X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=samlsign%2Fsamlsign.cpp;h=9cdaa91c5e9f87aae0994be108becc9ab2ce8e38;hb=9feb31702e26a76de7030d712d61c2312aa168a8;hp=1683edd5a29a4234271d14f15ec6283714875a9f;hpb=a9e98c3b9a6721ed98fa811f46c7b3833a1b56e8;p=shibboleth%2Fcpp-opensaml.git

diff --git a/samlsign/samlsign.cpp b/samlsign/samlsign.cpp
index 1683edd..9cdaa91 100644
--- a/samlsign/samlsign.cpp
+++ b/samlsign/samlsign.cpp
@@ -247,7 +247,7 @@ int main(int argc,char* argv[])
 
                 // Set up criteria.
                 CredentialCriteria cc;
-                cc.setUsage(CredentialCriteria::SIGNING_CREDENTIAL);
+                cc.setUsage(Credential::SIGNING_CREDENTIAL);
                 cc.setSignature(*(signable->getSignature()), CredentialCriteria::KEYINFO_EXTRACTION_KEY);
                 if (issuer)
                     cc.setPeerName(issuer);
@@ -293,18 +293,19 @@ int main(int argc,char* argv[])
                     auto_ptr<MetadataProvider> metadata(buildPlugin(m_param, conf.MetadataProviderManager));
                     metadata->init();
                     
-                    Locker locker(metadata.get());
-                    const EntityDescriptor* entity = metadata->getEntityDescriptor(issuer);
-                    if (!entity)
-                        throw MetadataException("no metadata found for ($1)", params(1, issuer));
                     const XMLCh* ns = rns ? XMLString::transcode(rns) : samlconstants::SAML20MD_NS;
                     auto_ptr_XMLCh n(rname);
                     QName q(ns, n.get());
-                    const RoleDescriptor* role = entity->getRoleDescriptor(q, protocol);
-                    if (!role)
+
+                    Locker locker(metadata.get());
+                    MetadataProvider::Criteria mc(issuer, &q, protocol);
+                    pair<const EntityDescriptor*,const RoleDescriptor*> entity = metadata->getEntityDescriptor(mc);
+                    if (!entity.first)
+                        throw MetadataException("no metadata found for ($1)", params(1, issuer));
+                    else if (!entity.second)
                         throw MetadataException("compatible role $1 not found for ($2)", params(2, q.toString().c_str(), issuer));
 
-                    MetadataCredentialCriteria mcc(*role);
+                    MetadataCredentialCriteria mcc(*entity.second);
                     if (sigtrust->validate(*signable->getSignature(), *metadata.get(), &mcc))
                         log.info("successful signature verification");
                     else
@@ -313,7 +314,7 @@ int main(int argc,char* argv[])
                 else {
                     // Set up criteria.
                     CredentialCriteria cc;
-                    cc.setUsage(CredentialCriteria::SIGNING_CREDENTIAL);
+                    cc.setUsage(Credential::SIGNING_CREDENTIAL);
                     cc.setSignature(*(signable->getSignature()), CredentialCriteria::KEYINFO_EXTRACTION_KEY);
                     if (issuer)
                         cc.setPeerName(issuer);
@@ -332,7 +333,7 @@ int main(int argc,char* argv[])
                 );
             Locker locker(cr.get());
             CredentialCriteria cc;
-            cc.setUsage(CredentialCriteria::SIGNING_CREDENTIAL);
+            cc.setUsage(Credential::SIGNING_CREDENTIAL);
             const Credential* cred = cr->resolve(&cc);
             if (!cred)
                 throw XMLSecurityException("Unable to resolve a signing credential.");
@@ -347,14 +348,9 @@ int main(int argc,char* argv[])
         }
     }
     catch(exception& e) {
-        log.errorStream() << "caught an exception: " << e.what() << CategoryStream::ENDLINE;
+        log.errorStream() << "caught an exception: " << e.what() << logging::eol;
         ret=-10;
     }
-    catch(XMLException& e) {
-        auto_ptr_char temp(e.getMessage());
-        log.errorStream() << "caught a Xerces exception: " << temp.get() << CategoryStream::ENDLINE;
-        ret=-20;
-    }
 
     conf.term();
     return ret;