Apply manual validators even when schema was used.

[shibboleth/cpp-opensaml.git] / saml / saml2 / metadata / impl / XMLMetadataProvider.cpp

diff --git a/saml/saml2/metadata/impl/XMLMetadataProvider.cpp b/saml/saml2/metadata/impl/XMLMetadataProvider.cpp
index 6938bce..0dbc9c7 100644 (file)
--- a/saml/saml2/metadata/impl/XMLMetadataProvider.cpp
+++ b/saml/saml2/metadata/impl/XMLMetadataProvider.cpp
@@ -27,6 +27,7 @@
 
 #include <xmltooling/util/NDC.h>
 #include <xmltooling/util/ReloadableXMLFile.h>
+#include <xmltooling/validation/ValidatorSuite.h>
 
 using namespace opensaml::saml2md;
 using namespace xmltooling::logging;
@@ -100,7 +101,15 @@ pair<bool,DOMElement*> XMLMetadataProvider::load()
             "Root of metadata instance not recognized: $1", params(1,xmlObject->getElementQName().toString().c_str())
             );
 
-    // Preprocess the metadata.
+    // Preprocess the metadata (even if we schema-validated).
+    try {
+        SchemaValidators.validate(xmlObject.get());
+    }
+    catch (exception& ex) {
+        m_log.error("metadata intance failed manual validation checking: %s", ex.what());
+        throw MetadataException("Metadata instance failed manual validation checking.");
+    }
+
     doFilters(*xmlObject.get());
     xmlObject->releaseThisAndChildrenDOM();
     xmlObject->setDocument(NULL);
@@ -133,12 +142,12 @@ void XMLMetadataProvider::index()
     EntitiesDescriptor* group=dynamic_cast<EntitiesDescriptor*>(m_object);
     if (group) {
         if (!m_local && group->getCacheDuration())
-            exp = time_t(NULL) + group->getCacheDurationEpoch();
+            exp = time(NULL) + group->getCacheDurationEpoch();
         AbstractMetadataProvider::index(group, exp);
         return;
     }
     EntityDescriptor* site=dynamic_cast<EntityDescriptor*>(m_object);
     if (!m_local && site->getCacheDuration())
-        exp = time_t(NULL) + site->getCacheDurationEpoch();
+        exp = time(NULL) + site->getCacheDurationEpoch();
     AbstractMetadataProvider::index(site, exp);
 }