...
- Pick a namespace for the plugin. Do NOT use the
urn:mace:shibboleth
namespace. - Create the schema file in
$PROJ_HOME/resources/schema
- Set the
targetNamespace
to the chosen namespace - Declare any Shibboleth namespaces that will be used via the customary
xmlns:PREFIX
attributes. At a minimum the namespace associated with the extension point must be declared. - Set the
elementFormDefault
attribute value to "qualified"
- Set the
- Import the schema file that contains the plugin point being implemented. This is done with the
<xsd:import namespace="SHIB_EXT_POINT_NAMESPACE" schemaLocation="classpath:/PATH/TO/YOUR/SCHEMA.xsd" />
. Shibboleth defines a special URL scheme,classpath
, which ensures that the schema files are resolved from the classpath. No other resolution mechanism is allowed. - Define the plugin type(s) and ensure they extend the appropriate Shibboleth type.
Code Block | ||||||
---|---|---|---|---|---|---|
| ||||||
<schema targetNamespace="urn:mace:example.org:shibboleth:authn" xmlns="http://www.w3.org/2001/XMLSchema" xmlns:ph="urn:mace:shibboleth:2.0:idp:profile-handler" elementFormDefault="qualified"> <import namespace="urn:mace:shibboleth:2.0:idp:profile-handler" schemaLocation="classpath:/schema/shibboleth-2.0-idp-profile-handler.xsd" /> <complexType name="IPAddress"> <complexContent> <extension base="ph:LoginHandlerType"> <sequence> <element name="IPEntry" type="string" maxOccurs="unbounded" /> </sequence> <attribute name="username" type="string" /> </extension> </complexContent> </complexType> </schema> |
...