main/xsd/lib-arch-security-fmwk.xsd

2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk<?xml version="1.0" encoding="UTF-8"?>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk<!--
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk   DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk   Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk   The contents of this file are subject to the terms
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk   of the Common Development and Distribution License
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk   (the License). You may not use this file except in
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk   compliance with the License.
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk   You can obtain a copy of the License at
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk   https://opensso.dev.java.net/public/CDDLv1.0.html or
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk   opensso/legal/CDDLv1.0.txt
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk   See the License for the specific language governing
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk   permission and limitations under the License.
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk   When distributing Covered Code, include this CDDL
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk   Header Notice in each file and include the License file
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk   at opensso/legal/CDDLv1.0.txt.
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk   If applicable, add the following below the CDDL Header,
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk   with the fields enclosed by brackets [] replaced by
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk   your own identifying information:
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk   "Portions Copyrighted [year] [name of copyright owner]"
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk   $Id: lib-arch-security-fmwk.xsd,v 1.2 2008/06/25 05:48:41 qcheng Exp $
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk-->
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk<xs:schema targetNamespace="urn:liberty:sec:2003-08"
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk           xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk           xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk           xmlns:ac="urn:liberty:ac:2003-08"
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk           xmlns:lib="urn:liberty:iff:2003-08"
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk           xmlns:disco="urn:liberty:disco:2003-08"
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk           xmlns:md="urn:liberty:metadata:2003-08"
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk           xmlns:xs="http://www.w3.org/2001/XMLSchema"
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk           xmlns:sec="urn:liberty:sec:2003-08"
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk           xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk           elementFormDefault="qualified"
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk           attributeFormDefault="unqualified">
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk    <xs:import namespace="urn:oasis:names:tc:SAML:1.0:assertion"
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk               schemaLocation="cs-sstc-schema-assertion-01.xsd"/>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk    <xs:import namespace="urn:liberty:iff:2003-08"
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk               schemaLocation="lib-arch-protocols-schema.xsd"/>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk    <xs:import namespace="urn:liberty:disco:2003-08"
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk               schemaLocation="lib-arch-disco-svc.xsd"/>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk    <xs:import namespace="urn:liberty:ac:2003-08"
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk               schemaLocation="lib-arch-authentication-context.xsd"/>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk    <xs:import namespace="urn:liberty:metadata:2003-08"
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk               schemaLocation="lib-arch-metadata.xsd"/>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk    <xs:import namespace="http://www.w3.org/2001/04/xmlenc#"
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk               schemaLocation="xenc-schema.xsd"/>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk    <xs:import namespace="http://www.w3.org/2000/09/xmldsig#"
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk               schemaLocation="xmldsig-core-schema.xsd"/>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk    <xs:annotation>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk        <xs:documentation>Liberty ID-WSF Security Mechanisms Specification XSD</xs:documentation>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk        <xs:documentation>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenkThe source code in this XSD file was excerpted verbatim from:
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenkLiberty ID-WSF Security Mechanisms Specification
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenkVersion 1.0
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk12th November 2003
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenkCopyright (c) 2003 Liberty Alliance participants, see
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenkhttp://www.projectliberty.org/specs/idwsf_copyrights.html
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk        </xs:documentation>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk    </xs:annotation>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk    <xs:element name="MessageAuthentication" type="xs:QName"/>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk    <xs:element name="RequesterAuthorization" type="xs:QName"/>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk    <xs:element name="ValidityRestrictionCondition" type="sec:ValidityRestrictionConditionType"/>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk    <xs:complexType name="ValidityRestrictionConditionType">
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk        <xs:complexContent>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk            <xs:extension base="saml:ConditionAbstractType">
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk              <xs:sequence>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk                 <xs:element name="NumberOfUses" type="xs:integer"/>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk              </xs:sequence>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk            </xs:extension>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk        </xs:complexContent>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk    </xs:complexType>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk    <xs:element name="ProxySubject" substitutionGroup="saml:Subject"
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk                type="saml:SubjectType"/>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk    <xs:annotation>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk        <xs:documentation>ProxyTransitedStatement is a
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk        SubjectStatement which MAY carry specific subject confirmation
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk        data </xs:documentation>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk    </xs:annotation>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk    <xs:element name="ProxyTransitedStatement"
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk        type="saml:SubjectStatementAbstractType"/>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk    <xs:annotation>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk        <xs:documentation>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk          ProxyInfoConfirmationData may be relied upon to
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk          corroborate the path information carried in a
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk          ProxyTransitedStatement
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk    </xs:documentation>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk    </xs:annotation>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk    <xs:element name="ProxyInfoConfirmationData"
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk                type="sec:ProxyInfoConfirmationType"/>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk    <xs:complexType name="ProxyInfoConfirmationType">
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk      <xs:sequence>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk        <xs:element ref="saml:AssertionIDReference"/>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk        <xs:element name="Issuer" type="xs:string"/>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk        <xs:element name="IssueInstant" type="xs:dateTime"/>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk        <xs:element ref="ds:Signature" minOccurs="0" maxOccurs="1"/>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk      </xs:sequence>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk      <xs:attribute name="id" type="xs:ID"/>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk   </xs:complexType>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk    <xs:element name="SessionContext" type="sec:SessionContextType"/>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk    <xs:complexType name="SessionContextType">
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk        <xs:sequence>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk            <xs:element name="SessionSubject" type="lib:SubjectType"/>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk            <xs:element name="ProviderID" type="md:entityIDType"/>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk            <xs:element ref="lib:AuthnContext" minOccurs="0" maxOccurs="1"/>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk            <!-- The system entity for which this context applies
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk         is privacy protect by the SessionSubject -->
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk        </xs:sequence>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk        <xs:attribute name="AuthenticationInstant" type="xs:dateTime" use="required"/>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk        <xs:attribute name="AssertionIssueInstant" type="xs:dateTime" use="required"/>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk    </xs:complexType>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk    <xs:element name="SessionContextStatement"
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk                type="sec:SessionContextStatementType"
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk                substitutionGroup="saml:SubjectStatement"/>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk    <xs:complexType name="SessionContextStatementType">
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk        <xs:complexContent>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk            <xs:extension base="saml:SubjectStatementAbstractType">
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk                <xs:sequence>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk                    <!-- This is the name of the proxy and it SHOULD carry
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk                         SubjectConfirmation information to authorize the
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk                         ProxySubject to act on behalf of the
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk                         Subject inherited from
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk                         SubjectStatementAbstractType -->
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk                    <xs:element name="ProxySubject"
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk                                type="saml:SubjectType"  minOccurs="0"/>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk                    <xs:element ref="sec:SessionContext"/>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk                </xs:sequence>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk            </xs:extension>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk        </xs:complexContent>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk    </xs:complexType>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk    <xs:element name="ResourceAccessStatement"
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk        type="sec:ResourceAccessStatementType"
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk        substitutionGroup="saml:SubjectStatement"/>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk    <xs:complexType name="ResourceAccessStatementType">
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk        <xs:complexContent>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk            <xs:extension base="saml:SubjectStatementAbstractType">
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk                <xs:sequence>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk                    <xs:group ref="disco:ResourceIDGroup"/>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk                    <xs:sequence minOccurs="0">
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk                    <!-- This is the name of the proxy and it SHOULD carry
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk                         SubjectConfirmation information to authorize the
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk                         ProxySubject to act on behalf of the
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk                         Subject inherited from
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk                         SubjectStatementAbstractType -->
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk                        <xs:element name="ProxySubject" type="saml:SubjectType"/>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk                        <xs:element ref="sec:SessionContext" minOccurs="0"/>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk                    </xs:sequence>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk                </xs:sequence>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk            </xs:extension>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk        </xs:complexContent>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk    </xs:complexType>
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk
2a9ee4116a7df31d9482821f64c837315c8e2aa0jeff.schenk</xs:schema>