...
- Pick a namespace for the plugin. Do NOT use the
urn:mace:shibbolethnamespace. - Create the schema file in
$PROJ_HOME/resources/schema- Set the
targetNamespaceto the chosen namespace - Declare any Shibboleth namespaces that will be used via the customary
xmlns:PREFIXattributes. At a minimum the namespace associated with the extension point must be declared. - Set the
elementFormDefaultattribute value to "qualified"
- Set the
- Import the schema file that contains the plugin point being implemented. This is done with the
<xsd:import namespace="SHIB_EXT_POINT_NAMESPACE" schemaLocation="classpath:/PATH/TO/YOUR/SCHEMA.xsd" />. Shibboleth defines a special URL scheme,classpath, which ensures that the schema files are resolved from the classpath. No other resolution mechanism is allowed. - Define the plugin type(s) and ensure they extend the appropriate Shibboleth type.
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
<schema targetNamespace="urn:mace:example.org:shibboleth:authn"
xmlns="http://www.w3.org/2001/XMLSchema"
xmlns:ph="urn:mace:shibboleth:2.0:idp:profile-handler"
elementFormDefault="qualified">
<import namespace="urn:mace:shibboleth:2.0:idp:profile-handler"
schemaLocation="classpath:/schema/shibboleth-2.0-idp-profile-handler.xsd" />
<complexType name="IPAddress">
<complexContent>
<extension base="ph:LoginHandlerType">
<sequence>
<element name="IPEntry" type="string" maxOccurs="unbounded" />
</sequence>
<attribute name="username" type="string" />
</extension>
</complexContent>
</complexType>
</schema>
|
...