Expose filter/remapper during property set construction.

[shibboleth/cpp-sp.git] / shibsp / handler / AssertionConsumerService.h

diff --git a/shibsp/handler/AssertionConsumerService.h b/shibsp/handler/AssertionConsumerService.h
index a7289fe..cb73210 100644 (file)
--- a/shibsp/handler/AssertionConsumerService.h
+++ b/shibsp/handler/AssertionConsumerService.h
@@ -1,5 +1,5 @@
 /*
- *  Copyright 2001-2007 Internet2
+ *  Copyright 2001-2009 Internet2
  * 
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -57,11 +57,19 @@ namespace shibsp {
         /**
          * Constructor
          * 
-         * @param e     root of DOM configuration
-         * @param appId ID of application that "owns" the handler
-         * @param log   a logging object to use
+         * @param e         root of DOM configuration
+         * @param appId     ID of application that "owns" the handler
+         * @param log       a logging object to use
+         * @param filter    optional filter controls what child elements to include as nested PropertySets
+         * @param remapper  optional map of property rename rules for legacy property support
          */
-        AssertionConsumerService(const xercesc::DOMElement* e, const char* appId, xmltooling::logging::Category& log);
+        AssertionConsumerService(
+            const xercesc::DOMElement* e,
+            const char* appId,
+            xmltooling::logging::Category& log,
+            xercesc::DOMNodeFilter* filter=NULL,
+            const std::map<std::string,std::string>* remapper=NULL
+            );
 
         /**
          * Enforce address checking requirements.
@@ -76,6 +84,23 @@ namespace shibsp {
         void generateMetadata(opensaml::saml2md::SPSSODescriptor& role, const char* handlerURL) const;
         
         /**
+         * Returns a SecurityPolicy instance to use for an incoming request.
+         *
+         * <p>Allows handlers to customize the type of policy object their policy rules might require.
+         * <p>The caller <strong>MUST</strong> lock the application's MetadataProvider for the life
+         * of the returned object.
+         *
+         * @param application   reference to application receiving message
+         * @param role          identifies the role (generally IdP or SP) of the policy peer
+         * @param validate      true iff XML parsing should be done with validation
+         * @param policyId      identifies policy rules to auto-attach, defaults to the application's set
+         * @return  a new policy instance, which the caller is responsible for freeing
+         */
+        virtual opensaml::SecurityPolicy* createSecurityPolicy(
+            const Application& application, const xmltooling::QName* role, bool validate, const char* policyId
+            ) const;
+
+        /**
          * Implement protocol-specific handling of the incoming decoded message.
          * 
          * <p>The result of implementing the protocol should be an exception or
@@ -168,7 +193,6 @@ namespace shibsp {
 #if defined (_MSC_VER)
     #pragma warning( pop )
 #endif
-
 };
 
 #endif /* __shibsp_acshandler_h__ */