saml2 3.1.3 → 3.1.5

Sign up to get free protection for your applications and to get access to all the features.
Files changed (19) hide show
  1. checksums.yaml +4 -4
  2. data/lib/saml2/version.rb +1 -1
  3. data/schemas/MetadataExchange.xsd +112 -0
  4. data/schemas/metadata_combined.xsd +14 -0
  5. data/schemas/oasis-200401-wss-wssecurity-secext-1.0.xsd +195 -0
  6. data/schemas/oasis-200401-wss-wssecurity-utility-1.0.xsd +108 -0
  7. data/schemas/saml-schema-assertion-2.0.xsd +283 -0
  8. data/schemas/saml-schema-metadata-2.0.xsd +339 -0
  9. data/schemas/saml-schema-protocol-2.0.xsd +302 -0
  10. data/schemas/sstc-saml-metadata-algsupport-v1.0.xsd +54 -0
  11. data/schemas/sstc-saml-metadata-ext-query.xsd +66 -0
  12. data/schemas/ws-addr.xsd +137 -0
  13. data/schemas/ws-authorization.xsd +145 -0
  14. data/schemas/ws-federation.xsd +471 -0
  15. data/schemas/ws-securitypolicy-1.2.xsd +1205 -0
  16. data/schemas/xenc-schema.xsd +136 -0
  17. data/schemas/xml.xsd +287 -0
  18. data/schemas/xmldsig-core-schema.xsd +309 -0
  19. metadata +19 -3
data/schemas/ws-securitypolicy-1.2.xsd ADDED
@@ -0,0 +1,1205 @@
1
+ <?xml version="1.0" encoding="utf-8"?>
2
+ <!--
3
+ OASIS takes no position regarding the validity or scope of any intellectual property or other rights that might be claimed to pertain to the
4
+ implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available;
5
+ neither does it represent that it has made any effort to identify any such rights. Information on OASIS's procedures with respect to rights in OASIS
6
+ specifications can be found at the OASIS website. Copies of claims of rights made available for publication and any assurances of licenses to be made
7
+ available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementors or users
8
+ of this specification, can be obtained from the OASIS Executive Director.
9
+ OASIS invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights which may
10
+ cover technology that may be required to implement this specification. Please address the information to the OASIS Executive Director.
11
+ Copyright © OASIS Open 2002-2007. All Rights Reserved.
12
+ This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist
13
+ in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the
14
+ above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself does not be modified
15
+ in any way, such as by removing the copyright notice or references to OASIS, except as needed for the purpose of developing OASIS specifications,
16
+ in which case the procedures for copyrights defined in the OASIS Intellectual Property Rights document must be followed, or as required to translate
17
+ it into languages other than English.
18
+ The limited permissions granted above are perpetual and will not be revoked by OASIS or its successors or assigns.
19
+ This document and the information contained herein is provided on an AS IS basis and OASIS DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED,
20
+ INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
21
+ MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
22
+ -->
23
+ <xs:schema
24
+ targetNamespace='http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702'
25
+ xmlns:tns='http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702'
26
+ xmlns:wsa="http://www.w3.org/2005/08/addressing"
27
+ xmlns:xs="http://www.w3.org/2001/XMLSchema"
28
+ elementFormDefault="qualified"
29
+ blockDefault="#all" >
30
+
31
+ <xs:import namespace="http://www.w3.org/2005/08/addressing"
32
+ schemaLocation="ws-addr.xsd" />
33
+
34
+ <!--
35
+ 4. Protection Assertions
36
+ -->
37
+ <xs:element name="SignedParts" type="tns:SePartsType">
38
+ <xs:annotation>
39
+ <xs:documentation xml:lang="en">
40
+ 4.1.1 SignedParts Assertion
41
+ </xs:documentation>
42
+ </xs:annotation>
43
+ </xs:element>
44
+ <xs:element name="EncryptedParts" type="tns:SePartsType" >
45
+ <xs:annotation>
46
+ <xs:documentation xml:lang="en">
47
+ 4.2.1 EncryptedParts Assertion
48
+ </xs:documentation>
49
+ </xs:annotation>
50
+ </xs:element>
51
+ <xs:complexType name="SePartsType">
52
+ <xs:sequence>
53
+ <xs:element name="Body" type="tns:EmptyType" minOccurs="0" />
54
+ <xs:element name="Header" type="tns:HeaderType" minOccurs="0" maxOccurs="unbounded" />
55
+ <xs:element name="Attachments" type="tns:EmptyType" minOccurs="0" />
56
+ <xs:any minOccurs="0" maxOccurs="unbounded" namespace="##other" processContents="lax"/>
57
+ </xs:sequence>
58
+ <xs:anyAttribute namespace="##any" processContents="lax" />
59
+ </xs:complexType>
60
+ <xs:complexType name="EmptyType" />
61
+ <xs:complexType name="HeaderType" >
62
+ <xs:attribute name="Name" type="xs:QName" use="optional" />
63
+ <xs:attribute name="Namespace" type="xs:anyURI" use="required" />
64
+ <xs:anyAttribute namespace="##any" processContents="lax" />
65
+ </xs:complexType>
66
+
67
+ <xs:element name="SignedElements" type="tns:SerElementsType" >
68
+ <xs:annotation>
69
+ <xs:documentation xml:lang="en" >
70
+ 4.1.2 SignedElements Assertion
71
+ </xs:documentation>
72
+ </xs:annotation>
73
+ </xs:element>
74
+ <xs:element name="EncryptedElements" type="tns:SerElementsType" >
75
+ <xs:annotation>
76
+ <xs:documentation xml:lang="en">
77
+ 4.2.2 EncryptedElements Assertion
78
+ </xs:documentation>
79
+ </xs:annotation>
80
+ </xs:element>
81
+ <xs:element name="RequiredElements" type="tns:SerElementsType" >
82
+ <xs:annotation>
83
+ <xs:documentation xml:lang="en" >
84
+ 4.3.1 RequiredElements Assertion
85
+ </xs:documentation>
86
+ </xs:annotation>
87
+ </xs:element>
88
+ <xs:complexType name="SerElementsType">
89
+ <xs:sequence>
90
+ <xs:element name="XPath" type="xs:string" minOccurs="1" maxOccurs="unbounded" />
91
+ <xs:any minOccurs="0" maxOccurs="unbounded" namespace="##other" processContents="lax"/>
92
+ </xs:sequence>
93
+ <xs:attribute name="XPathVersion" type="xs:anyURI" use="optional" />
94
+ <xs:anyAttribute namespace="##any" processContents="lax" />
95
+ </xs:complexType>
96
+
97
+ <!--
98
+ 5. Token Assertions
99
+ -->
100
+ <xs:attribute name="IncludeToken" type="tns:IncludeTokenOpenType" >
101
+ <xs:annotation>
102
+ <xs:documentation xml:lang="en">
103
+ 5.1 Token Inclusion
104
+ </xs:documentation>
105
+ </xs:annotation>
106
+ </xs:attribute>
107
+ <xs:simpleType name="IncludeTokenOpenType">
108
+ <xs:union memberTypes="tns:IncludeTokenType xs:anyURI" />
109
+ </xs:simpleType>
110
+ <xs:simpleType name="IncludeTokenType">
111
+ <xs:restriction base="xs:anyURI" >
112
+ <xs:enumeration value="http://docs.oasis-open.org/ws-sx/ws-trust/200702/ws-securitypolicy/IncludeToken/Never" />
113
+ <xs:enumeration value="http://docs.oasis-open.org/ws-sx/ws-trust/200702/ws-securitypolicy/IncludeToken/Once" />
114
+ <xs:enumeration value="http://docs.oasis-open.org/ws-sx/ws-trust/200702/ws-securitypolicy/IncludeToken/AlwaysToRecipient" />
115
+ <xs:enumeration value="http://docs.oasis-open.org/ws-sx/ws-trust/200702/ws-securitypolicy/IncludeToken/AlwaysToInitiator" />
116
+ <xs:enumeration value="http://docs.oasis-open.org/ws-sx/ws-trust/200702/ws-securitypolicy/IncludeToken/Always" />
117
+ </xs:restriction>
118
+ </xs:simpleType>
119
+
120
+ <xs:element name="UsernameToken" type="tns:TokenAssertionType" >
121
+ <xs:annotation>
122
+ <xs:documentation xml:lang="en" >
123
+ 5.4.1 UsernameToken Assertion
124
+ </xs:documentation>
125
+ </xs:annotation>
126
+ </xs:element>
127
+ <xs:complexType name="TokenAssertionType">
128
+ <xs:sequence>
129
+ <xs:choice minOccurs="0">
130
+ <xs:element name="Issuer" type="wsa:EndpointReferenceType" />
131
+ <xs:element name="IssuerName" type="xs:anyURI" />
132
+ </xs:choice>
133
+ <!--
134
+ Actual content model is non-deterministic, hence wildcard. The following shows intended content model:
135
+ <xs:element ref="wsp:Policy" minOccurs="0" />
136
+ -->
137
+ <xs:any minOccurs="0" maxOccurs="unbounded" namespace="##other" processContents="lax"/>
138
+ </xs:sequence>
139
+ <xs:attribute ref="tns:IncludeToken" use="optional" />
140
+ <xs:anyAttribute namespace="##any" processContents="lax" />
141
+ </xs:complexType>
142
+
143
+ <xs:element name="NoPassword" type="tns:QNameAssertionType" >
144
+ <xs:annotation>
145
+ <xs:documentation xml:lang="en">
146
+ 5.4.1 UsernameToken Assertion
147
+ </xs:documentation>
148
+ </xs:annotation>
149
+ </xs:element>
150
+ <xs:element name="HashPassword" type="tns:QNameAssertionType" >
151
+ <xs:annotation>
152
+ <xs:documentation xml:lang="en">
153
+ 5.4.1 UsernameToken Assertion
154
+ </xs:documentation>
155
+ </xs:annotation>
156
+ </xs:element>
157
+ <xs:element name="WssUsernameToken10" type="tns:QNameAssertionType" >
158
+ <xs:annotation>
159
+ <xs:documentation xml:lang="en">
160
+ 5.4.1 UsernameToken Assertion
161
+ </xs:documentation>
162
+ </xs:annotation>
163
+ </xs:element>
164
+ <xs:element name="WssUsernameToken11" type="tns:QNameAssertionType" >
165
+ <xs:annotation>
166
+ <xs:documentation xml:lang="en">
167
+ 5.4.1 UsernameToken Assertion
168
+ </xs:documentation>
169
+ </xs:annotation>
170
+ </xs:element>
171
+ <!-- RequireDerivedKeys defined below. -->
172
+ <!-- RequireImpliedDerivedKeys defined below. -->
173
+ <!-- RequireExplicitDerivedKeys defined below. -->
174
+
175
+ <xs:complexType name="QNameAssertionType">
176
+ <xs:anyAttribute namespace="##any" processContents="lax" />
177
+ </xs:complexType>
178
+
179
+ <xs:element name="IssuedToken" type="tns:IssuedTokenType">
180
+ <xs:annotation>
181
+ <xs:documentation xml:lang="en">
182
+ 5.4.2 IssuedToken Assertion
183
+ </xs:documentation>
184
+ </xs:annotation>
185
+ </xs:element>
186
+ <xs:complexType name="IssuedTokenType">
187
+ <xs:sequence>
188
+ <xs:choice minOccurs="0">
189
+ <xs:element name="Issuer" type="wsa:EndpointReferenceType" />
190
+ <xs:element name="IssuerName" type="xs:anyURI" />
191
+ </xs:choice>
192
+ <xs:element name="RequestSecurityTokenTemplate" type="tns:RequestSecurityTokenTemplateType" />
193
+ <!--
194
+ Actual content model is non-deterministic, hence wildcard. The following shows intended content model:
195
+ <xs:element ref="wsp:Policy" minOccurs="0" />
196
+ -->
197
+ <xs:any minOccurs="0" maxOccurs="unbounded" namespace="##other" processContents="lax" />
198
+ </xs:sequence>
199
+ <xs:attribute ref="tns:IncludeToken" use="optional" />
200
+ <xs:anyAttribute namespace="##any" processContents="lax" />
201
+ </xs:complexType>
202
+ <xs:complexType name="RequestSecurityTokenTemplateType">
203
+ <xs:sequence>
204
+ <xs:any minOccurs="0" maxOccurs="unbounded" namespace="##other" processContents="lax" />
205
+ </xs:sequence>
206
+ <xs:attribute name="TrustVersion" type="xs:anyURI" use="optional" />
207
+ <xs:anyAttribute namespace="##any" processContents="lax" />
208
+ </xs:complexType>
209
+
210
+ <xs:element name="RequireDerivedKeys" type="tns:QNameAssertionType" >
211
+ <xs:annotation>
212
+ <xs:documentation xml:lang="en">
213
+ 5.4.2 IssuedToken Assertion
214
+ </xs:documentation>
215
+ </xs:annotation>
216
+ </xs:element>
217
+ <xs:element name="RequireImpliedDerivedKeys" type="tns:QNameAssertionType" >
218
+ <xs:annotation>
219
+ <xs:documentation xml:lang="en">
220
+ 5.4.2 IssuedToken Assertion
221
+ </xs:documentation>
222
+ </xs:annotation>
223
+ </xs:element>
224
+ <xs:element name="RequireExplicitDerivedKeys" type="tns:QNameAssertionType" >
225
+ <xs:annotation>
226
+ <xs:documentation xml:lang="en">
227
+ 5.4.2 IssuedToken Assertion
228
+ </xs:documentation>
229
+ </xs:annotation>
230
+ </xs:element>
231
+ <xs:element name="RequireExternalReference" type="tns:QNameAssertionType" >
232
+ <xs:annotation>
233
+ <xs:documentation xml:lang="en">
234
+ 5.4.2 IssuedToken Assertion
235
+ </xs:documentation>
236
+ </xs:annotation>
237
+ </xs:element>
238
+ <xs:element name="RequireInternalReference" type="tns:QNameAssertionType" >
239
+ <xs:annotation>
240
+ <xs:documentation xml:lang="en">
241
+ 5.4.2 IssuedToken Assertion
242
+ </xs:documentation>
243
+ </xs:annotation>
244
+ </xs:element>
245
+
246
+ <xs:element name="X509Token" type="tns:TokenAssertionType" >
247
+ <xs:annotation>
248
+ <xs:documentation xml:lang="en">
249
+ 5.4.3 X509Token Assertion
250
+ </xs:documentation>
251
+ </xs:annotation>
252
+ </xs:element>
253
+ <!-- RequireDerivedKeys defined above. -->
254
+ <!-- RequireImpliedDerivedKeys defined above. -->
255
+ <!-- RequireExplicitDerivedKeys defined above. -->
256
+
257
+ <xs:element name="RequireKeyIdentifierReference" type="tns:QNameAssertionType" >
258
+ <xs:annotation>
259
+ <xs:documentation xml:lang="en">
260
+ 5.4.3 X509Token Assertion
261
+ </xs:documentation>
262
+ </xs:annotation>
263
+ </xs:element>
264
+ <xs:element name="RequireIssuerSerialReference" type="tns:QNameAssertionType" >
265
+ <xs:annotation>
266
+ <xs:documentation xml:lang="en">
267
+ 5.4.3 X509Token Assertion
268
+ </xs:documentation>
269
+ </xs:annotation>
270
+ </xs:element>
271
+ <xs:element name="RequireEmbeddedTokenReference" type="tns:QNameAssertionType" >
272
+ <xs:annotation>
273
+ <xs:documentation xml:lang="en">
274
+ 5.4.3 X509Token Assertion
275
+ </xs:documentation>
276
+ </xs:annotation>
277
+ </xs:element>
278
+ <xs:element name="RequireThumbprintReference" type="tns:QNameAssertionType" >
279
+ <xs:annotation>
280
+ <xs:documentation xml:lang="en">
281
+ 5.4.3 X509Token Assertion
282
+ </xs:documentation>
283
+ </xs:annotation>
284
+ </xs:element>
285
+ <xs:element name="WssX509V3Token10" type="tns:QNameAssertionType" >
286
+ <xs:annotation>
287
+ <xs:documentation xml:lang="en">
288
+ 5.4.3 X509Token Assertion
289
+ </xs:documentation>
290
+ </xs:annotation>
291
+ </xs:element>
292
+ <xs:element name="WssX509Pkcs7Token10" type="tns:QNameAssertionType" >
293
+ <xs:annotation>
294
+ <xs:documentation xml:lang="en">
295
+ 5.4.3 X509Token Assertion
296
+ </xs:documentation>
297
+ </xs:annotation>
298
+ </xs:element>
299
+ <xs:element name="WssX509PkiPathV1Token10" type="tns:QNameAssertionType" >
300
+ <xs:annotation>
301
+ <xs:documentation xml:lang="en">
302
+ 5.4.3 X509Token Assertion
303
+ </xs:documentation>
304
+ </xs:annotation>
305
+ </xs:element>
306
+ <xs:element name="WssX509V1Token11" type="tns:QNameAssertionType" >
307
+ <xs:annotation>
308
+ <xs:documentation xml:lang="en">
309
+ 5.4.3 X509Token Assertion
310
+ </xs:documentation>
311
+ </xs:annotation>
312
+ </xs:element>
313
+ <xs:element name="WssX509V3Token11" type="tns:QNameAssertionType" >
314
+ <xs:annotation>
315
+ <xs:documentation xml:lang="en">
316
+ 5.4.3 X509Token Assertion
317
+ </xs:documentation>
318
+ </xs:annotation>
319
+ </xs:element>
320
+ <xs:element name="WssX509Pkcs7Token11" type="tns:QNameAssertionType" >
321
+ <xs:annotation>
322
+ <xs:documentation xml:lang="en">
323
+ 5.4.3 X509Token Assertion
324
+ </xs:documentation>
325
+ </xs:annotation>
326
+ </xs:element>
327
+ <xs:element name="WssX509PkiPathV1Token11" type="tns:QNameAssertionType" >
328
+ <xs:annotation>
329
+ <xs:documentation xml:lang="en">
330
+ 5.4.3 X509Token Assertion
331
+ </xs:documentation>
332
+ </xs:annotation>
333
+ </xs:element>
334
+
335
+ <xs:element name="KerberosToken" type="tns:TokenAssertionType" >
336
+ <xs:annotation>
337
+ <xs:documentation xml:lang="en">
338
+ 5.4.4 KerberosToken Assertion
339
+ </xs:documentation>
340
+ </xs:annotation>
341
+ </xs:element>
342
+ <!-- RequireDerivedKeys defined above. -->
343
+ <!-- RequireImpliedDerivedKeys defined above. -->
344
+ <!-- RequireExplicitDerivedKeys defined above. -->
345
+ <!-- RequireKeyIdentifierReference defined above. -->
346
+
347
+ <xs:element name="WssKerberosV5ApReqToken11" type="tns:QNameAssertionType" >
348
+ <xs:annotation>
349
+ <xs:documentation xml:lang="en">
350
+ 5.4.4 KerberosToken Assertion
351
+ </xs:documentation>
352
+ </xs:annotation>
353
+ </xs:element>
354
+ <xs:element name="WssGssKerberosV5ApReqToken11" type="tns:QNameAssertionType" >
355
+ <xs:annotation>
356
+ <xs:documentation xml:lang="en">
357
+ 5.4.4 KerberosToken Assertion
358
+ </xs:documentation>
359
+ </xs:annotation>
360
+ </xs:element>
361
+
362
+ <xs:element name="SpnegoContextToken" type="tns:SpnegoContextTokenType" >
363
+ <xs:annotation>
364
+ <xs:documentation xml:lang="en" >
365
+ 5.4.5 SpnegoContextToken Assertion
366
+ </xs:documentation>
367
+ </xs:annotation>
368
+ </xs:element>
369
+ <xs:complexType name="SpnegoContextTokenType">
370
+ <xs:sequence>
371
+ <xs:choice minOccurs="0">
372
+ <xs:element name="Issuer" type="wsa:EndpointReferenceType" />
373
+ <xs:element name="IssuerName" type="xs:anyURI" />
374
+ </xs:choice>
375
+ <!--
376
+ Actual content model is non-deterministic, hence wildcard. The following shows intended content model:
377
+ <xs:element ref="wsp:Policy" minOccurs="0" />
378
+ -->
379
+ <xs:any minOccurs="0" maxOccurs="unbounded" namespace="##other" processContents="lax" />
380
+ </xs:sequence>
381
+ <xs:attribute ref="tns:IncludeToken" use="optional" />
382
+ <xs:anyAttribute namespace="##any" processContents="lax" />
383
+ </xs:complexType>
384
+ <!-- RequireDerivedKeys defined above. -->
385
+ <!-- RequireImpliedDerivedKeys defined above. -->
386
+ <!-- RequireExplicitDerivedKeys defined above. -->
387
+ <xs:element name="MustNotSendCancel" type="tns:QNameAssertionType" >
388
+ <xs:annotation>
389
+ <xs:documentation xml:lang="en">
390
+ 5.4.5 SpnegoContextToken Assertion
391
+ </xs:documentation>
392
+ </xs:annotation>
393
+ </xs:element>
394
+ <xs:element name="MustNotSendAmend" type="tns:QNameAssertionType" >
395
+ <xs:annotation>
396
+ <xs:documentation xml:lang="en">
397
+ 5.4.5 SpnegoContextToken Assertion
398
+ </xs:documentation>
399
+ </xs:annotation>
400
+ </xs:element>
401
+ <xs:element name="MustNotSendRenew" type="tns:QNameAssertionType" >
402
+ <xs:annotation>
403
+ <xs:documentation xml:lang="en">
404
+ 5.4.5 SpnegoContextToken Assertion
405
+ </xs:documentation>
406
+ </xs:annotation>
407
+ </xs:element>
408
+
409
+ <xs:element name="SecurityContextToken" type="tns:TokenAssertionType">
410
+ <xs:annotation>
411
+ <xs:documentation xml:lang="en">
412
+ 5.4.6 SecurityContextToken Assertion
413
+ </xs:documentation>
414
+ </xs:annotation>
415
+ </xs:element>
416
+ <!-- RequireDerivedKeys defined above. -->
417
+ <!-- RequireImpliedDerivedKeys defined above. -->
418
+ <!-- RequireExplicitDerivedKeys defined above. -->
419
+
420
+ <xs:element name="RequireExternalUriReference" type="tns:QNameAssertionType">
421
+ <xs:annotation>
422
+ <xs:documentation xml:lang="en">
423
+ 5.4.6 SecurityContextToken Assertion
424
+ </xs:documentation>
425
+ </xs:annotation>
426
+ </xs:element>
427
+ <xs:element name="SC13SecurityContextToken" type="tns:QNameAssertionType">
428
+ <xs:annotation>
429
+ <xs:documentation xml:lang="en">
430
+ 5.4.6 SecurityContextToken Assertion
431
+ </xs:documentation>
432
+ </xs:annotation>
433
+ </xs:element>
434
+
435
+ <xs:element name="SecureConversationToken" type="tns:SecureConversationTokenType" >
436
+ <xs:annotation>
437
+ <xs:documentation xml:lang="en">
438
+ 5.4.7 SecureConversationToken Assertion
439
+ </xs:documentation>
440
+ </xs:annotation>
441
+ </xs:element>
442
+ <xs:complexType name="SecureConversationTokenType">
443
+ <xs:sequence>
444
+ <xs:choice minOccurs="0">
445
+ <xs:element name="Issuer" type="wsa:EndpointReferenceType" />
446
+ <xs:element name="IssuerName" type="xs:anyURI" />
447
+ </xs:choice>
448
+ <!--
449
+ Actual content model is non-deterministic, hence wildcard. The following shows intended content model:
450
+ <xs:element ref="wsp:Policy" minOccurs="0" />
451
+ -->
452
+ <xs:any minOccurs="0" maxOccurs="unbounded" namespace="##other" processContents="lax" />
453
+ </xs:sequence>
454
+ <xs:attribute ref="tns:IncludeToken" use="optional" />
455
+ <xs:anyAttribute namespace="##any" processContents="lax" />
456
+ </xs:complexType>
457
+ <!-- RequireDerivedKeys defined above. -->
458
+ <!-- RequireImpliedDerivedKeys defined above. -->
459
+ <!-- RequireExplicitDerivedKeys defined above. -->
460
+ <!-- RequireExternalUriReference defined above. -->
461
+ <!-- SC13SecurityContextToken defined above. -->
462
+ <!-- MustNotSendCancel defined above. -->
463
+ <!-- MustNotSendAmend defined above. -->
464
+ <!-- MustNotSendRenew defined above. -->
465
+
466
+ <xs:element name="BootstrapPolicy" type="tns:NestedPolicyType">
467
+ <xs:annotation>
468
+ <xs:documentation xml:lang="en">
469
+ 5.4.7 SecureConversationToken Assertion
470
+ </xs:documentation>
471
+ </xs:annotation>
472
+ </xs:element>
473
+
474
+ <xs:element name="SamlToken" type="tns:TokenAssertionType">
475
+ <xs:annotation>
476
+ <xs:documentation xml:lang="en" >
477
+ 5.4.8 SamlToken Assertion
478
+ </xs:documentation>
479
+ </xs:annotation>
480
+ </xs:element>
481
+ <!-- RequireDerivedKeys defined above. -->
482
+ <!-- RequireImpliedDerivedKeys defined above. -->
483
+ <!-- RequireExplicitDerivedKeys defined above. -->
484
+ <!-- RequireKeyIdentifierReference defined above. -->
485
+
486
+ <xs:element name="WssSamlV11Token10" type="tns:QNameAssertionType">
487
+ <xs:annotation>
488
+ <xs:documentation xml:lang="en">
489
+ 5.4.8 SamlToken Assertion
490
+ </xs:documentation>
491
+ </xs:annotation>
492
+ </xs:element>
493
+ <xs:element name="WssSamlV11Token11" type="tns:QNameAssertionType">
494
+ <xs:annotation>
495
+ <xs:documentation xml:lang="en">
496
+ 5.4.8 SamlToken Assertion
497
+ </xs:documentation>
498
+ </xs:annotation>
499
+ </xs:element>
500
+ <xs:element name="WssSamlV20Token11" type="tns:QNameAssertionType">
501
+ <xs:annotation>
502
+ <xs:documentation xml:lang="en">
503
+ 5.4.8 SamlToken Assertion
504
+ </xs:documentation>
505
+ </xs:annotation>
506
+ </xs:element>
507
+
508
+ <xs:element name="RelToken" type="tns:TokenAssertionType">
509
+ <xs:annotation>
510
+ <xs:documentation xml:lang="en">
511
+ 5.4.9 RelToken Assertion
512
+ </xs:documentation>
513
+ </xs:annotation>
514
+ </xs:element>
515
+ <!-- RequireDerivedKeys defined above. -->
516
+ <!-- RequireImpliedDerivedKeys defined above. -->
517
+ <!-- RequireExplicitDerivedKeys defined above. -->
518
+ <!-- RequireKeyIdentifierReference defined above. -->
519
+
520
+ <xs:element name="WssRelV10Token10" type="tns:QNameAssertionType">
521
+ <xs:annotation>
522
+ <xs:documentation xml:lang="en">
523
+ 5.4.9 RelToken Assertion
524
+ </xs:documentation>
525
+ </xs:annotation>
526
+ </xs:element>
527
+ <xs:element name="WssRelV20Token10" type="tns:QNameAssertionType">
528
+ <xs:annotation>
529
+ <xs:documentation xml:lang="en">
530
+ 5.4.9 RelToken Assertion
531
+ </xs:documentation>
532
+ </xs:annotation>
533
+ </xs:element>
534
+ <xs:element name="WssRelV10Token11" type="tns:QNameAssertionType">
535
+ <xs:annotation>
536
+ <xs:documentation xml:lang="en">
537
+ 5.4.9 RelToken Assertion
538
+ </xs:documentation>
539
+ </xs:annotation>
540
+ </xs:element>
541
+ <xs:element name="WssRelV20Token11" type="tns:QNameAssertionType">
542
+ <xs:annotation>
543
+ <xs:documentation xml:lang="en">
544
+ 5.4.9 RelToken Assertion
545
+ </xs:documentation>
546
+ </xs:annotation>
547
+ </xs:element>
548
+
549
+ <xs:element name="HttpsToken" type="tns:TokenAssertionType">
550
+ <xs:annotation>
551
+ <xs:documentation xml:lang="en">
552
+ 5.4.10 HttpsToken Assertion
553
+ </xs:documentation>
554
+ </xs:annotation>
555
+ </xs:element>
556
+ <xs:element name="HttpBasicAuthentication" type="tns:QNameAssertionType">
557
+ <xs:annotation>
558
+ <xs:documentation xml:lang="en">
559
+ 5.4.10 HttpsToken Assertion
560
+ </xs:documentation>
561
+ </xs:annotation>
562
+ </xs:element>
563
+ <xs:element name="HttpDigestAuthentication" type="tns:QNameAssertionType">
564
+ <xs:annotation>
565
+ <xs:documentation xml:lang="en">
566
+ 5.4.10 HttpsToken Assertion
567
+ </xs:documentation>
568
+ </xs:annotation>
569
+ </xs:element>
570
+ <xs:element name="RequireClientCertificate" type="tns:QNameAssertionType">
571
+ <xs:annotation>
572
+ <xs:documentation xml:lang="en">
573
+ 5.4.10 HttpsToken Assertion
574
+ </xs:documentation>
575
+ </xs:annotation>
576
+ </xs:element>
577
+
578
+ <xs:element name="KeyValueToken" type="tns:KeyValueTokenType">
579
+ <xs:annotation>
580
+ <xs:documentation xml:lang="en">
581
+ 5.4.11 KeyValueToken Assertion
582
+ </xs:documentation>
583
+ </xs:annotation>
584
+ </xs:element>
585
+ <xs:complexType name="KeyValueTokenType">
586
+ <xs:sequence>
587
+ <!--
588
+ Actual content model is non-deterministic, hence wildcard. The following shows intended content model:
589
+ <xs:element ref="wsp:Policy" minOccurs="0" />
590
+ -->
591
+ <xs:any minOccurs="0" maxOccurs="unbounded" namespace="##other" processContents="lax" />
592
+ </xs:sequence>
593
+ <xs:attribute ref="tns:IncludeToken" use="optional" />
594
+ <xs:anyAttribute namespace="##any" processContents="lax" />
595
+ </xs:complexType>
596
+ <xs:element name="RsaKeyValue" type="tns:QNameAssertionType">
597
+ <xs:annotation>
598
+ <xs:documentation xml:lang="en">
599
+ 5.4.11 KeyValueToken Assertion
600
+ </xs:documentation>
601
+ </xs:annotation>
602
+ </xs:element>
603
+
604
+ <!--
605
+ 7. Security Binding Assertions
606
+ -->
607
+ <xs:element name="AlgorithmSuite" type="tns:NestedPolicyType" >
608
+ <xs:annotation>
609
+ <xs:documentation xml:lang="en">
610
+ 7.1 AlgorithmSuite Assertion
611
+ </xs:documentation>
612
+ </xs:annotation>
613
+ </xs:element>
614
+ <xs:complexType name="NestedPolicyType">
615
+ <xs:sequence>
616
+ <xs:any minOccurs="0" maxOccurs="unbounded" namespace="##other" processContents="lax"/>
617
+ </xs:sequence>
618
+ <xs:anyAttribute namespace="##any" processContents="lax" />
619
+ </xs:complexType>
620
+
621
+ <xs:element name="Basic256" type="tns:QNameAssertionType">
622
+ <xs:annotation>
623
+ <xs:documentation xml:lang="en">
624
+ 7.1 AlgorithmSuite Assertion
625
+ </xs:documentation>
626
+ </xs:annotation>
627
+ </xs:element>
628
+ <xs:element name="Basic192" type="tns:QNameAssertionType">
629
+ <xs:annotation>
630
+ <xs:documentation xml:lang="en">
631
+ 7.1 AlgorithmSuite Assertion
632
+ </xs:documentation>
633
+ </xs:annotation>
634
+ </xs:element>
635
+ <xs:element name="Basic128" type="tns:QNameAssertionType">
636
+ <xs:annotation>
637
+ <xs:documentation xml:lang="en">
638
+ 7.1 AlgorithmSuite Assertion
639
+ </xs:documentation>
640
+ </xs:annotation>
641
+ </xs:element>
642
+ <xs:element name="TripleDes" type="tns:QNameAssertionType">
643
+ <xs:annotation>
644
+ <xs:documentation xml:lang="en">
645
+ 7.1 AlgorithmSuite Assertion
646
+ </xs:documentation>
647
+ </xs:annotation>
648
+ </xs:element>
649
+ <xs:element name="Basic256Rsa15" type="tns:QNameAssertionType">
650
+ <xs:annotation>
651
+ <xs:documentation xml:lang="en">
652
+ 7.1 AlgorithmSuite Assertion
653
+ </xs:documentation>
654
+ </xs:annotation>
655
+ </xs:element>
656
+ <xs:element name="Basic192Rsa15" type="tns:QNameAssertionType">
657
+ <xs:annotation>
658
+ <xs:documentation xml:lang="en">
659
+ 7.1 AlgorithmSuite Assertion
660
+ </xs:documentation>
661
+ </xs:annotation>
662
+ </xs:element>
663
+ <xs:element name="Basic128Rsa15" type="tns:QNameAssertionType">
664
+ <xs:annotation>
665
+ <xs:documentation xml:lang="en">
666
+ 7.1 AlgorithmSuite Assertion
667
+ </xs:documentation>
668
+ </xs:annotation>
669
+ </xs:element>
670
+ <xs:element name="TripleDesRsa15" type="tns:QNameAssertionType">
671
+ <xs:annotation>
672
+ <xs:documentation xml:lang="en">
673
+ 7.1 AlgorithmSuite Assertion
674
+ </xs:documentation>
675
+ </xs:annotation>
676
+ </xs:element>
677
+ <xs:element name="Basic256Sha256" type="tns:QNameAssertionType">
678
+ <xs:annotation>
679
+ <xs:documentation xml:lang="en">
680
+ 7.1 AlgorithmSuite Assertion
681
+ </xs:documentation>
682
+ </xs:annotation>
683
+ </xs:element>
684
+ <xs:element name="Basic192Sha256" type="tns:QNameAssertionType">
685
+ <xs:annotation>
686
+ <xs:documentation xml:lang="en">
687
+ 7.1 AlgorithmSuite Assertion
688
+ </xs:documentation>
689
+ </xs:annotation>
690
+ </xs:element>
691
+ <xs:element name="Basic128Sha256" type="tns:QNameAssertionType">
692
+ <xs:annotation>
693
+ <xs:documentation xml:lang="en">
694
+ 7.1 AlgorithmSuite Assertion
695
+ </xs:documentation>
696
+ </xs:annotation>
697
+ </xs:element>
698
+ <xs:element name="TripleDesSha256" type="tns:QNameAssertionType">
699
+ <xs:annotation>
700
+ <xs:documentation xml:lang="en">
701
+ 7.1 AlgorithmSuite Assertion
702
+ </xs:documentation>
703
+ </xs:annotation>
704
+ </xs:element>
705
+ <xs:element name="Basic256Sha256Rsa15" type="tns:QNameAssertionType">
706
+ <xs:annotation>
707
+ <xs:documentation xml:lang="en">
708
+ 7.1 AlgorithmSuite Assertion
709
+ </xs:documentation>
710
+ </xs:annotation>
711
+ </xs:element>
712
+ <xs:element name="Basic192Sha256Rsa15" type="tns:QNameAssertionType">
713
+ <xs:annotation>
714
+ <xs:documentation xml:lang="en">
715
+ 7.1 AlgorithmSuite Assertion
716
+ </xs:documentation>
717
+ </xs:annotation>
718
+ </xs:element>
719
+ <xs:element name="Basic128Sha256Rsa15" type="tns:QNameAssertionType">
720
+ <xs:annotation>
721
+ <xs:documentation xml:lang="en">
722
+ 7.1 AlgorithmSuite Assertion
723
+ </xs:documentation>
724
+ </xs:annotation>
725
+ </xs:element>
726
+ <xs:element name="TripleDesSha256Rsa15" type="tns:QNameAssertionType">
727
+ <xs:annotation>
728
+ <xs:documentation xml:lang="en">
729
+ 7.1 AlgorithmSuite Assertion
730
+ </xs:documentation>
731
+ </xs:annotation>
732
+ </xs:element>
733
+ <xs:element name="InclusiveC14N" type="tns:QNameAssertionType">
734
+ <xs:annotation>
735
+ <xs:documentation xml:lang="en">
736
+ 7.1 AlgorithmSuite Assertion
737
+ </xs:documentation>
738
+ </xs:annotation>
739
+ </xs:element>
740
+ <xs:element name="SOAPNormalization10" type="tns:QNameAssertionType">
741
+ <xs:annotation>
742
+ <xs:documentation xml:lang="en">
743
+ 7.1 AlgorithmSuite Assertion
744
+ </xs:documentation>
745
+ </xs:annotation>
746
+ </xs:element>
747
+ <xs:element name="STRTransform10" type="tns:QNameAssertionType">
748
+ <xs:annotation>
749
+ <xs:documentation xml:lang="en">
750
+ 7.1 AlgorithmSuite Assertion
751
+ </xs:documentation>
752
+ </xs:annotation>
753
+ </xs:element>
754
+ <xs:element name="XPath10" type="tns:QNameAssertionType">
755
+ <xs:annotation>
756
+ <xs:documentation xml:lang="en">
757
+ 7.1 AlgorithmSuite Assertion
758
+ </xs:documentation>
759
+ </xs:annotation>
760
+ </xs:element>
761
+ <xs:element name="XPathFilter20" type="tns:QNameAssertionType">
762
+ <xs:annotation>
763
+ <xs:documentation xml:lang="en">
764
+ 7.1 AlgorithmSuite Assertion
765
+ </xs:documentation>
766
+ </xs:annotation>
767
+ </xs:element>
768
+ <xs:element name="AbsXPath" type="tns:QNameAssertionType">
769
+ <xs:annotation>
770
+ <xs:documentation xml:lang="en">
771
+ 7.1 AlgorithmSuite Assertion
772
+ </xs:documentation>
773
+ </xs:annotation>
774
+ </xs:element>
775
+
776
+ <xs:element name="Layout" type="tns:NestedPolicyType">
777
+ <xs:annotation>
778
+ <xs:documentation xml:lang="en">
779
+ 7.2 Layout Assertion
780
+ </xs:documentation>
781
+ </xs:annotation>
782
+ </xs:element>
783
+
784
+ <xs:element name="Strict" type="tns:QNameAssertionType">
785
+ <xs:annotation>
786
+ <xs:documentation xml:lang="en">
787
+ 7.2 Layout Assertion
788
+ </xs:documentation>
789
+ </xs:annotation>
790
+ </xs:element>
791
+ <xs:element name="Lax" type="tns:QNameAssertionType">
792
+ <xs:annotation>
793
+ <xs:documentation xml:lang="en">
794
+ 7.2 Layout Assertion
795
+ </xs:documentation>
796
+ </xs:annotation>
797
+ </xs:element>
798
+ <xs:element name="LaxTsFirst" type="tns:QNameAssertionType">
799
+ <xs:annotation>
800
+ <xs:documentation xml:lang="en">
801
+ 7.2 Layout Assertion
802
+ </xs:documentation>
803
+ </xs:annotation>
804
+ </xs:element>
805
+ <xs:element name="LaxTsLast" type="tns:QNameAssertionType">
806
+ <xs:annotation>
807
+ <xs:documentation xml:lang="en">
808
+ 7.2 Layout Assertion
809
+ </xs:documentation>
810
+ </xs:annotation>
811
+ </xs:element>
812
+
813
+ <xs:element name="TransportBinding" type="tns:NestedPolicyType">
814
+ <xs:annotation>
815
+ <xs:documentation xml:lang="en">
816
+ 7.3 TransportBinding Assertion
817
+ </xs:documentation>
818
+ </xs:annotation>
819
+ </xs:element>
820
+
821
+ <xs:element name="TransportToken" type="tns:NestedPolicyType">
822
+ <xs:annotation>
823
+ <xs:documentation xml:lang="en">
824
+ 7.3 TransportBinding Assertion
825
+ </xs:documentation>
826
+ </xs:annotation>
827
+ </xs:element>
828
+ <!-- AlgorithmSuite defined above. -->
829
+ <!-- Layout defined above. -->
830
+
831
+ <xs:element name="IncludeTimestamp" type="tns:QNameAssertionType">
832
+ <xs:annotation>
833
+ <xs:documentation xml:lang="en">
834
+ 7.3 TransportBinding Assertion
835
+ </xs:documentation>
836
+ </xs:annotation>
837
+ </xs:element>
838
+
839
+ <xs:element name="SymmetricBinding" type="tns:NestedPolicyType">
840
+ <xs:annotation>
841
+ <xs:documentation xml:lang="en">
842
+ 7.4 SymmetricBinding Assertion
843
+ </xs:documentation>
844
+ </xs:annotation>
845
+ </xs:element>
846
+ <xs:element name="EncryptionToken" type="tns:NestedPolicyType">
847
+ <xs:annotation>
848
+ <xs:documentation xml:lang="en">
849
+ 7.4 SymmetricBinding Assertion
850
+ </xs:documentation>
851
+ </xs:annotation>
852
+ </xs:element>
853
+ <xs:element name="SignatureToken" type="tns:NestedPolicyType">
854
+ <xs:annotation>
855
+ <xs:documentation xml:lang="en">
856
+ 8=7.4 SymmetricBinding Assertion
857
+ </xs:documentation>
858
+ </xs:annotation>
859
+ </xs:element>
860
+ <xs:element name="ProtectionToken" type="tns:NestedPolicyType">
861
+ <xs:annotation>
862
+ <xs:documentation xml:lang="en">
863
+ 7.4 SymmetricBinding Assertion
864
+ </xs:documentation>
865
+ </xs:annotation>
866
+ </xs:element>
867
+ <!-- AlgorithmSuite defined above. -->
868
+ <!-- Layout defined above. -->
869
+ <!-- IncludeTimestamp defined above. -->
870
+
871
+ <xs:element name="EncryptBeforeSigning" type="tns:QNameAssertionType">
872
+ <xs:annotation>
873
+ <xs:documentation xml:lang="en">
874
+ 7.4 SymmetricBinding Assertion
875
+ </xs:documentation>
876
+ </xs:annotation>
877
+ </xs:element>
878
+ <xs:element name="EncryptSignature" type="tns:QNameAssertionType">
879
+ <xs:annotation>
880
+ <xs:documentation xml:lang="en">
881
+ 7.4 SymmetricBinding Assertion
882
+ </xs:documentation>
883
+ </xs:annotation>
884
+ </xs:element>
885
+ <xs:element name="ProtectTokens" type="tns:QNameAssertionType">
886
+ <xs:annotation>
887
+ <xs:documentation xml:lang="en">
888
+ 7.4 SymmetricBinding Assertion
889
+ </xs:documentation>
890
+ </xs:annotation>
891
+ </xs:element>
892
+ <xs:element name="OnlySignEntireHeadersAndBody" type="tns:QNameAssertionType">
893
+ <xs:annotation>
894
+ <xs:documentation xml:lang="en">
895
+ 7.4 SymmetricBinding Assertion
896
+ </xs:documentation>
897
+ </xs:annotation>
898
+ </xs:element>
899
+
900
+ <xs:element name="AsymmetricBinding" type="tns:NestedPolicyType">
901
+ <xs:annotation>
902
+ <xs:documentation xml:lang="en">
903
+ 7.5 AsymmetricBinding Assertion
904
+ </xs:documentation>
905
+ </xs:annotation>
906
+ </xs:element>
907
+
908
+ <xs:element name="InitiatorToken" type="tns:NestedPolicyType">
909
+ <xs:annotation>
910
+ <xs:documentation xml:lang="en">
911
+ 7.5 AsymmetricBinding Assertion
912
+ </xs:documentation>
913
+ </xs:annotation>
914
+ </xs:element>
915
+
916
+ <xs:element name="InitiatorSignatureToken" type="tns:NestedPolicyType">
917
+ <xs:annotation>
918
+ <xs:documentation xml:lang="en">
919
+ 7.5 AsymmetricBinding Assertion
920
+ </xs:documentation>
921
+ </xs:annotation>
922
+ </xs:element>
923
+
924
+ <xs:element name="InitiatorEncryptionToken" type="tns:NestedPolicyType">
925
+ <xs:annotation>
926
+ <xs:documentation xml:lang="en">
927
+ 7.5 AsymmetricBinding Assertion
928
+ </xs:documentation>
929
+ </xs:annotation>
930
+ </xs:element>
931
+
932
+ <xs:element name="RecipientToken" type="tns:NestedPolicyType">
933
+ <xs:annotation>
934
+ <xs:documentation xml:lang="en">
935
+ 7.5 AsymmetricBinding Assertion
936
+ </xs:documentation>
937
+ </xs:annotation>
938
+ </xs:element>
939
+
940
+ <xs:element name="RecipientSignatureToken" type="tns:NestedPolicyType">
941
+ <xs:annotation>
942
+ <xs:documentation xml:lang="en">
943
+ 7.5 AsymmetricBinding Assertion
944
+ </xs:documentation>
945
+ </xs:annotation>
946
+ </xs:element>
947
+
948
+ <xs:element name="RecipientEncryptionToken" type="tns:NestedPolicyType">
949
+ <xs:annotation>
950
+ <xs:documentation xml:lang="en">
951
+ 7.5 AsymmetricBinding Assertion
952
+ </xs:documentation>
953
+ </xs:annotation>
954
+ </xs:element>
955
+ <!-- AlgorithmSuite defined above. -->
956
+ <!-- Layout defined above. -->
957
+ <!-- IncludeTimestamp defined above. -->
958
+ <!-- EncryptBeforeSigning defined above. -->
959
+ <!-- EncryptSignature defined above. -->
960
+ <!-- ProtectTokens defined above. -->
961
+ <!-- OnlySignEntireHeadersAndBody defined above. -->
962
+
963
+ <!--
964
+ 8. Supporting Tokens
965
+ -->
966
+ <xs:element name="SupportingTokens" type="tns:NestedPolicyType">
967
+ <xs:annotation>
968
+ <xs:documentation xml:lang="en">
969
+ 8.1 SupportingTokens Assertion
970
+ </xs:documentation>
971
+ </xs:annotation>
972
+ </xs:element>
973
+ <!-- AlgorithmSuite defined above. -->
974
+ <!-- SignedParts defined above. -->
975
+ <!-- SignedElements defined above. -->
976
+ <!-- EncryptedParts defined above. -->
977
+ <!-- EncryptedElements defined above. -->
978
+
979
+ <xs:element name="SignedSupportingTokens" type="tns:NestedPolicyType">
980
+ <xs:annotation>
981
+ <xs:documentation xml:lang="en">
982
+ 8.2 SignedSupportingTokens Assertion
983
+ </xs:documentation>
984
+ </xs:annotation>
985
+ </xs:element>
986
+ <!-- AlgorithmSuite defined above. -->
987
+ <!-- SignedParts defined above. -->
988
+ <!-- SignedElements defined above. -->
989
+ <!-- EncryptedParts defined above. -->
990
+ <!-- EncryptedElements defined above. -->
991
+
992
+ <xs:element name="EndorsingSupportingTokens" type="tns:NestedPolicyType">
993
+ <xs:annotation>
994
+ <xs:documentation xml:lang="en">
995
+ 8.3 EndorsingSupportingTokens Assertion
996
+ </xs:documentation>
997
+ </xs:annotation>
998
+ </xs:element>
999
+ <!-- AlgorithmSuite defined above. -->
1000
+ <!-- SignedParts defined above. -->
1001
+ <!-- SignedElements defined above. -->
1002
+ <!-- EncryptedParts defined above. -->
1003
+ <!-- EncryptedElements defined above. -->
1004
+
1005
+ <xs:element name="SignedEndorsingSupportingTokens" type="tns:NestedPolicyType">
1006
+ <xs:annotation>
1007
+ <xs:documentation xml:lang="en">
1008
+ 8.4 SignedEndorsingSupportingTokens Assertion
1009
+ </xs:documentation>
1010
+ </xs:annotation>
1011
+ </xs:element>
1012
+ <!-- AlgorithmSuite defined above. -->
1013
+ <!-- SignedParts defined above. -->
1014
+ <!-- SignedElements defined above. -->
1015
+ <!-- EncryptedParts defined above. -->
1016
+ <!-- EncryptedElements defined above. -->
1017
+
1018
+ <xs:element name="SignedEncryptedSupportingTokens" type="tns:NestedPolicyType">
1019
+ <xs:annotation>
1020
+ <xs:documentation xml:lang="en">
1021
+ 8.5 SignedEncryptedSupportingTokens Assertion
1022
+ </xs:documentation>
1023
+ </xs:annotation>
1024
+ </xs:element>
1025
+ <!-- AlgorithmSuite defined above. -->
1026
+ <!-- SignedParts defined above. -->
1027
+ <!-- SignedElements defined above. -->
1028
+ <!-- EncryptedParts defined above. -->
1029
+ <!-- EncryptedElements defined above. -->
1030
+
1031
+ <xs:element name="EncryptedSupportingTokens" type="tns:NestedPolicyType">
1032
+ <xs:annotation>
1033
+ <xs:documentation xml:lang="en">
1034
+ 8.6 EncryptedSupportingTokens Assertion
1035
+ </xs:documentation>
1036
+ </xs:annotation>
1037
+ </xs:element>
1038
+ <!-- AlgorithmSuite defined above. -->
1039
+ <!-- SignedParts defined above. -->
1040
+ <!-- SignedElements defined above. -->
1041
+ <!-- EncryptedParts defined above. -->
1042
+ <!-- EncryptedElements defined above. -->
1043
+
1044
+ <xs:element name="EndorsingEncryptedSupportingTokens" type="tns:NestedPolicyType">
1045
+ <xs:annotation>
1046
+ <xs:documentation xml:lang="en">
1047
+ 8.7 EndorsingEncryptedSupportingTokens Assertion
1048
+ </xs:documentation>
1049
+ </xs:annotation>
1050
+ </xs:element>
1051
+ <!-- AlgorithmSuite defined above. -->
1052
+ <!-- SignedParts defined above. -->
1053
+ <!-- SignedElements defined above. -->
1054
+ <!-- EncryptedParts defined above. -->
1055
+ <!-- EncryptedElements defined above. -->
1056
+
1057
+ <xs:element name="SignedEndorsingEncryptedSupportingTokens" type="tns:NestedPolicyType">
1058
+ <xs:annotation>
1059
+ <xs:documentation xml:lang="en">
1060
+ 8.8 SignedEndorsingEncryptedSupportingTokens Assertion
1061
+ </xs:documentation>
1062
+ </xs:annotation>
1063
+ </xs:element>
1064
+ <!-- AlgorithmSuite defined above. -->
1065
+ <!-- SignedParts defined above. -->
1066
+ <!-- SignedElements defined above. -->
1067
+ <!-- EncryptedParts defined above. -->
1068
+ <!-- EncryptedElements defined above. -->
1069
+
1070
+ <!--
1071
+ 9. WSS: SOAP Message Security Options
1072
+ -->
1073
+ <xs:element name="Wss10" type="tns:NestedPolicyType">
1074
+ <xs:annotation>
1075
+ <xs:documentation xml:lang="en">
1076
+ 9.1 Wss10 Assertion
1077
+ </xs:documentation>
1078
+ </xs:annotation>
1079
+ </xs:element>
1080
+
1081
+ <xs:element name="MustSupportRefKeyIdentifier" type="tns:QNameAssertionType">
1082
+ <xs:annotation>
1083
+ <xs:documentation xml:lang="en">
1084
+ 9.1 Wss10 Assertion
1085
+ </xs:documentation>
1086
+ </xs:annotation>
1087
+ </xs:element>
1088
+ <xs:element name="MustSupportRefIssuerSerial" type="tns:QNameAssertionType">
1089
+ <xs:annotation>
1090
+ <xs:documentation xml:lang="en">
1091
+ 9.1 Wss10 Assertion
1092
+ </xs:documentation>
1093
+ </xs:annotation>
1094
+ </xs:element>
1095
+ <xs:element name="MustSupportRefExternalURI" type="tns:QNameAssertionType">
1096
+ <xs:annotation>
1097
+ <xs:documentation xml:lang="en">
1098
+ 9.1 Wss10 Assertion
1099
+ </xs:documentation>
1100
+ </xs:annotation>
1101
+ </xs:element>
1102
+ <xs:element name="MustSupportRefEmbeddedToken" type="tns:QNameAssertionType">
1103
+ <xs:annotation>
1104
+ <xs:documentation xml:lang="en">
1105
+ 9.1 Wss10 Assertion
1106
+ </xs:documentation>
1107
+ </xs:annotation>
1108
+ </xs:element>
1109
+
1110
+ <xs:element name="Wss11" type="tns:NestedPolicyType">
1111
+ <xs:annotation>
1112
+ <xs:documentation xml:lang="en">
1113
+ 9.2 Wss11 Assertion
1114
+ </xs:documentation>
1115
+ </xs:annotation>
1116
+ </xs:element>
1117
+ <!-- MustSupportRefKeyIdentifier defined above. -->
1118
+ <!-- MustSupportRefIssuerSerial defined above. -->
1119
+ <!-- MustSupportRefExternalURI defined above. -->
1120
+ <!-- MustSupportRefEmbeddedToken defined above. -->
1121
+
1122
+ <xs:element name="MustSupportRefThumbprint" type="tns:QNameAssertionType">
1123
+ <xs:annotation>
1124
+ <xs:documentation xml:lang="en">
1125
+ 9.2 Wss11 Assertion
1126
+ </xs:documentation>
1127
+ </xs:annotation>
1128
+ </xs:element>
1129
+ <xs:element name="MustSupportRefEncryptedKey" type="tns:QNameAssertionType">
1130
+ <xs:annotation>
1131
+ <xs:documentation xml:lang="en">
1132
+ 9.2 Wss11 Assertion
1133
+ </xs:documentation>
1134
+ </xs:annotation>
1135
+ </xs:element>
1136
+ <xs:element name="RequireSignatureConfirmation" type="tns:QNameAssertionType">
1137
+ <xs:annotation>
1138
+ <xs:documentation xml:lang="en">
1139
+ 9.2 Wss11 Assertion
1140
+ </xs:documentation>
1141
+ </xs:annotation>
1142
+ </xs:element>
1143
+
1144
+ <!--
1145
+ 10. WS-Trust Options
1146
+ -->
1147
+ <xs:element name="Trust13" type="tns:NestedPolicyType">
1148
+ <xs:annotation>
1149
+ <xs:documentation xml:lang="en">
1150
+ 10.1 Trust13 Assertion
1151
+ </xs:documentation>
1152
+ </xs:annotation>
1153
+ </xs:element>
1154
+
1155
+ <xs:element name="MustSupportClientChallenge" type="tns:QNameAssertionType">
1156
+ <xs:annotation>
1157
+ <xs:documentation xml:lang="en">
1158
+ 10.1 Trust13 Assertion
1159
+ </xs:documentation>
1160
+ </xs:annotation>
1161
+ </xs:element>
1162
+ <xs:element name="MustSupportServerChallenge" type="tns:QNameAssertionType">
1163
+ <xs:annotation>
1164
+ <xs:documentation xml:lang="en">
1165
+ 10.1 Trust13 Assertion
1166
+ </xs:documentation>
1167
+ </xs:annotation>
1168
+ </xs:element>
1169
+ <xs:element name="RequireClientEntropy" type="tns:QNameAssertionType">
1170
+ <xs:annotation>
1171
+ <xs:documentation xml:lang="en">
1172
+ 10.1 Trust13 Assertion
1173
+ </xs:documentation>
1174
+ </xs:annotation>
1175
+ </xs:element>
1176
+ <xs:element name="RequireServerEntropy" type="tns:QNameAssertionType">
1177
+ <xs:annotation>
1178
+ <xs:documentation xml:lang="en">
1179
+ 10.1 Trust13 Assertion
1180
+ </xs:documentation>
1181
+ </xs:annotation>
1182
+ </xs:element>
1183
+ <xs:element name="MustSupportIssuedTokens" type="tns:QNameAssertionType">
1184
+ <xs:annotation>
1185
+ <xs:documentation xml:lang="en">
1186
+ 10.1 Trust13 Assertion
1187
+ </xs:documentation>
1188
+ </xs:annotation>
1189
+ </xs:element>
1190
+ <xs:element name="RequireRequestSecurityTokenCollection" type="tns:QNameAssertionType">
1191
+ <xs:annotation>
1192
+ <xs:documentation xml:lang="en">
1193
+ 10.1 Trust13 Assertion
1194
+ </xs:documentation>
1195
+ </xs:annotation>
1196
+ </xs:element>
1197
+ <xs:element name="RequireAppiesTo" type="tns:QNameAssertionType">
1198
+ <xs:annotation>
1199
+ <xs:documentation xml:lang="en">
1200
+ 10.1 Trust13 Assertion
1201
+ </xs:documentation>
1202
+ </xs:annotation>
1203
+ </xs:element>
1204
+
1205
+ </xs:schema>