From af3487b9c4a9b630d88b55c2bcc4bedf257cab4a Mon Sep 17 00:00:00 2001 From: Björn Mattsson Date: Thu, 19 Oct 2023 16:05:58 +0200 Subject: Added files from Wiki + base files for repo --- schema/shibboleth-attribute-resolver.xsd | 2274 ++++++++++++++++++++++++++++++ 1 file changed, 2274 insertions(+) create mode 100644 schema/shibboleth-attribute-resolver.xsd (limited to 'schema/shibboleth-attribute-resolver.xsd') diff --git a/schema/shibboleth-attribute-resolver.xsd b/schema/shibboleth-attribute-resolver.xsd new file mode 100644 index 0000000..cca79e7 --- /dev/null +++ b/schema/shibboleth-attribute-resolver.xsd @@ -0,0 +1,2274 @@ + + + + + + + + Shibboleth V4 Attribute Resolver configuration schema + + + + + + Root of the attribute resolver configuration file. + + + + + + + + + + + A unique identifier for this Resolver. + + + + + + + + Defines an attribute definition within this resolver. + + + + + + + + Attribute definition define the finished attributes to be released by the + resolver. + + Definitions derived from this type need to explicitly include (as a choice) + the Dependency, DisplayName, DisplayDescription and Encoder sub elements + + + + + + + + + A boolean flag that indicates whether this attribute definition is + only defined because its data is needed elsewhere within the resolver + and as such should not be released outside the resolver. + + + + + + + A boolean flag that indicates whether this attribute definition and + its dependencies are to be resolved in a "first pass", prior to the + main resolution. These attributes will be populated into a child + context so as to be available to activationConditions. + + + + + + + + + + Defines an encoder for an attribute. + + + + + + + An attribute encoder is responsible for converting an attribute, and its values, + into a protocol specific representation such as a SAML 1 or SAML 2 Attribute. + The use of them to produce a SAML NameIdentifier/NameID is DEPRECATED. + + + + + + + A scripted predicate which controls whether this encoder will run + + + + + + + + + A boolean indicating whether the encoding should include type information. This is + encoding-specific (e.g., for XML it likely involves xsi:type). + + + + + + + A reference to a Predicate which controls whether this encoder will run + Mutually exclusive with relyingParties + + + + + + + A (space separated) list of entities for which this plugin is to be active + Mutually exclusive with activationConditionRef + + + + + + + + + Defines a data connector which is used to pull information from local + infrastructure. + + + + + + + + Data connectors pull information from local infrastructure, such as + databases and LDAP directories, and make these raw attributes available + to attribute definitions for finishing. + + + + + + + Time to bypass connector after a failure before trying it again. + + + + + A list of attribute names to be exported by the resolution process from this data connector. + + + + + + + + + + A base type for all attribute resolver plugins: data and principal + connectors and attribute definitions + + + + + A unique identifier for this definition. + + + + + + A reference to a predicate to decide whether this plugin is applicable. + Mutually exclusive with [exclude]relyingParties and [exclude]resolutionPhases. + + + + + + + A (space separated) list of entities for which this plugin is to be active. + Mutually exclusive with activationConditionRef. + + + + + + + A (space separated) list of entities for which this plugin is to be inactive. + Mutually exclusive with activationConditionRef. + + + + + + + A (space separated) list of resolution "phases" for which this plugin is to be active. + Mutually exclusive with activationConditionRef. + + + + + + + A (space separated) list of resolution "phases" for which this plugin is to be inactive. + Mutually exclusive with activationConditionRef. + + + + + + + DEPRECATED: Whether to ripple errors produced by the plugin out to the resolver (default is true). + + + + + + + + + Defines a dependency on a specific Attribute Definition. + + + + + + + Defines a dependency on a specific Data Connector. + + attributeNames is a space separated list of attribute names. Property replacement done + before "listification"" + + allAttributes means take all attributes. Property replacement done before conversion + + One one of the above are allowed. + + + + + + + + + + + + + + + Defines a data connector to use should the parent data connector fail. + + + + + + An (abstract) type that represents a reference to another plugin + + + + + + + + + + + + + + + + Performs many to one mapping of source values to a return value. SourceValue strings may include regular + expressions and the ReturnValue may include back references to capturing groups as supported by + java.util.regex.Pattern. + + + + + + The value to be returned from this value map. + + + + + A regular expression string to be matched against the incoming value. + + + + + + + If true, value matching will be case-sensitive. + + + + + + If true, the SourceValue may match only a substring of the incoming value. By + default, it must match the entire value. + + + + + + + + + + + + + A attribute definition to pull attribute values from anywhere in the PRC tree + + + + + + + + + + + The Function to generate the Attribute Values given a PRC + + + + + + + + + + The mapped attribute definition performs a many to many mapping from source attributes values provided + by the definition's dependencies to values which are returned. Each source value is passed through each + defined ValueMap which may result in one or more resulting values. If no ValueMaps match the source + value and a DefaultValue is defined, the DefaultValue is used. + + + + + + + + + + + + + + A source value is mapped to the DefaultValue if none of the ValueMaps result in a match. + This string may not contain regular expression back references. + + + + + + + + + If true, the source value is passed thru unmodified. If passThru is + enabled, DefaultValue may not contain a string value. + + + + + + + + + + + + + + + + + An attribute definition that splits the values of the source attribute into an attribute value + with a value and scope. + + + + + + + + + + + + + + Delimiter between the value and scope. + + + + + + + + + Exposes the principal's name as an attribute definition. + + + + + + + + + + + + + + + An attribute definition that splits the source attribute's values based on a regular expression. + + + + + + + + + + + + + The regular expression used to split a value. + + + + + + A boolean flag indicating the case sensitivity of the regular expression. + + + + + + + + + + DEPRECATED: An attribute definition that creates attributes whose values are SAML 1 NameIdentifiers. + + + + + + + + + + + + + The SAML 1 NameFormat of the NameID. + + + + + The SAML 1 NameQualifier of the NameID. + + + + + + + + + DEPRECATED: An attribute definition that creates attributes whose values are SAML 2 NameIDs. + + + + + + + + + + + + + The SAML 2 NameFormat of the NameID. + + + + + The SAML 2 NameQualifier of the NameID. + + + + + The SAML 2 SPNameQualifier of the NameID. + + + + + + + + + A basic attribute definition which supports attribute scoping. + + + + + + + + + + + + + Value to use for scoping the attribute. + + + + + Attribute whose values will be used for scoping the attribute. + + + + + + + + + + An attribute definition that constructs its attributes by means of a script supported by JSR-223. The + script is provided all the edu.internet2.middleware.shibboleth.common.attribute.Attribute object + resolved from all the definitions dependencies. The resultant attribute definition must then be bound to + a script attribute corresponding to the script variable whose name is the ID of the definition. This + variable is injected into the script by the attribute definition. + + + + + + + + + + + + + + The script to evaluate to construct the attribute. + + + + + + The filesystem path to the script to evaluate to construct the attribute. + + + + + + + + The JSR-233 name for the scripting language that will be used. By default "javascript" is + supported. + + + + + + + The name of a bean defined somewhere else which will be injected into the script as an + object called "custom". If not supplied, nothing is injected. + + + + + + + + + + A basic attribute definition. + + + + + + + + + + + + + Do we drop null values (default: FALSE) + + + + + + + + + An attribute definition producing date/time values. + + + + + + + + + + + + + Are conversion errors ignored? (default: FALSE) + + + + + + Use seconds as epoch unit instead of millseconds when converting numeric data (default: TRUE) + + + + + + A formatting string to use converting string data. + + + + + + + + + An attribute definition involving an encrypted (DataSealed) attribute + + + + + + + + + + + + + Value to use for the decryption key + + + + + + + + + A attribute definition to pull attribute values from the Principals. A short cut looks at IdPAttributePrincipals + + + + + + + + + + + + Provides a plug in point to allow general extraction of values from Principals. + Mutually exclusive with principalAttributeName. + + + + + + + The id of the IdPAttribute contained within a IdPAttributePrincipal to look for. + Mutually exclusive with attributeValueEngineRef. + + + + + + + If true, the source Subject is assumed to be undergoing C14N rather than the + usual post-authentication source. Defaults to false. + + + + + + + + + + + An Attribute Definition that constructs its values based on the values of its dependencies using the + Velocity Template Language. Dependencies may have multiple values, however multiple dependencies must + have the same number of values. In the case of multi-valued dependencies, the template will be evaluated + multiples times, iterating over each dependency. + + + + + + + + + + + + + + Template specified in the Velocity Template Language used to construct attribute values. + + + + + + + Name of the velocity engine defined within the application. + + + + + + + + + + An ID created by digesting the requesting entityID, an attribute value (usually a user identifier), and a salt. + + + + + + + + + + + + + The name of the attribute produced by this data connector. + + + + + + + A salt, of at least 16 bytes, used in the computed ID. + + + + + + + A base64-encoded salt, of at least 16 bytes, used in the computed ID. + + + + + + + The JCE digest algorithm to use, defaults to SHA-1. + + + + + + + An encoding type to apply after the digest, defaults to BASE64 but should + be set to BASE32. + + + + + + + Spring bean reference to a map of overrides that alter salt or suppress generation + for particular users/services. + + + + + + + Spring bean reference to a BiFunction<ProfileRequestContext,PairwiseId> + to obtain the salt. + + + + + + + + + + + A data connector that can pull information from an LDAP, version 3, directory. + + + + + + + + + + + + A template used to construct the LDAP filter used to query the directory. + + + + + + + A space separated list of attributes that should be returned from the query. + + + + + + + A space separated list of attributes whose values should be encoded. + + + + + + + The X.509 trust information to use when connecting to the directory over LDAPS or startTLS. + DEPRECATED in 3.4 Use trustFile= + + + + + + + The X.509 client authentication information to use when connecting to the directory over LDAPS or startTLS. + DEPRECATED in 3.4 Use authCert= and authKey + + + + + + + + + + + + + The URL to the LDAP server. + If the search scope is set to ONELEVEL only the entries + within this node will be searched, if SUBTREE is specified entries within this node and descendant + nodes will be searched. + + + + + + + The LDAP connection strategy. Acceptable values are ACTIVE_PASSIVE, ROUND_ROBIN and RANDOM. + Default value is ACTIVE_PASSIVE. + + + + + + + The base DN from which attribute search filtering occurs + + + + + + The DN for the principal connecting to the LDAP directory. + + + + + + The credential for the principal connecting to the LDAP directory. + + + + + + + The LDAP search scope. Acceptable values are OBJECT, ONELEVEL, SUBTREE. + Default value is SUBTREE. + + + + + + + The LDAP alias dereference behavior. Acceptable values are NEVER, SEARCHING, FINDING, ALWAYS. + Default value is NEVER. + + + + + + + A boolean flag indicating whether search referrals and search references should be followed. + Default value is false. + + + + + + + A boolean flag indicating whether startTLS should be used when connecting to the LDAP. + Default value is false. + + + + + + + The maximum amount of time to wait for startTLS responses. If this limit is + reached a timeout error is raised. Default value is 3 seconds. + Time is expressed in ISO8601 duration format. + + + + + + + The maximum amount of time to wait for search results. If this limit is + reached a timeout error is raised. Default value is 3 seconds. + Time is expressed in ISO8601 duration format. + + + + + + + The maximum amount of time to wait for connections to open. If this limit is + reached a timeout error is raised. Default value is 3 seconds. + Time is expressed in ISO8601 duration format. + + + + + + + The maximum amount of time to wait for operation responses. If this limit is + reached a timeout error is raised. Default value is 3 seconds. + Time is expressed in ISO8601 duration format. + + + + + + + A boolean flag indicating whether unexpectedly closed connections should automatically attempt to reconnect. + Default value is true. + + + + + + + The maximum amount of time to wait for a reconnect to occur. If this limit is + reached a timeout error is raised. Default value is 10 seconds. + Time is expressed in ISO8601 duration format. + + + + + + + The maximum number of results that may be returned from a query. + Default value is 1. + + + + + + + A boolean flag indicating whether a query returning no results should be considered an error. If + an error is raised and a failover dependency is defined for this connector the failover will + be invoked. + Default value is false. + + + + + + + A boolean flag indicating whether a query returning more than one result should be considered an error. If + an error is raised and a failover dependency is defined for this connector the failover will + be invoked. + Default value is false. + + + + + + + Whether to lowercase LDAP attribute names used as IDs for shibboleth attributes + + + + + + Name of the template engine defined within the application. + + + + + + Reference to a Spring bean providing the ExecutableSearchBuilder implementation to use. + + + + + + + Reference to a Spring bean providing the MappingStrategy implementation to use. + + + + + + + Reference to a Spring bean providing the Connection Factory implementation to use. + + + + + + + Reference to a Spring bean providing the Search Operation implementation to use. + + + + + + + Reference to a Spring bean providing the Validator implementation to use. + + + + + + + Path to a file with the X.509 trust information to use when connecting to the directory over LDAPS or startTLS + + + + + + + Whether to disable hostname/certificate checking during TLS. Defaults to false. + + + + + + + Path to a file with the X.509 trust client authentication certificate to use when connecting to the directory over LDAPS or startTLS + + + + + + + Path to a file with the X.509 trust client authentication key to use when connecting to the directory over LDAPS or startTLS + + + + + + + Password for the supplied authKey + + + + + + + Whether to fail if the LDAP server cannot be verified at startup (defaults to false). + + + + + + + + + + + A connector for pairwise ID production that directly leverages a PairwiseIdStore bean. + + + + + + + + + + + + + Bean name of the PairwiseIdStore to use. + + + + + + + The name of the attribute produced by this data connector. + + + + + + + + + + + A data connector definition that uses JDBC version 3 to connect to and pull information from a + relational database. + + + + + + + + + + + + A connection, or pool of connections, to the database managed by the application + container. + + + + + + + A connection, or pool of connections, to the database managed by the data connector. + + + + + + + A connection, or pool of connections, to the database configured in a Spring bean. + + + + + + + A template that will be used to create the SQL query thats pulls information from the + database. + + + + + + + + + + + Timeout for the queries made to the database. + Timeout is given in ISO8601 duration form. + + + + + + + A boolean flag indicating whether a query returning no results should be considered an error. If + an error is raised and a failover dependency is defined for this connector the failover will + be invoked. + Default value is false. + + + + + + + A boolean flag indicating whether a query returning more than one result should be considered an error. If + an error is raised and a failover dependency is defined for this connector the failover will + be invoked. + Default value is false. + + + + + + + Name of the template engine defined within the application. + + + + + + + Reference to a Spring bean providing the ExecutableSearchBuilder implementation to use. + + + + + + + Reference to a Spring bean providing the MappingStrategy implementation to use. + + + + + + + Reference to a Spring bean providing the Validator implementation to use. + + + + + + + Whether to fail if the DataConnector cannot be verified at startup (defaults to false). + + + + + + + + + + + A data connector definition that issues requests and parses responses using HTTP, typically + via a form of web service. REST and scripted handling of responses, typically in JSON, + is the primary use case. + + + + + + + + + + + + A template that will be used to create the absolute URL to request. + + + + + + + + + + + + + + A template that will be used to create a body to POST. + + + + + + + + + + + + + + + + A template that will be used to create a key to the caching of the results. + + + + + + Maps the response into attributes by means of scripting. + + + + + + + + + Reference to a Spring bean providing the HttpClient to use. + + + + + + + Reference to a Spring bean providing the HttpClientSecurityParameters to use. + + + + + + + Location of certificate to authenticate HTTP server + + + + + + + Location of CA to indirectly authenticate HTTP server + + + + + + + Location of private key to authenticate with via TLS + + + + + + + Location of client certificate to authenticate with via TLS + + + + + + + Name of the template engine defined within the application. + + + + + + + Maximum size of response body to accept. + + + + + + + A space-delimited list of HTTP status codes that should be treated as successful. + + + + + + + + + + A space-delimited list of MIME content types that should be accepted. + + + + + + + + + + Reference to a Spring bean providing a Map<String,String> of request headers to set. + + + + + + + Reference to a Spring bean providing the ExecutableSearchBuilder implementation to use. + + + + + + + Reference to a Spring bean providing the MappingStrategy implementation to use. + + + + + + + Reference to a Spring bean providing the Validator implementation to use. + + + + + + + Whether to fail if the HTTP server cannot be verified at startup (defaults to false). + No verification takes place currently. + + + + + + + + + + + A data connector that constructs attributes by means of a script supported by JSR-223. Populated + Attributes are added to the java.util.Collection "connectorResults". + + + + + + + + + + + The script to evaluate to construct the attribute. + + + + + + The filesystem path to the script to evaluate to construct the attribute. + + + + + + + + The JSR-233 name for the scripting language that will be used. By default "javascript" is + supported. + + + + + + + The name of a bean defined somewhere else which will be injected into the script as an + object called "custom". If not supplied, nothing is injected. + + + + + + + + + + + A data connector that gets its information from a static list of attributes and values specified within + this configuration. + + + + + + + + + Specifies an attribute, and its values, to be exposed by this connector. + + + + + + + + A value of the attribute. If the value contains characters that would + otherwise need to be XML encoded you may wrap the value in a CDATA section. + + + + + + + The ID of the attribute. + + + + + + + + + The name of a bean defined somewhere else which describes a List of IdPAttributes + + + + + + + + + + + A data connector definition that queries for a record via the IdP's StorageService API. + Simple and scripted handling of records, typically in JSON, is the primary use case. + + + + + + + + + + + + A template that will be used to create the context to query. + + + + + + + A template that will be used to create the key to query. + + + + + + + Maps the record into attributes by means of scripting. + Mutually exclusive with generatedAttributeID attribute. + + + + + + + + + + Reference to Spring bean of the StorageService to use. + + + + + + + Injected object into Context/Key template building process. + + + + + + + The name of the attribute produced by this data connector if simple + record mapping is used. Mutually exclusive with ResponseMapping element. + + + + + + + A boolean flag indicating whether a search returning no record should be considered an error. If + an error is raised and a failover dependency is defined for this connector the failover will + be invoked. + Default value is false. + + + + + + + Name of the template engine defined within the application. + + + + + + + Reference to a Spring bean providing the ExecutableSearchBuilder implementation to use. + + + + + + + Reference to a Spring bean providing the MappingStrategy implementation to use. + + + + + + + + + + + A connector that retrieves a pairwise ID from a database. + + + + + + + + + + + + + A connection, or pool of connections, to the database managed by the application + container. + + + + + + + A connection, or pool of connections, to the database configured in a Spring bean. + + + + + + + + Timeout for the queries made to the database. + Timeout is given in ISO8601 duration form. + + + + + + + Number of retries if insert fails (defaults to 3). + + + + + + + Overrides name of database table to use. + + + + + + + Whether to fail if the store cannot be verified at startup (defaults to false). + + + + + + + A space-delimited list of SQLState codes to treat as retryable (indicating + a duplicate insert error occurred). + + + + + + + + + + The name of the attribute produced by this data connector. + + + + + + + A salt, of at least 16 bytes, used in the computed ID. + + + + + + + A base64-encoded salt, of at least 16 bytes, used in the computed ID. + + + + + + + The JCE digest algorithm to use, defaults to SHA-1. + + + + + + + An encoding type to apply after the digest, defaults to BASE64 but should + be set to BASE32. + + + + + + + Spring bean reference to a map of overrides that alter salt or suppress generation + for particular users/services. + + + + + + + Spring bean reference to a BiFunction<ProfileRequestContext,PairwiseId> + to obtain the salt. + + + + + + + + + + + A data connector that constructs attributes by extracting all IdPAttributePrincipal objects + found within the Subject(s) associated with the requests. + + This is a streamlined approach to extracting them one by one with the SubjectDerivedAttribute + plugin provided encoding and other attribute metadata can be obtained from the system's + generalized transcoding facility. + + + + + + + + + + + A boolean flag indicating whether an absence of any results will cause an error. If an error + is raised and a failover dependency is defined for this connector the failover will be invoked. + Default value is false. + + + + + + + If true, the source Subject is assumed to be undergoing C14N rather than the + usual post-authentication source. Defaults to false. + + + + + + + + + + + A connector for extracting mapped/decoded metadata tags from a peer's metadata. + + + + + + + + Bean ID of a Function to locate the SAMLMetadataContext to operate on. + Default is to locate it under the inbound message context via SAMLPeerEntityContext. + + + + + + + + + + + + + The name of the database column. + + + + + The name of the attribute that data from this column should be added to. + + + + + + + + + + SASL configuration properties. + Common properties include javax.security.sasl.qop, javax.security.sasl.strength, javax.security.sasl.server.authentication. + + + + + + + + The SASL mechanism. Common values are EXTERNAL, DIGEST_MD5, CRAM_MD5, GSSAPI + + + + + + SASL authorization ID. + + + + + The SASL realm. + + + + + + + + + The minimum number of ldap connections that should always be available in the pool. + Note that these connections are provisioned as soon as the pool is initialized. + Default value is 0. + + + + + + + The maximum number of ldap connections that should ever be available in the pool. + Note that when this threshold is reach the pool will begin blocking until a connection + is available. + Default value is 3. + + + + + + + Amount of time to block while waiting for a connection from the pool. If no + wait time is given, callers will block indefinitely. + + Values are expressed in ISO8601 duration format. + + + + + + + Whether each ldap connection should be checked on a periodic basis. + Default value is false. + + + + + + + Time that the periodic pool validation process should repeat. + Ldap objects are pruned when they have been idle beyond the expiration time. + The pool is not pruned below the minimum pool size. + Default value is 30 minutes. + + Period is expressed in ISO8601 duration format. + + + + + + + Ldap compare DN to use for connection validation. + Used in conjunction with validateFilter to perform a compare. + Default value is empty. + + + + + + + Ldap compare filter to use for connection validation. + Used in conjunction with validateDN to perform a compare. + Default value is (objectClass=*). + + + + + + + Whether to validate connections when checking them out of the pool. + + + + + + + Duration between looking for idle connections to reduce the pool back + to its minimum size. + + + + + + + Time in that an object in the pool should be considered stale and ready for removal. + Time is expressed in ISO8601 duration format. + + + + + + + + + + Name of the CacheManager bean that will manage the result cache. This is not used. + + + + + + + Length of time a result will be cached after the last access. + Incompatible with expireAfterWrite. + + Duration is expressed in ISO8601 duration notation. + + + + + + + Length of time a result will be cached from the time + it is inserted into the cache. + Incompatible with expireAfterAccess. + + Duration is expressed in ISO8601 duration notation. + + + + + + + Maximum number of results that will be held in cache. + + + + + + + + + Describes a database connection source that is managed by the application container. + + + + + + + + The resource name the DataSource is bound to in the JNDI tree. + + + + + + + + The name of the property. + + + + + The value of the property, + + + + + + + + Describes a simple database connection source that is managed by the attribute resolver data connector. + Included to "get people going" only + + + + + + + + + This is the full qualified class name of the JDBC driver used to connect to the database. + + + + + + + The JDBC URL for the database. These are usually of the form + jdbc:databaseProduceName:databaseSpecificInformation. For example, jdbc:hsql:mem:MyDatabase + + + + + + The user name to use while connecting to the database. + + + + + The password to use while connecting to the database. + + + + + + + + Defines a SAML 1 string encoder for an attribute. + + + + + + The SAML 1 Namespace of the attribute. + + + + + + + + + Defines a SAML 1 Base64 encoder for an attribute. + + + + + + The SAML 1 Namespace of the attribute. + + + + + + + + + Defines a SAML 1 Base64 encoder for an attribute. + + + + + + The SAML 1 Namespace of the attribute. + + + + + + + + + Defines a SAML 2 string encoder for an attribute. + + + + + + The SAML 2 NameFormat of the attribute. + + + + + The SAML 2 FriendlyName of the attribute. + + + + + + + + + Defines a SAML 2 date/time encoder for an attribute. + + + + + + The SAML 2 NameFormat of the attribute. + + + + + The SAML 2 FriendlyName of the attribute. + + + + + + + + + Defines a SAML 2 Base64 encoder for an attribute. + + + + + + The SAML 2 NameFormat of the attribute. + + + + + The SAML 2 FriendlyName of the attribute. + + + + + + + + + Defines a SAML 2 Base64 encoder for an attribute. + + + + + + The SAML 2 NameFormat of the attribute. + + + + + The SAML 2 FriendlyName of the attribute. + + + + + + + + + Defines an encoder for a scoped attribute. + + + + + + + The type of scoping to use for the encoded attribute. Valid values are "inline" or + "attribute". + + + + + + + If scopeType is "inline", this is the delimeter used between the attribute value and + scope. + + + + + + + If scopeType is "attribute", this is the name of the name of the attribute used to carry the + scope value. + + + + + + + + + + Defines a SAML 1 string encoder for a scoped attribute. + + + + + + The SAML 1 Namespace of the attribute. + + + + + + + + + Defines a SAML 2 string encoder for a scoped attribute. + + + + + + The SAML 2 NameFormat of the attribute. + + + + + The SAML 2 FriendlyName of the attribute. + + + + + + + + + + + + A type for elements that allow for scripts to be declared inline or via a resource. + + + + + + The script to evaluate to construct the attribute. + + + + + + Path of a local resource containing the script to evaluate to construct the attribute. + + + + + + + + The JSR-233 name for the scripting language that will be used. + By default "javascript" is assumed. + + + + + + + The name of a bean defined somewhere else which will be injected into the script as an + object called "custom". If not supplied, nothing is injected. + + + + + + + + + + + + -- cgit v1.2.3