[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: multiple occurrences of DoNotCache element
SAML 1.1 introduces a new condition called DoNotCache. The intent here is to support the use of "one-use" assertions that cannot be cached by the relying party. The following schema fragment (taken from sstc-saml-core-1.1-draft-10) allows arbitrarily many instances of the element in a single assertion. <element name="Conditions" type="saml:ConditionsType"/> <complexType name="ConditionsType"> 472 <choice minOccurs="0" maxOccurs="unbounded"> 473 <element ref="saml:AudienceRestrictionCondition"/> 474 <element ref="saml:DoNotCacheCondition"> 475 <element ref="saml:Condition"/> 476 </choice> 477 <attribute name="NotBefore" type="dateTime" use="optional"/> 478 <attribute name="NotOnOrAfter" type="dateTime" use="optional"/> 479 </complexType> 480 Multiple occurrences of DoNotCache do any have any additional meaning but do add some syntactic complexity to assertion processing. Should we modify the schema fragment to read: <complexType name="ConditionsType"> <sequence> <element ref="saml:DoNotCacheCondition" minOccurs="0"/> <choice minOccurs="0" maxOccurs="unbounded"> <element ref="saml:AudienceRestrictionCondition" /> <element ref="saml:Condition"/> </choice> </sequence> <attribute name="NotBefore" type="dateTime" use="optional"/> <attribute name="NotOnOrAfter" type="dateTime" use="optional"/> </complexType> - prateek
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]