2 * Copyright 2001-2006 Internet2
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
18 * @file saml/saml2/metadata/MetadataFilter.h
20 * Processes metadata after it's been unmarshalled.
23 #include <saml/base.h>
24 #include <saml/exceptions.h>
25 #include <xmltooling/XMLObject.h>
27 #ifndef __saml2_metadatafilt_h__
28 #define __saml2_metadatafilt_h__
35 * A metadata filter is used to process metadata after resolution and unmarshalling.
37 * Some filters might remove everything but identity provider roles, decreasing the data a service provider
38 * needs to work with, or a filter could be used to perform integrity checking on the retrieved metadata by
39 * verifying a digital signature.
41 class SAML_API MetadataFilter
43 MAKE_NONCOPYABLE(MetadataFilter);
47 virtual ~MetadataFilter() {}
50 * Returns an identifying string for the filter.
52 * @return the ID string
54 virtual const char* getId() const=0;
57 * Filters the given metadata. Exceptions should generally not be thrown to
58 * signal the removal of information, only for systemic processing failure.
60 * @param xmlObject the metadata to be filtered.
62 virtual void doFilter(xmltooling::XMLObject& xmlObject) const=0;
66 * Registers MetadataFilter classes into the runtime.
68 void SAML_API registerMetadataFilters();
70 /** MetadataFilter that deletes blacklisted entities. */
71 #define BLACKLIST_METADATA_FILTER "org.opensaml.saml2.metadata.provider.BlacklistMetadataFilter"
73 /** MetadataFilter that deletes all but whitelisted entities. */
74 #define WHITELIST_METADATA_FILTER "org.opensaml.saml2.metadata.provider.WhitelistMetadataFilter"
76 /** MetadataFilter that verifies signatures and filters out any that don't pass. */
77 #define SIGNATURE_METADATA_FILTER "org.opensaml.saml2.metadata.provider.SignatureMetadataFilter"
79 DECL_XMLTOOLING_EXCEPTION(MetadataException,SAML_EXCEPTIONAPI(SAML_API),opensaml::saml2md,xmltooling::XMLToolingException,Exceptions related to metadata use);
80 DECL_XMLTOOLING_EXCEPTION(MetadataFilterException,SAML_EXCEPTIONAPI(SAML_API),opensaml::saml2md,MetadataException,Exceptions related to metadata filtering);
84 #endif /* __saml2_metadatafilt_h__ */