+ throw SecurityPolicyException("InResponseTo attribute did not correlate with the Request ID.");
+
+ m_soaper.getPolicy().reset(true);
+ pair<bool,int> minor = response->getMinorVersion();
+ m_soaper.getPolicy().evaluate(
+ *response,
+ NULL,
+ (minor.first && minor.second==0) ? samlconstants::SAML10_PROTOCOL_ENUM : samlconstants::SAML11_PROTOCOL_ENUM
+ );
+
+ if (!m_soaper.getPolicy().isSecure()) {
+ SecurityPolicyException ex("Security policy could not authenticate the message.");
+ if (m_soaper.getPolicy().getIssuerMetadata())
+ annotateException(&ex, m_soaper.getPolicy().getIssuerMetadata()); // throws it
+ else
+ ex.raise();
+ }