SAML2POSTDecoder::SAML2POSTDecoder(const DOMElement* e) {}
-SAML2POSTDecoder::~SAML2POSTDecoder() {}
-
-saml2::RootObject* SAML2POSTDecoder::decode(
+XMLObject* SAML2POSTDecoder::decode(
std::string& relayState,
const GenericRequest& genericRequest,
SecurityPolicy& policy
// Check destination URL.
auto_ptr_char dest(request ? request->getDestination() : response->getDestination());
const char* dest2 = httpRequest->getRequestURL();
- if (root->getSignature() && !dest.get() || !*(dest.get())) {
+ if ((root->getSignature() || httpRequest->getParameter("Signature")) && !dest.get() || !*(dest.get())) {
log.error("signed SAML message missing Destination attribute");
throw BindingException("Signed SAML message missing Destination attribute identifying intended destination.");
}
}
// Run through the policy.
- policy.evaluate(genericRequest, *response);
+ policy.evaluate(genericRequest, *root);
}
catch (XMLToolingException& ex) {
// This is just to maximize the likelihood of attaching a source to the message for support purposes.