1 <?xml version="1.0" encoding="UTF-8"?>
\r
2 <schema targetNamespace="urn:oasis:names:tc:SAML:1.0:assertion" xmlns="http://www.w3.org/2001/XMLSchema" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" elementFormDefault="unqualified" attributeFormDefault="unqualified" version="1.1">
\r
3 <import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/>
\r
6 Document identifier: sstc-saml-schema-assertion-1.1-draft-02
\r
7 Location: http://www.oasis-open.org/committees/documents.php?wg_abbrev=security
\r
9 draft-01 (Eve Maler):
\r
10 Note that V1.1 of this schema has the same namespace as V1.0.
\r
11 Minor cosmetic updates.
\r
12 Changed IDType to restrict from xsd:ID.
\r
13 Changed IDReferenceType to restrict from xsd:IDREF.
\r
14 Set version attribute on schema element to 1.1.
\r
15 draft-02 (Prateek Mishra, Rob Philpott):
\r
16 Added DoNotCacheCondition element and DoNotCacheConditionType
\r
17 draft-03 (Scott Cantor)
\r
18 Rebased ID content directly on XML Schema types
\r
21 <simpleType name="DecisionType">
\r
22 <restriction base="string">
\r
23 <enumeration value="Permit"/>
\r
24 <enumeration value="Deny"/>
\r
25 <enumeration value="Indeterminate"/>
\r
28 <element name="AssertionIDReference" type="NCName"/>
\r
29 <element name="Assertion" type="saml:AssertionType"/>
\r
30 <complexType name="AssertionType">
\r
32 <element ref="saml:Conditions" minOccurs="0"/>
\r
33 <element ref="saml:Advice" minOccurs="0"/>
\r
34 <choice maxOccurs="unbounded">
\r
35 <element ref="saml:Statement"/>
\r
36 <element ref="saml:SubjectStatement"/>
\r
37 <element ref="saml:AuthenticationStatement"/>
\r
38 <element ref="saml:AuthorizationDecisionStatement"/>
\r
39 <element ref="saml:AttributeStatement"/>
\r
41 <element ref="ds:Signature" minOccurs="0"/>
\r
43 <attribute name="MajorVersion" type="integer" use="required"/>
\r
44 <attribute name="MinorVersion" type="integer" use="required"/>
\r
45 <attribute name="AssertionID" type="ID" use="required"/>
\r
46 <attribute name="Issuer" type="string" use="required"/>
\r
47 <attribute name="IssueInstant" type="dateTime" use="required"/>
\r
49 <element name="Conditions" type="saml:ConditionsType"/>
\r
50 <complexType name="ConditionsType">
\r
51 <choice minOccurs="0" maxOccurs="unbounded">
\r
52 <element ref="saml:AudienceRestrictionCondition"/>
\r
53 <element ref="saml:DoNotCacheCondition"/>
\r
54 <element ref="saml:Condition"/>
\r
56 <attribute name="NotBefore" type="dateTime" use="optional"/>
\r
57 <attribute name="NotOnOrAfter" type="dateTime" use="optional"/>
\r
59 <element name="Condition" type="saml:ConditionAbstractType"/>
\r
60 <complexType name="ConditionAbstractType" abstract="true"/>
\r
61 <element name="AudienceRestrictionCondition" type="saml:AudienceRestrictionConditionType"/>
\r
62 <complexType name="AudienceRestrictionConditionType">
\r
64 <extension base="saml:ConditionAbstractType">
\r
66 <element ref="saml:Audience" maxOccurs="unbounded"/>
\r
71 <element name="Audience" type="anyURI"/>
\r
72 <element name="DoNotCacheCondition" type="saml:DoNotCacheConditionType" />
\r
73 <complexType name="DoNotCacheConditionType">
\r
75 <extension base="saml:ConditionAbstractType"/>
\r
78 <element name="Advice" type="saml:AdviceType"/>
\r
79 <complexType name="AdviceType">
\r
80 <choice minOccurs="0" maxOccurs="unbounded">
\r
81 <element ref="saml:AssertionIDReference"/>
\r
82 <element ref="saml:Assertion"/>
\r
83 <any namespace="##other" processContents="lax"/>
\r
86 <element name="Statement" type="saml:StatementAbstractType"/>
\r
87 <complexType name="StatementAbstractType" abstract="true"/>
\r
88 <element name="SubjectStatement" type="saml:SubjectStatementAbstractType"/>
\r
89 <complexType name="SubjectStatementAbstractType" abstract="true">
\r
91 <extension base="saml:StatementAbstractType">
\r
93 <element ref="saml:Subject"/>
\r
98 <element name="Subject" type="saml:SubjectType"/>
\r
99 <complexType name="SubjectType">
\r
102 <element ref="saml:NameIdentifier"/>
\r
103 <element ref="saml:SubjectConfirmation" minOccurs="0"/>
\r
105 <element ref="saml:SubjectConfirmation"/>
\r
108 <element name="NameIdentifier" type="saml:NameIdentifierType"/>
\r
109 <complexType name="NameIdentifierType">
\r
111 <extension base="string">
\r
112 <attribute name="NameQualifier" type="string" use="optional"/>
\r
113 <attribute name="Format" type="anyURI" use="optional"/>
\r
117 <element name="SubjectConfirmation" type="saml:SubjectConfirmationType"/>
\r
118 <complexType name="SubjectConfirmationType">
\r
120 <element ref="saml:ConfirmationMethod" maxOccurs="unbounded"/>
\r
121 <element ref="saml:SubjectConfirmationData" minOccurs="0"/>
\r
122 <element ref="ds:KeyInfo" minOccurs="0"/>
\r
125 <element name="SubjectConfirmationData" type="anyType"/>
\r
126 <element name="ConfirmationMethod" type="anyURI"/>
\r
127 <element name="AuthenticationStatement" type="saml:AuthenticationStatementType"/>
\r
128 <complexType name="AuthenticationStatementType">
\r
130 <extension base="saml:SubjectStatementAbstractType">
\r
132 <element ref="saml:SubjectLocality" minOccurs="0"/>
\r
133 <element ref="saml:AuthorityBinding" minOccurs="0" maxOccurs="unbounded"/>
\r
135 <attribute name="AuthenticationMethod" type="anyURI" use="required"/>
\r
136 <attribute name="AuthenticationInstant" type="dateTime" use="required"/>
\r
140 <element name="SubjectLocality" type="saml:SubjectLocalityType"/>
\r
141 <complexType name="SubjectLocalityType">
\r
142 <attribute name="IPAddress" type="string" use="optional"/>
\r
143 <attribute name="DNSAddress" type="string" use="optional"/>
\r
145 <element name="AuthorityBinding" type="saml:AuthorityBindingType"/>
\r
146 <complexType name="AuthorityBindingType">
\r
147 <attribute name="AuthorityKind" type="QName" use="required"/>
\r
148 <attribute name="Location" type="anyURI" use="required"/>
\r
149 <attribute name="Binding" type="anyURI" use="required"/>
\r
151 <element name="AuthorizationDecisionStatement" type="saml:AuthorizationDecisionStatementType"/>
\r
152 <complexType name="AuthorizationDecisionStatementType">
\r
154 <extension base="saml:SubjectStatementAbstractType">
\r
156 <element ref="saml:Action" maxOccurs="unbounded"/>
\r
157 <element ref="saml:Evidence" minOccurs="0"/>
\r
159 <attribute name="Resource" type="anyURI" use="required"/>
\r
160 <attribute name="Decision" type="saml:DecisionType" use="required"/>
\r
164 <element name="Action" type="saml:ActionType"/>
\r
165 <complexType name="ActionType">
\r
167 <extension base="string">
\r
168 <attribute name="Namespace" type="anyURI"/>
\r
172 <element name="Evidence" type="saml:EvidenceType"/>
\r
173 <complexType name="EvidenceType">
\r
174 <choice maxOccurs="unbounded">
\r
175 <element ref="saml:AssertionIDReference"/>
\r
176 <element ref="saml:Assertion"/>
\r
179 <element name="AttributeStatement" type="saml:AttributeStatementType"/>
\r
180 <complexType name="AttributeStatementType">
\r
182 <extension base="saml:SubjectStatementAbstractType">
\r
184 <element ref="saml:Attribute" maxOccurs="unbounded"/>
\r
189 <element name="AttributeDesignator" type="saml:AttributeDesignatorType"/>
\r
190 <complexType name="AttributeDesignatorType">
\r
191 <attribute name="AttributeName" type="string" use="required"/>
\r
192 <attribute name="AttributeNamespace" type="anyURI" use="required"/>
\r
194 <element name="Attribute" type="saml:AttributeType"/>
\r
195 <complexType name="AttributeType">
\r
197 <extension base="saml:AttributeDesignatorType">
\r
199 <element ref="saml:AttributeValue" maxOccurs="unbounded"/>
\r
204 <element name="AttributeValue" type="anyType"/>
\r
projects / shibboleth / cpp-opensaml.git / blob