axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Fátima Milla Olaya <fatima.milla-ol...@evidian.com>
Subject Re: Problem with the imports in the WSDL
Date Fri, 30 Nov 2007 13:57:33 GMT
Anne Thomas Manes a écrit :
> Some comments on Jeff's recommendations...
>
> On Nov 29, 2007 10:14 AM, Walker, Jeff <Jeff.Walker@fmr.com> wrote:
>   
>> Hi Fatima,
>> I don't know the exact answer, but I have a few recommendations.
>>
>> 1. Try reducing the wsdl down to importing just one schema, and get that to work
before attempting all of the others.
>>     
>
> Always a smart idea.
>
>   
>> 2. Some of the schema files have a '1' at the end of their file extension, such as
*.xsd1 instead of *.xsd. This may be a problem, not sure.
>>     
>
> Those were the namespace URIs, not the file names. They shouldn't be a problem.
>
>   
>> 3. You use the notation namespace="urn:oasis:names:tc:SAML:2.0:protocol" for namespaces.
Can you edit the schema files you import to use the more familiar http format, such as namespace="http://oasis.names.tc.SAML2.0.protocol"
? I know the other notation is theoretically allowed, but many tools actually look up the
schema using the http protocol, so the xx:xx:xx notation may not resolve.
>>     
>
> Not a problem. Besides, given that you're using a standard, you must
> maintain the standard's namespace URIs. Any tool that uses a namespace
> URI in place of the URL specified in the schemaLocation attribute is
> broken.
>
>   
>> 4. The schemaLocation attribute ends up having a whitespace in it, where you assign
to it "C:\Documents and
>> Settings\Fatima\Bureau\svn\xacmlpolicytransfer\saml-schema-protocol-2.0.xsd". Again,
this may or may not be a problem but should probably be edited to remove the whitespace. (That
would mean moving the scjema file from the Documents and Settings folder, of course).
>>     
>
> This is almost certainly your problem.
>
>   
>> 5. Your defined prefix xmlns:tns points to an actual wsdl file? i.e. xmlns:tns="http://policytransfer.authorization.security.evidian.com/xacmlpolicytransfer.wsdl"
>> This seems strange to me as well. Normally, I think it would be just a unique namespace.
(This may also not be a problem since its still possible to regard this string as a unique
name).
>>
>>     
>
> Not a problem. That's the same URI as the targetNamespace.
>
>   
>> 6. What is name="xacmlpolicytransfer"  ??
>>     
>
> That's the name of the WSDL. (an optional attribute in the
> <wsdl:definitions> element)
>
> Anne
>
>   
>> -jeff
>>
>>
>>
>> -----Original Message-----
>> From: Fátima Milla Olaya [mailto:fatima.milla-olaya@evidian.com]
>> Sent: Thursday, November 29, 2007 6:15 AM
>> To: axis-user@ws.apache.org
>> Subject: Problem with the imports in the WSDL
>>
>> Hi, I want to import the schemas to my wsdl:
>> <?xml version="1.0" encoding="UTF-8"?>
>> <wsdl:definitions xmlns:import1="urn:oasis:names:tc:SAML:2.0:protocol"
>> xmlns:import2="urn:oasis:names:tc:xacml:2.0:profile:saml2.0:v2:schema:protocol"
>> xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"
>> xmlns:tns="http://policytransfer.authorization.security.evidian.com/xacmlpolicytransfer.wsdl"
>> xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"
>> xmlns:xsd="http://www.w3.org/2001/XMLSchema"
>> xmlns:xsd1="http://policytransfer.authorization.security.evidian.com/xacmlpolicytransfer.xsd1"
>> name="xacmlpolicytransfer"
>> targetNamespace="http://policytransfer.authorization.security.evidian.com/xacmlpolicytransfer.wsdl">
>>     <wsdl:documentation
>> xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/">Created using Cape Clear
>> Studio SOA Editor - http://www.capeclear.com</wsdl:documentation>
>>     <wsdl:types>
>>         <xsd:schema
>> targetNamespace="http://policytransfer.authorization.security.evidian.com/xacmlpolicytransfer.xsd1"
>> xmlns:SOAP-ENC="http://schemas.xmlsoap.org/soap/encoding/"
>> xmlns:xsd="http://www.w3.org/2001/XMLSchema"
>> xmlns:xsd1="http://policytransfer.authorization.security.evidian.com/xacmlpolicytransfer.xsd1">
>>             <xsd:import namespace="urn:oasis:names:tc:SAML:2.0:protocol"
>> schemaLocation="C:\Documents and
>> Settings\Fatima\Bureau\svn\xacmlpolicytransfer\saml-schema-protocol-2.0.xsd"/>
>>             <xsd:import
>> namespace="urn:oasis:names:tc:xacml:2.0:profile:saml2.0:v2:schema:protocol"
>> schemaLocation="C:\Documents and
>> Settings\Fatima\Bureau\svn\xacmlpolicytransfer\xacml-2.0-profile-saml2.0-v2-schema-protocol-wd-5.xsd"/>
>>         </xsd:schema>
>>     </wsdl:types>
>>     <wsdl:message name="Request">
>>         <wsdl:part name="policyquery" element="import2:XACMLPolicyQuery"/>
>>     </wsdl:message>
>>     <wsdl:message name="Response">
>>         <wsdl:part name="policystatement" element="import1:Response"/>
>>     </wsdl:message>
>>     <wsdl:portType name="xacmlpolicytransferPortType">
>>         <wsdl:operation name="transfer">
>>             <wsdl:input message="tns:Request"/>
>>             <wsdl:output message="tns:Response"/>
>>         </wsdl:operation>
>>     </wsdl:portType>
>>     <wsdl:binding name="xacmlpolicytransferBinding"
>> type="tns:xacmlpolicytransferPortType">
>>         <soap:binding style="document"
>> transport="http://schemas.xmlsoap.org/soap/http"/>
>>         <wsdl:operation name="transfer">
>>             <soap:operation
>> soapAction="capeconnect:xacmlpolicytransfer:xacmlpolicytransferPortType#transfer"/>
>>             <wsdl:input>
>>                 <soap:body parts="policyquery" use="literal"/>
>>             </wsdl:input>
>>             <wsdl:output>
>>                 <soap:body parts="policystatement" use="literal"/>
>>             </wsdl:output>
>>         </wsdl:operation>
>>     </wsdl:binding>
>>     <wsdl:service name="xacmlpolicytransfer">
>>         <wsdl:port name="xacmlpolicytransferPort"
>> binding="tns:xacmlpolicytransferBinding">
>>             <soap:address
>> location="http://localhost:8080/axis2/services/xacmlpolicytransfer"/>
>>         </wsdl:port>
>>     </wsdl:service>
>> </wsdl:definitions>
>>
>>  and I get this:
>>
>>
>> Warning : 1003 : WSDLException: faultCode=PARSER_ERROR: failed parsing
>> schemas into object model - failed loading import in schema
>> http://policytransfer.authorization.security.evidian.com/xacmlpolicytransfer.xsd1
>> for namespace=urn:oasis:names:tc:SAML:2.0:protocol,
>> schemaLocation=C:\Documents and
>> Settings\Fatima\Bureau\svn\xacmlpolicytransfer\saml-schema-protocol-2.0.xsd:
>> failed loading import in schema
>> http://policytransfer.authorization.security.evidian.com/xacmlpolicytransfer.xsd1
>> for namespace=urn:oasis:names:tc:SAML:2.0:protocol,
>> schemaLocation=C:\Documents and
>> Settings\Fatima\Bureau\svn\xacmlpolicytransfer\saml-schema-protocol-2.0.xsd
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
>> For additional commands, e-mail: axis-user-help@ws.apache.org
>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
>> For additional commands, e-mail: axis-user-help@ws.apache.org
>>
>>
>>     
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-user-help@ws.apache.org
>
>
>   
Hi, I can import the access_control-xacml-2.0-policy-schema-os.xsd with 
or without whitespaces but I get the same problem with the 
saml-schema-protocol-2.0.xsd I send to you the wsdl and the two schemas. 
thanks for the answers.

*wsdl*

<?xml version="1.0" encoding="UTF-8"?>
<wsdl:definitions xmlns:import1="urn:oasis:names:tc:SAML:2.0:protocol" 
xmlns:import2="urn:oasis:names:tc:xacml:2.0:policy:schema:os" 
xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" 
xmlns:tns="http://evidian.com/security/authorization/xacmlpolicytransfer.wsdl" 
xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" 
xmlns:xsd="http://www.w3.org/2001/XMLSchema" 
xmlns:xsd1="http://evidian.com/security/authorization/xacmlpolicytransfer.xsd1" 
name="xacmlpolicytransfer" 
targetNamespace="http://evidian.com/security/authorization/xacmlpolicytransfer.wsdl">
    <wsdl:documentation 
xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/">Created using Cape Clear 
Studio SOA Editor - http://www.capeclear.com</wsdl:documentation>
    <wsdl:types>
        <xsd:schema 
targetNamespace="http://evidian.com/security/authorization/xacmlpolicytransfer.xsd1" 
xmlns:SOAP-ENC="http://schemas.xmlsoap.org/soap/encoding/" 
xmlns:xsd="http://www.w3.org/2001/XMLSchema" 
xmlns:xsd1="http://evidian.com/security/authorization/xacmlpolicytransfer.xsd1">
            <xsd:import namespace="urn:oasis:names:tc:SAML:2.0:protocol" 
schemaLocation="C:\xacmlpolicytransfer\saml-schema-protocol-2.0.xsd"/>
            <xsd:import 
namespace="urn:oasis:names:tc:xacml:2.0:policy:schema:os" 
schemaLocation="C:\xacmlpolicytransfer\access_control-xacml-2.0-policy-schema-os.xsd"/>
        </xsd:schema>
    </wsdl:types>
    <wsdl:message name="Response">
        <wsdl:part name="response" element="import1:Response"/>
    </wsdl:message>
    <wsdl:message name="Request">
        <wsdl:part name="policy" element="import2:PolicyIdReference"/>
    </wsdl:message>
    <wsdl:portType name="xacmlpolicytransferPortType">
        <wsdl:operation name="transfer">
            <wsdl:input message="tns:Request"/>
            <wsdl:output message="tns:Response"/>
        </wsdl:operation>
    </wsdl:portType>
    <wsdl:binding name="xacmlpolicytransferBinding" 
type="tns:xacmlpolicytransferPortType">
        <soap:binding style="document" 
transport="http://schemas.xmlsoap.org/soap/http"/>
        <wsdl:operation name="transfer">
            <soap:operation 
soapAction="capeconnect:xacmlpolicytransfer:xacmlpolicytransferPortType#transfer" 
style="document"/>
            <wsdl:input>
                <soap:body parts="policy" use="literal"/>
            </wsdl:input>
            <wsdl:output>
                <soap:body parts="response" use="literal"/>
            </wsdl:output>
        </wsdl:operation>
    </wsdl:binding>
    <wsdl:service name="xacmlpolicytransfer">
        <wsdl:port name="xacmlpolicytransferPort" 
binding="tns:xacmlpolicytransferBinding">
            <soap:address 
location="http://localhost:8000/ccx/xacmlpolicytransfer"/>
        </wsdl:port>
    </wsdl:service>
</wsdl:definitions>


*saml-schema-protocol-2.0.xsd*

<?xml version="1.0" encoding="UTF-8"?>
<schema xmlns="http://www.w3.org/2001/XMLSchema" 
xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" 
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" 
xmlns:ds="http://www.w3.org/2000/09/xmldsig#" 
targetNamespace="urn:oasis:names:tc:SAML:2.0:protocol" 
elementFormDefault="unqualified" attributeFormDefault="unqualified" 
blockDefault="substitution" version="2.0">
    <import namespace="urn:oasis:names:tc:SAML:2.0:assertion" 
schemaLocation="saml-schema-assertion-2.0.xsd"/>
    <import namespace="http://www.w3.org/2000/09/xmldsig#" 
schemaLocation="xmldsig-core-schema.xsd"/>
    <annotation>
        <documentation>
            Document identifier: saml-schema-protocol-2.0
            Location: http://docs.oasis-open.org/security/saml/v2.0/
            Revision history:
            V1.0 (November, 2002):
              Initial Standard Schema.
            V1.1 (September, 2003):
              Updates within the same V1.0 namespace.
            V2.0 (March, 2005):
              New protocol schema based in a SAML V2.0 namespace.
     </documentation>
    </annotation>
    <complexType name="RequestAbstractType" abstract="true">
        <sequence>
            <element ref="saml:Issuer" minOccurs="0"/>
            <element ref="ds:Signature" minOccurs="0"/>
            <element ref="samlp:Extensions" minOccurs="0"/>
        </sequence>
        <attribute name="ID" type="ID" use="required"/>
        <attribute name="Version" type="string" use="required"/>
        <attribute name="IssueInstant" type="dateTime" use="required"/>
        <attribute name="Destination" type="anyURI" use="optional"/>
        <attribute name="Consent" type="anyURI" use="optional"/>
    </complexType>
    <element name="Extensions" type="samlp:ExtensionsType"/>
    <complexType name="ExtensionsType">
        <sequence>
            <any namespace="##other" processContents="lax" 
maxOccurs="unbounded"/>
        </sequence>
    </complexType>
    <complexType name="StatusResponseType">
        <sequence>
            <element ref="saml:Issuer" minOccurs="0"/>
            <element ref="ds:Signature" minOccurs="0"/>
            <element ref="samlp:Extensions" minOccurs="0"/>
            <element ref="samlp:Status"/>
        </sequence>
        <attribute name="ID" type="ID" use="required"/>
        <attribute name="InResponseTo" type="NCName" use="optional"/>
        <attribute name="Version" type="string" use="required"/>
        <attribute name="IssueInstant" type="dateTime" use="required"/>
        <attribute name="Destination" type="anyURI" use="optional"/>
        <attribute name="Consent" type="anyURI" use="optional"/>
    </complexType>
    <element name="Status" type="samlp:StatusType"/>
    <complexType name="StatusType">
        <sequence>
            <element ref="samlp:StatusCode"/>
            <element ref="samlp:StatusMessage" minOccurs="0"/>
            <element ref="samlp:StatusDetail" minOccurs="0"/>
        </sequence>
    </complexType>
    <element name="StatusCode" type="samlp:StatusCodeType"/>
    <complexType name="StatusCodeType">
        <sequence>
            <element ref="samlp:StatusCode" minOccurs="0"/>
        </sequence>
        <attribute name="Value" type="anyURI" use="required"/>
    </complexType>
    <element name="StatusMessage" type="string"/>
    <element name="StatusDetail" type="samlp:StatusDetailType"/>
    <complexType name="StatusDetailType">
        <sequence>
            <any namespace="##any" processContents="lax" minOccurs="0" 
maxOccurs="unbounded"/>
        </sequence>
    </complexType>
    <element name="AssertionIDRequest" type="samlp:AssertionIDRequestType"/>
    <complexType name="AssertionIDRequestType">
        <complexContent>
            <extension base="samlp:RequestAbstractType">
                <sequence>
                    <element ref="saml:AssertionIDRef" 
maxOccurs="unbounded"/>
                </sequence>
            </extension>
        </complexContent>
    </complexType>
    <element name="SubjectQuery" type="samlp:SubjectQueryAbstractType"/>
    <complexType name="SubjectQueryAbstractType" abstract="true">
        <complexContent>
            <extension base="samlp:RequestAbstractType">
                <sequence>
                    <element ref="saml:Subject"/>
                </sequence>
            </extension>
        </complexContent>
    </complexType>
    <element name="AuthnQuery" type="samlp:AuthnQueryType"/>
    <complexType name="AuthnQueryType">
        <complexContent>
            <extension base="samlp:SubjectQueryAbstractType">
                <sequence>
                    <element ref="samlp:RequestedAuthnContext" 
minOccurs="0"/>
                </sequence>
                <attribute name="SessionIndex" type="string" 
use="optional"/>
            </extension>
        </complexContent>
    </complexType>
    <element name="RequestedAuthnContext" 
type="samlp:RequestedAuthnContextType"/>
    <complexType name="RequestedAuthnContextType">
        <choice>
            <element ref="saml:AuthnContextClassRef" maxOccurs="unbounded"/>
            <element ref="saml:AuthnContextDeclRef" maxOccurs="unbounded"/>
        </choice>
        <attribute name="Comparison" 
type="samlp:AuthnContextComparisonType" use="optional"/>
    </complexType>
    <simpleType name="AuthnContextComparisonType">
        <restriction base="string">
            <enumeration value="exact"/>
            <enumeration value="minimum"/>
            <enumeration value="maximum"/>
            <enumeration value="better"/>
        </restriction>
    </simpleType>
    <element name="AttributeQuery" type="samlp:AttributeQueryType"/>
    <complexType name="AttributeQueryType">
        <complexContent>
            <extension base="samlp:SubjectQueryAbstractType">
                <sequence>
                    <element ref="saml:Attribute" minOccurs="0" 
maxOccurs="unbounded"/>
                </sequence>
            </extension>
        </complexContent>
    </complexType>
    <element name="AuthzDecisionQuery" type="samlp:AuthzDecisionQueryType"/>
    <complexType name="AuthzDecisionQueryType">
        <complexContent>
            <extension base="samlp:SubjectQueryAbstractType">
                <sequence>
                    <element ref="saml:Action" maxOccurs="unbounded"/>
                    <element ref="saml:Evidence" minOccurs="0"/>
                </sequence>
                <attribute name="Resource" type="anyURI" use="required"/>
            </extension>
        </complexContent>
    </complexType>
    <element name="AuthnRequest" type="samlp:AuthnRequestType"/>
    <complexType name="AuthnRequestType">
        <complexContent>
            <extension base="samlp:RequestAbstractType">
                <sequence>
                    <element ref="saml:Subject" minOccurs="0"/>
                    <element ref="samlp:NameIDPolicy" minOccurs="0"/>
                    <element ref="saml:Conditions" minOccurs="0"/>
                    <element ref="samlp:RequestedAuthnContext" 
minOccurs="0"/>
                    <element ref="samlp:Scoping" minOccurs="0"/>
                </sequence>
                <attribute name="ForceAuthn" type="boolean" use="optional"/>
                <attribute name="IsPassive" type="boolean" use="optional"/>
                <attribute name="ProtocolBinding" type="anyURI" 
use="optional"/>
                <attribute name="AssertionConsumerServiceIndex" 
type="unsignedShort" use="optional"/>
                <attribute name="AssertionConsumerServiceURL" 
type="anyURI" use="optional"/>
                <attribute name="AttributeConsumingServiceIndex" 
type="unsignedShort" use="optional"/>
                <attribute name="ProviderName" type="string" 
use="optional"/>
            </extension>
        </complexContent>
    </complexType>
    <element name="NameIDPolicy" type="samlp:NameIDPolicyType"/>
    <complexType name="NameIDPolicyType">
        <attribute name="Format" type="anyURI" use="optional"/>
        <attribute name="SPNameQualifier" type="string" use="optional"/>
        <attribute name="AllowCreate" type="boolean" use="optional"/>
    </complexType>
    <element name="Scoping" type="samlp:ScopingType"/>
    <complexType name="ScopingType">
        <sequence>
            <element ref="samlp:IDPList" minOccurs="0"/>
            <element ref="samlp:RequesterID" minOccurs="0" 
maxOccurs="unbounded"/>
        </sequence>
        <attribute name="ProxyCount" type="nonNegativeInteger" 
use="optional"/>
    </complexType>
    <element name="RequesterID" type="anyURI"/>
    <element name="IDPList" type="samlp:IDPListType"/>
    <complexType name="IDPListType">
        <sequence>
            <element ref="samlp:IDPEntry" maxOccurs="unbounded"/>
            <element ref="samlp:GetComplete" minOccurs="0"/>
        </sequence>
    </complexType>
    <element name="IDPEntry" type="samlp:IDPEntryType"/>
    <complexType name="IDPEntryType">
        <attribute name="ProviderID" type="anyURI" use="required"/>
        <attribute name="Name" type="string" use="optional"/>
        <attribute name="Loc" type="anyURI" use="optional"/>
    </complexType>
    <element name="GetComplete" type="anyURI"/>
    <element name="Response" type="samlp:ResponseType"/>
    <complexType name="ResponseType">
        <complexContent>
            <extension base="samlp:StatusResponseType">
                <choice minOccurs="0" maxOccurs="unbounded">
                    <element ref="saml:Assertion"/>
                    <element ref="saml:EncryptedAssertion"/>
                </choice>
            </extension>
        </complexContent>
    </complexType>
    <element name="ArtifactResolve" type="samlp:ArtifactResolveType"/>
    <complexType name="ArtifactResolveType">
        <complexContent>
            <extension base="samlp:RequestAbstractType">
                <sequence>
                    <element ref="samlp:Artifact"/>
                </sequence>
            </extension>
        </complexContent>
    </complexType>
    <element name="Artifact" type="string"/>
    <element name="ArtifactResponse" type="samlp:ArtifactResponseType"/>
    <complexType name="ArtifactResponseType">
        <complexContent>
            <extension base="samlp:StatusResponseType">
                <sequence>
                    <any namespace="##any" processContents="lax" 
minOccurs="0"/>
                </sequence>
            </extension>
        </complexContent>
    </complexType>
    <element name="ManageNameIDRequest" 
type="samlp:ManageNameIDRequestType"/>
    <complexType name="ManageNameIDRequestType">
        <complexContent>
            <extension base="samlp:RequestAbstractType">
                <sequence>
                    <choice>
                        <element ref="saml:NameID"/>
                        <element ref="saml:EncryptedID"/>
                    </choice>
                    <choice>
                        <element ref="samlp:NewID"/>
                        <element ref="samlp:NewEncryptedID"/>
                        <element ref="samlp:Terminate"/>
                    </choice>
                </sequence>
            </extension>
        </complexContent>
    </complexType>
    <element name="NewID" type="string"/>
    <element name="NewEncryptedID" type="saml:EncryptedElementType"/>
    <element name="Terminate" type="samlp:TerminateType"/>
    <complexType name="TerminateType"/>
    <element name="ManageNameIDResponse" type="samlp:StatusResponseType"/>
    <element name="LogoutRequest" type="samlp:LogoutRequestType"/>
    <complexType name="LogoutRequestType">
        <complexContent>
            <extension base="samlp:RequestAbstractType">
                <sequence>
                    <choice>
                        <element ref="saml:BaseID"/>
                        <element ref="saml:NameID"/>
                        <element ref="saml:EncryptedID"/>
                    </choice>
                    <element ref="samlp:SessionIndex" minOccurs="0" 
maxOccurs="unbounded"/>
                </sequence>
                <attribute name="Reason" type="string" use="optional"/>
                <attribute name="NotOnOrAfter" type="dateTime" 
use="optional"/>
            </extension>
        </complexContent>
    </complexType>
    <element name="SessionIndex" type="string"/>
    <element name="LogoutResponse" type="samlp:StatusResponseType"/>
    <element name="NameIDMappingRequest" 
type="samlp:NameIDMappingRequestType"/>
    <complexType name="NameIDMappingRequestType">
        <complexContent>
            <extension base="samlp:RequestAbstractType">
                <sequence>
                    <choice>
                        <element ref="saml:BaseID"/>
                        <element ref="saml:NameID"/>
                        <element ref="saml:EncryptedID"/>
                    </choice>
                    <element ref="samlp:NameIDPolicy"/>
                </sequence>
            </extension>
        </complexContent>
    </complexType>
    <element name="NameIDMappingResponse" 
type="samlp:NameIDMappingResponseType"/>
    <complexType name="NameIDMappingResponseType">
        <complexContent>
            <extension base="samlp:StatusResponseType">
                <choice>
                    <element ref="saml:NameID"/>
                    <element ref="saml:EncryptedID"/>
                </choice>
            </extension>
        </complexContent>
    </complexType>
</schema>

*access_control-xacml-2.0-policy-schema-os.xsd*

<?xml version="1.0" encoding="UTF-8"?>
<xs:schema xmlns:xacml="urn:oasis:names:tc:xacml:2.0:policy:schema:os" 
xmlns:xs="http://www.w3.org/2001/XMLSchema" 
targetNamespace="urn:oasis:names:tc:xacml:2.0:policy:schema:os" 
elementFormDefault="qualified" attributeFormDefault="unqualified">
    <!-- -->
    <xs:element name="PolicySet" type="xacml:PolicySetType"/>
    <xs:complexType name="PolicySetType">
        <xs:sequence>
            <xs:element ref="xacml:Description" minOccurs="0"/>
            <xs:element ref="xacml:PolicySetDefaults" minOccurs="0"/>
            <xs:element ref="xacml:Target"/>
            <xs:choice minOccurs="0" maxOccurs="unbounded">
                <xs:element ref="xacml:PolicySet"/>
                <xs:element ref="xacml:Policy"/>
                <xs:element ref="xacml:PolicySetIdReference"/>
                <xs:element ref="xacml:PolicyIdReference"/>
                <xs:element ref="xacml:CombinerParameters"/>
                <xs:element ref="xacml:PolicyCombinerParameters"/>
                <xs:element ref="xacml:PolicySetCombinerParameters"/>
            </xs:choice>
            <xs:element ref="xacml:Obligations" minOccurs="0"/>
        </xs:sequence>
        <xs:attribute name="PolicySetId" type="xs:anyURI" use="required"/>
        <xs:attribute name="Version" type="xacml:VersionType" 
default="1.0"/>
        <xs:attribute name="PolicyCombiningAlgId" type="xs:anyURI" 
use="required"/>
    </xs:complexType>
    <!-- -->
    <xs:element name="CombinerParameters" 
type="xacml:CombinerParametersType"/>
    <xs:complexType name="CombinerParametersType">
        <xs:sequence>
            <xs:element ref="xacml:CombinerParameter" minOccurs="0" 
maxOccurs="unbounded"/>
        </xs:sequence>
    </xs:complexType>
    <!-- -->
    <xs:element name="CombinerParameter" 
type="xacml:CombinerParameterType"/>
    <xs:complexType name="CombinerParameterType">
        <xs:sequence>
            <xs:element ref="xacml:AttributeValue"/>
        </xs:sequence>
        <xs:attribute name="ParameterName" type="xs:string" use="required"/>
    </xs:complexType>
    <!-- -->
    <xs:element name="RuleCombinerParameters" 
type="xacml:RuleCombinerParametersType"/>
    <xs:complexType name="RuleCombinerParametersType">
        <xs:complexContent>
            <xs:extension base="xacml:CombinerParametersType">
                <xs:attribute name="RuleIdRef" type="xs:string" 
use="required"/>
            </xs:extension>
        </xs:complexContent>
    </xs:complexType>
    <!-- -->
    <xs:element name="PolicyCombinerParameters" 
type="xacml:PolicyCombinerParametersType"/>
    <xs:complexType name="PolicyCombinerParametersType">
        <xs:complexContent>
            <xs:extension base="xacml:CombinerParametersType">
                <xs:attribute name="PolicyIdRef" type="xs:anyURI" 
use="required"/>
            </xs:extension>
        </xs:complexContent>
    </xs:complexType>
    <!-- -->
    <xs:element name="PolicySetCombinerParameters" 
type="xacml:PolicySetCombinerParametersType"/>
    <xs:complexType name="PolicySetCombinerParametersType">
        <xs:complexContent>
            <xs:extension base="xacml:CombinerParametersType">
                <xs:attribute name="PolicySetIdRef" type="xs:anyURI" 
use="required"/>
            </xs:extension>
        </xs:complexContent>
    </xs:complexType>
    <!-- -->
    <xs:element name="PolicySetIdReference" type="xacml:IdReferenceType"/>
    <xs:element name="PolicyIdReference" type="xacml:IdReferenceType"/>
    <!-- -->
    <xs:element name="PolicySetDefaults" type="xacml:DefaultsType"/>
    <xs:element name="PolicyDefaults" type="xacml:DefaultsType"/>
    <xs:complexType name="DefaultsType">
        <xs:sequence>
            <xs:choice>
                <xs:element ref="xacml:XPathVersion"/>
            </xs:choice>
        </xs:sequence>
    </xs:complexType>
    <!-- -->
    <xs:element name="XPathVersion" type="xs:anyURI"/>
    <!-- -->
    <xs:complexType name="IdReferenceType">
        <xs:simpleContent>
            <xs:extension base="xs:anyURI">
                <xs:attribute name="Version" 
type="xacml:VersionMatchType" use="optional"/>
                <xs:attribute name="EarliestVersion" 
type="xacml:VersionMatchType" use="optional"/>
                <xs:attribute name="LatestVersion" 
type="xacml:VersionMatchType" use="optional"/>
            </xs:extension>
        </xs:simpleContent>
    </xs:complexType>
    <!-- -->
    <xs:simpleType name="VersionType">
        <xs:restriction base="xs:string">
            <xs:pattern value="(\d+\.)*\d+"/>
        </xs:restriction>
    </xs:simpleType>
    <!-- -->
    <xs:simpleType name="VersionMatchType">
        <xs:restriction base="xs:string">
            <xs:pattern value="((\d+|\*)\.)*(\d+|\*|\+)"/>
        </xs:restriction>
    </xs:simpleType>
    <!-- -->
    <xs:element name="Policy" type="xacml:PolicyType"/>
    <xs:complexType name="PolicyType">
        <xs:sequence>
            <xs:element ref="xacml:Description" minOccurs="0"/>
            <xs:element ref="xacml:PolicyDefaults" minOccurs="0"/>
            <xs:element ref="xacml:CombinerParameters" minOccurs="0"/>
            <xs:element ref="xacml:Target"/>
            <xs:choice maxOccurs="unbounded">
                <xs:element ref="xacml:CombinerParameters" minOccurs="0"/>
                <xs:element ref="xacml:RuleCombinerParameters" 
minOccurs="0"/>
                <xs:element ref="xacml:VariableDefinition"/>
                <xs:element ref="xacml:Rule"/>
            </xs:choice>
            <xs:element ref="xacml:Obligations" minOccurs="0"/>
        </xs:sequence>
        <xs:attribute name="PolicyId" type="xs:anyURI" use="required"/>
        <xs:attribute name="Version" type="xacml:VersionType" 
default="1.0"/>
        <xs:attribute name="RuleCombiningAlgId" type="xs:anyURI" 
use="required"/>
    </xs:complexType>
    <!-- -->
    <xs:element name="Description" type="xs:string"/>
    <!-- -->
    <xs:element name="Rule" type="xacml:RuleType"/>
    <xs:complexType name="RuleType">
        <xs:sequence>
            <xs:element ref="xacml:Description" minOccurs="0"/>
            <xs:element ref="xacml:Target" minOccurs="0"/>
            <xs:element ref="xacml:Condition" minOccurs="0"/>
        </xs:sequence>
        <xs:attribute name="RuleId" type="xs:string" use="required"/>
        <xs:attribute name="Effect" type="xacml:EffectType" use="required"/>
    </xs:complexType>
    <!-- -->
    <xs:simpleType name="EffectType">
        <xs:restriction base="xs:string">
            <xs:enumeration value="Permit"/>
            <xs:enumeration value="Deny"/>
        </xs:restriction>
    </xs:simpleType>
    <!-- -->
    <xs:element name="Target" type="xacml:TargetType"/>
    <xs:complexType name="TargetType">
        <xs:sequence>
            <xs:element ref="xacml:Subjects" minOccurs="0"/>
            <xs:element ref="xacml:Resources" minOccurs="0"/>
            <xs:element ref="xacml:Actions" minOccurs="0"/>
            <xs:element ref="xacml:Environments" minOccurs="0"/>
        </xs:sequence>
    </xs:complexType>
    <!-- -->
    <xs:element name="Subjects" type="xacml:SubjectsType"/>
    <xs:complexType name="SubjectsType">
        <xs:sequence>
            <xs:element ref="xacml:Subject" maxOccurs="unbounded"/>
        </xs:sequence>
    </xs:complexType>
    <!-- -->
    <xs:element name="Subject" type="xacml:SubjectType"/>
    <xs:complexType name="SubjectType">
        <xs:sequence>
            <xs:element ref="xacml:SubjectMatch" maxOccurs="unbounded"/>
        </xs:sequence>
    </xs:complexType>
    <!-- -->
    <xs:element name="Resources" type="xacml:ResourcesType"/>
    <xs:complexType name="ResourcesType">
        <xs:sequence>
            <xs:element ref="xacml:Resource" maxOccurs="unbounded"/>
        </xs:sequence>
    </xs:complexType>
    <!-- -->
    <xs:element name="Resource" type="xacml:ResourceType"/>
    <xs:complexType name="ResourceType">
        <xs:sequence>
            <xs:element ref="xacml:ResourceMatch" maxOccurs="unbounded"/>
        </xs:sequence>
    </xs:complexType>
    <!-- -->
    <xs:element name="Actions" type="xacml:ActionsType"/>
    <xs:complexType name="ActionsType">
        <xs:sequence>
            <xs:element ref="xacml:Action" maxOccurs="unbounded"/>
        </xs:sequence>
    </xs:complexType>
    <!-- -->
    <xs:element name="Action" type="xacml:ActionType"/>
    <xs:complexType name="ActionType">
        <xs:sequence>
            <xs:element ref="xacml:ActionMatch" maxOccurs="unbounded"/>
        </xs:sequence>
    </xs:complexType>
    <!-- -->
    <xs:element name="Environments" type="xacml:EnvironmentsType"/>
    <xs:complexType name="EnvironmentsType">
        <xs:sequence>
            <xs:element ref="xacml:Environment" maxOccurs="unbounded"/>
        </xs:sequence>
    </xs:complexType>
    <!-- -->
    <xs:element name="Environment" type="xacml:EnvironmentType"/>
    <xs:complexType name="EnvironmentType">
        <xs:sequence>
            <xs:element ref="xacml:EnvironmentMatch" maxOccurs="unbounded"/>
        </xs:sequence>
    </xs:complexType>
    <!-- -->
    <xs:element name="SubjectMatch" type="xacml:SubjectMatchType"/>
    <xs:complexType name="SubjectMatchType">
        <xs:sequence>
            <xs:element ref="xacml:AttributeValue"/>
            <xs:choice>
                <xs:element ref="xacml:SubjectAttributeDesignator"/>
                <xs:element ref="xacml:AttributeSelector"/>
            </xs:choice>
        </xs:sequence>
        <xs:attribute name="MatchId" type="xs:anyURI" use="required"/>
    </xs:complexType>
    <!-- -->
    <xs:element name="ResourceMatch" type="xacml:ResourceMatchType"/>
    <xs:complexType name="ResourceMatchType">
        <xs:sequence>
            <xs:element ref="xacml:AttributeValue"/>
            <xs:choice>
                <xs:element ref="xacml:ResourceAttributeDesignator"/>
                <xs:element ref="xacml:AttributeSelector"/>
            </xs:choice>
        </xs:sequence>
        <xs:attribute name="MatchId" type="xs:anyURI" use="required"/>
    </xs:complexType>
    <!-- -->
    <xs:element name="ActionMatch" type="xacml:ActionMatchType"/>
    <xs:complexType name="ActionMatchType">
        <xs:sequence>
            <xs:element ref="xacml:AttributeValue"/>
            <xs:choice>
                <xs:element ref="xacml:ActionAttributeDesignator"/>
                <xs:element ref="xacml:AttributeSelector"/>
            </xs:choice>
        </xs:sequence>
        <xs:attribute name="MatchId" type="xs:anyURI" use="required"/>
    </xs:complexType>
    <!-- -->
    <xs:element name="EnvironmentMatch" type="xacml:EnvironmentMatchType"/>
    <xs:complexType name="EnvironmentMatchType">
        <xs:sequence>
            <xs:element ref="xacml:AttributeValue"/>
            <xs:choice>
                <xs:element ref="xacml:EnvironmentAttributeDesignator"/>
                <xs:element ref="xacml:AttributeSelector"/>
            </xs:choice>
        </xs:sequence>
        <xs:attribute name="MatchId" type="xs:anyURI" use="required"/>
    </xs:complexType>
    <!-- -->
    <xs:element name="VariableDefinition" 
type="xacml:VariableDefinitionType"/>
    <xs:complexType name="VariableDefinitionType">
        <xs:sequence>
            <xs:element ref="xacml:Expression"/>
        </xs:sequence>
        <xs:attribute name="VariableId" type="xs:string" use="required"/>
    </xs:complexType>
    <!-- -->
    <xs:element name="Expression" type="xacml:ExpressionType" 
abstract="true"/>
    <xs:complexType name="ExpressionType" abstract="true"/>
    <!-- -->
    <xs:element name="VariableReference" 
type="xacml:VariableReferenceType" substitutionGroup="xacml:Expression"/>
    <xs:complexType name="VariableReferenceType">
        <xs:complexContent>
            <xs:extension base="xacml:ExpressionType">
                <xs:attribute name="VariableId" type="xs:string" 
use="required"/>
            </xs:extension>
        </xs:complexContent>
    </xs:complexType>
    <!-- -->
    <xs:element name="AttributeSelector" 
type="xacml:AttributeSelectorType" substitutionGroup="xacml:Expression"/>
    <xs:complexType name="AttributeSelectorType">
        <xs:complexContent>
            <xs:extension base="xacml:ExpressionType">
                <xs:attribute name="RequestContextPath" type="xs:string" 
use="required"/>
                <xs:attribute name="DataType" type="xs:anyURI" 
use="required"/>
                <xs:attribute name="MustBePresent" type="xs:boolean" 
use="optional" default="false"/>
            </xs:extension>
        </xs:complexContent>
    </xs:complexType>
    <!-- -->
    <xs:element name="ResourceAttributeDesignator" 
type="xacml:AttributeDesignatorType" substitutionGroup="xacml:Expression"/>
    <xs:element name="ActionAttributeDesignator" 
type="xacml:AttributeDesignatorType" substitutionGroup="xacml:Expression"/>
    <xs:element name="EnvironmentAttributeDesignator" 
type="xacml:AttributeDesignatorType" substitutionGroup="xacml:Expression"/>
    <!-- -->
    <xs:complexType name="AttributeDesignatorType">
        <xs:complexContent>
            <xs:extension base="xacml:ExpressionType">
                <xs:attribute name="AttributeId" type="xs:anyURI" 
use="required"/>
                <xs:attribute name="DataType" type="xs:anyURI" 
use="required"/>
                <xs:attribute name="Issuer" type="xs:string" 
use="optional"/>
                <xs:attribute name="MustBePresent" type="xs:boolean" 
use="optional" default="false"/>
            </xs:extension>
        </xs:complexContent>
    </xs:complexType>
    <!-- -->
    <xs:element name="SubjectAttributeDesignator" 
type="xacml:SubjectAttributeDesignatorType" 
substitutionGroup="xacml:Expression"/>
    <xs:complexType name="SubjectAttributeDesignatorType">
        <xs:complexContent>
            <xs:extension base="xacml:AttributeDesignatorType">
                <xs:attribute name="SubjectCategory" type="xs:anyURI" 
use="optional" 
default="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject"/>
            </xs:extension>
        </xs:complexContent>
    </xs:complexType>
    <!-- -->
    <xs:element name="AttributeValue" type="xacml:AttributeValueType" 
substitutionGroup="xacml:Expression"/>
    <xs:complexType name="AttributeValueType" mixed="true">
        <xs:complexContent mixed="true">
            <xs:extension base="xacml:ExpressionType">
                <xs:sequence>
                    <xs:any namespace="##any" processContents="lax" 
minOccurs="0" maxOccurs="unbounded"/>
                </xs:sequence>
                <xs:attribute name="DataType" type="xs:anyURI" 
use="required"/>
                <xs:anyAttribute namespace="##any" processContents="lax"/>
            </xs:extension>
        </xs:complexContent>
    </xs:complexType>
    <!-- -->
    <xs:element name="Function" type="xacml:FunctionType" 
substitutionGroup="xacml:Expression"/>
    <xs:complexType name="FunctionType">
        <xs:complexContent>
            <xs:extension base="xacml:ExpressionType">
                <xs:attribute name="FunctionId" type="xs:anyURI" 
use="required"/>
            </xs:extension>
        </xs:complexContent>
    </xs:complexType>
    <!-- -->
    <xs:element name="Condition" type="xacml:ConditionType"/>
    <xs:complexType name="ConditionType">
        <xs:sequence>
            <xs:element ref="xacml:Expression"/>
        </xs:sequence>
    </xs:complexType>
    <!-- -->
    <xs:element name="Apply" type="xacml:ApplyType" 
substitutionGroup="xacml:Expression"/>
    <xs:complexType name="ApplyType">
        <xs:complexContent>
            <xs:extension base="xacml:ExpressionType">
                <xs:sequence>
                    <xs:element ref="xacml:Expression" minOccurs="0" 
maxOccurs="unbounded"/>
                </xs:sequence>
                <xs:attribute name="FunctionId" type="xs:anyURI" 
use="required"/>
            </xs:extension>
        </xs:complexContent>
    </xs:complexType>
    <!-- -->
    <xs:element name="Obligations" type="xacml:ObligationsType"/>
    <xs:complexType name="ObligationsType">
        <xs:sequence>
            <xs:element ref="xacml:Obligation" maxOccurs="unbounded"/>
        </xs:sequence>
    </xs:complexType>
    <!-- -->
    <xs:element name="Obligation" type="xacml:ObligationType"/>
    <xs:complexType name="ObligationType">
        <xs:sequence>
            <xs:element ref="xacml:AttributeAssignment" minOccurs="0" 
maxOccurs="unbounded"/>
        </xs:sequence>
        <xs:attribute name="ObligationId" type="xs:anyURI" use="required"/>
        <xs:attribute name="FulfillOn" type="xacml:EffectType" 
use="required"/>
    </xs:complexType>
    <!-- -->
    <xs:element name="AttributeAssignment" 
type="xacml:AttributeAssignmentType"/>
    <xs:complexType name="AttributeAssignmentType" mixed="true">
        <xs:complexContent mixed="true">
            <xs:extension base="xacml:AttributeValueType">
                <xs:attribute name="AttributeId" type="xs:anyURI" 
use="required"/>
            </xs:extension>
        </xs:complexContent>
    </xs:complexType>
    <!-- -->
</xs:schema>



---------------------------------------------------------------------
To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-user-help@ws.apache.org


Mime
View raw message