You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by ay...@apache.org on 2013/12/17 11:59:21 UTC
svn commit: r1551509 - in /cxf/trunk/rt/ws/policy/src/main:
build-resources/catalog.cat
java/org/apache/cxf/ws/policy/blueprint/PolicyBPHandler.java
resources/OSGI-INF/blueprint/policy.xml
resources/schemas/ws-securitypolicy-1.2.xsd
Author: ay
Date: Tue Dec 17 10:59:21 2013
New Revision: 1551509
URL: http://svn.apache.org/r1551509
Log:
[CXF-5461] Add ws-securitypolicy-1.2.xsd to rt-ws-policy's schema resolution
Added:
cxf/trunk/rt/ws/policy/src/main/resources/schemas/ws-securitypolicy-1.2.xsd
Modified:
cxf/trunk/rt/ws/policy/src/main/build-resources/catalog.cat
cxf/trunk/rt/ws/policy/src/main/java/org/apache/cxf/ws/policy/blueprint/PolicyBPHandler.java
cxf/trunk/rt/ws/policy/src/main/resources/OSGI-INF/blueprint/policy.xml
Modified: cxf/trunk/rt/ws/policy/src/main/build-resources/catalog.cat
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/policy/src/main/build-resources/catalog.cat?rev=1551509&r1=1551508&r2=1551509&view=diff
==============================================================================
--- cxf/trunk/rt/ws/policy/src/main/build-resources/catalog.cat (original)
+++ cxf/trunk/rt/ws/policy/src/main/build-resources/catalog.cat Tue Dec 17 10:59:21 2013
@@ -20,6 +20,8 @@
SYSTEM "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" "../../../src/main/resources/schemas/oasis-200401-wss-wssecurity-secext-1.0.xsd"
SYSTEM "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" "../../../src/main/resources/schemas/oasis-200401-wss-wssecurity-utility-1.0.xsd"
+SYSTEM "http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/ws-securitypolicy-1.2.xsd" "../../../src/main/resources/schemas/ws-securitypolicy-1.2.xsd"
+SYSTEM "http://www.w3.org/2006/03/addressing/ws-addr.xsd" "../../../../../../core/src/main/resources/schemas/wsdl/ws-addr.xsd"
SYSTEM "http://www.w3.org/2001/xml.xsd" "../../../src/main/resources/schemas/xml.xsd"
SYSTEM "http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd" "../../../src/main/resources/schemas/xmldsig-core-schema.xsd"
PUBLIC "-//W3C//DTD XMLSchema 200102//EN" "../../../src/main/resources/schemas/XMLSchema.dtd"
Modified: cxf/trunk/rt/ws/policy/src/main/java/org/apache/cxf/ws/policy/blueprint/PolicyBPHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/policy/src/main/java/org/apache/cxf/ws/policy/blueprint/PolicyBPHandler.java?rev=1551509&r1=1551508&r2=1551509&view=diff
==============================================================================
--- cxf/trunk/rt/ws/policy/src/main/java/org/apache/cxf/ws/policy/blueprint/PolicyBPHandler.java (original)
+++ cxf/trunk/rt/ws/policy/src/main/java/org/apache/cxf/ws/policy/blueprint/PolicyBPHandler.java Tue Dec 17 10:59:21 2013
@@ -46,6 +46,8 @@ public class PolicyBPHandler implements
location = "schemas/oasis-200401-wss-wssecurity-secext-1.0.xsd";
} else if ("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd".equals(s)) {
location = "schemas/oasis-200401-wss-wssecurity-utility-1.0.xsd";
+ } else if ("http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/ws-securitypolicy-1.2.xsd".equals(s)) {
+ location = "schemas/ws-securitypolicy-1.2.xsd";
}
if (location != null) {
return getClass().getClassLoader().getResource(location);
Modified: cxf/trunk/rt/ws/policy/src/main/resources/OSGI-INF/blueprint/policy.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/policy/src/main/resources/OSGI-INF/blueprint/policy.xml?rev=1551509&r1=1551508&r2=1551509&view=diff
==============================================================================
--- cxf/trunk/rt/ws/policy/src/main/resources/OSGI-INF/blueprint/policy.xml (original)
+++ cxf/trunk/rt/ws/policy/src/main/resources/OSGI-INF/blueprint/policy.xml Tue Dec 17 10:59:21 2013
@@ -49,4 +49,9 @@
<entry key="osgi.service.blueprint.namespace" value="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"/>
</service-properties>
</service>
+ <service ref="PolicyBPHandler" interface="org.apache.aries.blueprint.NamespaceHandler">
+ <service-properties>
+ <entry key="osgi.service.blueprint.namespace" value="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"/>
+ </service-properties>
+ </service>
</blueprint>
Added: cxf/trunk/rt/ws/policy/src/main/resources/schemas/ws-securitypolicy-1.2.xsd
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/policy/src/main/resources/schemas/ws-securitypolicy-1.2.xsd?rev=1551509&view=auto
==============================================================================
--- cxf/trunk/rt/ws/policy/src/main/resources/schemas/ws-securitypolicy-1.2.xsd (added)
+++ cxf/trunk/rt/ws/policy/src/main/resources/schemas/ws-securitypolicy-1.2.xsd Tue Dec 17 10:59:21 2013
@@ -0,0 +1,1205 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!--
+OASIS takes no position regarding the validity or scope of any intellectual property or other rights that might be claimed to pertain to the
+implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available;
+neither does it represent that it has made any effort to identify any such rights. Information on OASIS's procedures with respect to rights in OASIS
+specifications can be found at the OASIS website. Copies of claims of rights made available for publication and any assurances of licenses to be made
+available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementors or users
+of this specification, can be obtained from the OASIS Executive Director.
+OASIS invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights which may
+cover technology that may be required to implement this specification. Please address the information to the OASIS Executive Director.
+Copyright © OASIS Open 2002-2007. All Rights Reserved.
+This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist
+in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the
+above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself does not be modified
+in any way, such as by removing the copyright notice or references to OASIS, except as needed for the purpose of developing OASIS specifications,
+in which case the procedures for copyrights defined in the OASIS Intellectual Property Rights document must be followed, or as required to translate
+it into languages other than English.
+The limited permissions granted above are perpetual and will not be revoked by OASIS or its successors or assigns.
+This document and the information contained herein is provided on an AS IS basis and OASIS DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED,
+INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
+MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
+-->
+<xs:schema
+ targetNamespace='http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702'
+ xmlns:tns='http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702'
+ xmlns:wsa="http://www.w3.org/2005/08/addressing"
+ xmlns:xs="http://www.w3.org/2001/XMLSchema"
+ elementFormDefault="qualified"
+ blockDefault="#all" >
+
+ <xs:import namespace="http://www.w3.org/2005/08/addressing"
+ schemaLocation="http://www.w3.org/2006/03/addressing/ws-addr.xsd" />
+
+ <!--
+ 4. Protection Assertions
+ -->
+ <xs:element name="SignedParts" type="tns:SePartsType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 4.1.1 SignedParts Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="EncryptedParts" type="tns:SePartsType" >
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 4.2.1 EncryptedParts Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:complexType name="SePartsType">
+ <xs:sequence>
+ <xs:element name="Body" type="tns:EmptyType" minOccurs="0" />
+ <xs:element name="Header" type="tns:HeaderType" minOccurs="0" maxOccurs="unbounded" />
+ <xs:element name="Attachments" type="tns:EmptyType" minOccurs="0" />
+ <xs:any minOccurs="0" maxOccurs="unbounded" namespace="##other" processContents="lax"/>
+ </xs:sequence>
+ <xs:anyAttribute namespace="##any" processContents="lax" />
+ </xs:complexType>
+ <xs:complexType name="EmptyType" />
+ <xs:complexType name="HeaderType" >
+ <xs:attribute name="Name" type="xs:QName" use="optional" />
+ <xs:attribute name="Namespace" type="xs:anyURI" use="required" />
+ <xs:anyAttribute namespace="##any" processContents="lax" />
+ </xs:complexType>
+
+ <xs:element name="SignedElements" type="tns:SerElementsType" >
+ <xs:annotation>
+ <xs:documentation xml:lang="en" >
+ 4.1.2 SignedElements Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="EncryptedElements" type="tns:SerElementsType" >
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 4.2.2 EncryptedElements Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="RequiredElements" type="tns:SerElementsType" >
+ <xs:annotation>
+ <xs:documentation xml:lang="en" >
+ 4.3.1 RequiredElements Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:complexType name="SerElementsType">
+ <xs:sequence>
+ <xs:element name="XPath" type="xs:string" minOccurs="1" maxOccurs="unbounded" />
+ <xs:any minOccurs="0" maxOccurs="unbounded" namespace="##other" processContents="lax"/>
+ </xs:sequence>
+ <xs:attribute name="XPathVersion" type="xs:anyURI" use="optional" />
+ <xs:anyAttribute namespace="##any" processContents="lax" />
+ </xs:complexType>
+
+ <!--
+ 5. Token Assertions
+ -->
+ <xs:attribute name="IncludeToken" type="tns:IncludeTokenOpenType" >
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 5.1 Token Inclusion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:attribute>
+ <xs:simpleType name="IncludeTokenOpenType">
+ <xs:union memberTypes="tns:IncludeTokenType xs:anyURI" />
+ </xs:simpleType>
+ <xs:simpleType name="IncludeTokenType">
+ <xs:restriction base="xs:anyURI" >
+ <xs:enumeration value="http://docs.oasis-open.org/ws-sx/ws-trust/200702/ws-securitypolicy/IncludeToken/Never" />
+ <xs:enumeration value="http://docs.oasis-open.org/ws-sx/ws-trust/200702/ws-securitypolicy/IncludeToken/Once" />
+ <xs:enumeration value="http://docs.oasis-open.org/ws-sx/ws-trust/200702/ws-securitypolicy/IncludeToken/AlwaysToRecipient" />
+ <xs:enumeration value="http://docs.oasis-open.org/ws-sx/ws-trust/200702/ws-securitypolicy/IncludeToken/AlwaysToInitiator" />
+ <xs:enumeration value="http://docs.oasis-open.org/ws-sx/ws-trust/200702/ws-securitypolicy/IncludeToken/Always" />
+ </xs:restriction>
+ </xs:simpleType>
+
+ <xs:element name="UsernameToken" type="tns:TokenAssertionType" >
+ <xs:annotation>
+ <xs:documentation xml:lang="en" >
+ 5.4.1 UsernameToken Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:complexType name="TokenAssertionType">
+ <xs:sequence>
+ <xs:choice minOccurs="0">
+ <xs:element name="Issuer" type="wsa:EndpointReferenceType" />
+ <xs:element name="IssuerName" type="xs:anyURI" />
+ </xs:choice>
+ <!--
+ Actual content model is non-deterministic, hence wildcard. The following shows intended content model:
+ <xs:element ref="wsp:Policy" minOccurs="0" />
+ -->
+ <xs:any minOccurs="0" maxOccurs="unbounded" namespace="##other" processContents="lax"/>
+ </xs:sequence>
+ <xs:attribute ref="tns:IncludeToken" use="optional" />
+ <xs:anyAttribute namespace="##any" processContents="lax" />
+ </xs:complexType>
+
+ <xs:element name="NoPassword" type="tns:QNameAssertionType" >
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 5.4.1 UsernameToken Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="HashPassword" type="tns:QNameAssertionType" >
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 5.4.1 UsernameToken Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="WssUsernameToken10" type="tns:QNameAssertionType" >
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 5.4.1 UsernameToken Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="WssUsernameToken11" type="tns:QNameAssertionType" >
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 5.4.1 UsernameToken Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <!-- RequireDerivedKeys defined below. -->
+ <!-- RequireImpliedDerivedKeys defined below. -->
+ <!-- RequireExplicitDerivedKeys defined below. -->
+
+ <xs:complexType name="QNameAssertionType">
+ <xs:anyAttribute namespace="##any" processContents="lax" />
+ </xs:complexType>
+
+ <xs:element name="IssuedToken" type="tns:IssuedTokenType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 5.4.2 IssuedToken Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:complexType name="IssuedTokenType">
+ <xs:sequence>
+ <xs:choice minOccurs="0">
+ <xs:element name="Issuer" type="wsa:EndpointReferenceType" />
+ <xs:element name="IssuerName" type="xs:anyURI" />
+ </xs:choice>
+ <xs:element name="RequestSecurityTokenTemplate" type="tns:RequestSecurityTokenTemplateType" />
+ <!--
+ Actual content model is non-deterministic, hence wildcard. The following shows intended content model:
+ <xs:element ref="wsp:Policy" minOccurs="0" />
+ -->
+ <xs:any minOccurs="0" maxOccurs="unbounded" namespace="##other" processContents="lax" />
+ </xs:sequence>
+ <xs:attribute ref="tns:IncludeToken" use="optional" />
+ <xs:anyAttribute namespace="##any" processContents="lax" />
+ </xs:complexType>
+ <xs:complexType name="RequestSecurityTokenTemplateType">
+ <xs:sequence>
+ <xs:any minOccurs="0" maxOccurs="unbounded" namespace="##other" processContents="lax" />
+ </xs:sequence>
+ <xs:attribute name="TrustVersion" type="xs:anyURI" use="optional" />
+ <xs:anyAttribute namespace="##any" processContents="lax" />
+ </xs:complexType>
+
+ <xs:element name="RequireDerivedKeys" type="tns:QNameAssertionType" >
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 5.4.2 IssuedToken Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="RequireImpliedDerivedKeys" type="tns:QNameAssertionType" >
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 5.4.2 IssuedToken Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="RequireExplicitDerivedKeys" type="tns:QNameAssertionType" >
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 5.4.2 IssuedToken Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="RequireExternalReference" type="tns:QNameAssertionType" >
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 5.4.2 IssuedToken Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="RequireInternalReference" type="tns:QNameAssertionType" >
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 5.4.2 IssuedToken Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+
+ <xs:element name="X509Token" type="tns:TokenAssertionType" >
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 5.4.3 X509Token Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <!-- RequireDerivedKeys defined above. -->
+ <!-- RequireImpliedDerivedKeys defined above. -->
+ <!-- RequireExplicitDerivedKeys defined above. -->
+
+ <xs:element name="RequireKeyIdentifierReference" type="tns:QNameAssertionType" >
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 5.4.3 X509Token Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="RequireIssuerSerialReference" type="tns:QNameAssertionType" >
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 5.4.3 X509Token Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="RequireEmbeddedTokenReference" type="tns:QNameAssertionType" >
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 5.4.3 X509Token Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="RequireThumbprintReference" type="tns:QNameAssertionType" >
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 5.4.3 X509Token Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="WssX509V3Token10" type="tns:QNameAssertionType" >
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 5.4.3 X509Token Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="WssX509Pkcs7Token10" type="tns:QNameAssertionType" >
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 5.4.3 X509Token Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="WssX509PkiPathV1Token10" type="tns:QNameAssertionType" >
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 5.4.3 X509Token Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="WssX509V1Token11" type="tns:QNameAssertionType" >
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 5.4.3 X509Token Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="WssX509V3Token11" type="tns:QNameAssertionType" >
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 5.4.3 X509Token Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="WssX509Pkcs7Token11" type="tns:QNameAssertionType" >
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 5.4.3 X509Token Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="WssX509PkiPathV1Token11" type="tns:QNameAssertionType" >
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 5.4.3 X509Token Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+
+ <xs:element name="KerberosToken" type="tns:TokenAssertionType" >
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 5.4.4 KerberosToken Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <!-- RequireDerivedKeys defined above. -->
+ <!-- RequireImpliedDerivedKeys defined above. -->
+ <!-- RequireExplicitDerivedKeys defined above. -->
+ <!-- RequireKeyIdentifierReference defined above. -->
+
+ <xs:element name="WssKerberosV5ApReqToken11" type="tns:QNameAssertionType" >
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 5.4.4 KerberosToken Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="WssGssKerberosV5ApReqToken11" type="tns:QNameAssertionType" >
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 5.4.4 KerberosToken Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+
+ <xs:element name="SpnegoContextToken" type="tns:SpnegoContextTokenType" >
+ <xs:annotation>
+ <xs:documentation xml:lang="en" >
+ 5.4.5 SpnegoContextToken Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:complexType name="SpnegoContextTokenType">
+ <xs:sequence>
+ <xs:choice minOccurs="0">
+ <xs:element name="Issuer" type="wsa:EndpointReferenceType" />
+ <xs:element name="IssuerName" type="xs:anyURI" />
+ </xs:choice>
+ <!--
+ Actual content model is non-deterministic, hence wildcard. The following shows intended content model:
+ <xs:element ref="wsp:Policy" minOccurs="0" />
+ -->
+ <xs:any minOccurs="0" maxOccurs="unbounded" namespace="##other" processContents="lax" />
+ </xs:sequence>
+ <xs:attribute ref="tns:IncludeToken" use="optional" />
+ <xs:anyAttribute namespace="##any" processContents="lax" />
+ </xs:complexType>
+ <!-- RequireDerivedKeys defined above. -->
+ <!-- RequireImpliedDerivedKeys defined above. -->
+ <!-- RequireExplicitDerivedKeys defined above. -->
+ <xs:element name="MustNotSendCancel" type="tns:QNameAssertionType" >
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 5.4.5 SpnegoContextToken Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="MustNotSendAmend" type="tns:QNameAssertionType" >
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 5.4.5 SpnegoContextToken Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="MustNotSendRenew" type="tns:QNameAssertionType" >
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 5.4.5 SpnegoContextToken Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+
+ <xs:element name="SecurityContextToken" type="tns:TokenAssertionType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 5.4.6 SecurityContextToken Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <!-- RequireDerivedKeys defined above. -->
+ <!-- RequireImpliedDerivedKeys defined above. -->
+ <!-- RequireExplicitDerivedKeys defined above. -->
+
+ <xs:element name="RequireExternalUriReference" type="tns:QNameAssertionType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 5.4.6 SecurityContextToken Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="SC13SecurityContextToken" type="tns:QNameAssertionType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 5.4.6 SecurityContextToken Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+
+ <xs:element name="SecureConversationToken" type="tns:SecureConversationTokenType" >
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 5.4.7 SecureConversationToken Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:complexType name="SecureConversationTokenType">
+ <xs:sequence>
+ <xs:choice minOccurs="0">
+ <xs:element name="Issuer" type="wsa:EndpointReferenceType" />
+ <xs:element name="IssuerName" type="xs:anyURI" />
+ </xs:choice>
+ <!--
+ Actual content model is non-deterministic, hence wildcard. The following shows intended content model:
+ <xs:element ref="wsp:Policy" minOccurs="0" />
+ -->
+ <xs:any minOccurs="0" maxOccurs="unbounded" namespace="##other" processContents="lax" />
+ </xs:sequence>
+ <xs:attribute ref="tns:IncludeToken" use="optional" />
+ <xs:anyAttribute namespace="##any" processContents="lax" />
+ </xs:complexType>
+ <!-- RequireDerivedKeys defined above. -->
+ <!-- RequireImpliedDerivedKeys defined above. -->
+ <!-- RequireExplicitDerivedKeys defined above. -->
+ <!-- RequireExternalUriReference defined above. -->
+ <!-- SC13SecurityContextToken defined above. -->
+ <!-- MustNotSendCancel defined above. -->
+ <!-- MustNotSendAmend defined above. -->
+ <!-- MustNotSendRenew defined above. -->
+
+ <xs:element name="BootstrapPolicy" type="tns:NestedPolicyType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 5.4.7 SecureConversationToken Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+
+ <xs:element name="SamlToken" type="tns:TokenAssertionType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en" >
+ 5.4.8 SamlToken Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <!-- RequireDerivedKeys defined above. -->
+ <!-- RequireImpliedDerivedKeys defined above. -->
+ <!-- RequireExplicitDerivedKeys defined above. -->
+ <!-- RequireKeyIdentifierReference defined above. -->
+
+ <xs:element name="WssSamlV11Token10" type="tns:QNameAssertionType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 5.4.8 SamlToken Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="WssSamlV11Token11" type="tns:QNameAssertionType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 5.4.8 SamlToken Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="WssSamlV20Token11" type="tns:QNameAssertionType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 5.4.8 SamlToken Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+
+ <xs:element name="RelToken" type="tns:TokenAssertionType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 5.4.9 RelToken Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <!-- RequireDerivedKeys defined above. -->
+ <!-- RequireImpliedDerivedKeys defined above. -->
+ <!-- RequireExplicitDerivedKeys defined above. -->
+ <!-- RequireKeyIdentifierReference defined above. -->
+
+ <xs:element name="WssRelV10Token10" type="tns:QNameAssertionType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 5.4.9 RelToken Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="WssRelV20Token10" type="tns:QNameAssertionType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 5.4.9 RelToken Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="WssRelV10Token11" type="tns:QNameAssertionType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 5.4.9 RelToken Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="WssRelV20Token11" type="tns:QNameAssertionType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 5.4.9 RelToken Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+
+ <xs:element name="HttpsToken" type="tns:TokenAssertionType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 5.4.10 HttpsToken Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="HttpBasicAuthentication" type="tns:QNameAssertionType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 5.4.10 HttpsToken Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="HttpDigestAuthentication" type="tns:QNameAssertionType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 5.4.10 HttpsToken Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="RequireClientCertificate" type="tns:QNameAssertionType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 5.4.10 HttpsToken Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+
+ <xs:element name="KeyValueToken" type="tns:KeyValueTokenType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 5.4.11 KeyValueToken Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:complexType name="KeyValueTokenType">
+ <xs:sequence>
+ <!--
+ Actual content model is non-deterministic, hence wildcard. The following shows intended content model:
+ <xs:element ref="wsp:Policy" minOccurs="0" />
+ -->
+ <xs:any minOccurs="0" maxOccurs="unbounded" namespace="##other" processContents="lax" />
+ </xs:sequence>
+ <xs:attribute ref="tns:IncludeToken" use="optional" />
+ <xs:anyAttribute namespace="##any" processContents="lax" />
+ </xs:complexType>
+ <xs:element name="RsaKeyValue" type="tns:QNameAssertionType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 5.4.11 KeyValueToken Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+
+ <!--
+ 7. Security Binding Assertions
+ -->
+ <xs:element name="AlgorithmSuite" type="tns:NestedPolicyType" >
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 7.1 AlgorithmSuite Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:complexType name="NestedPolicyType">
+ <xs:sequence>
+ <xs:any minOccurs="0" maxOccurs="unbounded" namespace="##other" processContents="lax"/>
+ </xs:sequence>
+ <xs:anyAttribute namespace="##any" processContents="lax" />
+ </xs:complexType>
+
+ <xs:element name="Basic256" type="tns:QNameAssertionType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 7.1 AlgorithmSuite Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="Basic192" type="tns:QNameAssertionType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 7.1 AlgorithmSuite Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="Basic128" type="tns:QNameAssertionType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 7.1 AlgorithmSuite Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="TripleDes" type="tns:QNameAssertionType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 7.1 AlgorithmSuite Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="Basic256Rsa15" type="tns:QNameAssertionType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 7.1 AlgorithmSuite Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="Basic192Rsa15" type="tns:QNameAssertionType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 7.1 AlgorithmSuite Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="Basic128Rsa15" type="tns:QNameAssertionType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 7.1 AlgorithmSuite Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="TripleDesRsa15" type="tns:QNameAssertionType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 7.1 AlgorithmSuite Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="Basic256Sha256" type="tns:QNameAssertionType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 7.1 AlgorithmSuite Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="Basic192Sha256" type="tns:QNameAssertionType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 7.1 AlgorithmSuite Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="Basic128Sha256" type="tns:QNameAssertionType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 7.1 AlgorithmSuite Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="TripleDesSha256" type="tns:QNameAssertionType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 7.1 AlgorithmSuite Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="Basic256Sha256Rsa15" type="tns:QNameAssertionType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 7.1 AlgorithmSuite Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="Basic192Sha256Rsa15" type="tns:QNameAssertionType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 7.1 AlgorithmSuite Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="Basic128Sha256Rsa15" type="tns:QNameAssertionType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 7.1 AlgorithmSuite Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="TripleDesSha256Rsa15" type="tns:QNameAssertionType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 7.1 AlgorithmSuite Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="InclusiveC14N" type="tns:QNameAssertionType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 7.1 AlgorithmSuite Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="SOAPNormalization10" type="tns:QNameAssertionType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 7.1 AlgorithmSuite Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="STRTransform10" type="tns:QNameAssertionType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 7.1 AlgorithmSuite Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="XPath10" type="tns:QNameAssertionType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 7.1 AlgorithmSuite Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="XPathFilter20" type="tns:QNameAssertionType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 7.1 AlgorithmSuite Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="AbsXPath" type="tns:QNameAssertionType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 7.1 AlgorithmSuite Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+
+ <xs:element name="Layout" type="tns:NestedPolicyType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 7.2 Layout Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+
+ <xs:element name="Strict" type="tns:QNameAssertionType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 7.2 Layout Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="Lax" type="tns:QNameAssertionType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 7.2 Layout Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="LaxTsFirst" type="tns:QNameAssertionType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 7.2 Layout Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="LaxTsLast" type="tns:QNameAssertionType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 7.2 Layout Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+
+ <xs:element name="TransportBinding" type="tns:NestedPolicyType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 7.3 TransportBinding Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+
+ <xs:element name="TransportToken" type="tns:NestedPolicyType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 7.3 TransportBinding Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <!-- AlgorithmSuite defined above. -->
+ <!-- Layout defined above. -->
+
+ <xs:element name="IncludeTimestamp" type="tns:QNameAssertionType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 7.3 TransportBinding Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+
+ <xs:element name="SymmetricBinding" type="tns:NestedPolicyType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 7.4 SymmetricBinding Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="EncryptionToken" type="tns:NestedPolicyType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 7.4 SymmetricBinding Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="SignatureToken" type="tns:NestedPolicyType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 8=7.4 SymmetricBinding Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="ProtectionToken" type="tns:NestedPolicyType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 7.4 SymmetricBinding Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <!-- AlgorithmSuite defined above. -->
+ <!-- Layout defined above. -->
+ <!-- IncludeTimestamp defined above. -->
+
+ <xs:element name="EncryptBeforeSigning" type="tns:QNameAssertionType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 7.4 SymmetricBinding Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="EncryptSignature" type="tns:QNameAssertionType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 7.4 SymmetricBinding Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="ProtectTokens" type="tns:QNameAssertionType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 7.4 SymmetricBinding Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="OnlySignEntireHeadersAndBody" type="tns:QNameAssertionType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 7.4 SymmetricBinding Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+
+ <xs:element name="AsymmetricBinding" type="tns:NestedPolicyType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 7.5 AsymmetricBinding Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+
+ <xs:element name="InitiatorToken" type="tns:NestedPolicyType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 7.5 AsymmetricBinding Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+
+ <xs:element name="InitiatorSignatureToken" type="tns:NestedPolicyType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 7.5 AsymmetricBinding Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+
+ <xs:element name="InitiatorEncryptionToken" type="tns:NestedPolicyType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 7.5 AsymmetricBinding Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+
+ <xs:element name="RecipientToken" type="tns:NestedPolicyType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 7.5 AsymmetricBinding Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+
+ <xs:element name="RecipientSignatureToken" type="tns:NestedPolicyType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 7.5 AsymmetricBinding Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+
+ <xs:element name="RecipientEncryptionToken" type="tns:NestedPolicyType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 7.5 AsymmetricBinding Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <!-- AlgorithmSuite defined above. -->
+ <!-- Layout defined above. -->
+ <!-- IncludeTimestamp defined above. -->
+ <!-- EncryptBeforeSigning defined above. -->
+ <!-- EncryptSignature defined above. -->
+ <!-- ProtectTokens defined above. -->
+ <!-- OnlySignEntireHeadersAndBody defined above. -->
+
+ <!--
+ 8. Supporting Tokens
+ -->
+ <xs:element name="SupportingTokens" type="tns:NestedPolicyType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 8.1 SupportingTokens Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <!-- AlgorithmSuite defined above. -->
+ <!-- SignedParts defined above. -->
+ <!-- SignedElements defined above. -->
+ <!-- EncryptedParts defined above. -->
+ <!-- EncryptedElements defined above. -->
+
+ <xs:element name="SignedSupportingTokens" type="tns:NestedPolicyType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 8.2 SignedSupportingTokens Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <!-- AlgorithmSuite defined above. -->
+ <!-- SignedParts defined above. -->
+ <!-- SignedElements defined above. -->
+ <!-- EncryptedParts defined above. -->
+ <!-- EncryptedElements defined above. -->
+
+ <xs:element name="EndorsingSupportingTokens" type="tns:NestedPolicyType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 8.3 EndorsingSupportingTokens Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <!-- AlgorithmSuite defined above. -->
+ <!-- SignedParts defined above. -->
+ <!-- SignedElements defined above. -->
+ <!-- EncryptedParts defined above. -->
+ <!-- EncryptedElements defined above. -->
+
+ <xs:element name="SignedEndorsingSupportingTokens" type="tns:NestedPolicyType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 8.4 SignedEndorsingSupportingTokens Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <!-- AlgorithmSuite defined above. -->
+ <!-- SignedParts defined above. -->
+ <!-- SignedElements defined above. -->
+ <!-- EncryptedParts defined above. -->
+ <!-- EncryptedElements defined above. -->
+
+ <xs:element name="SignedEncryptedSupportingTokens" type="tns:NestedPolicyType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 8.5 SignedEncryptedSupportingTokens Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <!-- AlgorithmSuite defined above. -->
+ <!-- SignedParts defined above. -->
+ <!-- SignedElements defined above. -->
+ <!-- EncryptedParts defined above. -->
+ <!-- EncryptedElements defined above. -->
+
+ <xs:element name="EncryptedSupportingTokens" type="tns:NestedPolicyType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 8.6 EncryptedSupportingTokens Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <!-- AlgorithmSuite defined above. -->
+ <!-- SignedParts defined above. -->
+ <!-- SignedElements defined above. -->
+ <!-- EncryptedParts defined above. -->
+ <!-- EncryptedElements defined above. -->
+
+ <xs:element name="EndorsingEncryptedSupportingTokens" type="tns:NestedPolicyType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 8.7 EndorsingEncryptedSupportingTokens Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <!-- AlgorithmSuite defined above. -->
+ <!-- SignedParts defined above. -->
+ <!-- SignedElements defined above. -->
+ <!-- EncryptedParts defined above. -->
+ <!-- EncryptedElements defined above. -->
+
+ <xs:element name="SignedEndorsingEncryptedSupportingTokens" type="tns:NestedPolicyType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 8.8 SignedEndorsingEncryptedSupportingTokens Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <!-- AlgorithmSuite defined above. -->
+ <!-- SignedParts defined above. -->
+ <!-- SignedElements defined above. -->
+ <!-- EncryptedParts defined above. -->
+ <!-- EncryptedElements defined above. -->
+
+ <!--
+ 9. WSS: SOAP Message Security Options
+ -->
+ <xs:element name="Wss10" type="tns:NestedPolicyType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 9.1 Wss10 Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+
+ <xs:element name="MustSupportRefKeyIdentifier" type="tns:QNameAssertionType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 9.1 Wss10 Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="MustSupportRefIssuerSerial" type="tns:QNameAssertionType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 9.1 Wss10 Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="MustSupportRefExternalURI" type="tns:QNameAssertionType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 9.1 Wss10 Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="MustSupportRefEmbeddedToken" type="tns:QNameAssertionType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 9.1 Wss10 Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+
+ <xs:element name="Wss11" type="tns:NestedPolicyType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 9.2 Wss11 Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <!-- MustSupportRefKeyIdentifier defined above. -->
+ <!-- MustSupportRefIssuerSerial defined above. -->
+ <!-- MustSupportRefExternalURI defined above. -->
+ <!-- MustSupportRefEmbeddedToken defined above. -->
+
+ <xs:element name="MustSupportRefThumbprint" type="tns:QNameAssertionType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 9.2 Wss11 Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="MustSupportRefEncryptedKey" type="tns:QNameAssertionType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 9.2 Wss11 Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="RequireSignatureConfirmation" type="tns:QNameAssertionType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 9.2 Wss11 Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+
+ <!--
+ 10. WS-Trust Options
+ -->
+ <xs:element name="Trust13" type="tns:NestedPolicyType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 10.1 Trust13 Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+
+ <xs:element name="MustSupportClientChallenge" type="tns:QNameAssertionType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 10.1 Trust13 Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="MustSupportServerChallenge" type="tns:QNameAssertionType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 10.1 Trust13 Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="RequireClientEntropy" type="tns:QNameAssertionType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 10.1 Trust13 Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="RequireServerEntropy" type="tns:QNameAssertionType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 10.1 Trust13 Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="MustSupportIssuedTokens" type="tns:QNameAssertionType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 10.1 Trust13 Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="RequireRequestSecurityTokenCollection" type="tns:QNameAssertionType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 10.1 Trust13 Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="RequireAppiesTo" type="tns:QNameAssertionType">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ 10.1 Trust13 Assertion
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
+
+</xs:schema>
\ No newline at end of file