#include "internal.h"
#include "exceptions.h"
-#include "saml2/binding/SAML2MessageRule.h"
+#include "binding/SecurityPolicyRule.h"
#include "saml2/core/Protocols.h"
#include "saml2/metadata/Metadata.h"
#include "saml2/metadata/MetadataProvider.h"
using namespace std;
namespace opensaml {
+ class SAML_DLLLOCAL SAML2MessageRule : public SecurityPolicyRule
+ {
+ public:
+ SAML2MessageRule(const DOMElement* e) {}
+ virtual ~SAML2MessageRule() {}
+
+ void evaluate(const xmltooling::XMLObject& message, const GenericRequest* request, SecurityPolicy& policy) const;
+ };
+
SecurityPolicyRule* SAML_DLLLOCAL SAML2MessageRuleFactory(const DOMElement* const & e)
{
return new SAML2MessageRule(e);
const QName& q = message.getElementQName();
policy.setMessageQName(&q);
- if (!XMLString::equals(q.getNamespaceURI(), samlconstants::SAML20P_NS)) {
- log.debug("not a SAML 2.0 protocol message");
+ if (!XMLString::equals(q.getNamespaceURI(), samlconstants::SAML20P_NS)&&
+ !XMLString::equals(q.getNamespaceURI(), samlconstants::SAML20_NS)) {
return;
}
log.debug("message from (%s)", iname.get());
}
+ if (policy.getIssuerMetadata()) {
+ log.debug("metadata for issuer already set, leaving in place");
+ return;
+ }
+
if (policy.getMetadataProvider() && policy.getRole()) {
if (policy.getIssuer()->getFormat() && !XMLString::equals(policy.getIssuer()->getFormat(), saml2::NameIDType::ENTITY)) {
log.warn("non-system entity issuer, skipping metadata lookup");