X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=shibsp%2Fhandler%2FAssertionConsumerService.h;h=752e86cdf9a7fec5b108b3c31fc9a0df3327281e;hb=a5b1914f888d2ac8992cc4985d65e9d727aa8df4;hp=a7289febd7d908c2e941bae75801e13986afd763;hpb=8cfb88bff921f1830d05045bf266b88f8d49abd7;p=shibboleth%2Fsp.git
diff --git a/shibsp/handler/AssertionConsumerService.h b/shibsp/handler/AssertionConsumerService.h
index a7289fe..752e86c 100644
--- a/shibsp/handler/AssertionConsumerService.h
+++ b/shibsp/handler/AssertionConsumerService.h
@@ -1,5 +1,5 @@
/*
- * Copyright 2001-2007 Internet2
+ * Copyright 2001-2009 Internet2
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -76,6 +76,23 @@ namespace shibsp {
void generateMetadata(opensaml::saml2md::SPSSODescriptor& role, const char* handlerURL) const;
/**
+ * Returns a SecurityPolicy instance to use for an incoming request.
+ *
+ * Allows handlers to customize the type of policy object their policy rules might require.
+ *
The caller MUST lock the application's MetadataProvider for the life
+ * of the returned object.
+ *
+ * @param application reference to application receiving message
+ * @param role identifies the role (generally IdP or SP) of the policy peer
+ * @param validate true iff XML parsing should be done with validation
+ * @param policyId identifies policy rules to auto-attach, defaults to the application's set
+ * @return a new policy instance, which the caller is responsible for freeing
+ */
+ virtual opensaml::SecurityPolicy* createSecurityPolicy(
+ const Application& application, const xmltooling::QName* role, bool validate, const char* policyId
+ ) const;
+
+ /**
* Implement protocol-specific handling of the incoming decoded message.
*
*
The result of implementing the protocol should be an exception or