xmlns:shib="urn:mace:shibboleth:1.0"
elementFormDefault="qualified"
attributeFormDefault="unqualified"
- version="1.2">
+ version="1.3">
<import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd"/>
<import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="xml.xsd"/>
-
<!-- Status-Related Information -->
<!--
Used with samlp:Requester, signals AA did not recognize handle as valid
-->
- <!-- Relaxes SAML AttributeValue type definition -->
+ <!--
+ Relaxes SAML AttributeValue type definition. Xerces-C has a bug that prevents
+ anyAttribute content appearing on anyType. It works in 2.2 but not in later versions.
+ -->
<complexType name="AttributeValueType" mixed="true">
<annotation>
- <documentation xml:lang="en">By convention, all Shibboleth attribute values carry this unconstrained xsi:type.</documentation>
+ <documentation xml:lang="en">
+ By convention, all Shibboleth 1.1 origin attribute values carry this unconstrained xsi:type.
+ </documentation>
</annotation>
- <sequence>
- <any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- <anyAttribute namespace="##any" processContents="lax"/>
+ <complexContent>
+ <extension base="anyType"/>
+ </complexContent>
</complexType>
<!-- Attribute Acceptance Policies -->
<extension base="string">
<attribute name="Accept" type="boolean" use="optional" default="true"/>
<attribute name="Type" type="shib:AttributeRuleValueType" use="optional" default="literal"/>
- <anyAttribute namespace="##any" processContents="lax"/>
+ <anyAttribute namespace="##other" processContents="lax"/>
</extension>
</simpleContent>
</complexType>
<element name="AnyValue">
<complexType>
<sequence/>
- <anyAttribute namespace="##any" processContents="lax"/>
+ <anyAttribute namespace="##other" processContents="lax"/>
</complexType>
</element>
<element name="Value" maxOccurs="unbounded">
<complexType>
<simpleContent>
<extension base="string">
+ <attribute name="Accept" type="boolean" use="optional" default="true"/>
<attribute name="Type" type="shib:AttributeRuleValueType" use="optional" default="literal"/>
- <anyAttribute namespace="##any" processContents="lax"/>
+ <anyAttribute namespace="##other" processContents="lax"/>
</extension>
</simpleContent>
</complexType>
<complexContent>
<extension base="shib:SiteRuleType">
<attribute name="Name" type="string" use="required"/>
- <anyAttribute namespace="##any" processContents="lax"/>
+ <anyAttribute namespace="##other" processContents="lax"/>
</extension>
</complexContent>
</complexType>
</sequence>
<attribute name="Name" type="string" use="required"/>
<attribute name="Namespace" type="string" use="optional"/>
- <attribute name="Factory" type="string" use="optional"/>
<attribute name="Alias" type="string" use="optional"/>
<attribute name="Header" type="string" use="optional"/>
- <anyAttribute namespace="##any" processContents="lax"/>
+ <attribute name="Scoped" type="boolean" use="optional" default="false"/>
+ <attribute name="CaseSensitive" type="boolean" use="optional" default="true"/>
+ <anyAttribute namespace="##other" processContents="lax"/>
</complexType>
<element name="AttributeRule" type="shib:AttributeRuleType">
<element name="AttributeAcceptancePolicy">
<complexType>
<sequence>
+ <element name="AnyAttribute" minOccurs="0">
+ <complexType>
+ <sequence/>
+ </complexType>
+ </element>
<element ref="shib:AttributeRule" minOccurs="0" maxOccurs="unbounded"/>
</sequence>
- <anyAttribute namespace="##any" processContents="lax"/>
+ <anyAttribute namespace="##other" processContents="lax"/>
</complexType>
</element>
<sequence>
<element name="HandleService" type="shib:AuthorityType" maxOccurs="unbounded"/>
<element name="AttributeAuthority" type="shib:AuthorityType" minOccurs="0" maxOccurs="unbounded"/>
- <element name="Domain" type="shib:regexp_string" minOccurs="0" maxOccurs="unbounded"/>
+ <element ref="shib:Domain" minOccurs="0" maxOccurs="unbounded"/>
</sequence>
</extension>
</complexContent>
</complexType>
+
+ <element name="Domain" type="shib:regexp_string">
+ <annotation>
+ <documentation xml:lang="en">A metadata extension used to regulate allowable attribute scopes.</documentation>
+ </annotation>
+ </element>
<complexType name="DestinationSiteType">
<annotation>
<sequence>
<element name="AssertionConsumerServiceURL" maxOccurs="unbounded">
<complexType>
- <sequence/>
<attribute name="Location" type="string" use="required"/>
<attribute name="Id" type="string" use="optional"/>
<anyAttribute namespace="##any" processContents="lax"/>
</element>
<element name="AttributeRequester" maxOccurs="unbounded">
<complexType>
- <sequence/>
<attribute name="Name" type="string" use="required"/>
<anyAttribute namespace="##any" processContents="lax"/>
</complexType>