X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=saml%2Fsaml1%2Fbinding%2Fimpl%2FSAML1MessageDecoder.cpp;h=8a751b93e05051c80fceaedaebb17b1cc8ac6e55;hb=c072b75e6f6e05e24a1c35b952008b38d0d375c1;hp=7a597963cc714453b29a78481f235390861d9da2;hpb=96437360be3fa1f0c182bdd13b54e00110e45f11;p=shibboleth%2Fcpp-opensaml.git

diff --git a/saml/saml1/binding/impl/SAML1MessageDecoder.cpp b/saml/saml1/binding/impl/SAML1MessageDecoder.cpp
index 7a59796..8a751b9 100644
--- a/saml/saml1/binding/impl/SAML1MessageDecoder.cpp
+++ b/saml/saml1/binding/impl/SAML1MessageDecoder.cpp
@@ -1,6 +1,6 @@
 /*
- *  Copyright 2001-2007 Internet2
- * 
+ *  Copyright 2001-2009 Internet2
+ *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -16,12 +16,13 @@
 
 /**
  * SAML1MessageDecoder.cpp
- * 
+ *
  * Base class for SAML 1.x MessageDecoders.
  */
 
 #include "internal.h"
 #include "exceptions.h"
+#include "binding/SecurityPolicy.h"
 #include "saml1/binding/SAML1MessageDecoder.h"
 #include "saml1/core/Assertions.h"
 #include "saml1/core/Protocols.h"
@@ -43,7 +44,7 @@ void SAML1MessageDecoder::extractMessageDetails(
     ) const
 {
     // Only handle SAML 1.x protocol messages.
-    const QName& q = message.getElementQName();
+    const xmltooling::QName& q = message.getElementQName();
     if (!XMLString::equals(q.getNamespaceURI(), samlconstants::SAML1P_NS))
         return;
 
@@ -93,18 +94,21 @@ void SAML1MessageDecoder::extractMessageDetails(
 
     if (policy.getMetadataProvider() && policy.getRole()) {
         log.debug("searching metadata for response issuer...");
-        const EntityDescriptor* entity = policy.getMetadataProvider()->getEntityDescriptor(issuer);
-        if (entity) {
-            log.debug("matched response issuer against metadata, searching for applicable role...");
-            const RoleDescriptor* roledesc=entity->getRoleDescriptor(*policy.getRole(), protocol);
-            if (roledesc)
-                policy.setIssuerMetadata(roledesc);
-            else if (log.isWarnEnabled())
-                log.warn("unable to find compatible role (%s) in metadata", policy.getRole()->toString().c_str());
-        }
-        else if (log.isWarnEnabled()) {
+        MetadataProvider::Criteria& mc = policy.getMetadataProviderCriteria();
+        mc.entityID_unicode = issuer;
+        mc.role = policy.getRole();
+        mc.protocol = protocol;
+        pair<const EntityDescriptor*,const RoleDescriptor*> entity = policy.getMetadataProvider()->getEntityDescriptor(mc);
+
+        if (!entity.first) {
             auto_ptr_char iname(issuer);
             log.warn("no metadata found, can't establish identity of issuer (%s)", iname.get());
+            return;
+        }
+        else if (!entity.second) {
+            log.warn("unable to find compatible role (%s) in metadata", policy.getRole()->toString().c_str());
+            return;
         }
+        policy.setIssuerMetadata(entity.second);
     }
 }