X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=shibsp%2Fbinding%2Fimpl%2FArtifactResolver.cpp;h=332549fad61926f0c4366b10acd12b5cfb0c62f6;hb=392d1448deb48beb75f219532ac248b4776f16db;hp=33863d48cf49a727b992223abff37e88bb3583a4;hpb=63b4b6e0bcc6a7727f7804852ed1529d947fec50;p=shibboleth%2Fsp.git

diff --git a/shibsp/binding/impl/ArtifactResolver.cpp b/shibsp/binding/impl/ArtifactResolver.cpp
index 33863d4..332549f 100644
--- a/shibsp/binding/impl/ArtifactResolver.cpp
+++ b/shibsp/binding/impl/ArtifactResolver.cpp
@@ -51,7 +51,8 @@ saml1p::Response* ArtifactResolver::resolve(
     ) const
 {
     MetadataCredentialCriteria mcc(idpDescriptor);
-    shibsp::SOAPClient soaper(dynamic_cast<shibsp::SecurityPolicy&>(policy));
+    shibsp::SecurityPolicy& sppolicy = dynamic_cast<shibsp::SecurityPolicy&>(policy);
+    shibsp::SOAPClient soaper(sppolicy);
 
     bool foundEndpoint = false;
     auto_ptr_XMLCh binding(samlconstants::SAML1_BINDING_SOAP);
@@ -73,7 +74,7 @@ saml1p::Response* ArtifactResolver::resolve(
             }
 
             SAML1SOAPClient client(soaper, false);
-            client.sendSAML(request, mcc, loc.get());
+            client.sendSAML(request, sppolicy.getApplication().getId(), mcc, loc.get());
             response = client.receiveSAML();
         }
         catch (exception& ex) {
@@ -92,6 +93,8 @@ saml1p::Response* ArtifactResolver::resolve(
         throw BindingException("Identity provider returned a SAML error in response to artifact(s).");
     }
 
+    // The SOAP client handles policy evaluation against the SOAP and Response layer,
+    // but no security checking is done here.
     return response;
 }
 
@@ -115,18 +118,17 @@ ArtifactResponse* ArtifactResolver::resolve(
                 continue;
             foundEndpoint = true;
             auto_ptr_char loc((*ep)->getLocation());
-            auto_ptr_XMLCh issuer(sppolicy.getApplication().getString("entityID").second);
             ArtifactResolve* request = ArtifactResolveBuilder::buildArtifactResolve();
             Issuer* iss = IssuerBuilder::buildIssuer();
             request->setIssuer(iss);
-            iss->setName(issuer.get());
+            iss->setName(sppolicy.getApplication().getRelyingParty(dynamic_cast<EntityDescriptor*>(ssoDescriptor.getParent()))->getXMLString("entityID").second);
             auto_ptr_XMLCh artbuf(artifact.encode().c_str());
             Artifact* a = ArtifactBuilder::buildArtifact();
             a->setArtifact(artbuf.get());
             request->setArtifact(a);
 
             SAML2SOAPClient client(soaper, false);
-            client.sendSAML(request, mcc, loc.get());
+            client.sendSAML(request, sppolicy.getApplication().getId(), mcc, loc.get());
             StatusResponseType* srt = client.receiveSAML();
             if (!(response = dynamic_cast<ArtifactResponse*>(srt))) {
                 delete srt;
@@ -149,5 +151,8 @@ ArtifactResponse* ArtifactResolver::resolve(
         BindingException ex("Identity provider returned a SAML error in response to artifact.");
         annotateException(&ex, &ssoDescriptor, response->getStatus());  // rethrow
     }
+
+    // The SOAP client handles policy evaluation against the SOAP and Response layer,
+    // but no security checking is done here.
     return response;
 }