projects / shibboleth / sp.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 8462314)
Rebase on SAML 2 policy subclass.
authorcantor <cantor@cb58f699-b61c-0410-a6fe-9272a202ed29>
Fri, 6 Mar 2009 20:57:26 +0000 (20:57 +0000)
committercantor <cantor@cb58f699-b61c-0410-a6fe-9272a202ed29>
Fri, 6 Mar 2009 20:57:26 +0000 (20:57 +0000)
git-svn-id: https://svn.middleware.georgetown.edu/cpp-sp/branches/REL_2@2949 cb58f699-b61c-0410-a6fe-9272a202ed29

shibsp/security/SecurityPolicy.cpp patch | blob | history
shibsp/security/SecurityPolicy.h patch | blob | history

diff --git a/shibsp/security/SecurityPolicy.cpp b/shibsp/security/SecurityPolicy.cpp
index f8e81a4..577f73f 100644 (file)
--- a/shibsp/security/SecurityPolicy.cpp
+++ b/shibsp/security/SecurityPolicy.cpp
@@ -1,5 +1,5 @@
 /*
- *  Copyright 2001-2007 Internet2
+ *  Copyright 2001-2009 Internet2
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -26,13 +26,14 @@
 #include "metadata/MetadataProviderCriteria.h"
 #include "security/SecurityPolicy.h"
 
+using namespace opensaml::saml2;
 using namespace shibsp;
 
-SecurityPolicy::SecurityPolicy(const Application& application, const xmltooling::QName* role, bool validate)
-    : opensaml::SecurityPolicy(application.getMetadataProvider(), role, application.getTrustEngine(), validate), m_application(application) {
+SecurityPolicy::SecurityPolicy(const Application& application, const xmltooling::QName* role, bool validate, const char* policyId)
+    : SAML2AssertionPolicy(application.getMetadataProvider(), role, application.getTrustEngine(), validate), m_application(application) {
 
     const std::vector<const opensaml::SecurityPolicyRule*>& rules =
-        application.getServiceProvider().getPolicyRules(application.getString("policyId").second);
+        application.getServiceProvider().getPolicyRules(policyId ? policyId : application.getString("policyId").second);
     getRules().assign(rules.begin(), rules.end());
 }
 
@@ -40,5 +41,7 @@ opensaml::saml2md::MetadataProvider::Criteria& SecurityPolicy::getMetadataProvid
 {
     if (!m_metadataCriteria)
         m_metadataCriteria=new MetadataProviderCriteria(m_application);
+    else
+        m_metadataCriteria->reset();
     return *m_metadataCriteria;
 }
diff --git a/shibsp/security/SecurityPolicy.h b/shibsp/security/SecurityPolicy.h
index d72bc2b..29a3bf5 100644 (file)
--- a/shibsp/security/SecurityPolicy.h
+++ b/shibsp/security/SecurityPolicy.h
@@ -1,5 +1,5 @@
 /*
- *  Copyright 2001-2007 Internet2
+ *  Copyright 2001-2009 Internet2
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -24,7 +24,7 @@
 #define __shibsp_secpol_h__
 
 #include <shibsp/base.h>
-#include <saml/binding/SecurityPolicy.h>
+#include <saml/saml2/profile/SAML2AssertionPolicy.h>
 
 namespace shibsp {
 
@@ -33,7 +33,7 @@ namespace shibsp {
     /**
      * SP-specific SecurityPolicy subclass.
      */
-    class SHIBSP_API SecurityPolicy : public opensaml::SecurityPolicy
+    class SHIBSP_API SecurityPolicy : public opensaml::saml2::SAML2AssertionPolicy
     {
     public:
         /**
@@ -42,8 +42,9 @@ namespace shibsp {
          * @param application       an Application instance
          * @param role              identifies the role (generally IdP or SP) of the policy peer
          * @param validate          true iff XML parsing should be done with validation
+         * @param policyId          identifies policy rules to auto-attach, defaults to the application's set
          */
-        SecurityPolicy(const Application& application, const xmltooling::QName* role=NULL, bool validate=true);
+        SecurityPolicy(const Application& application, const xmltooling::QName* role=NULL, bool validate=true, const char* policyId=NULL);
 
         virtual ~SecurityPolicy() {}
 
Shibboleth SP