schemas/shibboleth-2.0-afp-mf-saml.xsd

   1 <?xml version="1.0" encoding="UTF-8"?>
   2 <schema xmlns="http://www.w3.org/2001/XMLSchema" xmlns:saml="urn:mace:shibboleth:2.0:afp:mf:saml" xmlns:afp="urn:mace:shibboleth:2.0:afp" targetNamespace="urn:mace:shibboleth:2.0:afp:mf:saml" elementFormDefault="qualified">
   3
   4     <import namespace="urn:mace:shibboleth:2.0:afp" schemaLocation="classpath:/schema/shibboleth-2.0-afp.xsd" />
   5
   6     <annotation>
   7         <documentation>
   8           A set of SAML specific match functions. These match functions only operate against a
   9           SAMLFilterContext.
  10         </documentation>
  11     </annotation>
  12
  13     <complexType name="AttributeIssuerEntityAttributeExactMatch">
  14         <annotation>
  15             <documentation>
  16                 A match function that checks if the attribute issuer contains an entity attribute with the
  17                 specified value.
  18             </documentation>
  19         </annotation>
  20         <complexContent>
  21             <extension base="saml:EntityAttributeExactMatchType"/>
  22         </complexContent>
  23     </complexType>
  24
  25     <complexType name="AttributeRequesterEntityAttributeExactMatch">
  26         <annotation>
  27             <documentation>
  28                 A match function that checks if the attribute requester contains an entity attribute with the
  29                 specified value.
  30             </documentation>
  31         </annotation>
  32         <complexContent>
  33             <extension base="saml:EntityAttributeExactMatchType"/>
  34         </complexContent>
  35     </complexType>
  36
  37     <complexType name="EntityAttributeExactMatchType" abstract="true">
  38         <complexContent>
  39             <extension base="afp:MatchFunctorType">
  40                 <attribute name="attributeName" type="string" use="required">
  41                     <annotation>
  42                         <documentation>The name of the entity attribute to match.</documentation>
  43                     </annotation>
  44                 </attribute>
  45                 <attribute name="attributeNameFormat" type="string" use="optional">
  46                     <annotation>
  47                         <documentation>The name format of the entity attribute to match.</documentation>
  48                     </annotation>
  49                 </attribute>
  50                 <attribute name="attributeValue" type="string" use="required">
  51                     <annotation>
  52                         <documentation>The value of the entity attribute to match.</documentation>
  53                     </annotation>
  54                 </attribute>
  55             </extension>
  56         </complexContent>
  57     </complexType>
  58
  59     <complexType name="AttributeIssuerEntityAttributeRegexMatch">
  60         <annotation>
  61             <documentation>
  62                 A match function that checks if the attribute issuer contains an entity attribute with a
  63                 value that matches the given regular expression.
  64             </documentation>
  65         </annotation>
  66         <complexContent>
  67             <extension base="saml:EntityAttributeRegexMatchType"/>
  68         </complexContent>
  69     </complexType>
  70
  71     <complexType name="AttributeRequesterEntityAttributeRegexMatch">
  72         <annotation>
  73             <documentation>
  74                 A match function that checks if the attribute requester contains an entity attribute with a
  75                 value that matches the given regular expression.
  76             </documentation>
  77         </annotation>
  78         <complexContent>
  79             <extension base="saml:EntityAttributeRegexMatchType"/>
  80         </complexContent>
  81     </complexType>
  82
  83     <complexType name="EntityAttributeRegexMatchType" abstract="true">
  84         <complexContent>
  85             <extension base="afp:MatchFunctorType">
  86                 <attribute name="attributeName" type="string" use="required">
  87                     <annotation>
  88                         <documentation>The name of the entity attribute to match.</documentation>
  89                     </annotation>
  90                 </attribute>
  91                 <attribute name="attributeNameFormat" type="string" use="optional">
  92                     <annotation>
  93                         <documentation>The name format of the entity attribute to match.</documentation>
  94                     </annotation>
  95                 </attribute>
  96                 <attribute name="attributeValueRegex" type="string" use="required">
  97                     <annotation>
  98                         <documentation>The regular expression that must match the value of the entity attribute to
  99                             match.</documentation>
 100                     </annotation>
 101                 </attribute>
 102             </extension>
 103         </complexContent>
 104     </complexType>
 105
 106     <complexType name="AttributeIssuerNameIDFormatExactMatch">
 107         <annotation>
 108             <documentation>
 109                 A match function that evaluates to true if the attribute issuer supports a specified
 110                 NameID format.
 111             </documentation>
 112         </annotation>
 113         <complexContent>
 114             <extension base="saml:NameIDFormatExactMatchType"/>
 115         </complexContent>
 116     </complexType>
 117
 118     <complexType name="AttributeRequesterNameIDFormatExactMatch">
 119         <annotation>
 120             <documentation>
 121                 A match function that evaluates to true if the attribute requester supports a specified
 122                 NameID format.
 123             </documentation>
 124         </annotation>
 125         <complexContent>
 126             <extension base="saml:NameIDFormatExactMatchType"/>
 127         </complexContent>
 128     </complexType>
 129
 130     <complexType name="NameIDFormatExactMatchType" abstract="true">
 131         <complexContent>
 132             <extension base="afp:MatchFunctorType">
 133                 <attribute name="nameIdFormat" type="string" use="required">
 134                     <annotation>
 135                         <documentation>The NameID format that needs to be supported by the entity.</documentation>
 136                     </annotation>
 137                 </attribute>
 138             </extension>
 139         </complexContent>
 140     </complexType>
 141
 142     <complexType name="AttributeRequesterInEntityGroup">
 143         <annotation>
 144             <documentation>
 145                 A match function that evaluates to true if the attribute requester is found in metadata and is a member
 146                 of the given entity group.
 147             </documentation>
 148         </annotation>
 149         <complexContent>
 150             <extension base="saml:EntityGroupMatchType" />
 151         </complexContent>
 152     </complexType>
 153
 154     <complexType name="AttributeIssuerInEntityGroup">
 155         <annotation>
 156             <documentation>
 157                 A match function that evaluates to true if the attribute issuer is found in metadata and is a member
 158                 of the given entity group.
 159             </documentation>
 160         </annotation>
 161         <complexContent>
 162             <extension base="saml:EntityGroupMatchType" />
 163         </complexContent>
 164     </complexType>
 165
 166     <complexType name="EntityGroupMatchType" abstract="true">
 167         <complexContent>
 168             <extension base="afp:MatchFunctorType">
 169                 <attribute name="groupID" type="string" use="required">
 170                     <annotation>
 171                         <documentation>The entity group ID that an entity must be in.</documentation>
 172                     </annotation>
 173                 </attribute>
 174             </extension>
 175         </complexContent>
 176     </complexType>
 177
 178     <complexType name="AttributeScopeMatchesShibMDScope">
 179         <annotation>
 180             <documentation>
 181                 A match function that ensures that an attribute value's scope matches a scope given in metadata for the entity or role.
 182             </documentation>
 183         </annotation>
 184         <complexContent>
 185             <extension base="afp:MatchFunctorType" />
 186         </complexContent>
 187     </complexType>
 188
 189     <complexType name="NameIDQualifierString">
 190         <annotation>
 191             <documentation>
 192                 A match function that ensures that a NameID-valued attribute's qualifier(s), if set, match particular values.
 193             </documentation>
 194         </annotation>
 195         <complexContent>
 196             <extension base="afp:MatchFunctorType">
 197                 <attribute name="attributeID" type="string">
 198                     <annotation>
 199                         <documentation>
 200                             The ID of the attribute whose qualifiers should be matched. If no attribute ID is specified the
 201                             ID of the containing attribute rule is assumed.
 202                         </documentation>
 203                     </annotation>
 204                 </attribute>
 205                 <attribute name="NameQualifier" type="string">
 206                     <annotation>
 207                         <documentation>
 208                             A value to require in the NameQualifier field, or if omitted, require that it match the issuing IdP's entityID.
 209                         </documentation>
 210                     </annotation>
 211                 </attribute>
 212                 <attribute name="SPNameQualifier" type="string">
 213                     <annotation>
 214                         <documentation>
 215                             A value to require in the SPNameQualifier field, or if omitted, require that it match the SP's entityID.
 216                         </documentation>
 217                     </annotation>
 218                 </attribute>
 219             </extension>
 220         </complexContent>
 221     </complexType>
 222
 223     <complexType name="AttributeIssuerEntityMatcher">
 224         <annotation>
 225             <documentation>
 226                 A match function that checks if the attribute issuer matches pluggable criteria.
 227             </documentation>
 228         </annotation>
 229         <complexContent>
 230             <extension base="saml:EntityMatcherType"/>
 231         </complexContent>
 232     </complexType>
 233
 234     <complexType name="AttributeRequesterEntityMatcher">
 235         <annotation>
 236             <documentation>
 237                 A match function that checks if the attribute requester matches pluggable criteria.
 238             </documentation>
 239         </annotation>
 240         <complexContent>
 241             <extension base="saml:EntityMatcherType"/>
 242         </complexContent>
 243     </complexType>
 244
 245     <complexType name="EntityMatcherType" abstract="true">
 246         <complexContent>
 247             <extension base="afp:MatchFunctorType">
 248                 <sequence>
 249                     <any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
 250                 </sequence>
 251                 <attribute name="matcher" type="string" use="required">
 252                     <annotation>
 253                         <documentation>
 254                             The type of plugin to apply as a matching mechanism.
 255                         </documentation>
 256                     </annotation>
 257                 </attribute>
 258                 <anyAttribute namespace="##any" processContents="lax"/>
 259             </extension>
 260         </complexContent>
 261     </complexType>
 262
 263 </schema>