Added option to Simple Attribute Definition PlugIn to force values to lower case...
[java-idp.git] / src / schemas / sstc-saml-schema-metadata-2.0.xsd
1 <?xml version="1.0" encoding="UTF-8"?>
2 <schema
3     targetNamespace="urn:oasis:names:tc:SAML:2.0:metadata"
4     xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"
5     xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
6     xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
7     xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
8     xmlns="http://www.w3.org/2001/XMLSchema"
9     elementFormDefault="unqualified"
10     attributeFormDefault="unqualified"
11     blockDefault="substitution"
12     version="2.0">
13     <import namespace="http://www.w3.org/2000/09/xmldsig#"
14         schemaLocation="xmldsig-core-schema.xsd"/>
15     <import namespace="http://www.w3.org/2001/04/xmlenc#"
16         schemaLocation="xenc-schema.xsd"/>
17     <import namespace="urn:oasis:names:tc:SAML:2.0:assertion"
18         schemaLocation="sstc-saml-schema-assertion-2.0.xsd"/>
19     <import namespace="http://www.w3.org/XML/1998/namespace"
20         schemaLocation="xml.xsd"/>
21     <annotation>
22         <documentation>
23             Document identifier: sstc-saml-schema-metadata-2.0
24             Location: http://www.oasis-open.org/committees/documents.php?wg_abbrev=security
25             Revision history:
26             V2.0 (August, 2004):
27               Schema for SAML metadata, first published in SAML 2.0.
28         </documentation>
29     </annotation>
30
31     <simpleType name="entityIDType">
32         <restriction base="anyURI">
33             <maxLength value="1024"/>
34         </restriction>
35     </simpleType>
36     <complexType name="localizedNameType">
37         <simpleContent>
38             <extension base="string">
39                 <attribute ref="xml:lang" use="required"/>
40             </extension>
41         </simpleContent>
42     </complexType>
43     <complexType name="localizedURIType">
44         <simpleContent>
45             <extension base="anyURI">
46                 <attribute ref="xml:lang" use="required"/>
47             </extension>
48         </simpleContent>
49     </complexType>
50     
51     <element name="Extensions" type="md:ExtensionsType"/>
52     <complexType final="#all" name="ExtensionsType">
53         <sequence>
54             <any namespace="##other" processContents="lax" maxOccurs="unbounded"/>
55         </sequence>
56     </complexType>
57     
58     <complexType name="EndpointType">
59         <sequence>
60             <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
61         </sequence>
62         <attribute name="Binding" type="anyURI" use="required"/>
63         <attribute name="Location" type="anyURI" use="required"/>
64         <attribute name="ResponseLocation" type="anyURI" use="optional"/>
65         <anyAttribute namespace="##other" processContents="lax"/>
66     </complexType>
67     
68     <complexType name="IndexedEndpointType">
69         <complexContent>
70             <extension base="md:EndpointType">
71                 <attribute name="index" type="unsignedShort" use="required"/>
72                 <attribute name="isDefault" type="boolean" use="optional"/>
73             </extension>
74         </complexContent>
75     </complexType>
76     
77     <element name="EntitiesDescriptor" type="md:EntitiesDescriptorType"/>
78     <complexType name="EntitiesDescriptorType">
79         <sequence>
80             <element ref="ds:Signature" minOccurs="0"/>
81             <element ref="md:Extensions" minOccurs="0"/>
82             <choice minOccurs="1" maxOccurs="unbounded">
83                 <element ref="md:EntityDescriptor"/>
84                 <element ref="md:EntitiesDescriptor"/>
85             </choice>
86         </sequence>
87         <attribute name="validUntil" type="dateTime" use="optional"/>
88         <attribute name="cacheDuration" type="duration" use="optional"/>
89         <attribute name="ID" type="ID" use="optional"/>
90         <attribute name="Name" type="string" use="optional"/>
91     </complexType>
92
93     <element name="EntityDescriptor" type="md:EntityDescriptorType"/>
94     <complexType name="EntityDescriptorType">
95         <sequence>
96             <element ref="ds:Signature" minOccurs="0"/>
97             <element ref="md:Extensions" minOccurs="0"/>
98             <choice>
99                 <choice maxOccurs="unbounded">
100                     <element ref="md:RoleDescriptor"/>
101                     <element ref="md:IDPSSODescriptor"/>
102                     <element ref="md:SPSSODescriptor"/>
103                     <element ref="md:AuthnAuthorityDescriptor"/>
104                     <element ref="md:AttributeAuthorityDescriptor"/>
105                     <element ref="md:AttributeConsumerDescriptor"/>
106                     <element ref="md:PDPDescriptor"/>
107                     <any namespace="##other" processContents="lax"/>
108                 </choice>
109                 <element ref="md:AffiliationDescriptor"/>
110             </choice>
111             <element ref="md:Organization" minOccurs="0"/>
112             <element ref="md:ContactPerson" minOccurs="0" maxOccurs="unbounded"/>
113             <element ref="md:AdditionalMetadataLocation" minOccurs="0" maxOccurs="unbounded"/>
114         </sequence>
115         <attribute name="entityID" type="md:entityIDType" use="required"/>
116         <attribute name="validUntil" type="dateTime" use="optional"/>
117         <attribute name="cacheDuration" type="duration" use="optional"/>
118         <attribute name="ID" type="ID" use="optional"/>
119         <anyAttribute namespace="##other" processContents="lax"/>
120     </complexType>
121     
122     <element name="Organization" type="md:OrganizationType"/>
123     <complexType name="OrganizationType">
124         <sequence>
125             <element ref="md:Extensions" minOccurs="0"/>
126             <element ref="md:OrganizationName" maxOccurs="unbounded"/>
127             <element ref="md:OrganizationDisplayName" maxOccurs="unbounded"/>
128             <element ref="md:OrganizationURL" maxOccurs="unbounded"/>
129         </sequence>
130         <anyAttribute namespace="##other" processContents="lax"/>
131     </complexType>
132     <element name="OrganizationName" type="md:localizedNameType"/>
133     <element name="OrganizationDisplayName" type="md:localizedNameType"/>
134     <element name="OrganizationURL" type="md:localizedURIType"/>
135     <element name="ContactPerson" type="md:ContactType"/>
136     <complexType name="ContactType">
137         <sequence>
138             <element ref="md:Extensions" minOccurs="0"/>
139             <element ref="md:Company" minOccurs="0"/>
140             <element ref="md:GivenName" minOccurs="0"/>
141             <element ref="md:SurName" minOccurs="0"/>
142             <element ref="md:EmailAddress" minOccurs="0" maxOccurs="unbounded"/>
143             <element ref="md:TelephoneNumber" minOccurs="0" maxOccurs="unbounded"/>
144         </sequence>
145         <attribute name="contactType" type="md:ContactTypeType" use="required"/>
146         <anyAttribute namespace="##other" processContents="lax"/>
147     </complexType>
148     <element name="Company" type="string"/>
149     <element name="GivenName" type="string"/>
150     <element name="SurName" type="string"/>
151     <element name="EmailAddress" type="anyURI"/>
152     <element name="TelephoneNumber" type="string"/>
153     <simpleType name="ContactTypeType">
154         <restriction base="string">
155             <enumeration value="technical"/>
156             <enumeration value="support"/>
157             <enumeration value="administrative"/>
158             <enumeration value="billing"/>
159             <enumeration value="other"/>
160         </restriction>
161     </simpleType>
162
163     <element name="AdditionalMetadataLocation" type="md:AdditionalMetadataLocationType"/>
164     <complexType name="AdditionalMetadataLocationType">
165         <simpleContent>
166             <extension base="anyURI">
167                 <attribute name="namespace" type="anyURI" use="required"/>
168             </extension>
169         </simpleContent>
170     </complexType>
171
172     <element name="RoleDescriptor" type="md:RoleDescriptorType"/>
173     <complexType name="RoleDescriptorType" abstract="true">
174         <sequence>
175             <element ref="ds:Signature" minOccurs="0"/>
176             <element ref="md:Extensions" minOccurs="0"/>
177             <element ref="md:KeyDescriptor" minOccurs="0" maxOccurs="unbounded"/>
178             <element ref="md:Organization" minOccurs="0"/>
179             <element ref="md:ContactPerson" minOccurs="0" maxOccurs="unbounded"/>
180         </sequence>
181         <attribute name="ID" type="ID" use="optional"/>
182         <attribute name="validUntil" type="dateTime" use="optional"/>
183         <attribute name="cacheDuration" type="duration" use="optional"/>
184         <attribute name="protocolSupportEnumeration" type="NMTOKENS" use="required"/>
185         <attribute name="errorURL" type="anyURI" use="optional"/>
186         <anyAttribute namespace="##other" processContents="lax"/>
187     </complexType>
188     <element name="KeyDescriptor" type="md:KeyDescriptorType"/>
189     <complexType name="KeyDescriptorType">
190         <sequence>
191             <element ref="ds:KeyInfo"/>
192             <element ref="md:EncryptionMethod" minOccurs="0" maxOccurs="unbounded"/>
193         </sequence>
194         <attribute name="use" type="md:KeyTypes" use="optional"/>
195     </complexType>
196     <simpleType name="KeyTypes">
197         <restriction base="string">
198             <enumeration value="encryption"/>
199             <enumeration value="signing"/>
200         </restriction>
201     </simpleType>
202     <element name="EncryptionMethod" type="xenc:EncryptionMethodType"/>
203     
204     <complexType name="SSODescriptorType" abstract="true">
205         <complexContent>
206             <extension base="md:RoleDescriptorType">
207                 <sequence>
208                     <element ref="md:ArtifactResolutionService" minOccurs="0" maxOccurs="unbounded"/>
209                     <element ref="md:SingleLogoutService" minOccurs="0" maxOccurs="unbounded"/>
210                     <element ref="md:ManageNameIDService" minOccurs="0" maxOccurs="unbounded"/>
211                     <element ref="md:NameIDFormat" minOccurs="0" maxOccurs="unbounded"/>
212                 </sequence>
213             </extension>
214         </complexContent>
215     </complexType>
216     <element name="ArtifactResolutionService" type="md:IndexedEndpointType"/>
217     <element name="SingleLogoutService" type="md:EndpointType"/>
218     <element name="ManageNameIDService" type="md:EndpointType"/>
219     <element name="NameIDFormat" type="anyURI"/>
220
221     <element name="IDPSSODescriptor" type="md:IDPSSODescriptorType"/>
222     <complexType name="IDPSSODescriptorType">
223         <complexContent>
224             <extension base="md:SSODescriptorType">
225                 <sequence>
226                     <element ref="md:SingleSignOnService" maxOccurs="unbounded"/>
227                     <element ref="md:NameIDMappingService" minOccurs="0" maxOccurs="unbounded"/>
228                 </sequence>
229                 <attribute name="WantAuthnRequestsSigned" type="boolean" use="optional"/>
230             </extension>
231         </complexContent>
232     </complexType>
233     <element name="SingleSignOnService" type="md:EndpointType"/>
234     <element name="NameIDMappingService" type="md:EndpointType"/>
235     
236     <element name="SPSSODescriptor" type="md:SPSSODescriptorType"/>
237     <complexType name="SPSSODescriptorType">
238         <complexContent>
239             <extension base="md:SSODescriptorType">
240                 <sequence>
241                     <element ref="md:AssertionConsumerService" maxOccurs="unbounded"/>
242                 </sequence>
243                 <attribute name="AuthnRequestsSigned" type="boolean" use="optional"/>
244                 <attribute name="WantAssertionsSigned" type="boolean" use="optional"/>
245             </extension>
246         </complexContent>
247     </complexType>
248     <element name="AssertionConsumerService" type="md:IndexedEndpointType"/>
249   
250     <element name="AuthnAuthorityDescriptor" type="md:AuthnAuthorityDescriptorType"/>
251     <complexType name="AuthnAuthorityDescriptorType">
252         <complexContent>
253             <extension base="md:RoleDescriptorType">
254                 <sequence>
255                     <element ref="md:AuthnQueryService" maxOccurs="unbounded"/>
256                     <element ref="md:AssertionIDRequestService" minOccurs="0" maxOccurs="unbounded"/>
257                     <element ref="md:NameIDFormat" minOccurs="0" maxOccurs="unbounded"/>
258                 </sequence>
259             </extension>
260         </complexContent>
261     </complexType>
262     <element name="AuthnQueryService" type="md:EndpointType"/>
263     <element name="AssertionIDRequestService" type="md:EndpointType"/>
264
265     <element name="PDPDescriptor" type="md:PDPDescriptorType"/>
266     <complexType name="PDPDescriptorType">
267         <complexContent>
268             <extension base="md:RoleDescriptorType">
269                 <sequence>
270                     <element ref="md:AuthzService" maxOccurs="unbounded"/>
271                     <element ref="md:AssertionIDRequestService" minOccurs="0" maxOccurs="unbounded"/>
272                     <element ref="md:NameIDFormat" minOccurs="0" maxOccurs="unbounded"/>
273                 </sequence>
274             </extension>
275         </complexContent>
276     </complexType>
277     <element name="AuthzService" type="md:EndpointType"/>
278
279     <element name="AttributeAuthorityDescriptor" type="md:AttributeAuthorityDescriptorType"/>
280     <complexType name="AttributeAuthorityDescriptorType">
281         <complexContent>
282             <extension base="md:RoleDescriptorType">
283                 <sequence>
284                     <element ref="md:AttributeService" maxOccurs="unbounded"/>
285                     <element ref="md:AssertionIDRequestService" minOccurs="0" maxOccurs="unbounded"/>
286                     <element ref="saml:Attribute" minOccurs="0" maxOccurs="unbounded"/>
287                     <element ref="md:NameIDFormat" minOccurs="0" maxOccurs="unbounded"/>
288                     <element ref="md:AttributeProfile" minOccurs="0" maxOccurs="unbounded"/>
289                 </sequence>
290             </extension>
291         </complexContent>
292     </complexType>
293     <element name="AttributeService" type="md:EndpointType"/>
294     <element name="AttributeProfile" type="anyURI"/>
295
296     <element name="AttributeConsumerDescriptor" type="md:AttributeConsumerDescriptorType"/>
297     <complexType name="AttributeConsumerDescriptorType">
298         <complexContent>
299             <extension base="md:RoleDescriptorType">
300                 <sequence>
301                     <element ref="md:AttributeConsumingService" maxOccurs="unbounded"/>
302                 </sequence>
303             </extension>
304         </complexContent>
305     </complexType>
306     <element name="AttributeConsumingService" type="md:AttributeConsumingServiceType"/>
307     <complexType name="AttributeConsumingServiceType">
308         <sequence>
309             <element ref="md:ServiceName" maxOccurs="unbounded"/>
310             <element ref="md:ServiceDescription" minOccurs="0" maxOccurs="unbounded"/>
311             <element ref="md:RequestedAttribute" maxOccurs="unbounded"/>
312         </sequence>
313         <attribute name="index" type="unsignedShort" use="required"/>
314         <attribute name="isDefault" type="boolean" use="optional"/>
315         <attribute name="WantAssertionsSigned" type="boolean" use="optional"/>
316     </complexType>
317     <element name="ServiceName" type="md:localizedNameType"/>
318     <element name="ServiceDescription" type="md:localizedNameType"/>
319     <element name="RequestedAttribute" type="md:RequestedAttributeType"/>
320     <complexType name="RequestedAttributeType">
321         <complexContent>
322             <extension base="saml:AttributeType">
323                 <attribute name="isRequired" type="boolean" use="optional"/>
324             </extension>
325         </complexContent>
326     </complexType>
327     
328     <element name="AffiliationDescriptor" type="md:AffiliationDescriptorType"/>
329     <complexType name="AffiliationDescriptorType">
330         <sequence>
331             <element ref="ds:Signature" minOccurs="0"/>
332             <element ref="md:Extensions" minOccurs="0"/>
333             <element ref="md:AffiliateMember" maxOccurs="unbounded"/>
334             <element ref="md:KeyDescriptor" minOccurs="0" maxOccurs="unbounded"/>
335         </sequence>
336         <attribute name="affiliationOwnerID" type="md:entityIDType" use="required"/>
337         <attribute name="validUntil" type="dateTime" use="optional"/>
338         <attribute name="cacheDuration" type="duration" use="optional"/>
339         <attribute name="ID" type="ID" use="optional"/>
340         <anyAttribute namespace="##other" processContents="lax"/>
341     </complexType>
342     <element name="AffiliateMember" type="md:entityIDType"/>
343 </schema>