X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=samlsign%2Fsamlsign.cpp;h=9cdaa91c5e9f87aae0994be108becc9ab2ce8e38;hb=9feb31702e26a76de7030d712d61c2312aa168a8;hp=8ee8e7d41ec18eee25bcdbc837cebc582eb337cd;hpb=3f243ee065ef3dcc1e9832275c00ee708d7f9a6b;p=shibboleth%2Fcpp-opensaml.git diff --git a/samlsign/samlsign.cpp b/samlsign/samlsign.cpp index 8ee8e7d..9cdaa91 100644 --- a/samlsign/samlsign.cpp +++ b/samlsign/samlsign.cpp @@ -247,7 +247,7 @@ int main(int argc,char* argv[]) // Set up criteria. CredentialCriteria cc; - cc.setUsage(CredentialCriteria::SIGNING_CREDENTIAL); + cc.setUsage(Credential::SIGNING_CREDENTIAL); cc.setSignature(*(signable->getSignature()), CredentialCriteria::KEYINFO_EXTRACTION_KEY); if (issuer) cc.setPeerName(issuer); @@ -293,18 +293,19 @@ int main(int argc,char* argv[]) auto_ptr metadata(buildPlugin(m_param, conf.MetadataProviderManager)); metadata->init(); - Locker locker(metadata.get()); - const EntityDescriptor* entity = metadata->getEntityDescriptor(issuer); - if (!entity) - throw MetadataException("no metadata found for ($1)", params(1, issuer)); const XMLCh* ns = rns ? XMLString::transcode(rns) : samlconstants::SAML20MD_NS; auto_ptr_XMLCh n(rname); QName q(ns, n.get()); - const RoleDescriptor* role = entity->getRoleDescriptor(q, protocol); - if (!role) + + Locker locker(metadata.get()); + MetadataProvider::Criteria mc(issuer, &q, protocol); + pair entity = metadata->getEntityDescriptor(mc); + if (!entity.first) + throw MetadataException("no metadata found for ($1)", params(1, issuer)); + else if (!entity.second) throw MetadataException("compatible role $1 not found for ($2)", params(2, q.toString().c_str(), issuer)); - MetadataCredentialCriteria mcc(*role); + MetadataCredentialCriteria mcc(*entity.second); if (sigtrust->validate(*signable->getSignature(), *metadata.get(), &mcc)) log.info("successful signature verification"); else @@ -313,7 +314,7 @@ int main(int argc,char* argv[]) else { // Set up criteria. CredentialCriteria cc; - cc.setUsage(CredentialCriteria::SIGNING_CREDENTIAL); + cc.setUsage(Credential::SIGNING_CREDENTIAL); cc.setSignature(*(signable->getSignature()), CredentialCriteria::KEYINFO_EXTRACTION_KEY); if (issuer) cc.setPeerName(issuer); @@ -332,7 +333,7 @@ int main(int argc,char* argv[]) ); Locker locker(cr.get()); CredentialCriteria cc; - cc.setUsage(CredentialCriteria::SIGNING_CREDENTIAL); + cc.setUsage(Credential::SIGNING_CREDENTIAL); const Credential* cred = cr->resolve(&cc); if (!cred) throw XMLSecurityException("Unable to resolve a signing credential.");