Add sample AAF Setup Demoing

Issue-ID: AAF-256 Change-Id: I1d21238c48cee5fa64184bf014d9cde975d51583 Signed-off-by: Instrumental <jcgmisc@stl.gathman.org>
author: Instrumental <jcgmisc@stl.gathman.org> 2018-04-23 15:43:47 -0500
committer: Instrumental <jcgmisc@stl.gathman.org> 2018-04-23 15:44:51 -0500
commit: 12f7f46efd897a01ebe7894d0f26f95a6c8e2672 (patch)
tree: 5aef7b8c1e6960c936f11126b0575d6bb86d8f4f /auth/sample/public
parent: 0d04b7513ab8f5c3bd9967fad9772688113fe437 (diff)
5 files changed, 568 insertions, 0 deletions
diff --git a/auth/sample/public/AAF_RootCA.cer b/auth/sample/public/AAF_RootCA.cer
new file mode 100644
index 00000000..e9a50d7e
--- /dev/null
+++ b/auth/sample/public/AAF_RootCA.cer
@@ -0,0 +1,31 @@
+-----BEGIN CERTIFICATE-----
+MIIFPjCCAyagAwIBAgIJAJ6u7cCnzrWdMA0GCSqGSIb3DQEBCwUAMCwxDjAMBgNV
+BAsMBU9TQUFGMQ0wCwYDVQQKDARPTkFQMQswCQYDVQQGEwJVUzAeFw0xODA0MDUx
+NDE1MjhaFw0zODAzMzExNDE1MjhaMCwxDjAMBgNVBAsMBU9TQUFGMQ0wCwYDVQQK
+DARPTkFQMQswCQYDVQQGEwJVUzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC
+ggIBAMA5pkgRs7NhGG4ew5JouhyYakgYUyFaG121+/h8qbSdt0hVQv56+EA41Yq7
+XGie7RYDQK9NmAFF3gruE+6X7wvJiChp+Cyd7sFMnb65uWhxEdxWTM2BJFrgfzUn
+H8ZCxgaCo3XH4PzlKRy2LQQJEJECwl/RZmRCXijMt5e9h8XoZY/fKkKcZZUsWNCM
+pTo266wjvA9MXLmdgReRj0+vrCjrNqy+htwJDztoiHWiYPqT6o8EvGcgjNqjlZx7
+NUNf8MfLDByqKF6+wRbHv1GKjn3/Vijd45Fv8riyRYROiFanvbV6jIfBkv8PZbXg
+2VDWsYsgp8NAvMxK+iV8cO+Ck3lBI2GOPZbCEqpPVTYbLUz6sczAlCXwQoPzDIZY
+wYa3eR/gYLY1gP2iEVHORag3bLPap9ZX5E8DZkzTNTjovvLk8KaCmfcaUMJsBtDd
+ApcUitz10cnRyZc1sX3gE1f3DpzQM6t9C5sOVyRhDcSrKqqwb9m0Ss04XAS9FsqM
+P3UWYQyqDXSxlUAYaX892u8mV1hxnt2gjb22RloXMM6TovM3sSrJS0wH+l1nznd6
+aFXftS/G4ZVIVZ/LfT1is4StoyPWZCwwwly1z8qJQ/zhip5NgZTxQw4mi7ww35DY
+PdAQOCoajfSvFjqslQ/cPRi/MRCu079heVb5fQnnzVtnpFQRAgMBAAGjYzBhMB0G
+A1UdDgQWBBRTVTPyS+vQUbHBeJrBKDF77+rtSTAfBgNVHSMEGDAWgBRTVTPyS+vQ
+UbHBeJrBKDF77+rtSTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAN
+BgkqhkiG9w0BAQsFAAOCAgEAPx/IaK94n02wPxpnYTy+LVLIxwdq/kawNd6IbiMz
+L87zmNMDmHcGbfoRCj8OkhuggX9Lx1/CkhpXimuYsZOFQi5blr/u+v4mIbsgbmi9
+7j+cUHDP0zLycvSvxKHty51LwmaX9a4wkJl5zBU4O1sd/H9tWcEmwJ39ltKoBKBx
+c94Zc3iMm5ytRWGj+0rKzLDAXEWpoZ5bE5PLJauA6UDCxDLfs3FwhbS7uDggxYvf
+jySF5FCNET94oJ+m8s7VeHvoa8iPGKvXrIqdd7XDHnqJJlVKr7m9S0fMbyEB8ci2
+RtOXDt93ifY1uhoEtEykn4dqBSp8ezvNMnwoXdYPDvTd9uCAFeWFLVreBAWxd25h
+PsBTkZA5hpa/rA+mKv6Af4VBViYr8cz4dZCsFChuioVebe9ighrfjB//qKepFjPF
+CyjzKN1u0JKm/2x/ORqxkTONG8p3uDwoIOyimUcTtTMv42bfYD88RKakqSFXE9G+
+Z0LlaKABqfjK49o/tsAp+c5LoNlYllKhnetO3QAdraHwdmC36BhoghzR1jpX751A
+cZn2VH3Q4XKyp01cJNCJIrua+A+bx6zh3RyW6zIIkbRCbET+UD+4mr8WIcSE3mtR
+ZVlnhUDO4z9//WKMVzwS9Rh8/kuszrGFI1KQozXCHLrce3YP6RYZfOed79LXaRwX
+dYY=
+-----END CERTIFICATE-----
diff --git a/auth/sample/public/aaf_2_0.xsd b/auth/sample/public/aaf_2_0.xsd
new file mode 100644
index 00000000..59d4331b
--- /dev/null
+++ b/auth/sample/public/aaf_2_0.xsd
@@ -0,0 +1,527 @@
+<!-- Used by AAF (ATT inc 2013) -->
+<xs:schema 
+	xmlns:xs="http://www.w3.org/2001/XMLSchema" 
+	xmlns:aaf="urn:aaf:v2_0" 
+	targetNamespace="urn:aaf:v2_0" 
+	elementFormDefault="qualified">
+	
+<!-- 
+	June 2, 2017, adding Roles, Perms, etc to NSRequest for Onboarding purposes.
+	
+	Note: jan 22, 2015.  Deprecating the "force" element in the "Request" Structure.  Do that
+	with Query Params. 
+	
+	Eliminate in 3.0 
+ -->
+<!--
+	Errors
+	Note: This Error Structure has been made to conform to the AT&T TSS Policies
+ -->
+	<xs:element name="error">
+		<xs:complexType>
+			<xs:sequence>
+				<!--
+				Unique message identifier of the format ‘ABCnnnn’ where ‘ABC’ is
+					either ‘SVC’ for Service Exceptions or ‘POL’ for Policy Exception.
+					Exception numbers may be in the	range of 0001 to 9999 where :
+					* 0001 to 0199 are reserved for	common exception messages
+					* 0200 to 0999 are reserved for Parlay Web Services specification use
+					* 1000-9999 are available for exceptions 
+				 -->
+				<xs:element name="messageId" type="xs:string" minOccurs="1" maxOccurs="1"/>
+				
+				<!-- 
+				Message text, with replacement
+					variables marked with %n, where n is
+					an index into the list of <variables>
+					elements, starting at 1
+				 -->
+				<xs:element name="text" type="xs:string" minOccurs="1" maxOccurs="1"/>
+				
+				<!-- 
+				List of zero or more strings that
+					represent the contents of the variables
+					used by the message text. -->
+				<xs:element name="variables" type="xs:string" minOccurs="0" maxOccurs="unbounded" />
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+
+<!-- 
+	Requests
+ -->
+	<xs:complexType name="Request">
+		<xs:sequence>
+			<xs:element name="start" type="xs:dateTime" minOccurs="1" maxOccurs="1" />
+			<xs:element name="end" type="xs:dateTime" minOccurs="1" maxOccurs="1"/>
+			<!-- Deprecated.  Use Query Command 
+			<xs:element name="force" type="xs:string" minOccurs="1" maxOccurs="1" default="false"/>
+			-->
+		</xs:sequence>
+	</xs:complexType>
+
+<!--
+	Keys
+ -->
+    <xs:element name="keys">
+    	<xs:complexType>
+    		<xs:sequence>
+    			<xs:element name="key" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
+    		</xs:sequence>
+    	</xs:complexType>
+    </xs:element>
+ 
+ 
+<!-- 
+	Permissions 
+-->	
+	<xs:complexType name = "pkey">
+		<xs:sequence>
+			<xs:element name="type" type="xs:string"/>
+			<xs:element name="instance" type="xs:string"/>
+			<xs:element name="action" type="xs:string"/>
+		</xs:sequence>
+	</xs:complexType>
+
+	<xs:element name="permKey">
+		<xs:complexType >
+			<xs:complexContent>
+				<xs:extension base="aaf:pkey" />
+			</xs:complexContent>
+		</xs:complexType>
+	</xs:element>
+	
+	<xs:element name="perm">
+		<xs:complexType >
+			<xs:complexContent>
+				<xs:extension base="aaf:pkey">
+					<xs:sequence>					
+						<xs:element name="roles" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
+						<!-- Note: feb 23, 2015.  Added description field. Verify backward compatibility. JR -->
+ 						<xs:element name="description" type="xs:string" minOccurs="0" maxOccurs="1"/>
+ 						<!-- This data not filled in unless Requested  -->
+ 						<xs:element name="ns" type="xs:string" minOccurs="0" maxOccurs="1"/>
+					</xs:sequence>
+				</xs:extension>
+			</xs:complexContent>
+		</xs:complexType>
+	</xs:element>
+	
+	<xs:element name="perms">
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element ref="aaf:perm" minOccurs="0" maxOccurs="unbounded"/>
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+
+	<xs:element name="permRequest">
+		<xs:complexType>
+			<xs:complexContent>
+				<xs:extension base="aaf:Request">
+					<xs:sequence>
+						<xs:element name="type" type="xs:string"/>
+						<xs:element name="instance" type="xs:string"/>
+						<xs:element name="action" type="xs:string"/>
+						<!-- Note: feb 23, 2015.  Added description field. Verify backward compatibility. JR -->
+						<xs:element name="description" type="xs:string" minOccurs="0" maxOccurs="1"/>
+					</xs:sequence>
+				</xs:extension>
+			</xs:complexContent>
+		</xs:complexType>
+	</xs:element>
+
+
+<!-- 
+	Roles 
+-->	
+	<xs:complexType name="rkey">
+		<xs:sequence>
+			<xs:element name="name" type="xs:string"/>
+		</xs:sequence>
+	</xs:complexType>
+	
+	<xs:element name="roleKey">
+		<xs:complexType >
+			<xs:complexContent>
+				<xs:extension base="aaf:rkey" />
+			</xs:complexContent>
+		</xs:complexType>
+	</xs:element>
+
+	<xs:element name="role">
+		<xs:complexType>
+			<xs:complexContent>
+				<xs:extension base="aaf:rkey">
+					<xs:sequence>
+						<xs:element name="perms" type="aaf:pkey" minOccurs="0" maxOccurs="unbounded"/>
+						<!-- Note: feb 23, 2015.  Added description field. Verify backward compatibility. JR -->
+						<xs:element name="description" type="xs:string" minOccurs="0" maxOccurs="1"/>
+						<!-- This data not filled in unless Requested  -->
+ 						<xs:element name="ns" type="xs:string" minOccurs="0" maxOccurs="1"/>
+					</xs:sequence>
+				</xs:extension>
+			</xs:complexContent>
+		</xs:complexType>
+	</xs:element>
+	
+	<xs:element name="roles">
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element ref="aaf:role" minOccurs="0" maxOccurs="unbounded"/>
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+
+	<xs:element name="roleRequest">
+		<xs:complexType>
+			<xs:complexContent>
+				<xs:extension base="aaf:Request">
+					<xs:sequence>
+						<xs:element name="name" type="xs:string" minOccurs="1" maxOccurs="1"/>
+						<!-- Note: feb 23, 2015.  Added description field. Verify backward compatibility. JR -->
+						<xs:element name="description" type="xs:string" minOccurs="0" maxOccurs="1"/>
+					</xs:sequence>
+				</xs:extension>
+			</xs:complexContent>
+		</xs:complexType>
+	</xs:element>
+
+	<!-- Added userRole return types jg1555 9/16/2015 -->
+	<xs:element name="userRole">
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="user" type="xs:string" minOccurs="1" maxOccurs="1"/>
+				<xs:element name="role" type="xs:string" minOccurs="1" maxOccurs="1"/>
+				<xs:element name="expires" type="xs:date" minOccurs="1" maxOccurs="1" />
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+	
+	<!-- Added userRoles return types jg1555 9/16/2015 -->
+	<xs:element name="userRoles">
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element ref="aaf:userRole" minOccurs="0" maxOccurs="unbounded"/>
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+
+	<xs:element name="userRoleRequest">
+		<xs:complexType>
+			<xs:complexContent>
+				<xs:extension base="aaf:Request">
+					<xs:sequence>
+						<xs:element name="user" type="xs:string" minOccurs="1" maxOccurs="1"/>
+						<xs:element name="role" type="xs:string" minOccurs="1" maxOccurs="1"/>
+					</xs:sequence>
+				</xs:extension>
+			</xs:complexContent>
+		</xs:complexType>
+	</xs:element>
+	
+	<xs:element name="rolePermRequest">
+		<xs:complexType>
+			<xs:complexContent>
+				<xs:extension base="aaf:Request">
+					<xs:sequence>
+						<xs:element name="perm" type="aaf:pkey" minOccurs="1" maxOccurs="1"/>
+						<xs:element name="role" type="xs:string" minOccurs="1" maxOccurs="1"/>
+					</xs:sequence>
+				</xs:extension>
+			</xs:complexContent>
+		</xs:complexType>
+	</xs:element>
+	
+	<xs:element name="nsRequest">
+		<xs:complexType>
+			<xs:complexContent>
+				<xs:extension base="aaf:Request">
+					<xs:sequence>
+						<xs:element name="name" type="xs:string" minOccurs="1" maxOccurs="1"/>
+						<xs:element name="admin" type="xs:string" minOccurs="1" maxOccurs="unbounded"/>
+						<xs:element name="responsible" type="xs:string" minOccurs="1" maxOccurs="unbounded"/>
+						<!-- Note: feb 23, 2015.  Added description field. Verify backward compatibility. JR -->
+						<xs:element name="description" type="xs:string" minOccurs="0" maxOccurs="1"/>
+						<!-- Note: dec 11, 2015.  Request-able NS Type JG -->
+						<xs:element name="type" type="xs:string" minOccurs="0" maxOccurs="1"/>
+	
+						<!-- "scope" is deprecated and unused as of AAF 2.0.11.  It will be removed in future versions
+							<xs:element name="scope" type="xs:int" minOccurs="0" maxOccurs="1"/>
+							
+													
+						<xs:element ref="aaf:roleRequest" minOccurs="0" maxOccurs="unbounded"/>
+						<xs:element ref="aaf:permRequest" minOccurs="0" maxOccurs="unbounded"/>
+						<xs:element name="aaf_id" type="xs:string" minOccurs="0" maxOccurs="1"/>
+						<xs:element ref="aaf:userRoleRequest" minOccurs="0" maxOccurs="unbounded"/>
+						<xs:element name = "attrib" minOccurs="0" maxOccurs="unbounded">
+								<xs:complexType>
+									<xs:sequence>
+										<xs:element name = "key" type="xs:string" minOccurs="1" maxOccurs="1"/>
+										<xs:element name = "value" type="xs:string" minOccurs="0" maxOccurs="1"/>
+									</xs:sequence>
+								</xs:complexType>
+							</xs:element>
+
+							
+						-->
+					</xs:sequence>
+				</xs:extension>
+			</xs:complexContent>
+		</xs:complexType>
+	</xs:element>
+
+	<xs:element name="nsAttribRequest">
+		<xs:complexType>
+			<xs:complexContent>
+				<xs:extension base="aaf:Request">
+					<xs:sequence>
+						<xs:element name="ns" type="xs:string" minOccurs="1" maxOccurs="1"/>
+						<xs:element name = "attrib" minOccurs="0" maxOccurs="unbounded">
+							<xs:complexType>
+								<xs:sequence>
+									<xs:element name = "key" type="xs:string" minOccurs="1" maxOccurs="1"/>
+									<xs:element name = "value" type="xs:string" minOccurs="0" maxOccurs="1"/>
+								</xs:sequence>
+							</xs:complexType>
+						</xs:element>
+					</xs:sequence>
+				</xs:extension>
+			</xs:complexContent>
+		</xs:complexType>
+	</xs:element>
+
+	<xs:element name = "nss">
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name = "ns" minOccurs="0" maxOccurs="unbounded">
+					<xs:complexType>
+						<xs:sequence>
+							<xs:element name = "name" type = "xs:string" minOccurs="1" maxOccurs="1"/>
+							<xs:element name = "responsible" type = "xs:string" minOccurs="0" maxOccurs="unbounded"/>
+							<xs:element name = "admin" type = "xs:string" minOccurs="0" maxOccurs="unbounded"/>
+							<!-- Note: feb 23, 2015.  Added description field. Verify backward compatibility. JR -->
+							<xs:element name = "description" type = "xs:string" minOccurs="0" maxOccurs="1"/>
+							<!-- Note: Dec 16, 2015.  Added description field. Verify backward compatibility. JG -->
+							<xs:element name = "attrib" minOccurs="0" maxOccurs="unbounded">
+								<xs:complexType>
+									<xs:sequence>
+										<xs:element name = "key" type="xs:string" minOccurs="1" maxOccurs="1"/>
+										<xs:element name = "value" type="xs:string" minOccurs="0" maxOccurs="1"/>
+									</xs:sequence>
+								</xs:complexType>
+							</xs:element>
+						</xs:sequence>
+					</xs:complexType>
+				</xs:element>
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+
+<!-- 
+	Users 
+-->	
+	<xs:element name="users">
+		<xs:complexType>
+			<xs:sequence>
+		   		<xs:element name="user" minOccurs="0" maxOccurs="unbounded">
+		   			<xs:complexType>
+		   				<xs:sequence>
+				       		<xs:element name="id" type="xs:string"  minOccurs="1" maxOccurs="1" />
+				       		<!-- Changed type to dateTime, because of importance of Certs -->
+				       		<xs:element name="expires" type="xs:dateTime" minOccurs="1" maxOccurs="1" />
+				       		<!-- need to differentiate User Cred Types, jg1555 5/20/2015
+				       			 This Return Object is shared by multiple functions: 
+				       			 	Type is not returned for "UserRole", but only "Cred" 
+				       		-->
+				       		<xs:element name="type" type="xs:int" minOccurs="0" maxOccurs="1" />
+		   				</xs:sequence>
+		   			</xs:complexType>
+		   		</xs:element>
+		   	</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+
+<!-- 
+	Certs
+	Added jg1555 5/20/2015 to support identifying Certificate based Services
+ -->
+	<xs:element name="certs">
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="cert" minOccurs="0" maxOccurs="unbounded">
+					<xs:complexType>
+						<xs:sequence>
+							<xs:element name="id" type="xs:string" minOccurs="1" maxOccurs="1" />
+							<xs:element name="x500" type="xs:string" minOccurs="1" maxOccurs="1" />
+							<xs:element name="expires" type="xs:dateTime" minOccurs="1" maxOccurs="1" />
+							<xs:element name="fingerprint" type="xs:hexBinary" minOccurs="1" maxOccurs="1" />
+						</xs:sequence>
+					</xs:complexType>
+				</xs:element>
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+
+<!-- 
+	Credentials 
+-->	
+	<xs:element name="credRequest">
+		<xs:complexType>
+			<xs:complexContent>
+				<xs:extension base="aaf:Request">
+					<xs:sequence>
+						<xs:element name="id" type="xs:string"/>
+						<xs:element name="type" type="xs:int" minOccurs="0" maxOccurs="1"/>
+						<xs:choice >
+							<xs:element name="password" type="xs:string" />
+							<xs:element name="entry" type="xs:string" />
+						</xs:choice>
+					</xs:sequence>
+				</xs:extension>
+			</xs:complexContent>
+		</xs:complexType>
+	</xs:element>
+	
+<!--
+	Multi Request 
+ -->
+ 
+    <xs:element name="multiRequest"> 
+		<xs:complexType>
+			<xs:complexContent>
+				<xs:extension base="aaf:Request">
+					<xs:sequence>
+						<xs:element ref="aaf:nsRequest" minOccurs="0" maxOccurs="1"/>
+						<xs:element ref="aaf:nsAttribRequest" minOccurs="0" maxOccurs="unbounded"/>
+						<xs:element ref="aaf:roleRequest" minOccurs="0" maxOccurs="unbounded"/>
+						<xs:element ref="aaf:permRequest" minOccurs="0" maxOccurs="unbounded"/>
+						<xs:element ref="aaf:credRequest" minOccurs="0" maxOccurs="unbounded"/>
+						<xs:element ref="aaf:userRoleRequest" minOccurs="0" maxOccurs="unbounded"/>
+						<xs:element ref="aaf:rolePermRequest" minOccurs="0" maxOccurs="unbounded"/>
+					</xs:sequence>
+				</xs:extension>
+			</xs:complexContent>
+		</xs:complexType>
+    </xs:element>
+	
+<!--
+	History 
+ -->
+ 	<xs:element name="history">
+ 		<xs:complexType>
+ 			<xs:sequence>
+ 				<xs:element name="item" minOccurs="0" maxOccurs="unbounded">
+			 		<xs:complexType>
+			 			<xs:sequence>
+			 				<xs:element name="YYYYMM" type="xs:string" minOccurs="1" maxOccurs="1"/>
+			 				<xs:element name="timestamp" type="xs:dateTime" minOccurs="1" maxOccurs="1"/>
+			 				<xs:element name="subject" type="xs:string" minOccurs="1" maxOccurs="1"/>
+			 				<xs:element name="target" type = "xs:string" minOccurs="1" maxOccurs="1"/>
+			 				<xs:element name="action" type="xs:string" minOccurs="1" maxOccurs="1"/>
+			 				<xs:element name="memo" type="xs:string" minOccurs="1" maxOccurs="1"/>
+			 				<xs:element name="user" type="xs:string" minOccurs="1" maxOccurs="1"/>
+			 			</xs:sequence>
+			 		</xs:complexType>
+			 	</xs:element>
+		 	</xs:sequence>
+		 </xs:complexType>
+ 	</xs:element>
+ 
+<!-- 
+	Approvals
+ -->
+ 	<xs:complexType name="approval">
+	   <xs:sequence>
+	   	   <!-- Note, id is set by system -->
+	   	   <xs:element name="id" type="xs:string" minOccurs="0" maxOccurs="1"/>
+	   	   <xs:element name="ticket" type="xs:string"/>
+	       <xs:element name="user" type="xs:string"/>
+	       <xs:element name="approver" type="xs:string"/>
+	       <xs:element name="type" type="xs:string"/>
+	       <xs:element name="memo" type="xs:string"/>
+	       <xs:element name="updated" type="xs:dateTime"/>
+	       <xs:element name="status">
+			  <xs:simpleType>
+			    <xs:restriction base="xs:string">
+			      <xs:enumeration value="approve"/>
+			      <xs:enumeration value="reject"/>
+			      <xs:enumeration value="pending"/>
+			    </xs:restriction>
+			  </xs:simpleType>
+		   </xs:element> 	
+		   <xs:element name="operation">
+			  <xs:simpleType>
+			    <xs:restriction base="xs:string">
+			      <xs:enumeration value="C"/>
+			      <xs:enumeration value="U"/>
+			      <xs:enumeration value="D"/>
+			      <xs:enumeration value="G"/>
+			      <xs:enumeration value="UG"/>
+			    </xs:restriction>
+			  </xs:simpleType>
+		   </xs:element> 	
+	   </xs:sequence>
+	</xs:complexType>
+	<xs:element name="approvals">
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="approvals" type="aaf:approval" minOccurs="1" maxOccurs="unbounded"/>
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+	
+<!-- 
+	Delegates 
+-->	
+	<xs:complexType name="delg">
+	   <xs:sequence>
+	       <xs:element name="user" type="xs:string"/>
+	       <xs:element name="delegate" type="xs:string"/>
+	       <xs:element name="expires" type="xs:date"/>
+	   </xs:sequence>
+	</xs:complexType>
+	
+	<xs:element name="delgRequest">
+		<xs:complexType>
+			<xs:complexContent>
+				<xs:extension base="aaf:Request">
+					<xs:sequence>
+				       <xs:element name="user" type="xs:string" minOccurs="1" maxOccurs="1"/>
+				       <xs:element name="delegate" type="xs:string" minOccurs="1" maxOccurs="1"/>
+					</xs:sequence>
+				</xs:extension>
+			</xs:complexContent>
+		</xs:complexType>
+	</xs:element>
+
+	<xs:element name="delgs">
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="delgs" type="aaf:delg" minOccurs="0" maxOccurs="unbounded"/>
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+	
+	<!-- jg 3/11/2015 New for 2.0.8 -->
+	<xs:element name="api">
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="route" minOccurs="0" maxOccurs="unbounded">
+					<xs:complexType>
+						<xs:sequence>
+							<xs:element name="meth" type="xs:string" minOccurs="1" maxOccurs="1"/>
+							<xs:element name="path" type="xs:string" minOccurs="1" maxOccurs="1"/>
+							<xs:element name="param" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
+							<xs:element name="desc" type="xs:string" minOccurs="1" maxOccurs="1"/>
+							<xs:element name="comments" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
+							<xs:element name="contentType" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
+							<xs:element name="expected" type="xs:int" minOccurs="1" maxOccurs="1"/>
+							<xs:element name="explicitErr" type="xs:int" minOccurs="0" maxOccurs="unbounded"/>
+						</xs:sequence>	
+					</xs:complexType>
+				</xs:element>
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+</xs:schema>
+\ No newline at end of file
diff --git a/auth/sample/public/iframe_denied_test.html b/auth/sample/public/iframe_denied_test.html
new file mode 100644
index 00000000..613e9c70
--- /dev/null
+++ b/auth/sample/public/iframe_denied_test.html
@@ -0,0 +1,10 @@
+<!DOCTYPE html>
+<html>
+<body>
+
+<iframe src="https://mithrilcsp.sbc.com:8095/gui/home">
+  <p>Your browser does not support iframes.</p>
+</iframe>
+
+</body>
+</html>
diff --git a/auth/sample/public/truststoreONAP.p12 b/auth/sample/public/truststoreONAP.p12
new file mode 100644
index 00000000..d01e8569
--- /dev/null
+++ b/auth/sample/public/truststoreONAP.p12
diff --git a/auth/sample/public/truststoreONAPall.jks b/auth/sample/public/truststoreONAPall.jks
new file mode 100644
index 00000000..ff844b10
--- /dev/null
+++ b/auth/sample/public/truststoreONAPall.jks
author	Instrumental <jcgmisc@stl.gathman.org>	2018-04-23 15:43:47 -0500
committer	Instrumental <jcgmisc@stl.gathman.org>	2018-04-23 15:44:51 -0500
commit	12f7f46efd897a01ebe7894d0f26f95a6c8e2672 (patch)
tree	5aef7b8c1e6960c936f11126b0575d6bb86d8f4f /auth/sample/public
parent	0d04b7513ab8f5c3bd9967fad9772688113fe437 (diff)