diff options
Diffstat (limited to 'eaaf_core/src/main/resources/schemas/saml-schema-protocol-2.0.xsd')
-rw-r--r-- | eaaf_core/src/main/resources/schemas/saml-schema-protocol-2.0.xsd | 306 |
1 files changed, 306 insertions, 0 deletions
diff --git a/eaaf_core/src/main/resources/schemas/saml-schema-protocol-2.0.xsd b/eaaf_core/src/main/resources/schemas/saml-schema-protocol-2.0.xsd new file mode 100644 index 00000000..b7d14e3e --- /dev/null +++ b/eaaf_core/src/main/resources/schemas/saml-schema-protocol-2.0.xsd @@ -0,0 +1,306 @@ +<?xml version="1.0" encoding="UTF-8"?> +<schema + targetNamespace="urn:oasis:names:tc:SAML:2.0:protocol" + xmlns="http://www.w3.org/2001/XMLSchema" + xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" + xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" + xmlns:ds="http://www.w3.org/2000/09/xmldsig#" + elementFormDefault="unqualified" + attributeFormDefault="unqualified" + blockDefault="substitution" + version="2.0"> + <import namespace="urn:oasis:names:tc:SAML:2.0:assertion" + schemaLocation="saml-schema-assertion-2.0.xsd"/> + <!-- + <import namespace="http://www.w3.org/2000/09/xmldsig#" + schemaLocation="http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd"/> + --> + <import namespace="http://www.w3.org/2000/09/xmldsig#" + schemaLocation="xmldsig-core-schema.xsd"/> + <annotation> + <documentation> + Document identifier: saml-schema-protocol-2.0 + Location: http://docs.oasis-open.org/security/saml/v2.0/ + Revision history: + V1.0 (November, 2002): + Initial Standard Schema. + V1.1 (September, 2003): + Updates within the same V1.0 namespace. + V2.0 (March, 2005): + New protocol schema based in a SAML V2.0 namespace. + </documentation> + </annotation> + <complexType name="RequestAbstractType" abstract="true"> + <sequence> + <element ref="saml:Issuer" minOccurs="0"/> + <element ref="ds:Signature" minOccurs="0"/> + <element ref="samlp:Extensions" minOccurs="0"/> + </sequence> + <attribute name="ID" type="ID" use="required"/> + <attribute name="Version" type="string" use="required"/> + <attribute name="IssueInstant" type="dateTime" use="required"/> + <attribute name="Destination" type="anyURI" use="optional"/> + <attribute name="Consent" type="anyURI" use="optional"/> + </complexType> + <element name="Extensions" type="samlp:ExtensionsType"/> + <complexType name="ExtensionsType"> + <sequence> + <any namespace="##other" processContents="lax" maxOccurs="unbounded"/> + </sequence> + </complexType> + <complexType name="StatusResponseType"> + <sequence> + <element ref="saml:Issuer" minOccurs="0"/> + <element ref="ds:Signature" minOccurs="0"/> + <element ref="samlp:Extensions" minOccurs="0"/> + <element ref="samlp:Status"/> + </sequence> + <attribute name="ID" type="ID" use="required"/> + <attribute name="InResponseTo" type="NCName" use="optional"/> + <attribute name="Version" type="string" use="required"/> + <attribute name="IssueInstant" type="dateTime" use="required"/> + <attribute name="Destination" type="anyURI" use="optional"/> + <attribute name="Consent" type="anyURI" use="optional"/> + </complexType> + <element name="Status" type="samlp:StatusType"/> + <complexType name="StatusType"> + <sequence> + <element ref="samlp:StatusCode"/> + <element ref="samlp:StatusMessage" minOccurs="0"/> + <element ref="samlp:StatusDetail" minOccurs="0"/> + </sequence> + </complexType> + <element name="StatusCode" type="samlp:StatusCodeType"/> + <complexType name="StatusCodeType"> + <sequence> + <element ref="samlp:StatusCode" minOccurs="0"/> + </sequence> + <attribute name="Value" type="anyURI" use="required"/> + </complexType> + <element name="StatusMessage" type="string"/> + <element name="StatusDetail" type="samlp:StatusDetailType"/> + <complexType name="StatusDetailType"> + <sequence> + <any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/> + </sequence> + </complexType> + <element name="AssertionIDRequest" type="samlp:AssertionIDRequestType"/> + <complexType name="AssertionIDRequestType"> + <complexContent> + <extension base="samlp:RequestAbstractType"> + <sequence> + <element ref="saml:AssertionIDRef" maxOccurs="unbounded"/> + </sequence> + </extension> + </complexContent> + </complexType> + <element name="SubjectQuery" type="samlp:SubjectQueryAbstractType"/> + <complexType name="SubjectQueryAbstractType" abstract="true"> + <complexContent> + <extension base="samlp:RequestAbstractType"> + <sequence> + <element ref="saml:Subject"/> + </sequence> + </extension> + </complexContent> + </complexType> + <element name="AuthnQuery" type="samlp:AuthnQueryType"/> + <complexType name="AuthnQueryType"> + <complexContent> + <extension base="samlp:SubjectQueryAbstractType"> + <sequence> + <element ref="samlp:RequestedAuthnContext" minOccurs="0"/> + </sequence> + <attribute name="SessionIndex" type="string" use="optional"/> + </extension> + </complexContent> + </complexType> + <element name="RequestedAuthnContext" type="samlp:RequestedAuthnContextType"/> + <complexType name="RequestedAuthnContextType"> + <choice> + <element ref="saml:AuthnContextClassRef" maxOccurs="unbounded"/> + <element ref="saml:AuthnContextDeclRef" maxOccurs="unbounded"/> + </choice> + <attribute name="Comparison" type="samlp:AuthnContextComparisonType" use="optional"/> + </complexType> + <simpleType name="AuthnContextComparisonType"> + <restriction base="string"> + <enumeration value="exact"/> + <enumeration value="minimum"/> + <enumeration value="maximum"/> + <enumeration value="better"/> + </restriction> + </simpleType> + <element name="AttributeQuery" type="samlp:AttributeQueryType"/> + <complexType name="AttributeQueryType"> + <complexContent> + <extension base="samlp:SubjectQueryAbstractType"> + <sequence> + <element ref="saml:Attribute" minOccurs="0" maxOccurs="unbounded"/> + </sequence> + </extension> + </complexContent> + </complexType> + <element name="AuthzDecisionQuery" type="samlp:AuthzDecisionQueryType"/> + <complexType name="AuthzDecisionQueryType"> + <complexContent> + <extension base="samlp:SubjectQueryAbstractType"> + <sequence> + <element ref="saml:Action" maxOccurs="unbounded"/> + <element ref="saml:Evidence" minOccurs="0"/> + </sequence> + <attribute name="Resource" type="anyURI" use="required"/> + </extension> + </complexContent> + </complexType> + <element name="AuthnRequest" type="samlp:AuthnRequestType"/> + <complexType name="AuthnRequestType"> + <complexContent> + <extension base="samlp:RequestAbstractType"> + <sequence> + <element ref="saml:Subject" minOccurs="0"/> + <element ref="samlp:NameIDPolicy" minOccurs="0"/> + <element ref="saml:Conditions" minOccurs="0"/> + <element ref="samlp:RequestedAuthnContext" minOccurs="0"/> + <element ref="samlp:Scoping" minOccurs="0"/> + </sequence> + <attribute name="ForceAuthn" type="boolean" use="optional"/> + <attribute name="IsPassive" type="boolean" use="optional"/> + <attribute name="ProtocolBinding" type="anyURI" use="optional"/> + <attribute name="AssertionConsumerServiceIndex" type="unsignedShort" use="optional"/> + <attribute name="AssertionConsumerServiceURL" type="anyURI" use="optional"/> + <attribute name="AttributeConsumingServiceIndex" type="unsignedShort" use="optional"/> + <attribute name="ProviderName" type="string" use="optional"/> + </extension> + </complexContent> + </complexType> + <element name="NameIDPolicy" type="samlp:NameIDPolicyType"/> + <complexType name="NameIDPolicyType"> + <attribute name="Format" type="anyURI" use="optional"/> + <attribute name="SPNameQualifier" type="string" use="optional"/> + <attribute name="AllowCreate" type="boolean" use="optional"/> + </complexType> + <element name="Scoping" type="samlp:ScopingType"/> + <complexType name="ScopingType"> + <sequence> + <element ref="samlp:IDPList" minOccurs="0"/> + <element ref="samlp:RequesterID" minOccurs="0" maxOccurs="unbounded"/> + </sequence> + <attribute name="ProxyCount" type="nonNegativeInteger" use="optional"/> + </complexType> + <element name="RequesterID" type="anyURI"/> + <element name="IDPList" type="samlp:IDPListType"/> + <complexType name="IDPListType"> + <sequence> + <element ref="samlp:IDPEntry" maxOccurs="unbounded"/> + <element ref="samlp:GetComplete" minOccurs="0"/> + </sequence> + </complexType> + <element name="IDPEntry" type="samlp:IDPEntryType"/> + <complexType name="IDPEntryType"> + <attribute name="ProviderID" type="anyURI" use="required"/> + <attribute name="Name" type="string" use="optional"/> + <attribute name="Loc" type="anyURI" use="optional"/> + </complexType> + <element name="GetComplete" type="anyURI"/> + <element name="Response" type="samlp:ResponseType"/> + <complexType name="ResponseType"> + <complexContent> + <extension base="samlp:StatusResponseType"> + <choice minOccurs="0" maxOccurs="unbounded"> + <element ref="saml:Assertion"/> + <element ref="saml:EncryptedAssertion"/> + </choice> + </extension> + </complexContent> + </complexType> + <element name="ArtifactResolve" type="samlp:ArtifactResolveType"/> + <complexType name="ArtifactResolveType"> + <complexContent> + <extension base="samlp:RequestAbstractType"> + <sequence> + <element ref="samlp:Artifact"/> + </sequence> + </extension> + </complexContent> + </complexType> + <element name="Artifact" type="string"/> + <element name="ArtifactResponse" type="samlp:ArtifactResponseType"/> + <complexType name="ArtifactResponseType"> + <complexContent> + <extension base="samlp:StatusResponseType"> + <sequence> + <any namespace="##any" processContents="lax" minOccurs="0"/> + </sequence> + </extension> + </complexContent> + </complexType> + <element name="ManageNameIDRequest" type="samlp:ManageNameIDRequestType"/> + <complexType name="ManageNameIDRequestType"> + <complexContent> + <extension base="samlp:RequestAbstractType"> + <sequence> + <choice> + <element ref="saml:NameID"/> + <element ref="saml:EncryptedID"/> + </choice> + <choice> + <element ref="samlp:NewID"/> + <element ref="samlp:NewEncryptedID"/> + <element ref="samlp:Terminate"/> + </choice> + </sequence> + </extension> + </complexContent> + </complexType> + <element name="NewID" type="string"/> + <element name="NewEncryptedID" type="saml:EncryptedElementType"/> + <element name="Terminate" type="samlp:TerminateType"/> + <complexType name="TerminateType"/> + <element name="ManageNameIDResponse" type="samlp:StatusResponseType"/> + <element name="LogoutRequest" type="samlp:LogoutRequestType"/> + <complexType name="LogoutRequestType"> + <complexContent> + <extension base="samlp:RequestAbstractType"> + <sequence> + <choice> + <element ref="saml:BaseID"/> + <element ref="saml:NameID"/> + <element ref="saml:EncryptedID"/> + </choice> + <element ref="samlp:SessionIndex" minOccurs="0" maxOccurs="unbounded"/> + </sequence> + <attribute name="Reason" type="string" use="optional"/> + <attribute name="NotOnOrAfter" type="dateTime" use="optional"/> + </extension> + </complexContent> + </complexType> + <element name="SessionIndex" type="string"/> + <element name="LogoutResponse" type="samlp:StatusResponseType"/> + <element name="NameIDMappingRequest" type="samlp:NameIDMappingRequestType"/> + <complexType name="NameIDMappingRequestType"> + <complexContent> + <extension base="samlp:RequestAbstractType"> + <sequence> + <choice> + <element ref="saml:BaseID"/> + <element ref="saml:NameID"/> + <element ref="saml:EncryptedID"/> + </choice> + <element ref="samlp:NameIDPolicy"/> + </sequence> + </extension> + </complexContent> + </complexType> + <element name="NameIDMappingResponse" type="samlp:NameIDMappingResponseType"/> + <complexType name="NameIDMappingResponseType"> + <complexContent> + <extension base="samlp:StatusResponseType"> + <choice> + <element ref="saml:NameID"/> + <element ref="saml:EncryptedID"/> + </choice> + </extension> + </complexContent> + </complexType> +</schema> |