commit | author | age
|
74023a
|
1 |
<?xml version="1.0" encoding="UTF-8"?> |
EH |
2 |
<schema targetNamespace="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns="http://www.w3.org/2001/XMLSchema" elementFormDefault="unqualified" attributeFormDefault="unqualified" version="1.1"> |
|
3 |
<import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/> |
|
4 |
<annotation> |
|
5 |
<documentation> |
|
6 |
Document identifier: oasis-sstc-saml-schema-assertion-1.1 |
|
7 |
Location: http://www.oasis-open.org/committees/documents.php?wg_abbrev=security |
|
8 |
Revision history: |
|
9 |
V1.0 (November, 2002): |
|
10 |
Initial standard schema. |
|
11 |
V1.1 (September, 2003): |
|
12 |
* Note that V1.1 of this schema has the same XML namespace as V1.0. |
|
13 |
Rebased ID content directly on XML Schema types |
|
14 |
Added DoNotCacheCondition element and DoNotCacheConditionType |
|
15 |
</documentation> |
|
16 |
</annotation> |
|
17 |
<simpleType name="DecisionType"> |
|
18 |
<restriction base="string"> |
|
19 |
<enumeration value="Permit"/> |
|
20 |
<enumeration value="Deny"/> |
|
21 |
<enumeration value="Indeterminate"/> |
|
22 |
</restriction> |
|
23 |
</simpleType> |
|
24 |
<element name="AssertionIDReference" type="NCName"/> |
|
25 |
<element name="Assertion" type="saml:AssertionType"/> |
|
26 |
<complexType name="AssertionType"> |
|
27 |
<sequence> |
|
28 |
<element ref="saml:Conditions" minOccurs="0"/> |
|
29 |
<element ref="saml:Advice" minOccurs="0"/> |
|
30 |
<choice maxOccurs="unbounded"> |
|
31 |
<element ref="saml:Statement"/> |
|
32 |
<element ref="saml:SubjectStatement"/> |
|
33 |
<element ref="saml:AuthenticationStatement"/> |
|
34 |
<element ref="saml:AuthorizationDecisionStatement"/> |
|
35 |
<element ref="saml:AttributeStatement"/> |
|
36 |
</choice> |
|
37 |
<element ref="ds:Signature" minOccurs="0"/> |
|
38 |
</sequence> |
|
39 |
<attribute name="MajorVersion" type="integer" use="required"/> |
|
40 |
<attribute name="MinorVersion" type="integer" use="required"/> |
|
41 |
<attribute name="AssertionID" type="ID" use="required"/> |
|
42 |
<attribute name="Issuer" type="string" use="required"/> |
|
43 |
<attribute name="IssueInstant" type="dateTime" use="required"/> |
|
44 |
</complexType> |
|
45 |
<element name="Conditions" type="saml:ConditionsType"/> |
|
46 |
<complexType name="ConditionsType"> |
|
47 |
<choice minOccurs="0" maxOccurs="unbounded"> |
|
48 |
<element ref="saml:AudienceRestrictionCondition"/> |
|
49 |
<element ref="saml:DoNotCacheCondition"/> |
|
50 |
<element ref="saml:Condition"/> |
|
51 |
</choice> |
|
52 |
<attribute name="NotBefore" type="dateTime" use="optional"/> |
|
53 |
<attribute name="NotOnOrAfter" type="dateTime" use="optional"/> |
|
54 |
</complexType> |
|
55 |
<element name="Condition" type="saml:ConditionAbstractType"/> |
|
56 |
<complexType name="ConditionAbstractType" abstract="true"/> |
|
57 |
<element name="AudienceRestrictionCondition" type="saml:AudienceRestrictionConditionType"/> |
|
58 |
<complexType name="AudienceRestrictionConditionType"> |
|
59 |
<complexContent> |
|
60 |
<extension base="saml:ConditionAbstractType"> |
|
61 |
<sequence> |
|
62 |
<element ref="saml:Audience" maxOccurs="unbounded"/> |
|
63 |
</sequence> |
|
64 |
</extension> |
|
65 |
</complexContent> |
|
66 |
</complexType> |
|
67 |
<element name="Audience" type="anyURI"/> |
|
68 |
<element name="DoNotCacheCondition" type="saml:DoNotCacheConditionType"/> |
|
69 |
<complexType name="DoNotCacheConditionType"> |
|
70 |
<complexContent> |
|
71 |
<extension base="saml:ConditionAbstractType"/> |
|
72 |
</complexContent> |
|
73 |
</complexType> |
|
74 |
<element name="Advice" type="saml:AdviceType"/> |
|
75 |
<complexType name="AdviceType"> |
|
76 |
<choice minOccurs="0" maxOccurs="unbounded"> |
|
77 |
<element ref="saml:AssertionIDReference"/> |
|
78 |
<element ref="saml:Assertion"/> |
|
79 |
<any namespace="##other" processContents="lax"/> |
|
80 |
</choice> |
|
81 |
</complexType> |
|
82 |
<element name="Statement" type="saml:StatementAbstractType"/> |
|
83 |
<complexType name="StatementAbstractType" abstract="true"/> |
|
84 |
<element name="SubjectStatement" type="saml:SubjectStatementAbstractType"/> |
|
85 |
<complexType name="SubjectStatementAbstractType" abstract="true"> |
|
86 |
<complexContent> |
|
87 |
<extension base="saml:StatementAbstractType"> |
|
88 |
<sequence> |
|
89 |
<element ref="saml:Subject"/> |
|
90 |
</sequence> |
|
91 |
</extension> |
|
92 |
</complexContent> |
|
93 |
</complexType> |
|
94 |
<element name="Subject" type="saml:SubjectType"/> |
|
95 |
<complexType name="SubjectType"> |
|
96 |
<choice> |
|
97 |
<sequence> |
|
98 |
<element ref="saml:NameIdentifier"/> |
|
99 |
<element ref="saml:SubjectConfirmation" minOccurs="0"/> |
|
100 |
</sequence> |
|
101 |
<element ref="saml:SubjectConfirmation"/> |
|
102 |
</choice> |
|
103 |
</complexType> |
|
104 |
<element name="NameIdentifier" type="saml:NameIdentifierType"/> |
|
105 |
<complexType name="NameIdentifierType"> |
|
106 |
<simpleContent> |
|
107 |
<extension base="string"> |
|
108 |
<attribute name="NameQualifier" type="string" use="optional"/> |
|
109 |
<attribute name="Format" type="anyURI" use="optional"/> |
|
110 |
</extension> |
|
111 |
</simpleContent> |
|
112 |
</complexType> |
|
113 |
<element name="SubjectConfirmation" type="saml:SubjectConfirmationType"/> |
|
114 |
<complexType name="SubjectConfirmationType"> |
|
115 |
<sequence> |
|
116 |
<element ref="saml:ConfirmationMethod" maxOccurs="unbounded"/> |
|
117 |
<element ref="saml:SubjectConfirmationData" minOccurs="0"/> |
|
118 |
<element ref="ds:KeyInfo" minOccurs="0"/> |
|
119 |
</sequence> |
|
120 |
</complexType> |
|
121 |
<element name="SubjectConfirmationData" type="anyType"/> |
|
122 |
<element name="ConfirmationMethod" type="anyURI"/> |
|
123 |
<element name="AuthenticationStatement" type="saml:AuthenticationStatementType"/> |
|
124 |
<complexType name="AuthenticationStatementType"> |
|
125 |
<complexContent> |
|
126 |
<extension base="saml:SubjectStatementAbstractType"> |
|
127 |
<sequence> |
|
128 |
<element ref="saml:SubjectLocality" minOccurs="0"/> |
|
129 |
<element ref="saml:AuthorityBinding" minOccurs="0" maxOccurs="unbounded"/> |
|
130 |
</sequence> |
|
131 |
<attribute name="AuthenticationMethod" type="anyURI" use="required"/> |
|
132 |
<attribute name="AuthenticationInstant" type="dateTime" use="required"/> |
|
133 |
</extension> |
|
134 |
</complexContent> |
|
135 |
</complexType> |
|
136 |
<element name="SubjectLocality" type="saml:SubjectLocalityType"/> |
|
137 |
<complexType name="SubjectLocalityType"> |
|
138 |
<attribute name="IPAddress" type="string" use="optional"/> |
|
139 |
<attribute name="DNSAddress" type="string" use="optional"/> |
|
140 |
</complexType> |
|
141 |
<element name="AuthorityBinding" type="saml:AuthorityBindingType"/> |
|
142 |
<complexType name="AuthorityBindingType"> |
|
143 |
<attribute name="AuthorityKind" type="QName" use="required"/> |
|
144 |
<attribute name="Location" type="anyURI" use="required"/> |
|
145 |
<attribute name="Binding" type="anyURI" use="required"/> |
|
146 |
</complexType> |
|
147 |
<element name="AuthorizationDecisionStatement" type="saml:AuthorizationDecisionStatementType"/> |
|
148 |
<complexType name="AuthorizationDecisionStatementType"> |
|
149 |
<complexContent> |
|
150 |
<extension base="saml:SubjectStatementAbstractType"> |
|
151 |
<sequence> |
|
152 |
<element ref="saml:Action" maxOccurs="unbounded"/> |
|
153 |
<element ref="saml:Evidence" minOccurs="0"/> |
|
154 |
</sequence> |
|
155 |
<attribute name="Resource" type="anyURI" use="required"/> |
|
156 |
<attribute name="Decision" type="saml:DecisionType" use="required"/> |
|
157 |
</extension> |
|
158 |
</complexContent> |
|
159 |
</complexType> |
|
160 |
<element name="Action" type="saml:ActionType"/> |
|
161 |
<complexType name="ActionType"> |
|
162 |
<simpleContent> |
|
163 |
<extension base="string"> |
|
164 |
<attribute name="Namespace" type="anyURI"/> |
|
165 |
</extension> |
|
166 |
</simpleContent> |
|
167 |
</complexType> |
|
168 |
<element name="Evidence" type="saml:EvidenceType"/> |
|
169 |
<complexType name="EvidenceType"> |
|
170 |
<choice maxOccurs="unbounded"> |
|
171 |
<element ref="saml:AssertionIDReference"/> |
|
172 |
<element ref="saml:Assertion"/> |
|
173 |
</choice> |
|
174 |
</complexType> |
|
175 |
<element name="AttributeStatement" type="saml:AttributeStatementType"/> |
|
176 |
<complexType name="AttributeStatementType"> |
|
177 |
<complexContent> |
|
178 |
<extension base="saml:SubjectStatementAbstractType"> |
|
179 |
<sequence> |
|
180 |
<element ref="saml:Attribute" maxOccurs="unbounded"/> |
|
181 |
</sequence> |
|
182 |
</extension> |
|
183 |
</complexContent> |
|
184 |
</complexType> |
|
185 |
<element name="AttributeDesignator" type="saml:AttributeDesignatorType"/> |
|
186 |
<complexType name="AttributeDesignatorType"> |
|
187 |
<attribute name="AttributeName" type="string" use="required"/> |
|
188 |
<attribute name="AttributeNamespace" type="anyURI" use="required"/> |
|
189 |
</complexType> |
|
190 |
<element name="Attribute" type="saml:AttributeType"/> |
|
191 |
<complexType name="AttributeType"> |
|
192 |
<complexContent> |
|
193 |
<extension base="saml:AttributeDesignatorType"> |
|
194 |
<sequence> |
|
195 |
<element ref="saml:AttributeValue" maxOccurs="unbounded"/> |
|
196 |
</sequence> |
|
197 |
</extension> |
|
198 |
</complexContent> |
|
199 |
</complexType> |
|
200 |
<element name="AttributeValue" type="anyType"/> |
|
201 |
</schema> |