/usr/share/arc/schema/arguspepclient.xsd is in libarccommon3v5 5.4.2-1build1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 | <?xml version="1.0" encoding="UTF-8"?>
<xsd:schema
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
targetNamespace="http://www.nordugrid.org/schemas/arguspep/2009/10"
xmlns="http://www.nordugrid.org/schemas/arguspep/2010/10"
elementFormDefault="qualified"
attributeFormDefault="unqualified">
<xsd:element name="PEPD" type="xsd:anyURI"/>
<xsd:element name="Conversion">
<xsd:simpleType>
<xsd:annotation>
<xsd:documentation xml:lang="en">
This element defines how to compose message to PEPD service.
The "subject" option means only X.509 subject will be sent
using predefined XACML attribute. This is default behavior.
In case of "direct" request will be translated from usual
ARC authorization request. The "cream" will cause this
handler emulate CREAM CE. And "emi" will make it use
common EMI XACML profile.
</xsd:documentation>
</xsd:annotation>
<xsd:restriction base="xsd:string">
<xsd:enumeration value="subject"/>
<xsd:enumeration value="direct"/>
<xsd:enumeration value="cream"/>
<xsd:enumeration value="emi"/>
</xsd:restriction>
</xsd:simpleType>
</xsd:element>
<xsd:element name="Filter">
<xsd:complexType>
<xsd:annotation>
<xsd:documentation xml:lang="en">
This element defines Security Attributes to select and reject.
If there are no Select elements all Attributes are used except
those listed in Reject elements.
</xsd:documentation>
</xsd:annotation>
<xsd:sequence>
<xsd:element name="Select" type="xsd:string" minOccurs="0" maxOccurs="unbounded"/>
<xsd:element name="Reject" type="xsd:string" minOccurs="0" maxOccurs="unbounded"/>
</xsd:sequence>
</xsd:complexType>
</xsd:element>
<xsd:element name="KeyPath" type="xsd:string" default="/etc/grid-security/hostkey.pem">
<xsd:annotation>
<xsd:documentation xml:lang="en">
Location of private key used for connecting PEP server.
</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="CertificatePath" type="xsd:string" default="/etc/grid-security/hostcert.pem">
<xsd:annotation>
<xsd:documentation xml:lang="en">
Location of public certificate used for connecting PEP server.
</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="ProxyPath" type="xsd:string">
<xsd:annotation>
<xsd:documentation xml:lang="en">
Location of proxy credentials used for connecting PEP server.
If present KeyPath and CertificatePath are not needed.
</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="CACertificatesDir" type="xsd:string">
<xsd:annotation>
<xsd:documentation xml:lang="en">
Directory containing certificates of accepted CAs.
</xsd:annotation>
</xsd:element>
<xsd:element name="AcceptMapping" type="xsd:boolean">
<xsd:annotation>
<xsd:documentation xml:lang="en">
Specify if local account name returned by Argus is to be used.
Default is not to apply local account provided by Argus.
</xsd:annotation>
</xsd:element>
</xsd:schema>
|