X-Git-Url: http://www.project-moonshot.org/gitweb/?p=shibboleth%2Fcpp-opensaml.git;a=blobdiff_plain;f=saml%2Fprofile%2Fimpl%2FConditionsRule.cpp;h=0153bb6bffb130ede35792800125203567a115ef;hp=1c3bbe1376862854fa2f82c888ba4756b6c01b9a;hb=1462057b3b9ae7e165d34d988e30b14c213672ca;hpb=f1208cd2f514700244816377443c4951dc22c848

diff --git a/saml/profile/impl/ConditionsRule.cpp b/saml/profile/impl/ConditionsRule.cpp
index 1c3bbe1..0153bb6 100644
--- a/saml/profile/impl/ConditionsRule.cpp
+++ b/saml/profile/impl/ConditionsRule.cpp
@@ -31,6 +31,7 @@
 #include "saml1/core/Assertions.h"
 #include "saml2/core/Assertions.h"
 
+#include <boost/ptr_container/ptr_vector.hpp>
 #include <xercesc/util/XMLUniDefs.hpp>
 #include <xmltooling/logging.h>
 #include <xmltooling/XMLToolingConfig.h>
@@ -39,6 +40,7 @@
 using namespace opensaml;
 using namespace xmltooling::logging;
 using namespace xmltooling;
+using namespace boost;
 using namespace std;
 
 namespace opensaml {
@@ -48,7 +50,6 @@ namespace opensaml {
         ConditionsRule(const DOMElement* e);
 
         virtual ~ConditionsRule() {
-            for_each(m_rules.begin(), m_rules.end(), xmltooling::cleanup<SecurityPolicyRule>());
             if (m_doc)
                 m_doc->release();
         }
@@ -59,7 +60,7 @@ namespace opensaml {
 
     private:
         DOMDocument* m_doc;
-        vector<SecurityPolicyRule*> m_rules;
+        ptr_vector<SecurityPolicyRule> m_rules;
     };
 
     SecurityPolicyRule* SAML_DLLLOCAL ConditionsRuleFactory(const DOMElement* const & e)
@@ -81,7 +82,7 @@ namespace opensaml {
 
 ConditionsRule::ConditionsRule(const DOMElement* e) : m_doc(nullptr)
 {
-    Category& log=Category::getInstance(SAML_LOGCAT".SecurityPolicyRule.Conditions");
+    Category& log=Category::getInstance(SAML_LOGCAT ".SecurityPolicyRule.Conditions");
 
     if (!e || !e->hasChildNodes()) {
         // Default the configuration.
@@ -98,7 +99,7 @@ ConditionsRule::ConditionsRule(const DOMElement* e) : m_doc(nullptr)
                 log.info("building SecurityPolicyRule of type %s", t.c_str());
                 m_rules.push_back(SAMLConfig::getConfig().SecurityPolicyRuleManager.newPlugin(t.c_str(), e));
             }
-            catch (exception& ex) {
+            catch (std::exception& ex) {
                 log.crit("error building SecurityPolicyRule: %s", ex.what());
             }
         }
@@ -131,8 +132,8 @@ bool ConditionsRule::evaluate(const XMLObject& message, const GenericRequest* re
         const vector<saml2::AudienceRestriction*>& acvec = conds->getAudienceRestrictions();
         for (vector<saml2::AudienceRestriction*>::const_iterator ac = acvec.begin(); ac != acvec.end(); ++ac) {
             valid = false;
-            for (vector<SecurityPolicyRule*>::const_iterator r = m_rules.begin(); !valid && r != m_rules.end(); ++r)
-                valid = (*r)->evaluate(*(*ac), request, policy);
+            for (ptr_vector<SecurityPolicyRule>::const_iterator r = m_rules.begin(); !valid && r != m_rules.end(); ++r)
+                valid = r->evaluate(*(*ac), request, policy);
             if (!valid)
                 throw SecurityPolicyException("AudienceRestriction condition not successfully validated by policy.");
         }
@@ -140,8 +141,8 @@ bool ConditionsRule::evaluate(const XMLObject& message, const GenericRequest* re
         const vector<saml2::OneTimeUse*>& otvec = conds->getOneTimeUses();
         for (vector<saml2::OneTimeUse*>::const_iterator ot = otvec.begin(); ot!=otvec.end(); ++ot) {
             valid = false;
-            for (vector<SecurityPolicyRule*>::const_iterator r = m_rules.begin(); !valid && r != m_rules.end(); ++r)
-                valid = (*r)->evaluate(*(*ot), request, policy);
+            for (ptr_vector<SecurityPolicyRule>::const_iterator r = m_rules.begin(); !valid && r != m_rules.end(); ++r)
+                valid = r->evaluate(*(*ot), request, policy);
             if (!valid)
                 throw SecurityPolicyException("OneTimeUse condition not successfully validated by policy.");
         }
@@ -149,8 +150,8 @@ bool ConditionsRule::evaluate(const XMLObject& message, const GenericRequest* re
         const vector<saml2::ProxyRestriction*> pvec = conds->getProxyRestrictions();
         for (vector<saml2::ProxyRestriction*>::const_iterator p = pvec.begin(); p != pvec.end(); ++p) {
             valid = false;
-            for (vector<SecurityPolicyRule*>::const_iterator r = m_rules.begin(); !valid && r != m_rules.end(); ++r)
-                valid = (*r)->evaluate(*(*p), request, policy);
+            for (ptr_vector<SecurityPolicyRule>::const_iterator r = m_rules.begin(); !valid && r != m_rules.end(); ++r)
+                valid = r->evaluate(*(*p), request, policy);
             if (!valid)
                 throw SecurityPolicyException("ProxyRestriction condition not successfully validated by policy.");
         }
@@ -158,8 +159,8 @@ bool ConditionsRule::evaluate(const XMLObject& message, const GenericRequest* re
         const vector<saml2::Condition*>& convec = conds->getConditions();
         for (vector<saml2::Condition*>::const_iterator c = convec.begin(); c != convec.end(); ++c) {
             valid = false;
-            for (vector<SecurityPolicyRule*>::const_iterator r = m_rules.begin(); !valid && r != m_rules.end(); ++r)
-                valid = (*r)->evaluate(*(*c), request, policy);
+            for (ptr_vector<SecurityPolicyRule>::const_iterator r = m_rules.begin(); !valid && r != m_rules.end(); ++r)
+                valid = r->evaluate(*(*c), request, policy);
             if (!valid) {
                 throw SecurityPolicyException(
                     "Extension condition ($1) not successfully validated by policy.",
@@ -194,8 +195,8 @@ bool ConditionsRule::evaluate(const XMLObject& message, const GenericRequest* re
         const vector<saml1::AudienceRestrictionCondition*>& acvec = conds->getAudienceRestrictionConditions();
         for (vector<saml1::AudienceRestrictionCondition*>::const_iterator ac = acvec.begin(); ac != acvec.end(); ++ac) {
             valid = false;
-            for (vector<SecurityPolicyRule*>::const_iterator r = m_rules.begin(); !valid && r != m_rules.end(); ++r)
-                valid = (*r)->evaluate(*(*ac), request, policy);
+            for (ptr_vector<SecurityPolicyRule>::const_iterator r = m_rules.begin(); !valid && r != m_rules.end(); ++r)
+                valid = r->evaluate(*(*ac), request, policy);
             if (!valid)
                 throw SecurityPolicyException("AudienceRestrictionCondition not successfully validated by policy.");
         }
@@ -203,8 +204,8 @@ bool ConditionsRule::evaluate(const XMLObject& message, const GenericRequest* re
         const vector<saml1::DoNotCacheCondition*>& dncvec = conds->getDoNotCacheConditions();
         for (vector<saml1::DoNotCacheCondition*>::const_iterator dnc = dncvec.begin(); dnc != dncvec.end(); ++dnc) {
             valid = false;
-            for (vector<SecurityPolicyRule*>::const_iterator r = m_rules.begin(); !valid && r != m_rules.end(); ++r)
-                valid = (*r)->evaluate(*(*dnc), request, policy);
+            for (ptr_vector<SecurityPolicyRule>::const_iterator r = m_rules.begin(); !valid && r != m_rules.end(); ++r)
+                valid = r->evaluate(*(*dnc), request, policy);
             if (!valid)
                 throw SecurityPolicyException("DoNotCacheCondition not successfully validated by policy.");
         }
@@ -212,8 +213,8 @@ bool ConditionsRule::evaluate(const XMLObject& message, const GenericRequest* re
         const vector<saml1::Condition*>& convec = conds->getConditions();
         for (vector<saml1::Condition*>::const_iterator c = convec.begin(); c != convec.end(); ++c) {
             valid = false;
-            for (vector<SecurityPolicyRule*>::const_iterator r = m_rules.begin(); !valid && r != m_rules.end(); ++r)
-                valid = (*r)->evaluate(*(*c), request, policy);
+            for (ptr_vector<SecurityPolicyRule>::const_iterator r = m_rules.begin(); !valid && r != m_rules.end(); ++r)
+                valid = r->evaluate(*(*c), request, policy);
             if (!valid) {
                 throw SecurityPolicyException(
                     "Extension condition ($1) not successfully validated by policy.",