/*
- * Copyright 2001-2007 Internet2
+ * Copyright 2001-2009 Internet2
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
#include "internal.h"
#include "Application.h"
-#include "exceptions.h"
#include "ServiceProvider.h"
#include "binding/SOAPClient.h"
+#include "security/SecurityPolicy.h"
+#include <saml/exceptions.h>
#include <saml/saml2/metadata/Metadata.h>
+#include <saml/saml2/metadata/MetadataCredentialCriteria.h>
+#include <saml/signature/ContentReference.h>
+#include <xmltooling/security/Credential.h>
+#include <xmltooling/signature/Signature.h>
#include <xmltooling/soap/SOAP.h>
#include <xmltooling/soap/HTTPSOAPTransport.h>
#include <xmltooling/util/NDC.h>
using namespace std;
SOAPClient::SOAPClient(SecurityPolicy& policy)
- : opensaml::SOAPClient(policy), m_app(policy.getApplication()), m_settings(NULL), m_relyingParty(NULL), m_credResolver(NULL)
+ : opensaml::SOAPClient(policy), m_app(policy.getApplication()), m_relyingParty(NULL), m_credResolver(NULL)
{
- m_settings = m_app.getServiceProvider().getPolicySettings(m_app.getString("policyId").second);
- pair<bool,bool> validate = m_settings->getBool("validate");
- policy.setValidating(validate.first && validate.second);
- setValidating(validate.first && validate.second);
+}
+
+SOAPClient::~SOAPClient()
+{
+ if (m_credResolver)
+ m_credResolver->unlock();
}
void SOAPClient::send(const soap11::Envelope& env, const char* from, MetadataCredentialCriteria& to, const char* endpoint)
// Reset criteria back.
to.setKeyAlgorithm(NULL);
to.setKeySize(0);
+ to.getKeyNames().clear();
if (cred) {
// Check for message.
if ((!flag.first || flag.second) && !transport.isConfidential())
throw opensaml::BindingException("Transport confidentiality required, but not available.");
- flag = m_settings->getBool("validate");
- setValidating(flag.first && flag.second);
+ setValidating(getPolicy().getValidating());
flag = m_relyingParty->getBool("requireTransportAuth");
forceTransportAuthentication(!flag.first || flag.second);
if (authType.first)
m_criteria->getKeyNames().insert(authType.second);
const Credential* cred = m_credResolver->resolve(m_criteria);
+ m_criteria->getKeyNames().clear();
if (cred) {
if (!transport.setCredential(cred))
log.error("failed to load Credential into SOAPTransport");