X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=saml%2Fbinding%2FSOAPClient.h;h=34d29104e2b089049ee9e31f88267a815d6781d3;hb=f1208cd2f514700244816377443c4951dc22c848;hp=2c745cc96a16ab4a9ca4dc02999cb63a09b640ed;hpb=b4448d5b2445f818263b600651e67630ff114f22;p=shibboleth%2Fcpp-opensaml.git

diff --git a/saml/binding/SOAPClient.h b/saml/binding/SOAPClient.h
index 2c745cc..34d2910 100644
--- a/saml/binding/SOAPClient.h
+++ b/saml/binding/SOAPClient.h
@@ -1,17 +1,21 @@
-/*
- *  Copyright 2001-2007 Internet2
- * 
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
+/**
+ * Licensed to the University Corporation for Advanced Internet
+ * Development, Inc. (UCAID) under one or more contributor license
+ * agreements. See the NOTICE file distributed with this work for
+ * additional information regarding copyright ownership.
+ *
+ * UCAID licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License. You may obtain a copy of the
+ * License at
  *
- *     http://www.apache.org/licenses/LICENSE-2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
  *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
+ * either express or implied. See the License for the specific
+ * language governing permissions and limitations under the License.
  */
 
 /**
@@ -23,11 +27,17 @@
 #ifndef __saml_soap11client_h__
 #define __saml_soap11client_h__
 
-#include <saml/binding/SecurityPolicy.h>
+#include <saml/base.h>
+
 #include <xmltooling/soap/SOAPClient.h>
 
 namespace opensaml {
 
+    class SAML_API SecurityPolicy;
+    namespace saml2md {
+        class SAML_API MetadataCredentialCriteria;
+    };
+
     /**
      * Specialized SOAPClient for SAML SOAP bindings.
      */
@@ -38,14 +48,10 @@ namespace opensaml {
          * Creates a SOAP client instance with a particular SecurityPolicy.
          * 
          * @param policy        reference to SecurityPolicy to apply
-         * @param validating    controls schema validation
          */
-        SOAPClient(SecurityPolicy& policy, bool validating=false)
-            : soap11::SOAPClient(validating), m_policy(policy), m_force(true), m_correlate(NULL) {}
+        SOAPClient(SecurityPolicy& policy);
         
-        virtual ~SOAPClient() {
-            XMLString::release(&m_correlate);
-        }
+        virtual ~SOAPClient();
 
         /**
          * Controls whether to force transport/peer authentication via an X509TrustEngine.
@@ -54,19 +60,21 @@ namespace opensaml {
          * 
          * @param force  true iff the client should refuse to communicate without this protection
          */
-        void forceTransportAuthentication(bool force=true) {
-            m_force = force;
-        }
+        void forceTransportAuthentication(bool force=true);
         
+        using soap11::SOAPClient::send;
+
         /**
-         * Override prepares the SecurityPolicy by clearing Issuer identity, in case the policy
-         * is reused.
+         * SAML-specific method uses metadata to determine the peer name and prepare the
+         * transport layer with peer credential information. The SecurityPolicy is also reset,
+         * in case the policy is reused.
          * 
          * @param env       SOAP envelope to send
-         * @param peer      peer to send message to, expressed in TrustEngine terms
+         * @param from      identity of sending application
+         * @param to        peer to send message to, expressed in metadata criteria terms
          * @param endpoint  URL of endpoint to recieve message
          */
-        void send(const soap11::Envelope& env, const xmltooling::KeyInfoSource& peer, const char* endpoint);
+        virtual void send(const soap11::Envelope& env, const char* from, saml2md::MetadataCredentialCriteria& to, const char* endpoint);
         
         /**
          * Override applies SecurityPolicy to envelope before returning it.
@@ -77,6 +85,13 @@ namespace opensaml {
         
         void reset();
 
+        /**
+         * Returns the SecurityPolicy supplied to the client.
+         *
+         * @return  the associated SecurityPolicy
+         */
+        SecurityPolicy& getPolicy() const;
+
     protected:
         /**
          * Override prepares transport by assigning an X509TrustEngine to it, if one is
@@ -84,7 +99,7 @@ namespace opensaml {
          * 
          * @param transport reference to transport layer
          */
-        void prepareTransport(const xmltooling::SOAPTransport& transport);
+        void prepareTransport(xmltooling::SOAPTransport& transport);
         
         /** Reference to security policy to apply. */
         SecurityPolicy& m_policy;
@@ -92,11 +107,11 @@ namespace opensaml {
         /** Flag controlling whether transport/peer authn is mandatory. */
         bool m_force;
     
-        /** Message correlation ID. */
-        XMLCh* m_correlate;
-        
-    private:
+        /** Metadata-based peer identity. */        
         const saml2md::RoleDescriptor* m_peer;
+
+        /** Metadata-based CredentialCriteria for supplying credentials to TrustEngine. */
+        saml2md::MetadataCredentialCriteria* m_criteria;
     };
 
 };