XMarks implements mutual authentication of the client and server through the use of certificates. To perform peer validation your web server must be set up so that the directory that contains the xmarks API is set to require the client to present its certificate.


Here are some example settings for Apache 2.xx

SSLVerifyClient none

SSLVerifyClient require
SSLVerifyDepth 5
SSLCACertificateFile /System/Library/OpenSSL/certs/yourCertCA.pem
SSLCACertificatePath /System/Library/OpenSSL/certs
SSLOptions +FakeBasicAuth
SSLRequireSSL
SSLRequire %{SSL_CLIENT_S_DN_O} eq "My University" \
and %{SSL_CLIENT_S_DN_CN} eq "server1.example.co.uk"


Or For multiple servers

...
and %{SSL_CLIENT_S_DN_CN} in {"server1.example.co.uk", "server2.example.co.uk", "server3.example.co.uk"}

In order to pass assessment and marks information around, the XMarks project has defined a lightweight information model which is expressed using XML Schema. The XSDs for XMarks have been given the namespace:

http://www.sussex.ac.uk/its/xmarks/XSDSchemas

and we have made the XSD files available there.

The overall schema is called xmData and it includes four XMarks schemas:

• xm_id_schema.xsd - defines how the identifiers are passed around the system
• xm_assessment_schema.xsd - defines how information about assessments is represented
• xm_mark_schema.xsd - defines how information about marks are represented
• xm_error_schema.xsd - defines how errors are represented and made available to calling code

These schemas are documented here, with a diagram for each of the schemas:


http://www.sussex.ac.uk/its/xmarks/XSDDocHtml/index.html

(To view the documentation at its most useful, make sure you use the "Expand All" option for the Schema Component Representation).

We have also produced a diagrammatic representation of the entire XMarks schema:




click here to view the entire schema (this opens in another window). It's a large, detailed diagram, and it may be easier to view the diagrams for each individual schema in the documentation above.