complexType "subjectType"
Namespace:
http://schemas.microsoft.com/hs/2001/10/core
Content:
empty, 3 attributes
Defined:
globally in hsinfra.xsd; see XML source
Includes:
definitions of 3 attributes
Used:
at 1 location
XML Representation Summary
<...
   
 = 
xsd:string
 = 
xsd:string
 = 
xsd:string
/>
All Direct / Indirect Based Elements (1):
subject (in role)
Known Usage Locations
Annotation
This element encapsulates a subject that includes a <b>userId</b>, and a combined application and <b>platformId</b>. The subject element is matched against the incoming message to determine which role, if any, is to be used to authorize and scope continued message processing. The match algorithm is very simple. The <b>userId</b> in the message chooses the set of matching subjects. Once this set of subjects is identified, a test for subjects containing <b>credType</b> attributes is done relative to the <b>credType</b> passed in the license. Matching subject entries remain. If no subjects match, all subjects containing <b>credType</b> are discarded; only those subjects that do not contain <b>credType</b> are kept. Then the combined platform ID and application ID select a matching subject. Matching subject entries remain. If no subjects match, all subjects containing <b>appAndPlatformId</b> attributes are discarded; only those subjects that do not contain this attribute are kept. These remaining subjects are considered to represent the set of possible roles to be used for the request. The referenced <b>roleDefinitions</b> are extracted from the <b>roleMap</b> and sorted; only the highest priority <b>roleDefinition</b> is kept.
XML Source (see within schema source)
<xsd:complexType name="subjectType">
<xsd:annotation>
<xsd:documentation>
This element encapsulates a subject that includes
a
<b>userId</b>
, and a combined application and
<b>platformId</b>
. The subject element
is matched against the incoming message to determine which role,
if any, is to be used to authorize and scope continued message processing. The
match algorithm is very simple. The
<b>userId</b>
in the message chooses the set of matching
subjects. Once this set of subjects is identified, a test for subjects containing
<b>credType</b>
attributes is done relative to the
<b>credType</b>
passed in the license. Matching subject
entries remain. If no subjects match, all subjects containing
<b>credType</b>
are discarded;
only those subjects that do not contain
<b>credType</b>
are kept. Then the combined platform ID and
application ID select a matching subject. Matching subject
entries remain. If no subjects match, all subjects containing
<b>appAndPlatformId</b>
attributes are
discarded; only those subjects that do not contain this attribute are kept. These remaining subjects
are considered to represent the set of possible roles to be used for the request. The referenced
<b>roleDefinitions</b>
are extracted from the
<b>roleMap</b>
and sorted; only the highest priority
<b>roleDefinition</b>
is kept.
</xsd:documentation>
</xsd:annotation>
<!--
//
// userId
//
-->
<xsd:attribute name="userId" type="puidType" use="required">
<xsd:annotation>
<xsd:documentation>
This ID represents an authenticated
<b>userId</b>
. It must always be specified.
</xsd:documentation>
</xsd:annotation>
</xsd:attribute>
<!--
//
// credType
//
-->
<xsd:attribute name="credType" type="string" use="optional">
<xsd:annotation>
<xsd:documentation>
This optional attribute
specifies a credential type value which represents the type of credential used
to authenticate the
<b>userId</b>
. During a match operation, this value may be used
to further qualify the set of subjects that match in the
<b>userId</b>
dimension.
</xsd:documentation>
</xsd:annotation>
</xsd:attribute>
<!--
//
// appAndPlatformId
//
-->
<xsd:attribute name="appAndPlatformId" type="puidType" use="optional">
<xsd:annotation>
<xsd:documentation>
This optional attribute specifies the authenticated ID of an application-platform
combination. For example, the PUID of calendar@microsoft.com represents the calendar application
at Microsoft. The PUID of office@windows represents the Office application running on the
Microsoft&#174; Windows&#174; platform.
</xsd:documentation>
</xsd:annotation>
</xsd:attribute>
</xsd:complexType>
Attribute Detail (all declarations; 3/3)
appAndPlatformId
Type:
puidType
Use:
optional
Defined:
locally within (this) subjectType complexType
This optional attribute specifies the authenticated ID of an application-platform combination. For example, the PUID of calendar@microsoft.com represents the calendar application at Microsoft. The PUID of office@windows represents the Office application running on the Microsoft® Windows® platform.
XML Source (see within schema source)
<xsd:attribute name="appAndPlatformId" type="puidType" use="optional">
<xsd:annotation>
<xsd:documentation>
This optional attribute specifies the authenticated ID of an application-platform
combination. For example, the PUID of calendar@microsoft.com represents the calendar application
at Microsoft. The PUID of office@windows represents the Office application running on the
Microsoft&#174; Windows&#174; platform.
</xsd:documentation>
</xsd:annotation>
</xsd:attribute>
credType
Type:
string
Use:
optional
Defined:
locally within (this) subjectType complexType
This optional attribute specifies a credential type value which represents the type of credential used to authenticate the <b>userId</b>. During a match operation, this value may be used to further qualify the set of subjects that match in the <b>userId</b> dimension.
XML Source (see within schema source)
<xsd:attribute name="credType" type="string" use="optional">
<xsd:annotation>
<xsd:documentation>
This optional attribute
specifies a credential type value which represents the type of credential used
to authenticate the
<b>userId</b>
. During a match operation, this value may be used
to further qualify the set of subjects that match in the
<b>userId</b>
dimension.
</xsd:documentation>
</xsd:annotation>
</xsd:attribute>
userId
Type:
puidType
Use:
required
Defined:
locally within (this) subjectType complexType
This ID represents an authenticated <b>userId</b>. It must always be specified.
XML Source (see within schema source)
<xsd:attribute name="userId" type="puidType" use="required">
<xsd:annotation>
<xsd:documentation>
This ID represents an authenticated
<b>userId</b>
. It must always be specified.
</xsd:documentation>
</xsd:annotation>
</xsd:attribute>