OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: Options for change

Existing

<complexType name="AttributeValueType">
	<sequence>
		<any namespace="##any" processContents="lax" minOccurs="0"
maxOccurs="unbounded"/>
	</sequence>
</complexType>

The problem with this set up is that every application requires an extension
schema to use an attribute statement.



With Generic Data Slots:


<complexType name="AttributeValueType">
	<sequence>
		<any namespace="##any" processContents="lax" minOccurs="0"
maxOccurs="unbounded"/>
		<element ref="saml:BooleanData" minOccurs=0
maxOccurs="unbounded"/>
		<element ref="saml:IntegerData" minOccurs=0
maxOccurs="unbounded"/>
		<element ref="saml:BooleanData" minOccurs=0
maxOccurs="unbounded"/>
	</sequence>
</complexType>
<element name="BooleanData" type="boolean"/>
<element name="IntegerData" type="integer"/>
<element name="StringData" type="string"/>


Using generic slots the namespace can specify the use of the slot, for
example:

<AttributeValue Namespace="urn:whatever:academic-agreement-2001"
	Name="MemberOfFaculty">
   <StringData>MIT.EDU</StringData>
</AttributeValue>

<AttributeValue Namespace="urn:whatever:academic-agreement-2001"
	Name="IsA Student">
   <BooleanData>true</BooleanData>
</AttributeValue>


This leave the problem that the attribute slot is intended to be extensible
but an extension schema can't declare an extension that is only for use as
an attribute value.

With generic data slots and an extension point:


<complexType name="AttributeValueType">
	<sequence>
		<any namespace="##any" processContents="lax" minOccurs="0"
maxOccurs="unbounded"/>
		<element ref="saml:AttributeElement"/>
		<element ref="saml:BooleanData" minOccurs=0
maxOccurs="unbounded"/>
		<element ref="saml:IntegerData" minOccurs=0
maxOccurs="unbounded"/>
		<element ref="saml:BooleanData" minOccurs=0
maxOccurs="unbounded"/>
	</sequence>
</complexType>
<element name="AttributeElement" type="saml:AttributeElementType"/>
<complexType name="AttributeElementType"/>


Phillip Hallam-Baker FBCS C.Eng.
Principal Scientist
VeriSign Inc.
pbaker@verisign.com
781 245 6996 x227

Phillip Hallam-Baker (E-mail).vcf

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC