X-Git-Url: http://www.project-moonshot.org/gitweb/?p=shibboleth%2Fcpp-opensaml.git;a=blobdiff_plain;f=saml%2Fbinding%2FSecurityPolicyRule.h;h=f4b746dce4b1d4a1f26b1b5ae3c4c004f4bf18b5;hp=003e7ec5b29954a9126d13c48f0d768d1290d7c3;hb=69a716dedfd9e239bcc9206a7b8dc137b43f5f89;hpb=df39928338a40f7a2980406e9737893289673611

diff --git a/saml/binding/SecurityPolicyRule.h b/saml/binding/SecurityPolicyRule.h
index 003e7ec..f4b746d 100644
--- a/saml/binding/SecurityPolicyRule.h
+++ b/saml/binding/SecurityPolicyRule.h
@@ -135,6 +135,24 @@ namespace opensaml {
      * over the message. The transport layer is not considered.
      */
     #define XMLSIGNING_POLICY_RULE      "XMLSigning"
+
+    /**
+     * SecurityPolicyRule for SAML 1.x Browser SSO profile validation.
+     *
+     * Enforces presence of time conditions and proper subject confirmation.
+     */
+    #define SAML1BROWSERSSO_POLICY_RULE "SAML1BrowserSSO"
+
+    /**
+     * SecurityPolicyRule for SAML 2.0 bearer SubjectConfirmation.
+     *
+     * <p>Optionally enforces message delivery requirements based on SubjectConfirmationData.
+     *
+     * <p>The XML attributes "checkValidity", "checkRecipient", and "checkCorrelation" can be set
+     * "false" to disable checks of NotBefore/NotOnOrAfter, Recipient, and InResponseTo confirmation
+     * data respectively.
+     */
+    #define BEARER_POLICY_RULE "Bearer"
 };
 
 #endif /* __saml_secrule_h__ */