MHonArc v2.5.0b2 -->
xacml message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]
Subject: Re: [xacml] Typos in the SAML profile schema
On Mon, 2005-02-14 at 11:30 -0500, Anne Anderson wrote:
> Erik,
>
> Attached are revised versions of the XACML SAML profile schemas that I
> think incorporate all the necessary corrections for the errors that you
> found.
>
> Could you please take the time to review these and get a quick "OK" or
> not back to me?
>
> Thanks,
> Anne Anderson
My application does not use the protocol schema, so I have not tested
it, but I tried the assertion schema.
The parser I am using (Xerces) does not like the schema location for the
SAML schemas. I get the following error:
org.xml.sax.SAXParseException: The declaration for the entity
"ContentType" must end with '>'.
When I changed the locations from
<xs:import namespace="urn:oasis:names:tc:SAML:2.0:assertion"
schemaLocation="http://www.oasis-open.org/committees/tc_home.php?
wg_abbrev=security"/>
<xs:import namespace="urn:oasis:names:tc:SAML:2.0:protocol"
schemaLocation="http://www.oasis-open.org/committees/tc_home.php?
wg_abbrev=security"/>
to
<xs:import namespace="urn:oasis:names:tc:SAML:2.0:assertion"
schemaLocation="http://www.oasis-
open.org/committees/download.php/11027/sstc-saml-schema-
assertion-2.0.xsd"/>
<xs:import namespace="urn:oasis:names:tc:SAML:2.0:protocol"
schemaLocation="http://www.oasis-
open.org/committees/download.php/11026/sstc-saml-schema-
protocol-2.0.xsd"/>
the error went away.
It also seems like the XACML 2.0 "-os.xsd" schema files are not up at
the oasis web site yet, so the parser could not load them. I tried with
the cd:04 schema instead which worked fine.
Just a small note: The samlp namespace prefix is not used in the
assertion schema, so it could be removed.
The schema seem ok for me now.
Just one final caveat: I still use XACML 1.1, so to test my application
I have to change the references to the XACML 2.0 schemas to XACML 1.0. I
have not run anything with real XACML 2.0 data, but I doubt there are
any more errors since running the schemas you posted, with the above
corrections, gives no errors except the conflict between XACML 1.0 and
2.0.
/Erik
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]