Missing header.

[shibboleth/cpp-opensaml.git] / saml / binding / SOAPClient.h

diff --git a/saml/binding/SOAPClient.h b/saml/binding/SOAPClient.h
index 433e44a..0941a6c 100644 (file)
--- a/saml/binding/SOAPClient.h
+++ b/saml/binding/SOAPClient.h
@@ -1,5 +1,5 @@
 /*
- *  Copyright 2001-2007 Internet2
+ *  Copyright 2001-2009 Internet2
  * 
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -23,11 +23,17 @@
 #ifndef __saml_soap11client_h__
 #define __saml_soap11client_h__
 
-#include <saml/binding/SecurityPolicy.h>
+#include <saml/base.h>
+
 #include <xmltooling/soap/SOAPClient.h>
 
 namespace opensaml {
 
+    class SAML_API SecurityPolicy;
+    namespace saml2md {
+        class SAML_API MetadataCredentialCriteria;
+    };
+
     /**
      * Specialized SOAPClient for SAML SOAP bindings.
      */
@@ -38,12 +44,10 @@ namespace opensaml {
          * Creates a SOAP client instance with a particular SecurityPolicy.
          * 
          * @param policy        reference to SecurityPolicy to apply
-         * @param validating    controls schema validation
          */
-        SOAPClient(SecurityPolicy& policy)
-            : soap11::SOAPClient(policy.getValidating()), m_policy(policy), m_force(true), m_peer(NULL) {}
+        SOAPClient(SecurityPolicy& policy);
         
-        virtual ~SOAPClient() {}
+        virtual ~SOAPClient();
 
         /**
          * Controls whether to force transport/peer authentication via an X509TrustEngine.
@@ -52,19 +56,21 @@ namespace opensaml {
          * 
          * @param force  true iff the client should refuse to communicate without this protection
          */
-        void forceTransportAuthentication(bool force=true) {
-            m_force = force;
-        }
+        void forceTransportAuthentication(bool force=true);
         
+        using soap11::SOAPClient::send;
+
         /**
-         * Override prepares the SecurityPolicy by clearing Issuer identity, in case the policy
-         * is reused.
+         * SAML-specific method uses metadata to determine the peer name and prepare the
+         * transport layer with peer credential information. The SecurityPolicy is also reset,
+         * in case the policy is reused.
          * 
          * @param env       SOAP envelope to send
-         * @param peer      peer to send message to, expressed in TrustEngine terms
+         * @param from      identity of sending application
+         * @param to        peer to send message to, expressed in metadata criteria terms
          * @param endpoint  URL of endpoint to recieve message
          */
-        void send(const soap11::Envelope& env, const xmltooling::KeyInfoSource& peer, const char* endpoint);
+        virtual void send(const soap11::Envelope& env, const char* from, saml2md::MetadataCredentialCriteria& to, const char* endpoint);
         
         /**
          * Override applies SecurityPolicy to envelope before returning it.
@@ -80,9 +86,7 @@ namespace opensaml {
          *
          * @return  the associated SecurityPolicy
          */
-        SecurityPolicy& getPolicy() const {
-            return m_policy;
-        }
+        SecurityPolicy& getPolicy() const;
 
     protected:
         /**
@@ -101,6 +105,9 @@ namespace opensaml {
     
         /** Metadata-based peer identity. */        
         const saml2md::RoleDescriptor* m_peer;
+
+        /** Metadata-based CredentialCriteria for supplying credentials to TrustEngine. */
+        saml2md::MetadataCredentialCriteria* m_criteria;
     };
 
 };