Anne Anderson
Anne.Anderson@Sun.COM Internet Security Research Group, Sun Labs Sun Microsystems, Inc., Burlington, MA --- Begin Message --- From : Anne Anderson <
aha@ieee.org> To :
Anne.Anderson@sun.com Date : Wed, 31 Jul 2002 20:39:41 -0400 () <?xml version="1.0" encoding="UTF-8"?> <xs:schema targetNamespace="urn:oasis:names:tc:xacml:0.16d:context" xmlns:xacml="urn:oasis:names:tc:xacml:0.16d:policy" xmlns:xacml-context="urn:oasis:names:tc:xacml:0.16d:context" xmlns:identifier="urn:oasis:names:tc:xacml:identifier" xmlns:xs="
http://www.w3.org/2001/XMLSchema" ; elementFormDefault="qualified" attributeFormDefault="unqualified"> <xs:import namespace="urn:oasis:names:tc:xacml:0.16d:policy" schemaLocation="draft-xacml-schema-policy-16d.xsd"/> <!-- --> <xs:element name="Request" type="xacml-context:RequestType"/> <xs:complexType name="RequestType"> <xs:sequence> <xs:element ref="xacml-context:Subject" maxOccurs="unbounded"/> <xs:element ref="xacml-context:Resource"/> <xs:element ref="xacml-context:Action"/> <xs:element ref="xacml-context:Environment" minOccurs="0"/> </xs:sequence> </xs:complexType> <!-- --> <xs:element name="Response" type="xacml-context:ResponseType"/> <xs:complexType name="ResponseType"> <xs:sequence> <xs:element ref="xacml-context:Result" maxOccurs="unbounded"/> </xs:sequence> </xs:complexType> <!-- --> <xs:element name="Subject" type="xacml-context:SubjectType"/> <xs:complexType name="SubjectType"> <xs:sequence> <xs:element ref="xacml-context:Attribute" minOccurs="0" maxOccurs="unbounded"/> </xs:sequence> <xs:attribute name="SubjectCategory" type="xs:anyURI" use="required"/> </xs:complexType> <!-- --> <xs:element name="Resource" type="xacml-context:ResourceType"/> <xs:complexType name="ResourceType"> <xs:sequence> <xs:element ref="xacml-context:ResourceContent" minOccurs="0"/> <xs:element ref="xacml-context:Attribute" minOccurs="0" maxOccurs="unbounded"/> </xs:sequence> </xs:complexType> <!-- --> <xs:element name="ResourceContent" type="xacml-context:ResourceContentType"/> <xs:complexType name="ResourceContentType"> <xs:sequence> <xs:any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/> </xs:sequence> <xs:anyAttribute namespace="##any" processContents="lax"/> </xs:complexType> <!-- --> <xs:element name="Action" type="xacml-context:ActionType"/> <xs:complexType name="ActionType"> <xs:sequence> <xs:element ref="xacml-context:Attribute" minOccurs="0" maxOccurs="unbounded"/> </xs:sequence> </xs:complexType> <!-- --> <xs:element name="Environment" type="xacml-context:EnvironmentType"/> <xs:complexType name="EnvironmentType"> <xs:sequence> <xs:element ref="xacml-context:Attribute" minOccurs="0" maxOccurs="unbounded"/> </xs:sequence> </xs:complexType> <!-- --> <xs:element name="Attribute" type="xacml-context:AttributeType"/> <xs:complexType name="AttributeType"> <xs:sequence> <xs:element ref="xacml-context:AttributeValue" minOccurs="0" maxOccurs="unbounded"/> </xs:sequence> <xs:attribute name="AttributeId" type="xs:anyURI" use="required"/> <xs:attribute name="Issuer" type="xs:anyURI" use="required"/> <xs:attribute name="IssueInstant" type="xs:dateTime" use="optional"/> </xs:complexType> <!-- --> <xs:element name="AttributeValue" type="xs:anyType"/> <!-- --> <xs:element name="Result" type="xacml-context:ResultType"/> <xs:complexType name="ResultType"> <xs:sequence> <xs:element ref="xacml-context:Decision"/> <xs:element ref="xacml-context:Status" minOccurs="0"/> <xs:element name="Obligations" type="xacml:ObligationsType" minOccurs="0"/> </xs:sequence> <!-- xs:attribute ref="xacmlContext:ResourceId" use="optional"/ --> </xs:complexType> <!-- --> <xs:element name="Decision" type="xacml-context:DecisionType"/> <xs:simpleType name="DecisionType"> <xs:restriction base="xs:string"> <xs:enumeration value="Permit"/> <xs:enumeration value="Deny"/> <xs:enumeration value="Indeterminate"/> <xs:enumeration value="NotApplicable"/> </xs:restriction> </xs:simpleType> <!-- --> <xs:element name="Status" type="xacml-context:StatusType"/> <xs:complexType name="StatusType"> <xs:sequence> <xs:element ref="xacml-context:StatusCode"/> <xs:element ref="xacml-context:StatusMessage" minOccurs="0"/> <xs:element ref="xacml-context:StatusDetail" minOccurs="0"/> </xs:sequence> </xs:complexType> <!-- --> <xs:element name="StatusCode" type="xacml-context:StatusCodeType"/> <xs:complexType name="StatusCodeType"> <xs:sequence> <xs:element ref="xacml-context:StatusCode" minOccurs="0"/> </xs:sequence> <xs:attribute name="Value" type="xs:QName" use="required"/> </xs:complexType> <!-- --> <xs:element name="StatusMessage" type="xs:string"/> <!-- --> <xs:element name="StatusDetail" type="xacml-context:StatusDetailType"/> <xs:complexType name="StatusDetailType"> <xs:sequence> <xs:any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/> </xs:sequence> </xs:complexType> </xs:schema> --- End Message ---