[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: FW: Invalid XSDs in SAML 2.0 profile of XACML
-----Original Message----- From: Rüdiger Gartmann [mailto:ruediger.gartmann@uni-muenster.de] Sent: Wednesday, August 29, 2007 12:33 PM To: Hal Lockhart Subject: Invalid XSDs in SAML 2.0 profile of XACML Hal, I hope you are the right person to address, at least you may know the right person... Trying to implement the SAML 2.0 profile of XACML v2.0 (see http://docs.oasis-open.org/xacml/2.0/access_control-xacml-2.0-saml-profile-spec-os.pdf) we found out that the XSDs which are provided on the OASIS web site (http://docs.oasis-open.org/xacml/2.0/access_control-xacml-2.0-saml-assertion-schema-os.xsd and http://docs.oasis-open.org/xacml/2.0/access_control-xacml-2.0-saml-protocol-schema-os.xsd) are invalid. They include a couple of typos, missing namespace declarations, etc. I attached two revised versions to this mail which validate correctly. I am wondering if nobody had the same problems, especially since this standard was released in 2005 (and the drafts had been out even earlier, including the same errors). Maybe you can send me some feedback if I did anything wrong or what the reason for these errors is. Best regards, Rüdiger P.S.: I am using XMLSpy 2007... -- Dipl.-Wirt.Inform. Rüdiger Gartmann Institut für Geoinformatik Westfälische Wilhelms-Universität Münster Robert-Koch-Str. 26-28 D-48149 Münster, Germany *************************************************** **** Vorübergehend neue Telefon- und Faxnummer **** ** ** ** Tel: +49 251 / 7474 - 301 ** ** Fax: +49 251 / 7474 - 100 ** ** ** ****** Temporarily new phone and fax numbers ****** *************************************************** E-Mail: ruediger.gartmann@uni-muenster.de http://ifgi.uni-muenster.de DFN-Wurzelzertifikat / DFN-Root-Certificate: https://pki.pca.dfn.de/wwu-ca/pub/cacert/rootcert.crt
<?xml version="1.0" encoding="UTF-8"?> <schema xmlns="http://www.w3.org/2001/XMLSchema" xmlns:xacmlsaml="urn:oasis:xacml:2.0:saml:assertion:schema:os" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:xacml-context="urn:oasis:names:tc:xacml:2.0:context:schema:os" xmlns:xacml="urn:oasis:names:tc:xacml:2.0:policy:schema:os" targetNamespace="urn:oasis:xacml:2.0:saml:assertion:schema:os" elementFormDefault="unqualified" attributeFormDefault="unqualified" blockDefault="substitution" version="2.0"> <import namespace="urn:oasis:names:tc:SAML:2.0:assertion" schemaLocation="http://docs.oasis-open.org/security/saml/v2.0/saml-schema-assertion-2.0.xsd"/> <import namespace="urn:oasis:names:tc:SAML:2.0:protocol" schemaLocation="http://docs.oasis-open.org/security/saml/v2.0/saml-schema-protocol-2.0.xsd"/> <import namespace="urn:oasis:names:tc:xacml:2.0:context:schema:os" schemaLocation="http://docs.oasis-open.org/xacml/access_control-xacml-2.0-context-schema-os.xsd"/> <import namespace="urn:oasis:names:tc:xacml:2.0:policy:schema:os" schemaLocation="http://docs.oasis-open.org/xacml/access_control-xacml-2.0-policy-schema-os.xsd"/> <annotation> <documentation> Document identifier: access_control-xacml-2.0-saml-assertion-schema-cd-02.xsd Location: http://docs.oasis-open.org/xacml/2.0/access_control-xacml-2.0-saml-assertion-schema-cd-os.xsd </documentation> </annotation> <!-- --> <element name="XACMLAuthzDecisionStatement" type="xacmlsaml:XACMLAuthzDecisionStatementType"/> <complexType name="XACMLAuthzDecisionStatementType"> <complexContent> <extension base="saml:StatementAbstractType"> <sequence> <element ref="xacml-context:Response"/> <element ref="xacml-context:Request" minOccurs="0"/> </sequence> </extension> </complexContent> </complexType> <!-- --> <element name="XACMLPolicyStatement" type="xacmlsaml:XACMLPolicyStatementType"/> <complexType name="XACMLPolicyStatementType"> <complexContent> <extension base="saml:StatementAbstractType"> <choice minOccurs="0" maxOccurs="unbounded"> <element ref="xacml:Policy"/> <element ref="xacml:PolicySet"/> </choice> </extension> </complexContent> </complexType> </schema>
<?xml version="1.0" encoding="UTF-8"?> <schema targetNamespace="urn:oasis:xacml:2.0:saml:protocol:schema:os" xmlns:xacmlsamlp="urn:oasis:xacml:2.0:saml:protocol:schema:os" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns="http://www.w3.org/2001/XMLSchema" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:xacml-context="urn:oasis:names:tc:xacml:2.0:context:schema:os" xmlns:xacml="urn:oasis:names:tc:xacml:2.0:policy:schema:os" elementFormDefault="unqualified" attributeFormDefault="unqualified" blockDefault="substitution" version="2.0"> <xs:import namespace="urn:oasis:names:tc:SAML:2.0:assertion" schemaLocation="http://docs.oasis-open.org/security/saml/v2.0/saml-schema-assertion-2.0.xsd"/> <xs:import namespace="urn:oasis:names:tc:SAML:2.0:protocol" schemaLocation="http://docs.oasis-open.org/security/saml/v2.0/saml-schema-protocol-2.0.xsd"/> <xs:import namespace="urn:oasis:names:tc:xacml:2.0:context:schema:os" schemaLocation="http://docs.oasis-open.org/xacml/access_control-xacml-2.0-context-schema-os.xsd"/> <xs:import namespace="urn:oasis:names:tc:xacml:2.0:policy:schema:os" schemaLocation="http://docs.oasis-open.org/xacml/access_control-xacml-2.0-policy-schema-os.xsd"/> <xs:annotation> <xs:documentation> Document identifier: access_control-xacml-2.0-saml-protocol-schema-os.xsd Location: http://docs.oasis-open.org/xacml/2.0/access_control-xacml-2.0-saml-protocol-schema-os.xsd </xs:documentation> </xs:annotation> <!-- --> <xs:element name="XACMLAuthzDecisionQuery" type="xacmlsamlp:XACMLAuthzDecisionQueryType"/> <xs:complexType name="XACMLAuthzDecisionQueryType"> <xs:complexContent> <xs:extension base="samlp:RequestAbstractType"> <xs:sequence> <xs:element ref="xacml-context:Request"/> </xs:sequence> <xs:attribute name="InputContextOnly" type="boolean" use="optional" default="false"/> <xs:attribute name="ReturnContext" type="boolean" use="optional" default="false"/> </xs:extension> </xs:complexContent> </xs:complexType> <!-- --> <xs:element name="XACMLPolicyQuery" type="xacmlsamlp:XACMLPolicyQueryType"/> <xs:complexType name="XACMLPolicyQueryType"> <xs:complexContent> <xs:extension base="samlp:RequestAbstractType"> <xs:choice minOccurs="0" maxOccurs="unbounded"> <xs:element ref="xacml-context:Request"/> <xs:element ref="xacml:Target"/> <xs:element ref="xacml:PolicySetIdReference"/> <xs:element ref="xacml:PolicyIdReference"/> </xs:choice> </xs:extension> </xs:complexContent> </xs:complexType> </schema>
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]