OASIS eXtensible Access Control Markup Language (XACML) TC

 View Only

Re: [xacml] Typos in the SAML profile schema

  • 1.  Re: [xacml] Typos in the SAML profile schema

    Posted 02-15-2005 07:48
     MHonArc v2.5.0b2 -->
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    

    xacml message

    [Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


    Subject: Re: [xacml] Typos in the SAML profile schema


    On Mon, 2005-02-14 at 11:30 -0500, Anne Anderson wrote: 
    > Erik,
    > 
    > Attached are revised versions of the XACML SAML profile schemas that I
    > think incorporate all the necessary corrections for the errors that you
    > found.
    > 
    > Could you please take the time to review these and get a quick "OK" or
    > not back to me?
    > 
    > Thanks,
    > Anne Anderson
    
    My application does not use the protocol schema, so I have not tested
    it, but I tried the assertion schema.
    
    The parser I am using (Xerces) does not like the schema location for the
    SAML schemas. I get the following error:
    
    org.xml.sax.SAXParseException: The declaration for the entity
    "ContentType" must end with '>'.
    
    When I changed the locations from 
    
      <xs:import namespace="urn:oasis:names:tc:SAML:2.0:assertion"
          schemaLocation="http://www.oasis-open.org/committees/tc_home.php?
    wg_abbrev=security"/>
      <xs:import namespace="urn:oasis:names:tc:SAML:2.0:protocol"
          schemaLocation="http://www.oasis-open.org/committees/tc_home.php?
    wg_abbrev=security"/>
    
    to
    
      <xs:import namespace="urn:oasis:names:tc:SAML:2.0:assertion"
          schemaLocation="http://www.oasis-
    open.org/committees/download.php/11027/sstc-saml-schema-
    assertion-2.0.xsd"/>
      <xs:import namespace="urn:oasis:names:tc:SAML:2.0:protocol"
          schemaLocation="http://www.oasis-
    open.org/committees/download.php/11026/sstc-saml-schema-
    protocol-2.0.xsd"/>
    
    the error went away.
    
    It also seems like the XACML 2.0 "-os.xsd" schema files are not up at
    the oasis web site yet, so the parser could not load them. I tried with
    the cd:04 schema instead which worked fine.
    
    Just a small note: The samlp namespace prefix is not used in the
    assertion schema, so it could be removed.
    
    The schema seem ok for me now.
    
    Just one final caveat: I still use XACML 1.1, so to test my application
    I have to change the references to the XACML 2.0 schemas to XACML 1.0. I
    have not run anything with real XACML 2.0 data, but I doubt there are
    any more errors since running the schemas you posted, with the above
    corrections, gives no errors except the conflict between XACML 1.0 and
    2.0.
    
    /Erik
    
    
    


    [Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]