From 16ccdf0026e5db1bed37fa027a88e5efe9dab112 Mon Sep 17 00:00:00 2001
From: Tim van Dijen <tvdijen@gmail.com>
Date: Mon, 23 May 2022 22:52:10 +0200
Subject: [PATCH] Remove schema files; they have been moved to the saml2-lib
---
composer.lock | 36 +-
lib/SimpleSAML/Utils/XML.php | 9 +-
.../oasis-sstc-saml-schema-assertion-1.1.xsd | 201 -----
.../oasis-sstc-saml-schema-protocol-1.1.xsd | 132 ---
schemas/saml-schema-assertion-2.0.xsd | 283 ------
schemas/saml-schema-authn-context-2.0.xsd | 23 -
...chema-authn-context-auth-telephony-2.0.xsd | 81 --
schemas/saml-schema-authn-context-ip-2.0.xsd | 65 --
.../saml-schema-authn-context-ippword-2.0.xsd | 67 --
...saml-schema-authn-context-kerberos-2.0.xsd | 83 --
...-authn-context-mobileonefactor-reg-2.0.xsd | 186 ----
...uthn-context-mobileonefactor-unreg-2.0.xsd | 183 ----
...-authn-context-mobiletwofactor-reg-2.0.xsd | 202 -----
...uthn-context-mobiletwofactor-unreg-2.0.xsd | 200 -----
...hema-authn-context-nomad-telephony-2.0.xsd | 81 --
...a-authn-context-personal-telephony-2.0.xsd | 80 --
schemas/saml-schema-authn-context-pgp-2.0.xsd | 83 --
schemas/saml-schema-authn-context-ppt-2.0.xsd | 81 --
.../saml-schema-authn-context-pword-2.0.xsd | 64 --
.../saml-schema-authn-context-session-2.0.xsd | 64 --
...aml-schema-authn-context-smartcard-2.0.xsd | 64 --
...-schema-authn-context-smartcardpki-2.0.xsd | 129 ---
...l-schema-authn-context-softwarepki-2.0.xsd | 129 ---
.../saml-schema-authn-context-spki-2.0.xsd | 83 --
schemas/saml-schema-authn-context-srp-2.0.xsd | 82 --
.../saml-schema-authn-context-sslcert-2.0.xsd | 97 ---
...aml-schema-authn-context-telephony-2.0.xsd | 79 --
...saml-schema-authn-context-timesync-2.0.xsd | 105 ---
.../saml-schema-authn-context-types-2.0.xsd | 821 ------------------
.../saml-schema-authn-context-x509-2.0.xsd | 83 --
.../saml-schema-authn-context-xmldsig-2.0.xsd | 83 --
schemas/saml-schema-dce-2.0.xsd | 29 -
schemas/saml-schema-ecp-2.0.xsd | 57 --
schemas/saml-schema-metadata-2.0.xsd | 337 -------
schemas/saml-schema-protocol-2.0.xsd | 302 -------
schemas/saml-schema-x500-2.0.xsd | 20 -
schemas/saml-schema-xacml-2.0.xsd | 19 -
schemas/xenc-schema.xsd | 146 ----
schemas/xml.xsd | 287 ------
schemas/xmldsig-core-schema.xsd | 318 -------
40 files changed, 23 insertions(+), 5451 deletions(-)
delete mode 100644 schemas/oasis-sstc-saml-schema-assertion-1.1.xsd
delete mode 100644 schemas/oasis-sstc-saml-schema-protocol-1.1.xsd
delete mode 100644 schemas/saml-schema-assertion-2.0.xsd
delete mode 100644 schemas/saml-schema-authn-context-2.0.xsd
delete mode 100644 schemas/saml-schema-authn-context-auth-telephony-2.0.xsd
delete mode 100644 schemas/saml-schema-authn-context-ip-2.0.xsd
delete mode 100644 schemas/saml-schema-authn-context-ippword-2.0.xsd
delete mode 100644 schemas/saml-schema-authn-context-kerberos-2.0.xsd
delete mode 100644 schemas/saml-schema-authn-context-mobileonefactor-reg-2.0.xsd
delete mode 100644 schemas/saml-schema-authn-context-mobileonefactor-unreg-2.0.xsd
delete mode 100644 schemas/saml-schema-authn-context-mobiletwofactor-reg-2.0.xsd
delete mode 100644 schemas/saml-schema-authn-context-mobiletwofactor-unreg-2.0.xsd
delete mode 100644 schemas/saml-schema-authn-context-nomad-telephony-2.0.xsd
delete mode 100644 schemas/saml-schema-authn-context-personal-telephony-2.0.xsd
delete mode 100644 schemas/saml-schema-authn-context-pgp-2.0.xsd
delete mode 100644 schemas/saml-schema-authn-context-ppt-2.0.xsd
delete mode 100644 schemas/saml-schema-authn-context-pword-2.0.xsd
delete mode 100644 schemas/saml-schema-authn-context-session-2.0.xsd
delete mode 100644 schemas/saml-schema-authn-context-smartcard-2.0.xsd
delete mode 100644 schemas/saml-schema-authn-context-smartcardpki-2.0.xsd
delete mode 100644 schemas/saml-schema-authn-context-softwarepki-2.0.xsd
delete mode 100644 schemas/saml-schema-authn-context-spki-2.0.xsd
delete mode 100644 schemas/saml-schema-authn-context-srp-2.0.xsd
delete mode 100644 schemas/saml-schema-authn-context-sslcert-2.0.xsd
delete mode 100644 schemas/saml-schema-authn-context-telephony-2.0.xsd
delete mode 100644 schemas/saml-schema-authn-context-timesync-2.0.xsd
delete mode 100644 schemas/saml-schema-authn-context-types-2.0.xsd
delete mode 100644 schemas/saml-schema-authn-context-x509-2.0.xsd
delete mode 100644 schemas/saml-schema-authn-context-xmldsig-2.0.xsd
delete mode 100644 schemas/saml-schema-dce-2.0.xsd
delete mode 100644 schemas/saml-schema-ecp-2.0.xsd
delete mode 100644 schemas/saml-schema-metadata-2.0.xsd
delete mode 100644 schemas/saml-schema-protocol-2.0.xsd
delete mode 100644 schemas/saml-schema-x500-2.0.xsd
delete mode 100644 schemas/saml-schema-xacml-2.0.xsd
delete mode 100644 schemas/xenc-schema.xsd
delete mode 100644 schemas/xml.xsd
delete mode 100644 schemas/xmldsig-core-schema.xsd
diff --git a/composer.lock b/composer.lock
index 481ee151f..6da684248 100644
--- a/composer.lock
+++ b/composer.lock
@@ -601,16 +601,16 @@
},
{
"name": "simplesamlphp/saml2",
- "version": "v4.6.0",
+ "version": "v4.6.1",
"source": {
"type": "git",
"url": "https://github.com/simplesamlphp/saml2.git",
- "reference": "46d93daa9a96a1d896fe35cb75897a91e1795442"
+ "reference": "5e46819fdb76657f13e05a8f264d06efd9163c3d"
},
"dist": {
"type": "zip",
- "url": "https://api.github.com/repos/simplesamlphp/saml2/zipball/46d93daa9a96a1d896fe35cb75897a91e1795442",
- "reference": "46d93daa9a96a1d896fe35cb75897a91e1795442",
+ "url": "https://api.github.com/repos/simplesamlphp/saml2/zipball/5e46819fdb76657f13e05a8f264d06efd9163c3d",
+ "reference": "5e46819fdb76657f13e05a8f264d06efd9163c3d",
"shasum": ""
},
"require": {
@@ -653,9 +653,9 @@
"description": "SAML2 PHP library from SimpleSAMLphp",
"support": {
"issues": "https://github.com/simplesamlphp/saml2/issues",
- "source": "https://github.com/simplesamlphp/saml2/tree/v4.6.0"
+ "source": "https://github.com/simplesamlphp/saml2/tree/v4.6.1"
},
- "time": "2022-04-08T13:47:36+00:00"
+ "time": "2022-05-23T20:49:55+00:00"
},
{
"name": "symfony/cache",
@@ -3290,16 +3290,16 @@
},
{
"name": "twig/twig",
- "version": "v3.4.0",
+ "version": "v3.4.1",
"source": {
"type": "git",
"url": "https://github.com/twigphp/Twig.git",
- "reference": "ed19f4bf9d19c4ef920b5d8243910bd32e85b9ba"
+ "reference": "e939eae92386b69b49cfa4599dd9bead6bf4a342"
},
"dist": {
"type": "zip",
- "url": "https://api.github.com/repos/twigphp/Twig/zipball/ed19f4bf9d19c4ef920b5d8243910bd32e85b9ba",
- "reference": "ed19f4bf9d19c4ef920b5d8243910bd32e85b9ba",
+ "url": "https://api.github.com/repos/twigphp/Twig/zipball/e939eae92386b69b49cfa4599dd9bead6bf4a342",
+ "reference": "e939eae92386b69b49cfa4599dd9bead6bf4a342",
"shasum": ""
},
"require": {
@@ -3350,7 +3350,7 @@
],
"support": {
"issues": "https://github.com/twigphp/Twig/issues",
- "source": "https://github.com/twigphp/Twig/tree/v3.4.0"
+ "source": "https://github.com/twigphp/Twig/tree/v3.4.1"
},
"funding": [
{
@@ -3362,7 +3362,7 @@
"type": "tidelift"
}
],
- "time": "2022-05-15T06:25:28+00:00"
+ "time": "2022-05-17T05:48:52+00:00"
},
{
"name": "webmozart/assert",
@@ -6173,16 +6173,16 @@
},
{
"name": "simplesamlphp/simplesamlphp-test-framework",
- "version": "v1.2.0",
+ "version": "v1.2.1",
"source": {
"type": "git",
"url": "https://github.com/simplesamlphp/simplesamlphp-test-framework.git",
- "reference": "4ac69583df179b884ae1f916babce017b87a5f4e"
+ "reference": "70a601f41aebb00820b168c24f4b8177f414fc18"
},
"dist": {
"type": "zip",
- "url": "https://api.github.com/repos/simplesamlphp/simplesamlphp-test-framework/zipball/4ac69583df179b884ae1f916babce017b87a5f4e",
- "reference": "4ac69583df179b884ae1f916babce017b87a5f4e",
+ "url": "https://api.github.com/repos/simplesamlphp/simplesamlphp-test-framework/zipball/70a601f41aebb00820b168c24f4b8177f414fc18",
+ "reference": "70a601f41aebb00820b168c24f4b8177f414fc18",
"shasum": ""
},
"require": {
@@ -6190,7 +6190,7 @@
"phpunit/phpunit": "^8.5|^9.5",
"squizlabs/php_codesniffer": "^3.6",
"symfony/phpunit-bridge": "^6.0",
- "vimeo/psalm": "^4.20|^5.0.0-rc1"
+ "vimeo/psalm": "^4.20|^5.0.0-beta1"
},
"require-dev": {
"ext-curl": "*",
@@ -6226,7 +6226,7 @@
"issues": "https://github.com/simplesamlphp/simplesamlphp-test-framework/issues",
"source": "https://github.com/simplesamlphp/simplesamlphp-test-framework"
},
- "time": "2022-05-15T10:30:51+00:00"
+ "time": "2022-05-15T10:37:25+00:00"
},
{
"name": "simplesamlphp/xml-common",
diff --git a/lib/SimpleSAML/Utils/XML.php b/lib/SimpleSAML/Utils/XML.php
index a77d9892c..d7d8cceff 100644
--- a/lib/SimpleSAML/Utils/XML.php
+++ b/lib/SimpleSAML/Utils/XML.php
@@ -15,6 +15,7 @@ use DOMDocument;
use DOMElement;
use DOMNode;
use DOMText;
+use SAML2\Constants as C;
use SAML2\DOMDocumentFactory;
use SimpleSAML\Assert\Assert;
use SimpleSAML\Configuration;
@@ -285,9 +286,9 @@ class XML
// the defined shortcuts
$shortcuts = [
'@ds' => 'http://www.w3.org/2000/09/xmldsig#',
- '@md' => 'urn:oasis:names:tc:SAML:2.0:metadata',
- '@saml2' => 'urn:oasis:names:tc:SAML:2.0:assertion',
- '@saml2p' => 'urn:oasis:names:tc:SAML:2.0:protocol'
+ '@md' => C::NS_MD,
+ '@saml2' => C::NS_SAML,
+ '@saml2p' => C::NS_SAMLP,
];
// check if it is a valid shortcut
@@ -345,7 +346,7 @@ class XML
if ($res === true) {
$config = Configuration::getInstance();
/** @var string $schemaPath */
- $schemaPath = $config->resolvePath('schemas');
+ $schemaPath = $config->resolvePath('vendor/simplesamlphp/saml2/schemas');
$schemaFile = $schemaPath . '/' . $schema;
libxml_set_external_entity_loader(
diff --git a/schemas/oasis-sstc-saml-schema-assertion-1.1.xsd b/schemas/oasis-sstc-saml-schema-assertion-1.1.xsd
deleted file mode 100644
index 1516399bf..000000000
--- a/schemas/oasis-sstc-saml-schema-assertion-1.1.xsd
+++ /dev/null
@@ -1,201 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<schema targetNamespace="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns="http://www.w3.org/2001/XMLSchema" elementFormDefault="unqualified" attributeFormDefault="unqualified" version="1.1">
- <import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd"/>
- <annotation>
- <documentation>
- Document identifier: oasis-sstc-saml-schema-assertion-1.1
- Location: http://www.oasis-open.org/committees/documents.php?wg_abbrev=security
- Revision history:
- V1.0 (November, 2002):
- Initial standard schema.
- V1.1 (September, 2003):
- * Note that V1.1 of this schema has the same XML namespace as V1.0.
- Rebased ID content directly on XML Schema types
- Added DoNotCacheCondition element and DoNotCacheConditionType
- </documentation>
- </annotation>
- <simpleType name="DecisionType">
- <restriction base="string">
- <enumeration value="Permit"/>
- <enumeration value="Deny"/>
- <enumeration value="Indeterminate"/>
- </restriction>
- </simpleType>
- <element name="AssertionIDReference" type="NCName"/>
- <element name="Assertion" type="saml:AssertionType"/>
- <complexType name="AssertionType">
- <sequence>
- <element ref="saml:Conditions" minOccurs="0"/>
- <element ref="saml:Advice" minOccurs="0"/>
- <choice maxOccurs="unbounded">
- <element ref="saml:Statement"/>
- <element ref="saml:SubjectStatement"/>
- <element ref="saml:AuthenticationStatement"/>
- <element ref="saml:AuthorizationDecisionStatement"/>
- <element ref="saml:AttributeStatement"/>
- </choice>
- <element ref="ds:Signature" minOccurs="0"/>
- </sequence>
- <attribute name="MajorVersion" type="integer" use="required"/>
- <attribute name="MinorVersion" type="integer" use="required"/>
- <attribute name="AssertionID" type="ID" use="required"/>
- <attribute name="Issuer" type="string" use="required"/>
- <attribute name="IssueInstant" type="dateTime" use="required"/>
- </complexType>
- <element name="Conditions" type="saml:ConditionsType"/>
- <complexType name="ConditionsType">
- <choice minOccurs="0" maxOccurs="unbounded">
- <element ref="saml:AudienceRestrictionCondition"/>
- <element ref="saml:DoNotCacheCondition"/>
- <element ref="saml:Condition"/>
- </choice>
- <attribute name="NotBefore" type="dateTime" use="optional"/>
- <attribute name="NotOnOrAfter" type="dateTime" use="optional"/>
- </complexType>
- <element name="Condition" type="saml:ConditionAbstractType"/>
- <complexType name="ConditionAbstractType" abstract="true"/>
- <element name="AudienceRestrictionCondition" type="saml:AudienceRestrictionConditionType"/>
- <complexType name="AudienceRestrictionConditionType">
- <complexContent>
- <extension base="saml:ConditionAbstractType">
- <sequence>
- <element ref="saml:Audience" maxOccurs="unbounded"/>
- </sequence>
- </extension>
- </complexContent>
- </complexType>
- <element name="Audience" type="anyURI"/>
- <element name="DoNotCacheCondition" type="saml:DoNotCacheConditionType"/>
- <complexType name="DoNotCacheConditionType">
- <complexContent>
- <extension base="saml:ConditionAbstractType"/>
- </complexContent>
- </complexType>
- <element name="Advice" type="saml:AdviceType"/>
- <complexType name="AdviceType">
- <choice minOccurs="0" maxOccurs="unbounded">
- <element ref="saml:AssertionIDReference"/>
- <element ref="saml:Assertion"/>
- <any namespace="##other" processContents="lax"/>
- </choice>
- </complexType>
- <element name="Statement" type="saml:StatementAbstractType"/>
- <complexType name="StatementAbstractType" abstract="true"/>
- <element name="SubjectStatement" type="saml:SubjectStatementAbstractType"/>
- <complexType name="SubjectStatementAbstractType" abstract="true">
- <complexContent>
- <extension base="saml:StatementAbstractType">
- <sequence>
- <element ref="saml:Subject"/>
- </sequence>
- </extension>
- </complexContent>
- </complexType>
- <element name="Subject" type="saml:SubjectType"/>
- <complexType name="SubjectType">
- <choice>
- <sequence>
- <element ref="saml:NameIdentifier"/>
- <element ref="saml:SubjectConfirmation" minOccurs="0"/>
- </sequence>
- <element ref="saml:SubjectConfirmation"/>
- </choice>
- </complexType>
- <element name="NameIdentifier" type="saml:NameIdentifierType"/>
- <complexType name="NameIdentifierType">
- <simpleContent>
- <extension base="string">
- <attribute name="NameQualifier" type="string" use="optional"/>
- <attribute name="Format" type="anyURI" use="optional"/>
- </extension>
- </simpleContent>
- </complexType>
- <element name="SubjectConfirmation" type="saml:SubjectConfirmationType"/>
- <complexType name="SubjectConfirmationType">
- <sequence>
- <element ref="saml:ConfirmationMethod" maxOccurs="unbounded"/>
- <element ref="saml:SubjectConfirmationData" minOccurs="0"/>
- <element ref="ds:KeyInfo" minOccurs="0"/>
- </sequence>
- </complexType>
- <element name="SubjectConfirmationData" type="anyType"/>
- <element name="ConfirmationMethod" type="anyURI"/>
- <element name="AuthenticationStatement" type="saml:AuthenticationStatementType"/>
- <complexType name="AuthenticationStatementType">
- <complexContent>
- <extension base="saml:SubjectStatementAbstractType">
- <sequence>
- <element ref="saml:SubjectLocality" minOccurs="0"/>
- <element ref="saml:AuthorityBinding" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- <attribute name="AuthenticationMethod" type="anyURI" use="required"/>
- <attribute name="AuthenticationInstant" type="dateTime" use="required"/>
- </extension>
- </complexContent>
- </complexType>
- <element name="SubjectLocality" type="saml:SubjectLocalityType"/>
- <complexType name="SubjectLocalityType">
- <attribute name="IPAddress" type="string" use="optional"/>
- <attribute name="DNSAddress" type="string" use="optional"/>
- </complexType>
- <element name="AuthorityBinding" type="saml:AuthorityBindingType"/>
- <complexType name="AuthorityBindingType">
- <attribute name="AuthorityKind" type="QName" use="required"/>
- <attribute name="Location" type="anyURI" use="required"/>
- <attribute name="Binding" type="anyURI" use="required"/>
- </complexType>
- <element name="AuthorizationDecisionStatement" type="saml:AuthorizationDecisionStatementType"/>
- <complexType name="AuthorizationDecisionStatementType">
- <complexContent>
- <extension base="saml:SubjectStatementAbstractType">
- <sequence>
- <element ref="saml:Action" maxOccurs="unbounded"/>
- <element ref="saml:Evidence" minOccurs="0"/>
- </sequence>
- <attribute name="Resource" type="anyURI" use="required"/>
- <attribute name="Decision" type="saml:DecisionType" use="required"/>
- </extension>
- </complexContent>
- </complexType>
- <element name="Action" type="saml:ActionType"/>
- <complexType name="ActionType">
- <simpleContent>
- <extension base="string">
- <attribute name="Namespace" type="anyURI"/>
- </extension>
- </simpleContent>
- </complexType>
- <element name="Evidence" type="saml:EvidenceType"/>
- <complexType name="EvidenceType">
- <choice maxOccurs="unbounded">
- <element ref="saml:AssertionIDReference"/>
- <element ref="saml:Assertion"/>
- </choice>
- </complexType>
- <element name="AttributeStatement" type="saml:AttributeStatementType"/>
- <complexType name="AttributeStatementType">
- <complexContent>
- <extension base="saml:SubjectStatementAbstractType">
- <sequence>
- <element ref="saml:Attribute" maxOccurs="unbounded"/>
- </sequence>
- </extension>
- </complexContent>
- </complexType>
- <element name="AttributeDesignator" type="saml:AttributeDesignatorType"/>
- <complexType name="AttributeDesignatorType">
- <attribute name="AttributeName" type="string" use="required"/>
- <attribute name="AttributeNamespace" type="anyURI" use="required"/>
- </complexType>
- <element name="Attribute" type="saml:AttributeType"/>
- <complexType name="AttributeType">
- <complexContent>
- <extension base="saml:AttributeDesignatorType">
- <sequence>
- <element ref="saml:AttributeValue" maxOccurs="unbounded"/>
- </sequence>
- </extension>
- </complexContent>
- </complexType>
- <element name="AttributeValue" type="anyType"/>
-</schema>
diff --git a/schemas/oasis-sstc-saml-schema-protocol-1.1.xsd b/schemas/oasis-sstc-saml-schema-protocol-1.1.xsd
deleted file mode 100644
index ea4407725..000000000
--- a/schemas/oasis-sstc-saml-schema-protocol-1.1.xsd
+++ /dev/null
@@ -1,132 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<schema targetNamespace="urn:oasis:names:tc:SAML:1.0:protocol" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol" xmlns="http://www.w3.org/2001/XMLSchema" elementFormDefault="unqualified" attributeFormDefault="unqualified" version="1.1">
- <import namespace="urn:oasis:names:tc:SAML:1.0:assertion" schemaLocation="oasis-sstc-saml-schema-assertion-1.1.xsd"/>
- <import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd"/>
- <annotation>
- <documentation>
- Document identifier: oasis-sstc-saml-schema-protocol-1.1
- Location: http://www.oasis-open.org/committees/documents.php?wg_abbrev=security
- Revision history:
- V1.0 (November, 2002):
- Initial standard schema.
- V1.1 (September, 2003):
- * Note that V1.1 of this schema has the same XML namespace as V1.0.
- Rebased ID content directly on XML Schema types
- </documentation>
- </annotation>
- <complexType name="RequestAbstractType" abstract="true">
- <sequence>
- <element ref="samlp:RespondWith" minOccurs="0" maxOccurs="unbounded"/>
- <element ref="ds:Signature" minOccurs="0"/>
- </sequence>
- <attribute name="RequestID" type="ID" use="required"/>
- <attribute name="MajorVersion" type="integer" use="required"/>
- <attribute name="MinorVersion" type="integer" use="required"/>
- <attribute name="IssueInstant" type="dateTime" use="required"/>
- </complexType>
- <element name="RespondWith" type="QName"/>
- <element name="Request" type="samlp:RequestType"/>
- <complexType name="RequestType">
- <complexContent>
- <extension base="samlp:RequestAbstractType">
- <choice>
- <element ref="samlp:Query"/>
- <element ref="samlp:SubjectQuery"/>
- <element ref="samlp:AuthenticationQuery"/>
- <element ref="samlp:AttributeQuery"/>
- <element ref="samlp:AuthorizationDecisionQuery"/>
- <element ref="saml:AssertionIDReference" maxOccurs="unbounded"/>
- <element ref="samlp:AssertionArtifact" maxOccurs="unbounded"/>
- </choice>
- </extension>
- </complexContent>
- </complexType>
- <element name="AssertionArtifact" type="string"/>
- <element name="Query" type="samlp:QueryAbstractType"/>
- <complexType name="QueryAbstractType" abstract="true"/>
- <element name="SubjectQuery" type="samlp:SubjectQueryAbstractType"/>
- <complexType name="SubjectQueryAbstractType" abstract="true">
- <complexContent>
- <extension base="samlp:QueryAbstractType">
- <sequence>
- <element ref="saml:Subject"/>
- </sequence>
- </extension>
- </complexContent>
- </complexType>
- <element name="AuthenticationQuery" type="samlp:AuthenticationQueryType"/>
- <complexType name="AuthenticationQueryType">
- <complexContent>
- <extension base="samlp:SubjectQueryAbstractType">
- <attribute name="AuthenticationMethod" type="anyURI"/>
- </extension>
- </complexContent>
- </complexType>
- <element name="AttributeQuery" type="samlp:AttributeQueryType"/>
- <complexType name="AttributeQueryType">
- <complexContent>
- <extension base="samlp:SubjectQueryAbstractType">
- <sequence>
- <element ref="saml:AttributeDesignator" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- <attribute name="Resource" type="anyURI" use="optional"/>
- </extension>
- </complexContent>
- </complexType>
- <element name="AuthorizationDecisionQuery" type="samlp:AuthorizationDecisionQueryType"/>
- <complexType name="AuthorizationDecisionQueryType">
- <complexContent>
- <extension base="samlp:SubjectQueryAbstractType">
- <sequence>
- <element ref="saml:Action" maxOccurs="unbounded"/>
- <element ref="saml:Evidence" minOccurs="0"/>
- </sequence>
- <attribute name="Resource" type="anyURI" use="required"/>
- </extension>
- </complexContent>
- </complexType>
- <complexType name="ResponseAbstractType" abstract="true">
- <sequence>
- <element ref="ds:Signature" minOccurs="0"/>
- </sequence>
- <attribute name="ResponseID" type="ID" use="required"/>
- <attribute name="InResponseTo" type="NCName" use="optional"/>
- <attribute name="MajorVersion" type="integer" use="required"/>
- <attribute name="MinorVersion" type="integer" use="required"/>
- <attribute name="IssueInstant" type="dateTime" use="required"/>
- <attribute name="Recipient" type="anyURI" use="optional"/>
- </complexType>
- <element name="Response" type="samlp:ResponseType"/>
- <complexType name="ResponseType">
- <complexContent>
- <extension base="samlp:ResponseAbstractType">
- <sequence>
- <element ref="samlp:Status"/>
- <element ref="saml:Assertion" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- </extension>
- </complexContent>
- </complexType>
- <element name="Status" type="samlp:StatusType"/>
- <complexType name="StatusType">
- <sequence>
- <element ref="samlp:StatusCode"/>
- <element ref="samlp:StatusMessage" minOccurs="0"/>
- <element ref="samlp:StatusDetail" minOccurs="0"/>
- </sequence>
- </complexType>
- <element name="StatusCode" type="samlp:StatusCodeType"/>
- <complexType name="StatusCodeType">
- <sequence>
- <element ref="samlp:StatusCode" minOccurs="0"/>
- </sequence>
- <attribute name="Value" type="QName" use="required"/>
- </complexType>
- <element name="StatusMessage" type="string"/>
- <element name="StatusDetail" type="samlp:StatusDetailType"/>
- <complexType name="StatusDetailType">
- <sequence>
- <any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- </complexType>
-</schema>
diff --git a/schemas/saml-schema-assertion-2.0.xsd b/schemas/saml-schema-assertion-2.0.xsd
deleted file mode 100644
index 2b2f7b801..000000000
--- a/schemas/saml-schema-assertion-2.0.xsd
+++ /dev/null
@@ -1,283 +0,0 @@
-<?xml version="1.0" encoding="US-ASCII"?>
-<schema
- targetNamespace="urn:oasis:names:tc:SAML:2.0:assertion"
- xmlns="http://www.w3.org/2001/XMLSchema"
- xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
- xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
- xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
- elementFormDefault="unqualified"
- attributeFormDefault="unqualified"
- blockDefault="substitution"
- version="2.0">
- <import namespace="http://www.w3.org/2000/09/xmldsig#"
- schemaLocation="xmldsig-core-schema.xsd"/>
- <import namespace="http://www.w3.org/2001/04/xmlenc#"
- schemaLocation="xenc-schema.xsd"/>
- <annotation>
- <documentation>
- Document identifier: saml-schema-assertion-2.0
- Location: http://docs.oasis-open.org/security/saml/v2.0/
- Revision history:
- V1.0 (November, 2002):
- Initial Standard Schema.
- V1.1 (September, 2003):
- Updates within the same V1.0 namespace.
- V2.0 (March, 2005):
- New assertion schema for SAML V2.0 namespace.
- </documentation>
- </annotation>
- <attributeGroup name="IDNameQualifiers">
- <attribute name="NameQualifier" type="string" use="optional"/>
- <attribute name="SPNameQualifier" type="string" use="optional"/>
- </attributeGroup>
- <element name="BaseID" type="saml:BaseIDAbstractType"/>
- <complexType name="BaseIDAbstractType" abstract="true">
- <attributeGroup ref="saml:IDNameQualifiers"/>
- </complexType>
- <element name="NameID" type="saml:NameIDType"/>
- <complexType name="NameIDType">
- <simpleContent>
- <extension base="string">
- <attributeGroup ref="saml:IDNameQualifiers"/>
- <attribute name="Format" type="anyURI" use="optional"/>
- <attribute name="SPProvidedID" type="string" use="optional"/>
- </extension>
- </simpleContent>
- </complexType>
- <complexType name="EncryptedElementType">
- <sequence>
- <element ref="xenc:EncryptedData"/>
- <element ref="xenc:EncryptedKey" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- </complexType>
- <element name="EncryptedID" type="saml:EncryptedElementType"/>
- <element name="Issuer" type="saml:NameIDType"/>
- <element name="AssertionIDRef" type="NCName"/>
- <element name="AssertionURIRef" type="anyURI"/>
- <element name="Assertion" type="saml:AssertionType"/>
- <complexType name="AssertionType">
- <sequence>
- <element ref="saml:Issuer"/>
- <element ref="ds:Signature" minOccurs="0"/>
- <element ref="saml:Subject" minOccurs="0"/>
- <element ref="saml:Conditions" minOccurs="0"/>
- <element ref="saml:Advice" minOccurs="0"/>
- <choice minOccurs="0" maxOccurs="unbounded">
- <element ref="saml:Statement"/>
- <element ref="saml:AuthnStatement"/>
- <element ref="saml:AuthzDecisionStatement"/>
- <element ref="saml:AttributeStatement"/>
- </choice>
- </sequence>
- <attribute name="Version" type="string" use="required"/>
- <attribute name="ID" type="ID" use="required"/>
- <attribute name="IssueInstant" type="dateTime" use="required"/>
- </complexType>
- <element name="Subject" type="saml:SubjectType"/>
- <complexType name="SubjectType">
- <choice>
- <sequence>
- <choice>
- <element ref="saml:BaseID"/>
- <element ref="saml:NameID"/>
- <element ref="saml:EncryptedID"/>
- </choice>
- <element ref="saml:SubjectConfirmation" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- <element ref="saml:SubjectConfirmation" maxOccurs="unbounded"/>
- </choice>
- </complexType>
- <element name="SubjectConfirmation" type="saml:SubjectConfirmationType"/>
- <complexType name="SubjectConfirmationType">
- <sequence>
- <choice minOccurs="0">
- <element ref="saml:BaseID"/>
- <element ref="saml:NameID"/>
- <element ref="saml:EncryptedID"/>
- </choice>
- <element ref="saml:SubjectConfirmationData" minOccurs="0"/>
- </sequence>
- <attribute name="Method" type="anyURI" use="required"/>
- </complexType>
- <element name="SubjectConfirmationData" type="saml:SubjectConfirmationDataType"/>
- <complexType name="SubjectConfirmationDataType" mixed="true">
- <complexContent>
- <restriction base="anyType">
- <sequence>
- <any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- <attribute name="NotBefore" type="dateTime" use="optional"/>
- <attribute name="NotOnOrAfter" type="dateTime" use="optional"/>
- <attribute name="Recipient" type="anyURI" use="optional"/>
- <attribute name="InResponseTo" type="NCName" use="optional"/>
- <attribute name="Address" type="string" use="optional"/>
- <anyAttribute namespace="##other" processContents="lax"/>
- </restriction>
- </complexContent>
- </complexType>
- <complexType name="KeyInfoConfirmationDataType" mixed="false">
- <complexContent>
- <restriction base="saml:SubjectConfirmationDataType">
- <sequence>
- <element ref="ds:KeyInfo" maxOccurs="unbounded"/>
- </sequence>
- </restriction>
- </complexContent>
- </complexType>
- <element name="Conditions" type="saml:ConditionsType"/>
- <complexType name="ConditionsType">
- <choice minOccurs="0" maxOccurs="unbounded">
- <element ref="saml:Condition"/>
- <element ref="saml:AudienceRestriction"/>
- <element ref="saml:OneTimeUse"/>
- <element ref="saml:ProxyRestriction"/>
- </choice>
- <attribute name="NotBefore" type="dateTime" use="optional"/>
- <attribute name="NotOnOrAfter" type="dateTime" use="optional"/>
- </complexType>
- <element name="Condition" type="saml:ConditionAbstractType"/>
- <complexType name="ConditionAbstractType" abstract="true"/>
- <element name="AudienceRestriction" type="saml:AudienceRestrictionType"/>
- <complexType name="AudienceRestrictionType">
- <complexContent>
- <extension base="saml:ConditionAbstractType">
- <sequence>
- <element ref="saml:Audience" maxOccurs="unbounded"/>
- </sequence>
- </extension>
- </complexContent>
- </complexType>
- <element name="Audience" type="anyURI"/>
- <element name="OneTimeUse" type="saml:OneTimeUseType" />
- <complexType name="OneTimeUseType">
- <complexContent>
- <extension base="saml:ConditionAbstractType"/>
- </complexContent>
- </complexType>
- <element name="ProxyRestriction" type="saml:ProxyRestrictionType"/>
- <complexType name="ProxyRestrictionType">
- <complexContent>
- <extension base="saml:ConditionAbstractType">
- <sequence>
- <element ref="saml:Audience" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- <attribute name="Count" type="nonNegativeInteger" use="optional"/>
- </extension>
- </complexContent>
- </complexType>
- <element name="Advice" type="saml:AdviceType"/>
- <complexType name="AdviceType">
- <choice minOccurs="0" maxOccurs="unbounded">
- <element ref="saml:AssertionIDRef"/>
- <element ref="saml:AssertionURIRef"/>
- <element ref="saml:Assertion"/>
- <element ref="saml:EncryptedAssertion"/>
- <any namespace="##other" processContents="lax"/>
- </choice>
- </complexType>
- <element name="EncryptedAssertion" type="saml:EncryptedElementType"/>
- <element name="Statement" type="saml:StatementAbstractType"/>
- <complexType name="StatementAbstractType" abstract="true"/>
- <element name="AuthnStatement" type="saml:AuthnStatementType"/>
- <complexType name="AuthnStatementType">
- <complexContent>
- <extension base="saml:StatementAbstractType">
- <sequence>
- <element ref="saml:SubjectLocality" minOccurs="0"/>
- <element ref="saml:AuthnContext"/>
- </sequence>
- <attribute name="AuthnInstant" type="dateTime" use="required"/>
- <attribute name="SessionIndex" type="string" use="optional"/>
- <attribute name="SessionNotOnOrAfter" type="dateTime" use="optional"/>
- </extension>
- </complexContent>
- </complexType>
- <element name="SubjectLocality" type="saml:SubjectLocalityType"/>
- <complexType name="SubjectLocalityType">
- <attribute name="Address" type="string" use="optional"/>
- <attribute name="DNSName" type="string" use="optional"/>
- </complexType>
- <element name="AuthnContext" type="saml:AuthnContextType"/>
- <complexType name="AuthnContextType">
- <sequence>
- <choice>
- <sequence>
- <element ref="saml:AuthnContextClassRef"/>
- <choice minOccurs="0">
- <element ref="saml:AuthnContextDecl"/>
- <element ref="saml:AuthnContextDeclRef"/>
- </choice>
- </sequence>
- <choice>
- <element ref="saml:AuthnContextDecl"/>
- <element ref="saml:AuthnContextDeclRef"/>
- </choice>
- </choice>
- <element ref="saml:AuthenticatingAuthority" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- </complexType>
- <element name="AuthnContextClassRef" type="anyURI"/>
- <element name="AuthnContextDeclRef" type="anyURI"/>
- <element name="AuthnContextDecl" type="anyType"/>
- <element name="AuthenticatingAuthority" type="anyURI"/>
- <element name="AuthzDecisionStatement" type="saml:AuthzDecisionStatementType"/>
- <complexType name="AuthzDecisionStatementType">
- <complexContent>
- <extension base="saml:StatementAbstractType">
- <sequence>
- <element ref="saml:Action" maxOccurs="unbounded"/>
- <element ref="saml:Evidence" minOccurs="0"/>
- </sequence>
- <attribute name="Resource" type="anyURI" use="required"/>
- <attribute name="Decision" type="saml:DecisionType" use="required"/>
- </extension>
- </complexContent>
- </complexType>
- <simpleType name="DecisionType">
- <restriction base="string">
- <enumeration value="Permit"/>
- <enumeration value="Deny"/>
- <enumeration value="Indeterminate"/>
- </restriction>
- </simpleType>
- <element name="Action" type="saml:ActionType"/>
- <complexType name="ActionType">
- <simpleContent>
- <extension base="string">
- <attribute name="Namespace" type="anyURI" use="required"/>
- </extension>
- </simpleContent>
- </complexType>
- <element name="Evidence" type="saml:EvidenceType"/>
- <complexType name="EvidenceType">
- <choice maxOccurs="unbounded">
- <element ref="saml:AssertionIDRef"/>
- <element ref="saml:AssertionURIRef"/>
- <element ref="saml:Assertion"/>
- <element ref="saml:EncryptedAssertion"/>
- </choice>
- </complexType>
- <element name="AttributeStatement" type="saml:AttributeStatementType"/>
- <complexType name="AttributeStatementType">
- <complexContent>
- <extension base="saml:StatementAbstractType">
- <choice maxOccurs="unbounded">
- <element ref="saml:Attribute"/>
- <element ref="saml:EncryptedAttribute"/>
- </choice>
- </extension>
- </complexContent>
- </complexType>
- <element name="Attribute" type="saml:AttributeType"/>
- <complexType name="AttributeType">
- <sequence>
- <element ref="saml:AttributeValue" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- <attribute name="Name" type="string" use="required"/>
- <attribute name="NameFormat" type="anyURI" use="optional"/>
- <attribute name="FriendlyName" type="string" use="optional"/>
- <anyAttribute namespace="##other" processContents="lax"/>
- </complexType>
- <element name="AttributeValue" type="anyType" nillable="true"/>
- <element name="EncryptedAttribute" type="saml:EncryptedElementType"/>
-</schema>
diff --git a/schemas/saml-schema-authn-context-2.0.xsd b/schemas/saml-schema-authn-context-2.0.xsd
deleted file mode 100644
index e4754faf8..000000000
--- a/schemas/saml-schema-authn-context-2.0.xsd
+++ /dev/null
@@ -1,23 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<xs:schema
- targetNamespace="urn:oasis:names:tc:SAML:2.0:ac"
- xmlns:xs="http://www.w3.org/2001/XMLSchema"
- xmlns="urn:oasis:names:tc:SAML:2.0:ac"
- blockDefault="substitution"
- version="2.0">
-
- <xs:annotation>
- <xs:documentation>
- Document identifier: saml-schema-authn-context-2.0
- Location: http://docs.oasis-open.org/security/saml/v2.0/
- Revision history:
- V2.0 (March, 2005):
- New core authentication context schema for SAML V2.0.
- This is just an include of all types from the schema
- referred to in the include statement below.
- </xs:documentation>
- </xs:annotation>
-
- <xs:include schemaLocation="saml-schema-authn-context-types-2.0.xsd"/>
-
-</xs:schema>
\ No newline at end of file
diff --git a/schemas/saml-schema-authn-context-auth-telephony-2.0.xsd b/schemas/saml-schema-authn-context-auth-telephony-2.0.xsd
deleted file mode 100644
index da59934be..000000000
--- a/schemas/saml-schema-authn-context-auth-telephony-2.0.xsd
+++ /dev/null
@@ -1,81 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:AuthenticatedTelephony"
- xmlns:xs="http://www.w3.org/2001/XMLSchema"
- xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:AuthenticatedTelephony"
- finalDefault="extension"
- blockDefault="substitution"
- version="2.0">
-
- <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
-
- <xs:annotation>
- <xs:documentation>
- Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:AuthenticatedTelephony
- Document identifier: saml-schema-authn-context-auth-telephony-2.0
- Location: http://docs.oasis-open.org/security/saml/v2.0/
- Revision history:
- V2.0 (March, 2005):
- New authentication context class schema for SAML V2.0.
- </xs:documentation>
- </xs:annotation>
-
- <xs:complexType name="AuthnContextDeclarationBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthnContextDeclarationBaseType">
- <xs:sequence>
- <xs:element ref="Identification" minOccurs="0"/>
- <xs:element ref="TechnicalProtection" minOccurs="0"/>
- <xs:element ref="OperationalProtection" minOccurs="0"/>
- <xs:element ref="AuthnMethod"/>
- <xs:element ref="GoverningAgreements" minOccurs="0"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- <xs:attribute name="ID" type="xs:ID" use="optional"/>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="AuthnMethodBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthnMethodBaseType">
- <xs:sequence>
- <xs:element ref="PrincipalAuthenticationMechanism" minOccurs="0"/>
- <xs:element ref="Authenticator"/>
- <xs:element ref="AuthenticatorTransportProtocol"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="AuthenticatorBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthenticatorBaseType">
- <xs:sequence>
- <xs:element ref="Password"/>
- <xs:element ref="SubscriberLineNumber"/>
- <xs:element ref="UserSuffix"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="AuthenticatorTransportProtocolType">
- <xs:complexContent>
- <xs:restriction base="AuthenticatorTransportProtocolType">
- <xs:sequence>
- <xs:choice>
- <xs:element ref="PSTN"/>
- <xs:element ref="ISDN"/>
- <xs:element ref="ADSL"/>
- </xs:choice>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- </xs:redefine>
-
-</xs:schema>
\ No newline at end of file
diff --git a/schemas/saml-schema-authn-context-ip-2.0.xsd b/schemas/saml-schema-authn-context-ip-2.0.xsd
deleted file mode 100644
index d4e7dfba1..000000000
--- a/schemas/saml-schema-authn-context-ip-2.0.xsd
+++ /dev/null
@@ -1,65 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<xs:schema
- targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocol"
- xmlns:xs="http://www.w3.org/2001/XMLSchema"
- xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocol"
- finalDefault="extension"
- blockDefault="substitution"
- version="2.0">
-
- <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
-
- <xs:annotation>
- <xs:documentation>
- Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocol
- Document identifier: saml-schema-authn-context-ip-2.0
- Location: http://docs.oasis-open.org/security/saml/v2.0/
- Revision history:
- V2.0 (March, 2005):
- New authentication context class schema for SAML V2.0.
- </xs:documentation>
- </xs:annotation>
-
- <xs:complexType name="AuthnContextDeclarationBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthnContextDeclarationBaseType">
- <xs:sequence>
- <xs:element ref="Identification" minOccurs="0"/>
- <xs:element ref="TechnicalProtection" minOccurs="0"/>
- <xs:element ref="OperationalProtection" minOccurs="0"/>
- <xs:element ref="AuthnMethod"/>
- <xs:element ref="GoverningAgreements" minOccurs="0"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- <xs:attribute name="ID" type="xs:ID" use="optional"/>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="AuthnMethodBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthnMethodBaseType">
- <xs:sequence>
- <xs:element ref="PrincipalAuthenticationMechanism" minOccurs="0"/>
- <xs:element ref="Authenticator"/>
- <xs:element ref="AuthenticatorTransportProtocol" minOccurs="0"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="AuthenticatorBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthenticatorBaseType">
- <xs:sequence>
- <xs:element ref="IPAddress"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- </xs:redefine>
-
-</xs:schema>
\ No newline at end of file
diff --git a/schemas/saml-schema-authn-context-ippword-2.0.xsd b/schemas/saml-schema-authn-context-ippword-2.0.xsd
deleted file mode 100644
index 708f59643..000000000
--- a/schemas/saml-schema-authn-context-ippword-2.0.xsd
+++ /dev/null
@@ -1,67 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword"
- xmlns:ac="urn:oasis:names:tc:SAML:2.0:ac"
- xmlns:xs="http://www.w3.org/2001/XMLSchema"
- xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword"
- finalDefault="extension"
- blockDefault="substitution"
- version="2.0">
-
- <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
-
- <xs:annotation>
- <xs:documentation>
- Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword
- Document identifier: saml-schema-authn-context-ippword-2.0
- Location: http://docs.oasis-open.org/security/saml/v2.0/
- Revision history:
- V2.0 (March, 2005):
- New authentication context class schema for SAML V2.0.
- </xs:documentation>
- </xs:annotation>
-
- <xs:complexType name="AuthnContextDeclarationBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthnContextDeclarationBaseType">
- <xs:sequence>
- <xs:element ref="Identification" minOccurs="0"/>
- <xs:element ref="TechnicalProtection" minOccurs="0"/>
- <xs:element ref="OperationalProtection" minOccurs="0"/>
- <xs:element ref="AuthnMethod"/>
- <xs:element ref="GoverningAgreements" minOccurs="0"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- <xs:attribute name="ID" type="xs:ID" use="optional"/>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="AuthnMethodBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthnMethodBaseType">
- <xs:sequence>
- <xs:element ref="PrincipalAuthenticationMechanism" minOccurs="0"/>
- <xs:element ref="Authenticator"/>
- <xs:element ref="AuthenticatorTransportProtocol" minOccurs="0"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="AuthenticatorBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthenticatorBaseType">
- <xs:sequence>
- <xs:element ref="Password"/>
- <xs:element ref="IPAddress"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- </xs:redefine>
-
-</xs:schema>
diff --git a/schemas/saml-schema-authn-context-kerberos-2.0.xsd b/schemas/saml-schema-authn-context-kerberos-2.0.xsd
deleted file mode 100644
index 4b6a3a5da..000000000
--- a/schemas/saml-schema-authn-context-kerberos-2.0.xsd
+++ /dev/null
@@ -1,83 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:Kerberos"
- xmlns:xs="http://www.w3.org/2001/XMLSchema"
- xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:Kerberos"
- finalDefault="extension"
- blockDefault="substitution"
- version="2.0">
-
- <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
-
- <xs:annotation>
- <xs:documentation>
- Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:Kerberos
- Document identifier: saml-schema-authn-context-kerberos-2.0
- Location: http://docs.oasis-open.org/security/saml/v2.0/
- Revision history:
- V2.0 (March, 2005):
- New authentication context class schema for SAML V2.0.
- </xs:documentation>
- </xs:annotation>
-
- <xs:complexType name="AuthnContextDeclarationBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthnContextDeclarationBaseType">
- <xs:sequence>
- <xs:element ref="Identification" minOccurs="0"/>
- <xs:element ref="TechnicalProtection" minOccurs="0"/>
- <xs:element ref="OperationalProtection" minOccurs="0"/>
- <xs:element ref="AuthnMethod"/>
- <xs:element ref="GoverningAgreements" minOccurs="0"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- <xs:attribute name="ID" type="xs:ID" use="optional"/>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="AuthnMethodBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthnMethodBaseType">
- <xs:sequence>
- <xs:element ref="PrincipalAuthenticationMechanism"/>
- <xs:element ref="Authenticator"/>
- <xs:element ref="AuthenticatorTransportProtocol" minOccurs="0"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="PrincipalAuthenticationMechanismType">
- <xs:complexContent>
- <xs:restriction base="PrincipalAuthenticationMechanismType">
- <xs:sequence>
- <xs:element ref="RestrictedPassword"/>
- </xs:sequence>
- <xs:attribute name="preauth" type="xs:integer" use="optional"/>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="AuthenticatorBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthenticatorBaseType">
- <xs:sequence>
- <xs:element ref="SharedSecretChallengeResponse"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="SharedSecretChallengeResponseType">
- <xs:complexContent>
- <xs:restriction base="SharedSecretChallengeResponseType">
- <xs:attribute name="method" type="xs:anyURI" fixed="urn:oasis:names:tc:SAML:2.0:ac:classes:Kerberos"/>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- </xs:redefine>
-
-</xs:schema>
\ No newline at end of file
diff --git a/schemas/saml-schema-authn-context-mobileonefactor-reg-2.0.xsd b/schemas/saml-schema-authn-context-mobileonefactor-reg-2.0.xsd
deleted file mode 100644
index f72443437..000000000
--- a/schemas/saml-schema-authn-context-mobileonefactor-reg-2.0.xsd
+++ /dev/null
@@ -1,186 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:MobileOneFactorContract"
- xmlns:xs="http://www.w3.org/2001/XMLSchema"
- xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:MobileOneFactorContract"
- finalDefault="extension"
- blockDefault="substitution"
- version="2.0">
-
- <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
-
- <xs:annotation>
- <xs:documentation>
- Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:MobileOneFactorContract
- Document identifier: saml-schema-authn-context-mobileonefactor-reg-2.0
- Location: http://docs.oasis-open.org/security/saml/v2.0/
- Revision history:
- V2.0 (March, 2005):
- New authentication context class schema for SAML V2.0.
- </xs:documentation>
- </xs:annotation>
-
- <xs:complexType name="AuthnContextDeclarationBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthnContextDeclarationBaseType">
- <xs:sequence>
- <xs:element ref="Identification" minOccurs="0"/>
- <xs:element ref="TechnicalProtection" minOccurs="0"/>
- <xs:element ref="OperationalProtection" minOccurs="0"/>
- <xs:element ref="AuthnMethod"/>
- <xs:element ref="GoverningAgreements" minOccurs="0"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- <xs:attribute name="ID" type="xs:ID" use="optional"/>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="AuthnMethodBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthnMethodBaseType">
- <xs:sequence>
- <xs:element ref="PrincipalAuthenticationMechanism" minOccurs="0"/>
- <xs:element ref="Authenticator"/>
- <xs:element ref="AuthenticatorTransportProtocol" minOccurs="0"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="AuthenticatorBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthenticatorBaseType">
- <xs:sequence>
- <xs:choice>
- <xs:element ref="DigSig"/>
- <xs:element ref="ZeroKnowledge"/>
- <xs:element ref="SharedSecretChallengeResponse"/>
- <xs:element ref="SharedSecretDynamicPlaintext"/>
- <xs:element ref="AsymmetricDecryption"/>
- <xs:element ref="AsymmetricKeyAgreement"/>
- </xs:choice>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="AuthenticatorTransportProtocolType">
- <xs:complexContent>
- <xs:restriction base="AuthenticatorTransportProtocolType">
- <xs:sequence>
- <xs:choice>
- <xs:element ref="SSL"/>
- <xs:element ref="MobileNetworkNoEncryption"/>
- <xs:element ref="MobileNetworkRadioEncryption"/>
- <xs:element ref="MobileNetworkEndToEndEncryption"/>
- <xs:element ref="WTLS"/>
- </xs:choice>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="OperationalProtectionType">
- <xs:complexContent>
- <xs:restriction base="OperationalProtectionType">
- <xs:sequence>
- <xs:element ref="SecurityAudit"/>
- <xs:element ref="DeactivationCallCenter"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="TechnicalProtectionBaseType">
- <xs:complexContent>
- <xs:restriction base="TechnicalProtectionBaseType">
- <xs:sequence>
- <xs:choice>
- <xs:element ref="PrivateKeyProtection"/>
- <xs:element ref="SecretKeyProtection"/>
- </xs:choice>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="PrivateKeyProtectionType">
- <xs:complexContent>
- <xs:restriction base="PrivateKeyProtectionType">
- <xs:sequence>
- <xs:element ref="KeyStorage"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="SecretKeyProtectionType">
- <xs:complexContent>
- <xs:restriction base="SecretKeyProtectionType">
- <xs:sequence>
- <xs:element ref="KeyStorage"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="KeyStorageType">
- <xs:complexContent>
- <xs:restriction base="KeyStorageType">
- <xs:attribute name="medium" use="required">
- <xs:simpleType>
- <xs:restriction base="mediumType">
- <xs:enumeration value="smartcard"/>
- <xs:enumeration value="MobileDevice"/>
- <xs:enumeration value="MobileAuthCard"/>
- </xs:restriction>
- </xs:simpleType>
- </xs:attribute>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="SecurityAuditType">
- <xs:complexContent>
- <xs:restriction base="SecurityAuditType">
- <xs:sequence>
- <xs:element ref="SwitchAudit"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="IdentificationType">
- <xs:complexContent>
- <xs:restriction base="IdentificationType">
- <xs:sequence>
- <xs:element ref="PhysicalVerification"/>
- <xs:element ref="WrittenConsent"/>
- <xs:element ref="GoverningAgreements"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- <xs:attribute name="nym">
- <xs:simpleType>
- <xs:restriction base="nymType">
- <xs:enumeration value="anonymity"/>
- <xs:enumeration value="verinymity"/>
- <xs:enumeration value="pseudonymity"/>
- </xs:restriction>
- </xs:simpleType>
- </xs:attribute>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- </xs:redefine>
-
-</xs:schema>
diff --git a/schemas/saml-schema-authn-context-mobileonefactor-unreg-2.0.xsd b/schemas/saml-schema-authn-context-mobileonefactor-unreg-2.0.xsd
deleted file mode 100644
index 9727c45fd..000000000
--- a/schemas/saml-schema-authn-context-mobileonefactor-unreg-2.0.xsd
+++ /dev/null
@@ -1,183 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:MobileOneFactorUnregistered"
- xmlns:xs="http://www.w3.org/2001/XMLSchema"
- xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:MobileOneFactorUnregistered"
- finalDefault="extension"
- blockDefault="substitution"
- version="2.0">
-
- <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
-
- <xs:annotation>
- <xs:documentation>
- Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:MobileOneFactorUnregistered
- Document identifier: saml-schema-authn-context-mobileonefactor-unreg-2.0
- Location: http://docs.oasis-open.org/security/saml/v2.0/
- Revision history:
- V2.0 (March, 2005):
- New authentication context class schema for SAML V2.0.
- </xs:documentation>
- </xs:annotation>
-
- <xs:complexType name="AuthnContextDeclarationBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthnContextDeclarationBaseType">
- <xs:sequence>
- <xs:element ref="Identification" minOccurs="0"/>
- <xs:element ref="TechnicalProtection" minOccurs="0"/>
- <xs:element ref="OperationalProtection" minOccurs="0"/>
- <xs:element ref="AuthnMethod"/>
- <xs:element ref="GoverningAgreements" minOccurs="0"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- <xs:attribute name="ID" type="xs:ID" use="optional"/>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="AuthnMethodBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthnMethodBaseType">
- <xs:sequence>
- <xs:element ref="PrincipalAuthenticationMechanism" minOccurs="0"/>
- <xs:element ref="Authenticator"/>
- <xs:element ref="AuthenticatorTransportProtocol" minOccurs="0"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="AuthenticatorBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthenticatorBaseType">
- <xs:sequence>
- <xs:choice>
- <xs:element ref="DigSig"/>
- <xs:element ref="ZeroKnowledge"/>
- <xs:element ref="SharedSecretChallengeResponse"/>
- <xs:element ref="SharedSecretDynamicPlaintext"/>
- <xs:element ref="AsymmetricDecryption"/>
- <xs:element ref="AsymmetricKeyAgreement"/>
- </xs:choice>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="AuthenticatorTransportProtocolType">
- <xs:complexContent>
- <xs:restriction base="AuthenticatorTransportProtocolType">
- <xs:sequence>
- <xs:choice>
- <xs:element ref="SSL"/>
- <xs:element ref="MobileNetworkNoEncryption"/>
- <xs:element ref="MobileNetworkRadioEncryption"/>
- <xs:element ref="MobileNetworkEndToEndEncryption"/>
- <xs:element ref="WTLS"/>
- </xs:choice>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="OperationalProtectionType">
- <xs:complexContent>
- <xs:restriction base="OperationalProtectionType">
- <xs:sequence>
- <xs:element ref="SecurityAudit"/>
- <xs:element ref="DeactivationCallCenter"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="TechnicalProtectionBaseType">
- <xs:complexContent>
- <xs:restriction base="TechnicalProtectionBaseType">
- <xs:sequence>
- <xs:choice>
- <xs:element ref="PrivateKeyProtection"/>
- <xs:element ref="SecretKeyProtection"/>
- </xs:choice>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="PrivateKeyProtectionType">
- <xs:complexContent>
- <xs:restriction base="PrivateKeyProtectionType">
- <xs:sequence>
- <xs:element ref="KeyStorage"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="SecretKeyProtectionType">
- <xs:complexContent>
- <xs:restriction base="SecretKeyProtectionType">
- <xs:sequence>
- <xs:element ref="KeyStorage"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="KeyStorageType">
- <xs:complexContent>
- <xs:restriction base="KeyStorageType">
- <xs:attribute name="medium" use="required">
- <xs:simpleType>
- <xs:restriction base="mediumType">
- <xs:enumeration value="MobileDevice"/>
- <xs:enumeration value="MobileAuthCard"/>
- <xs:enumeration value="smartcard"/>
- </xs:restriction>
- </xs:simpleType>
- </xs:attribute>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="SecurityAuditType">
- <xs:complexContent>
- <xs:restriction base="SecurityAuditType">
- <xs:sequence>
- <xs:element ref="SwitchAudit"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="IdentificationType">
- <xs:complexContent>
- <xs:restriction base="IdentificationType">
- <xs:sequence>
- <xs:element ref="GoverningAgreements"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- <xs:attribute name="nym">
- <xs:simpleType>
- <xs:restriction base="nymType">
- <xs:enumeration value="anonymity"/>
- <xs:enumeration value="pseudonymity"/>
- </xs:restriction>
- </xs:simpleType>
- </xs:attribute>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- </xs:redefine>
-
-</xs:schema>
diff --git a/schemas/saml-schema-authn-context-mobiletwofactor-reg-2.0.xsd b/schemas/saml-schema-authn-context-mobiletwofactor-reg-2.0.xsd
deleted file mode 100644
index d0c59aa13..000000000
--- a/schemas/saml-schema-authn-context-mobiletwofactor-reg-2.0.xsd
+++ /dev/null
@@ -1,202 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract"
- xmlns:xs="http://www.w3.org/2001/XMLSchema"
- xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract"
- finalDefault="extension"
- blockDefault="substitution"
- version="2.0">
-
- <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
-
- <xs:annotation>
- <xs:documentation>
- Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract
- Document identifier: saml-schema-authn-context-mobiletwofactor-reg-2.0
- Location: http://docs.oasis-open.org/security/saml/v2.0/
- Revision history:
- V2.0 (March, 2005):
- New authentication context class schema for SAML V2.0.
- </xs:documentation>
- </xs:annotation>
-
- <xs:complexType name="AuthnContextDeclarationBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthnContextDeclarationBaseType">
- <xs:sequence>
- <xs:element ref="Identification" minOccurs="0"/>
- <xs:element ref="TechnicalProtection" minOccurs="0"/>
- <xs:element ref="OperationalProtection" minOccurs="0"/>
- <xs:element ref="AuthnMethod"/>
- <xs:element ref="GoverningAgreements" minOccurs="0"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- <xs:attribute name="ID" type="xs:ID" use="optional"/>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="AuthnMethodBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthnMethodBaseType">
- <xs:sequence>
- <xs:element ref="PrincipalAuthenticationMechanism" minOccurs="0"/>
- <xs:element ref="Authenticator"/>
- <xs:element ref="AuthenticatorTransportProtocol" minOccurs="0"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="AuthenticatorBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthenticatorBaseType">
- <xs:sequence>
- <xs:choice>
- <xs:element ref="DigSig"/>
- <xs:element ref="ZeroKnowledge"/>
- <xs:element ref="SharedSecretChallengeResponse"/>
- <xs:element ref="SharedSecretDynamicPlaintext"/>
- <xs:element ref="AsymmetricDecryption"/>
- <xs:element ref="AsymmetricKeyAgreement"/>
- <xs:element ref="ComplexAuthenticator"/>
- </xs:choice>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="ComplexAuthenticatorType">
- <xs:complexContent>
- <xs:restriction base="ComplexAuthenticatorType">
- <xs:sequence>
- <xs:choice>
- <xs:element ref="SharedSecretChallengeResponse"/>
- <xs:element ref="SharedSecretDynamicPlaintext"/>
- </xs:choice>
- <xs:element ref="Password"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="AuthenticatorTransportProtocolType">
- <xs:complexContent>
- <xs:restriction base="AuthenticatorTransportProtocolType">
- <xs:sequence>
- <xs:choice>
- <xs:element ref="SSL"/>
- <xs:element ref="MobileNetworkNoEncryption"/>
- <xs:element ref="MobileNetworkRadioEncryption"/>
- <xs:element ref="MobileNetworkEndToEndEncryption"/>
- <xs:element ref="WTLS"/>
- </xs:choice>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="OperationalProtectionType">
- <xs:complexContent>
- <xs:restriction base="OperationalProtectionType">
- <xs:sequence>
- <xs:element ref="SecurityAudit"/>
- <xs:element ref="DeactivationCallCenter"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="TechnicalProtectionBaseType">
- <xs:complexContent>
- <xs:restriction base="TechnicalProtectionBaseType">
- <xs:sequence>
- <xs:choice>
- <xs:element ref="PrivateKeyProtection"/>
- <xs:element ref="SecretKeyProtection"/>
- </xs:choice>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="PrivateKeyProtectionType">
- <xs:complexContent>
- <xs:restriction base="PrivateKeyProtectionType">
- <xs:sequence>
- <xs:element ref="KeyActivation"/>
- <xs:element ref="KeyStorage"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="SecretKeyProtectionType">
- <xs:complexContent>
- <xs:restriction base="SecretKeyProtectionType">
- <xs:sequence>
- <xs:element ref="KeyActivation"/>
- <xs:element ref="KeyStorage"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="KeyStorageType">
- <xs:complexContent>
- <xs:restriction base="KeyStorageType">
- <xs:attribute name="medium" use="required">
- <xs:simpleType>
- <xs:restriction base="mediumType">
- <xs:enumeration value="MobileDevice"/>
- <xs:enumeration value="MobileAuthCard"/>
- <xs:enumeration value="smartcard"/>
- </xs:restriction>
- </xs:simpleType>
- </xs:attribute>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="SecurityAuditType">
- <xs:complexContent>
- <xs:restriction base="SecurityAuditType">
- <xs:sequence>
- <xs:element ref="SwitchAudit"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="IdentificationType">
- <xs:complexContent>
- <xs:restriction base="IdentificationType">
- <xs:sequence>
- <xs:element ref="PhysicalVerification"/>
- <xs:element ref="WrittenConsent"/>
- <xs:element ref="GoverningAgreements"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- <xs:attribute name="nym">
- <xs:simpleType>
- <xs:restriction base="nymType">
- <xs:enumeration value="anonymity"/>
- <xs:enumeration value="verinymity"/>
- <xs:enumeration value="pseudonymity"/>
- </xs:restriction>
- </xs:simpleType>
- </xs:attribute>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
- </xs:redefine>
-
-</xs:schema>
diff --git a/schemas/saml-schema-authn-context-mobiletwofactor-unreg-2.0.xsd b/schemas/saml-schema-authn-context-mobiletwofactor-unreg-2.0.xsd
deleted file mode 100644
index 1a4578cd8..000000000
--- a/schemas/saml-schema-authn-context-mobiletwofactor-unreg-2.0.xsd
+++ /dev/null
@@ -1,200 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorUnregistered"
- xmlns:xs="http://www.w3.org/2001/XMLSchema"
- xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorUnregistered"
- finalDefault="extension"
- blockDefault="substitution"
- version="2.0">
-
- <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
-
- <xs:annotation>
- <xs:documentation>
- Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorUnregistered
- Document identifier: saml-schema-authn-context-mobiletwofactor-unreg-2.0
- Location: http://docs.oasis-open.org/security/saml/v2.0/
- Revision history:
- V2.0 (March, 2005):
- New authentication context class schema for SAML V2.0.
- </xs:documentation>
- </xs:annotation>
-
- <xs:complexType name="AuthnContextDeclarationBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthnContextDeclarationBaseType">
- <xs:sequence>
- <xs:element ref="Identification" minOccurs="0"/>
- <xs:element ref="TechnicalProtection" minOccurs="0"/>
- <xs:element ref="OperationalProtection" minOccurs="0"/>
- <xs:element ref="AuthnMethod"/>
- <xs:element ref="GoverningAgreements" minOccurs="0"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- <xs:attribute name="ID" type="xs:ID" use="optional"/>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="AuthnMethodBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthnMethodBaseType">
- <xs:sequence>
- <xs:element ref="PrincipalAuthenticationMechanism" minOccurs="0"/>
- <xs:element ref="Authenticator"/>
- <xs:element ref="AuthenticatorTransportProtocol" minOccurs="0"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="AuthenticatorBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthenticatorBaseType">
- <xs:sequence>
- <xs:choice>
- <xs:element ref="DigSig"/>
- <xs:element ref="ZeroKnowledge"/>
- <xs:element ref="SharedSecretChallengeResponse"/>
- <xs:element ref="SharedSecretDynamicPlaintext"/>
- <xs:element ref="AsymmetricDecryption"/>
- <xs:element ref="AsymmetricKeyAgreement"/>
- <xs:element ref="ComplexAuthenticator"/>
- </xs:choice>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="ComplexAuthenticatorType">
- <xs:complexContent>
- <xs:restriction base="ComplexAuthenticatorType">
- <xs:sequence>
- <xs:choice>
- <xs:element ref="SharedSecretChallengeResponse"/>
- <xs:element ref="SharedSecretDynamicPlaintext"/>
- </xs:choice>
- <xs:element ref="Password"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="AuthenticatorTransportProtocolType">
- <xs:complexContent>
- <xs:restriction base="AuthenticatorTransportProtocolType">
- <xs:sequence>
- <xs:choice>
- <xs:element ref="SSL"/>
- <xs:element ref="MobileNetworkNoEncryption"/>
- <xs:element ref="MobileNetworkRadioEncryption"/>
- <xs:element ref="MobileNetworkEndToEndEncryption"/>
- <xs:element ref="WTLS"/>
- </xs:choice>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="OperationalProtectionType">
- <xs:complexContent>
- <xs:restriction base="OperationalProtectionType">
- <xs:sequence>
- <xs:element ref="SecurityAudit"/>
- <xs:element ref="DeactivationCallCenter"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="TechnicalProtectionBaseType">
- <xs:complexContent>
- <xs:restriction base="TechnicalProtectionBaseType">
- <xs:sequence>
- <xs:choice>
- <xs:element ref="PrivateKeyProtection"/>
- <xs:element ref="SecretKeyProtection"/>
- </xs:choice>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="PrivateKeyProtectionType">
- <xs:complexContent>
- <xs:restriction base="PrivateKeyProtectionType">
- <xs:sequence>
- <xs:element ref="KeyActivation"/>
- <xs:element ref="KeyStorage"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="SecretKeyProtectionType">
- <xs:complexContent>
- <xs:restriction base="SecretKeyProtectionType">
- <xs:sequence>
- <xs:element ref="KeyActivation"/>
- <xs:element ref="KeyStorage"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="KeyStorageType">
- <xs:complexContent>
- <xs:restriction base="KeyStorageType">
- <xs:attribute name="medium" use="required">
- <xs:simpleType>
- <xs:restriction base="mediumType">
- <xs:enumeration value="MobileDevice"/>
- <xs:enumeration value="MobileAuthCard"/>
- <xs:enumeration value="smartcard"/>
- </xs:restriction>
- </xs:simpleType>
- </xs:attribute>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="SecurityAuditType">
- <xs:complexContent>
- <xs:restriction base="SecurityAuditType">
- <xs:sequence>
- <xs:element ref="SwitchAudit"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="IdentificationType">
- <xs:complexContent>
- <xs:restriction base="IdentificationType">
- <xs:sequence>
- <xs:element ref="GoverningAgreements"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- <xs:attribute name="nym">
- <xs:simpleType>
- <xs:restriction base="nymType">
- <xs:enumeration value="anonymity"/>
- <xs:enumeration value="pseudonymity"/>
- </xs:restriction>
- </xs:simpleType>
- </xs:attribute>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- </xs:redefine>
-
-</xs:schema>
diff --git a/schemas/saml-schema-authn-context-nomad-telephony-2.0.xsd b/schemas/saml-schema-authn-context-nomad-telephony-2.0.xsd
deleted file mode 100644
index 0eb861f93..000000000
--- a/schemas/saml-schema-authn-context-nomad-telephony-2.0.xsd
+++ /dev/null
@@ -1,81 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:NomadTelephony"
- xmlns:xs="http://www.w3.org/2001/XMLSchema"
- xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:NomadTelephony"
- finalDefault="extension"
- blockDefault="substitution"
- version="2.0">
-
- <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
-
- <xs:annotation>
- <xs:documentation>
- Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:NomadTelephony
- Document identifier: saml-schema-authn-context-nomad-telephony-2.0
- Location: http://docs.oasis-open.org/security/saml/v2.0/
- Revision history:
- V2.0 (March, 2005):
- New authentication context class schema for SAML V2.0.
- </xs:documentation>
- </xs:annotation>
-
- <xs:complexType name="AuthnContextDeclarationBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthnContextDeclarationBaseType">
- <xs:sequence>
- <xs:element ref="Identification" minOccurs="0"/>
- <xs:element ref="TechnicalProtection" minOccurs="0"/>
- <xs:element ref="OperationalProtection" minOccurs="0"/>
- <xs:element ref="AuthnMethod"/>
- <xs:element ref="GoverningAgreements" minOccurs="0"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- <xs:attribute name="ID" type="xs:ID" use="optional"/>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="AuthnMethodBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthnMethodBaseType">
- <xs:sequence>
- <xs:element ref="PrincipalAuthenticationMechanism" minOccurs="0"/>
- <xs:element ref="Authenticator"/>
- <xs:element ref="AuthenticatorTransportProtocol"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="AuthenticatorBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthenticatorBaseType">
- <xs:sequence>
- <xs:element ref="Password"/>
- <xs:element ref="SubscriberLineNumber"/>
- <xs:element ref="UserSuffix"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="AuthenticatorTransportProtocolType">
- <xs:complexContent>
- <xs:restriction base="AuthenticatorTransportProtocolType">
- <xs:sequence>
- <xs:choice>
- <xs:element ref="PSTN"/>
- <xs:element ref="ISDN"/>
- <xs:element ref="ADSL"/>
- </xs:choice>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- </xs:redefine>
-
-</xs:schema>
\ No newline at end of file
diff --git a/schemas/saml-schema-authn-context-personal-telephony-2.0.xsd b/schemas/saml-schema-authn-context-personal-telephony-2.0.xsd
deleted file mode 100644
index a9eebf425..000000000
--- a/schemas/saml-schema-authn-context-personal-telephony-2.0.xsd
+++ /dev/null
@@ -1,80 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:PersonalizedTelephony"
- xmlns:xs="http://www.w3.org/2001/XMLSchema"
- xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:PersonalizedTelephony"
- finalDefault="extension"
- blockDefault="substitution"
- version="2.0">
-
- <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
-
- <xs:annotation>
- <xs:documentation>
- Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:PersonalizedTelephony
- Document identifier: saml-schema-authn-context-personal-telephony-2.0
- Location: http://docs.oasis-open.org/security/saml/v2.0/
- Revision history:
- V2.0 (March, 2005):
- New authentication context class schema for SAML V2.0.
- </xs:documentation>
- </xs:annotation>
-
- <xs:complexType name="AuthnContextDeclarationBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthnContextDeclarationBaseType">
- <xs:sequence>
- <xs:element ref="Identification" minOccurs="0"/>
- <xs:element ref="TechnicalProtection" minOccurs="0"/>
- <xs:element ref="OperationalProtection" minOccurs="0"/>
- <xs:element ref="AuthnMethod"/>
- <xs:element ref="GoverningAgreements" minOccurs="0"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- <xs:attribute name="ID" type="xs:ID" use="optional"/>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="AuthnMethodBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthnMethodBaseType">
- <xs:sequence>
- <xs:element ref="PrincipalAuthenticationMechanism" minOccurs="0"/>
- <xs:element ref="Authenticator"/>
- <xs:element ref="AuthenticatorTransportProtocol"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="AuthenticatorBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthenticatorBaseType">
- <xs:sequence>
- <xs:element ref="SubscriberLineNumber"/>
- <xs:element ref="UserSuffix"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="AuthenticatorTransportProtocolType">
- <xs:complexContent>
- <xs:restriction base="AuthenticatorTransportProtocolType">
- <xs:sequence>
- <xs:choice>
- <xs:element ref="PSTN"/>
- <xs:element ref="ISDN"/>
- <xs:element ref="ADSL"/>
- </xs:choice>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- </xs:redefine>
-
-</xs:schema>
diff --git a/schemas/saml-schema-authn-context-pgp-2.0.xsd b/schemas/saml-schema-authn-context-pgp-2.0.xsd
deleted file mode 100644
index 74c73c1c2..000000000
--- a/schemas/saml-schema-authn-context-pgp-2.0.xsd
+++ /dev/null
@@ -1,83 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:PGP"
- xmlns:xs="http://www.w3.org/2001/XMLSchema"
- xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:PGP"
- finalDefault="extension"
- blockDefault="substitution"
- version="2.0">
-
- <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
-
- <xs:annotation>
- <xs:documentation>
- Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:PGP
- Document identifier: saml-schema-authn-context-pgp-2.0
- Location: http://docs.oasis-open.org/security/saml/v2.0/
- Revision history:
- V2.0 (March, 2005):
- New authentication context class schema for SAML V2.0.
- </xs:documentation>
- </xs:annotation>
-
- <xs:complexType name="AuthnContextDeclarationBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthnContextDeclarationBaseType">
- <xs:sequence>
- <xs:element ref="Identification" minOccurs="0"/>
- <xs:element ref="TechnicalProtection" minOccurs="0"/>
- <xs:element ref="OperationalProtection" minOccurs="0"/>
- <xs:element ref="AuthnMethod"/>
- <xs:element ref="GoverningAgreements" minOccurs="0"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- <xs:attribute name="ID" type="xs:ID" use="optional"/>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="AuthnMethodBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthnMethodBaseType">
- <xs:sequence>
- <xs:element ref="PrincipalAuthenticationMechanism"/>
- <xs:element ref="Authenticator"/>
- <xs:element ref="AuthenticatorTransportProtocol" minOccurs="0"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="PrincipalAuthenticationMechanismType">
- <xs:complexContent>
- <xs:restriction base="PrincipalAuthenticationMechanismType">
- <xs:sequence>
- <xs:element ref="RestrictedPassword"/>
- </xs:sequence>
- <xs:attribute name="preauth" type="xs:integer" use="optional"/>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="AuthenticatorBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthenticatorBaseType">
- <xs:sequence>
- <xs:element ref="DigSig"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="PublicKeyType">
- <xs:complexContent>
- <xs:restriction base="PublicKeyType">
- <xs:attribute name="keyValidation" fixed="urn:oasis:names:tc:SAML:2.0:ac:classes:PGP"/>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- </xs:redefine>
-
-</xs:schema>
\ No newline at end of file
diff --git a/schemas/saml-schema-authn-context-ppt-2.0.xsd b/schemas/saml-schema-authn-context-ppt-2.0.xsd
deleted file mode 100644
index 257296541..000000000
--- a/schemas/saml-schema-authn-context-ppt-2.0.xsd
+++ /dev/null
@@ -1,81 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport"
- xmlns:xs="http://www.w3.org/2001/XMLSchema"
- xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport"
- finalDefault="extension"
- blockDefault="substitution"
- version="2.0">
-
- <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
-
- <xs:annotation>
- <xs:documentation>
- Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport
- Document identifier: saml-schema-authn-context-ppt-2.0
- Location: http://docs.oasis-open.org/security/saml/v2.0/
- Revision history:
- V2.0 (March, 2005):
- New authentication context class schema for SAML V2.0.
- </xs:documentation>
- </xs:annotation>
-
- <xs:complexType name="AuthnContextDeclarationBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthnContextDeclarationBaseType">
- <xs:sequence>
- <xs:element ref="Identification" minOccurs="0"/>
- <xs:element ref="TechnicalProtection" minOccurs="0"/>
- <xs:element ref="OperationalProtection" minOccurs="0"/>
- <xs:element ref="AuthnMethod"/>
- <xs:element ref="GoverningAgreements" minOccurs="0"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- <xs:attribute name="ID" type="xs:ID" use="optional"/>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="AuthnMethodBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthnMethodBaseType">
- <xs:sequence>
- <xs:element ref="PrincipalAuthenticationMechanism" minOccurs="0"/>
- <xs:element ref="Authenticator"/>
- <xs:element ref="AuthenticatorTransportProtocol"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="AuthenticatorBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthenticatorBaseType">
- <xs:sequence>
- <xs:element ref="RestrictedPassword"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="AuthenticatorTransportProtocolType">
- <xs:complexContent>
- <xs:restriction base="AuthenticatorTransportProtocolType">
- <xs:sequence>
- <xs:choice>
- <xs:element ref="SSL"/>
- <xs:element ref="MobileNetworkRadioEncryption"/>
- <xs:element ref="MobileNetworkEndToEndEncryption"/>
- <xs:element ref="WTLS"/>
- <xs:element ref="IPSec"/>
- </xs:choice>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- </xs:redefine>
-
-</xs:schema>
\ No newline at end of file
diff --git a/schemas/saml-schema-authn-context-pword-2.0.xsd b/schemas/saml-schema-authn-context-pword-2.0.xsd
deleted file mode 100644
index 0c18a42c8..000000000
--- a/schemas/saml-schema-authn-context-pword-2.0.xsd
+++ /dev/null
@@ -1,64 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:Password"
- xmlns:xs="http://www.w3.org/2001/XMLSchema"
- xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:Password"
- finalDefault="extension"
- blockDefault="substitution"
- version="2.0">
-
- <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
-
- <xs:annotation>
- <xs:documentation>
- Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:Password
- Document identifier: saml-schema-authn-context-pword-2.0
- Location: http://docs.oasis-open.org/security/saml/v2.0/
- Revision history:
- V2.0 (March, 2005):
- New authentication context class schema for SAML V2.0.
- </xs:documentation>
- </xs:annotation>
-
- <xs:complexType name="AuthnContextDeclarationBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthnContextDeclarationBaseType">
- <xs:sequence>
- <xs:element ref="Identification" minOccurs="0"/>
- <xs:element ref="TechnicalProtection" minOccurs="0"/>
- <xs:element ref="OperationalProtection" minOccurs="0"/>
- <xs:element ref="AuthnMethod"/>
- <xs:element ref="GoverningAgreements" minOccurs="0"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- <xs:attribute name="ID" type="xs:ID" use="optional"/>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="AuthnMethodBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthnMethodBaseType">
- <xs:sequence>
- <xs:element ref="PrincipalAuthenticationMechanism" minOccurs="0"/>
- <xs:element ref="Authenticator"/>
- <xs:element ref="AuthenticatorTransportProtocol" minOccurs="0"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="AuthenticatorBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthenticatorBaseType">
- <xs:sequence>
- <xs:element ref="RestrictedPassword"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- </xs:redefine>
-
-</xs:schema>
\ No newline at end of file
diff --git a/schemas/saml-schema-authn-context-session-2.0.xsd b/schemas/saml-schema-authn-context-session-2.0.xsd
deleted file mode 100644
index 77ef000ac..000000000
--- a/schemas/saml-schema-authn-context-session-2.0.xsd
+++ /dev/null
@@ -1,64 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:PreviousSession"
- xmlns:xs="http://www.w3.org/2001/XMLSchema"
- xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:PreviousSession"
- finalDefault="extension"
- blockDefault="substitution"
- version="2.0">
-
- <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
-
- <xs:annotation>
- <xs:documentation>
- Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:PreviousSession
- Document identifier: saml-schema-authn-context-session-2.0
- Location: http://docs.oasis-open.org/security/saml/v2.0/
- Revision history:
- V2.0 (March, 2005):
- New authentication context class schema for SAML V2.0.
- </xs:documentation>
- </xs:annotation>
-
- <xs:complexType name="AuthnContextDeclarationBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthnContextDeclarationBaseType">
- <xs:sequence>
- <xs:element ref="Identification" minOccurs="0"/>
- <xs:element ref="TechnicalProtection" minOccurs="0"/>
- <xs:element ref="OperationalProtection" minOccurs="0"/>
- <xs:element ref="AuthnMethod"/>
- <xs:element ref="GoverningAgreements" minOccurs="0"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- <xs:attribute name="ID" type="xs:ID" use="optional"/>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="AuthnMethodBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthnMethodBaseType">
- <xs:sequence>
- <xs:element ref="PrincipalAuthenticationMechanism" minOccurs="0"/>
- <xs:element ref="Authenticator"/>
- <xs:element ref="AuthenticatorTransportProtocol" minOccurs="0"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="AuthenticatorBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthenticatorBaseType">
- <xs:sequence>
- <xs:element ref="PreviousSession"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- </xs:redefine>
-
-</xs:schema>
\ No newline at end of file
diff --git a/schemas/saml-schema-authn-context-smartcard-2.0.xsd b/schemas/saml-schema-authn-context-smartcard-2.0.xsd
deleted file mode 100644
index 1bd084a41..000000000
--- a/schemas/saml-schema-authn-context-smartcard-2.0.xsd
+++ /dev/null
@@ -1,64 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:Smartcard"
- xmlns:xs="http://www.w3.org/2001/XMLSchema"
- xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:Smartcard"
- finalDefault="extension"
- blockDefault="substitution"
- version="2.0">
-
- <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
-
- <xs:annotation>
- <xs:documentation>
- Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:Smartcard
- Document identifier: saml-schema-authn-context-smartcard-2.0
- Location: http://docs.oasis-open.org/security/saml/v2.0/
- Revision history:
- V2.0 (March, 2005):
- New authentication context class schema for SAML V2.0.
- </xs:documentation>
- </xs:annotation>
-
- <xs:complexType name="AuthnContextDeclarationBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthnContextDeclarationBaseType">
- <xs:sequence>
- <xs:element ref="Identification" minOccurs="0"/>
- <xs:element ref="TechnicalProtection" minOccurs="0"/>
- <xs:element ref="OperationalProtection" minOccurs="0"/>
- <xs:element ref="AuthnMethod"/>
- <xs:element ref="GoverningAgreements" minOccurs="0"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- <xs:attribute name="ID" type="xs:ID" use="optional"/>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="AuthnMethodBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthnMethodBaseType">
- <xs:sequence>
- <xs:element ref="PrincipalAuthenticationMechanism"/>
- <xs:element ref="Authenticator"/>
- <xs:element ref="AuthenticatorTransportProtocol" minOccurs="0"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="PrincipalAuthenticationMechanismType">
- <xs:complexContent>
- <xs:restriction base="PrincipalAuthenticationMechanismType">
- <xs:sequence>
- <xs:element ref="Smartcard"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- </xs:redefine>
-
-</xs:schema>
\ No newline at end of file
diff --git a/schemas/saml-schema-authn-context-smartcardpki-2.0.xsd b/schemas/saml-schema-authn-context-smartcardpki-2.0.xsd
deleted file mode 100644
index 0508d4d5d..000000000
--- a/schemas/saml-schema-authn-context-smartcardpki-2.0.xsd
+++ /dev/null
@@ -1,129 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:SmartcardPKI"
- xmlns:xs="http://www.w3.org/2001/XMLSchema"
- xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:SmartcardPKI"
- finalDefault="extension"
- blockDefault="substitution"
- version="2.0">
-
- <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
-
- <xs:annotation>
- <xs:documentation>
- Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:SmartcardPKI
- Document identifier: saml-schema-authn-context-smartcardpki-2.0
- Location: http://docs.oasis-open.org/security/saml/v2.0/
- Revision history:
- V2.0 (March, 2005):
- New authentication context class schema for SAML V2.0.
- </xs:documentation>
- </xs:annotation>
-
- <xs:complexType name="AuthnContextDeclarationBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthnContextDeclarationBaseType">
- <xs:sequence>
- <xs:element ref="Identification" minOccurs="0"/>
- <xs:element ref="TechnicalProtection"/>
- <xs:element ref="OperationalProtection" minOccurs="0"/>
- <xs:element ref="AuthnMethod"/>
- <xs:element ref="GoverningAgreements" minOccurs="0"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- <xs:attribute name="ID" type="xs:ID" use="optional"/>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="AuthnMethodBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthnMethodBaseType">
- <xs:sequence>
- <xs:element ref="PrincipalAuthenticationMechanism"/>
- <xs:element ref="Authenticator"/>
- <xs:element ref="AuthenticatorTransportProtocol" minOccurs="0"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="TechnicalProtectionBaseType">
- <xs:complexContent>
- <xs:restriction base="TechnicalProtectionBaseType">
- <xs:sequence>
- <xs:choice>
- <xs:element ref="PrivateKeyProtection"/>
- </xs:choice>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="PrincipalAuthenticationMechanismType">
- <xs:complexContent>
- <xs:restriction base="PrincipalAuthenticationMechanismType">
- <xs:sequence>
- <xs:element ref="Smartcard"/>
- <xs:element ref="ActivationPin"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="AuthenticatorBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthenticatorBaseType">
- <xs:sequence>
- <xs:choice>
- <xs:element ref="DigSig"/>
- <xs:element ref="AsymmetricDecryption"/>
- <xs:element ref="AsymmetricKeyAgreement"/>
- </xs:choice>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="PrivateKeyProtectionType">
- <xs:complexContent>
- <xs:restriction base="PrivateKeyProtectionType">
- <xs:sequence>
- <xs:element ref="KeyActivation"/>
- <xs:element ref="KeyStorage"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="KeyActivationType">
- <xs:complexContent>
- <xs:restriction base="KeyActivationType">
- <xs:sequence>
- <xs:element ref="ActivationPin"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="KeyStorageType">
- <xs:complexContent>
- <xs:restriction base="KeyStorageType">
- <xs:attribute name="medium" use="required">
- <xs:simpleType>
- <xs:restriction base="mediumType">
- <xs:enumeration value="smartcard"/>
- </xs:restriction>
- </xs:simpleType>
- </xs:attribute>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- </xs:redefine>
-
-</xs:schema>
diff --git a/schemas/saml-schema-authn-context-softwarepki-2.0.xsd b/schemas/saml-schema-authn-context-softwarepki-2.0.xsd
deleted file mode 100644
index 5c41a2f24..000000000
--- a/schemas/saml-schema-authn-context-softwarepki-2.0.xsd
+++ /dev/null
@@ -1,129 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:SoftwarePKI"
- xmlns:xs="http://www.w3.org/2001/XMLSchema"
- xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:SoftwarePKI"
- finalDefault="extension"
- blockDefault="substitution"
- version="2.0">
-
- <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
-
- <xs:annotation>
- <xs:documentation>
- Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:SoftwarePKI
- Document identifier: saml-schema-authn-context-softwarepki-2.0
- Location: http://docs.oasis-open.org/security/saml/v2.0/
- Revision history:
- V2.0 (March, 2005):
- New authentication context class schema for SAML V2.0.
- </xs:documentation>
- </xs:annotation>
-
- <xs:complexType name="AuthnContextDeclarationBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthnContextDeclarationBaseType">
- <xs:sequence>
- <xs:element ref="Identification" minOccurs="0"/>
- <xs:element ref="TechnicalProtection"/>
- <xs:element ref="OperationalProtection" minOccurs="0"/>
- <xs:element ref="AuthnMethod"/>
- <xs:element ref="GoverningAgreements" minOccurs="0"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- <xs:attribute name="ID" type="xs:ID" use="optional"/>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="AuthnMethodBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthnMethodBaseType">
- <xs:sequence>
- <xs:element ref="PrincipalAuthenticationMechanism"/>
- <xs:element ref="Authenticator"/>
- <xs:element ref="AuthenticatorTransportProtocol" minOccurs="0"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="TechnicalProtectionBaseType">
- <xs:complexContent>
- <xs:restriction base="TechnicalProtectionBaseType">
- <xs:sequence>
- <xs:choice>
- <xs:element ref="PrivateKeyProtection"/>
- </xs:choice>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="PrincipalAuthenticationMechanismType">
- <xs:complexContent>
- <xs:restriction base="PrincipalAuthenticationMechanismType">
- <xs:sequence>
- <xs:element ref="ActivationPin"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="AuthenticatorBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthenticatorBaseType">
- <xs:sequence>
- <xs:choice>
- <xs:element ref="DigSig"/>
- <xs:element ref="AsymmetricDecryption"/>
- <xs:element ref="AsymmetricKeyAgreement"/>
- </xs:choice>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="PrivateKeyProtectionType">
- <xs:complexContent>
- <xs:restriction base="PrivateKeyProtectionType">
- <xs:sequence>
- <xs:element ref="KeyActivation"/>
- <xs:element ref="KeyStorage"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="KeyActivationType">
- <xs:complexContent>
- <xs:restriction base="KeyActivationType">
- <xs:sequence>
- <xs:element ref="ActivationPin"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="KeyStorageType">
- <xs:complexContent>
- <xs:restriction base="KeyStorageType">
- <xs:attribute name="medium" use="required">
- <xs:simpleType>
- <xs:restriction base="mediumType">
- <xs:enumeration value="memory"/>
- </xs:restriction>
- </xs:simpleType>
- </xs:attribute>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- </xs:redefine>
-
-</xs:schema>
diff --git a/schemas/saml-schema-authn-context-spki-2.0.xsd b/schemas/saml-schema-authn-context-spki-2.0.xsd
deleted file mode 100644
index ce57d7957..000000000
--- a/schemas/saml-schema-authn-context-spki-2.0.xsd
+++ /dev/null
@@ -1,83 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:SPKI"
- xmlns:xs="http://www.w3.org/2001/XMLSchema"
- xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:SPKI"
- finalDefault="extension"
- blockDefault="substitution"
- version="2.0">
-
- <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
-
- <xs:annotation>
- <xs:documentation>
- Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:SPKI
- Document identifier: saml-schema-authn-context-spki-2.0
- Location: http://docs.oasis-open.org/security/saml/v2.0/
- Revision history:
- V2.0 (March, 2005):
- New authentication context class schema for SAML V2.0.
- </xs:documentation>
- </xs:annotation>
-
- <xs:complexType name="AuthnContextDeclarationBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthnContextDeclarationBaseType">
- <xs:sequence>
- <xs:element ref="Identification" minOccurs="0"/>
- <xs:element ref="TechnicalProtection" minOccurs="0"/>
- <xs:element ref="OperationalProtection" minOccurs="0"/>
- <xs:element ref="AuthnMethod"/>
- <xs:element ref="GoverningAgreements" minOccurs="0"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- <xs:attribute name="ID" type="xs:ID" use="optional"/>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="AuthnMethodBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthnMethodBaseType">
- <xs:sequence>
- <xs:element ref="PrincipalAuthenticationMechanism"/>
- <xs:element ref="Authenticator"/>
- <xs:element ref="AuthenticatorTransportProtocol" minOccurs="0"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="PrincipalAuthenticationMechanismType">
- <xs:complexContent>
- <xs:restriction base="PrincipalAuthenticationMechanismType">
- <xs:sequence>
- <xs:element ref="RestrictedPassword"/>
- </xs:sequence>
- <xs:attribute name="preauth" type="xs:integer" use="optional"/>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="AuthenticatorBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthenticatorBaseType">
- <xs:sequence>
- <xs:element ref="DigSig"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="PublicKeyType">
- <xs:complexContent>
- <xs:restriction base="PublicKeyType">
- <xs:attribute name="keyValidation" fixed="urn:oasis:names:tc:SAML:2.0:ac:classes:SPKI"/>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- </xs:redefine>
-
-</xs:schema>
\ No newline at end of file
diff --git a/schemas/saml-schema-authn-context-srp-2.0.xsd b/schemas/saml-schema-authn-context-srp-2.0.xsd
deleted file mode 100644
index 9051dd5ab..000000000
--- a/schemas/saml-schema-authn-context-srp-2.0.xsd
+++ /dev/null
@@ -1,82 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:SecureRemotePassword"
- xmlns:xs="http://www.w3.org/2001/XMLSchema"
- xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:SecureRemotePassword"
- finalDefault="extension"
- blockDefault="substitution"
- version="2.0">
-
- <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
-
- <xs:annotation>
- <xs:documentation>
- Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:SecureRemotePassword
- Document identifier: saml-schema-authn-context-srp-2.0
- Location: http://docs.oasis-open.org/security/saml/v2.0/
- Revision history:
- V2.0 (March, 2005):
- New authentication context class schema for SAML V2.0.
- </xs:documentation>
- </xs:annotation>
-
- <xs:complexType name="AuthnContextDeclarationBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthnContextDeclarationBaseType">
- <xs:sequence>
- <xs:element ref="Identification" minOccurs="0"/>
- <xs:element ref="TechnicalProtection" minOccurs="0"/>
- <xs:element ref="OperationalProtection" minOccurs="0"/>
- <xs:element ref="AuthnMethod"/>
- <xs:element ref="GoverningAgreements" minOccurs="0"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- <xs:attribute name="ID" type="xs:ID" use="optional"/>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="AuthnMethodBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthnMethodBaseType">
- <xs:sequence>
- <xs:element ref="PrincipalAuthenticationMechanism"/>
- <xs:element ref="Authenticator"/>
- <xs:element ref="AuthenticatorTransportProtocol" minOccurs="0"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="PrincipalAuthenticationMechanismType">
- <xs:complexContent>
- <xs:restriction base="PrincipalAuthenticationMechanismType">
- <xs:sequence>
- <xs:element ref="RestrictedPassword"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="AuthenticatorBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthenticatorBaseType">
- <xs:sequence>
- <xs:element ref="SharedSecretChallengeResponse"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="SharedSecretChallengeResponseType">
- <xs:complexContent>
- <xs:restriction base="SharedSecretChallengeResponseType">
- <xs:attribute name="method" type="xs:anyURI" fixed="urn:ietf:rfc:2945"/>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- </xs:redefine>
-
-</xs:schema>
diff --git a/schemas/saml-schema-authn-context-sslcert-2.0.xsd b/schemas/saml-schema-authn-context-sslcert-2.0.xsd
deleted file mode 100644
index 723103b00..000000000
--- a/schemas/saml-schema-authn-context-sslcert-2.0.xsd
+++ /dev/null
@@ -1,97 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient"
- xmlns:xs="http://www.w3.org/2001/XMLSchema"
- xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient"
- finalDefault="extension"
- blockDefault="substitution"
- version="2.0">
-
- <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
-
- <xs:annotation>
- <xs:documentation>
- Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient
- Document identifier: saml-schema-authn-context-sslcert-2.0
- Location: http://docs.oasis-open.org/security/saml/v2.0/
- Revision history:
- V2.0 (March, 2005):
- New authentication context class schema for SAML V2.0.
- </xs:documentation>
- </xs:annotation>
-
- <xs:complexType name="AuthnContextDeclarationBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthnContextDeclarationBaseType">
- <xs:sequence>
- <xs:element ref="Identification" minOccurs="0"/>
- <xs:element ref="TechnicalProtection" minOccurs="0"/>
- <xs:element ref="OperationalProtection" minOccurs="0"/>
- <xs:element ref="AuthnMethod"/>
- <xs:element ref="GoverningAgreements" minOccurs="0"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- <xs:attribute name="ID" type="xs:ID" use="optional"/>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="AuthnMethodBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthnMethodBaseType">
- <xs:sequence>
- <xs:element ref="PrincipalAuthenticationMechanism"/>
- <xs:element ref="Authenticator"/>
- <xs:element ref="AuthenticatorTransportProtocol" minOccurs="0"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="PrincipalAuthenticationMechanismType">
- <xs:complexContent>
- <xs:restriction base="PrincipalAuthenticationMechanismType">
- <xs:sequence>
- <xs:element ref="RestrictedPassword"/>
- </xs:sequence>
- <xs:attribute name="preauth" type="xs:integer" use="optional"/>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="AuthenticatorBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthenticatorBaseType">
- <xs:sequence>
- <xs:element ref="DigSig"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="PublicKeyType">
- <xs:complexContent>
- <xs:restriction base="PublicKeyType">
- <xs:attribute name="keyValidation" type="xs:anyURI" fixed="urn:oasis:names:tc:SAML:2.0:ac:classes:X509"/>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="AuthenticatorTransportProtocolType">
- <xs:complexContent>
- <xs:restriction base="AuthenticatorTransportProtocolType">
- <xs:sequence>
- <xs:choice>
- <xs:element ref="SSL"/>
- <xs:element ref="WTLS"/>
- </xs:choice>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- </xs:redefine>
-
-</xs:schema>
diff --git a/schemas/saml-schema-authn-context-telephony-2.0.xsd b/schemas/saml-schema-authn-context-telephony-2.0.xsd
deleted file mode 100644
index 15ff75313..000000000
--- a/schemas/saml-schema-authn-context-telephony-2.0.xsd
+++ /dev/null
@@ -1,79 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:Telephony"
- xmlns:xs="http://www.w3.org/2001/XMLSchema"
- xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:Telephony"
- finalDefault="extension"
- blockDefault="substitution"
- version="2.0">
-
- <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
-
- <xs:annotation>
- <xs:documentation>
- Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:Telephony
- Document identifier: saml-schema-authn-context-telephony-2.0
- Location: http://docs.oasis-open.org/security/saml/v2.0/
- Revision history:
- V2.0 (March, 2005):
- New authentication context class schema for SAML V2.0.
- </xs:documentation>
- </xs:annotation>
-
- <xs:complexType name="AuthnContextDeclarationBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthnContextDeclarationBaseType">
- <xs:sequence>
- <xs:element ref="Identification" minOccurs="0"/>
- <xs:element ref="TechnicalProtection" minOccurs="0"/>
- <xs:element ref="OperationalProtection" minOccurs="0"/>
- <xs:element ref="AuthnMethod"/>
- <xs:element ref="GoverningAgreements" minOccurs="0"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- <xs:attribute name="ID" type="xs:ID" use="optional"/>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="AuthnMethodBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthnMethodBaseType">
- <xs:sequence>
- <xs:element ref="PrincipalAuthenticationMechanism" minOccurs="0"/>
- <xs:element ref="Authenticator"/>
- <xs:element ref="AuthenticatorTransportProtocol"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="AuthenticatorBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthenticatorBaseType">
- <xs:sequence>
- <xs:element ref="SubscriberLineNumber"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="AuthenticatorTransportProtocolType">
- <xs:complexContent>
- <xs:restriction base="AuthenticatorTransportProtocolType">
- <xs:sequence>
- <xs:choice>
- <xs:element ref="PSTN"/>
- <xs:element ref="ISDN"/>
- <xs:element ref="ADSL"/>
- </xs:choice>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- </xs:redefine>
-
-</xs:schema>
\ No newline at end of file
diff --git a/schemas/saml-schema-authn-context-timesync-2.0.xsd b/schemas/saml-schema-authn-context-timesync-2.0.xsd
deleted file mode 100644
index afc92f398..000000000
--- a/schemas/saml-schema-authn-context-timesync-2.0.xsd
+++ /dev/null
@@ -1,105 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken"
- xmlns:xs="http://www.w3.org/2001/XMLSchema"
- xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken"
- finalDefault="extension"
- blockDefault="substitution"
- version="2.0">
-
- <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
-
- <xs:annotation>
- <xs:documentation>
- Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken
- Document identifier: saml-schema-authn-context-timesync-2.0
- Location: http://docs.oasis-open.org/security/saml/v2.0/
- Revision history:
- V2.0 (March, 2005):
- New authentication context class schema for SAML V2.0.
- </xs:documentation>
- </xs:annotation>
-
- <xs:complexType name="AuthnContextDeclarationBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthnContextDeclarationBaseType">
- <xs:sequence>
- <xs:element ref="Identification" minOccurs="0"/>
- <xs:element ref="TechnicalProtection" minOccurs="0"/>
- <xs:element ref="OperationalProtection" minOccurs="0"/>
- <xs:element ref="AuthnMethod"/>
- <xs:element ref="GoverningAgreements" minOccurs="0"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- <xs:attribute name="ID" type="xs:ID" use="optional"/>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="AuthnMethodBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthnMethodBaseType">
- <xs:sequence>
- <xs:element ref="PrincipalAuthenticationMechanism" minOccurs="0"/>
- <xs:element ref="Authenticator"/>
- <xs:element ref="AuthenticatorTransportProtocol" minOccurs="0"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="PrincipalAuthenticationMechanismType">
- <xs:complexContent>
- <xs:restriction base="PrincipalAuthenticationMechanismType">
- <xs:sequence>
- <xs:element ref="Token"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="TokenType">
- <xs:complexContent>
- <xs:restriction base="TokenType">
- <xs:sequence>
- <xs:element ref="TimeSyncToken"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="TimeSyncTokenType">
- <xs:complexContent>
- <xs:restriction base="TimeSyncTokenType">
- <xs:attribute name="DeviceType" use="required">
- <xs:simpleType>
- <xs:restriction base="DeviceTypeType">
- <xs:enumeration value="hardware"/>
- </xs:restriction>
- </xs:simpleType>
- </xs:attribute>
-
- <xs:attribute name="SeedLength" use="required">
- <xs:simpleType>
- <xs:restriction base="xs:integer">
- <xs:minInclusive value="64"/>
- </xs:restriction>
- </xs:simpleType>
- </xs:attribute>
-
- <xs:attribute name="DeviceInHand" use="required">
- <xs:simpleType>
- <xs:restriction base="booleanType">
- <xs:enumeration value="true"/>
- </xs:restriction>
- </xs:simpleType>
- </xs:attribute>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- </xs:redefine>
-
-</xs:schema>
diff --git a/schemas/saml-schema-authn-context-types-2.0.xsd b/schemas/saml-schema-authn-context-types-2.0.xsd
deleted file mode 100644
index 8513959a5..000000000
--- a/schemas/saml-schema-authn-context-types-2.0.xsd
+++ /dev/null
@@ -1,821 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<xs:schema
- xmlns:xs="http://www.w3.org/2001/XMLSchema"
- elementFormDefault="qualified"
- version="2.0">
-
- <xs:annotation>
- <xs:documentation>
- Document identifier: saml-schema-authn-context-types-2.0
- Location: http://docs.oasis-open.org/security/saml/v2.0/
- Revision history:
- V2.0 (March, 2005):
- New core authentication context schema types for SAML V2.0.
- </xs:documentation>
- </xs:annotation>
-
- <xs:element name="AuthenticationContextDeclaration" type="AuthnContextDeclarationBaseType">
- <xs:annotation>
- <xs:documentation>
- A particular assertion on an identity
- provider's part with respect to the authentication
- context associated with an authentication assertion.
- </xs:documentation>
- </xs:annotation>
- </xs:element>
-
- <xs:element name="Identification" type="IdentificationType">
- <xs:annotation>
- <xs:documentation>
- Refers to those characteristics that describe the
- processes and mechanisms
- the Authentication Authority uses to initially create
- an association between a Principal
- and the identity (or name) by which the Principal will
- be known
- </xs:documentation>
- </xs:annotation>
- </xs:element>
-
- <xs:element name="PhysicalVerification">
- <xs:annotation>
- <xs:documentation>
- This element indicates that identification has been
- performed in a physical
- face-to-face meeting with the principal and not in an
- online manner.
- </xs:documentation>
- </xs:annotation>
- <xs:complexType>
- <xs:attribute name="credentialLevel">
- <xs:simpleType>
- <xs:restriction base="xs:NMTOKEN">
- <xs:enumeration value="primary"/>
- <xs:enumeration value="secondary"/>
- </xs:restriction>
- </xs:simpleType>
- </xs:attribute>
- </xs:complexType>
- </xs:element>
-
- <xs:element name="WrittenConsent" type="ExtensionOnlyType"/>
-
- <xs:element name="TechnicalProtection" type="TechnicalProtectionBaseType">
- <xs:annotation>
- <xs:documentation>
- Refers to those characterstics that describe how the
- 'secret' (the knowledge or possession
- of which allows the Principal to authenticate to the
- Authentication Authority) is kept secure
- </xs:documentation>
- </xs:annotation>
- </xs:element>
-
- <xs:element name="SecretKeyProtection" type="SecretKeyProtectionType">
- <xs:annotation>
- <xs:documentation>
- This element indicates the types and strengths of
- facilities
- of a UA used to protect a shared secret key from
- unauthorized access and/or use.
- </xs:documentation>
- </xs:annotation>
- </xs:element>
-
- <xs:element name="PrivateKeyProtection" type="PrivateKeyProtectionType">
- <xs:annotation>
- <xs:documentation>
- This element indicates the types and strengths of
- facilities
- of a UA used to protect a private key from
- unauthorized access and/or use.
- </xs:documentation>
- </xs:annotation>
- </xs:element>
-
- <xs:element name="KeyActivation" type="KeyActivationType">
- <xs:annotation>
- <xs:documentation>The actions that must be performed
- before the private key can be used. </xs:documentation>
- </xs:annotation>
- </xs:element>
-
- <xs:element name="KeySharing" type="KeySharingType">
- <xs:annotation>
- <xs:documentation>Whether or not the private key is shared
- with the certificate authority.</xs:documentation>
- </xs:annotation>
- </xs:element>
-
- <xs:element name="KeyStorage" type="KeyStorageType">
- <xs:annotation>
- <xs:documentation>
- In which medium is the key stored.
- memory - the key is stored in memory.
- smartcard - the key is stored in a smartcard.
- token - the key is stored in a hardware token.
- MobileDevice - the key is stored in a mobile device.
- MobileAuthCard - the key is stored in a mobile
- authentication card.
- </xs:documentation>
- </xs:annotation>
- </xs:element>
-
- <xs:element name="SubscriberLineNumber" type="ExtensionOnlyType"/>
- <xs:element name="UserSuffix" type="ExtensionOnlyType"/>
-
- <xs:element name="Password" type="PasswordType">
- <xs:annotation>
- <xs:documentation>
- This element indicates that a password (or passphrase)
- has been used to
- authenticate the Principal to a remote system.
- </xs:documentation>
- </xs:annotation>
- </xs:element>
-
- <xs:element name="ActivationPin" type="ActivationPinType">
- <xs:annotation>
- <xs:documentation>
- This element indicates that a Pin (Personal
- Identification Number) has been used to authenticate the Principal to
- some local system in order to activate a key.
- </xs:documentation>
- </xs:annotation>
- </xs:element>
-
- <xs:element name="Token" type="TokenType">
- <xs:annotation>
- <xs:documentation>
- This element indicates that a hardware or software
- token is used
- as a method of identifying the Principal.
- </xs:documentation>
- </xs:annotation>
- </xs:element>
-
- <xs:element name="TimeSyncToken" type="TimeSyncTokenType">
- <xs:annotation>
- <xs:documentation>
- This element indicates that a time synchronization
- token is used to identify the Principal. hardware -
- the time synchonization
- token has been implemented in hardware. software - the
- time synchronization
- token has been implemented in software. SeedLength -
- the length, in bits, of the
- random seed used in the time synchronization token.
- </xs:documentation>
- </xs:annotation>
- </xs:element>
-
- <xs:element name="Smartcard" type="ExtensionOnlyType">
- <xs:annotation>
- <xs:documentation>
- This element indicates that a smartcard is used to
- identity the Principal.
- </xs:documentation>
- </xs:annotation>
- </xs:element>
-
- <xs:element name="Length" type="LengthType">
- <xs:annotation>
- <xs:documentation>
- This element indicates the minimum and/or maximum
- ASCII length of the password which is enforced (by the UA or the
- IdP). In other words, this is the minimum and/or maximum number of
- ASCII characters required to represent a valid password.
- min - the minimum number of ASCII characters required
- in a valid password, as enforced by the UA or the IdP.
- max - the maximum number of ASCII characters required
- in a valid password, as enforced by the UA or the IdP.
- </xs:documentation>
- </xs:annotation>
- </xs:element>
-
- <xs:element name="ActivationLimit" type="ActivationLimitType">
- <xs:annotation>
- <xs:documentation>
- This element indicates the length of time for which an
- PIN-based authentication is valid.
- </xs:documentation>
- </xs:annotation>
- </xs:element>
-
- <xs:element name="Generation">
- <xs:annotation>
- <xs:documentation>
- Indicates whether the password was chosen by the
- Principal or auto-supplied by the Authentication Authority.
- principalchosen - the Principal is allowed to choose
- the value of the password. This is true even if
- the initial password is chosen at random by the UA or
- the IdP and the Principal is then free to change
- the password.
- automatic - the password is chosen by the UA or the
- IdP to be cryptographically strong in some sense,
- or to satisfy certain password rules, and that the
- Principal is not free to change it or to choose a new password.
- </xs:documentation>
- </xs:annotation>
-
- <xs:complexType>
- <xs:attribute name="mechanism" use="required">
- <xs:simpleType>
- <xs:restriction base="xs:NMTOKEN">
- <xs:enumeration value="principalchosen"/>
- <xs:enumeration value="automatic"/>
- </xs:restriction>
- </xs:simpleType>
- </xs:attribute>
- </xs:complexType>
- </xs:element>
-
- <xs:element name="AuthnMethod" type="AuthnMethodBaseType">
- <xs:annotation>
- <xs:documentation>
- Refers to those characteristics that define the
- mechanisms by which the Principal authenticates to the Authentication
- Authority.
- </xs:documentation>
- </xs:annotation>
- </xs:element>
-
- <xs:element name="PrincipalAuthenticationMechanism" type="PrincipalAuthenticationMechanismType">
- <xs:annotation>
- <xs:documentation>
- The method that a Principal employs to perform
- authentication to local system components.
- </xs:documentation>
- </xs:annotation>
- </xs:element>
-
- <xs:element name="Authenticator" type="AuthenticatorBaseType">
- <xs:annotation>
- <xs:documentation>
- The method applied to validate a principal's
- authentication across a network
- </xs:documentation>
- </xs:annotation>
- </xs:element>
-
- <xs:element name="ComplexAuthenticator" type="ComplexAuthenticatorType">
- <xs:annotation>
- <xs:documentation>
- Supports Authenticators with nested combinations of
- additional complexity.
- </xs:documentation>
- </xs:annotation>
- </xs:element>
-
- <xs:element name="PreviousSession" type="ExtensionOnlyType">
- <xs:annotation>
- <xs:documentation>
- Indicates that the Principal has been strongly
- authenticated in a previous session during which the IdP has set a
- cookie in the UA. During the present session the Principal has only
- been authenticated by the UA returning the cookie to the IdP.
- </xs:documentation>
- </xs:annotation>
- </xs:element>
-
- <xs:element name="ResumeSession" type="ExtensionOnlyType">
- <xs:annotation>
- <xs:documentation>
- Rather like PreviousSession but using stronger
- security. A secret that was established in a previous session with
- the Authentication Authority has been cached by the local system and
- is now re-used (e.g. a Master Secret is used to derive new session
- keys in TLS, SSL, WTLS).
- </xs:documentation>
- </xs:annotation>
- </xs:element>
-
- <xs:element name="ZeroKnowledge" type="ExtensionOnlyType">
- <xs:annotation>
- <xs:documentation>
- This element indicates that the Principal has been
- authenticated by a zero knowledge technique as specified in ISO/IEC
- 9798-5.
- </xs:documentation>
- </xs:annotation>
- </xs:element>
-
- <xs:element name="SharedSecretChallengeResponse" type="SharedSecretChallengeResponseType"/>
-
- <xs:complexType name="SharedSecretChallengeResponseType">
- <xs:annotation>
- <xs:documentation>
- This element indicates that the Principal has been
- authenticated by a challenge-response protocol utilizing shared secret
- keys and symmetric cryptography.
- </xs:documentation>
- </xs:annotation>
- <xs:sequence>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- <xs:attribute name="method" type="xs:anyURI" use="optional"/>
- </xs:complexType>
-
- <xs:element name="DigSig" type="PublicKeyType">
- <xs:annotation>
- <xs:documentation>
- This element indicates that the Principal has been
- authenticated by a mechanism which involves the Principal computing a
- digital signature over at least challenge data provided by the IdP.
- </xs:documentation>
- </xs:annotation>
- </xs:element>
-
- <xs:element name="AsymmetricDecryption" type="PublicKeyType">
- <xs:annotation>
- <xs:documentation>
- The local system has a private key but it is used
- in decryption mode, rather than signature mode. For example, the
- Authentication Authority generates a secret and encrypts it using the
- local system's public key: the local system then proves it has
- decrypted the secret.
- </xs:documentation>
- </xs:annotation>
- </xs:element>
-
- <xs:element name="AsymmetricKeyAgreement" type="PublicKeyType">
- <xs:annotation>
- <xs:documentation>
- The local system has a private key and uses it for
- shared secret key agreement with the Authentication Authority (e.g.
- via Diffie Helman).
- </xs:documentation>
- </xs:annotation>
- </xs:element>
-
- <xs:complexType name="PublicKeyType">
- <xs:sequence>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- <xs:attribute name="keyValidation" use="optional"/>
- </xs:complexType>
-
- <xs:element name="IPAddress" type="ExtensionOnlyType">
- <xs:annotation>
- <xs:documentation>
- This element indicates that the Principal has been
- authenticated through connection from a particular IP address.
- </xs:documentation>
- </xs:annotation>
- </xs:element>
-
- <xs:element name="SharedSecretDynamicPlaintext" type="ExtensionOnlyType">
- <xs:annotation>
- <xs:documentation>
- The local system and Authentication Authority
- share a secret key. The local system uses this to encrypt a
- randomised string to pass to the Authentication Authority.
- </xs:documentation>
- </xs:annotation>
- </xs:element>
-
- <xs:element name="AuthenticatorTransportProtocol" type="AuthenticatorTransportProtocolType">
- <xs:annotation>
- <xs:documentation>
- The protocol across which Authenticator information is
- transferred to an Authentication Authority verifier.
- </xs:documentation>
- </xs:annotation>
- </xs:element>
-
- <xs:element name="HTTP" type="ExtensionOnlyType">
- <xs:annotation>
- <xs:documentation>
- This element indicates that the Authenticator has been
- transmitted using bare HTTP utilizing no additional security
- protocols.
- </xs:documentation>
- </xs:annotation>
- </xs:element>
-
- <xs:element name="IPSec" type="ExtensionOnlyType">
- <xs:annotation>
- <xs:documentation>
- This element indicates that the Authenticator has been
- transmitted using a transport mechanism protected by an IPSEC session.
- </xs:documentation>
- </xs:annotation>
- </xs:element>
-
- <xs:element name="WTLS" type="ExtensionOnlyType">
- <xs:annotation>
- <xs:documentation>
- This element indicates that the Authenticator has been
- transmitted using a transport mechanism protected by a WTLS session.
- </xs:documentation>
- </xs:annotation>
- </xs:element>
-
- <xs:element name="MobileNetworkNoEncryption" type="ExtensionOnlyType">
- <xs:annotation>
- <xs:documentation>
- This element indicates that the Authenticator has been
- transmitted solely across a mobile network using no additional
- security mechanism.
- </xs:documentation>
- </xs:annotation>
- </xs:element>
-
- <xs:element name="MobileNetworkRadioEncryption" type="ExtensionOnlyType"/>
- <xs:element name="MobileNetworkEndToEndEncryption" type="ExtensionOnlyType"/>
-
- <xs:element name="SSL" type="ExtensionOnlyType">
- <xs:annotation>
- <xs:documentation>
- This element indicates that the Authenticator has been
- transmitted using a transport mechnanism protected by an SSL or TLS
- session.
- </xs:documentation>
- </xs:annotation>
- </xs:element>
-
- <xs:element name="PSTN" type="ExtensionOnlyType"/>
- <xs:element name="ISDN" type="ExtensionOnlyType"/>
- <xs:element name="ADSL" type="ExtensionOnlyType"/>
-
- <xs:element name="OperationalProtection" type="OperationalProtectionType">
- <xs:annotation>
- <xs:documentation>
- Refers to those characteristics that describe
- procedural security controls employed by the Authentication Authority.
- </xs:documentation>
- </xs:annotation>
- </xs:element>
-
- <xs:element name="SecurityAudit" type="SecurityAuditType"/>
- <xs:element name="SwitchAudit" type="ExtensionOnlyType"/>
- <xs:element name="DeactivationCallCenter" type="ExtensionOnlyType"/>
-
- <xs:element name="GoverningAgreements" type="GoverningAgreementsType">
- <xs:annotation>
- <xs:documentation>
- Provides a mechanism for linking to external (likely
- human readable) documents in which additional business agreements,
- (e.g. liability constraints, obligations, etc) can be placed.
- </xs:documentation>
- </xs:annotation>
- </xs:element>
-
- <xs:element name="GoverningAgreementRef" type="GoverningAgreementRefType"/>
-
- <xs:simpleType name="nymType">
- <xs:restriction base="xs:NMTOKEN">
- <xs:enumeration value="anonymity"/>
- <xs:enumeration value="verinymity"/>
- <xs:enumeration value="pseudonymity"/>
- </xs:restriction>
- </xs:simpleType>
-
- <xs:complexType name="AuthnContextDeclarationBaseType">
- <xs:sequence>
- <xs:element ref="Identification" minOccurs="0"/>
- <xs:element ref="TechnicalProtection" minOccurs="0"/>
- <xs:element ref="OperationalProtection" minOccurs="0"/>
- <xs:element ref="AuthnMethod" minOccurs="0"/>
- <xs:element ref="GoverningAgreements" minOccurs="0"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- <xs:attribute name="ID" type="xs:ID" use="optional"/>
- </xs:complexType>
-
- <xs:complexType name="IdentificationType">
- <xs:sequence>
- <xs:element ref="PhysicalVerification" minOccurs="0"/>
- <xs:element ref="WrittenConsent" minOccurs="0"/>
- <xs:element ref="GoverningAgreements" minOccurs="0"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- <xs:attribute name="nym" type="nymType">
- <xs:annotation>
- <xs:documentation>
- This attribute indicates whether or not the
- Identification mechanisms allow the actions of the Principal to be
- linked to an actual end user.
- </xs:documentation>
- </xs:annotation>
- </xs:attribute>
- </xs:complexType>
-
- <xs:complexType name="TechnicalProtectionBaseType">
- <xs:sequence>
- <xs:choice minOccurs="0">
- <xs:element ref="PrivateKeyProtection"/>
- <xs:element ref="SecretKeyProtection"/>
- </xs:choice>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:complexType>
-
- <xs:complexType name="OperationalProtectionType">
- <xs:sequence>
- <xs:element ref="SecurityAudit" minOccurs="0"/>
- <xs:element ref="DeactivationCallCenter" minOccurs="0"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:complexType>
-
- <xs:complexType name="AuthnMethodBaseType">
- <xs:sequence>
- <xs:element ref="PrincipalAuthenticationMechanism" minOccurs="0"/>
- <xs:element ref="Authenticator" minOccurs="0"/>
- <xs:element ref="AuthenticatorTransportProtocol" minOccurs="0"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:complexType>
-
- <xs:complexType name="GoverningAgreementsType">
- <xs:sequence>
- <xs:element ref="GoverningAgreementRef" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:complexType>
-
- <xs:complexType name="GoverningAgreementRefType">
- <xs:attribute name="governingAgreementRef" type="xs:anyURI" use="required"/>
- </xs:complexType>
-
- <xs:complexType name="PrincipalAuthenticationMechanismType">
- <xs:sequence>
- <xs:element ref="Password" minOccurs="0"/>
- <xs:element ref="RestrictedPassword" minOccurs="0"/>
- <xs:element ref="Token" minOccurs="0"/>
- <xs:element ref="Smartcard" minOccurs="0"/>
- <xs:element ref="ActivationPin" minOccurs="0"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- <xs:attribute name="preauth" type="xs:integer" use="optional"/>
- </xs:complexType>
-
- <xs:group name="AuthenticatorChoiceGroup">
- <xs:choice>
- <xs:element ref="PreviousSession"/>
- <xs:element ref="ResumeSession"/>
- <xs:element ref="DigSig"/>
- <xs:element ref="Password"/>
- <xs:element ref="RestrictedPassword"/>
- <xs:element ref="ZeroKnowledge"/>
- <xs:element ref="SharedSecretChallengeResponse"/>
- <xs:element ref="SharedSecretDynamicPlaintext"/>
- <xs:element ref="IPAddress"/>
- <xs:element ref="AsymmetricDecryption"/>
- <xs:element ref="AsymmetricKeyAgreement"/>
- <xs:element ref="SubscriberLineNumber"/>
- <xs:element ref="UserSuffix"/>
- <xs:element ref="ComplexAuthenticator"/>
- </xs:choice>
- </xs:group>
-
- <xs:group name="AuthenticatorSequenceGroup">
- <xs:sequence>
- <xs:element ref="PreviousSession" minOccurs="0"/>
- <xs:element ref="ResumeSession" minOccurs="0"/>
- <xs:element ref="DigSig" minOccurs="0"/>
- <xs:element ref="Password" minOccurs="0"/>
- <xs:element ref="RestrictedPassword" minOccurs="0"/>
- <xs:element ref="ZeroKnowledge" minOccurs="0"/>
- <xs:element ref="SharedSecretChallengeResponse" minOccurs="0"/>
- <xs:element ref="SharedSecretDynamicPlaintext" minOccurs="0"/>
- <xs:element ref="IPAddress" minOccurs="0"/>
- <xs:element ref="AsymmetricDecryption" minOccurs="0"/>
- <xs:element ref="AsymmetricKeyAgreement" minOccurs="0"/>
- <xs:element ref="SubscriberLineNumber" minOccurs="0"/>
- <xs:element ref="UserSuffix" minOccurs="0"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:group>
-
- <xs:complexType name="AuthenticatorBaseType">
- <xs:sequence>
- <xs:group ref="AuthenticatorChoiceGroup"/>
- <xs:group ref="AuthenticatorSequenceGroup"/>
- </xs:sequence>
- </xs:complexType>
-
- <xs:complexType name="ComplexAuthenticatorType">
- <xs:sequence>
- <xs:group ref="AuthenticatorChoiceGroup"/>
- <xs:group ref="AuthenticatorSequenceGroup"/>
- </xs:sequence>
- </xs:complexType>
-
- <xs:complexType name="AuthenticatorTransportProtocolType">
- <xs:sequence>
- <xs:choice minOccurs="0">
- <xs:element ref="HTTP"/>
- <xs:element ref="SSL"/>
- <xs:element ref="MobileNetworkNoEncryption"/>
- <xs:element ref="MobileNetworkRadioEncryption"/>
- <xs:element ref="MobileNetworkEndToEndEncryption"/>
- <xs:element ref="WTLS"/>
- <xs:element ref="IPSec"/>
- <xs:element ref="PSTN"/>
- <xs:element ref="ISDN"/>
- <xs:element ref="ADSL"/>
- </xs:choice>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:complexType>
-
- <xs:complexType name="KeyActivationType">
- <xs:sequence>
- <xs:element ref="ActivationPin" minOccurs="0"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:complexType>
-
- <xs:complexType name="KeySharingType">
- <xs:attribute name="sharing" type="xs:boolean" use="required"/>
- </xs:complexType>
-
- <xs:complexType name="PrivateKeyProtectionType">
- <xs:sequence>
- <xs:element ref="KeyActivation" minOccurs="0"/>
- <xs:element ref="KeyStorage" minOccurs="0"/>
- <xs:element ref="KeySharing" minOccurs="0"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:complexType>
-
- <xs:complexType name="PasswordType">
- <xs:sequence>
- <xs:element ref="Length" minOccurs="0"/>
- <xs:element ref="Alphabet" minOccurs="0"/>
- <xs:element ref="Generation" minOccurs="0"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- <xs:attribute name="ExternalVerification" type="xs:anyURI" use="optional"/>
- </xs:complexType>
-
- <xs:element name="RestrictedPassword" type="RestrictedPasswordType"/>
-
- <xs:complexType name="RestrictedPasswordType">
- <xs:complexContent>
- <xs:restriction base="PasswordType">
- <xs:sequence>
- <xs:element name="Length" type="RestrictedLengthType" minOccurs="1"/>
- <xs:element ref="Generation" minOccurs="0"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- <xs:attribute name="ExternalVerification" type="xs:anyURI" use="optional"/>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="RestrictedLengthType">
- <xs:complexContent>
- <xs:restriction base="LengthType">
- <xs:attribute name="min" use="required">
- <xs:simpleType>
- <xs:restriction base="xs:integer">
- <xs:minInclusive value="3"/>
- </xs:restriction>
- </xs:simpleType>
- </xs:attribute>
- <xs:attribute name="max" type="xs:integer" use="optional"/>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="ActivationPinType">
- <xs:sequence>
- <xs:element ref="Length" minOccurs="0"/>
- <xs:element ref="Alphabet" minOccurs="0"/>
- <xs:element ref="Generation" minOccurs="0"/>
- <xs:element ref="ActivationLimit" minOccurs="0"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:complexType>
-
- <xs:element name="Alphabet" type="AlphabetType"/>
- <xs:complexType name="AlphabetType">
- <xs:attribute name="requiredChars" type="xs:string" use="required"/>
- <xs:attribute name="excludedChars" type="xs:string" use="optional"/>
- <xs:attribute name="case" type="xs:string" use="optional"/>
- </xs:complexType>
-
- <xs:complexType name="TokenType">
- <xs:sequence>
- <xs:element ref="TimeSyncToken"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:complexType>
-
- <xs:simpleType name="DeviceTypeType">
- <xs:restriction base="xs:NMTOKEN">
- <xs:enumeration value="hardware"/>
- <xs:enumeration value="software"/>
- </xs:restriction>
- </xs:simpleType>
-
- <xs:simpleType name="booleanType">
- <xs:restriction base="xs:NMTOKEN">
- <xs:enumeration value="true"/>
- <xs:enumeration value="false"/>
- </xs:restriction>
- </xs:simpleType>
-
- <xs:complexType name="TimeSyncTokenType">
- <xs:attribute name="DeviceType" type="DeviceTypeType" use="required"/>
- <xs:attribute name="SeedLength" type="xs:integer" use="required"/>
- <xs:attribute name="DeviceInHand" type="booleanType" use="required"/>
- </xs:complexType>
-
- <xs:complexType name="ActivationLimitType">
- <xs:choice>
- <xs:element ref="ActivationLimitDuration"/>
- <xs:element ref="ActivationLimitUsages"/>
- <xs:element ref="ActivationLimitSession"/>
- </xs:choice>
- </xs:complexType>
-
- <xs:element name="ActivationLimitDuration" type="ActivationLimitDurationType">
- <xs:annotation>
- <xs:documentation>
- This element indicates that the Key Activation Limit is
- defined as a specific duration of time.
- </xs:documentation>
- </xs:annotation>
- </xs:element>
-
- <xs:element name="ActivationLimitUsages" type="ActivationLimitUsagesType">
- <xs:annotation>
- <xs:documentation>
- This element indicates that the Key Activation Limit is
- defined as a number of usages.
- </xs:documentation>
- </xs:annotation>
- </xs:element>
-
- <xs:element name="ActivationLimitSession" type="ActivationLimitSessionType">
- <xs:annotation>
- <xs:documentation>
- This element indicates that the Key Activation Limit is
- the session.
- </xs:documentation>
- </xs:annotation>
- </xs:element>
-
- <xs:complexType name="ActivationLimitDurationType">
- <xs:attribute name="duration" type="xs:duration" use="required"/>
- </xs:complexType>
-
- <xs:complexType name="ActivationLimitUsagesType">
- <xs:attribute name="number" type="xs:integer" use="required"/>
- </xs:complexType>
-
- <xs:complexType name="ActivationLimitSessionType"/>
-
- <xs:complexType name="LengthType">
- <xs:attribute name="min" type="xs:integer" use="required"/>
- <xs:attribute name="max" type="xs:integer" use="optional"/>
- </xs:complexType>
-
- <xs:simpleType name="mediumType">
- <xs:restriction base="xs:NMTOKEN">
- <xs:enumeration value="memory"/>
- <xs:enumeration value="smartcard"/>
- <xs:enumeration value="token"/>
- <xs:enumeration value="MobileDevice"/>
- <xs:enumeration value="MobileAuthCard"/>
- </xs:restriction>
- </xs:simpleType>
-
- <xs:complexType name="KeyStorageType">
- <xs:attribute name="medium" type="mediumType" use="required"/>
- </xs:complexType>
-
- <xs:complexType name="SecretKeyProtectionType">
- <xs:sequence>
- <xs:element ref="KeyActivation" minOccurs="0"/>
- <xs:element ref="KeyStorage" minOccurs="0"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:complexType>
-
- <xs:complexType name="SecurityAuditType">
- <xs:sequence>
- <xs:element ref="SwitchAudit" minOccurs="0"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:complexType>
-
- <xs:complexType name="ExtensionOnlyType">
- <xs:sequence>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:complexType>
-
- <xs:element name="Extension" type="ExtensionType"/>
-
- <xs:complexType name="ExtensionType">
- <xs:sequence>
- <xs:any namespace="##other" processContents="lax" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:complexType>
-
-</xs:schema>
diff --git a/schemas/saml-schema-authn-context-x509-2.0.xsd b/schemas/saml-schema-authn-context-x509-2.0.xsd
deleted file mode 100644
index ce4bd65e0..000000000
--- a/schemas/saml-schema-authn-context-x509-2.0.xsd
+++ /dev/null
@@ -1,83 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:X509"
- xmlns:xs="http://www.w3.org/2001/XMLSchema"
- xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:X509"
- finalDefault="extension"
- blockDefault="substitution"
- version="2.0">
-
- <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
-
- <xs:annotation>
- <xs:documentation>
- Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:X509
- Document identifier: saml-schema-authn-context-x509-2.0
- Location: http://docs.oasis-open.org/security/saml/v2.0/
- Revision history:
- V2.0 (March, 2005):
- New authentication context class schema for SAML V2.0.
- </xs:documentation>
- </xs:annotation>
-
- <xs:complexType name="AuthnContextDeclarationBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthnContextDeclarationBaseType">
- <xs:sequence>
- <xs:element ref="Identification" minOccurs="0"/>
- <xs:element ref="TechnicalProtection" minOccurs="0"/>
- <xs:element ref="OperationalProtection" minOccurs="0"/>
- <xs:element ref="AuthnMethod"/>
- <xs:element ref="GoverningAgreements" minOccurs="0"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- <xs:attribute name="ID" type="xs:ID" use="optional"/>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="AuthnMethodBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthnMethodBaseType">
- <xs:sequence>
- <xs:element ref="PrincipalAuthenticationMechanism"/>
- <xs:element ref="Authenticator"/>
- <xs:element ref="AuthenticatorTransportProtocol" minOccurs="0"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="PrincipalAuthenticationMechanismType">
- <xs:complexContent>
- <xs:restriction base="PrincipalAuthenticationMechanismType">
- <xs:sequence>
- <xs:element ref="RestrictedPassword"/>
- </xs:sequence>
- <xs:attribute name="preauth" type="xs:integer" use="optional"/>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="AuthenticatorBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthenticatorBaseType">
- <xs:sequence>
- <xs:element ref="DigSig"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="PublicKeyType">
- <xs:complexContent>
- <xs:restriction base="PublicKeyType">
- <xs:attribute name="keyValidation" type="xs:anyURI" fixed="urn:oasis:names:tc:SAML:2.0:ac:classes:X509"/>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- </xs:redefine>
-
-</xs:schema>
diff --git a/schemas/saml-schema-authn-context-xmldsig-2.0.xsd b/schemas/saml-schema-authn-context-xmldsig-2.0.xsd
deleted file mode 100644
index 61fe0ac8e..000000000
--- a/schemas/saml-schema-authn-context-xmldsig-2.0.xsd
+++ /dev/null
@@ -1,83 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<xs:schema targetNamespace="urn:oasis:names:tc:SAML:2.0:ac:classes:XMLDSig"
- xmlns:xs="http://www.w3.org/2001/XMLSchema"
- xmlns="urn:oasis:names:tc:SAML:2.0:ac:classes:XMLDSig"
- finalDefault="extension"
- blockDefault="substitution"
- version="2.0">
-
- <xs:redefine schemaLocation="saml-schema-authn-context-types-2.0.xsd">
-
- <xs:annotation>
- <xs:documentation>
- Class identifier: urn:oasis:names:tc:SAML:2.0:ac:classes:XMLDSig
- Document identifier: saml-schema-authn-context-xmldsig-2.0
- Location: http://docs.oasis-open.org/security/saml/v2.0/
- Revision history:
- V2.0 (March, 2005):
- New authentication context class schema for SAML V2.0.
- </xs:documentation>
- </xs:annotation>
-
- <xs:complexType name="AuthnContextDeclarationBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthnContextDeclarationBaseType">
- <xs:sequence>
- <xs:element ref="Identification" minOccurs="0"/>
- <xs:element ref="TechnicalProtection" minOccurs="0"/>
- <xs:element ref="OperationalProtection" minOccurs="0"/>
- <xs:element ref="AuthnMethod"/>
- <xs:element ref="GoverningAgreements" minOccurs="0"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- <xs:attribute name="ID" type="xs:ID" use="optional"/>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="AuthnMethodBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthnMethodBaseType">
- <xs:sequence>
- <xs:element ref="PrincipalAuthenticationMechanism"/>
- <xs:element ref="Authenticator"/>
- <xs:element ref="AuthenticatorTransportProtocol" minOccurs="0"/>
- <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="PrincipalAuthenticationMechanismType">
- <xs:complexContent>
- <xs:restriction base="PrincipalAuthenticationMechanismType">
- <xs:sequence>
- <xs:element ref="RestrictedPassword"/>
- </xs:sequence>
- <xs:attribute name="preauth" type="xs:integer" use="optional"/>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="AuthenticatorBaseType">
- <xs:complexContent>
- <xs:restriction base="AuthenticatorBaseType">
- <xs:sequence>
- <xs:element ref="DigSig"/>
- </xs:sequence>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- <xs:complexType name="PublicKeyType">
- <xs:complexContent>
- <xs:restriction base="PublicKeyType">
- <xs:attribute name="keyValidation" type="xs:anyURI" fixed="urn:ietf:rfc:3075"/>
- </xs:restriction>
- </xs:complexContent>
- </xs:complexType>
-
- </xs:redefine>
-
-</xs:schema>
diff --git a/schemas/saml-schema-dce-2.0.xsd b/schemas/saml-schema-dce-2.0.xsd
deleted file mode 100644
index e89be866a..000000000
--- a/schemas/saml-schema-dce-2.0.xsd
+++ /dev/null
@@ -1,29 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<schema targetNamespace="urn:oasis:names:tc:SAML:2.0:profiles:attribute:DCE"
- xmlns:dce="urn:oasis:names:tc:SAML:2.0:profiles:attribute:DCE"
- xmlns="http://www.w3.org/2001/XMLSchema"
- elementFormDefault="unqualified"
- attributeFormDefault="unqualified"
- blockDefault="substitution"
- version="2.0">
- <annotation>
- <documentation>
- Document identifier: saml-schema-dce-2.0
- Location: http://docs.oasis-open.org/security/saml/v2.0/
- Revision history:
- V2.0 (March, 2005):
- Custom schema for DCE attribute profile, first published in SAML 2.0.
- </documentation>
- </annotation>
- <complexType name="DCEValueType">
- <simpleContent>
- <extension base="anyURI">
- <attribute ref="dce:Realm" use="optional"/>
- <attribute ref="dce:FriendlyName" use="optional"/>
- </extension>
- </simpleContent>
- </complexType>
- <attribute name="Realm" type="anyURI"/>
- <attribute name="FriendlyName" type="string"/>
-</schema>
-
diff --git a/schemas/saml-schema-ecp-2.0.xsd b/schemas/saml-schema-ecp-2.0.xsd
deleted file mode 100644
index e3f24b9a5..000000000
--- a/schemas/saml-schema-ecp-2.0.xsd
+++ /dev/null
@@ -1,57 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<schema
- targetNamespace="urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp"
- xmlns="http://www.w3.org/2001/XMLSchema"
- xmlns:ecp="urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp"
- xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
- xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
- xmlns:S="http://schemas.xmlsoap.org/soap/envelope/"
- elementFormDefault="unqualified"
- attributeFormDefault="unqualified"
- blockDefault="substitution"
- version="2.0">
- <import namespace="urn:oasis:names:tc:SAML:2.0:protocol"
- schemaLocation="saml-schema-protocol-2.0.xsd"/>
- <import namespace="urn:oasis:names:tc:SAML:2.0:assertion"
- schemaLocation="saml-schema-assertion-2.0.xsd"/>
- <import namespace="http://schemas.xmlsoap.org/soap/envelope/"
- schemaLocation="http://schemas.xmlsoap.org/soap/envelope/"/>
- <annotation>
- <documentation>
- Document identifier: saml-schema-ecp-2.0
- Location: http://docs.oasis-open.org/security/saml/v2.0/
- Revision history:
- V2.0 (March, 2005):
- Custom schema for ECP profile, first published in SAML 2.0.
- </documentation>
- </annotation>
-
- <element name="Request" type="ecp:RequestType"/>
- <complexType name="RequestType">
- <sequence>
- <element ref="saml:Issuer"/>
- <element ref="samlp:IDPList" minOccurs="0"/>
- </sequence>
- <attribute ref="S:mustUnderstand" use="required"/>
- <attribute ref="S:actor" use="required"/>
- <attribute name="ProviderName" type="string" use="optional"/>
- <attribute name="IsPassive" type="boolean" use="optional"/>
- </complexType>
-
- <element name="Response" type="ecp:ResponseType"/>
- <complexType name="ResponseType">
- <attribute ref="S:mustUnderstand" use="required"/>
- <attribute ref="S:actor" use="required"/>
- <attribute name="AssertionConsumerServiceURL" type="anyURI" use="required"/>
- </complexType>
-
- <element name="RelayState" type="ecp:RelayStateType"/>
- <complexType name="RelayStateType">
- <simpleContent>
- <extension base="string">
- <attribute ref="S:mustUnderstand" use="required"/>
- <attribute ref="S:actor" use="required"/>
- </extension>
- </simpleContent>
- </complexType>
-</schema>
diff --git a/schemas/saml-schema-metadata-2.0.xsd b/schemas/saml-schema-metadata-2.0.xsd
deleted file mode 100644
index b656d4f41..000000000
--- a/schemas/saml-schema-metadata-2.0.xsd
+++ /dev/null
@@ -1,337 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<schema
- targetNamespace="urn:oasis:names:tc:SAML:2.0:metadata"
- xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"
- xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
- xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
- xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
- xmlns="http://www.w3.org/2001/XMLSchema"
- elementFormDefault="unqualified"
- attributeFormDefault="unqualified"
- blockDefault="substitution"
- version="2.0">
- <import namespace="http://www.w3.org/2000/09/xmldsig#"
- schemaLocation="xmldsig-core-schema.xsd"/>
- <import namespace="http://www.w3.org/2001/04/xmlenc#"
- schemaLocation="xenc-schema.xsd"/>
- <import namespace="urn:oasis:names:tc:SAML:2.0:assertion"
- schemaLocation="saml-schema-assertion-2.0.xsd"/>
- <import namespace="http://www.w3.org/XML/1998/namespace"
- schemaLocation="xml.xsd"/>
- <annotation>
- <documentation>
- Document identifier: saml-schema-metadata-2.0
- Location: http://docs.oasis-open.org/security/saml/v2.0/
- Revision history:
- V2.0 (March, 2005):
- Schema for SAML metadata, first published in SAML 2.0.
- </documentation>
- </annotation>
-
- <simpleType name="entityIDType">
- <restriction base="anyURI">
- <maxLength value="1024"/>
- </restriction>
- </simpleType>
- <complexType name="localizedNameType">
- <simpleContent>
- <extension base="string">
- <attribute ref="xml:lang" use="required"/>
- </extension>
- </simpleContent>
- </complexType>
- <complexType name="localizedURIType">
- <simpleContent>
- <extension base="anyURI">
- <attribute ref="xml:lang" use="required"/>
- </extension>
- </simpleContent>
- </complexType>
-
- <element name="Extensions" type="md:ExtensionsType"/>
- <complexType final="#all" name="ExtensionsType">
- <sequence>
- <any namespace="##other" processContents="lax" maxOccurs="unbounded"/>
- </sequence>
- </complexType>
-
- <complexType name="EndpointType">
- <sequence>
- <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- <attribute name="Binding" type="anyURI" use="required"/>
- <attribute name="Location" type="anyURI" use="required"/>
- <attribute name="ResponseLocation" type="anyURI" use="optional"/>
- <anyAttribute namespace="##other" processContents="lax"/>
- </complexType>
-
- <complexType name="IndexedEndpointType">
- <complexContent>
- <extension base="md:EndpointType">
- <attribute name="index" type="unsignedShort" use="required"/>
- <attribute name="isDefault" type="boolean" use="optional"/>
- </extension>
- </complexContent>
- </complexType>
-
- <element name="EntitiesDescriptor" type="md:EntitiesDescriptorType"/>
- <complexType name="EntitiesDescriptorType">
- <sequence>
- <element ref="ds:Signature" minOccurs="0"/>
- <element ref="md:Extensions" minOccurs="0"/>
- <choice minOccurs="1" maxOccurs="unbounded">
- <element ref="md:EntityDescriptor"/>
- <element ref="md:EntitiesDescriptor"/>
- </choice>
- </sequence>
- <attribute name="validUntil" type="dateTime" use="optional"/>
- <attribute name="cacheDuration" type="duration" use="optional"/>
- <attribute name="ID" type="ID" use="optional"/>
- <attribute name="Name" type="string" use="optional"/>
- </complexType>
-
- <element name="EntityDescriptor" type="md:EntityDescriptorType"/>
- <complexType name="EntityDescriptorType">
- <sequence>
- <element ref="ds:Signature" minOccurs="0"/>
- <element ref="md:Extensions" minOccurs="0"/>
- <choice>
- <choice maxOccurs="unbounded">
- <element ref="md:RoleDescriptor"/>
- <element ref="md:IDPSSODescriptor"/>
- <element ref="md:SPSSODescriptor"/>
- <element ref="md:AuthnAuthorityDescriptor"/>
- <element ref="md:AttributeAuthorityDescriptor"/>
- <element ref="md:PDPDescriptor"/>
- </choice>
- <element ref="md:AffiliationDescriptor"/>
- </choice>
- <element ref="md:Organization" minOccurs="0"/>
- <element ref="md:ContactPerson" minOccurs="0" maxOccurs="unbounded"/>
- <element ref="md:AdditionalMetadataLocation" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- <attribute name="entityID" type="md:entityIDType" use="required"/>
- <attribute name="validUntil" type="dateTime" use="optional"/>
- <attribute name="cacheDuration" type="duration" use="optional"/>
- <attribute name="ID" type="ID" use="optional"/>
- <anyAttribute namespace="##other" processContents="lax"/>
- </complexType>
-
- <element name="Organization" type="md:OrganizationType"/>
- <complexType name="OrganizationType">
- <sequence>
- <element ref="md:Extensions" minOccurs="0"/>
- <element ref="md:OrganizationName" maxOccurs="unbounded"/>
- <element ref="md:OrganizationDisplayName" maxOccurs="unbounded"/>
- <element ref="md:OrganizationURL" maxOccurs="unbounded"/>
- </sequence>
- <anyAttribute namespace="##other" processContents="lax"/>
- </complexType>
- <element name="OrganizationName" type="md:localizedNameType"/>
- <element name="OrganizationDisplayName" type="md:localizedNameType"/>
- <element name="OrganizationURL" type="md:localizedURIType"/>
- <element name="ContactPerson" type="md:ContactType"/>
- <complexType name="ContactType">
- <sequence>
- <element ref="md:Extensions" minOccurs="0"/>
- <element ref="md:Company" minOccurs="0"/>
- <element ref="md:GivenName" minOccurs="0"/>
- <element ref="md:SurName" minOccurs="0"/>
- <element ref="md:EmailAddress" minOccurs="0" maxOccurs="unbounded"/>
- <element ref="md:TelephoneNumber" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- <attribute name="contactType" type="md:ContactTypeType" use="required"/>
- <anyAttribute namespace="##other" processContents="lax"/>
- </complexType>
- <element name="Company" type="string"/>
- <element name="GivenName" type="string"/>
- <element name="SurName" type="string"/>
- <element name="EmailAddress" type="anyURI"/>
- <element name="TelephoneNumber" type="string"/>
- <simpleType name="ContactTypeType">
- <restriction base="string">
- <enumeration value="technical"/>
- <enumeration value="support"/>
- <enumeration value="administrative"/>
- <enumeration value="billing"/>
- <enumeration value="other"/>
- </restriction>
- </simpleType>
-
- <element name="AdditionalMetadataLocation" type="md:AdditionalMetadataLocationType"/>
- <complexType name="AdditionalMetadataLocationType">
- <simpleContent>
- <extension base="anyURI">
- <attribute name="namespace" type="anyURI" use="required"/>
- </extension>
- </simpleContent>
- </complexType>
-
- <element name="RoleDescriptor" type="md:RoleDescriptorType"/>
- <complexType name="RoleDescriptorType" abstract="true">
- <sequence>
- <element ref="ds:Signature" minOccurs="0"/>
- <element ref="md:Extensions" minOccurs="0"/>
- <element ref="md:KeyDescriptor" minOccurs="0" maxOccurs="unbounded"/>
- <element ref="md:Organization" minOccurs="0"/>
- <element ref="md:ContactPerson" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- <attribute name="ID" type="ID" use="optional"/>
- <attribute name="validUntil" type="dateTime" use="optional"/>
- <attribute name="cacheDuration" type="duration" use="optional"/>
- <attribute name="protocolSupportEnumeration" type="md:anyURIListType" use="required"/>
- <attribute name="errorURL" type="anyURI" use="optional"/>
- <anyAttribute namespace="##other" processContents="lax"/>
- </complexType>
- <simpleType name="anyURIListType">
- <list itemType="anyURI"/>
- </simpleType>
-
- <element name="KeyDescriptor" type="md:KeyDescriptorType"/>
- <complexType name="KeyDescriptorType">
- <sequence>
- <element ref="ds:KeyInfo"/>
- <element ref="md:EncryptionMethod" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- <attribute name="use" type="md:KeyTypes" use="optional"/>
- </complexType>
- <simpleType name="KeyTypes">
- <restriction base="string">
- <enumeration value="encryption"/>
- <enumeration value="signing"/>
- </restriction>
- </simpleType>
- <element name="EncryptionMethod" type="xenc:EncryptionMethodType"/>
-
- <complexType name="SSODescriptorType" abstract="true">
- <complexContent>
- <extension base="md:RoleDescriptorType">
- <sequence>
- <element ref="md:ArtifactResolutionService" minOccurs="0" maxOccurs="unbounded"/>
- <element ref="md:SingleLogoutService" minOccurs="0" maxOccurs="unbounded"/>
- <element ref="md:ManageNameIDService" minOccurs="0" maxOccurs="unbounded"/>
- <element ref="md:NameIDFormat" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- </extension>
- </complexContent>
- </complexType>
- <element name="ArtifactResolutionService" type="md:IndexedEndpointType"/>
- <element name="SingleLogoutService" type="md:EndpointType"/>
- <element name="ManageNameIDService" type="md:EndpointType"/>
- <element name="NameIDFormat" type="anyURI"/>
-
- <element name="IDPSSODescriptor" type="md:IDPSSODescriptorType"/>
- <complexType name="IDPSSODescriptorType">
- <complexContent>
- <extension base="md:SSODescriptorType">
- <sequence>
- <element ref="md:SingleSignOnService" maxOccurs="unbounded"/>
- <element ref="md:NameIDMappingService" minOccurs="0" maxOccurs="unbounded"/>
- <element ref="md:AssertionIDRequestService" minOccurs="0" maxOccurs="unbounded"/>
- <element ref="md:AttributeProfile" minOccurs="0" maxOccurs="unbounded"/>
- <element ref="saml:Attribute" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- <attribute name="WantAuthnRequestsSigned" type="boolean" use="optional"/>
- </extension>
- </complexContent>
- </complexType>
- <element name="SingleSignOnService" type="md:EndpointType"/>
- <element name="NameIDMappingService" type="md:EndpointType"/>
- <element name="AssertionIDRequestService" type="md:EndpointType"/>
- <element name="AttributeProfile" type="anyURI"/>
-
- <element name="SPSSODescriptor" type="md:SPSSODescriptorType"/>
- <complexType name="SPSSODescriptorType">
- <complexContent>
- <extension base="md:SSODescriptorType">
- <sequence>
- <element ref="md:AssertionConsumerService" maxOccurs="unbounded"/>
- <element ref="md:AttributeConsumingService" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- <attribute name="AuthnRequestsSigned" type="boolean" use="optional"/>
- <attribute name="WantAssertionsSigned" type="boolean" use="optional"/>
- </extension>
- </complexContent>
- </complexType>
- <element name="AssertionConsumerService" type="md:IndexedEndpointType"/>
- <element name="AttributeConsumingService" type="md:AttributeConsumingServiceType"/>
- <complexType name="AttributeConsumingServiceType">
- <sequence>
- <element ref="md:ServiceName" maxOccurs="unbounded"/>
- <element ref="md:ServiceDescription" minOccurs="0" maxOccurs="unbounded"/>
- <element ref="md:RequestedAttribute" maxOccurs="unbounded"/>
- </sequence>
- <attribute name="index" type="unsignedShort" use="required"/>
- <attribute name="isDefault" type="boolean" use="optional"/>
- </complexType>
- <element name="ServiceName" type="md:localizedNameType"/>
- <element name="ServiceDescription" type="md:localizedNameType"/>
- <element name="RequestedAttribute" type="md:RequestedAttributeType"/>
- <complexType name="RequestedAttributeType">
- <complexContent>
- <extension base="saml:AttributeType">
- <attribute name="isRequired" type="boolean" use="optional"/>
- </extension>
- </complexContent>
- </complexType>
-
- <element name="AuthnAuthorityDescriptor" type="md:AuthnAuthorityDescriptorType"/>
- <complexType name="AuthnAuthorityDescriptorType">
- <complexContent>
- <extension base="md:RoleDescriptorType">
- <sequence>
- <element ref="md:AuthnQueryService" maxOccurs="unbounded"/>
- <element ref="md:AssertionIDRequestService" minOccurs="0" maxOccurs="unbounded"/>
- <element ref="md:NameIDFormat" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- </extension>
- </complexContent>
- </complexType>
- <element name="AuthnQueryService" type="md:EndpointType"/>
-
- <element name="PDPDescriptor" type="md:PDPDescriptorType"/>
- <complexType name="PDPDescriptorType">
- <complexContent>
- <extension base="md:RoleDescriptorType">
- <sequence>
- <element ref="md:AuthzService" maxOccurs="unbounded"/>
- <element ref="md:AssertionIDRequestService" minOccurs="0" maxOccurs="unbounded"/>
- <element ref="md:NameIDFormat" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- </extension>
- </complexContent>
- </complexType>
- <element name="AuthzService" type="md:EndpointType"/>
-
- <element name="AttributeAuthorityDescriptor" type="md:AttributeAuthorityDescriptorType"/>
- <complexType name="AttributeAuthorityDescriptorType">
- <complexContent>
- <extension base="md:RoleDescriptorType">
- <sequence>
- <element ref="md:AttributeService" maxOccurs="unbounded"/>
- <element ref="md:AssertionIDRequestService" minOccurs="0" maxOccurs="unbounded"/>
- <element ref="md:NameIDFormat" minOccurs="0" maxOccurs="unbounded"/>
- <element ref="md:AttributeProfile" minOccurs="0" maxOccurs="unbounded"/>
- <element ref="saml:Attribute" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- </extension>
- </complexContent>
- </complexType>
- <element name="AttributeService" type="md:EndpointType"/>
-
- <element name="AffiliationDescriptor" type="md:AffiliationDescriptorType"/>
- <complexType name="AffiliationDescriptorType">
- <sequence>
- <element ref="ds:Signature" minOccurs="0"/>
- <element ref="md:Extensions" minOccurs="0"/>
- <element ref="md:AffiliateMember" maxOccurs="unbounded"/>
- <element ref="md:KeyDescriptor" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- <attribute name="affiliationOwnerID" type="md:entityIDType" use="required"/>
- <attribute name="validUntil" type="dateTime" use="optional"/>
- <attribute name="cacheDuration" type="duration" use="optional"/>
- <attribute name="ID" type="ID" use="optional"/>
- <anyAttribute namespace="##other" processContents="lax"/>
- </complexType>
- <element name="AffiliateMember" type="md:entityIDType"/>
-</schema>
diff --git a/schemas/saml-schema-protocol-2.0.xsd b/schemas/saml-schema-protocol-2.0.xsd
deleted file mode 100644
index 7fa6f489d..000000000
--- a/schemas/saml-schema-protocol-2.0.xsd
+++ /dev/null
@@ -1,302 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<schema
- targetNamespace="urn:oasis:names:tc:SAML:2.0:protocol"
- xmlns="http://www.w3.org/2001/XMLSchema"
- xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
- xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
- xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
- elementFormDefault="unqualified"
- attributeFormDefault="unqualified"
- blockDefault="substitution"
- version="2.0">
- <import namespace="urn:oasis:names:tc:SAML:2.0:assertion"
- schemaLocation="saml-schema-assertion-2.0.xsd"/>
- <import namespace="http://www.w3.org/2000/09/xmldsig#"
- schemaLocation="xmldsig-core-schema.xsd"/>
- <annotation>
- <documentation>
- Document identifier: saml-schema-protocol-2.0
- Location: http://docs.oasis-open.org/security/saml/v2.0/
- Revision history:
- V1.0 (November, 2002):
- Initial Standard Schema.
- V1.1 (September, 2003):
- Updates within the same V1.0 namespace.
- V2.0 (March, 2005):
- New protocol schema based in a SAML V2.0 namespace.
- </documentation>
- </annotation>
- <complexType name="RequestAbstractType" abstract="true">
- <sequence>
- <element ref="saml:Issuer" minOccurs="0"/>
- <element ref="ds:Signature" minOccurs="0"/>
- <element ref="samlp:Extensions" minOccurs="0"/>
- </sequence>
- <attribute name="ID" type="ID" use="required"/>
- <attribute name="Version" type="string" use="required"/>
- <attribute name="IssueInstant" type="dateTime" use="required"/>
- <attribute name="Destination" type="anyURI" use="optional"/>
- <attribute name="Consent" type="anyURI" use="optional"/>
- </complexType>
- <element name="Extensions" type="samlp:ExtensionsType"/>
- <complexType name="ExtensionsType">
- <sequence>
- <any namespace="##other" processContents="lax" maxOccurs="unbounded"/>
- </sequence>
- </complexType>
- <complexType name="StatusResponseType">
- <sequence>
- <element ref="saml:Issuer" minOccurs="0"/>
- <element ref="ds:Signature" minOccurs="0"/>
- <element ref="samlp:Extensions" minOccurs="0"/>
- <element ref="samlp:Status"/>
- </sequence>
- <attribute name="ID" type="ID" use="required"/>
- <attribute name="InResponseTo" type="NCName" use="optional"/>
- <attribute name="Version" type="string" use="required"/>
- <attribute name="IssueInstant" type="dateTime" use="required"/>
- <attribute name="Destination" type="anyURI" use="optional"/>
- <attribute name="Consent" type="anyURI" use="optional"/>
- </complexType>
- <element name="Status" type="samlp:StatusType"/>
- <complexType name="StatusType">
- <sequence>
- <element ref="samlp:StatusCode"/>
- <element ref="samlp:StatusMessage" minOccurs="0"/>
- <element ref="samlp:StatusDetail" minOccurs="0"/>
- </sequence>
- </complexType>
- <element name="StatusCode" type="samlp:StatusCodeType"/>
- <complexType name="StatusCodeType">
- <sequence>
- <element ref="samlp:StatusCode" minOccurs="0"/>
- </sequence>
- <attribute name="Value" type="anyURI" use="required"/>
- </complexType>
- <element name="StatusMessage" type="string"/>
- <element name="StatusDetail" type="samlp:StatusDetailType"/>
- <complexType name="StatusDetailType">
- <sequence>
- <any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- </complexType>
- <element name="AssertionIDRequest" type="samlp:AssertionIDRequestType"/>
- <complexType name="AssertionIDRequestType">
- <complexContent>
- <extension base="samlp:RequestAbstractType">
- <sequence>
- <element ref="saml:AssertionIDRef" maxOccurs="unbounded"/>
- </sequence>
- </extension>
- </complexContent>
- </complexType>
- <element name="SubjectQuery" type="samlp:SubjectQueryAbstractType"/>
- <complexType name="SubjectQueryAbstractType" abstract="true">
- <complexContent>
- <extension base="samlp:RequestAbstractType">
- <sequence>
- <element ref="saml:Subject"/>
- </sequence>
- </extension>
- </complexContent>
- </complexType>
- <element name="AuthnQuery" type="samlp:AuthnQueryType"/>
- <complexType name="AuthnQueryType">
- <complexContent>
- <extension base="samlp:SubjectQueryAbstractType">
- <sequence>
- <element ref="samlp:RequestedAuthnContext" minOccurs="0"/>
- </sequence>
- <attribute name="SessionIndex" type="string" use="optional"/>
- </extension>
- </complexContent>
- </complexType>
- <element name="RequestedAuthnContext" type="samlp:RequestedAuthnContextType"/>
- <complexType name="RequestedAuthnContextType">
- <choice>
- <element ref="saml:AuthnContextClassRef" maxOccurs="unbounded"/>
- <element ref="saml:AuthnContextDeclRef" maxOccurs="unbounded"/>
- </choice>
- <attribute name="Comparison" type="samlp:AuthnContextComparisonType" use="optional"/>
- </complexType>
- <simpleType name="AuthnContextComparisonType">
- <restriction base="string">
- <enumeration value="exact"/>
- <enumeration value="minimum"/>
- <enumeration value="maximum"/>
- <enumeration value="better"/>
- </restriction>
- </simpleType>
- <element name="AttributeQuery" type="samlp:AttributeQueryType"/>
- <complexType name="AttributeQueryType">
- <complexContent>
- <extension base="samlp:SubjectQueryAbstractType">
- <sequence>
- <element ref="saml:Attribute" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- </extension>
- </complexContent>
- </complexType>
- <element name="AuthzDecisionQuery" type="samlp:AuthzDecisionQueryType"/>
- <complexType name="AuthzDecisionQueryType">
- <complexContent>
- <extension base="samlp:SubjectQueryAbstractType">
- <sequence>
- <element ref="saml:Action" maxOccurs="unbounded"/>
- <element ref="saml:Evidence" minOccurs="0"/>
- </sequence>
- <attribute name="Resource" type="anyURI" use="required"/>
- </extension>
- </complexContent>
- </complexType>
- <element name="AuthnRequest" type="samlp:AuthnRequestType"/>
- <complexType name="AuthnRequestType">
- <complexContent>
- <extension base="samlp:RequestAbstractType">
- <sequence>
- <element ref="saml:Subject" minOccurs="0"/>
- <element ref="samlp:NameIDPolicy" minOccurs="0"/>
- <element ref="saml:Conditions" minOccurs="0"/>
- <element ref="samlp:RequestedAuthnContext" minOccurs="0"/>
- <element ref="samlp:Scoping" minOccurs="0"/>
- </sequence>
- <attribute name="ForceAuthn" type="boolean" use="optional"/>
- <attribute name="IsPassive" type="boolean" use="optional"/>
- <attribute name="ProtocolBinding" type="anyURI" use="optional"/>
- <attribute name="AssertionConsumerServiceIndex" type="unsignedShort" use="optional"/>
- <attribute name="AssertionConsumerServiceURL" type="anyURI" use="optional"/>
- <attribute name="AttributeConsumingServiceIndex" type="unsignedShort" use="optional"/>
- <attribute name="ProviderName" type="string" use="optional"/>
- </extension>
- </complexContent>
- </complexType>
- <element name="NameIDPolicy" type="samlp:NameIDPolicyType"/>
- <complexType name="NameIDPolicyType">
- <attribute name="Format" type="anyURI" use="optional"/>
- <attribute name="SPNameQualifier" type="string" use="optional"/>
- <attribute name="AllowCreate" type="boolean" use="optional"/>
- </complexType>
- <element name="Scoping" type="samlp:ScopingType"/>
- <complexType name="ScopingType">
- <sequence>
- <element ref="samlp:IDPList" minOccurs="0"/>
- <element ref="samlp:RequesterID" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- <attribute name="ProxyCount" type="nonNegativeInteger" use="optional"/>
- </complexType>
- <element name="RequesterID" type="anyURI"/>
- <element name="IDPList" type="samlp:IDPListType"/>
- <complexType name="IDPListType">
- <sequence>
- <element ref="samlp:IDPEntry" maxOccurs="unbounded"/>
- <element ref="samlp:GetComplete" minOccurs="0"/>
- </sequence>
- </complexType>
- <element name="IDPEntry" type="samlp:IDPEntryType"/>
- <complexType name="IDPEntryType">
- <attribute name="ProviderID" type="anyURI" use="required"/>
- <attribute name="Name" type="string" use="optional"/>
- <attribute name="Loc" type="anyURI" use="optional"/>
- </complexType>
- <element name="GetComplete" type="anyURI"/>
- <element name="Response" type="samlp:ResponseType"/>
- <complexType name="ResponseType">
- <complexContent>
- <extension base="samlp:StatusResponseType">
- <choice minOccurs="0" maxOccurs="unbounded">
- <element ref="saml:Assertion"/>
- <element ref="saml:EncryptedAssertion"/>
- </choice>
- </extension>
- </complexContent>
- </complexType>
- <element name="ArtifactResolve" type="samlp:ArtifactResolveType"/>
- <complexType name="ArtifactResolveType">
- <complexContent>
- <extension base="samlp:RequestAbstractType">
- <sequence>
- <element ref="samlp:Artifact"/>
- </sequence>
- </extension>
- </complexContent>
- </complexType>
- <element name="Artifact" type="string"/>
- <element name="ArtifactResponse" type="samlp:ArtifactResponseType"/>
- <complexType name="ArtifactResponseType">
- <complexContent>
- <extension base="samlp:StatusResponseType">
- <sequence>
- <any namespace="##any" processContents="lax" minOccurs="0"/>
- </sequence>
- </extension>
- </complexContent>
- </complexType>
- <element name="ManageNameIDRequest" type="samlp:ManageNameIDRequestType"/>
- <complexType name="ManageNameIDRequestType">
- <complexContent>
- <extension base="samlp:RequestAbstractType">
- <sequence>
- <choice>
- <element ref="saml:NameID"/>
- <element ref="saml:EncryptedID"/>
- </choice>
- <choice>
- <element ref="samlp:NewID"/>
- <element ref="samlp:NewEncryptedID"/>
- <element ref="samlp:Terminate"/>
- </choice>
- </sequence>
- </extension>
- </complexContent>
- </complexType>
- <element name="NewID" type="string"/>
- <element name="NewEncryptedID" type="saml:EncryptedElementType"/>
- <element name="Terminate" type="samlp:TerminateType"/>
- <complexType name="TerminateType"/>
- <element name="ManageNameIDResponse" type="samlp:StatusResponseType"/>
- <element name="LogoutRequest" type="samlp:LogoutRequestType"/>
- <complexType name="LogoutRequestType">
- <complexContent>
- <extension base="samlp:RequestAbstractType">
- <sequence>
- <choice>
- <element ref="saml:BaseID"/>
- <element ref="saml:NameID"/>
- <element ref="saml:EncryptedID"/>
- </choice>
- <element ref="samlp:SessionIndex" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- <attribute name="Reason" type="string" use="optional"/>
- <attribute name="NotOnOrAfter" type="dateTime" use="optional"/>
- </extension>
- </complexContent>
- </complexType>
- <element name="SessionIndex" type="string"/>
- <element name="LogoutResponse" type="samlp:StatusResponseType"/>
- <element name="NameIDMappingRequest" type="samlp:NameIDMappingRequestType"/>
- <complexType name="NameIDMappingRequestType">
- <complexContent>
- <extension base="samlp:RequestAbstractType">
- <sequence>
- <choice>
- <element ref="saml:BaseID"/>
- <element ref="saml:NameID"/>
- <element ref="saml:EncryptedID"/>
- </choice>
- <element ref="samlp:NameIDPolicy"/>
- </sequence>
- </extension>
- </complexContent>
- </complexType>
- <element name="NameIDMappingResponse" type="samlp:NameIDMappingResponseType"/>
- <complexType name="NameIDMappingResponseType">
- <complexContent>
- <extension base="samlp:StatusResponseType">
- <choice>
- <element ref="saml:NameID"/>
- <element ref="saml:EncryptedID"/>
- </choice>
- </extension>
- </complexContent>
- </complexType>
-</schema>
diff --git a/schemas/saml-schema-x500-2.0.xsd b/schemas/saml-schema-x500-2.0.xsd
deleted file mode 100644
index f67f1b04a..000000000
--- a/schemas/saml-schema-x500-2.0.xsd
+++ /dev/null
@@ -1,20 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<schema
- targetNamespace="urn:oasis:names:tc:SAML:2.0:profiles:attribute:X500"
- xmlns="http://www.w3.org/2001/XMLSchema"
- elementFormDefault="unqualified"
- attributeFormDefault="unqualified"
- blockDefault="substitution"
- version="2.0">
- <annotation>
- <documentation>
- Document identifier: saml-schema-x500-2.0
- Location: http://docs.oasis-open.org/security/saml/v2.0/
- Revision history:
- V2.0 (March, 2005):
- Custom schema for X.500 attribute profile, first published in SAML 2.0.
- </documentation>
- </annotation>
- <attribute name="Encoding" type="string"/>
-</schema>
-
diff --git a/schemas/saml-schema-xacml-2.0.xsd b/schemas/saml-schema-xacml-2.0.xsd
deleted file mode 100644
index 836f9db04..000000000
--- a/schemas/saml-schema-xacml-2.0.xsd
+++ /dev/null
@@ -1,19 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<schema
- targetNamespace="urn:oasis:names:tc:SAML:2.0:profiles:attribute:XACML"
- xmlns="http://www.w3.org/2001/XMLSchema"
- elementFormDefault="unqualified"
- attributeFormDefault="unqualified"
- blockDefault="substitution"
- version="2.0">
- <annotation>
- <documentation>
- Document identifier: saml-schema-xacml-2.0
- Location: http://docs.oasis-open.org/security/saml/v2.0/
- Revision history:
- V2.0 (March, 2005):
- Custom schema for XACML attribute profile, first published in SAML 2.0.
- </documentation>
- </annotation>
- <attribute name="DataType" type="anyURI"/>
-</schema>
diff --git a/schemas/xenc-schema.xsd b/schemas/xenc-schema.xsd
deleted file mode 100644
index d61229fd5..000000000
--- a/schemas/xenc-schema.xsd
+++ /dev/null
@@ -1,146 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<!DOCTYPE schema PUBLIC "-//W3C//DTD XMLSchema 200102//EN"
- "http://www.w3.org/2001/XMLSchema.dtd"
- [
- <!ATTLIST schema
- xmlns:xenc CDATA #FIXED 'http://www.w3.org/2001/04/xmlenc#'
- xmlns:ds CDATA #FIXED 'http://www.w3.org/2000/09/xmldsig#'>
- <!ENTITY xenc 'http://www.w3.org/2001/04/xmlenc#'>
- <!ENTITY % p ''>
- <!ENTITY % s ''>
- ]>
-
-<schema xmlns='http://www.w3.org/2001/XMLSchema' version='1.0'
- xmlns:xenc='http://www.w3.org/2001/04/xmlenc#'
- xmlns:ds='http://www.w3.org/2000/09/xmldsig#'
- targetNamespace='http://www.w3.org/2001/04/xmlenc#'
- elementFormDefault='qualified'>
-
- <import namespace='http://www.w3.org/2000/09/xmldsig#'
- schemaLocation='xmldsig-core-schema.xsd'/>
-
- <complexType name='EncryptedType' abstract='true'>
- <sequence>
- <element name='EncryptionMethod' type='xenc:EncryptionMethodType'
- minOccurs='0'/>
- <element ref='ds:KeyInfo' minOccurs='0'/>
- <element ref='xenc:CipherData'/>
- <element ref='xenc:EncryptionProperties' minOccurs='0'/>
- </sequence>
- <attribute name='Id' type='ID' use='optional'/>
- <attribute name='Type' type='anyURI' use='optional'/>
- <attribute name='MimeType' type='string' use='optional'/>
- <attribute name='Encoding' type='anyURI' use='optional'/>
- </complexType>
-
- <complexType name='EncryptionMethodType' mixed='true'>
- <sequence>
- <element name='KeySize' minOccurs='0' type='xenc:KeySizeType'/>
- <element name='OAEPparams' minOccurs='0' type='base64Binary'/>
- <any namespace='##other' minOccurs='0' maxOccurs='unbounded'/>
- </sequence>
- <attribute name='Algorithm' type='anyURI' use='required'/>
- </complexType>
-
- <simpleType name='KeySizeType'>
- <restriction base="integer"/>
- </simpleType>
-
- <element name='CipherData' type='xenc:CipherDataType'/>
- <complexType name='CipherDataType'>
- <choice>
- <element name='CipherValue' type='base64Binary'/>
- <element ref='xenc:CipherReference'/>
- </choice>
- </complexType>
-
- <element name='CipherReference' type='xenc:CipherReferenceType'/>
- <complexType name='CipherReferenceType'>
- <choice>
- <element name='Transforms' type='xenc:TransformsType' minOccurs='0'/>
- </choice>
- <attribute name='URI' type='anyURI' use='required'/>
- </complexType>
-
- <complexType name='TransformsType'>
- <sequence>
- <element ref='ds:Transform' maxOccurs='unbounded'/>
- </sequence>
- </complexType>
-
-
- <element name='EncryptedData' type='xenc:EncryptedDataType'/>
- <complexType name='EncryptedDataType'>
- <complexContent>
- <extension base='xenc:EncryptedType'>
- </extension>
- </complexContent>
- </complexType>
-
- <!-- Children of ds:KeyInfo -->
-
- <element name='EncryptedKey' type='xenc:EncryptedKeyType'/>
- <complexType name='EncryptedKeyType'>
- <complexContent>
- <extension base='xenc:EncryptedType'>
- <sequence>
- <element ref='xenc:ReferenceList' minOccurs='0'/>
- <element name='CarriedKeyName' type='string' minOccurs='0'/>
- </sequence>
- <attribute name='Recipient' type='string'
- use='optional'/>
- </extension>
- </complexContent>
- </complexType>
-
- <element name="AgreementMethod" type="xenc:AgreementMethodType"/>
- <complexType name="AgreementMethodType" mixed="true">
- <sequence>
- <element name="KA-Nonce" minOccurs="0" type="base64Binary"/>
- <!-- <element ref="ds:DigestMethod" minOccurs="0"/> -->
- <any namespace="##other" minOccurs="0" maxOccurs="unbounded"/>
- <element name="OriginatorKeyInfo" minOccurs="0" type="ds:KeyInfoType"/>
- <element name="RecipientKeyInfo" minOccurs="0" type="ds:KeyInfoType"/>
- </sequence>
- <attribute name="Algorithm" type="anyURI" use="required"/>
- </complexType>
-
- <!-- End Children of ds:KeyInfo -->
-
- <element name='ReferenceList'>
- <complexType>
- <choice minOccurs='1' maxOccurs='unbounded'>
- <element name='DataReference' type='xenc:ReferenceType'/>
- <element name='KeyReference' type='xenc:ReferenceType'/>
- </choice>
- </complexType>
- </element>
-
- <complexType name='ReferenceType'>
- <sequence>
- <any namespace='##other' minOccurs='0' maxOccurs='unbounded'/>
- </sequence>
- <attribute name='URI' type='anyURI' use='required'/>
- </complexType>
-
-
- <element name='EncryptionProperties' type='xenc:EncryptionPropertiesType'/>
- <complexType name='EncryptionPropertiesType'>
- <sequence>
- <element ref='xenc:EncryptionProperty' maxOccurs='unbounded'/>
- </sequence>
- <attribute name='Id' type='ID' use='optional'/>
- </complexType>
-
- <element name='EncryptionProperty' type='xenc:EncryptionPropertyType'/>
- <complexType name='EncryptionPropertyType' mixed='true'>
- <choice maxOccurs='unbounded'>
- <any namespace='##other' processContents='lax'/>
- </choice>
- <attribute name='Target' type='anyURI' use='optional'/>
- <attribute name='Id' type='ID' use='optional'/>
- <anyAttribute namespace="http://www.w3.org/XML/1998/namespace"/>
- </complexType>
-
-</schema>
-
diff --git a/schemas/xml.xsd b/schemas/xml.xsd
deleted file mode 100644
index aea7d0db0..000000000
--- a/schemas/xml.xsd
+++ /dev/null
@@ -1,287 +0,0 @@
-<?xml version='1.0'?>
-<?xml-stylesheet href="../2008/09/xsd.xsl" type="text/xsl"?>
-<xs:schema targetNamespace="http://www.w3.org/XML/1998/namespace"
- xmlns:xs="http://www.w3.org/2001/XMLSchema"
- xmlns ="http://www.w3.org/1999/xhtml"
- xml:lang="en">
-
- <xs:annotation>
- <xs:documentation>
- <div>
- <h1>About the XML namespace</h1>
-
- <div class="bodytext">
- <p>
- This schema document describes the XML namespace, in a form
- suitable for import by other schema documents.
- </p>
- <p>
- See <a href="http://www.w3.org/XML/1998/namespace.html">
- http://www.w3.org/XML/1998/namespace.html</a> and
- <a href="http://www.w3.org/TR/REC-xml">
- http://www.w3.org/TR/REC-xml</a> for information
- about this namespace.
- </p>
- <p>
- Note that local names in this namespace are intended to be
- defined only by the World Wide Web Consortium or its subgroups.
- The names currently defined in this namespace are listed below.
- They should not be used with conflicting semantics by any Working
- Group, specification, or document instance.
- </p>
- <p>
- See further below in this document for more information about <a
- href="#usage">how to refer to this schema document from your own
- XSD schema documents</a> and about <a href="#nsversioning">the
- namespace-versioning policy governing this schema document</a>.
- </p>
- </div>
- </div>
- </xs:documentation>
- </xs:annotation>
-
- <xs:attribute name="lang">
- <xs:annotation>
- <xs:documentation>
- <div>
-
- <h3>lang (as an attribute name)</h3>
- <p>
- denotes an attribute whose value
- is a language code for the natural language of the content of
- any element; its value is inherited. This name is reserved
- by virtue of its definition in the XML specification.</p>
-
- </div>
- <div>
- <h4>Notes</h4>
- <p>
- Attempting to install the relevant ISO 2- and 3-letter
- codes as the enumerated possible values is probably never
- going to be a realistic possibility.
- </p>
- <p>
- See BCP 47 at <a href="http://www.rfc-editor.org/rfc/bcp/bcp47.txt">
- http://www.rfc-editor.org/rfc/bcp/bcp47.txt</a>
- and the IANA language subtag registry at
- <a href="http://www.iana.org/assignments/language-subtag-registry">
- http://www.iana.org/assignments/language-subtag-registry</a>
- for further information.
- </p>
- <p>
- The union allows for the 'un-declaration' of xml:lang with
- the empty string.
- </p>
- </div>
- </xs:documentation>
- </xs:annotation>
- <xs:simpleType>
- <xs:union memberTypes="xs:language">
- <xs:simpleType>
- <xs:restriction base="xs:string">
- <xs:enumeration value=""/>
- </xs:restriction>
- </xs:simpleType>
- </xs:union>
- </xs:simpleType>
- </xs:attribute>
-
- <xs:attribute name="space">
- <xs:annotation>
- <xs:documentation>
- <div>
-
- <h3>space (as an attribute name)</h3>
- <p>
- denotes an attribute whose
- value is a keyword indicating what whitespace processing
- discipline is intended for the content of the element; its
- value is inherited. This name is reserved by virtue of its
- definition in the XML specification.</p>
-
- </div>
- </xs:documentation>
- </xs:annotation>
- <xs:simpleType>
- <xs:restriction base="xs:NCName">
- <xs:enumeration value="default"/>
- <xs:enumeration value="preserve"/>
- </xs:restriction>
- </xs:simpleType>
- </xs:attribute>
-
- <xs:attribute name="base" type="xs:anyURI"> <xs:annotation>
- <xs:documentation>
- <div>
-
- <h3>base (as an attribute name)</h3>
- <p>
- denotes an attribute whose value
- provides a URI to be used as the base for interpreting any
- relative URIs in the scope of the element on which it
- appears; its value is inherited. This name is reserved
- by virtue of its definition in the XML Base specification.</p>
-
- <p>
- See <a
- href="http://www.w3.org/TR/xmlbase/">http://www.w3.org/TR/xmlbase/</a>
- for information about this attribute.
- </p>
- </div>
- </xs:documentation>
- </xs:annotation>
- </xs:attribute>
-
- <xs:attribute name="id" type="xs:ID">
- <xs:annotation>
- <xs:documentation>
- <div>
-
- <h3>id (as an attribute name)</h3>
- <p>
- denotes an attribute whose value
- should be interpreted as if declared to be of type ID.
- This name is reserved by virtue of its definition in the
- xml:id specification.</p>
-
- <p>
- See <a
- href="http://www.w3.org/TR/xml-id/">http://www.w3.org/TR/xml-id/</a>
- for information about this attribute.
- </p>
- </div>
- </xs:documentation>
- </xs:annotation>
- </xs:attribute>
-
- <xs:attributeGroup name="specialAttrs">
- <xs:attribute ref="xml:base"/>
- <xs:attribute ref="xml:lang"/>
- <xs:attribute ref="xml:space"/>
- <xs:attribute ref="xml:id"/>
- </xs:attributeGroup>
-
- <xs:annotation>
- <xs:documentation>
- <div>
-
- <h3>Father (in any context at all)</h3>
-
- <div class="bodytext">
- <p>
- denotes Jon Bosak, the chair of
- the original XML Working Group. This name is reserved by
- the following decision of the W3C XML Plenary and
- XML Coordination groups:
- </p>
- <blockquote>
- <p>
- In appreciation for his vision, leadership and
- dedication the W3C XML Plenary on this 10th day of
- February, 2000, reserves for Jon Bosak in perpetuity
- the XML name "xml:Father".
- </p>
- </blockquote>
- </div>
- </div>
- </xs:documentation>
- </xs:annotation>
-
- <xs:annotation>
- <xs:documentation>
- <div xml:id="usage" id="usage">
- <h2><a name="usage">About this schema document</a></h2>
-
- <div class="bodytext">
- <p>
- This schema defines attributes and an attribute group suitable
- for use by schemas wishing to allow <code>xml:base</code>,
- <code>xml:lang</code>, <code>xml:space</code> or
- <code>xml:id</code> attributes on elements they define.
- </p>
- <p>
- To enable this, such a schema must import this schema for
- the XML namespace, e.g. as follows:
- </p>
- <pre>
- <schema . . .>
- . . .
- <import namespace="http://www.w3.org/XML/1998/namespace"
- schemaLocation="http://www.w3.org/2001/xml.xsd"/>
- </pre>
- <p>
- or
- </p>
- <pre>
- <import namespace="http://www.w3.org/XML/1998/namespace"
- schemaLocation="http://www.w3.org/2009/01/xml.xsd"/>
- </pre>
- <p>
- Subsequently, qualified reference to any of the attributes or the
- group defined below will have the desired effect, e.g.
- </p>
- <pre>
- <type . . .>
- . . .
- <attributeGroup ref="xml:specialAttrs"/>
- </pre>
- <p>
- will define a type which will schema-validate an instance element
- with any of those attributes.
- </p>
- </div>
- </div>
- </xs:documentation>
- </xs:annotation>
-
- <xs:annotation>
- <xs:documentation>
- <div id="nsversioning" xml:id="nsversioning">
- <h2><a name="nsversioning">Versioning policy for this schema document</a></h2>
- <div class="bodytext">
- <p>
- In keeping with the XML Schema WG's standard versioning
- policy, this schema document will persist at
- <a href="http://www.w3.org/2009/01/xml.xsd">
- http://www.w3.org/2009/01/xml.xsd</a>.
- </p>
- <p>
- At the date of issue it can also be found at
- <a href="http://www.w3.org/2001/xml.xsd">
- http://www.w3.org/2001/xml.xsd</a>.
- </p>
- <p>
- The schema document at that URI may however change in the future,
- in order to remain compatible with the latest version of XML
- Schema itself, or with the XML namespace itself. In other words,
- if the XML Schema or XML namespaces change, the version of this
- document at <a href="http://www.w3.org/2001/xml.xsd">
- http://www.w3.org/2001/xml.xsd
- </a>
- will change accordingly; the version at
- <a href="http://www.w3.org/2009/01/xml.xsd">
- http://www.w3.org/2009/01/xml.xsd
- </a>
- will not change.
- </p>
- <p>
- Previous dated (and unchanging) versions of this schema
- document are at:
- </p>
- <ul>
- <li><a href="http://www.w3.org/2009/01/xml.xsd">
- http://www.w3.org/2009/01/xml.xsd</a></li>
- <li><a href="http://www.w3.org/2007/08/xml.xsd">
- http://www.w3.org/2007/08/xml.xsd</a></li>
- <li><a href="http://www.w3.org/2004/10/xml.xsd">
- http://www.w3.org/2004/10/xml.xsd</a></li>
- <li><a href="http://www.w3.org/2001/03/xml.xsd">
- http://www.w3.org/2001/03/xml.xsd</a></li>
- </ul>
- </div>
- </div>
- </xs:documentation>
- </xs:annotation>
-
-</xs:schema>
-
diff --git a/schemas/xmldsig-core-schema.xsd b/schemas/xmldsig-core-schema.xsd
deleted file mode 100644
index df126b30e..000000000
--- a/schemas/xmldsig-core-schema.xsd
+++ /dev/null
@@ -1,318 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<!DOCTYPE schema
- PUBLIC "-//W3C//DTD XMLSchema 200102//EN" "http://www.w3.org/2001/XMLSchema.dtd"
- [
- <!ATTLIST schema
- xmlns:ds CDATA #FIXED "http://www.w3.org/2000/09/xmldsig#">
- <!ENTITY dsig 'http://www.w3.org/2000/09/xmldsig#'>
- <!ENTITY % p ''>
- <!ENTITY % s ''>
- ]>
-
-<!-- Schema for XML Signatures
- http://www.w3.org/2000/09/xmldsig#
- $Revision: 1.1 $ on $Date: 2002/02/08 20:32:26 $ by $Author: reagle $
-
- Copyright 2001 The Internet Society and W3C (Massachusetts Institute
- of Technology, Institut National de Recherche en Informatique et en
- Automatique, Keio University). All Rights Reserved.
- http://www.w3.org/Consortium/Legal/
-
- This document is governed by the W3C Software License [1] as described
- in the FAQ [2].
-
- [1] http://www.w3.org/Consortium/Legal/copyright-software-19980720
- [2] http://www.w3.org/Consortium/Legal/IPR-FAQ-20000620.html#DTD
--->
-
-
-<schema xmlns="http://www.w3.org/2001/XMLSchema"
- xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
- targetNamespace="http://www.w3.org/2000/09/xmldsig#"
- version="0.1" elementFormDefault="qualified">
-
-<!-- Basic Types Defined for Signatures -->
-
-<simpleType name="CryptoBinary">
- <restriction base="base64Binary">
- </restriction>
-</simpleType>
-
-<!-- Start Signature -->
-
-<element name="Signature" type="ds:SignatureType"/>
-<complexType name="SignatureType">
- <sequence>
- <element ref="ds:SignedInfo"/>
- <element ref="ds:SignatureValue"/>
- <element ref="ds:KeyInfo" minOccurs="0"/>
- <element ref="ds:Object" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- <attribute name="Id" type="ID" use="optional"/>
-</complexType>
-
- <element name="SignatureValue" type="ds:SignatureValueType"/>
- <complexType name="SignatureValueType">
- <simpleContent>
- <extension base="base64Binary">
- <attribute name="Id" type="ID" use="optional"/>
- </extension>
- </simpleContent>
- </complexType>
-
-<!-- Start SignedInfo -->
-
-<element name="SignedInfo" type="ds:SignedInfoType"/>
-<complexType name="SignedInfoType">
- <sequence>
- <element ref="ds:CanonicalizationMethod"/>
- <element ref="ds:SignatureMethod"/>
- <element ref="ds:Reference" maxOccurs="unbounded"/>
- </sequence>
- <attribute name="Id" type="ID" use="optional"/>
-</complexType>
-
- <element name="CanonicalizationMethod" type="ds:CanonicalizationMethodType"/>
- <complexType name="CanonicalizationMethodType" mixed="true">
- <sequence>
- <any namespace="##any" minOccurs="0" maxOccurs="unbounded"/>
- <!-- (0,unbounded) elements from (1,1) namespace -->
- </sequence>
- <attribute name="Algorithm" type="anyURI" use="required"/>
- </complexType>
-
- <element name="SignatureMethod" type="ds:SignatureMethodType"/>
- <complexType name="SignatureMethodType" mixed="true">
- <sequence>
- <element name="HMACOutputLength" minOccurs="0" type="ds:HMACOutputLengthType"/>
- <any namespace="##other" minOccurs="0" maxOccurs="unbounded"/>
- <!-- (0,unbounded) elements from (1,1) external namespace -->
- </sequence>
- <attribute name="Algorithm" type="anyURI" use="required"/>
- </complexType>
-
-<!-- Start Reference -->
-
-<element name="Reference" type="ds:ReferenceType"/>
-<complexType name="ReferenceType">
- <sequence>
- <element ref="ds:Transforms" minOccurs="0"/>
- <element ref="ds:DigestMethod"/>
- <element ref="ds:DigestValue"/>
- </sequence>
- <attribute name="Id" type="ID" use="optional"/>
- <attribute name="URI" type="anyURI" use="optional"/>
- <attribute name="Type" type="anyURI" use="optional"/>
-</complexType>
-
- <element name="Transforms" type="ds:TransformsType"/>
- <complexType name="TransformsType">
- <sequence>
- <element ref="ds:Transform" maxOccurs="unbounded"/>
- </sequence>
- </complexType>
-
- <element name="Transform" type="ds:TransformType"/>
- <complexType name="TransformType" mixed="true">
- <choice minOccurs="0" maxOccurs="unbounded">
- <any namespace="##other" processContents="lax"/>
- <!-- (1,1) elements from (0,unbounded) namespaces -->
- <element name="XPath" type="string"/>
- </choice>
- <attribute name="Algorithm" type="anyURI" use="required"/>
- </complexType>
-
-<!-- End Reference -->
-
-<element name="DigestMethod" type="ds:DigestMethodType"/>
-<complexType name="DigestMethodType" mixed="true">
- <sequence>
- <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- <attribute name="Algorithm" type="anyURI" use="required"/>
-</complexType>
-
-<element name="DigestValue" type="ds:DigestValueType"/>
-<simpleType name="DigestValueType">
- <restriction base="base64Binary"/>
-</simpleType>
-
-<!-- End SignedInfo -->
-
-<!-- Start KeyInfo -->
-
-<element name="KeyInfo" type="ds:KeyInfoType"/>
-<complexType name="KeyInfoType" mixed="true">
- <choice maxOccurs="unbounded">
- <element ref="ds:KeyName"/>
- <element ref="ds:KeyValue"/>
- <element ref="ds:RetrievalMethod"/>
- <element ref="ds:X509Data"/>
- <element ref="ds:PGPData"/>
- <element ref="ds:SPKIData"/>
- <element ref="ds:MgmtData"/>
- <any processContents="lax" namespace="##other"/>
- <!-- (1,1) elements from (0,unbounded) namespaces -->
- </choice>
- <attribute name="Id" type="ID" use="optional"/>
-</complexType>
-
- <element name="KeyName" type="string"/>
- <element name="MgmtData" type="string"/>
-
- <element name="KeyValue" type="ds:KeyValueType"/>
- <complexType name="KeyValueType" mixed="true">
- <choice>
- <element ref="ds:DSAKeyValue"/>
- <element ref="ds:RSAKeyValue"/>
- <any namespace="##other" processContents="lax"/>
- </choice>
- </complexType>
-
- <element name="RetrievalMethod" type="ds:RetrievalMethodType"/>
- <complexType name="RetrievalMethodType">
- <sequence>
- <element ref="ds:Transforms" minOccurs="0"/>
- </sequence>
- <attribute name="URI" type="anyURI"/>
- <attribute name="Type" type="anyURI" use="optional"/>
- </complexType>
-
-<!-- Start X509Data -->
-
-<element name="X509Data" type="ds:X509DataType"/>
-<complexType name="X509DataType">
- <sequence maxOccurs="unbounded">
- <choice>
- <element name="X509IssuerSerial" type="ds:X509IssuerSerialType"/>
- <element name="X509SKI" type="base64Binary"/>
- <element name="X509SubjectName" type="string"/>
- <element name="X509Certificate" type="base64Binary"/>
- <element name="X509CRL" type="base64Binary"/>
- <any namespace="##other" processContents="lax"/>
- </choice>
- </sequence>
-</complexType>
-
-<complexType name="X509IssuerSerialType">
- <sequence>
- <element name="X509IssuerName" type="string"/>
- <element name="X509SerialNumber" type="integer"/>
- </sequence>
-</complexType>
-
-<!-- End X509Data -->
-
-<!-- Begin PGPData -->
-
-<element name="PGPData" type="ds:PGPDataType"/>
-<complexType name="PGPDataType">
- <choice>
- <sequence>
- <element name="PGPKeyID" type="base64Binary"/>
- <element name="PGPKeyPacket" type="base64Binary" minOccurs="0"/>
- <any namespace="##other" processContents="lax" minOccurs="0"
- maxOccurs="unbounded"/>
- </sequence>
- <sequence>
- <element name="PGPKeyPacket" type="base64Binary"/>
- <any namespace="##other" processContents="lax" minOccurs="0"
- maxOccurs="unbounded"/>
- </sequence>
- </choice>
-</complexType>
-
-<!-- End PGPData -->
-
-<!-- Begin SPKIData -->
-
-<element name="SPKIData" type="ds:SPKIDataType"/>
-<complexType name="SPKIDataType">
- <sequence maxOccurs="unbounded">
- <element name="SPKISexp" type="base64Binary"/>
- <any namespace="##other" processContents="lax" minOccurs="0"/>
- </sequence>
-</complexType>
-
-<!-- End SPKIData -->
-
-<!-- End KeyInfo -->
-
-<!-- Start Object (Manifest, SignatureProperty) -->
-
-<element name="Object" type="ds:ObjectType"/>
-<complexType name="ObjectType" mixed="true">
- <sequence minOccurs="0" maxOccurs="unbounded">
- <any namespace="##any" processContents="lax"/>
- </sequence>
- <attribute name="Id" type="ID" use="optional"/>
- <attribute name="MimeType" type="string" use="optional"/> <!-- add a grep facet -->
- <attribute name="Encoding" type="anyURI" use="optional"/>
-</complexType>
-
-<element name="Manifest" type="ds:ManifestType"/>
-<complexType name="ManifestType">
- <sequence>
- <element ref="ds:Reference" maxOccurs="unbounded"/>
- </sequence>
- <attribute name="Id" type="ID" use="optional"/>
-</complexType>
-
-<element name="SignatureProperties" type="ds:SignaturePropertiesType"/>
-<complexType name="SignaturePropertiesType">
- <sequence>
- <element ref="ds:SignatureProperty" maxOccurs="unbounded"/>
- </sequence>
- <attribute name="Id" type="ID" use="optional"/>
-</complexType>
-
- <element name="SignatureProperty" type="ds:SignaturePropertyType"/>
- <complexType name="SignaturePropertyType" mixed="true">
- <choice maxOccurs="unbounded">
- <any namespace="##other" processContents="lax"/>
- <!-- (1,1) elements from (1,unbounded) namespaces -->
- </choice>
- <attribute name="Target" type="anyURI" use="required"/>
- <attribute name="Id" type="ID" use="optional"/>
- </complexType>
-
-<!-- End Object (Manifest, SignatureProperty) -->
-
-<!-- Start Algorithm Parameters -->
-
-<simpleType name="HMACOutputLengthType">
- <restriction base="integer"/>
-</simpleType>
-
-<!-- Start KeyValue Element-types -->
-
-<element name="DSAKeyValue" type="ds:DSAKeyValueType"/>
-<complexType name="DSAKeyValueType">
- <sequence>
- <sequence minOccurs="0">
- <element name="P" type="ds:CryptoBinary"/>
- <element name="Q" type="ds:CryptoBinary"/>
- </sequence>
- <element name="G" type="ds:CryptoBinary" minOccurs="0"/>
- <element name="Y" type="ds:CryptoBinary"/>
- <element name="J" type="ds:CryptoBinary" minOccurs="0"/>
- <sequence minOccurs="0">
- <element name="Seed" type="ds:CryptoBinary"/>
- <element name="PgenCounter" type="ds:CryptoBinary"/>
- </sequence>
- </sequence>
-</complexType>
-
-<element name="RSAKeyValue" type="ds:RSAKeyValueType"/>
-<complexType name="RSAKeyValueType">
- <sequence>
- <element name="Modulus" type="ds:CryptoBinary"/>
- <element name="Exponent" type="ds:CryptoBinary"/>
- </sequence>
-</complexType>
-
-<!-- End KeyValue Element-types -->
-
-<!-- End Signature -->
-
-</schema>
--
GitLab