<?xml version="1.0" encoding="UTF-8"?>
<xsd:schema targetNamespace="http://www.nordugrid.org/schemas/response-arc"
 xmlns:response-arc="http://www.nordugrid.org/schemas/response-arc"
 xmlns:request-arc="http://www.nordugrid.org/schemas/request-arc"
 xmlns:xsd="http://www.w3.org/2001/XMLSchema">

 <!-- Top-level element of response is <Response/>. Request is made
   of one <AuthZResult/> and multiple <RequestItem/> elements which have 
   passed the policy evaluation. Currently if and only if all the <RequestItem/>
   in the <Request/> passed the policy evaluation, the pdp service returns 
   <AuthZResult>PERMIT</AuthZResult>, otherwise, it returns <AuthZResult>
   DENY</AuthZResult>. However, the policy enforcement point is able to make decision
   according to the <ResuestItem/> inside the <Response/> despite <AuthZResult/>
   gives "DENY" result.
  -->
 <xsd:simpleType name="AuthZResultType">
  <xsd:restriction base="xsd:string"/>
 </xsd:simpleType>

 <xsd:element name="Response" type="response-arc:ResponseType"/>
 <xsd:complexType name="ResponseType">
  <xsd:element name="AuthZResult" type="AuthZResultType" minOccurs="1"/>  
  <xsd:sequence>
   <xsd:element ref="request-arc:RequestItem"  minOccurs="0" maxOccurs="unbounded"/>
  </xsd:sequence>
 </xsd:complexType>

</xsd:schema>