1 | <?xml version="1.0" encoding="UTF-8"?>
|
---|
2 | <xs:schema targetNamespace="urn:oasis:names:tc:xacml:2.0:context:schema:os" xmlns:xacml="urn:oasis:names:tc:xacml:2.0:policy:schema:os" xmlns:xacml-context="urn:oasis:names:tc:xacml:2.0:context:schema:os" xmlns:xs="http://www.w3.org/2001/XMLSchema" elementFormDefault="qualified" attributeFormDefault="unqualified">
|
---|
3 | <xs:import namespace="urn:oasis:names:tc:xacml:2.0:policy:schema:os" schemaLocation="access_control-xacml-2.0-policy-schema-os.xsd"/>
|
---|
4 | <!-- -->
|
---|
5 | <xs:element name="Request" type="xacml-context:RequestType"/>
|
---|
6 | <xs:complexType name="RequestType">
|
---|
7 | <xs:sequence>
|
---|
8 | <xs:element ref="xacml-context:Subject" maxOccurs="unbounded"/>
|
---|
9 | <xs:element ref="xacml-context:Resource" maxOccurs="unbounded"/>
|
---|
10 | <xs:element ref="xacml-context:Action"/>
|
---|
11 | <xs:element ref="xacml-context:Environment"/>
|
---|
12 | </xs:sequence>
|
---|
13 | </xs:complexType>
|
---|
14 | <!-- -->
|
---|
15 | <xs:element name="Response" type="xacml-context:ResponseType"/>
|
---|
16 | <xs:complexType name="ResponseType">
|
---|
17 | <xs:sequence>
|
---|
18 | <xs:element ref="xacml-context:Result" maxOccurs="unbounded"/>
|
---|
19 | </xs:sequence>
|
---|
20 | </xs:complexType>
|
---|
21 | <!-- -->
|
---|
22 | <xs:element name="Subject" type="xacml-context:SubjectType"/>
|
---|
23 | <xs:complexType name="SubjectType">
|
---|
24 | <xs:sequence>
|
---|
25 | <xs:element ref="xacml-context:Attribute" minOccurs="0" maxOccurs="unbounded"/>
|
---|
26 | </xs:sequence>
|
---|
27 | <xs:attribute name="SubjectCategory" type="xs:anyURI" default="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject"/>
|
---|
28 | </xs:complexType>
|
---|
29 | <!-- -->
|
---|
30 | <xs:element name="Resource" type="xacml-context:ResourceType"/>
|
---|
31 | <xs:complexType name="ResourceType">
|
---|
32 | <xs:sequence>
|
---|
33 | <xs:element ref="xacml-context:ResourceContent" minOccurs="0"/>
|
---|
34 | <xs:element ref="xacml-context:Attribute" minOccurs="0" maxOccurs="unbounded"/>
|
---|
35 | </xs:sequence>
|
---|
36 | </xs:complexType>
|
---|
37 | <!-- -->
|
---|
38 | <xs:element name="ResourceContent" type="xacml-context:ResourceContentType"/>
|
---|
39 | <xs:complexType name="ResourceContentType" mixed="true">
|
---|
40 | <xs:sequence>
|
---|
41 | <xs:any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
|
---|
42 | </xs:sequence>
|
---|
43 | <xs:anyAttribute namespace="##any" processContents="lax"/>
|
---|
44 | </xs:complexType>
|
---|
45 | <!-- -->
|
---|
46 | <xs:element name="Action" type="xacml-context:ActionType"/>
|
---|
47 | <xs:complexType name="ActionType">
|
---|
48 | <xs:sequence>
|
---|
49 | <xs:element ref="xacml-context:Attribute" minOccurs="0" maxOccurs="unbounded"/>
|
---|
50 | </xs:sequence>
|
---|
51 | </xs:complexType>
|
---|
52 | <!-- -->
|
---|
53 | <xs:element name="Environment" type="xacml-context:EnvironmentType"/>
|
---|
54 | <xs:complexType name="EnvironmentType">
|
---|
55 | <xs:sequence>
|
---|
56 | <xs:element ref="xacml-context:Attribute" minOccurs="0" maxOccurs="unbounded"/>
|
---|
57 | </xs:sequence>
|
---|
58 | </xs:complexType>
|
---|
59 | <!-- -->
|
---|
60 | <xs:element name="Attribute" type="xacml-context:AttributeType"/>
|
---|
61 | <xs:complexType name="AttributeType">
|
---|
62 | <xs:sequence>
|
---|
63 | <xs:element ref="xacml-context:AttributeValue" maxOccurs="unbounded"/>
|
---|
64 | </xs:sequence>
|
---|
65 | <xs:attribute name="AttributeId" type="xs:anyURI" use="required"/>
|
---|
66 | <xs:attribute name="DataType" type="xs:anyURI" use="required"/>
|
---|
67 | <xs:attribute name="Issuer" type="xs:string" use="optional"/>
|
---|
68 | </xs:complexType>
|
---|
69 | <!-- -->
|
---|
70 | <xs:element name="AttributeValue" type="xacml-context:AttributeValueType"/>
|
---|
71 | <xs:complexType name="AttributeValueType" mixed="true">
|
---|
72 | <xs:sequence>
|
---|
73 | <xs:any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
|
---|
74 | </xs:sequence>
|
---|
75 | <xs:anyAttribute namespace="##any" processContents="lax"/>
|
---|
76 | </xs:complexType>
|
---|
77 | <!-- -->
|
---|
78 | <xs:element name="Result" type="xacml-context:ResultType"/>
|
---|
79 | <xs:complexType name="ResultType">
|
---|
80 | <xs:sequence>
|
---|
81 | <xs:element ref="xacml-context:Decision"/>
|
---|
82 | <xs:element ref="xacml-context:Status" minOccurs="0"/>
|
---|
83 | <xs:element ref="xacml:Obligations" minOccurs="0"/>
|
---|
84 | </xs:sequence>
|
---|
85 | <xs:attribute name="ResourceId" type="xs:string" use="optional"/>
|
---|
86 | </xs:complexType>
|
---|
87 | <!-- -->
|
---|
88 | <xs:element name="Decision" type="xacml-context:DecisionType"/>
|
---|
89 | <xs:simpleType name="DecisionType">
|
---|
90 | <xs:restriction base="xs:string">
|
---|
91 | <xs:enumeration value="Permit"/>
|
---|
92 | <xs:enumeration value="Deny"/>
|
---|
93 | <xs:enumeration value="Indeterminate"/>
|
---|
94 | <xs:enumeration value="NotApplicable"/>
|
---|
95 | </xs:restriction>
|
---|
96 | </xs:simpleType>
|
---|
97 | <!-- -->
|
---|
98 | <xs:element name="Status" type="xacml-context:StatusType"/>
|
---|
99 | <xs:complexType name="StatusType">
|
---|
100 | <xs:sequence>
|
---|
101 | <xs:element ref="xacml-context:StatusCode"/>
|
---|
102 | <xs:element ref="xacml-context:StatusMessage" minOccurs="0"/>
|
---|
103 | <xs:element ref="xacml-context:StatusDetail" minOccurs="0"/>
|
---|
104 | </xs:sequence>
|
---|
105 | </xs:complexType>
|
---|
106 | <!-- -->
|
---|
107 | <xs:element name="StatusCode" type="xacml-context:StatusCodeType"/>
|
---|
108 | <xs:complexType name="StatusCodeType">
|
---|
109 | <xs:sequence>
|
---|
110 | <xs:element ref="xacml-context:StatusCode" minOccurs="0"/>
|
---|
111 | </xs:sequence>
|
---|
112 | <xs:attribute name="Value" type="xs:anyURI" use="required"/>
|
---|
113 | </xs:complexType>
|
---|
114 | <!-- -->
|
---|
115 | <xs:element name="StatusMessage" type="xs:string"/>
|
---|
116 | <!-- -->
|
---|
117 | <xs:element name="StatusDetail" type="xacml-context:StatusDetailType"/>
|
---|
118 | <xs:complexType name="StatusDetailType">
|
---|
119 | <xs:sequence>
|
---|
120 | <xs:any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
|
---|
121 | </xs:sequence>
|
---|
122 | </xs:complexType>
|
---|
123 | <!-- -->
|
---|
124 | <xs:element name="MissingAttributeDetail" type="xacml-context:MissingAttributeDetailType"/>
|
---|
125 | <xs:complexType name="MissingAttributeDetailType">
|
---|
126 | <xs:sequence>
|
---|
127 | <xs:element ref="xacml-context:AttributeValue" minOccurs="0" maxOccurs="unbounded"/>
|
---|
128 | </xs:sequence>
|
---|
129 | <xs:attribute name="AttributeId" type="xs:anyURI" use="required"/>
|
---|
130 | <xs:attribute name="DataType" type="xs:anyURI" use="required"/>
|
---|
131 | <xs:attribute name="Issuer" type="xs:string" use="optional"/>
|
---|
132 | </xs:complexType>
|
---|
133 | <!-- -->
|
---|
134 | </xs:schema>
|
---|