Presentation is loading. Please wait.

Presentation is loading. Please wait.

XML Schema techniques: issues and recommendations SAML F2F #4 Eve Maler 28 August 2001.

Published byJamar Jenks Modified over 9 years ago

Similar presentations

Presentation on theme: "XML Schema techniques: issues and recommendations SAML F2F #4 Eve Maler 28 August 2001."— Presentation transcript:

1 XML Schema techniques: issues and recommendations SAML F2F #4 Eve Maler eve.maler@sun.com 28 August 2001

2 Outline Parameters of some issues facing us in development of XSD-compliant schemas –CONS-04 –CONS-03 –A small selection of others My recommendations TC discussion/decisions

3 Issue CONS-04: Extensibility of assertions

4 Our putative requirements for assertions 1.Factor out commonalities and package them in a way that can be leveraged by SAML processors 2.Allow users to define (a) extensions to native SAML assertions and (b) novel assertion types 3.Ensure that both native and user-defined assertions can appear in all the right places

5 #1: Factoring out commonalities

6 Currently done with complex types AssertionAbstractType –SubjectAssertionAbstractType AuthenticationAssertionType AuthorizationDecisionAssertionType AttributeAssertionType Example instance: …

7 Does it meet the requirement? Yes, because XSD types are nominally accessible to software –Even if the PSVI isn’t truly accessible yet, data binding is heavily used Model groups are the only other choice –But being macro-like, they nominally aren’t accessible to software So no issue here

8 #2: User-defined extensions and novel kinds of assertions

9 Currently done with non-final complex types AssertionAbstractType –SubjectAssertionAbstractType AuthenticationAssertionType –User-defined extensions of AuthN-type assertions AuthorizationDecisionAssertionType –User-defined extensions of AuthZDecision-type assertions AttributeAssertionType –User-defined extensions of Attrib-type assertions Novel user-defined extensions with subject info –Novel user-defined extensions

10 Examples (Attrib-specific stuff goes here) (Attrib-specific stuff goes here, plus my stuff tacked on to the end) (Attrib-specific stuff goes here, with tighter occurrence constraints)

11 Does it meet the requirement? Yes; users can create extensions and restrictions by declaring derived types Derived-type elements must use the xsi:type attribute and element name is always –But this is true of native elements as well…

12 Another option for part of the problem We could use wildcards in content models to give extensibility without subtyping Gives finer control over position, number, and namespace of foreign elements Type derivation is still needed for totally novel assertion types

13 Example: extensible attribute assertions without new types

14 Example: instance of extended attribute assertion … … … … …

15 #3: Allowing all kinds of assertions to appear in all the right places

16 Currently done with reference to element Assertions may appear in and A plain can’t be used –Its type is abstract It requires an xsi:type attribute to nail down the concrete type used

17 Examples, again (Attribute stuff goes here) (Attribute stuff goes here, plus my stuff tacked on to the end) (Attribute stuff goes here, with tighter occurrence constraints)

18 Does it meet the requirement? Yes, because all descendants from AssertionAbstractType can go in those two spots Some consequences: –Processors must examine the xsi:type attribute in all cases –Native and user-defined assertions look alike

19 Another option: substitution groups It works by declaring elements to be substitutable for a “head element” Because this gets done on an element declaration, and elements must have types, xsi:type isn’t needed in instances All substitutable elements must have the same type as the head element (or a derived one)

20 Example: native SAML elements substitutable for

21 Example: native SAML assertion elements in an instance (Authentication stuff goes here) (Attribute stuff goes here) (Authorization decision stuff goes here)

22 Interaction of type derivation and substitution groups They can be mixed together freely (by default) If the SAML assertion schema relies on type derivation (as it does today), extension schemas could still define new substitutable elements with as a head element If the SAML assertion schema is changed to use substitution groups, extension schemas could still define new types and use xsi:type

23 Examples: user-defined assertions done two ways (new type derived from subject assertions; can be used directly in instance if xsi:type is used) … (add this to schema to use new element as substitute for element without using xsi:type)

24 Yet another option: model groups Not considering this option seriously Model groups are macro-like and thus remove all certainty about type adherence They would require user-defined schemas to use the redefine mechanism

25 Issue CONS-03: Subtyping in general

26 Currently all types are implicitly set non-final Any type can be used as the basis for derivation, not just assertion-related types Any user can extend or restrict our constraints (according to XSD’s abilities)

27 Example: extending the NameIdentifierType type (after and comes my new stuff)

28 What is the requirement? Flexibility makes sense for: –Our own experimentation for future versions –Innovation by users But there are interoperability risks if we allow redefinition of SAML semantics through addition of “foreign matter” The XSLT spec mitigates this with prose

29 Issue: global vs. local element declarations

30 Currently there is a mix of both E.g., is defined both as: –Local to elements of AssertionAbstractType –Local to elements of AttributeValueType They happen to have the same definition, but they needn’t The pattern of global vs. local is unclear How do local elements get processed, particularly if they have different types? –E.g., how does XSLT distinguish them? Is xsi:type required?

31 Recommendations and discussion

32 Major questions raised here 1.Should substitution groups be used in the SAML assertion schema instead of the xsi:type framework for extension? 2.Should wildcards be used to allow extensibility in the three assertion types? 3.Should we set a restrictive finalDefault for the schema as a whole to close off extensions? 4.Should we use global element definitions exclusively rather than a mix?

33 YES on #1: Substitution groups instead of xsi:type in our schema Attribute processing is more expensive than element processing; substitution groups eliminate xsi:type from “pure SAML” schemas Extensions to native assertions can enable smarter processing even when the derived type is unfamiliar … DocBook role and HTML class provide philosophical precedents

34 NO on #2: wildcards for type extension The option allows extensions to go “unremarked”; with derived types, extension schemas clearly define their own types and elements This way, we don’t have to do the design work of figuring out where/how to place the s We seem to have no particular need for tight control of extensions beyond what XSD extensions offer

35 NO on #3: Restrictive finalDefault for the schema Why cut off our (or our users’) options? Isn’t this what XML Schema is good at? But we have to make sure that we disallow proprietary game-playing in our conformance language

36 YES on #4: Universal use of global elements XML standards and tools are not savvy enough yet to handle local elements “natively” Those who clamored for this feature had huge DTDs with many subelements, where there were similar but not identical names and characteristics for each “branch” –We don’t have this problem

Download ppt "XML Schema techniques: issues and recommendations SAML F2F #4 Eve Maler 28 August 2001."

Similar presentations

BAH DAML Tools XML To DAML Query Relevance Assessor DAML XSLT Adapter.

BAH DAML Tools XML To DAML Query Relevance Assessor DAML XSLT Adapter.
On and use=document|rpc, style=literal|encoded A personal opinion Sanjiva Weerawarana IBM Research September 9-11, 2002.

On and use=document|rpc, style=literal|encoded A personal opinion Sanjiva Weerawarana IBM Research September 9-11, 2002.
CSPP51038 WSDL in depth. Advanced Schema features (required for understanding wsdl)

CSPP51038 WSDL in depth. Advanced Schema features (required for understanding wsdl)
What is XML? a meta language that allows you to create and format your own document markups a method for putting structured data into a text file; these.

What is XML? a meta language that allows you to create and format your own document markups a method for putting structured data into a text file; these.
W3C XML Schema: what you might not know (and might or might not like!) Noah Mendelsohn Distinguished Engineer IBM Corp. October 10, 2002.

W3C XML Schema: what you might not know (and might or might not like!) Noah Mendelsohn Distinguished Engineer IBM Corp. October 10, 2002.
ISO 19757 - DSDL ISO 19757 – Document Schema Definition Languages (DSDL) Martin Bryan Convenor, JTC1/SC18 WG1.

ISO DSDL ISO – Document Schema Definition Languages (DSDL) Martin Bryan Convenor, JTC1/SC18 WG1.
Copyright © 1995-2005 Open Applications Group, Inc. All rights reserved 1 OAGi XML Schema User Report June 21, 2005 Michael.

Copyright © Open Applications Group, Inc. All rights reserved 1 OAGi XML Schema User Report June 21, Michael.
Achieving Distributed Extensibility and Versioning in XML Dave Orchard W3C Lead BEA Systems.

Achieving Distributed Extensibility and Versioning in XML Dave Orchard W3C Lead BEA Systems.
SDPL 2003Notes 2: Document Instances and Grammars1 2.5 XML Schemas n A quick introduction to XML Schema –W3C Recommendation, May 2, 2001: »XML Schema Part.

SDPL 2003Notes 2: Document Instances and Grammars1 2.5 XML Schemas n A quick introduction to XML Schema –W3C Recommendation, May 2, 2001: »XML Schema Part.
Xyleme A Dynamic Warehouse for XML Data of the Web.

Xyleme A Dynamic Warehouse for XML Data of the Web.
Review Writing XML  Style  Common errors 1XML Technologies - 2012 - David Raponi.

Review Writing XML  Style  Common errors 1XML Technologies David Raponi.
1 Substitution Groups in XML Schemas Tomer Shiran Winter 2003/4 Semester.

1 Substitution Groups in XML Schemas Tomer Shiran Winter 2003/4 Semester.
Sunday, June 28, 2015 Abdelali ZAHI : FALL 2003 : XML Schemas XML Schemas Presented By : Abdelali ZAHI Instructor : Dr H.Haddouti.

Sunday, June 28, 2015 Abdelali ZAHI : FALL 2003 : XML Schemas XML Schemas Presented By : Abdelali ZAHI Instructor : Dr H.Haddouti.
1 HTML’s Transition to XHTML. 2 XHTML is the next evolution of HTML Extensible HTML eXtensible based on XML (extensible markup language) XML like HTML.

1 HTML’s Transition to XHTML. 2 XHTML is the next evolution of HTML Extensible HTML eXtensible based on XML (extensible markup language) XML like HTML.
Unit 4 – XML Schema www.profburnett.com XML - Level I Basic.

Unit 4 – XML Schema XML - Level I Basic.
UML Class Diagrams: Basic Concepts. Objects –The purpose of class modeling is to describe objects. –An object is a concept, abstraction or thing that.

UML Class Diagrams: Basic Concepts. Objects –The purpose of class modeling is to describe objects. –An object is a concept, abstraction or thing that.
 ACORD 2005. ACORD’s Experiences using W3C Schemas Dan Vint Senior Architect

 ACORD ACORD’s Experiences using W3C Schemas Dan Vint Senior Architect
A Use Case for SAML Extensibility Ashish Patel, France Telecom Paul Madsen, NTT.

A Use Case for SAML Extensibility Ashish Patel, France Telecom Paul Madsen, NTT.
Health Level Seven Experience Report Paul V. Biron Kaiser Permanente W3C XML Schema User Experience Workshop, Jun 21-22, 2005.

Health Level Seven Experience Report Paul V. Biron Kaiser Permanente W3C XML Schema User Experience Workshop, Jun 21-22, 2005.
Requirements for DSML 2.0. Summary RFC 2251 fidelity Represent existing directory protocols with new transport syntax Backwards compatibility with DSML.

Requirements for DSML 2.0. Summary RFC 2251 fidelity Represent existing directory protocols with new transport syntax Backwards compatibility with DSML.

Similar presentations

Ads by Google