const xmltooling::QName* role=NULL,
const xmltooling::TrustEngine* trustEngine=NULL,
bool validate=true
- ) : m_metadataCriteria(NULL), m_messageID(NULL), m_issueInstant(0), m_issuer(NULL), m_issuerRole(NULL), m_authenticated(false),
- m_matchingPolicy(NULL), m_metadata(metadataProvider), m_role(NULL), m_trust(trustEngine), m_validate(validate), m_entityOnly(true) {
- if (role)
- m_role = new xmltooling::QName(*role);
- }
+ );
virtual ~SecurityPolicy();
}
/**
+ * Returns the SAML audiences that represent the receiving peer.
+ *
+ * @return audience values of the peer processing the message
+ */
+ const std::vector<xmltooling::xstring>& getAudiences() const {
+ return m_audiences;
+ }
+
+ /**
+ * Returns the SAML audiences that represent the receiving peer.
+ *
+ * @return audience values of the peer processing the message
+ */
+ std::vector<xmltooling::xstring>& getAudiences() {
+ return m_audiences;
+ }
+
+ /**
+ * Gets the effective time of message processing.
+ *
+ * @return the time at which the message is being processed
+ */
+ time_t getTime() const {
+ if (m_ts == 0)
+ return m_ts = time(NULL);
+ return m_ts;
+ }
+
+ /**
+ * Returns the message identifier to which the message being evaluated
+ * is a response.
+ *
+ * @return correlated message identifier
+ */
+ const XMLCh* getCorrelationID() const {
+ return m_correlationID.c_str();
+ }
+
+ /**
* Gets a mutable array of installed policy rules.
*
* <p>If adding rules, their lifetime must be at least as long as the policy object.
}
/**
+ * Sets effective time of message processing.
+ *
+ * <p>Assumed to be the time of policy instantiation, can be adjusted to pre- or post-date
+ * message processing.
+ *
+ * @param ts the time at which the message is being processed
+ */
+ void setTime(time_t ts) {
+ m_ts = ts;
+ }
+
+ /**
+ * Sets the message identifier to which the message being evaluated
+ * is a response.
+ *
+ * @param correlationID correlated message identifier
+ */
+ void setCorrelationID(const XMLCh* correlationID) {
+ m_correlationID.erase();
+ if (correlationID)
+ m_correlationID = correlationID;
+ }
+
+ /**
* Evaluates the policy against the given request and message,
* possibly populating message information in the policy object.
*
*
* @throws BindingException raised if the message/request is invalid according to the supplied rules
*/
- void evaluate(
- const xmltooling::XMLObject& message, const xmltooling::GenericRequest* request=NULL
- );
+ void evaluate(const xmltooling::XMLObject& message, const xmltooling::GenericRequest* request=NULL);
/**
* Resets the policy object and/or clears any per-message state.
* @return message identifier as determined by the registered policies
*/
const XMLCh* getMessageID() const {
- return m_messageID;
+ return m_messageID.c_str();
}
/**
* @param id message identifier
*/
void setMessageID(const XMLCh* id) {
- xercesc::XMLString::release(&m_messageID);
- m_messageID = xercesc::XMLString::replicate(id);
+ m_messageID.erase();
+ if (id)
+ m_messageID = id;
}
/**
private:
// information extracted from message
- XMLCh* m_messageID;
+ xmltooling::xstring m_messageID;
time_t m_issueInstant;
saml2::Issuer* m_issuer;
const saml2md::RoleDescriptor* m_issuerRole;
const xmltooling::TrustEngine* m_trust;
bool m_validate;
bool m_entityOnly;
+
+ // contextual information
+ mutable time_t m_ts;
+ xmltooling::xstring m_correlationID;
+ std::vector<xmltooling::xstring> m_audiences;
};
};