diff options
Diffstat (limited to 'schema/shibboleth.xsd')
-rw-r--r-- | schema/shibboleth.xsd | 296 |
1 files changed, 0 insertions, 296 deletions
diff --git a/schema/shibboleth.xsd b/schema/shibboleth.xsd deleted file mode 100644 index 392fed45..00000000 --- a/schema/shibboleth.xsd +++ /dev/null @@ -1,296 +0,0 @@ -<?xml version="1.0" encoding="US-ASCII"?> -<schema targetNamespace="urn:mace:shibboleth:1.0" - xmlns="http://www.w3.org/2001/XMLSchema" - xmlns:ds="http://www.w3.org/2000/09/xmldsig#" - xmlns:xml="http://www.w3.org/XML/1998/namespace" - xmlns:shib="urn:mace:shibboleth:1.0" - xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" - elementFormDefault="qualified" - attributeFormDefault="unqualified" - version="1.2"> - - <import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd"/> - <import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="xml.xsd"/> - <import namespace="urn:oasis:names:tc:SAML:1.0:assertion" schemaLocation="cs-sstc-schema-assertion-1.1.xsd"/> - - <!-- Status-Related Information --> - - <!-- - The following SAML sub-status codes are defined in this namespace: - - "InvalidHandle" - Used with samlp:Requester, signals AA did not recognize handle as valid - --> - - <!-- - Relaxes SAML AttributeValue type definition. Xerces-C has a bug that prevents - anyAttribute content appearing on anyType. It works in 2.2 but not in later versions. - --> - - <complexType name="AttributeValueType" mixed="true"> - <annotation> - <documentation xml:lang="en"> - By convention, all Shibboleth 1.1 origin attribute values carry this unconstrained xsi:type. - </documentation> - </annotation> - <complexContent> - <extension base="anyType"/> - </complexContent> - </complexType> - - <!-- Attribute Acceptance Policies --> - - <simpleType name="AttributeRuleValueType"> - <restriction base="string"> - <enumeration value="literal"/> - <enumeration value="regexp"/> - <enumeration value="xpath"/> - </restriction> - </simpleType> - - <complexType name="SiteRuleType"> - <sequence> - <element name="Scope" minOccurs="0" maxOccurs="unbounded"> - <complexType> - <simpleContent> - <extension base="string"> - <attribute name="Accept" type="boolean" use="optional" default="true"/> - <attribute name="Type" type="shib:AttributeRuleValueType" use="optional" default="literal"/> - <anyAttribute namespace="##other" processContents="lax"/> - </extension> - </simpleContent> - </complexType> - </element> - <choice minOccurs="0"> - <element name="AnyValue"> - <complexType> - <sequence/> - <anyAttribute namespace="##other" processContents="lax"/> - </complexType> - </element> - <element name="Value" maxOccurs="unbounded"> - <complexType> - <simpleContent> - <extension base="string"> - <attribute name="Type" type="shib:AttributeRuleValueType" use="optional" default="literal"/> - <anyAttribute namespace="##other" processContents="lax"/> - </extension> - </simpleContent> - </complexType> - </element> - </choice> - </sequence> - </complexType> - - <element name="AnySite" type="shib:SiteRuleType"/> - <element name="SiteRule"> - <complexType> - <complexContent> - <extension base="shib:SiteRuleType"> - <attribute name="Name" type="string" use="required"/> - <anyAttribute namespace="##other" processContents="lax"/> - </extension> - </complexContent> - </complexType> - </element> - - <complexType name="AttributeRuleType"> - <sequence> - <element ref="shib:AnySite" minOccurs="0"/> - <element ref="shib:SiteRule" minOccurs="0" maxOccurs="unbounded"/> - </sequence> - <attribute name="Name" type="string" use="required"/> - <attribute name="Namespace" type="string" use="optional"/> - <attribute name="Factory" type="string" use="optional"/> - <attribute name="Alias" type="string" use="optional"/> - <attribute name="Header" type="string" use="optional"/> - <anyAttribute namespace="##other" processContents="lax"/> - </complexType> - - <element name="AttributeRule" type="shib:AttributeRuleType"> - <key name="SiteRuleKey"> - <selector xpath="./shib:SiteRule"/> - <field xpath="@Name"/> - </key> - </element> - - <element name="AttributeAcceptancePolicy"> - <complexType> - <sequence> - <element name="AnyAttribute" minOccurs="0"> - <complexType> - <sequence/> - </complexType> - </element> - <element ref="shib:AttributeRule" minOccurs="0" maxOccurs="unbounded"/> - </sequence> - <anyAttribute namespace="##other" processContents="lax"/> - </complexType> - </element> - - - <!-- Shibboleth Metadata --> - - <complexType name="SiteType"> - <annotation> - <documentation xml:lang="en">All sites have a Name attribute, plus optional i18n-ized aliases.</documentation> - </annotation> - <sequence> - <element name="Alias" minOccurs="0" maxOccurs="unbounded"> - <complexType> - <simpleContent> - <extension base="string"> - <attribute ref="xml:lang"/> - </extension> - </simpleContent> - </complexType> - </element> - <element name="Contact" type="shib:ContactType" minOccurs="0" maxOccurs="unbounded"/> - </sequence> - <attribute name="Name" type="string" use="required"/> - <attribute name="ErrorURL" type="anyURI" use="optional"/> - <anyAttribute namespace="##any" processContents="lax"/> - </complexType> - - <simpleType name="ContactTypeType"> - <restriction base="string"> - <enumeration value="technical"/> - <enumeration value="support"/> - <enumeration value="administrative"/> - <enumeration value="billing"/> - <enumeration value="other"/> - </restriction> - </simpleType> - - <complexType name="ContactType"> - <annotation><documentation xml:lang="en">A human contact for a site.</documentation></annotation> - <sequence/> - <attribute name="Type" type="shib:ContactTypeType" use="required"/> - <attribute name="Name" type="string" use="required"/> - <attribute name="Email" type="string" use="optional"/> - </complexType> - - <complexType name="regexp_string"> - <annotation> - <documentation xml:lang="en">A string element with an optional attribute signaling regexp content.</documentation> - </annotation> - <simpleContent> - <extension base="string"> - <attribute name="regexp" type="boolean" use="optional" default="false"/> - </extension> - </simpleContent> - </complexType> - - <complexType name="AuthorityType"> - <annotation> - <documentation xml:lang="en">Metadata about a SAML authority.</documentation> - </annotation> - <sequence/> - <attribute name="Name" type="string" use="required"/> - <attribute name="Location" type="anyURI" use="required"/> - <anyAttribute namespace="##any" processContents="lax"/> - </complexType> - - <complexType name="OriginSiteType"> - <annotation> - <documentation xml:lang="en"> - Origin sites add at least one handle service (with a name), plus optional domains trusted for attribute scoping. - </documentation> - </annotation> - <complexContent> - <extension base="shib:SiteType"> - <sequence> - <element name="HandleService" type="shib:AuthorityType" maxOccurs="unbounded"/> - <element name="AttributeAuthority" type="shib:AuthorityType" minOccurs="0" maxOccurs="unbounded"/> - <element name="Domain" type="shib:regexp_string" minOccurs="0" maxOccurs="unbounded"/> - </sequence> - </extension> - </complexContent> - </complexType> - - <complexType name="DestinationSiteType"> - <annotation> - <documentation xml:lang="en"> - Destination sites add at least one attribute requester (with a name). - </documentation> - </annotation> - <complexContent> - <extension base="shib:SiteType"> - <sequence> - <element name="AssertionConsumerServiceURL" maxOccurs="unbounded"> - <complexType> - <sequence/> - <attribute name="Location" type="string" use="required"/> - <attribute name="Id" type="string" use="optional"/> - <anyAttribute namespace="##any" processContents="lax"/> - </complexType> - </element> - <element name="AttributeRequester" maxOccurs="unbounded"> - <complexType> - <sequence/> - <attribute name="Name" type="string" use="required"/> - <anyAttribute namespace="##any" processContents="lax"/> - </complexType> - </element> - </sequence> - </extension> - </complexContent> - </complexType> - - <complexType name="SiteGroupType"> - <annotation> - <documentation xml:lang="en">Used to logically group sites together, optionally signed.</documentation> - </annotation> - <sequence> - <choice maxOccurs="unbounded"> - <element ref="shib:OriginSite"/> - <element ref="shib:DestinationSite"/> - <element ref="shib:SiteGroup"/> - </choice> - <element ref="ds:Signature" minOccurs="0"/> - </sequence> - <attribute name="Name" type="string" use="required"/> - <attribute name="lastChanged" type="dateTime" use="optional"/> - <attribute name="validUntil" type="dateTime" use="optional"/> - <attribute name="cacheDuration" type="duration" use="optional"/> - <anyAttribute namespace="##any" processContents="lax"/> - </complexType> - - <element name="OriginSite" type="shib:OriginSiteType"/> - <element name="DestinationSite" type="shib:DestinationSiteType"/> - <element name="SiteGroup" type="shib:SiteGroupType"/> - - - <!-- Old (pre 1.2) Trust Metadata --> - - <complexType name="KeyAuthorityType"> - <annotation> - <documentation xml:lang="en"> - Binds a set of keying material to one or more named system entities. - </documentation> - </annotation> - <sequence> - <element ref="ds:KeyInfo"/> - <element name="Subject" type="shib:regexp_string" minOccurs="0" maxOccurs="unbounded"/> - </sequence> - <anyAttribute namespace="##any" processContents="lax"/> - </complexType> - <element name="KeyAuthority" type="shib:KeyAuthorityType"/> - - <element name="Trust"> - <annotation> - <documentation xml:lang="en">An optionally signed collection of KeyAuthority data.</documentation> - </annotation> - <complexType> - <sequence> - <element ref="shib:KeyAuthority" maxOccurs="unbounded"/> - <element ref="ds:Signature" minOccurs="0"/> - </sequence> - <attribute name="lastChanged" type="dateTime" use="optional"/> - <attribute name="validUntil" type="dateTime" use="optional"/> - <attribute name="cacheDuration" type="duration" use="optional"/> - <anyAttribute namespace="##any" processContents="lax"/> - </complexType> - </element> - -</schema> |