-/*
- * Copyright 2001-2007 Internet2
+/**
+ * Licensed to the University Corporation for Advanced Internet
+ * Development, Inc. (UCAID) under one or more contributor license
+ * agreements. See the NOTICE file distributed with this work for
+ * additional information regarding copyright ownership.
*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
+ * UCAID licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License. You may obtain a copy of the
+ * License at
*
- * http://www.apache.org/licenses/LICENSE-2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
*
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
+ * either express or implied. See the License for the specific
+ * language governing permissions and limitations under the License.
*/
#include "internal.h"
#include <saml/SAMLConfig.h>
+#include <saml/binding/SecurityPolicy.h>
#include <saml/binding/SecurityPolicyRule.h>
#include <saml/saml2/core/Assertions.h>
class SAML2PolicyTest : public CxxTest::TestSuite {
SecurityPolicy* m_policy;
- SecurityPolicyRule* m_rule;
+ vector<SecurityPolicyRule*> m_rules;
public:
void setUp() {
- m_policy = NULL;
- m_rule = NULL;
- m_rule = SAMLConfig::getConfig().SecurityPolicyRuleManager.newPlugin(CONDITIONS_POLICY_RULE, NULL);
+ m_policy = nullptr;
+ m_rules.push_back(SAMLConfig::getConfig().SecurityPolicyRuleManager.newPlugin(CONDITIONS_POLICY_RULE, nullptr));
+ m_rules.push_back(SAMLConfig::getConfig().SecurityPolicyRuleManager.newPlugin(BEARER_POLICY_RULE, nullptr));
m_policy = new SecurityPolicy();
- m_policy->getRules().push_back(m_rule);
+ m_policy->getRules().assign(m_rules.begin(), m_rules.end());
}
void tearDown() {
- delete m_rule;
+ for_each(m_rules.begin(), m_rules.end(), xmltooling::cleanup<SecurityPolicyRule>());
delete m_policy;
}
);
janitor.release();
+ auto_ptr_XMLCh requestID("_12345");
+ m_policy->setCorrelationID(requestID.get());
+
TSM_ASSERT_THROWS("Policy should have tripped on AudienceRestriction", m_policy->evaluate(*assertion.get()), SecurityPolicyException);
auto_ptr_XMLCh recipient("https://sp.example.org");
- m_policy->setRecipient(recipient.get());
+ m_policy->getAudiences().push_back(recipient.get());
+ TSM_ASSERT_THROWS("Policy should have tripped on InResponseTo correlation", m_policy->evaluate(*assertion.get()), SecurityPolicyException);
+
+ dynamic_cast<saml2::SubjectConfirmationData*>(
+ assertion->getSubject()->getSubjectConfirmations().front()->getSubjectConfirmationData()
+ )->setInResponseTo(requestID.get());
m_policy->evaluate(*assertion.get());
}
catch (exception& ex) {