- auto_ptr_XMLCh issuer(ctx.getApplication().getString("entityID").second);
- saml2::Subject* subject = saml2::SubjectBuilder::buildSubject();
- subject->setNameID(ctx.getNameID()->cloneNameID());
+ auto_ptr<saml2::Subject> subject(saml2::SubjectBuilder::buildSubject());
+
+ // Encrypt the NameID?
+ if (encryption.first && (!strcmp(encryption.second, "true") || !strcmp(encryption.second, "back"))) {
+ auto_ptr<EncryptedID> encrypted(EncryptedIDBuilder::buildEncryptedID());
+ MetadataCredentialCriteria mcc(*AA);
+ encrypted->encrypt(
+ *ctx.getNameID(),
+ *(application.getMetadataProvider()),
+ mcc,
+ false,
+ relyingParty->getXMLString("encryptionAlg").second
+ );
+ subject->setEncryptedID(encrypted.release());
+ }
+ else {
+ subject->setNameID(ctx.getNameID()->cloneNameID());
+ }
+