X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=saml%2Fsaml2%2Fmetadata%2FMetadataCredentialCriteria.h;h=901b3c6ab428c1bf6da9ab357e96cc86566aaf62;hb=0547a02ac67aeb6607ac96dadb25aae560aecf20;hp=dfe4bccd0c6d40e63f6e95f7462ece55cabb2676;hpb=46ac496b77b850309c07e732ff89fa41c776915d;p=shibboleth%2Fcpp-opensaml.git

diff --git a/saml/saml2/metadata/MetadataCredentialCriteria.h b/saml/saml2/metadata/MetadataCredentialCriteria.h
index dfe4bcc..901b3c6 100644
--- a/saml/saml2/metadata/MetadataCredentialCriteria.h
+++ b/saml/saml2/metadata/MetadataCredentialCriteria.h
@@ -1,5 +1,5 @@
 /*
- *  Copyright 2001-2007 Internet2
+ *  Copyright 2001-2009 Internet2
  * 
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -24,7 +24,6 @@
 #define __saml_metacrit_h__
 
 #include <saml/base.h>
-#include <saml/saml2/metadata/MetadataCredentialContext.h>
 #include <xmltooling/security/CredentialCriteria.h>
 
 namespace opensaml {
@@ -41,13 +40,7 @@ namespace opensaml {
              *
              * @param role      source of metadata-supplied credentials
              */
-            MetadataCredentialCriteria(const RoleDescriptor& role) : m_role(role) {
-                const EntityDescriptor* entity = dynamic_cast<const EntityDescriptor*>(role.getParent());
-                if (entity) {
-                    xmltooling::auto_ptr_char name(entity->getEntityID());
-                    setPeerName(name.get());
-                }
-            }
+            MetadataCredentialCriteria(const RoleDescriptor& role);
     
             virtual ~MetadataCredentialCriteria() {}
             
@@ -60,19 +53,8 @@ namespace opensaml {
                 return m_role;
             }
 
-            bool matches(const xmltooling::Credential& credential) const {
-                const MetadataCredentialContext* context = dynamic_cast<const MetadataCredentialContext*>(credential.getCredentalContext());
-                if (context) {
-                    // Check for a usage mismatch.
-                    if ((getUsage()==CredentialCriteria::SIGNING_CREDENTIAL || getUsage()==CredentialCriteria::TLS_CREDENTIAL) &&
-                            XMLString::equals(context->getKeyDescriptor().getUse(),KeyDescriptor::KEYTYPE_ENCRYPTION))
-                        return false;
-                    else if (getUsage()==CredentialCriteria::ENCRYPTION_CREDENTIAL &&
-                            XMLString::equals(context->getKeyDescriptor().getUse(),KeyDescriptor::KEYTYPE_SIGNING))
-                        return false;
-                }
-                return CredentialCriteria::matches(credential);
-            }
+            void reset();
+            bool matches(const xmltooling::Credential& credential) const;
 
         private:
             const RoleDescriptor& m_role;
