0N/A<?
xml version="1.0" encoding="UTF-8"?>
0N/A DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 0N/A Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved 2362N/A The contents of this file are subject to the terms 0N/A of the Common Development and Distribution License 2362N/A (the License). You may not use this file except in 0N/A compliance with the License. 0N/A You can obtain a copy of the License at 0N/A See the License for the specific language governing 0N/A permission and limitations under the License. 0N/A When distributing Covered Code, include this CDDL 0N/A Header Notice in each file and include the License file 2362N/A If applicable, add the following below the CDDL Header, 2362N/A with the fields enclosed by brackets [] replaced by 2362N/A your own identifying information: 0N/A "Portions Copyrighted [year] [name of copyright owner]" 0N/A<
xs:
schema targetNamespace="urn:liberty:iff:2003-08" 0N/A xmlns="urn:liberty:iff:2003-08" 0N/A xmlns:
ac="urn:liberty:ac:2003-08" xmlns:
md="urn:liberty:metadata:2003-08" xmlns:
saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:
samlp="urn:oasis:names:tc:SAML:1.0:protocol" elementFormDefault="qualified" attributeFormDefault="unqualified">
<
xs:
import namespace="urn:oasis:names:tc:SAML:1.0:assertion" <
xs:
import namespace="urn:oasis:names:tc:SAML:1.0:protocol"The source code in this XSD file was excerpted verbatim from:
Liberty ID-FF Protocols & Schema Specification
Copyright (c) 2003 Liberty Alliance participants, see
<
xs:
element name="ProviderID" type="md:entityIDType"/>
<
xs:
element name="AffiliationID" type="md:entityIDType"/>
<
xs:
element name="AuthnRequest" type="AuthnRequestType"/>
<
xs:
complexType name="AuthnRequestType">
<
xs:
extension base="samlp:RequestAbstractType">
<
xs:
element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
<
xs:
element ref="ProviderID"/>
<
xs:
element ref="AffiliationID" minOccurs="0"/>
<
xs:
element ref="NameIDPolicy" minOccurs="0"/>
<
xs:
element name="ForceAuthn" type="xs:boolean" minOccurs="0"/>
<
xs:
element name="IsPassive" type="xs:boolean" minOccurs="0"/>
<
xs:
element ref="ProtocolProfile" minOccurs="0"/>
<
xs:
element name="AssertionConsumerServiceID" type="xs:string" minOccurs="0"/>
<
xs:
element ref="RequestAuthnContext" minOccurs="0"/>
<
xs:
element ref="RelayState" minOccurs="0"/>
<
xs:
element ref="Scoping" minOccurs="0"/>
<
xs:
attribute ref="consent" use="optional"/>
<
xs:
simpleType name="NameIDPolicyType">
<
xs:
restriction base="xs:string">
<
xs:
enumeration value="none"/>
<
xs:
enumeration value="onetime"/>
<
xs:
enumeration value="federated"/>
<
xs:
enumeration value="any"/>
<
xs:
element name="NameIDPolicy" type="NameIDPolicyType"/>
<
xs:
simpleType name="AuthnContextComparisonType">
<
xs:
restriction base="xs:string">
<
xs:
enumeration value="exact"/>
<
xs:
enumeration value="minimum"/>
<
xs:
enumeration value="better"/>
<
xs:
complexType name="ScopingType">
<
xs:
element name="ProxyCount" type="xs:nonNegativeInteger" minOccurs="0"/>
<
xs:
element ref="IDPList" minOccurs="0"/>
<
xs:
element name="Scoping" type="ScopingType"/>
<
xs:
element name="RelayState" type="xs:string"/>
<
xs:
element name="ProtocolProfile" type="xs:anyURI"/>
<
xs:
element name="RequestAuthnContext">
<
xs:
element name="AuthnContextClassRef" type="xs:anyURI" maxOccurs="unbounded"/>
<
xs:
element name="AuthnContextStatementRef" type="xs:anyURI" maxOccurs="unbounded"/>
<
xs:
element name="AuthnContextComparison" type="AuthnContextComparisonType" minOccurs="0"/>
<
xs:
element name="AuthnResponse" type="AuthnResponseType"/>
<
xs:
complexType name="AuthnResponseType">
<
xs:
extension base="samlp:ResponseType">
<
xs:
element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
<
xs:
element ref="ProviderID"/>
<
xs:
element ref="RelayState" minOccurs="0"/>
<
xs:
attribute ref="consent" use="optional"/>
<
xs:
element name="Assertion" type="AssertionType"/>
<
xs:
complexType name="AssertionType">
<
xs:
extension base="saml:AssertionType">
<
xs:
attribute name="InResponseTo" type="xs:NCName" use="optional"/>
<
xs:
complexType name="SubjectType">
<
xs:
extension base="saml:SubjectType">
<
xs:
element ref="IDPProvidedNameIdentifier"/>
<
xs:
element name="Subject" type="SubjectType" substitutionGroup="saml:Subject"/>
<
xs:
element name="EncryptableNameIdentifier" type="EncryptableNameIdentifierType" substitutionGroup="saml:NameIdentifier"/>
<
xs:
complexType name="EncryptableNameIdentifierType">
<
xs:
extension base="saml:NameIdentifierType">
<
xs:
attribute name="IssueInstant" type="xs:dateTime"/>
<
xs:
attribute name="Nonce" type="xs:string"/>
<
xs:
element name="EncryptedNameIdentifier" type="EncryptedNameIdentifierType"/>
<
xs:
complexType name="EncryptedNameIdentifierType">
<
xs:
element ref="xenc:EncryptedData"/>
<
xs:
element ref="xenc:EncryptedKey" minOccurs="0"/>
<
xs:
element name="AuthenticationStatement" type="AuthenticationStatementType" substitutionGroup="saml:Statement"/>
<
xs:
complexType name="AuthenticationStatementType">
<
xs:
extension base="saml:AuthenticationStatementType">
<
xs:
element ref="AuthnContext" minOccurs="0"/>
<
xs:
attribute name="ReauthenticateOnOrAfter" type="xs:dateTime" use="optional"/>
<
xs:
attribute name="SessionIndex" type="xs:string" use="optional"/>
<
xs:
element name="AuthnContext">
<
xs:
element name="AuthnContextClassRef" type="xs:anyURI" minOccurs="0"/>
<
xs:
element ref="ac:AuthenticationContextStatement"/>
<
xs:
element name="AuthnContextStatementRef" type="xs:anyURI"/>
<
xs:
element name="AuthnRequestEnvelope" type="AuthnRequestEnvelopeType"/>
<
xs:
complexType name="AuthnRequestEnvelopeType">
<
xs:
extension base="RequestEnvelopeType">
<
xs:
element ref="AuthnRequest"/>
<
xs:
element ref="ProviderID"/>
<
xs:
element name="ProviderName" type="xs:string" minOccurs="0"/>
<
xs:
element name="AssertionConsumerServiceURL" type="xs:anyURI"/>
<
xs:
element ref="IDPList" minOccurs="0"/>
<
xs:
element name="IsPassive" type="xs:boolean" minOccurs="0"/>
<
xs:
complexType name="RequestEnvelopeType">
<
xs:
element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
<
xs:
element name="IDPList" type="IDPListType"/>
<
xs:
complexType name="IDPListType">
<
xs:
element ref="IDPEntries"/>
<
xs:
element ref="GetComplete" minOccurs="0"/>
<
xs:
element name="IDPEntry">
<
xs:
element ref="ProviderID"/>
<
xs:
element name="ProviderName" type="xs:string" minOccurs="0"/>
<
xs:
element name="Loc" type="xs:anyURI"/>
<
xs:
element name="IDPEntries">
<
xs:
element ref="IDPEntry" maxOccurs="unbounded"/>
<
xs:
element name="GetComplete" type="xs:anyURI"/>
<
xs:
element name="AuthnResponseEnvelope" type="AuthnResponseEnvelopeType"/>
<
xs:
complexType name="AuthnResponseEnvelopeType">
<
xs:
extension base="ResponseEnvelopeType">
<
xs:
element ref="AuthnResponse"/>
<
xs:
element name="AssertionConsumerServiceURL" type="xs:anyURI"/>
<
xs:
complexType name="ResponseEnvelopeType">
<
xs:
element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
<
xs:
element name="RegisterNameIdentifierRequest" type="RegisterNameIdentifierRequestType"/>
<
xs:
complexType name="RegisterNameIdentifierRequestType">
<
xs:
extension base="samlp:RequestAbstractType">
<
xs:
element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
<
xs:
element ref="ProviderID"/>
<
xs:
element ref="IDPProvidedNameIdentifier"/>
<
xs:
element ref="SPProvidedNameIdentifier"/>
<
xs:
element ref="OldProvidedNameIdentifier"/>
<
xs:
element ref="RelayState" minOccurs="0"/>
<
xs:
element name="IDPProvidedNameIdentifier" type="saml:NameIdentifierType"/>
<
xs:
element name="SPProvidedNameIdentifier" type="saml:NameIdentifierType"/>
<
xs:
element name="OldProvidedNameIdentifier" type="saml:NameIdentifierType"/>
<
xs:
element name="RegisterNameIdentifierResponse" type="StatusResponseType"/>
<
xs:
complexType name="StatusResponseType">
<
xs:
extension base="samlp:ResponseAbstractType">
<
xs:
element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
<
xs:
element ref="ProviderID"/>
<
xs:
element ref="samlp:Status"/>
<
xs:
element ref="RelayState" minOccurs="0"/>
<
xs:
element name="FederationTerminationNotification" type="FederationTerminationNotificationType"/>
<
xs:
complexType name="FederationTerminationNotificationType">
<
xs:
extension base="samlp:RequestAbstractType">
<
xs:
element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
<
xs:
element ref="ProviderID"/>
<
xs:
element ref="saml:NameIdentifier"/>
<
xs:
attribute ref="consent" use="optional"/>
<
xs:
element name="LogoutRequest" type="LogoutRequestType"/>
<
xs:
complexType name="LogoutRequestType">
<
xs:
extension base="samlp:RequestAbstractType">
<
xs:
element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
<
xs:
element ref="ProviderID"/>
<
xs:
element ref="saml:NameIdentifier"/>
<
xs:
element name="SessionIndex" type="xs:string" minOccurs="0"/>
<
xs:
element ref="RelayState" minOccurs="0"/>
<
xs:
attribute ref="consent" use="optional"/>
<
xs:
element name="LogoutResponse" type="StatusResponseType"/>
<
xs:
element name="NameIdentifierMappingRequest" type="NameIdentifierMappingRequestType"/>
<
xs:
complexType name="NameIdentifierMappingRequestType">
<
xs:
extension base="samlp:RequestAbstractType">
<
xs:
element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
<
xs:
element ref="ProviderID"/>
<
xs:
element ref="saml:NameIdentifier"/>
<
xs:
element name="TargetNamespace" type="md:entityIDType"/>
<
xs:
attribute ref="consent" use="optional"/>
<
xs:
element name="NameIdentifierMappingResponse" type="NameIdentifierMappingResponseType"/>
<
xs:
complexType name="NameIdentifierMappingResponseType">
<
xs:
extension base="samlp:ResponseAbstractType">
<
xs:
element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
<
xs:
element ref="ProviderID"/>
<
xs:
element ref="samlp:Status"/>
<
xs:
element ref="saml:NameIdentifier" minOccurs="0"/>