X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=saml%2Fbinding%2FSOAPClient.h;h=ddbe2e1e0a485f4419ee53675ee4108cf0829d73;hb=b1614d3c1fc1f4230ab2a123f43994127c25462c;hp=fcc89bd113299ff62e9a30c58787d9d9263264a1;hpb=750aa26530f9e8993eae37cd9e68e25497be66b5;p=shibboleth%2Fcpp-opensaml.git diff --git a/saml/binding/SOAPClient.h b/saml/binding/SOAPClient.h index fcc89bd..ddbe2e1 100644 --- a/saml/binding/SOAPClient.h +++ b/saml/binding/SOAPClient.h @@ -1,5 +1,5 @@ /* - * Copyright 2001-2006 Internet2 + * Copyright 2001-2007 Internet2 * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -24,6 +24,7 @@ #define __saml_soap11client_h__ #include +#include #include namespace opensaml { @@ -31,17 +32,21 @@ namespace opensaml { /** * Specialized SOAPClient for SAML SOAP bindings. */ - class SAML_API SOAPClient : soap11::SOAPClient + class SAML_API SOAPClient : public soap11::SOAPClient { public: /** * Creates a SOAP client instance with a particular SecurityPolicy. * - * @param policy reference to SecurityPolicy to apply + * @param policy reference to SecurityPolicy to apply + * @param validating controls schema validation */ - SOAPClient(SecurityPolicy& policy) : m_policy(policy), m_force(true) {} + SOAPClient(SecurityPolicy& policy) + : soap11::SOAPClient(policy.getValidating()), m_policy(policy), m_force(true), m_peer(NULL), m_criteria(NULL) { + } - virtual ~SOAPClient() {} + virtual ~SOAPClient() { + } /** * Controls whether to force transport/peer authentication via an X509TrustEngine. @@ -55,14 +60,15 @@ namespace opensaml { } /** - * Override prepares the SecurityPolicy by clearing Issuer identity, in case the policy - * is reused. + * SAML-specific method uses a RoleDescriptor to determine the peer name and prepare the + * transport layer with peer credential information. The SecurityPolicy is also reset, + * in case the policy is reused. * * @param env SOAP envelope to send - * @param peer peer to send message to, expressed in TrustEngine terms + * @param peer peer to send message to, expressed in metadata criteria terms * @param endpoint URL of endpoint to recieve message */ - void send(const soap11::Envelope* env, const xmltooling::KeyInfoSource& peer, const char* endpoint); + void send(const soap11::Envelope& env, saml2md::MetadataCredentialCriteria& peer, const char* endpoint); /** * Override applies SecurityPolicy to envelope before returning it. @@ -70,6 +76,17 @@ namespace opensaml { * @return response envelope after SecurityPolicy has been applied */ soap11::Envelope* receive(); + + void reset(); + + /** + * Returns the SecurityPolicy supplied to the client. + * + * @return the associated SecurityPolicy + */ + SecurityPolicy& getPolicy() const { + return m_policy; + } protected: /** @@ -78,7 +95,7 @@ namespace opensaml { * * @param transport reference to transport layer */ - void prepareTransport(const xmltooling::SOAPTransport& transport); + void prepareTransport(xmltooling::SOAPTransport& transport); /** Reference to security policy to apply. */ SecurityPolicy& m_policy; @@ -86,8 +103,11 @@ namespace opensaml { /** Flag controlling whether transport/peer authn is mandatory. */ bool m_force; - private: + /** Metadata-based peer identity. */ const saml2md::RoleDescriptor* m_peer; + + /** Metadata-based CredentialCriteria for supplying credentials to TrustEngine. */ + saml2md::MetadataCredentialCriteria* m_criteria; }; };