+++ /dev/null
-<?xml version="1.0" encoding="US-ASCII"?>
-<schema
- targetNamespace="urn:oasis:names:tc:SAML:2.0:assertion"
- xmlns="http://www.w3.org/2001/XMLSchema"
- xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
- xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
- xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
- elementFormDefault="unqualified"
- attributeFormDefault="unqualified"
- blockDefault="substitution"
- version="2.0">
- <import namespace="http://www.w3.org/2000/09/xmldsig#"
- schemaLocation="http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd"/>
- <import namespace="http://www.w3.org/2001/04/xmlenc#"
- schemaLocation="http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/xenc-schema.xsd"/>
- <annotation>
- <documentation>
- Document identifier: sstc-saml-schema-assertion-2.0
- Location: http://www.oasis-open.org/committees/documents.php?wg_abbrev=security
- Revision history:
- V1.0 (November, 2002):
- Initial Standard Schema.
- V1.1 (September, 2003):
- Updates within the same V1.0 namespace.
- V2.0 CD-04 (January, 2005):
- New assertion schema for SAML V2.0 namespace.
- </documentation>
- </annotation>
- <attributeGroup name="IDNameQualifiers">
- <attribute name="NameQualifier" type="string" use="optional"/>
- <attribute name="SPNameQualifier" type="string" use="optional"/>
- </attributeGroup>
- <element name="BaseID" type="saml:BaseIDAbstractType"/>
- <complexType name="BaseIDAbstractType" abstract="true">
- <attributeGroup ref="saml:IDNameQualifiers"/>
- </complexType>
- <element name="NameID" type="saml:NameIDType"/>
- <complexType name="NameIDType">
- <simpleContent>
- <extension base="string">
- <attributeGroup ref="saml:IDNameQualifiers"/>
- <attribute name="Format" type="anyURI" use="optional"/>
- <attribute name="SPProvidedID" type="string" use="optional"/>
- </extension>
- </simpleContent>
- </complexType>
- <complexType name="EncryptedElementType">
- <sequence>
- <element ref="xenc:EncryptedData"/>
- <element ref="xenc:EncryptedKey" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- </complexType>
- <element name="EncryptedID" type="saml:EncryptedElementType"/>
- <element name="Issuer" type="saml:NameIDType"/>
- <element name="AssertionIDRef" type="NCName"/>
- <element name="AssertionURIRef" type="anyURI"/>
- <element name="Assertion" type="saml:AssertionType"/>
- <complexType name="AssertionType">
- <sequence>
- <element ref="saml:Issuer"/>
- <element ref="ds:Signature" minOccurs="0"/>
- <element ref="saml:Subject" minOccurs="0"/>
- <element ref="saml:Conditions" minOccurs="0"/>
- <element ref="saml:Advice" minOccurs="0"/>
- <choice minOccurs="0" maxOccurs="unbounded">
- <element ref="saml:Statement"/>
- <element ref="saml:AuthnStatement"/>
- <element ref="saml:AuthzDecisionStatement"/>
- <element ref="saml:AttributeStatement"/>
- </choice>
- </sequence>
- <attribute name="Version" type="string" use="required"/>
- <attribute name="ID" type="ID" use="required"/>
- <attribute name="IssueInstant" type="dateTime" use="required"/>
- </complexType>
- <element name="Subject" type="saml:SubjectType"/>
- <complexType name="SubjectType">
- <choice>
- <sequence>
- <choice>
- <element ref="saml:BaseID"/>
- <element ref="saml:NameID"/>
- <element ref="saml:EncryptedID"/>
- </choice>
- <element ref="saml:SubjectConfirmation" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- <element ref="saml:SubjectConfirmation" maxOccurs="unbounded"/>
- </choice>
- </complexType>
- <element name="SubjectConfirmation" type="saml:SubjectConfirmationType"/>
- <complexType name="SubjectConfirmationType">
- <sequence>
- <choice minOccurs="0">
- <element ref="saml:BaseID"/>
- <element ref="saml:NameID"/>
- <element ref="saml:EncryptedID"/>
- </choice>
- <element ref="saml:SubjectConfirmationData" minOccurs="0"/>
- </sequence>
- <attribute name="Method" type="anyURI" use="required"/>
- </complexType>
- <element name="SubjectConfirmationData" type="saml:SubjectConfirmationDataType"/>
- <complexType name="SubjectConfirmationDataType" mixed="true">
- <complexContent>
- <restriction base="anyType">
- <sequence>
- <any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- <attribute name="NotBefore" type="dateTime" use="optional"/>
- <attribute name="NotOnOrAfter" type="dateTime" use="optional"/>
- <attribute name="Recipient" type="anyURI" use="optional"/>
- <attribute name="InResponseTo" type="NCName" use="optional"/>
- <attribute name="Address" type="string" use="optional"/>
- <anyAttribute namespace="##other" processContents="lax"/>
- </restriction>
- </complexContent>
- </complexType>
- <complexType name="KeyInfoConfirmationDataType" mixed="false">
- <complexContent>
- <restriction base="saml:SubjectConfirmationDataType">
- <sequence>
- <element ref="ds:KeyInfo" maxOccurs="unbounded"/>
- </sequence>
- </restriction>
- </complexContent>
- </complexType>
- <element name="Conditions" type="saml:ConditionsType"/>
- <complexType name="ConditionsType">
- <choice minOccurs="0" maxOccurs="unbounded">
- <element ref="saml:Condition"/>
- <element ref="saml:AudienceRestriction"/>
- <element ref="saml:OneTimeUse"/>
- <element ref="saml:ProxyRestriction"/>
- </choice>
- <attribute name="NotBefore" type="dateTime" use="optional"/>
- <attribute name="NotOnOrAfter" type="dateTime" use="optional"/>
- </complexType>
- <element name="Condition" type="saml:ConditionAbstractType"/>
- <complexType name="ConditionAbstractType" abstract="true"/>
- <element name="AudienceRestriction" type="saml:AudienceRestrictionType"/>
- <complexType name="AudienceRestrictionType">
- <complexContent>
- <extension base="saml:ConditionAbstractType">
- <sequence>
- <element ref="saml:Audience" maxOccurs="unbounded"/>
- </sequence>
- </extension>
- </complexContent>
- </complexType>
- <element name="Audience" type="anyURI"/>
- <element name="OneTimeUse" type="saml:OneTimeUseType" />
- <complexType name="OneTimeUseType">
- <complexContent>
- <extension base="saml:ConditionAbstractType"/>
- </complexContent>
- </complexType>
- <element name="ProxyRestriction" type="saml:ProxyRestrictionType"/>
- <complexType name="ProxyRestrictionType">
- <complexContent>
- <extension base="saml:ConditionAbstractType">
- <sequence>
- <element ref="saml:Audience" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- <attribute name="Count" type="nonNegativeInteger" use="optional"/>
- </extension>
- </complexContent>
- </complexType>
- <element name="Advice" type="saml:AdviceType"/>
- <complexType name="AdviceType">
- <choice minOccurs="0" maxOccurs="unbounded">
- <element ref="saml:AssertionIDRef"/>
- <element ref="saml:AssertionURIRef"/>
- <element ref="saml:Assertion"/>
- <element ref="saml:EncryptedAssertion"/>
- <any namespace="##other" processContents="lax"/>
- </choice>
- </complexType>
- <element name="EncryptedAssertion" type="saml:EncryptedElementType"/>
- <element name="Statement" type="saml:StatementAbstractType"/>
- <complexType name="StatementAbstractType" abstract="true"/>
- <element name="AuthnStatement" type="saml:AuthnStatementType"/>
- <complexType name="AuthnStatementType">
- <complexContent>
- <extension base="saml:StatementAbstractType">
- <sequence>
- <element ref="saml:SubjectLocality" minOccurs="0"/>
- <element ref="saml:AuthnContext"/>
- </sequence>
- <attribute name="AuthnInstant" type="dateTime" use="required"/>
- <attribute name="SessionIndex" type="string" use="optional"/>
- <attribute name="SessionNotOnOrAfter" type="dateTime" use="optional"/>
- </extension>
- </complexContent>
- </complexType>
- <element name="SubjectLocality" type="saml:SubjectLocalityType"/>
- <complexType name="SubjectLocalityType">
- <attribute name="Address" type="string" use="optional"/>
- <attribute name="DNSName" type="string" use="optional"/>
- </complexType>
- <element name="AuthnContext" type="saml:AuthnContextType"/>
- <complexType name="AuthnContextType">
- <sequence>
- <choice>
- <sequence>
- <element ref="saml:AuthnContextClassRef"/>
- <choice minOccurs="0">
- <element ref="saml:AuthnContextDecl"/>
- <element ref="saml:AuthnContextDeclRef"/>
- </choice>
- </sequence>
- <choice>
- <element ref="saml:AuthnContextDecl"/>
- <element ref="saml:AuthnContextDeclRef"/>
- </choice>
- </choice>
- <element ref="saml:AuthenticatingAuthority" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- </complexType>
- <element name="AuthnContextClassRef" type="anyURI"/>
- <element name="AuthnContextDeclRef" type="anyURI"/>
- <element name="AuthnContextDecl" type="anyType"/>
- <element name="AuthenticatingAuthority" type="anyURI"/>
- <element name="AuthzDecisionStatement" type="saml:AuthzDecisionStatementType"/>
- <complexType name="AuthzDecisionStatementType">
- <complexContent>
- <extension base="saml:StatementAbstractType">
- <sequence>
- <element ref="saml:Action" maxOccurs="unbounded"/>
- <element ref="saml:Evidence" minOccurs="0"/>
- </sequence>
- <attribute name="Resource" type="anyURI" use="required"/>
- <attribute name="Decision" type="saml:DecisionType" use="required"/>
- </extension>
- </complexContent>
- </complexType>
- <simpleType name="DecisionType">
- <restriction base="string">
- <enumeration value="Permit"/>
- <enumeration value="Deny"/>
- <enumeration value="Indeterminate"/>
- </restriction>
- </simpleType>
- <element name="Action" type="saml:ActionType"/>
- <complexType name="ActionType">
- <simpleContent>
- <extension base="string">
- <attribute name="Namespace" type="anyURI" use="required"/>
- </extension>
- </simpleContent>
- </complexType>
- <element name="Evidence" type="saml:EvidenceType"/>
- <complexType name="EvidenceType">
- <choice maxOccurs="unbounded">
- <element ref="saml:AssertionIDRef"/>
- <element ref="saml:AssertionURIRef"/>
- <element ref="saml:Assertion"/>
- <element ref="saml:EncryptedAssertion"/>
- </choice>
- </complexType>
- <element name="AttributeStatement" type="saml:AttributeStatementType"/>
- <complexType name="AttributeStatementType">
- <complexContent>
- <extension base="saml:StatementAbstractType">
- <choice maxOccurs="unbounded">
- <element ref="saml:Attribute"/>
- <element ref="saml:EncryptedAttribute"/>
- </choice>
- </extension>
- </complexContent>
- </complexType>
- <element name="Attribute" type="saml:AttributeType"/>
- <complexType name="AttributeType">
- <sequence>
- <element ref="saml:AttributeValue" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- <attribute name="Name" type="string" use="required"/>
- <attribute name="NameFormat" type="anyURI" use="optional"/>
- <attribute name="FriendlyName" type="string" use="optional"/>
- <anyAttribute namespace="##other" processContents="lax"/>
- </complexType>
- <element name="AttributeValue" type="anyType" nillable="true"/>
- <element name="EncryptedAttribute" type="saml:EncryptedElementType"/>
-</schema>
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<schema
- targetNamespace="urn:oasis:names:tc:SAML:2.0:metadata"
- xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"
- xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
- xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
- xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
- xmlns="http://www.w3.org/2001/XMLSchema"
- elementFormDefault="unqualified"
- attributeFormDefault="unqualified"
- blockDefault="substitution"
- version="2.0">
- <import namespace="http://www.w3.org/2000/09/xmldsig#"
- schemaLocation="http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd"/>
- <import namespace="http://www.w3.org/2001/04/xmlenc#"
- schemaLocation="http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/xenc-schema.xsd"/>
- <import namespace="urn:oasis:names:tc:SAML:2.0:assertion"
- schemaLocation="sstc-saml-schema-assertion-2.0.xsd"/>
- <import namespace="http://www.w3.org/XML/1998/namespace"
- schemaLocation="http://www.w3.org/2001/xml.xsd"/>
- <annotation>
- <documentation>
- Document identifier: sstc-saml-schema-metadata-2.0
- Location: http://www.oasis-open.org/committees/documents.php?wg_abbrev=security
- Revision history:
- V2.0 CD-04 (January, 2005):
- Schema for SAML metadata, first published in SAML 2.0.
- </documentation>
- </annotation>
-
- <simpleType name="entityIDType">
- <restriction base="anyURI">
- <maxLength value="1024"/>
- </restriction>
- </simpleType>
- <complexType name="localizedNameType">
- <simpleContent>
- <extension base="string">
- <attribute ref="xml:lang" use="required"/>
- </extension>
- </simpleContent>
- </complexType>
- <complexType name="localizedURIType">
- <simpleContent>
- <extension base="anyURI">
- <attribute ref="xml:lang" use="required"/>
- </extension>
- </simpleContent>
- </complexType>
-
- <element name="Extensions" type="md:ExtensionsType"/>
- <complexType final="#all" name="ExtensionsType">
- <sequence>
- <any namespace="##other" processContents="lax" maxOccurs="unbounded"/>
- </sequence>
- </complexType>
-
- <complexType name="EndpointType">
- <sequence>
- <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- <attribute name="Binding" type="anyURI" use="required"/>
- <attribute name="Location" type="anyURI" use="required"/>
- <attribute name="ResponseLocation" type="anyURI" use="optional"/>
- <anyAttribute namespace="##other" processContents="lax"/>
- </complexType>
-
- <complexType name="IndexedEndpointType">
- <complexContent>
- <extension base="md:EndpointType">
- <attribute name="index" type="unsignedShort" use="required"/>
- <attribute name="isDefault" type="boolean" use="optional"/>
- </extension>
- </complexContent>
- </complexType>
-
- <element name="EntitiesDescriptor" type="md:EntitiesDescriptorType"/>
- <complexType name="EntitiesDescriptorType">
- <sequence>
- <element ref="ds:Signature" minOccurs="0"/>
- <element ref="md:Extensions" minOccurs="0"/>
- <choice minOccurs="1" maxOccurs="unbounded">
- <element ref="md:EntityDescriptor"/>
- <element ref="md:EntitiesDescriptor"/>
- </choice>
- </sequence>
- <attribute name="validUntil" type="dateTime" use="optional"/>
- <attribute name="cacheDuration" type="duration" use="optional"/>
- <attribute name="ID" type="ID" use="optional"/>
- <attribute name="Name" type="string" use="optional"/>
- </complexType>
-
- <element name="EntityDescriptor" type="md:EntityDescriptorType"/>
- <complexType name="EntityDescriptorType">
- <sequence>
- <element ref="ds:Signature" minOccurs="0"/>
- <element ref="md:Extensions" minOccurs="0"/>
- <choice>
- <choice maxOccurs="unbounded">
- <element ref="md:RoleDescriptor"/>
- <element ref="md:IDPSSODescriptor"/>
- <element ref="md:SPSSODescriptor"/>
- <element ref="md:AuthnAuthorityDescriptor"/>
- <element ref="md:AttributeAuthorityDescriptor"/>
- <element ref="md:PDPDescriptor"/>
- </choice>
- <element ref="md:AffiliationDescriptor"/>
- </choice>
- <element ref="md:Organization" minOccurs="0"/>
- <element ref="md:ContactPerson" minOccurs="0" maxOccurs="unbounded"/>
- <element ref="md:AdditionalMetadataLocation" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- <attribute name="entityID" type="md:entityIDType" use="required"/>
- <attribute name="validUntil" type="dateTime" use="optional"/>
- <attribute name="cacheDuration" type="duration" use="optional"/>
- <attribute name="ID" type="ID" use="optional"/>
- <anyAttribute namespace="##other" processContents="lax"/>
- </complexType>
-
- <element name="Organization" type="md:OrganizationType"/>
- <complexType name="OrganizationType">
- <sequence>
- <element ref="md:Extensions" minOccurs="0"/>
- <element ref="md:OrganizationName" maxOccurs="unbounded"/>
- <element ref="md:OrganizationDisplayName" maxOccurs="unbounded"/>
- <element ref="md:OrganizationURL" maxOccurs="unbounded"/>
- </sequence>
- <anyAttribute namespace="##other" processContents="lax"/>
- </complexType>
- <element name="OrganizationName" type="md:localizedNameType"/>
- <element name="OrganizationDisplayName" type="md:localizedNameType"/>
- <element name="OrganizationURL" type="md:localizedURIType"/>
- <element name="ContactPerson" type="md:ContactType"/>
- <complexType name="ContactType">
- <sequence>
- <element ref="md:Extensions" minOccurs="0"/>
- <element ref="md:Company" minOccurs="0"/>
- <element ref="md:GivenName" minOccurs="0"/>
- <element ref="md:SurName" minOccurs="0"/>
- <element ref="md:EmailAddress" minOccurs="0" maxOccurs="unbounded"/>
- <element ref="md:TelephoneNumber" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- <attribute name="contactType" type="md:ContactTypeType" use="required"/>
- <anyAttribute namespace="##other" processContents="lax"/>
- </complexType>
- <element name="Company" type="string"/>
- <element name="GivenName" type="string"/>
- <element name="SurName" type="string"/>
- <element name="EmailAddress" type="anyURI"/>
- <element name="TelephoneNumber" type="string"/>
- <simpleType name="ContactTypeType">
- <restriction base="string">
- <enumeration value="technical"/>
- <enumeration value="support"/>
- <enumeration value="administrative"/>
- <enumeration value="billing"/>
- <enumeration value="other"/>
- </restriction>
- </simpleType>
-
- <element name="AdditionalMetadataLocation" type="md:AdditionalMetadataLocationType"/>
- <complexType name="AdditionalMetadataLocationType">
- <simpleContent>
- <extension base="anyURI">
- <attribute name="namespace" type="anyURI" use="required"/>
- </extension>
- </simpleContent>
- </complexType>
-
- <element name="RoleDescriptor" type="md:RoleDescriptorType"/>
- <complexType name="RoleDescriptorType" abstract="true">
- <sequence>
- <element ref="ds:Signature" minOccurs="0"/>
- <element ref="md:Extensions" minOccurs="0"/>
- <element ref="md:KeyDescriptor" minOccurs="0" maxOccurs="unbounded"/>
- <element ref="md:Organization" minOccurs="0"/>
- <element ref="md:ContactPerson" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- <attribute name="ID" type="ID" use="optional"/>
- <attribute name="validUntil" type="dateTime" use="optional"/>
- <attribute name="cacheDuration" type="duration" use="optional"/>
- <attribute name="protocolSupportEnumeration" type="md:anyURIListType" use="required"/>
- <attribute name="errorURL" type="anyURI" use="optional"/>
- <anyAttribute namespace="##other" processContents="lax"/>
- </complexType>
- <simpleType name="anyURIListType">
- <list itemType="anyURI"/>
- </simpleType>
-
- <element name="KeyDescriptor" type="md:KeyDescriptorType"/>
- <complexType name="KeyDescriptorType">
- <sequence>
- <element ref="ds:KeyInfo"/>
- <element ref="md:EncryptionMethod" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- <attribute name="use" type="md:KeyTypes" use="optional"/>
- </complexType>
- <simpleType name="KeyTypes">
- <restriction base="string">
- <enumeration value="encryption"/>
- <enumeration value="signing"/>
- </restriction>
- </simpleType>
- <element name="EncryptionMethod" type="xenc:EncryptionMethodType"/>
-
- <complexType name="SSODescriptorType" abstract="true">
- <complexContent>
- <extension base="md:RoleDescriptorType">
- <sequence>
- <element ref="md:ArtifactResolutionService" minOccurs="0" maxOccurs="unbounded"/>
- <element ref="md:SingleLogoutService" minOccurs="0" maxOccurs="unbounded"/>
- <element ref="md:ManageNameIDService" minOccurs="0" maxOccurs="unbounded"/>
- <element ref="md:NameIDFormat" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- </extension>
- </complexContent>
- </complexType>
- <element name="ArtifactResolutionService" type="md:IndexedEndpointType"/>
- <element name="SingleLogoutService" type="md:EndpointType"/>
- <element name="ManageNameIDService" type="md:EndpointType"/>
- <element name="NameIDFormat" type="anyURI"/>
-
- <element name="IDPSSODescriptor" type="md:IDPSSODescriptorType"/>
- <complexType name="IDPSSODescriptorType">
- <complexContent>
- <extension base="md:SSODescriptorType">
- <sequence>
- <element ref="md:SingleSignOnService" maxOccurs="unbounded"/>
- <element ref="md:NameIDMappingService" minOccurs="0" maxOccurs="unbounded"/>
- <element ref="md:AssertionIDRequestService" minOccurs="0" maxOccurs="unbounded"/>
- <element ref="md:AttributeProfile" minOccurs="0" maxOccurs="unbounded"/>
- <element ref="saml:Attribute" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- <attribute name="WantAuthnRequestsSigned" type="boolean" use="optional"/>
- </extension>
- </complexContent>
- </complexType>
- <element name="SingleSignOnService" type="md:EndpointType"/>
- <element name="NameIDMappingService" type="md:EndpointType"/>
- <element name="AssertionIDRequestService" type="md:EndpointType"/>
- <element name="AttributeProfile" type="anyURI"/>
-
- <element name="SPSSODescriptor" type="md:SPSSODescriptorType"/>
- <complexType name="SPSSODescriptorType">
- <complexContent>
- <extension base="md:SSODescriptorType">
- <sequence>
- <element ref="md:AssertionConsumerService" maxOccurs="unbounded"/>
- <element ref="md:AttributeConsumingService" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- <attribute name="AuthnRequestsSigned" type="boolean" use="optional"/>
- <attribute name="WantAssertionsSigned" type="boolean" use="optional"/>
- </extension>
- </complexContent>
- </complexType>
- <element name="AssertionConsumerService" type="md:IndexedEndpointType"/>
- <element name="AttributeConsumingService" type="md:AttributeConsumingServiceType"/>
- <complexType name="AttributeConsumingServiceType">
- <sequence>
- <element ref="md:ServiceName" maxOccurs="unbounded"/>
- <element ref="md:ServiceDescription" minOccurs="0" maxOccurs="unbounded"/>
- <element ref="md:RequestedAttribute" maxOccurs="unbounded"/>
- </sequence>
- <attribute name="index" type="unsignedShort" use="required"/>
- <attribute name="isDefault" type="boolean" use="optional"/>
- </complexType>
- <element name="ServiceName" type="md:localizedNameType"/>
- <element name="ServiceDescription" type="md:localizedNameType"/>
- <element name="RequestedAttribute" type="md:RequestedAttributeType"/>
- <complexType name="RequestedAttributeType">
- <complexContent>
- <extension base="saml:AttributeType">
- <attribute name="isRequired" type="boolean" use="optional"/>
- </extension>
- </complexContent>
- </complexType>
-
- <element name="AuthnAuthorityDescriptor" type="md:AuthnAuthorityDescriptorType"/>
- <complexType name="AuthnAuthorityDescriptorType">
- <complexContent>
- <extension base="md:RoleDescriptorType">
- <sequence>
- <element ref="md:AuthnQueryService" maxOccurs="unbounded"/>
- <element ref="md:AssertionIDRequestService" minOccurs="0" maxOccurs="unbounded"/>
- <element ref="md:NameIDFormat" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- </extension>
- </complexContent>
- </complexType>
- <element name="AuthnQueryService" type="md:EndpointType"/>
-
- <element name="PDPDescriptor" type="md:PDPDescriptorType"/>
- <complexType name="PDPDescriptorType">
- <complexContent>
- <extension base="md:RoleDescriptorType">
- <sequence>
- <element ref="md:AuthzService" maxOccurs="unbounded"/>
- <element ref="md:AssertionIDRequestService" minOccurs="0" maxOccurs="unbounded"/>
- <element ref="md:NameIDFormat" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- </extension>
- </complexContent>
- </complexType>
- <element name="AuthzService" type="md:EndpointType"/>
-
- <element name="AttributeAuthorityDescriptor" type="md:AttributeAuthorityDescriptorType"/>
- <complexType name="AttributeAuthorityDescriptorType">
- <complexContent>
- <extension base="md:RoleDescriptorType">
- <sequence>
- <element ref="md:AttributeService" maxOccurs="unbounded"/>
- <element ref="md:AssertionIDRequestService" minOccurs="0" maxOccurs="unbounded"/>
- <element ref="md:NameIDFormat" minOccurs="0" maxOccurs="unbounded"/>
- <element ref="md:AttributeProfile" minOccurs="0" maxOccurs="unbounded"/>
- <element ref="saml:Attribute" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- </extension>
- </complexContent>
- </complexType>
- <element name="AttributeService" type="md:EndpointType"/>
-
- <element name="AffiliationDescriptor" type="md:AffiliationDescriptorType"/>
- <complexType name="AffiliationDescriptorType">
- <sequence>
- <element ref="ds:Signature" minOccurs="0"/>
- <element ref="md:Extensions" minOccurs="0"/>
- <element ref="md:AffiliateMember" maxOccurs="unbounded"/>
- <element ref="md:KeyDescriptor" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- <attribute name="affiliationOwnerID" type="md:entityIDType" use="required"/>
- <attribute name="validUntil" type="dateTime" use="optional"/>
- <attribute name="cacheDuration" type="duration" use="optional"/>
- <attribute name="ID" type="ID" use="optional"/>
- <anyAttribute namespace="##other" processContents="lax"/>
- </complexType>
- <element name="AffiliateMember" type="md:entityIDType"/>
-</schema>