<?xml version="1.0" encoding="UTF-8"?>
-
-<schema targetNamespace="urn:mace:shibboleth:2.0:afp:mf:saml" xmlns="http://www.w3.org/2001/XMLSchema"
- xmlns:saml="urn:mace:shibboleth:2.0:afp:mf:saml" xmlns:afp="urn:mace:shibboleth:2.0:afp" version="2.0">
+<schema xmlns="http://www.w3.org/2001/XMLSchema" xmlns:saml="urn:mace:shibboleth:2.0:afp:mf:saml" xmlns:afp="urn:mace:shibboleth:2.0:afp" targetNamespace="urn:mace:shibboleth:2.0:afp:mf:saml" elementFormDefault="qualified">
<import namespace="urn:mace:shibboleth:2.0:afp" schemaLocation="classpath:/schema/shibboleth-2.0-afp.xsd" />
<annotation>
<documentation>
- A set of SAML specific match functions. These match functions only operate against a SAMLFilterContext.
+ A set of SAML specific match functions. These match functions only operate against a
+ SAMLFilterContext.
</documentation>
</annotation>
+ <complexType name="AttributeIssuerEntityAttributeExactMatch">
+ <annotation>
+ <documentation>
+ A match function that checks if the attribute issuer contains an entity attribute with the
+ specified value.
+ </documentation>
+ </annotation>
+ <complexContent>
+ <extension base="saml:EntityAttributeExactMatchType"/>
+ </complexContent>
+ </complexType>
+
+ <complexType name="AttributeRequesterEntityAttributeExactMatch">
+ <annotation>
+ <documentation>
+ A match function that checks if the attribute requester contains an entity attribute with the
+ specified value.
+ </documentation>
+ </annotation>
+ <complexContent>
+ <extension base="saml:EntityAttributeExactMatchType"/>
+ </complexContent>
+ </complexType>
+
+ <complexType name="EntityAttributeExactMatchType" abstract="true">
+ <complexContent>
+ <extension base="afp:MatchFunctorType">
+ <attribute name="attributeName" type="string" use="required">
+ <annotation>
+ <documentation>The name of the entity attribute to match.</documentation>
+ </annotation>
+ </attribute>
+ <attribute name="attributeNameFormat" type="string" use="optional">
+ <annotation>
+ <documentation>The name format of the entity attribute to match.</documentation>
+ </annotation>
+ </attribute>
+ <attribute name="attributeValue" type="string" use="required">
+ <annotation>
+ <documentation>The value of the entity attribute to match.</documentation>
+ </annotation>
+ </attribute>
+ </extension>
+ </complexContent>
+ </complexType>
+
+ <complexType name="AttributeIssuerEntityAttributeRegexMatch">
+ <annotation>
+ <documentation>
+ A match function that checks if the attribute issuer contains an entity attribute with a
+ value that matches the given regular expression.
+ </documentation>
+ </annotation>
+ <complexContent>
+ <extension base="saml:EntityAttributeRegexMatchType"/>
+ </complexContent>
+ </complexType>
+
+ <complexType name="AttributeRequesterEntityAttributeRegexMatch">
+ <annotation>
+ <documentation>
+ A match function that checks if the attribute requester contains an entity attribute with a
+ value that matches the given regular expression.
+ </documentation>
+ </annotation>
+ <complexContent>
+ <extension base="saml:EntityAttributeRegexMatchType"/>
+ </complexContent>
+ </complexType>
+
+ <complexType name="EntityAttributeRegexMatchType" abstract="true">
+ <complexContent>
+ <extension base="afp:MatchFunctorType">
+ <attribute name="attributeName" type="string" use="required">
+ <annotation>
+ <documentation>The name of the entity attribute to match.</documentation>
+ </annotation>
+ </attribute>
+ <attribute name="attributeNameFormat" type="string" use="optional">
+ <annotation>
+ <documentation>The name format of the entity attribute to match.</documentation>
+ </annotation>
+ </attribute>
+ <attribute name="attributeValueRegex" type="string" use="required">
+ <annotation>
+ <documentation>The regular expression that must match the value of the entity attribute to
+ match.</documentation>
+ </annotation>
+ </attribute>
+ </extension>
+ </complexContent>
+ </complexType>
+
+ <complexType name="AttributeIssuerNameIDFormatExactMatch">
+ <annotation>
+ <documentation>
+ A match function that evaluates to true if the attribute issuer supports a specified
+ NameID format.
+ </documentation>
+ </annotation>
+ <complexContent>
+ <extension base="saml:NameIDFormatExactMatchType"/>
+ </complexContent>
+ </complexType>
+
+ <complexType name="AttributeRequesterNameIDFormatExactMatch">
+ <annotation>
+ <documentation>
+ A match function that evaluates to true if the attribute requester supports a specified
+ NameID format.
+ </documentation>
+ </annotation>
+ <complexContent>
+ <extension base="saml:NameIDFormatExactMatchType"/>
+ </complexContent>
+ </complexType>
+
+ <complexType name="NameIDFormatExactMatchType" abstract="true">
+ <complexContent>
+ <extension base="afp:MatchFunctorType">
+ <attribute name="nameIdFormat" type="string" use="required">
+ <annotation>
+ <documentation>The NameID format that needs to be supported by the entity.</documentation>
+ </annotation>
+ </attribute>
+ </extension>
+ </complexContent>
+ </complexType>
+
<complexType name="AttributeRequesterInEntityGroup">
<annotation>
<documentation>
</complexContent>
</complexType>
- <complexType name="NameIDQualifierString">
- <annotation>
- <documentation>
- A match function that ensures that a NameID-valued attribute's qualifier(s), if set, match particular values.
- </documentation>
- </annotation>
- <complexContent>
- <extension base="afp:MatchFunctorType">
- <attribute name="attributeID" type="string">
- <annotation>
+ <complexType name="NameIDQualifierString">
+ <annotation>
<documentation>
- The ID of the attribute whose qualifiers should be matched. If no attribute ID is specified the
- ID of the containing attribute rule is assumed.
+ A match function that ensures that a NameID-valued attribute's qualifier(s), if set, match particular values.
</documentation>
- </annotation>
- </attribute>
- <attribute name="NameQualifier" type="string">
- <annotation>
+ </annotation>
+ <complexContent>
+ <extension base="afp:MatchFunctorType">
+ <attribute name="attributeID" type="string">
+ <annotation>
+ <documentation>
+ The ID of the attribute whose qualifiers should be matched. If no attribute ID is specified the
+ ID of the containing attribute rule is assumed.
+ </documentation>
+ </annotation>
+ </attribute>
+ <attribute name="NameQualifier" type="string">
+ <annotation>
+ <documentation>
+ A value to require in the NameQualifier field, or if omitted, require that it match the issuing IdP's entityID.
+ </documentation>
+ </annotation>
+ </attribute>
+ <attribute name="SPNameQualifier" type="string">
+ <annotation>
+ <documentation>
+ A value to require in the SPNameQualifier field, or if omitted, require that it match the SP's entityID.
+ </documentation>
+ </annotation>
+ </attribute>
+ </extension>
+ </complexContent>
+ </complexType>
+
+ <complexType name="AttributeIssuerEntityMatcher">
+ <annotation>
<documentation>
- A value to require in the NameQualifier field, or if omitted, require that it match the issuing IdP's entityID.
+ A match function that checks if the attribute issuer matches pluggable criteria.
</documentation>
- </annotation>
- </attribute>
- <attribute name="SPNameQualifier" type="string">
- <annotation>
+ </annotation>
+ <complexContent>
+ <extension base="saml:EntityMatcherType"/>
+ </complexContent>
+ </complexType>
+
+ <complexType name="AttributeRequesterEntityMatcher">
+ <annotation>
<documentation>
- A value to require in the SPNameQualifier field, or if omitted, require that it match the SP's entityID.
+ A match function that checks if the attribute requester matches pluggable criteria.
</documentation>
- </annotation>
- </attribute>
- </extension>
- </complexContent>
- </complexType>
-
+ </annotation>
+ <complexContent>
+ <extension base="saml:EntityMatcherType"/>
+ </complexContent>
+ </complexType>
+
+ <complexType name="EntityMatcherType" abstract="true">
+ <complexContent>
+ <extension base="afp:MatchFunctorType">
+ <sequence>
+ <any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
+ </sequence>
+ <attribute name="matcher" type="string" use="required">
+ <annotation>
+ <documentation>
+ The type of plugin to apply as a matching mechanism.
+ </documentation>
+ </annotation>
+ </attribute>
+ <anyAttribute namespace="##any" processContents="lax"/>
+ </extension>
+ </complexContent>
+ </complexType>
+
</schema>
\ No newline at end of file
attribute/filtering/impl/NumberOfAttributeValuesFunctor.cpp \
attribute/filtering/impl/AttributeIssuerInEntityGroupFunctor.cpp \
attribute/filtering/impl/AttributeRequesterInEntityGroupFunctor.cpp \
+ attribute/filtering/impl/AttributeIssuerEntityAttributeFunctor.cpp \
+ attribute/filtering/impl/AttributeRequesterEntityAttributeFunctor.cpp \
+ attribute/filtering/impl/AttributeIssuerEntityMatcherFunctor.cpp \
+ attribute/filtering/impl/AttributeRequesterEntityMatcherFunctor.cpp \
attribute/filtering/impl/AttributeScopeMatchesShibMDScopeFunctor.cpp \
attribute/resolver/impl/ChainingAttributeResolver.cpp \
attribute/resolver/impl/QueryAttributeResolver.cpp \
/** Matches based on metadata groups of requester. */
extern SHIBSP_API xmltooling::QName AttributeRequesterInEntityGroupType;
+ /** Matches based on entity attributes of issuer. */
+ extern SHIBSP_API xmltooling::QName AttributeIssuerEntityAttributeExactMatchType;
+
+ /** Matches based on entity attributes of requester. */
+ extern SHIBSP_API xmltooling::QName AttributeRequesterEntityAttributeExactMatchType;
+
+ /** Matches based on entity attributes of issuer and a regex. */
+ extern SHIBSP_API xmltooling::QName AttributeIssuerEntityAttributeRegexMatchType;
+
+ /** Matches based on entity attributes of requester and a regex. */
+ extern SHIBSP_API xmltooling::QName AttributeRequesterEntityAttributeRegexMatchType;
+
+ /** Matches based on issuer and pluggable criteria. */
+ extern SHIBSP_API xmltooling::QName AttributeIssuerEntityMatcherType;
+
+ /** Matches based on requester and pluggable criteria. */
+ extern SHIBSP_API xmltooling::QName AttributeRequesterEntityMatcherType;
+
/** Matches based on metadata Scope extensions. */
extern SHIBSP_API xmltooling::QName AttributeScopeMatchesShibMDScopeType;
--- /dev/null
+/**
+ * Licensed to the University Corporation for Advanced Internet
+ * Development, Inc. (UCAID) under one or more contributor license
+ * agreements. See the NOTICE file distributed with this work for
+ * additional information regarding copyright ownership.
+ *
+ * UCAID licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License. You may obtain a copy of the
+ * License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
+ * either express or implied. See the License for the specific
+ * language governing permissions and limitations under the License.
+ */
+
+/**
+ * AttributeIssuerEntityAttributeFunctor.cpp
+ *
+ * A match function that checks if the attribute issuer contains an entity attribute with the
+ * specified value or regex.
+ */
+
+#include "internal.h"
+#include "exceptions.h"
+#include "attribute/filtering/FilteringContext.h"
+#include "attribute/filtering/FilterPolicyContext.h"
+#include "attribute/filtering/MatchFunctor.h"
+
+#include <saml/SAMLConfig.h>
+#include <saml/saml2/metadata/EntityMatcher.h>
+#include <saml/saml2/metadata/Metadata.h>
+
+using namespace opensaml::saml2md;
+using opensaml::SAMLConfig;
+
+namespace shibsp {
+
+ /**
+ * A match function that checks if the attribute issuer contains an entity attribute with the
+ * specified value or regex.
+ */
+ class SHIBSP_DLLLOCAL AttributeIssuerEntityAttributeFunctor : public MatchFunctor
+ {
+ boost::scoped_ptr<EntityMatcher> m_matcher;
+ public:
+ AttributeIssuerEntityAttributeFunctor(const DOMElement* e)
+ : m_matcher(SAMLConfig::getConfig().EntityMatcherManager.newPlugin(ENTITYATTR_ENTITY_MATCHER, e)) {
+ }
+
+ bool evaluatePolicyRequirement(const FilteringContext& filterContext) const {
+ if (filterContext.getAttributeIssuerMetadata()) {
+ const EntityDescriptor* entity = dynamic_cast<EntityDescriptor*>(filterContext.getAttributeIssuerMetadata()->getParent());
+ if (entity)
+ return m_matcher->matches(*entity);
+ }
+ return false;
+ }
+
+ bool evaluatePermitValue(const FilteringContext& filterContext, const Attribute& attribute, size_t index) const {
+ return evaluatePolicyRequirement(filterContext);
+ }
+ };
+
+ MatchFunctor* SHIBSP_DLLLOCAL AttributeIssuerEntityAttributeExactMatchFactory(const std::pair<const FilterPolicyContext*,const DOMElement*>& p)
+ {
+ return new AttributeIssuerEntityAttributeFunctor(p.second);
+ }
+
+ MatchFunctor* SHIBSP_DLLLOCAL AttributeIssuerEntityAttributeRegexMatchFactory(const std::pair<const FilterPolicyContext*,const DOMElement*>& p)
+ {
+ return new AttributeIssuerEntityAttributeFunctor(p.second);
+ }
+
+};
--- /dev/null
+/**
+ * Licensed to the University Corporation for Advanced Internet
+ * Development, Inc. (UCAID) under one or more contributor license
+ * agreements. See the NOTICE file distributed with this work for
+ * additional information regarding copyright ownership.
+ *
+ * UCAID licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License. You may obtain a copy of the
+ * License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
+ * either express or implied. See the License for the specific
+ * language governing permissions and limitations under the License.
+ */
+
+/**
+ * AttributeIssuerEntityMatcherFunctor.cpp
+ *
+ * A match function that checks if the attribute issuer matches pluggable criteria.
+ */
+
+#include "internal.h"
+#include "exceptions.h"
+#include "attribute/filtering/FilteringContext.h"
+#include "attribute/filtering/FilterPolicyContext.h"
+#include "attribute/filtering/MatchFunctor.h"
+
+#include <saml/SAMLConfig.h>
+#include <saml/saml2/metadata/EntityMatcher.h>
+#include <saml/saml2/metadata/Metadata.h>
+#include <xmltooling/util/XMLHelper.h>
+
+using namespace opensaml::saml2md;
+using opensaml::SAMLConfig;
+using xmltooling::XMLHelper;
+
+namespace shibsp {
+
+ /**
+ * A match function that checks if the attribute issuer matches pluggable criteria.
+ */
+ class SHIBSP_DLLLOCAL AttributeIssuerEntityMatcherFunctor : public MatchFunctor
+ {
+ boost::scoped_ptr<EntityMatcher> m_matcher;
+ public:
+ AttributeIssuerEntityMatcherFunctor(const DOMElement* e) {
+ static const XMLCh matcher[] = UNICODE_LITERAL_7(m,a,t,c,h,e,r);
+ std::string type(XMLHelper::getAttrString(e, nullptr, matcher));
+ if (!type.empty())
+ m_matcher.reset(SAMLConfig::getConfig().EntityMatcherManager.newPlugin(type.c_str(), e));
+ else
+ throw ConfigurationException("AttributeIssuerEntityMatcher MatchFunctor requires a matcher attribute.");
+ }
+
+ bool evaluatePolicyRequirement(const FilteringContext& filterContext) const {
+ if (filterContext.getAttributeIssuerMetadata()) {
+ const EntityDescriptor* entity = dynamic_cast<EntityDescriptor*>(filterContext.getAttributeIssuerMetadata()->getParent());
+ if (entity)
+ return m_matcher->matches(*entity);
+ }
+ return false;
+ }
+
+ bool evaluatePermitValue(const FilteringContext& filterContext, const Attribute& attribute, size_t index) const {
+ return evaluatePolicyRequirement(filterContext);
+ }
+ };
+
+ MatchFunctor* SHIBSP_DLLLOCAL AttributeIssuerEntityMatcherFactory(const std::pair<const FilterPolicyContext*,const DOMElement*>& p)
+ {
+ return new AttributeIssuerEntityMatcherFunctor(p.second);
+ }
+
+};
--- /dev/null
+/**
+ * Licensed to the University Corporation for Advanced Internet
+ * Development, Inc. (UCAID) under one or more contributor license
+ * agreements. See the NOTICE file distributed with this work for
+ * additional information regarding copyright ownership.
+ *
+ * UCAID licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License. You may obtain a copy of the
+ * License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
+ * either express or implied. See the License for the specific
+ * language governing permissions and limitations under the License.
+ */
+
+/**
+ * AttributeRequesterEntityAttributeFunctor.cpp
+ *
+ * A match function that checks if the attribute requester contains an entity attribute with the
+ * specified value or regex.
+ */
+
+#include "internal.h"
+#include "exceptions.h"
+#include "attribute/filtering/FilteringContext.h"
+#include "attribute/filtering/FilterPolicyContext.h"
+#include "attribute/filtering/MatchFunctor.h"
+
+#include <saml/SAMLConfig.h>
+#include <saml/saml2/metadata/EntityMatcher.h>
+#include <saml/saml2/metadata/Metadata.h>
+
+using namespace opensaml::saml2md;
+using opensaml::SAMLConfig;
+
+namespace shibsp {
+
+ /**
+ * A match function that checks if the attribute requester contains an entity attribute with the
+ * specified value or regex.
+ */
+ class SHIBSP_DLLLOCAL AttributeRequesterEntityAttributeFunctor : public MatchFunctor
+ {
+ boost::scoped_ptr<EntityMatcher> m_matcher;
+ public:
+ AttributeRequesterEntityAttributeFunctor(const DOMElement* e)
+ : m_matcher(SAMLConfig::getConfig().EntityMatcherManager.newPlugin(ENTITYATTR_ENTITY_MATCHER, e)) {
+ }
+
+ bool evaluatePolicyRequirement(const FilteringContext& filterContext) const {
+ if (filterContext.getAttributeRequesterMetadata()) {
+ const EntityDescriptor* entity = dynamic_cast<EntityDescriptor*>(filterContext.getAttributeRequesterMetadata()->getParent());
+ if (entity)
+ return m_matcher->matches(*entity);
+ }
+ return false;
+ }
+
+ bool evaluatePermitValue(const FilteringContext& filterContext, const Attribute& attribute, size_t index) const {
+ return evaluatePolicyRequirement(filterContext);
+ }
+ };
+
+ MatchFunctor* SHIBSP_DLLLOCAL AttributeRequesterEntityAttributeExactMatchFactory(const std::pair<const FilterPolicyContext*,const DOMElement*>& p)
+ {
+ return new AttributeRequesterEntityAttributeFunctor(p.second);
+ }
+
+ MatchFunctor* SHIBSP_DLLLOCAL AttributeRequesterEntityAttributeRegexMatchFactory(const std::pair<const FilterPolicyContext*,const DOMElement*>& p)
+ {
+ return new AttributeRequesterEntityAttributeFunctor(p.second);
+ }
+};
--- /dev/null
+/**
+ * Licensed to the University Corporation for Advanced Internet
+ * Development, Inc. (UCAID) under one or more contributor license
+ * agreements. See the NOTICE file distributed with this work for
+ * additional information regarding copyright ownership.
+ *
+ * UCAID licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License. You may obtain a copy of the
+ * License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
+ * either express or implied. See the License for the specific
+ * language governing permissions and limitations under the License.
+ */
+
+/**
+ * AttributeRequesterEntityMatcherFunctor.cpp
+ *
+ * A match function that checks if the attribute requester matches pluggable criteria.
+ */
+
+#include "internal.h"
+#include "exceptions.h"
+#include "attribute/filtering/FilteringContext.h"
+#include "attribute/filtering/FilterPolicyContext.h"
+#include "attribute/filtering/MatchFunctor.h"
+
+#include <saml/SAMLConfig.h>
+#include <saml/saml2/metadata/EntityMatcher.h>
+#include <saml/saml2/metadata/Metadata.h>
+#include <xmltooling/util/XMLHelper.h>
+
+using namespace opensaml::saml2md;
+using opensaml::SAMLConfig;
+using xmltooling::XMLHelper;
+
+namespace shibsp {
+
+ /**
+ * A match function that checks if the attribute requester matches pluggable criteria.
+ */
+ class SHIBSP_DLLLOCAL AttributeRequesterEntityMatcherFunctor : public MatchFunctor
+ {
+ boost::scoped_ptr<EntityMatcher> m_matcher;
+ public:
+ AttributeRequesterEntityMatcherFunctor(const DOMElement* e) {
+ static const XMLCh matcher[] = UNICODE_LITERAL_7(m,a,t,c,h,e,r);
+ std::string type(XMLHelper::getAttrString(e, nullptr, matcher));
+ if (!type.empty())
+ m_matcher.reset(SAMLConfig::getConfig().EntityMatcherManager.newPlugin(type.c_str(), e));
+ else
+ throw ConfigurationException("AttributeRequesterEntityMatcher MatchFunctor requires a matcher attribute.");
+ }
+
+ bool evaluatePolicyRequirement(const FilteringContext& filterContext) const {
+ if (filterContext.getAttributeRequesterMetadata()) {
+ const EntityDescriptor* entity = dynamic_cast<EntityDescriptor*>(filterContext.getAttributeRequesterMetadata()->getParent());
+ if (entity)
+ return m_matcher->matches(*entity);
+ }
+ return false;
+ }
+
+ bool evaluatePermitValue(const FilteringContext& filterContext, const Attribute& attribute, size_t index) const {
+ return evaluatePolicyRequirement(filterContext);
+ }
+ };
+
+ MatchFunctor* SHIBSP_DLLLOCAL AttributeRequesterEntityMatcherFactory(const std::pair<const FilterPolicyContext*,const DOMElement*>& p)
+ {
+ return new AttributeRequesterEntityMatcherFunctor(p.second);
+ }
+
+};
DECL_FACTORY(NumberOfAttributeValues);
DECL_FACTORY(AttributeIssuerInEntityGroup);
DECL_FACTORY(AttributeRequesterInEntityGroup);
+ DECL_FACTORY(AttributeIssuerEntityAttributeExactMatch);
+ DECL_FACTORY(AttributeRequesterEntityAttributeExactMatch);
+ DECL_FACTORY(AttributeIssuerEntityAttributeRegexMatch);
+ DECL_FACTORY(AttributeRequesterEntityAttributeRegexMatch);
+ DECL_FACTORY(AttributeIssuerEntityMatcher);
+ DECL_FACTORY(AttributeRequesterEntityMatcher);
DECL_FACTORY(AttributeScopeMatchesShibMDScope);
DECL_FACTORY(NameIDQualifierString);
static const XMLCh NumberOfAttributeValues[] = UNICODE_LITERAL_23(N,u,m,b,e,r,O,f,A,t,t,r,i,b,u,t,e,V,a,l,u,e,s);
static const XMLCh AttributeIssuerInEntityGroup[] = UNICODE_LITERAL_28(A,t,t,r,i,b,u,t,e,I,s,s,u,e,r,I,n,E,n,t,i,t,y,G,r,o,u,p);
static const XMLCh AttributeRequesterInEntityGroup[] = UNICODE_LITERAL_31(A,t,t,r,i,b,u,t,e,R,e,q,u,e,s,t,e,r,I,n,E,n,t,i,t,y,G,r,o,u,p);
+ static const XMLCh AttributeIssuerEntityAttributeExactMatch[] = UNICODE_LITERAL_40(A,t,t,r,i,b,u,t,e,I,s,s,u,e,r,E,n,t,i,t,y,A,t,t,r,i,b,u,t,e,E,x,a,c,t,M,a,t,c,h);
+ static const XMLCh AttributeRequesterEntityAttributeExactMatch[] = UNICODE_LITERAL_43(A,t,t,r,i,b,u,t,e,R,e,q,u,e,s,t,e,r,E,n,t,i,t,y,A,t,t,r,i,b,u,t,e,E,x,a,c,t,M,a,t,c,h);
+ static const XMLCh AttributeIssuerEntityAttributeRegexMatch[] = UNICODE_LITERAL_40(A,t,t,r,i,b,u,t,e,I,s,s,u,e,r,E,n,t,i,t,y,A,t,t,r,i,b,u,t,e,R,e,g,e,x,M,a,t,c,h);
+ static const XMLCh AttributeRequesterEntityAttributeRegexMatch[] = UNICODE_LITERAL_43(A,t,t,r,i,b,u,t,e,R,e,q,u,e,s,t,e,r,E,n,t,i,t,y,A,t,t,r,i,b,u,t,e,R,e,g,e,x,M,a,t,c,h);
+ static const XMLCh AttributeIssuerEntityMatcher[] = UNICODE_LITERAL_28(A,t,t,r,i,b,u,t,e,I,s,s,u,e,r,E,n,t,i,t,y,M,a,t,c,h,e,r);
+ static const XMLCh AttributeRequesterEntityMatcher[] = UNICODE_LITERAL_31(A,t,t,r,i,b,u,t,e,R,e,q,u,e,s,t,e,r,E,n,t,i,t,y,M,a,t,c,h,e,r);
static const XMLCh AttributeScopeMatchesShibMDScope[] = UNICODE_LITERAL_32(A,t,t,r,i,b,u,t,e,S,c,o,p,e,M,a,t,c,h,e,s,S,h,i,b,M,D,S,c,o,p,e);
static const XMLCh NameIDQualifierString[] = UNICODE_LITERAL_21(N,a,m,e,I,D,Q,u,a,l,i,f,i,e,r,S,t,r,i,n,g);
};
DECL_BASIC_QNAME(NumberOfAttributeValues, NumberOfAttributeValues);
DECL_SAML_QNAME(AttributeIssuerInEntityGroup, AttributeIssuerInEntityGroup);
DECL_SAML_QNAME(AttributeRequesterInEntityGroup, AttributeRequesterInEntityGroup);
+DECL_SAML_QNAME(AttributeIssuerEntityAttributeExactMatch, AttributeIssuerEntityAttributeExactMatch);
+DECL_SAML_QNAME(AttributeRequesterEntityAttributeExactMatch, AttributeRequesterEntityAttributeExactMatch);
+DECL_SAML_QNAME(AttributeIssuerEntityAttributeRegexMatch, AttributeIssuerEntityAttributeRegexMatch);
+DECL_SAML_QNAME(AttributeRequesterEntityAttributeRegexMatch, AttributeRequesterEntityAttributeRegexMatch);
+DECL_SAML_QNAME(AttributeIssuerEntityMatcher, AttributeIssuerEntityMatcher);
+DECL_SAML_QNAME(AttributeRequesterEntityMatcher, AttributeRequesterEntityMatcher);
DECL_SAML_QNAME(AttributeScopeMatchesShibMDScope, AttributeScopeMatchesShibMDScope);
DECL_SAML_QNAME(NameIDQualifierString, NameIDQualifierString);
REGISTER_FACTORY(NumberOfAttributeValues);
REGISTER_FACTORY(AttributeIssuerInEntityGroup);
REGISTER_FACTORY(AttributeRequesterInEntityGroup);
+ REGISTER_FACTORY(AttributeIssuerEntityAttributeExactMatch);
+ REGISTER_FACTORY(AttributeRequesterEntityAttributeExactMatch);
+ REGISTER_FACTORY(AttributeIssuerEntityAttributeRegexMatch);
+ REGISTER_FACTORY(AttributeRequesterEntityAttributeRegexMatch);
+ REGISTER_FACTORY(AttributeIssuerEntityMatcher);
+ REGISTER_FACTORY(AttributeRequesterEntityMatcher);
REGISTER_FACTORY(AttributeScopeMatchesShibMDScope);
REGISTER_FACTORY(NameIDQualifierString);
}
<ClCompile Include="AbstractSPRequest.cpp" />\r
<ClCompile Include="Application.cpp" />\r
<ClCompile Include="attribute\Base64AttributeDecoder.cpp" />\r
+ <ClCompile Include="attribute\filtering\impl\AttributeIssuerEntityAttributeFunctor.cpp" />\r
+ <ClCompile Include="attribute\filtering\impl\AttributeIssuerEntityMatcherFunctor.cpp" />\r
+ <ClCompile Include="attribute\filtering\impl\AttributeRequesterEntityAttributeFunctor.cpp" />\r
+ <ClCompile Include="attribute\filtering\impl\AttributeRequesterEntityMatcherFunctor.cpp" />\r
<ClCompile Include="attribute\filtering\impl\DummyAttributeFilter.cpp" />\r
<ClCompile Include="attribute\filtering\impl\NameIDQualifierStringFunctor.cpp" />\r
<ClCompile Include="attribute\resolver\impl\AssertionAttributeExtractor.cpp" />\r
<ClCompile Include="handler\impl\AttributeCheckerHandler.cpp">\r
<Filter>Source Files\handler\impl</Filter>\r
</ClCompile>\r
+ <ClCompile Include="attribute\filtering\impl\AttributeIssuerEntityAttributeFunctor.cpp">\r
+ <Filter>Source Files\attribute\filtering\impl</Filter>\r
+ </ClCompile>\r
+ <ClCompile Include="attribute\filtering\impl\AttributeRequesterEntityAttributeFunctor.cpp">\r
+ <Filter>Source Files\attribute\filtering\impl</Filter>\r
+ </ClCompile>\r
+ <ClCompile Include="attribute\filtering\impl\AttributeIssuerEntityMatcherFunctor.cpp">\r
+ <Filter>Source Files\attribute\filtering\impl</Filter>\r
+ </ClCompile>\r
+ <ClCompile Include="attribute\filtering\impl\AttributeRequesterEntityMatcherFunctor.cpp">\r
+ <Filter>Source Files\attribute\filtering\impl</Filter>\r
+ </ClCompile>\r
</ItemGroup>\r
<ItemGroup>\r
<ClInclude Include="remoting\impl\SocketListener.h">\r