Oxygen XML Forum

Posted: **Mon Jun 25, 2012 9:32 am**

Hi, I am creating an example XML doc based on urn:scim:schemas:core:1.0

which is available from http://www.simplecloud.info/specs/schema/scim-core.xsd

Oxygen reports errors (see below the code). I find this puzzling since SCIM is not an insignificant standard that some large vendors are behind. Maybe it's because they care less about the XML version and more about the JSON version of the standard that they have been a little tardy with XML validator compatibility?

Code: Select all


<?xml version="1.0" encoding="UTF-8"?>

<tns:User xmlns:ns0="urn:scim:schemas:extension:enterprise:1.0"

 xmlns:tns="urn:scim:schemas:core:1.0"

 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

 xsi:schemaLocation="urn:scim:schemas:core:1.0 file:/C:/source/SCIM/scim-core.xsd">

 <id>2819c223-7f76-453a-919d-413861904646</id>

 <externalId>701984</externalId>

 <userName>bjensen@example.com</userName>

 <name>

  <formatted>Ms. Babs J Jensen III</formatted>

  <familyName>Jensen</familyName>

  <givenName>Barbara</givenName>

  <middleName>Jane</middleName>

  <honorificPrefix>Ms.</honorificPrefix>

  <honorificSuffix>III</honorificSuffix>

 </name>

 <displayName>Babs Jensen</displayName>

 <nickName>Babs</nickName>

 <profileUrl>https://login.example.com/bjensen</profileUrl>

 <emails>

  <email>

   <value>bjensen@example.com</value>

   <type>work</type>

   <primary>true</primary>

  </email>

  <email>

   <value>babs@jensen.com</value>

   <type>home</type>

  </email>

 </emails>

 <addresses>

  <address>

      <formatted>100 Universal City Plaza\nHollywood, CA 91608 USA</formatted>

      <streetAddress>100 Universal City Plaza</streetAddress>

      <locality>Hollywood</locality>

      <region>CA</region>

      <postalCode>91608</postalCode>

      <country>USA</country>

      <type>work</type>

      <primary>true</primary>

    </address>

  <address>

      <formatted>456 Hollywood Blvd\nHollywood, CA 91608 USA</formatted>

      <streetAddress>456 Hollywood Blvd</streetAddress>

      <locality>San Francisco</locality>

      <region>CA</region>

      <postalCode>91608</postalCode>

      <country>USA</country>

    </address>

 </addresses>

 <phoneNumbers>

  <phoneNumber>

   <value>555-555-5555</value>

   <type>work</type>

  </phoneNumber>

  <phoneNumber>

   <value>555-555-4444</value>

   <type>mobile</type>

  </phoneNumber>

 </phoneNumbers>

 <ims>

  <im>

   <value>someaimhandle</value>

   <type>aim</type>

  </im>

 </ims>

 <photos>

  <photo>

   <value>https://photos.example.com/profilephoto/72930000000Ccne/F</value>

   <type>photo</type>

  </photo>

  <photo>

   <value>https://photos.example.com/profilephoto/72930000000Ccne/T</value>

   <type>thumbnail</type>

   

  </photo>

 </photos>

 <userType>Employee</userType>

 <title>Tour Guide</title>

 <preferredLanguage>en_US</preferredLanguage>

 <locale>en_US</locale>

 <timezone>America/Los_Angeles</timezone>

 <active>true</active>

 <password>t1meMa$heen</password>

 <groups>

  <group>

   <value>e9e30dba-f08f-4109-8486-d5c6a331660a</value>

   <display>Tour Guides</display>

  </group>

  <group>

   <value>6d1a1088-3a56-4371-8e3b-6d48d67493ec</value>

   <display>Employees</display>

  </group>

  <group>

   <value>5fd998b9-d2bd-479c-991b-6790537608dc</value>

   <display>US Employees</display>

  </group>

 </groups>

 <roles>

  <role>

   <value>administrator</value>

  </role>

 </roles>

 <entitlements>

  <entitlement>

   <value>delete users</value>

  </entitlement>

 </entitlements>

 <x509Certificates>

  <x509Certificate>

   <value>

    MIIDQzCCAqygAwIBAgICEAAwDQYJKoZIhvcNAQEFBQAwTjELMAkGA1UEBhMCVVMx

    EzARBgNVBAgMCkNhbGlmb3JuaWExFDASBgNVBAoMC2V4YW1wbGUuY29tMRQwEgYD

    VQQDDAtleGFtcGxlLmNvbTAeFw0xMTEwMjIwNjI0MzFaFw0xMjEwMDQwNjI0MzFa

    MH8xCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRQwEgYDVQQKDAtl

    eGFtcGxlLmNvbTEhMB8GA1UEAwwYTXMuIEJhcmJhcmEgSiBKZW5zZW4gSUlJMSIw

    IAYJKoZIhvcNAQkBFhNiamVuc2VuQGV4YW1wbGUuY29tMIIBIjANBgkqhkiG9w0B

    AQEFAAOCAQ8AMIIBCgKCAQEA7Kr+Dcds/JQ5GwejJFcBIP682X3xpjis56AK02bc

    1FLgzdLI8auoR+cC9/Vrh5t66HkQIOdA4unHh0AaZ4xL5PhVbXIPMB5vAPKpzz5i

    PSi8xO8SL7I7SDhcBVJhqVqr3HgllEG6UClDdHO7nkLuwXq8HcISKkbT5WFTVfFZ

    zidPl8HZ7DhXkZIRtJwBweq4bvm3hM1Os7UQH05ZS6cVDgweKNwdLLrT51ikSQG3

    DYrl+ft781UQRIqxgwqCfXEuDiinPh0kkvIi5jivVu1Z9QiwlYEdRbLJ4zJQBmDr

    SGTMYn4lRc2HgHO4DqB/bnMVorHB0CC6AV1QoFK4GPe1LwIDAQABo3sweTAJBgNV

    Mortimore, et al.      Expires September 16, 2012              [Page 34]

    

    Internet-Draft          draft-scim-core-schema-00             March 2012

    

    

    HRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZp

    Y2F0ZTAdBgNVHQ4EFgQU8pD0U0vsZIsaA16lL8En8bx0F/gwHwYDVR0jBBgwFoAU

    dGeKitcaF7gnzsNwDx708kqaVt0wDQYJKoZIhvcNAQEFBQADgYEAA81SsFnOdYJt

    Ng5Tcq+/ByEDrBgnusx0jloUhByPMEVkoMZ3J7j1ZgI8rAbOkNngX8+pKfTiDz1R

    C4+dx8oU6Za+4NJXUjlL5CvV6BEYb1+QAEJwitTVvxB/A67g42/vzgAtoRUeDov1

    +GFiBZ+GNF/cAYKcMtGcrs2i97ZkJMo=

   </value>

  </x509Certificate>

 </x509Certificates>

 <meta>

  <created>2010-01-23T04:56:22Z</created>

  <lastModified>2011-05-13T04:42:34Z</lastModified>

  <version>W/"a330bc54f0671c9"</version>

  <location>https://example.com/v1/Users/2819c223-7f76-453a-919d-413861904646</location>

 </meta> 

</tns:User>

The errors are:

System ID: C:\source\SCIM\instance2.xml
Main validation file: C:\source\SCIM\instance2.xml
Schema: C:\source\SCIM\scim-core.xsd
Engine name: Xerces
Severity: error
Description: cvc-type.2: The type definition cannot be abstract for element email.
Start location: 21:4
End location: 21:9
URL: http://www.w3.org/TR/xmlschema-1/#cvc-type

System ID: C:\source\SCIM\instance2.xml
Main validation file: C:\source\SCIM\instance2.xml
Schema: C:\source\SCIM\scim-core.xsd
Engine name: Xerces
Severity: error
Description: cvc-type.2: The type definition cannot be abstract for element email.
Start location: 26:4
End location: 26:9
URL: http://www.w3.org/TR/xmlschema-1/#cvc-type

System ID: C:\source\SCIM\instance2.xml
Main validation file: C:\source\SCIM\instance2.xml
Schema: C:\source\SCIM\scim-core.xsd
Engine name: Xerces
Severity: error
Description: cvc-complex-type.2.4.d: Invalid content was found starting with element 'type'. No child element is expected at this point.
Start location: 39:8
End location: 39:12
URL: http://www.w3.org/TR/xmlschema-1/#cvc-complex-type

System ID: C:\source\SCIM\instance2.xml
Main validation file: C:\source\SCIM\instance2.xml
Schema: C:\source\SCIM\scim-core.xsd
Engine name: Xerces
Severity: error
Description: cvc-complex-type.2.4.d: Invalid content was found starting with element 'type'. No child element is expected at this point.
Start location: 49:8
End location: 49:12
URL: http://www.w3.org/TR/xmlschema-1/#cvc-complex-type

System ID: C:\source\SCIM\instance2.xml
Main validation file: C:\source\SCIM\instance2.xml
Schema: C:\source\SCIM\scim-core.xsd
Engine name: Xerces
Severity: error
Description: cvc-complex-type.2.4.a: Invalid content was found starting with element 'phoneNumbers'. One of '{groups, entitlements, roles, x509Certificates, WC[##other:"urn:scim:schemas:core:1.0"]}' is expected.
Start location: 52:3
End location: 52:15
URL: http://www.w3.org/TR/xmlschema-1/#cvc-complex-type

System ID: C:\source\SCIM\instance2.xml
Main validation file: C:\source\SCIM\instance2.xml
Schema: C:\source\SCIM\scim-core.xsd
Engine name: Xerces
Severity: error
Description: cvc-type.2: The type definition cannot be abstract for element phoneNumber.
Start location: 53:4
End location: 53:15
URL: http://www.w3.org/TR/xmlschema-1/#cvc-type

System ID: C:\source\SCIM\instance2.xml
Main validation file: C:\source\SCIM\instance2.xml
Schema: C:\source\SCIM\scim-core.xsd
Engine name: Xerces
Severity: error
Description: cvc-type.2: The type definition cannot be abstract for element phoneNumber.
Start location: 57:4
End location: 57:15
URL: http://www.w3.org/TR/xmlschema-1/#cvc-type

System ID: C:\source\SCIM\instance2.xml
Main validation file: C:\source\SCIM\instance2.xml
Schema: C:\source\SCIM\scim-core.xsd
Engine name: Xerces
Severity: error
Description: cvc-type.2: The type definition cannot be abstract for element im.
Start location: 63:4
End location: 63:6
URL: http://www.w3.org/TR/xmlschema-1/#cvc-type

System ID: C:\source\SCIM\instance2.xml
Main validation file: C:\source\SCIM\instance2.xml
Schema: C:\source\SCIM\scim-core.xsd
Engine name: Xerces
Severity: error
Description: cvc-type.2: The type definition cannot be abstract for element photo.
Start location: 69:4
End location: 69:9
URL: http://www.w3.org/TR/xmlschema-1/#cvc-type

System ID: C:\source\SCIM\instance2.xml
Main validation file: C:\source\SCIM\instance2.xml
Schema: C:\source\SCIM\scim-core.xsd
Engine name: Xerces
Severity: error
Description: cvc-type.2: The type definition cannot be abstract for element photo.
Start location: 73:4
End location: 73:9
URL: http://www.w3.org/TR/xmlschema-1/#cvc-type

System ID: C:\source\SCIM\instance2.xml
Main validation file: C:\source\SCIM\instance2.xml
Schema: C:\source\SCIM\scim-core.xsd
Engine name: Xerces
Severity: error
Description: cvc-type.2: The type definition cannot be abstract for element group.
Start location: 87:4
End location: 87:9
URL: http://www.w3.org/TR/xmlschema-1/#cvc-type

System ID: C:\source\SCIM\instance2.xml
Main validation file: C:\source\SCIM\instance2.xml
Schema: C:\source\SCIM\scim-core.xsd
Engine name: Xerces
Severity: error
Description: cvc-type.2: The type definition cannot be abstract for element group.
Start location: 91:4
End location: 91:9
URL: http://www.w3.org/TR/xmlschema-1/#cvc-type

System ID: C:\source\SCIM\instance2.xml
Main validation file: C:\source\SCIM\instance2.xml
Schema: C:\source\SCIM\scim-core.xsd
Engine name: Xerces
Severity: error
Description: cvc-type.2: The type definition cannot be abstract for element group.
Start location: 95:4
End location: 95:9
URL: http://www.w3.org/TR/xmlschema-1/#cvc-type

System ID: C:\source\SCIM\instance2.xml
Main validation file: C:\source\SCIM\instance2.xml
Schema: C:\source\SCIM\scim-core.xsd
Engine name: Xerces
Severity: error
Description: cvc-type.2: The type definition cannot be abstract for element role.
Start location: 101:4
End location: 101:8
URL: http://www.w3.org/TR/xmlschema-1/#cvc-type

System ID: C:\source\SCIM\instance2.xml
Main validation file: C:\source\SCIM\instance2.xml
Schema: C:\source\SCIM\scim-core.xsd
Engine name: Xerces
Severity: error
Description: cvc-type.2: The type definition cannot be abstract for element entitlement.
Start location: 106:4
End location: 106:15
URL: http://www.w3.org/TR/xmlschema-1/#cvc-type

System ID: C:\source\SCIM\instance2.xml
Main validation file: C:\source\SCIM\instance2.xml
Schema: C:\source\SCIM\scim-core.xsd
Engine name: Xerces
Severity: error
Description: cvc-type.2: The type definition cannot be abstract for element x509Certificate.
Start location: 111:4
End location: 111:19
URL: http://www.w3.org/TR/xmlschema-1/#cvc-type

System ID: C:\source\SCIM\instance2.xml
Main validation file: C:\source\SCIM\instance2.xml
Schema: C:\source\SCIM\scim-core.xsd
Engine name: Xerces
Severity: error
Description: cvc-complex-type.2.4.a: Invalid content was found starting with element 'location'. One of '{attributes}' is expected.
Start location: 146:4
End location: 146:12
URL: http://www.w3.org/TR/xmlschema-1/#cvc-complex-type

Posted: **Mon Jun 25, 2012 11:27 am**

Hello,

From what I've seen, the SCIM schema seems to have some validation problems from the start. My guess is the schema has been developed (or validated) with a tool that does not adhere to the W3C specification.

One such problem is the declaration of:
<xs:complexType name="SchemaSubAttribute">
which extends a type (multiValuedAttribute) that already contains an element named "type", but then contributes with another element named "type" resulting in:
[Saxon-EE 9.3.0.5] Error in complex type SchemaSubAttribute: Ambiguous content model, element <type> appears more than once

Similarly, <xs:complexType name="multiValuedAttribute" abstract="true"> is declared as an abstract type, but is then used anyway as a base type for a lot of non abstract elements (email, phoneNumber, im, etc). This contradicts the W3C specification:
http://www.w3.org/TR/xmlschema-0/#abstract
This is the problem that's causing errors like:
cvc-type.2: The type definition cannot be abstract for element <elementName>.

Then there are a lot of problems in the XML with the order in which the elements appear. The schema declares most elements as part of a sequence (xs:sequence) so the order in which they appear is significant.

I've reordered the XML to obey the correct order:

Code: Select all

<?xml version="1.0" encoding="UTF-8"?>

<tns:User xmlns:ns0="urn:scim:schemas:extension:enterprise:1.0"

    xmlns:tns="urn:scim:schemas:core:1.0"

    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

    xsi:schemaLocation="urn:scim:schemas:core:1.0 scim-core2.xsd">

    <id>2819c223-7f76-453a-919d-413861904646</id>

    <meta>

        <created>2010-01-23T04:56:22Z</created>

        <lastModified>2011-05-13T04:42:34Z</lastModified>

        <location>https://example.com/v1/Users/2819c223-7f76-453a-919d-413861904646</location>

        <version>W/"a330bc54f0671c9"</version>

    </meta>

    <externalId>701984</externalId>

    <userName>bjensen@example.com</userName>

    <name>

        <formatted>Ms. Babs J Jensen III</formatted>

        <familyName>Jensen</familyName>

        <givenName>Barbara</givenName>

        <middleName>Jane</middleName>

        <honorificPrefix>Ms.</honorificPrefix>

        <honorificSuffix>III</honorificSuffix>

    </name>

    <displayName>Babs Jensen</displayName>

    <nickName>Babs</nickName>

    <profileUrl>https://login.example.com/bjensen</profileUrl>

    <title>Tour Guide</title>

    <userType>Employee</userType>

    <preferredLanguage>en_US</preferredLanguage>

    <locale>en_US</locale>

    <timezone>America/Los_Angeles</timezone>

    <active>true</active>

    <password>t1meMa$heen</password>

    <emails>

        <email>

            <value>bjensen@example.com</value>

            <primary>true</primary>

            <type>work</type>

        </email>

        <email>

            <value>babs@jensen.com</value>

            <type>home</type>

        </email>

    </emails>

    <phoneNumbers>

        <phoneNumber>

            <value>555-555-5555</value>

            <type>work</type>

        </phoneNumber>

        <phoneNumber>

            <value>555-555-4444</value>

            <type>mobile</type>

        </phoneNumber>

    </phoneNumbers>

    <ims>

        <im>

            <value>someaimhandle</value>

            <type>aim</type>

        </im>

    </ims>

    <photos>

        <photo>

            <value>https://photos.example.com/profilephoto/72930000000Ccne/F</value>

            <type>photo</type>

        </photo>

        <photo>

            <value>https://photos.example.com/profilephoto/72930000000Ccne/T</value>

            <type>thumbnail</type>

            

        </photo>

    </photos>

    <addresses>

        <address>

          <primary>true</primary>

          <type>work</type>

          <formatted>100 Universal City Plaza\nHollywood, CA 91608 USA</formatted>

          <streetAddress>100 Universal City Plaza</streetAddress>

          <locality>Hollywood</locality>

          <region>CA</region>

          <postalCode>91608</postalCode>

          <country>USA</country>

        </address>

        <address>

          <formatted>456 Hollywood Blvd\nHollywood, CA 91608 USA</formatted>

          <streetAddress>456 Hollywood Blvd</streetAddress>

          <locality>San Francisco</locality>

          <region>CA</region>

          <postalCode>91608</postalCode>

          <country>USA</country>

        </address>

    </addresses>

    <groups>

        <group>

            <value>e9e30dba-f08f-4109-8486-d5c6a331660a</value>

            <display>Tour Guides</display>

        </group>

        <group>

            <value>6d1a1088-3a56-4371-8e3b-6d48d67493ec</value>

            <display>Employees</display>

        </group>

        <group>

            <value>5fd998b9-d2bd-479c-991b-6790537608dc</value>

            <display>US Employees</display>

        </group>

    </groups>

    <entitlements>

        <entitlement>

            <value>delete users</value>

        </entitlement>

    </entitlements>

    <roles>

        <role>

            <value>administrator</value>

        </role>

    </roles>

    <x509Certificates>

        <x509Certificate>

            <value>

                MIIDQzCCAqygAwIBAgICEAAwDQYJKoZIhvcNAQEFBQAwTjELMAkGA1UEBhMCVVMx

                EzARBgNVBAgMCkNhbGlmb3JuaWExFDASBgNVBAoMC2V4YW1wbGUuY29tMRQwEgYD

                VQQDDAtleGFtcGxlLmNvbTAeFw0xMTEwMjIwNjI0MzFaFw0xMjEwMDQwNjI0MzFa

                MH8xCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRQwEgYDVQQKDAtl

                eGFtcGxlLmNvbTEhMB8GA1UEAwwYTXMuIEJhcmJhcmEgSiBKZW5zZW4gSUlJMSIw

                IAYJKoZIhvcNAQkBFhNiamVuc2VuQGV4YW1wbGUuY29tMIIBIjANBgkqhkiG9w0B

                AQEFAAOCAQ8AMIIBCgKCAQEA7Kr+Dcds/JQ5GwejJFcBIP682X3xpjis56AK02bc

                1FLgzdLI8auoR+cC9/Vrh5t66HkQIOdA4unHh0AaZ4xL5PhVbXIPMB5vAPKpzz5i

                PSi8xO8SL7I7SDhcBVJhqVqr3HgllEG6UClDdHO7nkLuwXq8HcISKkbT5WFTVfFZ

                zidPl8HZ7DhXkZIRtJwBweq4bvm3hM1Os7UQH05ZS6cVDgweKNwdLLrT51ikSQG3

                DYrl+ft781UQRIqxgwqCfXEuDiinPh0kkvIi5jivVu1Z9QiwlYEdRbLJ4zJQBmDr

                SGTMYn4lRc2HgHO4DqB/bnMVorHB0CC6AV1QoFK4GPe1LwIDAQABo3sweTAJBgNV

                Mortimore, et al.      Expires September 16, 2012              [Page 34]

                

                Internet-Draft          draft-scim-core-schema-00             March 2012

                

                

                HRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZp

                Y2F0ZTAdBgNVHQ4EFgQU8pD0U0vsZIsaA16lL8En8bx0F/gwHwYDVR0jBBgwFoAU

                dGeKitcaF7gnzsNwDx708kqaVt0wDQYJKoZIhvcNAQEFBQADgYEAA81SsFnOdYJt

                Ng5Tcq+/ByEDrBgnusx0jloUhByPMEVkoMZ3J7j1ZgI8rAbOkNngX8+pKfTiDz1R

                C4+dx8oU6Za+4NJXUjlL5CvV6BEYb1+QAEJwitTVvxB/A67g42/vzgAtoRUeDov1

                +GFiBZ+GNF/cAYKcMtGcrs2i97ZkJMo=

            </value>

        </x509Certificate>

    </x509Certificates>

</tns:User>

Note that the validation with Saxon EE may be able to give you a more accurate description of these types of problems than the one with Xerces (default). To enable it go to: Options > Preferences, XML > XML Parser > Saxon EE Validation and enable Use Saxon EE as default XML Schema validation engine

Regards,
Adrian

Posted: **Thu Oct 04, 2012 12:19 am**

Hi Adrian,

I apologize for the late response. This is just to say thanks for your response which is right on the button.

SCIM has changed it's name a little and headed over to IETF since my previous post but there appears to be no changes to the schema.

I think the problem is that they (the IETF SCIM contributors) are totally focused on JSON and the XSD equivalent is a poor cousin.

Regards,
David.

Posted: **Thu Oct 04, 2012 9:04 am**

Hi,

Actually, the schema from http://www.simplecloud.info/specs/schema/scim-core.xsd seems to have been fixed and validates fine now in Oxygen (with both Xerces and Saxon-EE). I've compared it with the local copy I made when we last talked about its issues and someone has definitely fixed the problems I've mentioned.

Regards,
Adrian

Oxygen XML Forum

Simple Cloud Identity Management Schema 1.0 XML instance issue

Simple Cloud Identity Management Schema 1.0 XML instance issue

Re: Simple Cloud Identity Management Schema 1.0 XML instance issue

Re: Simple Cloud Identity Management Schema 1.0 XML instance issue

Re: Simple Cloud Identity Management Schema 1.0 XML instance issue