Jump to content
marloncdomenech

How to restrict the XSD of SAML 2.0 Authentication Context

Recommended Posts

I have been trying to find a solution to my problem is the last 10 days, and I found nothing. So, I am trying to restrict the Authentication Context XML Schema Definition of SAML 2.0. The XSD document is accessible at http://docs.oasis-open.org/security/saml/v2.0/saml-schema-authn-context-types-2.0.xsd.

The part that I am trying to restrict is the one related to this part of the XSD document:

<xs:complexType name="PasswordType">  <xs:sequence>    <xs:element ref="Length" minOccurs="0"/>    <xs:element ref="Alphabet" minOccurs="0"/>    <xs:element ref="Generation" minOccurs="0"/>    <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>  </xs:sequence>  <xs:attribute name="ExternalVerification" type="xs:anyURI" use="optional"/></xs:complexType><xs:element name="RestrictedPassword" type="RestrictedPasswordType"/><xs:complexType name="RestrictedPasswordType">  <xs:complexContent>    <xs:restriction base="PasswordType">      <xs:sequence>        <xs:element name="Length" type="RestrictedLengthType" minOccurs="1"/>        <xs:element ref="Generation" minOccurs="0"/>        <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>      </xs:sequence>      <xs:attribute name="ExternalVerification" type="xs:anyURI" use="optional"/>    </xs:restriction>  </xs:complexContent></xs:complexType> 

Well, I do not know how to restrict the RestrictedPassword complex Type. Below is my XSD, that tries to restrict the original XSD document.

<?xml version="1.0" encoding="UTF-8"?><xs:schema version="2.0"    targetNamespace="urn:m:SAML:2.0:ac:classes:K"    xmlns:xs="http://www.w3.org/2001/XMLSchema"    xmlns="urn:m:SAML:2.0:ac:classes:K"     finalDefault="extension"    blockDefault="substitution">  <xs:redefine schemaLocation="http://docs.oasis-open.org/security/saml/v2.0/saml-schema-authn-context-types-2.0.xsd">     <xs:complexType name="RestrictedPasswordType">      <xs:complexContent>        <xs:restriction base="RestrictedPasswordType">          <xs:sequence>            <xs:element ref="Length" minOccurs="0"/>            <xs:element ref="Generation"/>            <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>          </xs:sequence>          <xs:attribute name="ExternalVerification" type="xs:anyURI" use="optional"/>        </xs:restriction>      </xs:complexContent>    </xs:complexType>  </xs:redefine> </xs:schema> 

When I try to validate this XSD in this tool http://www.utilities-online.info/xsdvalidation/#.UwJAzK69h31 it returns me an error, that I do not know how to fix.

Any help is welcome.

Thanks!

Domenech, Marlon

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×