+ if (ctx) {
+ // Copy over any new tokens, but leave them in the context for cleanup.
+ tokens.insert(tokens.end(), ctx->getResolvedAssertions().begin(), ctx->getResolvedAssertions().end());
+ }
+
+ // Now merge in bad tokens for caching.
+ tokens.insert(tokens.end(), badtokens.begin(), badtokens.end());
+
+ string session_id;
+ application.getServiceProvider().getSessionCache()->insert(
+ session_id,
+ application,
+ httpRequest,
+ httpResponse,
+ sessionExp,
+ entity,
+ samlconstants::SAML20P_NS,
+ ssoName,
+ ssoStatement->getAuthnInstant() ? ssoStatement->getAuthnInstant()->getRawData() : nullptr,
+ ssoStatement->getSessionIndex(),
+ (authnContext && authnContext->getAuthnContextClassRef()) ? authnContext->getAuthnContextClassRef()->getReference() : nullptr,
+ (authnContext && authnContext->getAuthnContextDeclRef()) ? authnContext->getAuthnContextDeclRef()->getReference() : nullptr,
+ &tokens,
+ ctx ? &ctx->getResolvedAttributes() : nullptr
+ );
+
+ try {
+ scoped_ptr<TransactionLog::Event> event(newLoginEvent(application, httpRequest));
+ LoginEvent* login_event = dynamic_cast<LoginEvent*>(event.get());
+ if (login_event) {
+ login_event->m_sessionID = session_id.c_str();
+ login_event->m_peer = entity;
+ auto_ptr_char prot(getProtocolFamily());
+ login_event->m_protocol = prot.get();
+ login_event->m_nameID = ssoName;
+ login_event->m_saml2AuthnStatement = ssoStatement;
+ login_event->m_saml2Response = response;
+ if (ctx)
+ login_event->m_attributes = &ctx->getResolvedAttributes();
+ application.getServiceProvider().getTransactionLog()->write(*login_event);
+ }
+ else {
+ m_log.warn("unable to audit event, log event object was of an incorrect type");
+ }