source: aai/check-saml-metadata/saml-schema/shibboleth-2.0-afp-mf-saml.xsd @ 5962

Last change on this file since 5962 was 5962, checked in by Sander Maijers, 9 years ago
  • Add a schema relevant to SAML metadata.
  • Modify mime-type of schemas.
  • Refer to SAML metadata guidelines at

https://www.clarin.eu/content/guidelines-saml-metadata-about-your-sp in SAML metadata about
SPF SPs in document header.

  • Remove extraneous whitespace, erroneous newlines, reformat XML and improve punctuation and

spelling in SAML metadata about SPF SPs.

  • Remove signature from BAS EntityDescriptor? to allow modification and reduce technical issues

(the SAML metadata guidelines will be updated to reflect this measure).

  • Improve metadata about CMU SPs (ticket #732).
  • Property svn:mime-type set to text/xml
File size: 3.6 KB
Line 
1<?xml version="1.0" encoding="UTF-8"?>
2
3<schema targetNamespace="urn:mace:shibboleth:2.0:afp:mf:saml" xmlns="http://www.w3.org/2001/XMLSchema"
4    xmlns:saml="urn:mace:shibboleth:2.0:afp:mf:saml" xmlns:afp="urn:mace:shibboleth:2.0:afp" version="2.0">
5
6    <import namespace="urn:mace:shibboleth:2.0:afp" schemaLocation="shibboleth-2.0-afp.xsd" />
7
8    <annotation>
9        <documentation>
10            A set of SAML specific match functions. These match functions only operate against a SAMLFilterContext.
11        </documentation>
12    </annotation>
13
14    <complexType name="AttributeRequesterInEntityGroup">
15        <annotation>
16            <documentation>
17                A match function that evaluates to true if the attribute requester is found in metadata and is a member
18                of the given entity group.
19            </documentation>
20        </annotation>
21        <complexContent>
22            <extension base="saml:EntityGroupMatchType" />
23        </complexContent>
24    </complexType>
25
26    <complexType name="AttributeIssuerInEntityGroup">
27        <annotation>
28            <documentation>
29                A match function that evaluates to true if the attribute issuer is found in metadata and is a member
30                of the given entity group.
31            </documentation>
32        </annotation>
33        <complexContent>
34            <extension base="saml:EntityGroupMatchType" />
35        </complexContent>
36    </complexType>
37
38    <complexType name="EntityGroupMatchType" abstract="true">
39        <complexContent>
40            <extension base="afp:MatchFunctorType">
41                <attribute name="groupID" type="string" use="required">
42                    <annotation>
43                        <documentation>The entity group ID that an entity must be in.</documentation>
44                    </annotation>
45                </attribute>
46            </extension>
47        </complexContent>
48    </complexType>
49   
50    <complexType name="AttributeScopeMatchesShibMDScope">
51        <annotation>
52            <documentation>
53                A match function that ensures that an attribute value's scope matches a scope given in metadata for the entity or role.
54            </documentation>
55        </annotation>
56        <complexContent>
57            <extension base="afp:MatchFunctorType" />
58        </complexContent>
59    </complexType>
60
61  <complexType name="NameIDQualifierString">
62    <annotation>
63      <documentation>
64        A match function that ensures that a NameID-valued attribute's qualifier(s), if set, match particular values.
65      </documentation>
66    </annotation>
67    <complexContent>
68      <extension base="afp:MatchFunctorType">
69        <attribute name="attributeID" type="string">
70          <annotation>
71            <documentation>
72              The ID of the attribute whose qualifiers should be matched. If no attribute ID is specified the
73              ID of the containing attribute rule is assumed.
74            </documentation>
75          </annotation>
76        </attribute>
77        <attribute name="NameQualifier" type="string">
78          <annotation>
79            <documentation>
80              A value to require in the NameQualifier field, or if omitted, require that it match the issuing IdP's entityID.
81            </documentation>
82          </annotation>
83        </attribute>
84        <attribute name="SPNameQualifier" type="string">
85          <annotation>
86            <documentation>
87              A value to require in the SPNameQualifier field, or if omitted, require that it match the SP's entityID.
88            </documentation>
89          </annotation>
90        </attribute>
91      </extension>
92    </complexContent>
93  </complexType>
94
95</schema>
Note: See TracBrowser for help on using the repository browser.