X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=saml%2Fsaml1%2Fbinding%2Fimpl%2FSAML1SOAPClient.cpp;h=d1d6ef4ec0a63bd2d6d8870335317d84eb188128;hb=19fa6d26c3d6515f9556c1c70d59a86ea3a05ff4;hp=97114a0cbbcf0f0171abad594e8e94124c4be233;hpb=3cb6665db57a8dc6b87a352e78d69bff25c7493b;p=shibboleth%2Fopensaml2.git

diff --git a/saml/saml1/binding/impl/SAML1SOAPClient.cpp b/saml/saml1/binding/impl/SAML1SOAPClient.cpp
index 97114a0..d1d6ef4 100644
--- a/saml/saml1/binding/impl/SAML1SOAPClient.cpp
+++ b/saml/saml1/binding/impl/SAML1SOAPClient.cpp
@@ -56,7 +56,7 @@ Response* SAML1SOAPClient::receiveSAML()
             // Check for SAML Response.
             Response* response = dynamic_cast<Response*>(body->getUnknownXMLObjects().front());
             if (response) {
-                
+
                 // Check InResponseTo.
                 if (m_correlate && response->getInResponseTo() && !XMLString::equals(m_correlate, response->getInResponseTo()))
                     throw BindingException("InResponseTo attribute did not correlate with the Request ID.");
@@ -70,6 +70,10 @@ Response* SAML1SOAPClient::receiveSAML()
                 }
                 
                 m_soaper.getPolicy().evaluate(*response);
+                
+                if (!m_soaper.getPolicy().isSecure())
+                    throw BindingException("Security policy could not authenticate the message.");
+                
                 env.release();
                 body->detach(); // frees Envelope
                 response->detach();   // frees Body