/*
- * Copyright 2001-2007 Internet2
+ * Copyright 2001-2009 Internet2
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
#include "metadata/MetadataProviderCriteria.h"
#include "security/SecurityPolicy.h"
+using namespace opensaml::saml2;
using namespace shibsp;
-SecurityPolicy::SecurityPolicy(const Application& application, const xmltooling::QName* role, bool validate)
- : opensaml::SecurityPolicy(application.getMetadataProvider(), role, application.getTrustEngine(), validate), m_application(application) {
+SecurityPolicy::SecurityPolicy(const Application& application, const xmltooling::QName* role, bool validate, const char* policyId)
+ : SAML2AssertionPolicy(application.getMetadataProvider(), role, application.getTrustEngine(), validate), m_application(application) {
const std::vector<const opensaml::SecurityPolicyRule*>& rules =
- application.getServiceProvider().getPolicyRules(application.getString("policyId").second);
+ application.getServiceProvider().getPolicyRules(policyId ? policyId : application.getString("policyId").second);
getRules().assign(rules.begin(), rules.end());
}
{
if (!m_metadataCriteria)
m_metadataCriteria=new MetadataProviderCriteria(m_application);
+ else
+ m_metadataCriteria->reset();
return *m_metadataCriteria;
}
/*
- * Copyright 2001-2007 Internet2
+ * Copyright 2001-2009 Internet2
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
#define __shibsp_secpol_h__
#include <shibsp/base.h>
-#include <saml/binding/SecurityPolicy.h>
+#include <saml/saml2/profile/SAML2AssertionPolicy.h>
namespace shibsp {
/**
* SP-specific SecurityPolicy subclass.
*/
- class SHIBSP_API SecurityPolicy : public opensaml::SecurityPolicy
+ class SHIBSP_API SecurityPolicy : public opensaml::saml2::SAML2AssertionPolicy
{
public:
/**
* @param application an Application instance
* @param role identifies the role (generally IdP or SP) of the policy peer
* @param validate true iff XML parsing should be done with validation
+ * @param policyId identifies policy rules to auto-attach, defaults to the application's set
*/
- SecurityPolicy(const Application& application, const xmltooling::QName* role=NULL, bool validate=true);
+ SecurityPolicy(const Application& application, const xmltooling::QName* role=NULL, bool validate=true, const char* policyId=NULL);
virtual ~SecurityPolicy() {}