X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=shibsp%2Fsecurity%2FSecurityPolicyProvider.h;fp=shibsp%2Fsecurity%2FSecurityPolicyProvider.h;h=3fed8b29df314e10bd9359e4b7f0f21478f6d1f4;hb=3c1e801d6539b92d6d3d7fb40d661a7ce630ec44;hp=65f5bdf4cb61cf5a37bbc8d4804c82775f86d240;hpb=f2621219507344852f967e4099e9c341499eb802;p=shibboleth%2Fsp.git

diff --git a/shibsp/security/SecurityPolicyProvider.h b/shibsp/security/SecurityPolicyProvider.h
index 65f5bdf..3fed8b2 100644
--- a/shibsp/security/SecurityPolicyProvider.h
+++ b/shibsp/security/SecurityPolicyProvider.h
@@ -57,6 +57,10 @@ namespace shibsp {
         MAKE_NONCOPYABLE(SecurityPolicyProvider);
     protected:
         SecurityPolicyProvider();
+
+        /** Default algorithms to block in the current release. */
+        std::vector<xmltooling::xstring> m_defaultBlacklist;
+
     public:
         virtual ~SecurityPolicyProvider();
         
@@ -77,6 +81,13 @@ namespace shibsp {
         virtual const std::vector<const opensaml::SecurityPolicyRule*>& getPolicyRules(const char* id=nullptr) const=0;
 
         /**
+         * Returns a default/implicit set of XML Signature/Encryption algorithm identifiers to block.
+         *
+         * @return  an array of algorithm URIs to block
+         */
+        virtual const std::vector<xmltooling::xstring>& getDefaultAlgorithmBlacklist() const;
+
+        /**
          * Returns a set of XML Signature/Encryption algorithm identifiers to block.
          *
          * @return  an array of algorithm URIs to block