- if (trustEngine && response->getSignature()) {
- if (!trustEngine->validate(*(response->getSignature()), *issuer, metadataProvider->getKeyResolver())) {
- log.error("unable to verify signature on message with supplied trust engine");
- throw BindingException("Message signature failed verification.");
- }
- else if (!securityMech) {
- securityMech = samlconstants::SAML1P_NS;
- }
- }
- else if (!securityMech) {
- log.warn("unable to authenticate the message, leaving untrusted");
- }