Official schemas.
authorcantor <cantor@ab3bd59b-922f-494d-bb5f-6f0a3c29deca>
Thu, 3 Mar 2005 00:11:35 +0000 (00:11 +0000)
committercantor <cantor@ab3bd59b-922f-494d-bb5f-6f0a3c29deca>
Thu, 3 Mar 2005 00:11:35 +0000 (00:11 +0000)
git-svn-id: https://subversion.switch.ch/svn/shibboleth/java-idp/trunk@1265 ab3bd59b-922f-494d-bb5f-6f0a3c29deca

src/schemas/sstc-saml-schema-assertion-2.0.xsd
src/schemas/sstc-saml-schema-metadata-2.0.xsd

index 58c6a23..f00a761 100644 (file)
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="UTF-8"?>
+<?xml version="1.0" encoding="US-ASCII"?>
 <schema
     targetNamespace="urn:oasis:names:tc:SAML:2.0:assertion"
     xmlns="http://www.w3.org/2001/XMLSchema"
@@ -10,9 +10,9 @@
     blockDefault="substitution"
     version="2.0">
     <import namespace="http://www.w3.org/2000/09/xmldsig#"
-        schemaLocation="xmldsig-core-schema.xsd"/>
+        schemaLocation="http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd"/>
     <import namespace="http://www.w3.org/2001/04/xmlenc#"
-        schemaLocation="xenc-schema.xsd"/>
+        schemaLocation="http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/xenc-schema.xsd"/>
     <annotation>
         <documentation>
             Document identifier: sstc-saml-schema-assertion-2.0
               Initial Standard Schema.
             V1.1 (September, 2003):
               Updates within the same V1.0 namespace.
-            V2.0 (August, 2004):
-              New assertion schema based in a SAML V2.0 namespace.
+            V2.0 CD-04 (January, 2005):
+              New assertion schema for SAML V2.0 namespace.
         </documentation>
     </annotation>
-    <group name="EncryptedType">
-        <sequence>
-            <element ref="xenc:EncryptedData"/>
-            <element ref="xenc:EncryptedKey" minOccurs="0" maxOccurs="unbounded"/>
-        </sequence>
-    </group>
+    <attributeGroup name="IDNameQualifiers">
+        <attribute name="NameQualifier" type="string" use="optional"/>
+        <attribute name="SPNameQualifier" type="string" use="optional"/>
+    </attributeGroup>
     <element name="BaseID" type="saml:BaseIDAbstractType"/>
-    <complexType name="BaseIDAbstractType" abstract="true" mixed="true">
-        <complexContent>
-            <extension base="anyType">
-                <attribute name="NameQualifier" type="string" use="optional"/>
-                <attribute name="SPNameQualifier" type="string" use="optional"/>
-            </extension>
-        </complexContent>
+    <complexType name="BaseIDAbstractType" abstract="true">
+        <attributeGroup ref="saml:IDNameQualifiers"/>
     </complexType>
     <element name="NameID" type="saml:NameIDType"/>
-    <complexType name="NameIDType" mixed="false">
+    <complexType name="NameIDType">
         <simpleContent>
-            <restriction base="saml:BaseIDAbstractType">
-                <simpleType>
-                    <restriction base="string"/>
-                </simpleType>
+            <extension base="string">
+                <attributeGroup ref="saml:IDNameQualifiers"/>
                 <attribute name="Format" type="anyURI" use="optional"/>
                 <attribute name="SPProvidedID" type="string" use="optional"/>
-            </restriction>
+            </extension>
         </simpleContent>
     </complexType>
-    <element name="EncryptedID" type="saml:EncryptedIDType"/>
-    <complexType name="EncryptedIDType" mixed="false">
-        <complexContent>
-            <restriction base="saml:BaseIDAbstractType">
-                <group ref="saml:EncryptedType"/>
-            </restriction>
-        </complexContent>
+    <complexType name="EncryptedElementType">
+        <sequence>
+            <element ref="xenc:EncryptedData"/>
+            <element ref="xenc:EncryptedKey" minOccurs="0" maxOccurs="unbounded"/>
+        </sequence>
     </complexType>
+    <element name="EncryptedID" type="saml:EncryptedElementType"/>
     <element name="Issuer" type="saml:NameIDType"/>
     <element name="AssertionIDRef" type="NCName"/>
     <element name="AssertionURIRef" type="anyURI"/>
     <element name="SubjectConfirmation" type="saml:SubjectConfirmationType"/>
     <complexType name="SubjectConfirmationType">
         <sequence>
+            <choice minOccurs="0">
+                <element ref="saml:BaseID"/>
+                <element ref="saml:NameID"/>
+                <element ref="saml:EncryptedID"/>
+            </choice>
             <element ref="saml:SubjectConfirmationData" minOccurs="0"/>
         </sequence>
         <attribute name="Method" type="anyURI" use="required"/>
     <element name="SubjectConfirmationData" type="saml:SubjectConfirmationDataType"/>
     <complexType name="SubjectConfirmationDataType" mixed="true">
         <complexContent>
-            <extension base="anyType">
+            <restriction base="anyType">
+                <sequence>
+                    <any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
+                </sequence>
                 <attribute name="NotBefore" type="dateTime" use="optional"/>
                 <attribute name="NotOnOrAfter" type="dateTime" use="optional"/>
                 <attribute name="Recipient" type="anyURI" use="optional"/>
                 <attribute name="InResponseTo" type="NCName" use="optional"/>
                 <attribute name="Address" type="string" use="optional"/>
-            </extension>
+                <anyAttribute namespace="##other" processContents="lax"/>
+            </restriction>
         </complexContent>
     </complexType>
     <complexType name="KeyInfoConfirmationDataType" mixed="false">
             <any namespace="##other" processContents="lax"/>
         </choice>
     </complexType>
-    <element name="EncryptedAssertion" type="saml:EncryptedAssertionType"/>
-    <complexType name="EncryptedAssertionType">
-        <group ref="saml:EncryptedType"/>
-    </complexType>
+    <element name="EncryptedAssertion" type="saml:EncryptedElementType"/>
     <element name="Statement" type="saml:StatementAbstractType"/>
     <complexType name="StatementAbstractType" abstract="true"/>
     <element name="AuthnStatement" type="saml:AuthnStatementType"/>
         <attribute name="FriendlyName" type="string" use="optional"/>
         <anyAttribute namespace="##other" processContents="lax"/>
     </complexType>
-    <element name="AttributeValue" type="anyType"/>
-    <element name="EncryptedAttribute" type="saml:EncryptedAttributeType"/>
-    <complexType name="EncryptedAttributeType">
-        <group ref="saml:EncryptedType"/>
-    </complexType>
+    <element name="AttributeValue" type="anyType" nillable="true"/>
+    <element name="EncryptedAttribute" type="saml:EncryptedElementType"/>
 </schema>
index 495b38b..29ecf96 100644 (file)
     blockDefault="substitution"
     version="2.0">
     <import namespace="http://www.w3.org/2000/09/xmldsig#"
-        schemaLocation="xmldsig-core-schema.xsd"/>
+        schemaLocation="http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd"/>
     <import namespace="http://www.w3.org/2001/04/xmlenc#"
-        schemaLocation="xenc-schema.xsd"/>
+        schemaLocation="http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/xenc-schema.xsd"/>
     <import namespace="urn:oasis:names:tc:SAML:2.0:assertion"
         schemaLocation="sstc-saml-schema-assertion-2.0.xsd"/>
     <import namespace="http://www.w3.org/XML/1998/namespace"
-        schemaLocation="xml.xsd"/>
+        schemaLocation="http://www.w3.org/2001/xml.xsd"/>
     <annotation>
         <documentation>
             Document identifier: sstc-saml-schema-metadata-2.0
             Location: http://www.oasis-open.org/committees/documents.php?wg_abbrev=security
             Revision history:
-            V2.0 (August, 2004):
-              Schema for SAML metadata, first published in SAML 2.0.
+              V2.0 CD-04 (January, 2005):
+                Schema for SAML metadata, first published in SAML 2.0.
         </documentation>
     </annotation>
 
                     <element ref="md:SPSSODescriptor"/>
                     <element ref="md:AuthnAuthorityDescriptor"/>
                     <element ref="md:AttributeAuthorityDescriptor"/>
-                    <element ref="md:AttributeConsumerDescriptor"/>
                     <element ref="md:PDPDescriptor"/>
-                    <any namespace="##other" processContents="lax"/>
                 </choice>
                 <element ref="md:AffiliationDescriptor"/>
             </choice>
         <attribute name="ID" type="ID" use="optional"/>
         <attribute name="validUntil" type="dateTime" use="optional"/>
         <attribute name="cacheDuration" type="duration" use="optional"/>
-        <attribute name="protocolSupportEnumeration" type="NMTOKENS" use="required"/>
+        <attribute name="protocolSupportEnumeration" type="md:anyURIListType" use="required"/>
         <attribute name="errorURL" type="anyURI" use="optional"/>
         <anyAttribute namespace="##other" processContents="lax"/>
     </complexType>
+    <simpleType name="anyURIListType">
+        <list itemType="anyURI"/>
+    </simpleType>
+
     <element name="KeyDescriptor" type="md:KeyDescriptorType"/>
     <complexType name="KeyDescriptorType">
         <sequence>
                 <sequence>
                     <element ref="md:SingleSignOnService" maxOccurs="unbounded"/>
                     <element ref="md:NameIDMappingService" minOccurs="0" maxOccurs="unbounded"/>
+                    <element ref="md:AssertionIDRequestService" minOccurs="0" maxOccurs="unbounded"/>
+                    <element ref="md:AttributeProfile" minOccurs="0" maxOccurs="unbounded"/>
+                    <element ref="saml:Attribute" minOccurs="0" maxOccurs="unbounded"/>
                 </sequence>
                 <attribute name="WantAuthnRequestsSigned" type="boolean" use="optional"/>
             </extension>
     </complexType>
     <element name="SingleSignOnService" type="md:EndpointType"/>
     <element name="NameIDMappingService" type="md:EndpointType"/>
+    <element name="AssertionIDRequestService" type="md:EndpointType"/>
+    <element name="AttributeProfile" type="anyURI"/>
     
     <element name="SPSSODescriptor" type="md:SPSSODescriptorType"/>
     <complexType name="SPSSODescriptorType">
             <extension base="md:SSODescriptorType">
                 <sequence>
                     <element ref="md:AssertionConsumerService" maxOccurs="unbounded"/>
+                    <element ref="md:AttributeConsumingService" minOccurs="0" maxOccurs="unbounded"/>
                 </sequence>
                 <attribute name="AuthnRequestsSigned" type="boolean" use="optional"/>
                 <attribute name="WantAssertionsSigned" type="boolean" use="optional"/>
         </complexContent>
     </complexType>
     <element name="AssertionConsumerService" type="md:IndexedEndpointType"/>
+    <element name="AttributeConsumingService" type="md:AttributeConsumingServiceType"/>
+    <complexType name="AttributeConsumingServiceType">
+        <sequence>
+            <element ref="md:ServiceName" maxOccurs="unbounded"/>
+            <element ref="md:ServiceDescription" minOccurs="0" maxOccurs="unbounded"/>
+            <element ref="md:RequestedAttribute" maxOccurs="unbounded"/>
+        </sequence>
+        <attribute name="index" type="unsignedShort" use="required"/>
+        <attribute name="isDefault" type="boolean" use="optional"/>
+    </complexType>
+    <element name="ServiceName" type="md:localizedNameType"/>
+    <element name="ServiceDescription" type="md:localizedNameType"/>
+    <element name="RequestedAttribute" type="md:RequestedAttributeType"/>
+    <complexType name="RequestedAttributeType">
+        <complexContent>
+            <extension base="saml:AttributeType">
+                <attribute name="isRequired" type="boolean" use="optional"/>
+            </extension>
+        </complexContent>
+    </complexType>
   
     <element name="AuthnAuthorityDescriptor" type="md:AuthnAuthorityDescriptorType"/>
     <complexType name="AuthnAuthorityDescriptorType">
         </complexContent>
     </complexType>
     <element name="AuthnQueryService" type="md:EndpointType"/>
-    <element name="AssertionIDRequestService" type="md:EndpointType"/>
 
     <element name="PDPDescriptor" type="md:PDPDescriptorType"/>
     <complexType name="PDPDescriptorType">
                 <sequence>
                     <element ref="md:AttributeService" maxOccurs="unbounded"/>
                     <element ref="md:AssertionIDRequestService" minOccurs="0" maxOccurs="unbounded"/>
-                    <element ref="saml:Attribute" minOccurs="0" maxOccurs="unbounded"/>
                     <element ref="md:NameIDFormat" minOccurs="0" maxOccurs="unbounded"/>
                     <element ref="md:AttributeProfile" minOccurs="0" maxOccurs="unbounded"/>
+                    <element ref="saml:Attribute" minOccurs="0" maxOccurs="unbounded"/>
                 </sequence>
             </extension>
         </complexContent>
     </complexType>
     <element name="AttributeService" type="md:EndpointType"/>
-    <element name="AttributeProfile" type="anyURI"/>
-
-    <element name="AttributeConsumerDescriptor" type="md:AttributeConsumerDescriptorType"/>
-    <complexType name="AttributeConsumerDescriptorType">
-        <complexContent>
-            <extension base="md:RoleDescriptorType">
-                <sequence>
-                    <element ref="md:AttributeConsumingService" maxOccurs="unbounded"/>
-                </sequence>
-            </extension>
-        </complexContent>
-    </complexType>
-    <element name="AttributeConsumingService" type="md:AttributeConsumingServiceType"/>
-    <complexType name="AttributeConsumingServiceType">
-        <sequence>
-            <element ref="md:ServiceName" maxOccurs="unbounded"/>
-            <element ref="md:ServiceDescription" minOccurs="0" maxOccurs="unbounded"/>
-            <element ref="md:RequestedAttribute" maxOccurs="unbounded"/>
-        </sequence>
-        <attribute name="index" type="unsignedShort" use="required"/>
-        <attribute name="isDefault" type="boolean" use="optional"/>
-        <attribute name="WantAssertionsSigned" type="boolean" use="optional"/>
-    </complexType>
-    <element name="ServiceName" type="md:localizedNameType"/>
-    <element name="ServiceDescription" type="md:localizedNameType"/>
-    <element name="RequestedAttribute" type="md:RequestedAttributeType"/>
-    <complexType name="RequestedAttributeType">
-        <complexContent>
-            <extension base="saml:AttributeType">
-                <attribute name="isRequired" type="boolean" use="optional"/>
-            </extension>
-        </complexContent>
-    </complexType>
-    
+   
     <element name="AffiliationDescriptor" type="md:AffiliationDescriptorType"/>
     <complexType name="AffiliationDescriptorType">
         <sequence>