edugain-discuss AT lists.geant.org
Subject: An open discussion list for topics related to the eduGAIN interfederation service.
List archive
- From: Olav Morken <olav.morken AT uninett.no>
- To: edugain-discuss AT lists.geant.org
- Subject: Re: [eduGAIN-discuss] namespaces
- Date: Fri, 26 Feb 2016 14:05:41 +0100
On 2016-02-26 11:50, Ian Young wrote:
On 26 Feb 2016, at 10:09, Peter Schober <peter.schober AT univie.ac.at> wrote:
Namespaces don't need to be defined in the root element, they can be
defined on the element using the element or attribute itself, or even
in appropriate parent elements, IIRC.
Part of the confusion in this area is because the terminology is confusing. Although we
often say that this is a "namespace declaration"...
xmlns:foo="bar"
... in fact what we mean is that it is a declaration of the namespace prefix
foo to refer to the namespace name bar. The namespace name itself is what
counts for XML processors, not the prefix. Indeed, you can declare multiple
prefixes at different levels of the document to represent the *same*
namespace name. Similarly, you can use a namespace name without any prefix at
all:
<element xmlns="bar"/>
None of this should matter for validation or any other processing, just the
<namespace name, local name> assigned to each element and attribute.
Actually, there is a place where this breaks: Where namespace prefixes are used in attribute values. Consider the following example:
<md:RoleDescriptor xmlns:foo="urn:foo" xsi:type="foo:SomeType" [...]>
If "foo" was changed to something else, this would obviously break. There are other places where the prefixes are used as well, such as the PrefixList attribute used in XML signatures. (Though that is admittedly less interesting to preserve.)
The problem is that without knowing the schema of the element that you are processing, you cannot know if any prefixes are significant for that element.
In the XML metadata processing code of SimpleSAMLphp, I ended up solving this by grabbing every active prefix whenever we find an unknown XML element (<md:RoleDescriptor>, an unknown extension, etc.). It will then serialize out the element with those prefixes added.
For example:
<ns:EntitiesDescriptor xmlns:ns="urn:oasis:names:tc:SAML:2.0:metadata">
<ns:Extensions>
<foo:Foo xmlns:foo="urn:foo" />
</ns:Extensions>
</ns:EntitiesDescriptor>
Would become:
<md:EntitiesDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
<md:Extensions>
<foo:Foo xmlns:ns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:foo="urn:foo" />
</md:Extensions>
</md:EntitiesDescriptor>
It is ugly, but has a high chance of success. Extra namespace prefixes should never hurt, but missing namespace prefixes may create problems.
Best regards,
Olav Morken
UNINETT / Feide
- [eduGAIN-discuss] namespaces, Janusz Ulanowski, 25-Feb-2016
- Re: [eduGAIN-discuss] namespaces, Maja Wolniewicz, 26-Feb-2016
- Re: [eduGAIN-discuss] namespaces, Peter Schober, 26-Feb-2016
- Re: [eduGAIN-discuss] namespaces, Janusz Ulanowski, 26-Feb-2016
- Re: [eduGAIN-discuss] namespaces, Ian Young, 26-Feb-2016
- Re: [eduGAIN-discuss] namespaces, Olav Morken, 02/26/2016
- Re: [eduGAIN-discuss] namespaces, Janusz Ulanowski, 26-Feb-2016
- Re: [eduGAIN-discuss] namespaces, Olav Morken, 02/26/2016
Archive powered by MHonArc 2.6.19.