Versions Compared

Old Version 5

changes.mady.by.user Jeroen Wijenbergh

Saved on

compared with

New Version 6

changes.mady.by.user Martin van Es

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Note: This EAP XSD is modified from the CAT project at https://github.com/GEANT/CAT/blob/master/devices/xml/eap-metadata.xsd

1.1. General structure

Code Block
EAPIdentityProviderList
  EAPIdentityProvider+ (version, lang, ID)
    ValidUntil?

    AuthenticationMethods+
      AuthenticationMethod*
        EAPMethod?
          Type
          TypeSpecific
          VendorSpecific
        ServerSideCredential?
          CA*
          ServerID*
        ClientSideCredential
          OuterIdentity?
          InnerIdentityPrefix?
          InnerIdentitySuffix?
          InnerIdentityHint?
          Username?
          UserName?
          Password?
          ClientCertificate?
          IntermediateCACertificate*
          Passphrase?
          PAC?
          ProvisionPAC?
        InnerAuthenticationMethod
          EAPMethod?
          NonEapMethod?
            Type
            TypeSpecific?
            VendorSpecific*
          ServerSideCredential?
          ClientSideCredential?

    CredentialApplicability
      IEEE80211*
        SSID?
        ConsortiumOID?
        MinRSNProto?
      IEEE8023*
        NetworkID

    ProviderInfo?
      DisplayName*
      Description*
      ProviderLocation*
        Longitude
        Latitude
      ProviderLogo
      TermsOfUse*
      Helpdesk?

    VendorSpecific?

ClientCredential and ServerCredential

Not all EAP types and non-EAP authentication methods need or support all types of credentials in the list below.
While the Schema allows to put all kinds of credential information inside every AuthenticationMethod, even where the information is not applicable, tags which are not applicable for an authentication EAP or non-EAP type SHOULD NOT be included in the corresponding instance of AuthenticationMethod or InnerAuthenticationMethod when producing the XML file, and MUST be ignored by the entity consuming the XML file if present in the XML file.

IEEE80211

The conditions inside this element are considered AND conditions. It does e.g. not make sense to have multiple SSIDs in one IEEE80211 field because the condition would never match.
To specify multiple ORed network properties, use multiple IEEE80211 instances.

EAPIdentityProvider

If the optional attribute "lang" for the EAPIdentityProvider tag is specified, then all user-displayable strings inside this tag are to be considered suitable for use in user interfaces in that language. Individual lang tags for the sub-tags inside EAPIdentityProvider then SHOULD NOT be used.

If the optional attribute "lang" for the EAPIdentityProvider tag is not set, individual sub-tags which contain user-displayable strings SHOULD be marked with the language they are written/available in.

1.1.  Methods and authentication

...