+ * Returns XML message validation setting.
+ *
+ * @return validation flag
+ */
+ bool getValidating() const {
+ return m_validate;
+ }
+
+ /**
+ * Returns flag controlling non-entity issuer support.
+ *
+ * @return flag controlling non-entity issuer support
+ */
+ bool requireEntityIssuer() const {
+ return m_entityOnly;
+ }
+
+ /**
+ * Returns the SAML audiences that represent the receiving peer.
+ *
+ * @return audience values of the peer processing the message
+ */
+ const std::vector<const XMLCh*>& getAudiences() const {
+ return m_audiences;
+ }
+
+ /**
+ * Returns the SAML audiences that represent the receiving peer.
+ *
+ * @return audience values of the peer processing the message
+ */
+ std::vector<const XMLCh*>& getAudiences() {
+ return m_audiences;
+ }
+
+ /**
+ * Gets the effective time of message processing.
+ *
+ * @return the time at which the message is being processed
+ */
+ time_t getTime() const {
+ if (m_ts == 0)
+ return m_ts = time(NULL);
+ return m_ts;
+ }
+
+ /**
+ * Returns the message identifier to which the message being evaluated
+ * is a response.
+ *
+ * @return correlated message identifier
+ */
+ const XMLCh* getCorrelationID() const {
+ return m_correlationID;
+ }
+
+ /**
+ * Gets a mutable array of installed policy rules.
+ *
+ * <p>If adding rules, their lifetime must be at least as long as the policy object.
+ *
+ * @return mutable array of rules
+ */
+ std::vector<const SecurityPolicyRule*>& getRules() {
+ return m_rules;
+ }
+
+ /**
+ * Sets a locked MetadataProvider for the policy.
+ *
+ * @param metadata a locked MetadataProvider or NULL
+ */
+ void setMetadataProvider(const saml2md::MetadataProvider* metadata) {
+ m_metadata = metadata;
+ }
+
+ /**
+ * Sets a MetadataProvider::Criteria instance suitable for use with the
+ * installed MetadataProvider.
+ *
+ * <p>The policy will take ownership of the criteria object when this
+ * method completes.
+ *
+ * @param criteria a MetadataProvider::Criteria instance, or NULL
+ */
+ void setMetadataProviderCriteria(saml2md::MetadataProvider::Criteria* criteria);
+
+ /**
+ * Sets a peer role element/type for to the policy.
+ *
+ * @param role the peer role element/type or NULL
+ */
+ void setRole(const xmltooling::QName* role) {
+ delete m_role;
+ m_role = role ? new xmltooling::QName(*role) : NULL;
+ }
+
+ /**
+ * Sets a TrustEngine for the policy.
+ *
+ * @param trust a TrustEngine or NULL
+ */
+ void setTrustEngine(const xmltooling::TrustEngine* trust) {
+ m_trust = trust;
+ }
+
+ /**
+ * Controls schema validation of incoming XML messages.
+ * This is separate from other forms of programmatic validation of objects,
+ * but can detect a much wider range of syntax errors.
+ *
+ * @param validate validation setting
+ */
+ void setValidating(bool validate=true) {
+ m_validate = validate;
+ }
+
+ /**
+ * Sets flag controlling non-entity issuer support.
+ *
+ * @param entityOnly require that Issuer be in entity format
+ */
+ void requireEntityIssuer(bool entityOnly=true) {
+ m_entityOnly = entityOnly;
+ }
+
+ /**
+ * Sets effective time of message processing.
+ *
+ * <p>Assumed to be the time of policy instantiation, can be adjusted to pre- or post-date
+ * message processing.
+ *
+ * @param ts the time at which the message is being processed
+ */
+ void setTime(time_t ts) {
+ m_ts = ts;
+ }
+
+ /**
+ * Sets the message identifier to which the message being evaluated
+ * is a response.
+ *
+ * @param correlationID correlated message identifier
+ */
+ void setCorrelationID(const XMLCh* correlationID) {
+ m_correlationID = correlationID;
+ }
+
+ /**
+ * Evaluates the policy against the given request and message,
+ * possibly populating message information in the policy object.
+ *