X-Git-Url: http://www.project-moonshot.org/gitweb/?p=shibboleth%2Fcpp-opensaml.git;a=blobdiff_plain;f=saml%2Fsaml2%2Fcore%2Fimpl%2FAssertions20Impl.cpp;h=d5a9b5e78075d0d40408a713575b5de682d6e590;hp=513bab61c1b4f5b83cc9984b1e9db9fef5ddbfa2;hb=48857ad9a82c4695800123ecef931e7f8d9de199;hpb=0beb48ce00d0b6a3f177f7d9b48af1870ee92190

diff --git a/saml/saml2/core/impl/Assertions20Impl.cpp b/saml/saml2/core/impl/Assertions20Impl.cpp
index 513bab6..d5a9b5e 100644
--- a/saml/saml2/core/impl/Assertions20Impl.cpp
+++ b/saml/saml2/core/impl/Assertions20Impl.cpp
@@ -1,6 +1,6 @@
 /*
- *  Copyright 2001-2007 Internet2
- * 
+ *  Copyright 2001-2009 Internet2
+ *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -16,7 +16,7 @@
 
 /**
  * Assertions20Impl.cpp
- * 
+ *
  * Implementation classes for SAML 2.0 Assertions schema
  */
 
@@ -27,7 +27,6 @@
 
 #include <xmltooling/AbstractComplexElement.h>
 #include <xmltooling/AbstractSimpleElement.h>
-#include <xmltooling/encryption/Decrypter.h>
 #include <xmltooling/impl/AnyElement.h>
 #include <xmltooling/io/AbstractXMLObjectMarshaller.h>
 #include <xmltooling/io/AbstractXMLObjectUnmarshaller.h>
@@ -41,9 +40,13 @@ using namespace xmlencryption;
 using namespace xmlsignature;
 using namespace xmltooling;
 using namespace std;
+using xmlconstants::XSI_NS;
 using xmlconstants::XMLSIG_NS;
 using xmlconstants::XMLENC_NS;
+using xmlconstants::XML_BOOL_NULL;
 using samlconstants::SAML20_NS;
+using samlconstants::SAML20_DELEGATION_CONDITION_NS;
+
 
 #if defined (_MSC_VER)
     #pragma warning( push )
@@ -52,7 +55,7 @@ using samlconstants::SAML20_NS;
 
 namespace opensaml {
     namespace saml2 {
-    
+
         DECL_XMLOBJECTIMPL_SIMPLE(SAML_DLLLOCAL,AssertionIDRef);
         DECL_XMLOBJECTIMPL_SIMPLE(SAML_DLLLOCAL,AssertionURIRef);
         DECL_XMLOBJECTIMPL_SIMPLE(SAML_DLLLOCAL,Audience);
@@ -69,12 +72,12 @@ namespace opensaml {
             void init() {
                 m_Format=m_SPProvidedID=m_NameQualifier=m_SPNameQualifier=NULL;
             }
-            
+
         protected:
             NameIDTypeImpl() {
                 init();
             }
-            
+
         public:
             virtual ~NameIDTypeImpl() {
                 XMLString::release(&m_NameQualifier);
@@ -82,12 +85,12 @@ namespace opensaml {
                 XMLString::release(&m_Format);
                 XMLString::release(&m_SPProvidedID);
             }
-    
-            NameIDTypeImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const QName* schemaType)
+
+            NameIDTypeImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const xmltooling::QName* schemaType)
                     : AbstractXMLObject(nsURI, localName, prefix, schemaType) {
                 init();
             }
-                
+
             NameIDTypeImpl(const NameIDTypeImpl& src)
                     : AbstractXMLObject(src), AbstractSimpleElement(src), AbstractDOMCachingXMLObject(src) {
                 init();
@@ -96,13 +99,13 @@ namespace opensaml {
                 setFormat(src.getFormat());
                 setSPProvidedID(src.getSPProvidedID());
             }
-            
+
             IMPL_XMLOBJECT_CLONE(NameIDType);
             IMPL_STRING_ATTRIB(NameQualifier);
             IMPL_STRING_ATTRIB(SPNameQualifier);
             IMPL_STRING_ATTRIB(Format);
             IMPL_STRING_ATTRIB(SPProvidedID);
-    
+
         protected:
             void marshallAttributes(DOMElement* domElement) const {
                 MARSHALL_STRING_ATTRIB(NameQualifier,NAMEQUALIFIER,NULL);
@@ -124,12 +127,12 @@ namespace opensaml {
         {
         public:
             virtual ~NameIDImpl() {}
-    
-            NameIDImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const QName* schemaType)
+
+            NameIDImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const xmltooling::QName* schemaType)
                 : AbstractXMLObject(nsURI, localName, prefix, schemaType) {}
-                
+
             NameIDImpl(const NameIDImpl& src) : AbstractXMLObject(src), NameIDTypeImpl(src) {}
-            
+
             IMPL_XMLOBJECT_CLONE(NameID);
             NameIDType* cloneNameIDType() const {
                 return new NameIDImpl(*this);
@@ -140,12 +143,12 @@ namespace opensaml {
         {
         public:
             virtual ~IssuerImpl() {}
-    
-            IssuerImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const QName* schemaType)
+
+            IssuerImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const xmltooling::QName* schemaType)
                 : AbstractXMLObject(nsURI, localName, prefix, schemaType) {}
-                
+
             IssuerImpl(const IssuerImpl& src) : AbstractXMLObject(src), NameIDTypeImpl(src) {}
-            
+
             IMPL_XMLOBJECT_CLONE(Issuer);
             NameIDType* cloneNameIDType() const {
                 return new IssuerImpl(*this);
@@ -165,20 +168,20 @@ namespace opensaml {
                 m_children.push_back(NULL);
                 m_pos_EncryptedData=m_children.begin();
             }
-            
+
         protected:
             EncryptedElementTypeImpl() {
                 init();
             }
-            
+
         public:
             virtual ~EncryptedElementTypeImpl() {}
-    
-            EncryptedElementTypeImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const QName* schemaType)
+
+            EncryptedElementTypeImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const xmltooling::QName* schemaType)
                     : AbstractXMLObject(nsURI, localName, prefix, schemaType) {
                 init();
             }
-                
+
             EncryptedElementTypeImpl(const EncryptedElementTypeImpl& src)
                     : AbstractXMLObject(src), AbstractComplexElement(src), AbstractDOMCachingXMLObject(src) {
                 init();
@@ -191,29 +194,11 @@ namespace opensaml {
                     }
                 }
             }
-    
-            XMLObject* decrypt(KeyResolver* KEKresolver, const XMLCh* recipient) const
-            {
-                if (!m_EncryptedData)
-                    throw DecryptionException("No encrypted data present.");
-                Decrypter decrypter(KEKresolver, new EncryptedKeyResolver(*this, recipient));
-                DOMDocumentFragment* frag = decrypter.decryptData(m_EncryptedData);
-                if (frag->hasChildNodes() && frag->getFirstChild()==frag->getLastChild()) {
-                    DOMNode* plaintext=frag->getFirstChild();
-                    if (plaintext->getNodeType()==DOMNode::ELEMENT_NODE) {
-                        auto_ptr<XMLObject> ret(XMLObjectBuilder::buildOneFromElement(static_cast<DOMElement*>(plaintext)));
-                        ret->releaseThisAndChildrenDOM();
-                        return ret.release();
-                    }
-                }
-                frag->release();
-                throw DecryptionException("Decryption did not result in a single element.");
-            }
-        
+
             IMPL_XMLOBJECT_CLONE(EncryptedElementType);
             IMPL_TYPED_FOREIGN_CHILD(EncryptedData,xmlencryption);
             IMPL_TYPED_FOREIGN_CHILDREN(EncryptedKey,xmlencryption,m_children.end());
-    
+
         protected:
             void processChildElement(XMLObject* childXMLObject, const DOMElement* root) {
                 PROC_TYPED_FOREIGN_CHILD(EncryptedData,xmlencryption,XMLENC_NS,false);
@@ -222,23 +207,36 @@ namespace opensaml {
             }
         };
 
-        //TODO unit test for this 
         class SAML_DLLLOCAL EncryptedIDImpl : public virtual EncryptedID, public EncryptedElementTypeImpl
         {
         public:
             virtual ~EncryptedIDImpl() {}
-    
-            EncryptedIDImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const QName* schemaType)
+
+            EncryptedIDImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const xmltooling::QName* schemaType)
                 : AbstractXMLObject(nsURI, localName, prefix, schemaType) {}
-                
+
             EncryptedIDImpl(const EncryptedIDImpl& src) : AbstractXMLObject(src), EncryptedElementTypeImpl(src) {}
-            
+
             IMPL_XMLOBJECT_CLONE(EncryptedID);
             EncryptedElementType* cloneEncryptedElementType() const {
                 return new EncryptedIDImpl(*this);
             }
         };
 
+        class SAML_DLLLOCAL ConditionImpl : public virtual Condition, public AnyElementImpl
+        {
+        public:
+            virtual ~ConditionImpl() {}
+
+            ConditionImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const xmltooling::QName* schemaType)
+                : AbstractXMLObject(nsURI, localName, prefix, schemaType) {
+            }
+
+            ConditionImpl(const ConditionImpl& src) : AnyElementImpl(src) {}
+
+            IMPL_XMLOBJECT_CLONE(Condition);
+        };
+
         class SAML_DLLLOCAL AudienceRestrictionImpl : public virtual AudienceRestriction,
             public AbstractComplexElement,
             public AbstractDOMCachingXMLObject,
@@ -247,11 +245,11 @@ namespace opensaml {
         {
         public:
             virtual ~AudienceRestrictionImpl() {}
-    
-            AudienceRestrictionImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const QName* schemaType)
+
+            AudienceRestrictionImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const xmltooling::QName* schemaType)
                 : AbstractXMLObject(nsURI, localName, prefix, schemaType) {
             }
-                
+
             AudienceRestrictionImpl(const AudienceRestrictionImpl& src)
                     : AbstractXMLObject(src), AbstractComplexElement(src), AbstractDOMCachingXMLObject(src) {
                 VectorOf(Audience) v=getAudiences();
@@ -261,13 +259,13 @@ namespace opensaml {
                     }
                 }
             }
-            
+
             IMPL_XMLOBJECT_CLONE(AudienceRestriction);
             Condition* cloneCondition() const {
                 return cloneAudienceRestriction();
             }
             IMPL_TYPED_CHILDREN(Audience,m_children.end());
-    
+
         protected:
             void processChildElement(XMLObject* childXMLObject, const DOMElement* root) {
                 PROC_TYPED_CHILDREN(Audience,SAML20_NS,false);
@@ -283,15 +281,15 @@ namespace opensaml {
         {
         public:
             virtual ~OneTimeUseImpl() {}
-    
-            OneTimeUseImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const QName* schemaType)
+
+            OneTimeUseImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const xmltooling::QName* schemaType)
                 : AbstractXMLObject(nsURI, localName, prefix, schemaType) {
             }
-                
+
             OneTimeUseImpl(const OneTimeUseImpl& src)
                 : AbstractXMLObject(src), AbstractSimpleElement(src), AbstractDOMCachingXMLObject(src) {
             }
-            
+
             IMPL_XMLOBJECT_CLONE(OneTimeUse);
             Condition* cloneCondition() const {
                 return cloneOneTimeUse();
@@ -308,12 +306,12 @@ namespace opensaml {
             virtual ~ProxyRestrictionImpl() {
                 XMLString::release(&m_Count);
             }
-    
-            ProxyRestrictionImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const QName* schemaType)
+
+            ProxyRestrictionImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const xmltooling::QName* schemaType)
                 : AbstractXMLObject(nsURI, localName, prefix, schemaType) {
                 m_Count=NULL;
             }
-                
+
             ProxyRestrictionImpl(const ProxyRestrictionImpl& src)
                     : AbstractXMLObject(src), AbstractComplexElement(src), AbstractDOMCachingXMLObject(src) {
                 setCount(src.m_Count);
@@ -324,14 +322,14 @@ namespace opensaml {
                     }
                 }
             }
-            
+
             IMPL_XMLOBJECT_CLONE(ProxyRestriction);
             Condition* cloneCondition() const {
                 return cloneProxyRestriction();
             }
             IMPL_TYPED_CHILDREN(Audience,m_children.end());
             IMPL_INTEGER_ATTRIB(Count);
-    
+
         protected:
             void marshallAttributes(DOMElement* domElement) const {
                 MARSHALL_INTEGER_ATTRIB(Count,COUNT,NULL);
@@ -348,6 +346,113 @@ namespace opensaml {
             }
         };
 
+        class SAML_DLLLOCAL DelegateImpl : public virtual Delegate,
+            public AbstractComplexElement,
+            public AbstractDOMCachingXMLObject,
+            public AbstractXMLObjectMarshaller,
+            public AbstractXMLObjectUnmarshaller
+        {
+            void init() {
+                m_ConfirmationMethod=NULL;
+                m_DelegationInstant=NULL;
+                m_BaseID=NULL;
+                m_NameID=NULL;
+                m_EncryptedID=NULL;
+                m_children.push_back(NULL);
+                m_children.push_back(NULL);
+                m_children.push_back(NULL);
+                m_pos_BaseID=m_children.begin();
+                m_pos_NameID=m_pos_BaseID;
+                ++m_pos_NameID;
+                m_pos_EncryptedID=m_pos_NameID;
+                ++m_pos_EncryptedID;
+            }
+        public:
+            virtual ~DelegateImpl() {
+                XMLString::release(&m_ConfirmationMethod);
+                delete m_DelegationInstant;
+            }
+
+            DelegateImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const xmltooling::QName* schemaType)
+                : AbstractXMLObject(nsURI, localName, prefix, schemaType) {
+                init();
+            }
+
+            DelegateImpl(const DelegateImpl& src)
+                    : AbstractXMLObject(src), AbstractComplexElement(src), AbstractDOMCachingXMLObject(src) {
+                init();
+                setConfirmationMethod(src.getConfirmationMethod());
+                setDelegationInstant(src.getDelegationInstant());
+                if (src.getBaseID())
+                    setBaseID(src.getBaseID()->cloneBaseID());
+                if (src.getNameID())
+                    setNameID(src.getNameID()->cloneNameID());
+                if (src.getEncryptedID())
+                    setEncryptedID(src.getEncryptedID()->cloneEncryptedID());
+            }
+
+            IMPL_XMLOBJECT_CLONE(Delegate);
+            IMPL_STRING_ATTRIB(ConfirmationMethod);
+            IMPL_DATETIME_ATTRIB(DelegationInstant,0);
+            IMPL_TYPED_CHILD(NameID);
+            IMPL_TYPED_CHILD(BaseID);
+            IMPL_TYPED_CHILD(EncryptedID);
+
+        protected:
+            void marshallAttributes(DOMElement* domElement) const {
+                MARSHALL_STRING_ATTRIB(ConfirmationMethod,CONFIRMATIONMETHOD,NULL);
+                MARSHALL_DATETIME_ATTRIB(DelegationInstant,DELEGATIONINSTANT,NULL);
+            }
+
+            void processChildElement(XMLObject* childXMLObject, const DOMElement* root) {
+                PROC_TYPED_CHILD(BaseID,SAML20_NS,false);
+                PROC_TYPED_CHILD(NameID,SAML20_NS,false);
+                PROC_TYPED_CHILD(EncryptedID,SAML20_NS,false);
+                AbstractXMLObjectUnmarshaller::processChildElement(childXMLObject,root);
+            }
+
+            void processAttribute(const DOMAttr* attribute) {
+                PROC_STRING_ATTRIB(ConfirmationMethod,CONFIRMATIONMETHOD,NULL);
+                PROC_DATETIME_ATTRIB(DelegationInstant,DELEGATIONINSTANT,NULL);
+                AbstractXMLObjectUnmarshaller::processAttribute(attribute);
+            }
+        };
+
+        class SAML_DLLLOCAL DelegationRestrictionTypeImpl : public virtual DelegationRestrictionType,
+            public AbstractComplexElement,
+            public AbstractDOMCachingXMLObject,
+            public AbstractXMLObjectMarshaller,
+            public AbstractXMLObjectUnmarshaller
+        {
+        public:
+            virtual ~DelegationRestrictionTypeImpl() {}
+
+            DelegationRestrictionTypeImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const xmltooling::QName* schemaType)
+                : AbstractXMLObject(nsURI, localName, prefix, schemaType) {
+            }
+
+            DelegationRestrictionTypeImpl(const DelegationRestrictionTypeImpl& src)
+                    : AbstractXMLObject(src), AbstractComplexElement(src), AbstractDOMCachingXMLObject(src) {
+                VectorOf(Delegate) v=getDelegates();
+                for (vector<Delegate*>::const_iterator i=src.m_Delegates.begin(); i!=src.m_Delegates.end(); i++) {
+                    if (*i) {
+                        v.push_back((*i)->cloneDelegate());
+                    }
+                }
+            }
+
+            IMPL_XMLOBJECT_CLONE(DelegationRestrictionType);
+            Condition* cloneCondition() const {
+                return cloneDelegationRestrictionType();
+            }
+            IMPL_TYPED_CHILDREN(Delegate,m_children.end());
+
+        protected:
+            void processChildElement(XMLObject* childXMLObject, const DOMElement* root) {
+                PROC_TYPED_CHILDREN(Delegate,SAML20_DELEGATION_CONDITION_NS,false);
+                AbstractXMLObjectUnmarshaller::processChildElement(childXMLObject,root);
+            }
+        };
 
         class SAML_DLLLOCAL ConditionsImpl : public virtual Conditions,
             public AbstractComplexElement,
@@ -363,12 +468,12 @@ namespace opensaml {
                 delete m_NotBefore;
                 delete m_NotOnOrAfter;
             }
-    
-            ConditionsImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const QName* schemaType)
+
+            ConditionsImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const xmltooling::QName* schemaType)
                 : AbstractXMLObject(nsURI, localName, prefix, schemaType) {
                 init();
             }
-                
+
             ConditionsImpl(const ConditionsImpl& src)
                     : AbstractXMLObject(src), AbstractComplexElement(src), AbstractDOMCachingXMLObject(src) {
                 init();
@@ -382,13 +487,13 @@ namespace opensaml {
                             getAudienceRestrictions().push_back(arc->cloneAudienceRestriction());
                             continue;
                         }
-    
+
                         OneTimeUse* dncc=dynamic_cast<OneTimeUse*>(*i);
                         if (dncc) {
                             getOneTimeUses().push_back(dncc->cloneOneTimeUse());
                             continue;
                         }
-    
+
                         ProxyRestriction* prc=dynamic_cast<ProxyRestriction*>(*i);
                         if (prc) {
                             getProxyRestrictions().push_back(prc->cloneProxyRestriction());
@@ -403,7 +508,7 @@ namespace opensaml {
                     }
                 }
             }
-                        
+
             IMPL_XMLOBJECT_CLONE(Conditions);
             IMPL_DATETIME_ATTRIB(NotBefore,0);
             IMPL_DATETIME_ATTRIB(NotOnOrAfter,SAMLTIME_MAX);
@@ -411,13 +516,13 @@ namespace opensaml {
             IMPL_TYPED_CHILDREN(OneTimeUse,m_children.end());
             IMPL_TYPED_CHILDREN(ProxyRestriction, m_children.end());
             IMPL_TYPED_CHILDREN(Condition,m_children.end());
-    
+
         protected:
             void marshallAttributes(DOMElement* domElement) const {
                 MARSHALL_DATETIME_ATTRIB(NotBefore,NOTBEFORE,NULL);
                 MARSHALL_DATETIME_ATTRIB(NotOnOrAfter,NOTONORAFTER,NULL);
             }
-    
+
             void processChildElement(XMLObject* childXMLObject, const DOMElement* root) {
                 PROC_TYPED_CHILDREN(AudienceRestriction,SAML20_NS,false);
                 PROC_TYPED_CHILDREN(OneTimeUse,SAML20_NS,false);
@@ -425,7 +530,7 @@ namespace opensaml {
                 PROC_TYPED_CHILDREN(Condition,SAML20_NS,false);
                 AbstractXMLObjectUnmarshaller::processChildElement(childXMLObject,root);
             }
-    
+
             void processAttribute(const DOMAttr* attribute) {
                 PROC_DATETIME_ATTRIB(NotBefore,NOTBEFORE,NULL);
                 PROC_DATETIME_ATTRIB(NotOnOrAfter,NOTONORAFTER,NULL);
@@ -433,27 +538,33 @@ namespace opensaml {
             }
         };
 
-        class SAML_DLLLOCAL SubjectConfirmationDataImpl : public virtual SubjectConfirmationData, public AnyElementImpl
+        class SAML_DLLLOCAL SubjectConfirmationDataTypeImpl : public virtual SubjectConfirmationDataType, public virtual AbstractXMLObject
         {
             void init() {
                 m_NotBefore=m_NotOnOrAfter=NULL;
                 m_Recipient=m_InResponseTo=m_Address=NULL;
             }
+
+        protected:
+            SubjectConfirmationDataTypeImpl() {
+                init();
+            }
+
         public:
-            virtual ~SubjectConfirmationDataImpl() {
+            virtual ~SubjectConfirmationDataTypeImpl() {
                 delete m_NotBefore;
                 delete m_NotOnOrAfter;
                 XMLString::release(&m_Recipient);
                 XMLString::release(&m_InResponseTo);
                 XMLString::release(&m_Address);
             }
-    
-            SubjectConfirmationDataImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const QName* schemaType)
+
+            SubjectConfirmationDataTypeImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const xmltooling::QName* schemaType)
                     : AbstractXMLObject(nsURI, localName, prefix, schemaType) {
                 init();
             }
-                
-            SubjectConfirmationDataImpl(const SubjectConfirmationDataImpl& src) : AnyElementImpl(src) {
+
+            SubjectConfirmationDataTypeImpl(const SubjectConfirmationDataTypeImpl& src) : AbstractXMLObject(src) {
                 init();
                 setNotBefore(src.getNotBefore());
                 setNotOnOrAfter(src.getNotOnOrAfter());
@@ -461,16 +572,51 @@ namespace opensaml {
                 setInResponseTo(src.getInResponseTo());
                 setAddress(src.getAddress());
             }
-            
-            IMPL_XMLOBJECT_CLONE(SubjectConfirmationData);
+
             IMPL_DATETIME_ATTRIB(NotBefore,0);
             IMPL_DATETIME_ATTRIB(NotOnOrAfter,SAMLTIME_MAX);
             IMPL_STRING_ATTRIB(Recipient);
             IMPL_STRING_ATTRIB(InResponseTo);
             IMPL_STRING_ATTRIB(Address);
-            
+
+        protected:
+            void marshallAttributes(DOMElement* domElement) const {
+                MARSHALL_DATETIME_ATTRIB(NotBefore,NOTBEFORE,NULL);
+                MARSHALL_DATETIME_ATTRIB(NotOnOrAfter,NOTONORAFTER,NULL);
+                MARSHALL_STRING_ATTRIB(Recipient,RECIPIENT,NULL);
+                MARSHALL_STRING_ATTRIB(InResponseTo,INRESPONSETO,NULL);
+                MARSHALL_STRING_ATTRIB(Address,ADDRESS,NULL);
+            }
+
+            void processAttribute(const DOMAttr* attribute) {
+                PROC_DATETIME_ATTRIB(NotBefore,NOTBEFORE,NULL);
+                PROC_DATETIME_ATTRIB(NotOnOrAfter,NOTONORAFTER,NULL);
+                PROC_STRING_ATTRIB(Recipient,RECIPIENT,NULL);
+                PROC_STRING_ATTRIB(InResponseTo,INRESPONSETO,NULL);
+                PROC_STRING_ATTRIB(Address,ADDRESS,NULL);
+            }
+        };
+
+        class SAML_DLLLOCAL SubjectConfirmationDataImpl : public SubjectConfirmationData,
+            public SubjectConfirmationDataTypeImpl, public AnyElementImpl
+        {
         public:
-            void setAttribute(const QName& qualifiedName, const XMLCh* value, bool ID=false) {
+            virtual ~SubjectConfirmationDataImpl() {}
+
+            SubjectConfirmationDataImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const xmltooling::QName* schemaType)
+                    : AbstractXMLObject(nsURI, localName, prefix, schemaType) {
+            }
+
+            SubjectConfirmationDataImpl(const SubjectConfirmationDataImpl& src)
+                    : SubjectConfirmationDataTypeImpl(src), AnyElementImpl(src) {
+            }
+
+            IMPL_XMLOBJECT_CLONE(SubjectConfirmationData);
+            SubjectConfirmationDataType* cloneSubjectConfirmationDataType() const {
+                return new SubjectConfirmationDataImpl(*this);
+            }
+
+            void setAttribute(const xmltooling::QName& qualifiedName, const XMLCh* value, bool ID=false) {
                 if (!qualifiedName.hasNamespaceURI()) {
                     if (XMLString::equals(qualifiedName.getLocalPart(),NOTBEFORE_ATTRIB_NAME)) {
                         setNotBefore(value);
@@ -498,66 +644,52 @@ namespace opensaml {
 
         protected:
             void marshallAttributes(DOMElement* domElement) const {
-                MARSHALL_DATETIME_ATTRIB(NotBefore,NOTBEFORE,NULL);
-                MARSHALL_DATETIME_ATTRIB(NotOnOrAfter,NOTONORAFTER,NULL);
-                MARSHALL_STRING_ATTRIB(Recipient,RECIPIENT,NULL);
-                MARSHALL_STRING_ATTRIB(InResponseTo,INRESPONSETO,NULL);
-                MARSHALL_STRING_ATTRIB(Address,ADDRESS,NULL);
+                SubjectConfirmationDataTypeImpl::marshallAttributes(domElement);
                 AnyElementImpl::marshallAttributes(domElement);
             }
-            
-            // The processAttributes hook is handled by AnyElementImpl
+
+            void processAttribute(const DOMAttr* attribute) {
+                PROC_DATETIME_ATTRIB(NotBefore,NOTBEFORE,NULL);
+                PROC_DATETIME_ATTRIB(NotOnOrAfter,NOTONORAFTER,NULL);
+                PROC_STRING_ATTRIB(Recipient,RECIPIENT,NULL);
+                PROC_STRING_ATTRIB(InResponseTo,INRESPONSETO,NULL);
+                PROC_STRING_ATTRIB(Address,ADDRESS,NULL);
+                AnyElementImpl::processAttribute(attribute);
+            }
         };
 
         class SAML_DLLLOCAL KeyInfoConfirmationDataTypeImpl : public virtual KeyInfoConfirmationDataType,
+                public SubjectConfirmationDataTypeImpl,
                 public AbstractComplexElement,
                 public AbstractAttributeExtensibleXMLObject,
                 public AbstractDOMCachingXMLObject,
                 public AbstractXMLObjectMarshaller,
                 public AbstractXMLObjectUnmarshaller
         {
-            void init() {
-                m_NotBefore=m_NotOnOrAfter=NULL;
-                m_Recipient=m_InResponseTo=m_Address=NULL;
-            }
         public:
-            virtual ~KeyInfoConfirmationDataTypeImpl() {
-                delete m_NotBefore;
-                delete m_NotOnOrAfter;
-                XMLString::release(&m_Recipient);
-                XMLString::release(&m_InResponseTo);
-                XMLString::release(&m_Address);
-            }
-    
-            KeyInfoConfirmationDataTypeImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const QName* schemaType)
+            virtual ~KeyInfoConfirmationDataTypeImpl() {}
+
+            KeyInfoConfirmationDataTypeImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const xmltooling::QName* schemaType)
                     : AbstractXMLObject(nsURI, localName, prefix, schemaType) {
-                init();
             }
-                
+
             KeyInfoConfirmationDataTypeImpl(const KeyInfoConfirmationDataTypeImpl& src)
-                    : AbstractXMLObject(src), AbstractComplexElement(src),
+                    : AbstractXMLObject(src), SubjectConfirmationDataTypeImpl(src), AbstractComplexElement(src),
                         AbstractAttributeExtensibleXMLObject(src), AbstractDOMCachingXMLObject(src) {
-                init();
-                setNotBefore(src.getNotBefore());
-                setNotOnOrAfter(src.getNotOnOrAfter());
-                setRecipient(src.getRecipient());
-                setInResponseTo(src.getInResponseTo());
-                setAddress(src.getAddress());
                 VectorOf(KeyInfo) v=getKeyInfos();
                 for (vector<KeyInfo*>::const_iterator i=src.m_KeyInfos.begin(); i!=src.m_KeyInfos.end(); ++i)
                     v.push_back((*i)->cloneKeyInfo());
             }
-            
+
             IMPL_XMLOBJECT_CLONE(KeyInfoConfirmationDataType);
-            IMPL_DATETIME_ATTRIB(NotBefore,0);
-            IMPL_DATETIME_ATTRIB(NotOnOrAfter,SAMLTIME_MAX);
-            IMPL_STRING_ATTRIB(Recipient);
-            IMPL_STRING_ATTRIB(InResponseTo);
-            IMPL_STRING_ATTRIB(Address);
+            SubjectConfirmationDataType* cloneSubjectConfirmationDataType() const {
+                return new KeyInfoConfirmationDataTypeImpl(*this);
+            }
+
             IMPL_TYPED_CHILDREN(KeyInfo,m_children.end());
-            
+
         public:
-            void setAttribute(const QName& qualifiedName, const XMLCh* value, bool ID=false) {
+            void setAttribute(const xmltooling::QName& qualifiedName, const XMLCh* value, bool ID=false) {
                 if (!qualifiedName.hasNamespaceURI()) {
                     if (XMLString::equals(qualifiedName.getLocalPart(),NOTBEFORE_ATTRIB_NAME)) {
                         setNotBefore(value);
@@ -585,14 +717,10 @@ namespace opensaml {
 
         protected:
             void marshallAttributes(DOMElement* domElement) const {
-                MARSHALL_DATETIME_ATTRIB(NotBefore,NOTBEFORE,NULL);
-                MARSHALL_DATETIME_ATTRIB(NotOnOrAfter,NOTONORAFTER,NULL);
-                MARSHALL_STRING_ATTRIB(Recipient,RECIPIENT,NULL);
-                MARSHALL_STRING_ATTRIB(InResponseTo,INRESPONSETO,NULL);
-                MARSHALL_STRING_ATTRIB(Address,ADDRESS,NULL);
+                SubjectConfirmationDataTypeImpl::marshallAttributes(domElement);
                 marshallExtensionAttributes(domElement);
             }
-    
+
             void processChildElement(XMLObject* childXMLObject, const DOMElement* root) {
                 PROC_TYPED_CHILDREN(KeyInfo,XMLSIG_NS,false);
                 AbstractXMLObjectUnmarshaller::processChildElement(childXMLObject,root);
@@ -615,7 +743,6 @@ namespace opensaml {
                 m_NameID=NULL;
                 m_EncryptedID=NULL;
                 m_SubjectConfirmationData=NULL;
-                m_KeyInfoConfirmationDataType=NULL;
                 m_children.push_back(NULL);
                 m_children.push_back(NULL);
                 m_children.push_back(NULL);
@@ -627,17 +754,15 @@ namespace opensaml {
                 ++m_pos_EncryptedID;
                 m_pos_SubjectConfirmationData=m_pos_EncryptedID;
                 ++m_pos_SubjectConfirmationData;
-                m_pos_KeyInfoConfirmationDataType=m_pos_SubjectConfirmationData;
-                ++m_pos_KeyInfoConfirmationDataType;
             }
         public:
             virtual ~SubjectConfirmationImpl() {}
-    
-            SubjectConfirmationImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const QName* schemaType)
+
+            SubjectConfirmationImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const xmltooling::QName* schemaType)
                 : AbstractXMLObject(nsURI, localName, prefix, schemaType) {
                 init();
             }
-                
+
             SubjectConfirmationImpl(const SubjectConfirmationImpl& src)
                     : AbstractXMLObject(src), AbstractComplexElement(src), AbstractDOMCachingXMLObject(src) {
                 init();
@@ -650,18 +775,15 @@ namespace opensaml {
                     setEncryptedID(src.getEncryptedID()->cloneEncryptedID());
                 if (src.getSubjectConfirmationData())
                     setSubjectConfirmationData(src.getSubjectConfirmationData()->clone());
-                if (src.getKeyInfoConfirmationDataType())
-                    setKeyInfoConfirmationDataType(src.getKeyInfoConfirmationDataType()->cloneKeyInfoConfirmationDataType());
             }
-            
+
             IMPL_XMLOBJECT_CLONE(SubjectConfirmation);
             IMPL_STRING_ATTRIB(Method);
             IMPL_TYPED_CHILD(BaseID);
             IMPL_TYPED_CHILD(NameID);
             IMPL_TYPED_CHILD(EncryptedID);
             IMPL_XMLOBJECT_CHILD(SubjectConfirmationData);
-            IMPL_TYPED_CHILD(KeyInfoConfirmationDataType);
-    
+
         protected:
             void marshallAttributes(DOMElement* domElement) const {
                 MARSHALL_STRING_ATTRIB(Method,METHOD,NULL);
@@ -671,7 +793,6 @@ namespace opensaml {
                 PROC_TYPED_CHILD(BaseID,SAML20_NS,false);
                 PROC_TYPED_CHILD(NameID,SAML20_NS,false);
                 PROC_TYPED_CHILD(EncryptedID,SAML20_NS,false);
-                PROC_TYPED_CHILD(KeyInfoConfirmationDataType,SAML20_NS,false);
                 PROC_XMLOBJECT_CHILD(SubjectConfirmationData,SAML20_NS);
                 AbstractXMLObjectUnmarshaller::processChildElement(childXMLObject,root);
             }
@@ -703,12 +824,12 @@ namespace opensaml {
             }
         public:
             virtual ~SubjectImpl() {}
-    
-            SubjectImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const QName* schemaType)
+
+            SubjectImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const xmltooling::QName* schemaType)
                 : AbstractXMLObject(nsURI, localName, prefix, schemaType) {
                 init();
             }
-                
+
             SubjectImpl(const SubjectImpl& src)
                     : AbstractXMLObject(src), AbstractComplexElement(src), AbstractDOMCachingXMLObject(src) {
                 init();
@@ -725,13 +846,13 @@ namespace opensaml {
                     }
                 }
             }
-            
+
             IMPL_XMLOBJECT_CLONE(Subject);
             IMPL_TYPED_CHILD(NameID);
             IMPL_TYPED_CHILD(BaseID);
             IMPL_TYPED_CHILD(EncryptedID);
             IMPL_TYPED_CHILDREN(SubjectConfirmation,m_children.end());
-    
+
         protected:
             void processChildElement(XMLObject* childXMLObject, const DOMElement* root) {
                 PROC_TYPED_CHILD(BaseID,SAML20_NS,false);
@@ -756,29 +877,29 @@ namespace opensaml {
                 XMLString::release(&m_Address);
                 XMLString::release(&m_DNSName);
             }
-    
-            SubjectLocalityImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const QName* schemaType)
+
+            SubjectLocalityImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const xmltooling::QName* schemaType)
                 : AbstractXMLObject(nsURI, localName, prefix, schemaType) {
                 init();
             }
-                
+
             SubjectLocalityImpl(const SubjectLocalityImpl& src)
                     : AbstractXMLObject(src), AbstractSimpleElement(src), AbstractDOMCachingXMLObject(src) {
                 init();
                 setAddress(src.getAddress());
                 setDNSName(src.getDNSName());
             }
-            
+
             IMPL_XMLOBJECT_CLONE(SubjectLocality);
             IMPL_STRING_ATTRIB(Address);
             IMPL_STRING_ATTRIB(DNSName);
-    
+
         protected:
             void marshallAttributes(DOMElement* domElement) const {
                 MARSHALL_STRING_ATTRIB(Address,ADDRESS,NULL);
                 MARSHALL_STRING_ATTRIB(DNSName,DNSNAME,NULL);
             }
-    
+
             void processAttribute(const DOMAttr* attribute) {
                 PROC_STRING_ATTRIB(Address,ADDRESS,NULL);
                 PROC_STRING_ATTRIB(DNSName,DNSNAME,NULL);
@@ -786,19 +907,33 @@ namespace opensaml {
             }
         };
 
+        class SAML_DLLLOCAL StatementImpl : public virtual Statement, public AnyElementImpl
+        {
+        public:
+            virtual ~StatementImpl() {}
+
+            StatementImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const xmltooling::QName* schemaType)
+                : AbstractXMLObject(nsURI, localName, prefix, schemaType) {
+            }
+
+            StatementImpl(const StatementImpl& src) : AnyElementImpl(src) {}
+
+            IMPL_XMLOBJECT_CLONE(Statement);
+        };
+
         //TODO need unit test for this
         class SAML_DLLLOCAL AuthnContextDeclImpl : public virtual AuthnContextDecl, public AnyElementImpl
         {
         public:
             virtual ~AuthnContextDeclImpl() {}
-    
-            AuthnContextDeclImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const QName* schemaType)
+
+            AuthnContextDeclImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const xmltooling::QName* schemaType)
                 : AbstractXMLObject(nsURI, localName, prefix, schemaType) {
             }
-                
+
             AuthnContextDeclImpl(const AuthnContextDeclImpl& src) : AnyElementImpl(src) {
             }
-            
+
             IMPL_XMLOBJECT_CLONE(AuthnContextDecl);
         };
 
@@ -823,12 +958,12 @@ namespace opensaml {
             }
         public:
             virtual ~AuthnContextImpl() {}
-    
-            AuthnContextImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const QName* schemaType)
+
+            AuthnContextImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const xmltooling::QName* schemaType)
                 : AbstractXMLObject(nsURI, localName, prefix, schemaType) {
                 init();
             }
-                
+
             AuthnContextImpl(const AuthnContextImpl& src)
                     : AbstractXMLObject(src), AbstractComplexElement(src), AbstractDOMCachingXMLObject(src) {
                 init();
@@ -845,13 +980,13 @@ namespace opensaml {
                     }
                 }
             }
-            
+
             IMPL_XMLOBJECT_CLONE(AuthnContext);
             IMPL_TYPED_CHILD(AuthnContextClassRef);
             IMPL_XMLOBJECT_CHILD(AuthnContextDecl);
             IMPL_TYPED_CHILD(AuthnContextDeclRef);
             IMPL_TYPED_CHILDREN(AuthenticatingAuthority,m_children.end());
-    
+
         protected:
             void processChildElement(XMLObject* childXMLObject, const DOMElement* root) {
                 PROC_TYPED_CHILD(AuthnContextClassRef,SAML20_NS,false);
@@ -886,12 +1021,12 @@ namespace opensaml {
                 XMLString::release(&m_SessionIndex);
                 delete m_SessionNotOnOrAfter;
             }
-    
-            AuthnStatementImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const QName* schemaType)
+
+            AuthnStatementImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const xmltooling::QName* schemaType)
                 : AbstractXMLObject(nsURI, localName, prefix, schemaType) {
                 init();
             }
-                
+
             AuthnStatementImpl(const AuthnStatementImpl& src)
                     : AbstractXMLObject(src), AbstractComplexElement(src), AbstractDOMCachingXMLObject(src) {
                 init();
@@ -903,7 +1038,7 @@ namespace opensaml {
                 if (src.getAuthnContext())
                     setAuthnContext(src.getAuthnContext()->cloneAuthnContext());
             }
-            
+
             IMPL_XMLOBJECT_CLONE(AuthnStatement);
             Statement* cloneStatement() const {
                 return cloneAuthnStatement();
@@ -913,20 +1048,20 @@ namespace opensaml {
             IMPL_DATETIME_ATTRIB(SessionNotOnOrAfter,SAMLTIME_MAX);
             IMPL_TYPED_CHILD(SubjectLocality);
             IMPL_TYPED_CHILD(AuthnContext);
-    
+
         protected:
             void marshallAttributes(DOMElement* domElement) const {
                 MARSHALL_DATETIME_ATTRIB(AuthnInstant,AUTHNINSTANT,NULL);
                 MARSHALL_STRING_ATTRIB(SessionIndex,SESSIONINDEX,NULL);
                 MARSHALL_DATETIME_ATTRIB(SessionNotOnOrAfter,SESSIONNOTONORAFTER,NULL);
             }
-    
+
             void processChildElement(XMLObject* childXMLObject, const DOMElement* root) {
                 PROC_TYPED_CHILD(SubjectLocality,SAML20_NS,false);
                 PROC_TYPED_CHILD(AuthnContext,SAML20_NS,false);
                 AbstractXMLObjectUnmarshaller::processChildElement(childXMLObject,root);
             }
-    
+
             void processAttribute(const DOMAttr* attribute) {
                 PROC_DATETIME_ATTRIB(AuthnInstant,AUTHNINSTANT,NULL);
                 PROC_STRING_ATTRIB(SessionIndex,SESSIONINDEX,NULL);
@@ -945,19 +1080,19 @@ namespace opensaml {
             virtual ~ActionImpl() {
                 XMLString::release(&m_Namespace);
             }
-    
-            ActionImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const QName* schemaType)
+
+            ActionImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const xmltooling::QName* schemaType)
                     : AbstractXMLObject(nsURI, localName, prefix, schemaType), m_Namespace(NULL) {
             }
-                
+
             ActionImpl(const ActionImpl& src)
                     : AbstractXMLObject(src), AbstractSimpleElement(src), AbstractDOMCachingXMLObject(src) {
                 setNamespace(src.getNamespace());
             }
-            
+
             IMPL_XMLOBJECT_CLONE(Action);
             IMPL_STRING_ATTRIB(Namespace);
-    
+
         protected:
             void marshallAttributes(DOMElement* domElement) const {
                 MARSHALL_STRING_ATTRIB(Namespace,NAMESPACE,NULL);
@@ -977,11 +1112,11 @@ namespace opensaml {
         {
         public:
             virtual ~EvidenceImpl() {}
-    
-            EvidenceImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const QName* schemaType)
+
+            EvidenceImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const xmltooling::QName* schemaType)
                 : AbstractXMLObject(nsURI, localName, prefix, schemaType) {
             }
-                
+
             EvidenceImpl(const EvidenceImpl& src)
                     : AbstractXMLObject(src), AbstractComplexElement(src), AbstractDOMCachingXMLObject(src) {
                 for (list<XMLObject*>::const_iterator i=src.m_children.begin(); i!=src.m_children.end(); i++) {
@@ -991,7 +1126,7 @@ namespace opensaml {
                             getAssertionIDRefs().push_back(ref->cloneAssertionIDRef());
                             continue;
                         }
-    
+
                         AssertionURIRef* uri=dynamic_cast<AssertionURIRef*>(*i);
                         if (uri) {
                             getAssertionURIRefs().push_back(uri->cloneAssertionURIRef());
@@ -1003,7 +1138,7 @@ namespace opensaml {
                             getAssertions().push_back(assertion->cloneAssertion());
                             continue;
                         }
-                        
+
                         EncryptedAssertion* enc=dynamic_cast<EncryptedAssertion*>(*i);
                         if (enc) {
                             getEncryptedAssertions().push_back(enc->cloneEncryptedAssertion());
@@ -1012,13 +1147,13 @@ namespace opensaml {
                     }
                 }
             }
-            
+
             IMPL_XMLOBJECT_CLONE(Evidence);
             IMPL_TYPED_CHILDREN(AssertionIDRef,m_children.end());
             IMPL_TYPED_CHILDREN(AssertionURIRef,m_children.end());
             IMPL_TYPED_CHILDREN(Assertion,m_children.end());
             IMPL_TYPED_CHILDREN(EncryptedAssertion,m_children.end());
-    
+
         protected:
             void processChildElement(XMLObject* childXMLObject, const DOMElement* root) {
                 PROC_TYPED_CHILDREN(AssertionIDRef,SAML20_NS,false);
@@ -1047,12 +1182,12 @@ namespace opensaml {
                 XMLString::release(&m_Resource);
                 XMLString::release(&m_Decision);
             }
-    
-            AuthzDecisionStatementImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const QName* schemaType)
+
+            AuthzDecisionStatementImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const xmltooling::QName* schemaType)
                 : AbstractXMLObject(nsURI, localName, prefix, schemaType) {
                 init();
             }
-                
+
             AuthzDecisionStatementImpl(const AuthzDecisionStatementImpl& src)
                     : AbstractXMLObject(src), AbstractComplexElement(src), AbstractDOMCachingXMLObject(src) {
                 init();
@@ -1067,7 +1202,7 @@ namespace opensaml {
                     }
                 }
             }
-            
+
             IMPL_XMLOBJECT_CLONE(AuthzDecisionStatement);
             Statement* cloneStatement() const {
                 return cloneAuthzDecisionStatement();
@@ -1076,19 +1211,19 @@ namespace opensaml {
             IMPL_STRING_ATTRIB(Decision);
             IMPL_TYPED_CHILD(Evidence);
             IMPL_TYPED_CHILDREN(Action, m_pos_Evidence);
-    
+
         protected:
             void marshallAttributes(DOMElement* domElement) const {
                 MARSHALL_STRING_ATTRIB(Resource,RESOURCE,NULL);
                 MARSHALL_STRING_ATTRIB(Decision,DECISION,NULL);
             }
-    
+
             void processChildElement(XMLObject* childXMLObject, const DOMElement* root) {
                 PROC_TYPED_CHILD(Evidence,SAML20_NS,false);
                 PROC_TYPED_CHILDREN(Action,SAML20_NS,false);
                 AbstractXMLObjectUnmarshaller::processChildElement(childXMLObject,root);
             }
-    
+
             void processAttribute(const DOMAttr* attribute) {
                 PROC_STRING_ATTRIB(Resource,RESOURCE,NULL);
                 PROC_STRING_ATTRIB(Decision,DECISION,NULL);
@@ -1096,19 +1231,18 @@ namespace opensaml {
             }
         };
 
-        //TODO need unit test for this
         class SAML_DLLLOCAL AttributeValueImpl : public virtual AttributeValue, public AnyElementImpl
         {
         public:
             virtual ~AttributeValueImpl() {}
-    
-            AttributeValueImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const QName* schemaType)
+
+            AttributeValueImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const xmltooling::QName* schemaType)
                 : AbstractXMLObject(nsURI, localName, prefix, schemaType) {
             }
-                
+
             AttributeValueImpl(const AttributeValueImpl& src) : AnyElementImpl(src) {
             }
-            
+
             IMPL_XMLOBJECT_CLONE(AttributeValue);
         };
 
@@ -1129,12 +1263,12 @@ namespace opensaml {
                 XMLString::release(&m_NameFormat);
                 XMLString::release(&m_FriendlyName);
             }
-    
-            AttributeImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const QName* schemaType)
+
+            AttributeImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const xmltooling::QName* schemaType)
                 : AbstractXMLObject(nsURI, localName, prefix, schemaType) {
                 init();
             }
-                
+
             AttributeImpl(const AttributeImpl& src)
                     : AbstractXMLObject(src), AbstractComplexElement(src),
                         AbstractAttributeExtensibleXMLObject(src), AbstractDOMCachingXMLObject(src) {
@@ -1149,14 +1283,14 @@ namespace opensaml {
                     }
                 }
             }
-            
+
             IMPL_XMLOBJECT_CLONE(Attribute);
             IMPL_STRING_ATTRIB(Name);
             IMPL_STRING_ATTRIB(NameFormat);
             IMPL_STRING_ATTRIB(FriendlyName);
             IMPL_XMLOBJECT_CHILDREN(AttributeValue,m_children.end());
-    
-            void setAttribute(const QName& qualifiedName, const XMLCh* value, bool ID=false) {
+
+            void setAttribute(const xmltooling::QName& qualifiedName, const XMLCh* value, bool ID=false) {
                 if (!qualifiedName.hasNamespaceURI()) {
                     if (XMLString::equals(qualifiedName.getLocalPart(),NAME_ATTRIB_NAME)) {
                         setName(value);
@@ -1191,17 +1325,17 @@ namespace opensaml {
             }
         };
 
-        //TODO unit test for this 
+        //TODO unit test for this
         class SAML_DLLLOCAL EncryptedAttributeImpl : public virtual EncryptedAttribute, public EncryptedElementTypeImpl
         {
         public:
             virtual ~EncryptedAttributeImpl() {}
-    
-            EncryptedAttributeImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const QName* schemaType)
+
+            EncryptedAttributeImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const xmltooling::QName* schemaType)
                 : AbstractXMLObject(nsURI, localName, prefix, schemaType) {}
-                
+
             EncryptedAttributeImpl(const EncryptedAttributeImpl& src) : AbstractXMLObject(src), EncryptedElementTypeImpl(src) {}
-            
+
             IMPL_XMLOBJECT_CLONE(EncryptedAttribute);
             EncryptedElementType* cloneEncryptedElementType() const {
                 return new EncryptedAttributeImpl(*this);
@@ -1216,11 +1350,11 @@ namespace opensaml {
         {
         public:
             virtual ~AttributeStatementImpl() {}
-    
-            AttributeStatementImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const QName* schemaType)
+
+            AttributeStatementImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const xmltooling::QName* schemaType)
                 : AbstractXMLObject(nsURI, localName, prefix, schemaType) {
             }
-                
+
             AttributeStatementImpl(const AttributeStatementImpl& src)
                     : AbstractXMLObject(src), AbstractComplexElement(src), AbstractDOMCachingXMLObject(src) {
                 for (list<XMLObject*>::const_iterator i=src.m_children.begin(); i!=src.m_children.end(); i++) {
@@ -1230,7 +1364,7 @@ namespace opensaml {
                             getAttributes().push_back(attribute->cloneAttribute());
                             continue;
                         }
-                        
+
                         EncryptedAttribute* enc=dynamic_cast<EncryptedAttribute*>(*i);
                         if (enc) {
                             getEncryptedAttributes().push_back(enc->cloneEncryptedAttribute());
@@ -1239,14 +1373,14 @@ namespace opensaml {
                     }
                 }
             }
-            
+
             IMPL_XMLOBJECT_CLONE(AttributeStatement);
             Statement* cloneStatement() const {
                 return cloneAttributeStatement();
             }
             IMPL_TYPED_CHILDREN(Attribute, m_children.end());
             IMPL_TYPED_CHILDREN(EncryptedAttribute, m_children.end());
-    
+
         protected:
             void processChildElement(XMLObject* childXMLObject, const DOMElement* root) {
                 PROC_TYPED_CHILDREN(Attribute,SAML20_NS,false);
@@ -1263,11 +1397,11 @@ namespace opensaml {
         {
         public:
             virtual ~AdviceImpl() {}
-    
-            AdviceImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const QName* schemaType)
+
+            AdviceImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const xmltooling::QName* schemaType)
                 : AbstractXMLObject(nsURI, localName, prefix, schemaType) {
             }
-                
+
             AdviceImpl(const AdviceImpl& src)
                     : AbstractXMLObject(src), AbstractComplexElement(src), AbstractDOMCachingXMLObject(src) {
                 for (list<XMLObject*>::const_iterator i=src.m_children.begin(); i!=src.m_children.end(); i++) {
@@ -1277,7 +1411,7 @@ namespace opensaml {
                             getAssertionIDRefs().push_back(ref->cloneAssertionIDRef());
                             continue;
                         }
-    
+
                         AssertionURIRef* uri=dynamic_cast<AssertionURIRef*>(*i);
                         if (uri) {
                             getAssertionURIRefs().push_back(uri->cloneAssertionURIRef());
@@ -1289,7 +1423,7 @@ namespace opensaml {
                             getAssertions().push_back(assertion->cloneAssertion());
                             continue;
                         }
-                        
+
                         EncryptedAssertion* enc=dynamic_cast<EncryptedAssertion*>(*i);
                         if (enc) {
                             getEncryptedAssertions().push_back(enc->cloneEncryptedAssertion());
@@ -1300,43 +1434,43 @@ namespace opensaml {
                     }
                 }
             }
-            
+
             IMPL_XMLOBJECT_CLONE(Advice);
             IMPL_TYPED_CHILDREN(AssertionIDRef,m_children.end());
             IMPL_TYPED_CHILDREN(AssertionURIRef,m_children.end());
             IMPL_TYPED_CHILDREN(Assertion,m_children.end());
             IMPL_TYPED_CHILDREN(EncryptedAssertion,m_children.end());
             IMPL_XMLOBJECT_CHILDREN(UnknownXMLObject,m_children.end());
-    
+
         protected:
             void processChildElement(XMLObject* childXMLObject, const DOMElement* root) {
                 PROC_TYPED_CHILDREN(AssertionIDRef,SAML20_NS,false);
                 PROC_TYPED_CHILDREN(AssertionURIRef,SAML20_NS,false);
                 PROC_TYPED_CHILDREN(Assertion,SAML20_NS,false);
                 PROC_TYPED_CHILDREN(EncryptedAssertion,SAML20_NS,false);
-                
+
                 // Unknown child.
                 const XMLCh* nsURI=root->getNamespaceURI();
                 if (!XMLString::equals(nsURI,SAML20_NS) && nsURI && *nsURI) {
                     getUnknownXMLObjects().push_back(childXMLObject);
                     return;
                 }
-                
+
                 AbstractXMLObjectUnmarshaller::processChildElement(childXMLObject,root);
             }
         };
 
-        //TODO unit test for this 
+        //TODO unit test for this
         class SAML_DLLLOCAL EncryptedAssertionImpl : public virtual EncryptedAssertion, public EncryptedElementTypeImpl
         {
         public:
             virtual ~EncryptedAssertionImpl() {}
-    
-            EncryptedAssertionImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const QName* schemaType)
+
+            EncryptedAssertionImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const xmltooling::QName* schemaType)
                 : AbstractXMLObject(nsURI, localName, prefix, schemaType) {}
-                
+
             EncryptedAssertionImpl(const EncryptedAssertionImpl& src) : AbstractXMLObject(src), EncryptedElementTypeImpl(src) {}
-            
+
             IMPL_XMLOBJECT_CLONE(EncryptedAssertion);
             EncryptedElementType* cloneEncryptedElementType() const {
                 return new EncryptedAssertionImpl(*this);
@@ -1379,12 +1513,12 @@ namespace opensaml {
                 XMLString::release(&m_Version);
                 delete m_IssueInstant;
             }
-    
-            AssertionImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const QName* schemaType)
+
+            AssertionImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const xmltooling::QName* schemaType)
                 : AbstractXMLObject(nsURI, localName, prefix, schemaType) {
                 init();
             }
-                
+
             AssertionImpl(const AssertionImpl& src)
                     : AbstractXMLObject(src), AbstractComplexElement(src), AbstractDOMCachingXMLObject(src) {
                 init();
@@ -1420,7 +1554,7 @@ namespace opensaml {
                             getAuthzDecisionStatements().push_back(authzst->cloneAuthzDecisionStatement());
                             continue;
                         }
-    
+
                         Statement* st=dynamic_cast<Statement*>(*i);
                         if (st) {
                             getStatements().push_back(st->cloneStatement());
@@ -1429,7 +1563,7 @@ namespace opensaml {
                     }
                 }
             }
-            
+
             //IMPL_TYPED_CHILD(Signature);
             // Need customized setter.
         protected:
@@ -1439,7 +1573,7 @@ namespace opensaml {
             Signature* getSignature() const {
                 return m_Signature;
             }
-            
+
             void setSignature(Signature* sig) {
                 prepareForAssignment(m_Signature,sig);
                 *m_pos_Signature=m_Signature=sig;
@@ -1447,7 +1581,7 @@ namespace opensaml {
                 if (m_Signature)
                     m_Signature->setContentReference(new opensaml::ContentReference(*this));
             }
-            
+
             IMPL_XMLOBJECT_CLONE(Assertion);
             IMPL_STRING_ATTRIB(Version);
             IMPL_ID_ATTRIB(ID);
@@ -1460,7 +1594,7 @@ namespace opensaml {
             IMPL_TYPED_CHILDREN(AuthnStatement, m_children.end());
             IMPL_TYPED_CHILDREN(AttributeStatement, m_children.end());
             IMPL_TYPED_CHILDREN(AuthzDecisionStatement, m_children.end());
-    
+
         protected:
             void marshallAttributes(DOMElement* domElement) const {
                 if (!m_Version)
@@ -1475,7 +1609,7 @@ namespace opensaml {
                 }
                 MARSHALL_DATETIME_ATTRIB(IssueInstant,ISSUEINSTANT,NULL);
             }
-    
+
             void processChildElement(XMLObject* childXMLObject, const DOMElement* root) {
                 PROC_TYPED_CHILD(Issuer,SAML20_NS,false);
                 PROC_TYPED_CHILD(Signature,XMLSIG_NS,false);
@@ -1488,7 +1622,7 @@ namespace opensaml {
                 PROC_TYPED_CHILDREN(Statement,SAML20_NS,false);
                 AbstractXMLObjectUnmarshaller::processChildElement(childXMLObject,root);
             }
-    
+
             void processAttribute(const DOMAttr* attribute) {
                 PROC_STRING_ATTRIB(Version,VER,NULL);
                 PROC_ID_ATTRIB(ID,ID,NULL);
@@ -1523,7 +1657,10 @@ IMPL_XMLOBJECTBUILDER(AuthnContextDecl);
 IMPL_XMLOBJECTBUILDER(AuthnContextDeclRef);
 IMPL_XMLOBJECTBUILDER(AuthnStatement);
 IMPL_XMLOBJECTBUILDER(AuthzDecisionStatement);
+IMPL_XMLOBJECTBUILDER(Condition);
 IMPL_XMLOBJECTBUILDER(Conditions);
+IMPL_XMLOBJECTBUILDER(Delegate);
+IMPL_XMLOBJECTBUILDER(DelegationRestrictionType);
 IMPL_XMLOBJECTBUILDER(EncryptedAssertion);
 IMPL_XMLOBJECTBUILDER(EncryptedAttribute);
 IMPL_XMLOBJECTBUILDER(EncryptedID);
@@ -1534,6 +1671,7 @@ IMPL_XMLOBJECTBUILDER(NameID);
 IMPL_XMLOBJECTBUILDER(NameIDType);
 IMPL_XMLOBJECTBUILDER(OneTimeUse);
 IMPL_XMLOBJECTBUILDER(ProxyRestriction);
+IMPL_XMLOBJECTBUILDER(Statement);
 IMPL_XMLOBJECTBUILDER(Subject);
 IMPL_XMLOBJECTBUILDER(SubjectConfirmation);
 IMPL_XMLOBJECTBUILDER(SubjectConfirmationData);
@@ -1589,21 +1727,22 @@ const XMLCh Conditions::LOCAL_NAME[] =              UNICODE_LITERAL_10(C,o,n,d,i
 const XMLCh Conditions::TYPE_NAME[] =               UNICODE_LITERAL_14(C,o,n,d,i,t,i,o,n,s,T,y,p,e);
 const XMLCh Conditions::NOTBEFORE_ATTRIB_NAME[] =   UNICODE_LITERAL_9(N,o,t,B,e,f,o,r,e);
 const XMLCh Conditions::NOTONORAFTER_ATTRIB_NAME[] =UNICODE_LITERAL_12(N,o,t,O,n,O,r,A,f,t,e,r);
+const XMLCh Delegate::LOCAL_NAME[] =                UNICODE_LITERAL_8(D,e,l,e,g,a,t,e);
+const XMLCh Delegate::TYPE_NAME[] =                 UNICODE_LITERAL_12(D,e,l,e,g,a,t,e,T,y,p,e);
+const XMLCh Delegate::CONFIRMATIONMETHOD_ATTRIB_NAME[] = UNICODE_LITERAL_18(C,o,n,f,i,r,m,a,t,i,o,n,M,e,t,h,o,d);
+const XMLCh Delegate::DELEGATIONINSTANT_ATTRIB_NAME[] = UNICODE_LITERAL_17(D,e,l,e,g,a,t,i,o,n,I,n,s,t,a,n,t);
+const XMLCh DelegationRestrictionType::LOCAL_NAME[] = UNICODE_LITERAL_9(C,o,n,d,i,t,i,o,n);
+const XMLCh DelegationRestrictionType::TYPE_NAME[] =UNICODE_LITERAL_21(D,e,l,e,g,a,t,i,o,n,R,e,s,t,r,i,c,t,i,o,n);
 const XMLCh EncryptedAssertion::LOCAL_NAME[] =      UNICODE_LITERAL_18(E,n,c,r,y,p,t,e,d,A,s,s,e,r,t,i,o,n);
 const XMLCh EncryptedAttribute::LOCAL_NAME[] =      UNICODE_LITERAL_18(E,n,c,r,y,p,t,e,d,A,t,t,r,i,b,u,t,e);
 const XMLCh EncryptedElementType::LOCAL_NAME[] =    {chNull};
 const XMLCh EncryptedElementType::TYPE_NAME[] =     UNICODE_LITERAL_20(E,n,c,r,y,p,t,e,d,E,l,e,m,e,n,t,T,y,p,e);
-const XMLCh EncryptedID::LOCAL_NAME[] =             UNICODE_LITERAL_11(E,n,c,r,y,p,t,e,d,I,d);
+const XMLCh EncryptedID::LOCAL_NAME[] =             UNICODE_LITERAL_11(E,n,c,r,y,p,t,e,d,I,D);
 const XMLCh Evidence::LOCAL_NAME[] =                UNICODE_LITERAL_8(E,v,i,d,e,n,c,e);
 const XMLCh Evidence::TYPE_NAME[] =                 UNICODE_LITERAL_12(E,v,i,d,e,n,c,e,T,y,p,e);
 const XMLCh Issuer::LOCAL_NAME[] =                  UNICODE_LITERAL_6(I,s,s,u,e,r);
 const XMLCh KeyInfoConfirmationDataType::LOCAL_NAME[] = UNICODE_LITERAL_23(S,u,b,j,e,c,t,C,o,n,f,i,r,m,a,t,i,o,n,D,a,t,a);
 const XMLCh KeyInfoConfirmationDataType::TYPE_NAME[] = UNICODE_LITERAL_27(K,e,y,I,n,f,o,C,o,n,f,i,r,m,a,t,i,o,n,D,a,t,a,T,y,p,e);
-const XMLCh KeyInfoConfirmationDataType::NOTBEFORE_ATTRIB_NAME[] =      UNICODE_LITERAL_9(N,o,t,B,e,f,o,r,e);
-const XMLCh KeyInfoConfirmationDataType::NOTONORAFTER_ATTRIB_NAME[] =   UNICODE_LITERAL_12(N,o,t,O,n,O,r,A,f,t,e,r);
-const XMLCh KeyInfoConfirmationDataType::INRESPONSETO_ATTRIB_NAME[] =   UNICODE_LITERAL_12(I,n,R,e,s,p,o,n,s,e,T,o);
-const XMLCh KeyInfoConfirmationDataType::RECIPIENT_ATTRIB_NAME[] =      UNICODE_LITERAL_9(R,e,c,i,p,i,e,n,t);
-const XMLCh KeyInfoConfirmationDataType::ADDRESS_ATTRIB_NAME[] =        UNICODE_LITERAL_7(A,d,d,r,e,s,s);
 const XMLCh NameID::LOCAL_NAME[] =                  UNICODE_LITERAL_6(N,a,m,e,I,D);
 const XMLCh NameIDType::LOCAL_NAME[] =              {chNull};
 const XMLCh NameIDType::TYPE_NAME[] =               UNICODE_LITERAL_10(N,a,m,e,I,D,T,y,p,e);
@@ -1623,11 +1762,11 @@ const XMLCh SubjectConfirmation::LOCAL_NAME[] =     UNICODE_LITERAL_19(S,u,b,j,e
 const XMLCh SubjectConfirmation::TYPE_NAME[] =      UNICODE_LITERAL_23(S,u,b,j,e,c,t,C,o,n,f,i,r,m,a,t,i,o,n,T,y,p,e);
 const XMLCh SubjectConfirmation::METHOD_ATTRIB_NAME[] = UNICODE_LITERAL_6(M,e,t,h,o,d);
 const XMLCh SubjectConfirmationData::LOCAL_NAME[] = UNICODE_LITERAL_23(S,u,b,j,e,c,t,C,o,n,f,i,r,m,a,t,i,o,n,D,a,t,a);
-const XMLCh SubjectConfirmationData::NOTBEFORE_ATTRIB_NAME[] =      UNICODE_LITERAL_9(N,o,t,B,e,f,o,r,e);
-const XMLCh SubjectConfirmationData::NOTONORAFTER_ATTRIB_NAME[] =   UNICODE_LITERAL_12(N,o,t,O,n,O,r,A,f,t,e,r);
-const XMLCh SubjectConfirmationData::INRESPONSETO_ATTRIB_NAME[] =   UNICODE_LITERAL_12(I,n,R,e,s,p,o,n,s,e,T,o);
-const XMLCh SubjectConfirmationData::RECIPIENT_ATTRIB_NAME[] =      UNICODE_LITERAL_9(R,e,c,i,p,i,e,n,t);
-const XMLCh SubjectConfirmationData::ADDRESS_ATTRIB_NAME[] =        UNICODE_LITERAL_7(A,d,d,r,e,s,s);
+const XMLCh SubjectConfirmationDataType::NOTBEFORE_ATTRIB_NAME[] =      UNICODE_LITERAL_9(N,o,t,B,e,f,o,r,e);
+const XMLCh SubjectConfirmationDataType::NOTONORAFTER_ATTRIB_NAME[] =   UNICODE_LITERAL_12(N,o,t,O,n,O,r,A,f,t,e,r);
+const XMLCh SubjectConfirmationDataType::INRESPONSETO_ATTRIB_NAME[] =   UNICODE_LITERAL_12(I,n,R,e,s,p,o,n,s,e,T,o);
+const XMLCh SubjectConfirmationDataType::RECIPIENT_ATTRIB_NAME[] =      UNICODE_LITERAL_9(R,e,c,i,p,i,e,n,t);
+const XMLCh SubjectConfirmationDataType::ADDRESS_ATTRIB_NAME[] =        UNICODE_LITERAL_7(A,d,d,r,e,s,s);
 const XMLCh SubjectLocality::LOCAL_NAME[] =         UNICODE_LITERAL_15(S,u,b,j,e,c,t,L,o,c,a,l,i,t,y);
 const XMLCh SubjectLocality::TYPE_NAME[] =          UNICODE_LITERAL_19(S,u,b,j,e,c,t,L,o,c,a,l,i,t,y,T,y,p,e);
 const XMLCh SubjectLocality::ADDRESS_ATTRIB_NAME[] =UNICODE_LITERAL_7(A,d,d,r,e,s,s);
@@ -1639,7 +1778,7 @@ const XMLCh NameIDType::UNSPECIFIED[] = // urn:oasis:names:tc:SAML:1.1:nameid-fo
   chLatin_S, chLatin_A, chLatin_M, chLatin_L, chColon, chDigit_1, chPeriod, chDigit_1, chColon,
   chLatin_n, chLatin_a, chLatin_m, chLatin_e, chLatin_i, chLatin_d, chDash,
   chLatin_f, chLatin_o, chLatin_r, chLatin_m, chLatin_a, chLatin_t, chColon,
-  chLatin_u, chLatin_n, chLatin_s, chLatin_p, chLatin_e, chLatin_c, chLatin_i, chLatin_f, chLatin_i, chLatin_e, chLatin_d, chLatin_d, chNull
+  chLatin_u, chLatin_n, chLatin_s, chLatin_p, chLatin_e, chLatin_c, chLatin_i, chLatin_f, chLatin_i, chLatin_e, chLatin_d, chNull
 };
 
 const XMLCh NameIDType::EMAIL[] = // urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
@@ -1771,7 +1910,7 @@ const XMLCh Attribute::UNSPECIFIED[] = // urn:oasis:names:tc:SAML:2.0:attrname-f
   chLatin_S, chLatin_A, chLatin_M, chLatin_L, chColon, chDigit_2, chPeriod, chDigit_0, chColon,
   chLatin_a, chLatin_t, chLatin_t, chLatin_r, chLatin_n, chLatin_a, chLatin_m, chLatin_e, chDash,
   chLatin_f, chLatin_o, chLatin_r, chLatin_m, chLatin_a, chLatin_t, chColon,
-  chLatin_u, chLatin_n, chLatin_s, chLatin_p, chLatin_e, chLatin_c, chLatin_i, chLatin_f, chLatin_i, chLatin_e, chLatin_d, chLatin_d, chNull
+  chLatin_u, chLatin_n, chLatin_s, chLatin_p, chLatin_e, chLatin_c, chLatin_i, chLatin_f, chLatin_i, chLatin_e, chLatin_d, chNull
 };
 
 const XMLCh Attribute::URI_REFERENCE[] = // urn:oasis:names:tc:SAML:2.0:attrname-format:uri