File: shibboleth-2.0-afp.xsd

package info (click to toggle)
shibboleth-sp2 2.0.dfsg1-4%2Blenny2
  • links: PTS, VCS
  • area: main
  • in suites: lenny
  • size: 4,292 kB
  • ctags: 2,823
  • sloc: cpp: 23,999; sh: 8,480; makefile: 640; xml: 329; ansic: 34
file content (187 lines) | stat: -rw-r--r-- 8,496 bytes parent folder | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
<?xml version="1.0" encoding="UTF-8"?>

<schema targetNamespace="urn:mace:shibboleth:2.0:afp"
    xmlns="http://www.w3.org/2001/XMLSchema"
    xmlns:afp="urn:mace:shibboleth:2.0:afp"
    xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
    elementFormDefault="qualified">

    <import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="classpath:/schema/xmldsig-core-schema.xsd" />

    <annotation>
        <documentation>Schema for the attribute filter policies.</documentation>
    </annotation>

    <element name="AttributeFilterPolicyGroup" type="afp:AttributeFilterPolicyGroupType">
        <annotation>
            <documentation>
                Root element of the attribute filter policy. Represents a named group of filter policies.
            </documentation>
        </annotation>
    </element>
    <complexType name="AttributeFilterPolicyGroupType">
        <complexContent>
            <extension base="afp:IdentityType">
                <sequence>
                    <element ref="afp:PolicyRequirementRule" minOccurs="0" maxOccurs="unbounded">
                        <annotation>
                            <documentation>
                                Defines a set of applications requirements that may be reused across multiple filter
                                policies.
                            </documentation>
                        </annotation>
                    </element>
                    <element ref="afp:PermitValueRule" minOccurs="0" maxOccurs="unbounded">
                        <annotation>
                            <documentation>
                                Defines an attribute value filter that may be reused across multiple attribute rules.
                            </documentation>
                        </annotation>
                    </element>
                    <element ref="afp:AttributeRule" minOccurs="0" maxOccurs="unbounded">
                        <annotation>
                            <documentation>
                                Defines an attribute rule that may be reused across multiple filter policies.
                            </documentation>
                        </annotation>
                    </element>
                    <element ref="afp:AttributeFilterPolicy" minOccurs="0" maxOccurs="unbounded">
                        <annotation>
                            <documentation>
                                A policy that defines the set of attribute value filters that will be applied if its
                                application requirements are met.
                            </documentation>
                        </annotation>
                    </element>
                    <element ref="ds:Signature" minOccurs="0">
                        <annotation>
                            <documentation>
                                Digital signature for the policy. Policies that are fetched from an external source,
                                such as a federation site, should be signed.
                            </documentation>
                        </annotation>
                    </element>
                </sequence>
            </extension>
        </complexContent>
    </complexType>

    <element name="AttributeFilterPolicy" type="afp:AttributeFilterPolicyType">
        <annotation>
            <documentation>
                A policy that defines a set of attribute value filters rules that should be used if given requirements
                are met.
            </documentation>
        </annotation>
    </element>
    <complexType name="AttributeFilterPolicyType">
        <complexContent>
            <extension base="afp:IdentityType">
                <sequence>
                    <choice>
                        <element ref="afp:PolicyRequirementRule">
                            <annotation>
                                <documentation>
                                    A requirement that if met signals that this filter policy should be used.
                                </documentation>
                            </annotation>
                        </element>
                        <element name="PolicyRequirementRuleReference" type="afp:ReferenceType">
                            <annotation>
                                <documentation>
                                    Rerfence to a PolicyRequirement defined within this policy group or another.
                                </documentation>
                            </annotation>
                        </element>
                    </choice>
                    <choice minOccurs="0" maxOccurs="unbounded">
                        <element ref="afp:AttributeRule">
                            <annotation>
                                <documentation>
                                    A rule that describes how values of an attribute will be filtered.
                                </documentation>
                            </annotation>
                        </element>
                        <element name="AttributeRuleReference" type="afp:ReferenceType">
                            <annotation>
                                <documentation>
                                    Rerfence to a AttribtueRule defined within this policy group or another.
                                </documentation>
                            </annotation>
                        </element>
                    </choice>
                </sequence>
            </extension>
        </complexContent>
    </complexType>

    <element name="AttributeRule" type="afp:AttributeRuleType">
        <annotation>
            <documentation>A rule that describes how values of an attribute will be filtered.</documentation>
        </annotation>
    </element>
    <complexType name="AttributeRuleType">
        <complexContent>
            <extension base="afp:IdentityType">
                <choice>
                    <element ref="afp:PermitValueRule">
                        <annotation>
                            <documentation>
                                A filter for attribute values. If the filter evaluates to true the value is permitted,
                                otherwise it is filtered out.
                            </documentation>
                        </annotation>
                    </element>
                    <element name="PermitValueRuleReference" type="afp:ReferenceType">
                        <annotation>
                            <documentation>
                                Rerfence to a PermitValueRule defined within this policy group or another.
                            </documentation>
                        </annotation>
                    </element>
                </choice>
                <attribute name="attributeID" type="string" use="required">
                    <annotation>
                        <documentation>The ID of the attribute to which this rule applies.</documentation>
                    </annotation>
                </attribute>
            </extension>
        </complexContent>
    </complexType>

    <element name="PolicyRequirementRule" type="afp:MatchFunctorType">
        <annotation>
            <documentation>A requirement that if met signals that a filter policy should be used.</documentation>
        </annotation>
    </element>
    <element name="PermitValueRule" type="afp:MatchFunctorType">
        <annotation>
            <documentation>
                A filter for attribtue values. If the filter evaluates to true the value is permitted, otherwise it is
                filtered out.
            </documentation>
        </annotation>
    </element>
    <complexType name="MatchFunctorType" abstract="true">
        <complexContent>
            <extension base="afp:IdentityType" />
        </complexContent>
    </complexType>

    <complexType name="IdentityType">
        <attribute name="id" type="string">
            <annotation>
                <documentation>An ID, unique within the policy and component type.</documentation>
            </annotation>
        </attribute>
    </complexType>

    <complexType name="ReferenceType">
        <attribute name="ref" type="string">
            <annotation>
                <documentation>Used to reference a globally defined policy component.</documentation>
            </annotation>
        </attribute>
    </complexType>

</schema>