[507] | 1 | <?xml version="1.0" encoding="UTF-8"?>
|
---|
| 2 | <xs:schema targetNamespace="urn:oasis:names:tc:xacml:2.0:context:schema:os" xmlns:xacml="urn:oasis:names:tc:xacml:2.0:policy:schema:os" xmlns:xacml-context="urn:oasis:names:tc:xacml:2.0:context:schema:os" xmlns:xs="http://www.w3.org/2001/XMLSchema" elementFormDefault="qualified" attributeFormDefault="unqualified">
|
---|
| 3 | <xs:import namespace="urn:oasis:names:tc:xacml:2.0:policy:schema:os" schemaLocation="access_control-xacml-2.0-policy-schema-os.xsd"/>
|
---|
| 4 | <!-- -->
|
---|
| 5 | <xs:element name="Request" type="xacml-context:RequestType"/>
|
---|
| 6 | <xs:complexType name="RequestType">
|
---|
| 7 | <xs:sequence>
|
---|
| 8 | <xs:element ref="xacml-context:Subject" maxOccurs="unbounded"/>
|
---|
| 9 | <xs:element ref="xacml-context:Resource" maxOccurs="unbounded"/>
|
---|
| 10 | <xs:element ref="xacml-context:Action"/>
|
---|
| 11 | <xs:element ref="xacml-context:Environment"/>
|
---|
| 12 | </xs:sequence>
|
---|
| 13 | </xs:complexType>
|
---|
| 14 | <!-- -->
|
---|
| 15 | <xs:element name="Response" type="xacml-context:ResponseType"/>
|
---|
| 16 | <xs:complexType name="ResponseType">
|
---|
| 17 | <xs:sequence>
|
---|
| 18 | <xs:element ref="xacml-context:Result" maxOccurs="unbounded"/>
|
---|
| 19 | </xs:sequence>
|
---|
| 20 | </xs:complexType>
|
---|
| 21 | <!-- -->
|
---|
| 22 | <xs:element name="Subject" type="xacml-context:SubjectType"/>
|
---|
| 23 | <xs:complexType name="SubjectType">
|
---|
| 24 | <xs:sequence>
|
---|
| 25 | <xs:element ref="xacml-context:Attribute" minOccurs="0" maxOccurs="unbounded"/>
|
---|
| 26 | </xs:sequence>
|
---|
| 27 | <xs:attribute name="SubjectCategory" type="xs:anyURI" default="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject"/>
|
---|
| 28 | </xs:complexType>
|
---|
| 29 | <!-- -->
|
---|
| 30 | <xs:element name="Resource" type="xacml-context:ResourceType"/>
|
---|
| 31 | <xs:complexType name="ResourceType">
|
---|
| 32 | <xs:sequence>
|
---|
| 33 | <xs:element ref="xacml-context:ResourceContent" minOccurs="0"/>
|
---|
| 34 | <xs:element ref="xacml-context:Attribute" minOccurs="0" maxOccurs="unbounded"/>
|
---|
| 35 | </xs:sequence>
|
---|
| 36 | </xs:complexType>
|
---|
| 37 | <!-- -->
|
---|
| 38 | <xs:element name="ResourceContent" type="xacml-context:ResourceContentType"/>
|
---|
| 39 | <xs:complexType name="ResourceContentType" mixed="true">
|
---|
| 40 | <xs:sequence>
|
---|
| 41 | <xs:any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
|
---|
| 42 | </xs:sequence>
|
---|
| 43 | <xs:anyAttribute namespace="##any" processContents="lax"/>
|
---|
| 44 | </xs:complexType>
|
---|
| 45 | <!-- -->
|
---|
| 46 | <xs:element name="Action" type="xacml-context:ActionType"/>
|
---|
| 47 | <xs:complexType name="ActionType">
|
---|
| 48 | <xs:sequence>
|
---|
| 49 | <xs:element ref="xacml-context:Attribute" minOccurs="0" maxOccurs="unbounded"/>
|
---|
| 50 | </xs:sequence>
|
---|
| 51 | </xs:complexType>
|
---|
| 52 | <!-- -->
|
---|
| 53 | <xs:element name="Environment" type="xacml-context:EnvironmentType"/>
|
---|
| 54 | <xs:complexType name="EnvironmentType">
|
---|
| 55 | <xs:sequence>
|
---|
| 56 | <xs:element ref="xacml-context:Attribute" minOccurs="0" maxOccurs="unbounded"/>
|
---|
| 57 | </xs:sequence>
|
---|
| 58 | </xs:complexType>
|
---|
| 59 | <!-- -->
|
---|
| 60 | <xs:element name="Attribute" type="xacml-context:AttributeType"/>
|
---|
| 61 | <xs:complexType name="AttributeType">
|
---|
| 62 | <xs:sequence>
|
---|
| 63 | <xs:element ref="xacml-context:AttributeValue" maxOccurs="unbounded"/>
|
---|
| 64 | </xs:sequence>
|
---|
| 65 | <xs:attribute name="AttributeId" type="xs:anyURI" use="required"/>
|
---|
| 66 | <xs:attribute name="DataType" type="xs:anyURI" use="required"/>
|
---|
| 67 | <xs:attribute name="Issuer" type="xs:string" use="optional"/>
|
---|
| 68 | </xs:complexType>
|
---|
| 69 | <!-- -->
|
---|
| 70 | <xs:element name="AttributeValue" type="xacml-context:AttributeValueType"/>
|
---|
| 71 | <xs:complexType name="AttributeValueType" mixed="true">
|
---|
| 72 | <xs:sequence>
|
---|
| 73 | <xs:any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
|
---|
| 74 | </xs:sequence>
|
---|
| 75 | <xs:anyAttribute namespace="##any" processContents="lax"/>
|
---|
| 76 | </xs:complexType>
|
---|
| 77 | <!-- -->
|
---|
| 78 | <xs:element name="Result" type="xacml-context:ResultType"/>
|
---|
| 79 | <xs:complexType name="ResultType">
|
---|
| 80 | <xs:sequence>
|
---|
| 81 | <xs:element ref="xacml-context:Decision"/>
|
---|
| 82 | <xs:element ref="xacml-context:Status" minOccurs="0"/>
|
---|
| 83 | <xs:element ref="xacml:Obligations" minOccurs="0"/>
|
---|
| 84 | </xs:sequence>
|
---|
| 85 | <xs:attribute name="ResourceId" type="xs:string" use="optional"/>
|
---|
| 86 | </xs:complexType>
|
---|
| 87 | <!-- -->
|
---|
| 88 | <xs:element name="Decision" type="xacml-context:DecisionType"/>
|
---|
| 89 | <xs:simpleType name="DecisionType">
|
---|
| 90 | <xs:restriction base="xs:string">
|
---|
| 91 | <xs:enumeration value="Permit"/>
|
---|
| 92 | <xs:enumeration value="Deny"/>
|
---|
| 93 | <xs:enumeration value="Indeterminate"/>
|
---|
| 94 | <xs:enumeration value="NotApplicable"/>
|
---|
| 95 | </xs:restriction>
|
---|
| 96 | </xs:simpleType>
|
---|
| 97 | <!-- -->
|
---|
| 98 | <xs:element name="Status" type="xacml-context:StatusType"/>
|
---|
| 99 | <xs:complexType name="StatusType">
|
---|
| 100 | <xs:sequence>
|
---|
| 101 | <xs:element ref="xacml-context:StatusCode"/>
|
---|
| 102 | <xs:element ref="xacml-context:StatusMessage" minOccurs="0"/>
|
---|
| 103 | <xs:element ref="xacml-context:StatusDetail" minOccurs="0"/>
|
---|
| 104 | </xs:sequence>
|
---|
| 105 | </xs:complexType>
|
---|
| 106 | <!-- -->
|
---|
| 107 | <xs:element name="StatusCode" type="xacml-context:StatusCodeType"/>
|
---|
| 108 | <xs:complexType name="StatusCodeType">
|
---|
| 109 | <xs:sequence>
|
---|
| 110 | <xs:element ref="xacml-context:StatusCode" minOccurs="0"/>
|
---|
| 111 | </xs:sequence>
|
---|
| 112 | <xs:attribute name="Value" type="xs:anyURI" use="required"/>
|
---|
| 113 | </xs:complexType>
|
---|
| 114 | <!-- -->
|
---|
| 115 | <xs:element name="StatusMessage" type="xs:string"/>
|
---|
| 116 | <!-- -->
|
---|
| 117 | <xs:element name="StatusDetail" type="xacml-context:StatusDetailType"/>
|
---|
| 118 | <xs:complexType name="StatusDetailType">
|
---|
| 119 | <xs:sequence>
|
---|
| 120 | <xs:any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
|
---|
| 121 | </xs:sequence>
|
---|
| 122 | </xs:complexType>
|
---|
| 123 | <!-- -->
|
---|
| 124 | <xs:element name="MissingAttributeDetail" type="xacml-context:MissingAttributeDetailType"/>
|
---|
| 125 | <xs:complexType name="MissingAttributeDetailType">
|
---|
| 126 | <xs:sequence>
|
---|
| 127 | <xs:element ref="xacml-context:AttributeValue" minOccurs="0" maxOccurs="unbounded"/>
|
---|
| 128 | </xs:sequence>
|
---|
| 129 | <xs:attribute name="AttributeId" type="xs:anyURI" use="required"/>
|
---|
| 130 | <xs:attribute name="DataType" type="xs:anyURI" use="required"/>
|
---|
| 131 | <xs:attribute name="Issuer" type="xs:string" use="optional"/>
|
---|
| 132 | </xs:complexType>
|
---|
| 133 | <!-- -->
|
---|
| 134 | </xs:schema>
|
---|