OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xacml-comment message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Inappropriate use of xsi:type in SAML profile protocol schemas



Some of the Committee Specification 1 XML Schemas for the SAML 2.0 profile of
XACML use the "xsi:type" XML attribute in element definitions where they should
use the "type" attribute. The affected schemas are:

     xacml-1.0-profile-saml2.0-v2-schema-protocol-wd-13.xsd.xml
     xacml-1.1-profile-saml2.0-v2-schema-protocol-wd-13.xsd.xml
     xacml-2.0-profile-saml2.0-v2-schema-protocol-wd-13.xsd.xml
     xacml-3.0-profile-saml2.0-v2-schema-protocol-wd-13.xsd.xml

The following element definition is a typical case:

     <element name="Extensions" xsi:type="xacml-samlp:ExtensionsType" />

This definition is actually attempting to extend the XML Schema "element"
element, which is of the XML Schema "topLevelElement" type, but is invalid
because "xacml-samlp:ExtensionsType" isn't derived from "topLevelElement".
The "type" attribute is no doubt intended instead of the "xsi:type" attribute.
Because the "type" attribute is omitted from the element definition, the type
for the "Extensions" element defaults to the XML Schema "anyType", perhaps
explaining why the defect has escaped detection previously.

Regards,
Steven Legg


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]