/*
* Copyright 2001-2007 Internet2
- *
+ *
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
/**
* SAML2MessageDecoder.cpp
- *
+ *
* Base class for SAML 2.0 MessageDecoders.
*/
policy.setIssuer(issuer);
}
else if (XMLString::equals(q.getLocalPart(), Response::LOCAL_NAME)) {
- // No issuer in the message, so we have to try the Response approach.
+ // No issuer in the message, so we have to try the Response approach.
const vector<saml2::Assertion*>& assertions = dynamic_cast<const Response&>(samlRoot).getAssertions();
if (!assertions.empty()) {
issuer = assertions.front()->getIssuer();
log.warn("non-system entity issuer, skipping metadata lookup");
return;
}
-
+
log.debug("searching metadata for message issuer...");
- const EntityDescriptor* entity = policy.getMetadataProvider()->getEntityDescriptor(issuer->getName());
- if (!entity) {
+ MetadataProvider::Criteria& mc = policy.getMetadataProviderCriteria();
+ mc.entityID_unicode = issuer->getName();
+ mc.role = policy.getRole();
+ mc.protocol = protocol;
+ pair<const EntityDescriptor*,const RoleDescriptor*> entity = policy.getMetadataProvider()->getEntityDescriptor(mc);
+ if (!entity.first) {
auto_ptr_char temp(issuer->getName());
log.warn("no metadata found, can't establish identity of issuer (%s)", temp.get());
return;
}
-
- log.debug("matched message issuer against metadata, searching for applicable role...");
- const RoleDescriptor* roledesc=entity->getRoleDescriptor(*policy.getRole(), protocol);
- if (!roledesc) {
+ else if (!entity.second) {
log.warn("unable to find compatible role (%s) in metadata", policy.getRole()->toString().c_str());
return;
}
- policy.setIssuerMetadata(roledesc);
+ policy.setIssuerMetadata(entity.second);
}
}
catch (bad_cast&) {