- // Return the payload only.
- response.release();
- payload->detach();
- return payload;
- }
- catch (XMLToolingException& ex) {
- annotateException(&ex,roledesc,false);
- throw;
- }
+ // The policy should be enforced against the ArtifactResponse by the resolve step.
+ // Reset only the message state.
+ policy.reset(true);
+
+ // Now extract details from the payload and check that message.
+ XMLObject* payload = response->getPayload();
+ if (!payload)
+ throw BindingException("ArtifactResponse message did not contain a protocol message.");
+ extractMessageDetails(*payload, genericRequest, samlconstants::SAML20P_NS, policy);
+ policy.evaluate(*payload, &genericRequest);
+
+ // Return the payload only.
+ response.release();
+ payload->detach();
+ return payload;