// Are we allowed to be unscoped?
if (m_scoped && log.isWarnEnabled()) {
auto_ptr_char temp(m_name);
- log.warn("attribute %s is scoped, no scope supplied, rejecting it",temp.get());
+ log.warn("attribute (%s) is scoped, no scope supplied, rejecting it",temp.get());
}
return !m_scoped;
}
if (log.isWarnEnabled()) {
auto_ptr_char temp(m_name);
auto_ptr_char temp2(scope);
- log.warn("attribute %s scope {%s} denied by site rule, rejecting it",temp.get(),temp2.get());
+ log.warn("attribute (%s) scope (%s) denied by site rule, rejecting it",temp.get(),temp2.get());
}
return false;
}
if (log.isWarnEnabled()) {
auto_ptr_char temp(m_name);
auto_ptr_char temp2(scope);
- log.warn("attribute %s scope {%s} not accepted",temp.get(),temp2.get());
+ log.warn("attribute (%s) scope (%s) not accepted",temp.get(),temp2.get());
}
return false;
}
if (log.isDebugEnabled()) {
auto_ptr_char temp(m_name);
auto_ptr_char temp2(role ? role->getEntityDescriptor()->getId() : NULL);
- log.debug("evaluating value for attribute %s from site %s",temp.get(),temp2.get() ? temp2.get() : "<unspecified>");
+ log.debug("evaluating value for attribute (%s) from site (%s)",temp.get(),temp2.get() ? temp2.get() : "<unspecified>");
}
// This is a complete revamp. The "any" cases become a degenerate case, the "least-specific" matching rule.
(!m_caseSensitive && !XMLString::compareIString(i->second,n->getNodeValue()))) {
if (log.isWarnEnabled()) {
auto_ptr_char temp(m_name);
- log.warn("attribute %s value explicitly denied by site rule, rejecting it",temp.get());
+ log.warn("attribute (%s) value explicitly denied by site rule, rejecting it",temp.get());
}
return false;
}
if (match(i->second,n->getNodeValue())) {
if (log.isWarnEnabled()) {
auto_ptr_char temp(m_name);
- log.warn("attribute %s value explicitly denied by site rule, rejecting it",temp.get());
+ log.warn("attribute (%s) value explicitly denied by site rule, rejecting it",temp.get());
}
return false;
}
if (log.isWarnEnabled()) {
auto_ptr_char temp(m_name);
auto_ptr_char temp2(n->getNodeValue());
- log.warn("%sattribute (%s) value {%s} could not be validated by policy, rejecting it",
+ log.warn("%sattribute (%s) value (%s) could not be validated by policy, rejecting it",
(bSimple ? "" : "complex "),temp.get(),temp2.get());
}
return false;
void XMLAAPImpl::AttributeRule::apply(SAMLAttribute& attribute, const IRoleDescriptor* role) const
{
// Check each value.
- Iterator<const DOMElement*> vals=attribute.getValueElements();
- for (unsigned int i=0; i < vals.size();) {
- if (!accept(vals[i],role ? dynamic_cast<const IScopedRoleDescriptor*>(role) : NULL))
- attribute.removeValue(i);
+ DOMNodeList* vals=attribute.getValueElements();
+ int i2=0;
+ for (int i=0; vals && i < vals->getLength(); i++) {
+ if (!accept(static_cast<DOMElement*>(vals->item(i)),role ? dynamic_cast<const IScopedRoleDescriptor*>(role) : NULL))
+ attribute.removeValue(i2);
else
- i++;
+ i2++;
}
// Now see if we trashed it irrevocably.