaturePropertyType" mixed="true">
+     <choice maxOccurs="unbounded">
+       <any namespace="##any" processContents="lax"/> 
+       <!-- (1,1) elements from (1,unbounded) namespaces -->
+     </choice>
+     <attribute name="Target" type="anyURI" use="required"/> 
+     <attribute name="Id" type="ID" use="optional"/> 
+   </complexType>
+
+<!-- End Object (Manifest, SignatureProperty) -->
+
+<!-- Start Algorithm Parameters -->
+
+<simpleType name="HMACOutputLengthType">
+  <restriction base="integer"/>
+</simpleType>
+
+<!-- Start KeyValue Element-types -->
+
+<element name="DSAKeyValue" type="ds:DSAKeyValueType"/>
+<complexType name="DSAKeyValueType">
+  <sequence>
+    <sequence minOccurs="0">
+      <element name="P" type="ds:CryptoBinary"/>
+      <element name="Q" type="ds:CryptoBinary"/>
+    </sequence>
+    <element name="J" type="ds:CryptoBinary" minOccurs="0"/>
+    <element name="G" type="ds:CryptoBinary" minOccurs="0"/>
+    <element name="Y" type="ds:CryptoBinary"/>
+    <sequence minOccurs="0">
+      <element name="Seed" type="ds:CryptoBinary"/>
+      <element name="PgenCounter" type="ds:CryptoBinary"/>
+    </sequence>
+  </sequence>
+</complexType>
+
+
+<element name="RSAKeyValue" type="ds:RSAKeyValueType"/>
+<complexType name="RSAKeyValueType">
+  <sequence>
+    <element name="Modulus" type="ds:CryptoBinary"/> 
+    <element name="Exponent" type="ds:CryptoBinary"/> 
+  </sequence>
+</complexType> 
+
+<!-- End KeyValue Element-types -->
+
+<!-- End Signature -->
+
+</schema>
diff --git a/id.server/data/test/ixsil/init/schemas/XMLSchema.dtd b/id.server/data/test/ixsil/init/schemas/XMLSchema.dtd
new file mode 100644
index 000000000..678cfc8dd
--- /dev/null
+++ b/id.server/data/test/ixsil/init/schemas/XMLSchema.dtd
@@ -0,0 +1,402 @@
+<!-- DTD for XML Schemas: Part 1: Structures
+     Public Identifier: "-//W3C//DTD XMLSCHEMA 200102//EN"
+     Official Location: http://www.w3.org/2001/XMLSchema.dtd -->
+<!-- $Id: XMLSchema.dtd,v 1.31 2001/10/24 15:50:16 ht Exp $ -->
+<!-- Note this DTD is NOT normative, or even definitive. -->           <!--d-->
+<!-- prose copy in the structures REC is the definitive version -->    <!--d-->
+<!-- (which shouldn't differ from this one except for this -->         <!--d-->
+<!-- comment and entity expansions, but just in case) -->              <!--d-->
+<!-- With the exception of cases with multiple namespace
+     prefixes for the XML Schema namespace, any XML document which is
+     not valid per this DTD given redefinitions in its internal subset of the
+     'p' and 's' parameter entities below appropriate to its namespace
+     declaration of the XML Schema namespace is almost certainly not
+     a valid schema. -->
+
+<!-- The simpleType element and its constituent parts
+     are defined in XML Schema: Part 2: Datatypes -->
+<!ENTITY % xs-datatypes PUBLIC 'datatypes' 'datatypes.dtd' >
+
+<!ENTITY % p 'xs:'> <!-- can be overriden in the internal subset of a
+                         schema document to establish a different
+                         namespace prefix -->
+<!ENTITY % s ':xs'> <!-- if %p is defined (e.g. as foo:) then you must
+                         also define %s as the suffix for the appropriate
+                         namespace declaration (e.g. :foo) -->
+<!ENTITY % nds 'xmlns%s;'>
+
+<!-- Define all the element names, with optional prefix -->
+<!ENTITY % schema "%p;schema">
+<!ENTITY % complexType "%p;complexType">
+<!ENTITY % complexContent "%p;complexContent">
+<!ENTITY % simpleContent "%p;simpleContent">
+<!ENTITY % extension "%p;extension">
+<!ENTITY % element "%p;element">
+<!ENTITY % unique "%p;unique">
+<!ENTITY % key "%p;key">
+<!ENTITY % keyref "%p;keyref">
+<!ENTITY % selector "%p;selector">
+<!ENTITY % field "%p;field">
+<!ENTITY % group "%p;group">
+<!ENTITY % all "%p;all">
+<!ENTITY % choice "%p;choice">
+<!ENTITY % sequence "%p;sequence">
+<!ENTITY % any "%p;any">
+<!ENTITY % anyAttribute "%p;anyAttribute">
+<!ENTITY % attribute "%p;attribute">
+<!ENTITY % attributeGroup "%p;attributeGroup">
+<!ENTITY % include "%p;include">
+<!ENTITY % import "%p;import">
+<!ENTITY % redefine "%p;redefine">
+<!ENTITY % notation "%p;notation">
+
+<!-- annotation elements -->
+<!ENTITY % annotation "%p;annotation">
+<!ENTITY % appinfo "%p;appinfo">
+<!ENTITY % documentation "%p;documentation">
+
+<!-- Customisation entities for the ATTLIST of each element type.
+     Define one of these if your schema takes advantage of the
+     anyAttribute='##other' in the schema for schemas -->
+
+<!ENTITY % schemaAttrs ''>
+<!ENTITY % complexTypeAttrs ''>
+<!ENTITY % complexContentAttrs ''>
+<!ENTITY % simpleContentAttrs ''>
+<!ENTITY % extensionAttrs ''>
+<!ENTITY % elementAttrs ''>
+<!ENTITY % groupAttrs ''>
+<!ENTITY % allAttrs ''>
+<!ENTITY % choiceAttrs ''>
+<!ENTITY % sequenceAttrs ''>
+<!ENTITY % anyAttrs ''>
+<!ENTITY % anyAttributeAttrs ''>
+<!ENTITY % attributeAttrs ''>
+<!ENTITY % attributeGroupAttrs ''>
+<!ENTITY % uniqueAttrs ''>
+<!ENTITY % keyAttrs ''>
+<!ENTITY % keyrefAttrs ''>
+<!ENTITY % selectorAttrs ''>
+<!ENTITY % fieldAttrs ''>
+<!ENTITY % includeAttrs ''>
+<!ENTITY % importAttrs ''>
+<!ENTITY % redefineAttrs ''>
+<!ENTITY % notationAttrs ''>
+<!ENTITY % annotationAttrs ''>
+<!ENTITY % appinfoAttrs ''>
+<!ENTITY % documentationAttrs ''>
+
+<!ENTITY % complexDerivationSet "CDATA">
+      <!-- #all or space-separated list drawn from derivationChoice -->
+<!ENTITY % blockSet "CDATA">
+      <!-- #all or space-separated list drawn from
+                      derivationChoice + 'substitution' -->
+
+<!ENTITY % mgs '%all; | %choice; | %sequence;'>
+<!ENTITY % cs '%choice; | %sequence;'>
+<!ENTITY % formValues '(qualified|unqualified)'>
+
+
+<!ENTITY % attrDecls    '((%attribute;| %attributeGroup;)*,(%anyAttribute;)?)'>
+
+<!ENTITY % particleAndAttrs '((%mgs; | %group;)?, %attrDecls;)'>
+
+<!-- This is used in part2 -->
+<!ENTITY % restriction1 '((%mgs; | %group;)?)'>
+
+%xs-datatypes;
+
+<!-- the duplication below is to produce an unambiguous content model
+     which allows annotation everywhere -->
+<!ELEMENT %schema; ((%include; | %import; | %redefine; | %annotation;)*,
+                    ((%simpleType; | %complexType;
+                      | %element; | %attribute;
+                      | %attributeGroup; | %group;
+                      | %notation; ),
+                     (%annotation;)*)* )>
+<!ATTLIST %schema;
+   targetNamespace      %URIref;               #IMPLIED
+   version              CDATA                  #IMPLIED
+   %nds;                %URIref;               #FIXED 'http://www.w3.org/2001/XMLSchema'
+   xmlns                CDATA                  #IMPLIED
+   finalDefault         %complexDerivationSet; ''
+   blockDefault         %blockSet;             ''
+   id                   ID                     #IMPLIED
+   elementFormDefault   %formValues;           'unqualified'
+   attributeFormDefault %formValues;           'unqualified'
+   xml:lang             CDATA                  #IMPLIED
+   %schemaAttrs;>
+<!-- Note the xmlns declaration is NOT in the Schema for Schemas,
+     because at the Infoset level where schemas operate,
+     xmlns(:prefix) is NOT an attribute! -->
+<!-- The declaration of xmlns is a convenience for schema authors -->
+ 
+<!-- The id attribute here and below is for use in external references
+     from non-schemas using simple fragment identifiers.
+     It is NOT used for schema-to-schema reference, internal or
+     external. -->
+
+<!-- a type is a named content type specification which allows attribute
+     declarations-->
+<!-- -->
+
+<!ELEMENT %complexType; ((%annotation;)?,
+                         (%simpleContent;|%complexContent;|
+                          %particleAndAttrs;))>
+
+<!ATTLIST %complexType;
+          name      %NCName;                        #IMPLIED
+          id        ID                              #IMPLIED
+          abstract  %boolean;                       #IMPLIED
+          final     %complexDerivationSet;          #IMPLIED
+          block     %complexDerivationSet;          #IMPLIED
+          mixed (true|false) 'false'
+          %complexTypeAttrs;>
+
+<!-- particleAndAttrs is shorthand for a root type -->
+<!-- mixed is disallowed if simpleContent, overriden if complexContent
+     has one too. -->
+
+<!-- If anyAttribute appears in one or more referenced attributeGroups
+     and/or explicitly, the intersection of the permissions is used -->
+
+<!ELEMENT %complexContent; ((%annotation;)?, (%restriction;|%extension;))>
+<!ATTLIST %complexContent;
+          mixed (true|false) #IMPLIED
+          id    ID           #IMPLIED
+          %complexContentAttrs;>
+
+<!-- restriction should use the branch defined above, not the simple
+     one from part2; extension should use the full model  -->
+
+<!ELEMENT %simpleContent; ((%annotation;)?, (%restriction;|%extension;))>
+<!ATTLIST %simpleContent;
+          id    ID           #IMPLIED
+          %simpleContentAttrs;>
+
+<!-- restriction should use the simple branch from part2, not the 
+     one defined above; extension should have no particle  -->
+
+<!ELEMENT %extension; ((%annotation;)?, (%particleAndAttrs;))>
+<!ATTLIST %extension;
+          base  %QName;      #REQUIRED
+          id    ID           #IMPLIED
+          %extensionAttrs;>
+
+<!-- an element is declared by either:
+ a name and a type (either nested or referenced via the type attribute)
+ or a ref to an existing element declaration -->
+
+<!ELEMENT %element; ((%annotation;)?, (%complexType;| %simpleType;)?,
+                     (%unique; | %key; | %keyref;)*)>
+<!-- simpleType or complexType only if no type|ref attribute -->
+<!-- ref not allowed at top level -->
+<!ATTLIST %element;
+            name               %NCName;               #IMPLIED
+            id                 ID                     #IMPLIED
+            ref                %QName;                #IMPLIED
+            type               %QName;                #IMPLIED
+            minOccurs          %nonNegativeInteger;   #IMPLIED
+            maxOccurs          CDATA                  #IMPLIED
+            nillable           %boolean;              #IMPLIED
+            substitutionGroup  %QName;                #IMPLIED
+            abstract           %boolean;              #IMPLIED
+            final              %complexDerivationSet; #IMPLIED
+            block              %blockSet;             #IMPLIED
+            default            CDATA                  #IMPLIED
+            fixed              CDATA                  #IMPLIED
+            form               %formValues;           #IMPLIED
+            %elementAttrs;>
+<!-- type and ref are mutually exclusive.
+     name and ref are mutually exclusive, one is required -->
+<!-- In the absence of type AND ref, type defaults to type of
+     substitutionGroup, if any, else the ur-type, i.e. unconstrained -->
+<!-- default and fixed are mutually exclusive -->
+
+<!ELEMENT %group; ((%annotation;)?,(%mgs;)?)>
+<!ATTLIST %group; 
+          name        %NCName;               #IMPLIED
+          ref         %QName;                #IMPLIED
+          minOccurs   %nonNegativeInteger;   #IMPLIED
+          maxOccurs   CDATA                  #IMPLIED
+          id          ID                     #IMPLIED
+          %groupAttrs;>
+
+<!ELEMENT %all; ((%annotation;)?, (%element;)*)>
+<!ATTLIST %all;
+          minOccurs   (1)                    #IMPLIED
+          maxOccurs   (1)                    #IMPLIED
+          id          ID                     #IMPLIED
+          %allAttrs;>
+
+<!ELEMENT %choice; ((%annotation;)?, (%element;| %group;| %cs; | %any;)*)>
+<!ATTLIST %choice;
+          minOccurs   %nonNegativeInteger;   #IMPLIED
+          maxOccurs   CDATA                  #IMPLIED
+          id          ID                     #IMPLIED
+          %choiceAttrs;>
+
+<!ELEMENT %sequence; ((%annotation;)?, (%element;| %group;| %cs; | %any;)*)>
+<!ATTLIST %sequence;
+          minOccurs   %nonNegativeInteger;   #IMPLIED
+          maxOccurs   CDATA                  #IMPLIED
+          id          ID                     #IMPLIED
+          %sequenceAttrs;>
+
+<!-- an anonymous grouping in a model, or
+     a top-level named group definition, or a reference to same -->
+
+<!-- Note that if order is 'all', group is not allowed inside.
+     If order is 'all' THIS group must be alone (or referenced alone) at
+     the top level of a content model -->
+<!-- If order is 'all', minOccurs==maxOccurs==1 on element/any inside -->
+<!-- Should allow minOccurs=0 inside order='all' . . . -->
+
+<!ELEMENT %any; (%annotation;)?>
+<!ATTLIST %any;
+            namespace       CDATA                  '##any'
+            processContents (skip|lax|strict)      'strict'
+            minOccurs       %nonNegativeInteger;   '1'
+            maxOccurs       CDATA                  '1'
+            id              ID                     #IMPLIED
+            %anyAttrs;>
+
+<!-- namespace is interpreted as follows:
+                  ##any      - - any non-conflicting WFXML at all
+
+                  ##other    - - any non-conflicting WFXML from namespace other
+                                  than targetNamespace
+
+                  ##local    - - any unqualified non-conflicting WFXML/attribute
+                  one or     - - any non-conflicting WFXML from
+                  more URI        the listed namespaces
+                  references
+
+                  ##targetNamespace ##local may appear in the above list,
+                    with the obvious meaning -->
+
+<!ELEMENT %anyAttribute; (%annotation;)?>
+<!ATTLIST %anyAttribute;
+            namespace       CDATA              '##any'
+            processContents (skip|lax|strict)  'strict'
+            id              ID                 #IMPLIED
+            %anyAttributeAttrs;>
+<!-- namespace is interpreted as for 'any' above -->
+
+<!-- simpleType only if no type|ref attribute -->
+<!-- ref not allowed at top level, name iff at top level -->
+<!ELEMENT %attribute; ((%annotation;)?, (%simpleType;)?)>
+<!ATTLIST %attribute;
+          name      %NCName;      #IMPLIED
+          id        ID            #IMPLIED
+          ref       %QName;       #IMPLIED
+          type      %QName;       #IMPLIED
+          use       (prohibited|optional|required) #IMPLIED
+          default   CDATA         #IMPLIED
+          fixed     CDATA         #IMPLIED
+          form      %formValues;  #IMPLIED
+          %attributeAttrs;>
+<!-- type and ref are mutually exclusive.
+     name and ref are mutually exclusive, one is required -->
+<!-- default for use is optional when nested, none otherwise -->
+<!-- default and fixed are mutually exclusive -->
+<!-- type attr and simpleType content are mutually exclusive -->
+
+<!-- an attributeGroup is a named collection of attribute decls, or a
+     reference thereto -->
+<!ELEMENT %attributeGroup; ((%annotation;)?,
+                       (%attribute; | %attributeGroup;)*,
+                       (%anyAttribute;)?) >
+<!ATTLIST %attributeGroup;
+                 name       %NCName;       #IMPLIED
+                 id         ID             #IMPLIED
+                 ref        %QName;        #IMPLIED
+                 %attributeGroupAttrs;>
+
+<!-- ref iff no content, no name.  ref iff not top level -->
+
+<!-- better reference mechanisms -->
+<!ELEMENT %unique; ((%annotation;)?, %selector;, (%field;)+)>
+<!ATTLIST %unique;
+          name     %NCName;       #REQUIRED
+    id       ID             #IMPLIED
+    %uniqueAttrs;>
+
+<!ELEMENT %key;    ((%annotation;)?, %selector;, (%field;)+)>
+<!ATTLIST %key;
+          name     %NCName;       #REQUIRED
+    id       ID             #IMPLIED
+    %keyAttrs;>
+
+<!ELEMENT %keyref; ((%annotation;)?, %selector;, (%field;)+)>
+<!ATTLIST %keyref;
+          name     %NCName;       #REQUIRED
+    refer    %QName;        #REQUIRED
+    id       ID             #IMPLIED
+    %keyrefAttrs;>
+
+<!ELEMENT %selector; ((%annotation;)?)>
+<!ATTLIST %selector;
+          xpath %XPathExpr; #REQUIRED
+          id    ID          #IMPLIED
+          %selectorAttrs;>
+<!ELEMENT %field; ((%annotation;)?)>
+<!ATTLIST %field;
+          xpath %XPathExpr; #REQUIRED
+          id    ID          #IMPLIED
+          %fieldAttrs;>
+
+<!-- Schema combination mechanisms -->
+<!ELEMENT %include; (%annotation;)?>
+<!ATTLIST %include;
+          schemaLocation %URIref; #REQUIRED
+          id             ID       #IMPLIED
+          %includeAttrs;>
+
+<!ELEMENT %import; (%annotation;)?>
+<!ATTLIST %import;
+          namespace      %URIref; #IMPLIED
+          schemaLocation %URIref; #IMPLIED
+          id             ID       #IMPLIED
+          %importAttrs;>
+
+<!ELEMENT %redefine; (%annotation; | %simpleType; | %complexType; |
+                      %attributeGroup; | %group;)*>
+<!ATTLIST %redefine;
+          schemaLocation %URIref; #REQUIRED
+          id             ID       #IMPLIED
+          %redefineAttrs;>
+
+<!ELEMENT %notation; (%annotation;)?>
+<!ATTLIST %notation;
+    name        %NCName;    #REQUIRED
+    id          ID          #IMPLIED
+    public      CDATA       #REQUIRED
+    system      %URIref;    #IMPLIED
+    %notationAttrs;>
+
+<!-- Annotation is either application information or documentation -->
+<!-- By having these here they are available for datatypes as well
+     as all the structures elements -->
+
+<!ELEMENT %annotation; (%appinfo; | %documentation;)*>
+<!ATTLIST %annotation; %annotationAttrs;>
+
+<!-- User must define annotation elements in internal subset for this
+     to work -->
+<!ELEMENT %appinfo; ANY>   <!-- too restrictive -->
+<!ATTLIST %appinfo;
+          source     %URIref;      #IMPLIED
+          id         ID         #IMPLIED
+          %appinfoAttrs;>
+<!ELEMENT %documentation; ANY>   <!-- too restrictive -->
+<!ATTLIST %documentation;
+          source     %URIref;   #IMPLIED
+          id         ID         #IMPLIED
+          xml:lang   CDATA      #IMPLIED
+          %documentationAttrs;>
+
+<!NOTATION XMLSchemaStructures PUBLIC
+           'structures' 'http://www.w3.org/2001/XMLSchema.xsd' >
+<!NOTATION XML PUBLIC
+           'REC-xml-1998-0210' 'http://www.w3.org/TR/1998/REC-xml-19980210' >
diff --git a/id.server/data/test/ixsil/init/schemas/datatypes.dtd b/id.server/data/test/ixsil/init/schemas/datatypes.dtd
new file mode 100644
index 000000000..8e48553be
--- /dev/null
+++ b/id.server/data/test/ixsil/init/schemas/datatypes.dtd
@@ -0,0 +1,203 @@
+<!--
+        DTD for XML Schemas: Part 2: Datatypes
+        $Id: datatypes.dtd,v 1.23 2001/03/16 17:36:30 ht Exp $
+        Note this DTD is NOT normative, or even definitive. - - the
+        prose copy in the datatypes REC is the definitive version
+        (which shouldn't differ from this one except for this comment
+        and entity expansions, but just in case)
+  -->
+
+<!--
+        This DTD cannot be used on its own, it is intended
+        only for incorporation in XMLSchema.dtd, q.v.
+  -->
+
+<!-- Define all the element names, with optional prefix -->
+<!ENTITY % simpleType "%p;simpleType">
+<!ENTITY % restriction "%p;restriction">
+<!ENTITY % list "%p;list">
+<!ENTITY % union "%p;union">
+<!ENTITY % maxExclusive "%p;maxExclusive">
+<!ENTITY % minExclusive "%p;minExclusive">
+<!ENTITY % maxInclusive "%p;maxInclusive">
+<!ENTITY % minInclusive "%p;minInclusive">
+<!ENTITY % totalDigits "%p;totalDigits">
+<!ENTITY % fractionDigits "%p;fractionDigits">
+<!ENTITY % length "%p;length">
+<!ENTITY % minLength "%p;minLength">
+<!ENTITY % maxLength "%p;maxLength">
+<!ENTITY % enumeration "%p;enumeration">
+<!ENTITY % whiteSpace "%p;whiteSpace">
+<!ENTITY % pattern "%p;pattern">
+
+<!--
+        Customisation entities for the ATTLIST of each element
+        type. Define one of these if your schema takes advantage
+        of the anyAttribute='##other' in the schema for schemas
+  -->
+
+<!ENTITY % simpleTypeAttrs "">
+<!ENTITY % restrictionAttrs "">
+<!ENTITY % listAttrs "">
+<!ENTITY % unionAttrs "">
+<!ENTITY % maxExclusiveAttrs "">
+<!ENTITY % minExclusiveAttrs "">
+<!ENTITY % maxInclusiveAttrs "">
+<!ENTITY % minInclusiveAttrs "">
+<!ENTITY % totalDigitsAttrs "">
+<!ENTITY % fractionDigitsAttrs "">
+<!ENTITY % lengthAttrs "">
+<!ENTITY % minLengthAttrs "">
+<!ENTITY % maxLengthAttrs "">
+<!ENTITY % enumerationAttrs "">
+<!ENTITY % whiteSpaceAttrs "">
+<!ENTITY % patternAttrs "">
+
+<!-- Define some entities for informative use as attribute
+        types -->
+<!ENTITY % URIref "CDATA">
+<!ENTITY % XPathExpr "CDATA">
+<!ENTITY % QName "NMTOKEN">
+<!ENTITY % QNames "NMTOKENS">
+<!ENTITY % NCName "NMTOKEN">
+<!ENTITY % nonNegativeInteger "NMTOKEN">
+<!ENTITY % boolean "(true|false)">
+<!ENTITY % simpleDerivationSet "CDATA">
+<!--
+        #all or space-separated list drawn from derivationChoice
+  -->
+
+<!--
+        Note that the use of 'facet' below is less restrictive
+        than is really intended:  There should in fact be no
+        more than one of each of minInclusive, minExclusive,
+        maxInclusive, maxExclusive, totalDigits, fractionDigits,
+        length, maxLength, minLength within datatype,
+        and the min- and max- variants of Inclusive and Exclusive
+        are mutually exclusive. On the other hand,  pattern and
+        enumeration may repeat.
+  -->
+<!ENTITY % minBound "(%minInclusive; | %minExclusive;)">
+<!ENTITY % maxBound "(%maxInclusive; | %maxExclusive;)">
+<!ENTITY % bounds "%minBound; | %maxBound;">
+<!ENTITY % numeric "%totalDigits; | %fractionDigits;">
+<!ENTITY % ordered "%bounds; | %numeric;">
+<!ENTITY % unordered
+   "%pattern; | %enumeration; | %whiteSpace; | %length; |
+   %maxLength; | %minLength;">
+<!ENTITY % facet "%ordered; | %unordered;">
+<!ENTITY % facetAttr 
+        "value CDATA #REQUIRED
+        id ID #IMPLIED">
+<!ENTITY % fixedAttr "fixed %boolean; #IMPLIED">
+<!ENTITY % facetModel "(%annotation;)?">
+<!ELEMENT %simpleType;
+        ((%annotation;)?, (%restriction; | %list; | %union;))>
+<!ATTLIST %simpleType;
+    name      %NCName; #IMPLIED
+    final     %simpleDerivationSet; #IMPLIED
+    id        ID       #IMPLIED
+    %simpleTypeAttrs;>
+<!-- name is required at top level -->
+<!ELEMENT %restriction; ((%annotation;)?,
+                         (%restriction1; |
+                          ((%simpleType;)?,(%facet;)*)),
+                         (%attrDecls;))>
+<!ATTLIST %restriction;
+    base      %QName;                  #IMPLIED
+    id        ID       #IMPLIED
+    %restrictionAttrs;>
+<!--
+        base and simpleType child are mutually exclusive,
+        one is required.
+
+        restriction is shared between simpleType and
+        simpleContent and complexContent (in XMLSchema.xsd).
+        restriction1 is for the latter cases, when this
+        is restricting a complex type, as is attrDecls.
+  -->
+<!ELEMENT %list; ((%annotation;)?,(%simpleType;)?)>
+<!ATTLIST %list;
+    itemType      %QName;             #IMPLIED
+    id        ID       #IMPLIED
+    %listAttrs;>
+<!--
+        itemType and simpleType child are mutually exclusive,
+        one is required
+  -->
+<!ELEMENT %union; ((%annotation;)?,(%simpleType;)*)>
+<!ATTLIST %union;
+    id            ID       #IMPLIED
+    memberTypes   %QNames;            #IMPLIED
+    %unionAttrs;>
+<!--
+        At least one item in memberTypes or one simpleType
+        child is required
+  -->
+
+<!ELEMENT %maxExclusive; %facetModel;>
+<!ATTLIST %maxExclusive;
+        %facetAttr;
+        %fixedAttr;
+        %maxExclusiveAttrs;>
+<!ELEMENT %minExclusive; %facetModel;>
+<!ATTLIST %minExclusive;
+        %facetAttr;
+        %fixedAttr;
+        %minExclusiveAttrs;>
+
+<!ELEMENT %maxInclusive; %facetModel;>
+<!ATTLIST %maxInclusive;
+        %facetAttr;
+        %fixedAttr;
+        %maxInclusiveAttrs;>
+<!ELEMENT %minInclusive; %facetModel;>
+<!ATTLIST %minInclusive;
+        %facetAttr;
+        %fixedAttr;
+        %minInclusiveAttrs;>
+
+<!ELEMENT %totalDigits; %facetModel;>
+<!ATTLIST %totalDigits;
+        %facetAttr;
+        %fixedAttr;
+        %totalDigitsAttrs;>
+<!ELEMENT %fractionDigits; %facetModel;>
+<!ATTLIST %fractionDigits;
+        %facetAttr;
+        %fixedAttr;
+        %fractionDigitsAttrs;>
+
+<!ELEMENT %length; %facetModel;>
+<!ATTLIST %length;
+        %facetAttr;
+        %fixedAttr;
+        %lengthAttrs;>
+<!ELEMENT %minLength; %facetModel;>
+<!ATTLIST %minLength;
+        %facetAttr;
+        %fixedAttr;
+        %minLengthAttrs;>
+<!ELEMENT %maxLength; %facetModel;>
+<!ATTLIST %maxLength;
+        %facetAttr;
+        %fixedAttr;
+        %maxLengthAttrs;>
+
+<!-- This one can be repeated -->
+<!ELEMENT %enumeration; %facetModel;>
+<!ATTLIST %enumeration;
+        %facetAttr;
+        %enumerationAttrs;>
+
+<!ELEMENT %whiteSpace; %facetModel;>
+<!ATTLIST %whiteSpace;
+        %facetAttr;
+        %fixedAttr;
+        %whiteSpaceAttrs;>
+
+<!-- This one can be repeated -->
+<!ELEMENT %pattern; %facetModel;>
+<!ATTLIST %pattern;
+        %facetAttr;
+        %patternAttrs;>
-- 
cgit v1.2.3