Is it part of the SAML2.0 specification to request which attribute name format you want for the SAML response?
So back from Office365 SAML2.0 I get
<Attribute Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress">
<AttributeValue>email#mydomain.com</AttributeValue>
</Attribute>
Clearly the attribute name format seems to be
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
I want the name format to be (basic)
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"
So that OFfice365 responds with the ff instead
<Attribute Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress">
<AttributeValue>email#mydomain.com</AttributeValue>
</Attribute>
I know i can make these changes to the response on Office365 but i want to know if requesting such a response is a thing in SAML2.0
Yes. you can find the documentation under Section 8.2 Attribute Name Format Identifiers of SAML v2.0 OASIS Standard.
8.2 Attribute Name Format Identifiers The following identifiers MAY be used in the NameFormat attribute defined on the AttributeType complex
type to refer to the classification of the attribute name for purposes of interpreting the name.
8.2.1 Unspecified URI: urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified The
interpretation of the attribute name is left to individual
implementations.
8.2.2 URI Reference URI: urn:oasis:names:tc:SAML:2.0:attrname-format:uri The attribute name
follows the convention for URI references [RFC 2396], for example as
used in XACML [XACML] attribute identifiers. The interpretation of the
URI content or naming scheme is applicationspecific. See [SAMLProf]
for attribute profiles that make use of this identifier.
8.2.3 Basic URI: urn:oasis:names:tc:SAML:2.0:attrname-format:basic The class of strings acceptable as the attribute name MUST be drawn from
the set of values belonging to the primitive type xs:Name as defined
in [Schema2] Section 3.3.6. See [SAMLProf] for attribute profiles that
make use of this identifier.
Related
I have an XML that contains such definition:
<addr15 type="binary" size="1" data_characters="0,1,0,1">text 15</addr15>
<addr14 type="binary" size="1" data_characters="0,1,0,1">text 14</addr14>
<addr13 type="binary" size="1" data_characters="0,1,0,1">text 13</addr13>
<addr12 type="binary" size="1" data_characters="0,1,0,1">text 12</addr12>
<addr11 type="binary" size="1" data_characters="0,1,0,1">text 11</addr11>
As the elements' names are user defined (any valid string is ok), the attributes are mandatory.
How can I define an XSD to validate this?
Using <xsd:any> won't do the job - it can't validate the attributes.
Set processContents to lax or strict won't do the job also, as I can't supply the required XSD statements to validate.
the elements' names are user defined (any valid string is ok)
An XSD mainly describes the tag names in the document, and how they can be validly combined. So this XML format is going to be tricky to describe using an XSD.
Options (in order of my preference):
Change the tag name to <addr> and define a new required attribute 'addrNumber' to hold the 11,12,13,14,15. This would be easy to describe using an XSD.
Pre-declare all of the allowed <addrNN> tag names as global elements in your XSD. Disallow any tag names that are not pre-declared in the XSD (advanced users could add their own declarations to the XSD)
Continue to allow user-defined tag names. Define a global complex-type-with-simple-content that describes the attributes and the tag value. Every user-defined <addrNN> tag must include an xsi:type attribute that points to this global type. I think this will require an xsd:any with processContents='strict' to ensure that the xsi:type attribute gets strictly validated.
I will not go into details on each option, but I can supply further details if you need them.
What is the relationship between:
the import element in WSDL
-and-
the import element and in XML Schema
... and in particular the relationship between the location attribute of the former and the schemaLocation attribute of the latter?
Though I can use a catalog file (in a JAX-WS / wsimport toolchain) to "override" schemaLocation attributes for the xsd:import element it seems that I can't do the same for the location attributes of the wsdl:import statement.
In both cases, the import establishes a relationship between a document (be that WSDL or XSD) and an external resource).
Barring the confusion which surrounded the wsdl:import, specifically if it could be used to import XSDs or not (in the interoperable way it shouldn't), they're both meant to do the same thing for its own kind, i.e. bring in another WSDL's (in the WSDL case), or another XSD's (in the XSD case) definitions in scope, thus allowing a modular approach to authoring.
The attributes you're referring to are meant to be equivalent, in the same way an import in Java more or less matches a using in C#.
However, the specifics around each are different if you consider the WSDL 1.1 note: while in XSD the schemaLocation attribute is optional for xsd:import (since an import's location may be resolved through its namespace using other means allowed by the spec), the same was not built into the WSDL 1.1 note for the location attribute.
Also, the XSD spec is explicitly allowing for an override:
The ·actual value· of the schemaLocation, if present, gives a **hint** as to where a serialization of a ·schema document·...
If you look for the same in WSDL 2.0, you will notice that now WSDL supports an include in addition to the old import, basically following the same semantics relative to the namespace associated with the directive. More so, the use of the location attribute is also consistent to that in the XSD, which in return should foster a catalog-based approach to resolve the "dangling" imports.
To round it up, given the mandatory location attribute in WSDL 1.1, it didn't make sense to talk about catalogs or overrides since it was not implied or allowed by the note.
I have created an XML file like the following
<monitor>
<widget name="Widgets/TestWidget1">
<state code="VIC" />
<state code="TAS" />
</widget>
<widget name="Widgets/TestWidget2">
<client code="someclient" />
</widget>
</monitor>
The name attribute of the <widget> tag tells the parser what widget to load (they are asp.net user controls).
I am trying to create a schema file for the above, the problem is that inside the <widget> the supported subtags are dependent on the name attribute. So TestWidget1 supports the <state> tag and TestWidget2 supports the <client tag.
Currently my XML Schema file just displays all possible <widget> subtags regardless of whether they are supported or not.
How can I write an XML schema file that will only allow specific subtags based on the name attribute? If this is not possible, what options do I have?
You have several options. The simplest and most direct is to re-think your problem a bit. If the legal content of element E1 and the legal content of element E2 are different, then the simplest design is to call them different things, because in XSD as in DTDs the legal content of an element depends on the element type name. A devil's advocate would ask you "if you want different kinds of widget to obey different rules, why are you telling the validator that they are the same kind of widget? Tell the validator the truth, by giving them different names. So don't call them and so on, call them and ."
In XSD 1.1 you can also use conditional type assignment or assertions to define constraints on the legal combinations of attributes and children, but not every schema-aware editor is going to have the chops necessary to analyse the conditional type assignment rules and attributes and understand what to prompt you with.
I have a domain model which is intended to generalise several source systems. As such, in certain cases the decision was made to overload data into new a generic field rather than to create several specific fields.
To account for this, when the source systems data is mapped onto the new domain model, I was hoping to record the source fieldname as an attribute, e.g.:
<Event>
<Description sourceField="subject">...</Description>
<Description sourceField="description">...</Description>
<Description sourceField="issue">...</Description>
<...>
</Event>
What would be the appropriate way to add such an attribute into the XSD? Would I need to specifically attach it to every such overloaded field, or is there a general way to allow an attribute across all elements?
Please don't point out that I should just add the extra fields into the domain model if I need to distinguish between the different data - the decision has been made, I just need to work around it!
Thanks in advance.
Not really.
If all your element declarations extend from a common base type definition, then you can add the attribute to the base.
If all your element declarations include an anyAttribute, you can make a global attribute definition for sourceField. Then the validator would at least allow your attribute but not require it. And if the anyAttribute is strict or lax the validator will make sure the attribute's content is valid.
I'm building a custom search page and attempting to use an existing custom search scope. I'm having success using the SearchBoxEx with the AppQueryTerms = "ContentType:'my custom content type name'" but when i try using AppQueryTerms = "Scope:'My Custom Search Scope'" I get no errors, but also no proper results. I know my scope is populated using the advanced search so I must be using AppQuwryTerms wrong.
I've searched the net over and can't find the list of allowed AppQueryTerms filters. Is this Enum know to the stackerverse?
The problem is your scope name has spaces.
This worked for me:
AppQueryTerms="Scope:"My Scope""
The values for SearchBoxEx.AppQueryTerms are not an enum. They're actually a query written in a specific language for SharePoint Searching. The syntax for SharePoint 2010 is defined by microsoft on this page. It follows the format <Property Name><Property Operator><Property Value>
Scope is your property name.
: is your property operator for
matching using the property store database.
My Scope is your
property value.
The page above states:
The property restriction must not include white space between the property name, property operator, and the property value, or the property restriction will be treated as a free-text query. The length of a property restriction is limited to 2,048 characters.
Therefore, as in HelloSharePoint's example, you have to wrap the property value in quotes if it includes spaces.
Does your custom scope appear in the web sites list of Scopes?
http://intranet/[sitecollection]/_layouts/viewscopes.aspx?mode=site
Does the scope appear in a Display Group?