<pathentry kind="src" path="saml/signature"/>\r
<pathentry kind="src" path="saml/util"/>\r
<pathentry kind="src" path="samltest/signature"/>\r
-<pathentry excluding="saml1/core/impl/|signature/" kind="src" path="samltest"/>\r
+<pathentry excluding="saml1/core/impl/|signature/|saml2/core/impl/|saml2/metadata/" kind="src" path="samltest"/>\r
<pathentry kind="src" path="samltest/saml1/core/impl"/>\r
+<pathentry kind="src" path="samltest/saml2/core/impl"/>\r
+<pathentry kind="src" path="samltest/saml2/metadata"/>\r
</item>\r
</data>\r
</cdtproject>\r
saml2/core/Protocols.h
saml2mdinclude_HEADERS = \
- saml2/metadata/Metadata.h
-# saml2/metadata/MetadataFilter.h \
-# saml2/metadata/MetadataProvider.h \
-# saml2/metadata/MetadataResolver.h
+ saml2/metadata/Metadata.h
+ saml2/metadata/MetadataFilter.h \
+ saml2/metadata/MetadataProvider.h
noinst_HEADERS = \
internal.h
saml2/core/impl/Assertions20SchemaValidators.cpp \
saml2/core/impl/Protocols20Impl.cpp \
saml2/core/impl/Protocols20SchemaValidators.cpp \
+ saml2/metadata/impl/FilesystemMetadataProvider.cpp \
saml2/metadata/impl/MetadataImpl.cpp \
+ saml2/metadata/impl/MetadataProvider.cpp \
saml2/metadata/impl/MetadataSchemaValidators.cpp \
signature/ContentReference.cpp \
signature/SignatureProfileValidator.cpp \
saml2::registerAssertionClasses();
saml2p::registerProtocolClasses();
saml2md::registerMetadataClasses();
+ saml2md::registerMetadataProviders();
log.info("library initialization complete");
return true;
#define __saml_config_h__\r
\r
#include <saml/base.h>\r
+#include <saml/saml2/metadata/MetadataProvider.h>\r
+\r
+#include <xmltooling/PluginManager.h>\r
#include <xmltooling/unicode.h>\r
#include <xmltooling/XMLToolingConfig.h>\r
\r
* @return a valid null-terminated XML ID\r
*/\r
virtual XMLCh* generateIdentifier()=0;\r
+ \r
+ /**\r
+ * Manages factories for MetadataProvider plugins.\r
+ */\r
+ xmltooling::PluginManager<saml2md::MetadataProvider,const DOMElement*> MetadataProviderManager;\r
+ \r
+ /**\r
+ * Manages factories for MetadataFilter plugins.\r
+ */\r
+ xmltooling::PluginManager<saml2md::MetadataFilter,const DOMElement*> MetadataFilterManager;\r
\r
protected:\r
SAMLConfig() {}\r
RelativePath=".\saml2\core\impl\Assertions20SchemaValidators.cpp"\r
>\r
</File>\r
+ <File\r
+ RelativePath=".\saml2\core\impl\Protocols20Impl.cpp"\r
+ >\r
+ </File>\r
+ <File\r
+ RelativePath=".\saml2\core\impl\Protocols20SchemaValidators.cpp"\r
+ >\r
+ </File>\r
</Filter>\r
</Filter>\r
<Filter\r
Name="impl"\r
>\r
<File\r
+ RelativePath=".\saml2\metadata\impl\FilesystemMetadataProvider.cpp"\r
+ >\r
+ </File>\r
+ <File\r
RelativePath=".\saml2\metadata\impl\MetadataImpl.cpp"\r
>\r
</File>\r
<File\r
+ RelativePath=".\saml2\metadata\impl\MetadataProvider.cpp"\r
+ >\r
+ </File>\r
+ <File\r
RelativePath=".\saml2\metadata\impl\MetadataSchemaValidators.cpp"\r
>\r
</File>\r
RelativePath=".\saml2\metadata\Metadata.h"\r
>\r
</File>\r
+ <File\r
+ RelativePath=".\saml2\metadata\MetadataFilter.h"\r
+ >\r
+ </File>\r
+ <File\r
+ RelativePath=".\saml2\metadata\MetadataProvider.h"\r
+ >\r
+ </File>\r
</Filter>\r
</Filter>\r
<Filter\r
#include <xmltooling/signature/KeyInfo.h>
#include <xmltooling/signature/Signature.h>
#include <xmltooling/util/DateTime.h>
-#include <xmltooling/validation/ValidatingXMLObject.h>
#include <xmltooling/validation/ValidatorSuite.h>
#define DECL_SAML1OBJECTBUILDER(cname) \
#include <xmltooling/io/AbstractXMLObjectMarshaller.h>
#include <xmltooling/io/AbstractXMLObjectUnmarshaller.h>
#include <xmltooling/util/XMLHelper.h>
-#include <xmltooling/validation/AbstractValidatingXMLObject.h>
#include <ctime>
#include <xercesc/util/XMLUniDefs.hpp>
class SAML_DLLLOCAL AudienceRestrictionConditionImpl : public virtual AudienceRestrictionCondition,
public AbstractComplexElement,
public AbstractDOMCachingXMLObject,
- public AbstractValidatingXMLObject,
public AbstractXMLObjectMarshaller,
public AbstractXMLObjectUnmarshaller
{
}
AudienceRestrictionConditionImpl(const AudienceRestrictionConditionImpl& src)
- : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src), AbstractValidatingXMLObject(src) {
+ : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src) {
VectorOf(Audience) v=getAudiences();
for (vector<Audience*>::const_iterator i=src.m_Audiences.begin(); i!=src.m_Audiences.end(); i++) {
if (*i) {
class SAML_DLLLOCAL DoNotCacheConditionImpl : public virtual DoNotCacheCondition,
public AbstractChildlessElement,
public AbstractDOMCachingXMLObject,
- public AbstractValidatingXMLObject,
public AbstractXMLObjectMarshaller,
public AbstractXMLObjectUnmarshaller
{
: AbstractXMLObject(nsURI, localName, prefix, schemaType) {
}
- DoNotCacheConditionImpl(const DoNotCacheConditionImpl& src)
- : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src), AbstractValidatingXMLObject(src) {
+ DoNotCacheConditionImpl(const DoNotCacheConditionImpl& src) : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src) {
}
IMPL_XMLOBJECT_CLONE(DoNotCacheCondition);
class SAML_DLLLOCAL ConditionsImpl : public virtual Conditions,
public AbstractComplexElement,
public AbstractDOMCachingXMLObject,
- public AbstractValidatingXMLObject,
public AbstractXMLObjectMarshaller,
public AbstractXMLObjectUnmarshaller
{
init();
}
- ConditionsImpl(const ConditionsImpl& src)
- : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src), AbstractValidatingXMLObject(src) {
+ ConditionsImpl(const ConditionsImpl& src) : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src) {
init();
setNotBefore(src.getNotBefore());
setNotOnOrAfter(src.getNotOnOrAfter());
public AbstractSimpleElement,
public AbstractChildlessElement,
public AbstractDOMCachingXMLObject,
- public AbstractValidatingXMLObject,
public AbstractXMLObjectMarshaller,
public AbstractXMLObjectUnmarshaller
{
}
NameIdentifierImpl(const NameIdentifierImpl& src)
- : AbstractXMLObject(src), AbstractSimpleElement(src),
- AbstractDOMCachingXMLObject(src), AbstractValidatingXMLObject(src) {
+ : AbstractXMLObject(src), AbstractSimpleElement(src), AbstractDOMCachingXMLObject(src) {
init();
setFormat(src.getFormat());
setNameQualifier(src.getNameQualifier());
}
};
- class SAML_DLLLOCAL SubjectConfirmationDataImpl
- : public virtual SubjectConfirmationData, public AnyElementImpl, public AbstractValidatingXMLObject
+ class SAML_DLLLOCAL SubjectConfirmationDataImpl : public virtual SubjectConfirmationData, public AnyElementImpl
{
public:
virtual ~SubjectConfirmationDataImpl() {}
}
SubjectConfirmationDataImpl(const SubjectConfirmationDataImpl& src)
- : AnyElementImpl(src), AbstractValidatingXMLObject(src) {
+ : AnyElementImpl(src) {
}
IMPL_XMLOBJECT_CLONE(SubjectConfirmationData);
class SAML_DLLLOCAL SubjectConfirmationImpl : public virtual SubjectConfirmation,
public AbstractComplexElement,
public AbstractDOMCachingXMLObject,
- public AbstractValidatingXMLObject,
public AbstractXMLObjectMarshaller,
public AbstractXMLObjectUnmarshaller
{
init();
}
- SubjectConfirmationImpl(const SubjectConfirmationImpl& src)
- : AbstractXMLObject(src),
- AbstractDOMCachingXMLObject(src),
- AbstractValidatingXMLObject(src) {
+ SubjectConfirmationImpl(const SubjectConfirmationImpl& src) : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src) {
init();
if (src.getSubjectConfirmationData())
setSubjectConfirmationData(src.getSubjectConfirmationData()->clone());
class SAML_DLLLOCAL SubjectImpl : public virtual Subject,
public AbstractComplexElement,
public AbstractDOMCachingXMLObject,
- public AbstractValidatingXMLObject,
public AbstractXMLObjectMarshaller,
public AbstractXMLObjectUnmarshaller
{
init();
}
- SubjectImpl(const SubjectImpl& src)
- : AbstractXMLObject(src),
- AbstractDOMCachingXMLObject(src),
- AbstractValidatingXMLObject(src) {
+ SubjectImpl(const SubjectImpl& src) : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src) {
init();
if (src.getNameIdentifier())
setNameIdentifier(src.getNameIdentifier()->cloneNameIdentifier());
class SAML_DLLLOCAL SubjectStatementImpl : public virtual SubjectStatement,
public AbstractComplexElement,
public AbstractDOMCachingXMLObject,
- public AbstractValidatingXMLObject,
public AbstractXMLObjectMarshaller,
public AbstractXMLObjectUnmarshaller
{
init();
}
- SubjectStatementImpl(const SubjectStatementImpl& src)
- : AbstractXMLObject(src),
- AbstractDOMCachingXMLObject(src),
- AbstractValidatingXMLObject(src) {
+ SubjectStatementImpl(const SubjectStatementImpl& src) : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src) {
init();
if (src.getSubject())
setSubject(src.getSubject()->cloneSubject());
class SAML_DLLLOCAL SubjectLocalityImpl : public virtual SubjectLocality,
public AbstractChildlessElement,
public AbstractDOMCachingXMLObject,
- public AbstractValidatingXMLObject,
public AbstractXMLObjectMarshaller,
public AbstractXMLObjectUnmarshaller
{
init();
}
- SubjectLocalityImpl(const SubjectLocalityImpl& src)
- : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src), AbstractValidatingXMLObject(src) {
+ SubjectLocalityImpl(const SubjectLocalityImpl& src) : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src) {
init();
setIPAddress(src.getIPAddress());
setDNSAddress(src.getDNSAddress());
class SAML_DLLLOCAL AuthorityBindingImpl : public virtual AuthorityBinding,
public AbstractChildlessElement,
public AbstractDOMCachingXMLObject,
- public AbstractValidatingXMLObject,
public AbstractXMLObjectMarshaller,
public AbstractXMLObjectUnmarshaller
{
init();
}
- AuthorityBindingImpl(const AuthorityBindingImpl& src)
- : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src), AbstractValidatingXMLObject(src) {
+ AuthorityBindingImpl(const AuthorityBindingImpl& src) : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src) {
init();
setAuthorityKind(src.getAuthorityKind());
setLocation(src.getLocation());
init();
}
- AuthenticationStatementImpl(const AuthenticationStatementImpl& src)
- : AbstractXMLObject(src), SubjectStatementImpl(src) {
+ AuthenticationStatementImpl(const AuthenticationStatementImpl& src) : AbstractXMLObject(src), SubjectStatementImpl(src) {
init();
setAuthenticationMethod(src.getAuthenticationMethod());
setAuthenticationInstant(src.getAuthenticationInstant());
public AbstractSimpleElement,
public AbstractChildlessElement,
public AbstractDOMCachingXMLObject,
- public AbstractValidatingXMLObject,
public AbstractXMLObjectMarshaller,
public AbstractXMLObjectUnmarshaller
{
: AbstractXMLObject(nsURI, localName, prefix, schemaType), m_Namespace(NULL) {
}
- ActionImpl(const ActionImpl& src)
- : AbstractXMLObject(src), AbstractSimpleElement(src),
- AbstractDOMCachingXMLObject(src), AbstractValidatingXMLObject(src) {
+ ActionImpl(const ActionImpl& src) : AbstractXMLObject(src), AbstractSimpleElement(src), AbstractDOMCachingXMLObject(src) {
setNamespace(src.getNamespace());
}
class SAML_DLLLOCAL EvidenceImpl : public virtual Evidence,
public AbstractComplexElement,
public AbstractDOMCachingXMLObject,
- public AbstractValidatingXMLObject,
public AbstractXMLObjectMarshaller,
public AbstractXMLObjectUnmarshaller
{
: AbstractXMLObject(nsURI, localName, prefix, schemaType) {
}
- EvidenceImpl(const EvidenceImpl& src)
- : AbstractXMLObject(src),
- AbstractDOMCachingXMLObject(src),
- AbstractValidatingXMLObject(src) {
+ EvidenceImpl(const EvidenceImpl& src) : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src) {
for (list<XMLObject*>::const_iterator i=src.m_children.begin(); i!=src.m_children.end(); i++) {
if (*i) {
class SAML_DLLLOCAL AttributeDesignatorImpl : public virtual AttributeDesignator,
public AbstractChildlessElement,
public AbstractDOMCachingXMLObject,
- public AbstractValidatingXMLObject,
public AbstractXMLObjectMarshaller,
public AbstractXMLObjectUnmarshaller
{
init();
}
- AttributeDesignatorImpl(const AttributeDesignatorImpl& src)
- : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src), AbstractValidatingXMLObject(src) {
+ AttributeDesignatorImpl(const AttributeDesignatorImpl& src) : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src) {
init();
setAttributeName(src.getAttributeName());
setAttributeNamespace(src.getAttributeNamespace());
class SAML_DLLLOCAL AttributeImpl : public virtual Attribute,
public AbstractComplexElement,
public AbstractDOMCachingXMLObject,
- public AbstractValidatingXMLObject,
public AbstractXMLObjectMarshaller,
public AbstractXMLObjectUnmarshaller
{
init();
}
- AttributeImpl(const AttributeImpl& src)
- : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src), AbstractValidatingXMLObject(src) {
+ AttributeImpl(const AttributeImpl& src) : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src) {
init();
setAttributeName(src.getAttributeName());
setAttributeNamespace(src.getAttributeNamespace());
}
};
- class SAML_DLLLOCAL AttributeValueImpl
- : public virtual AttributeValue, public AnyElementImpl, public AbstractValidatingXMLObject
+ class SAML_DLLLOCAL AttributeValueImpl : public virtual AttributeValue, public AnyElementImpl
{
public:
virtual ~AttributeValueImpl() {}
: AbstractXMLObject(nsURI, localName, prefix, schemaType) {
}
- AttributeValueImpl(const AttributeValueImpl& src) : AnyElementImpl(src), AbstractValidatingXMLObject(src) {}
+ AttributeValueImpl(const AttributeValueImpl& src) : AnyElementImpl(src) {}
IMPL_XMLOBJECT_CLONE(AttributeValue);
};
class SAML_DLLLOCAL AdviceImpl : public virtual Advice,
public AbstractComplexElement,
public AbstractDOMCachingXMLObject,
- public AbstractValidatingXMLObject,
public AbstractXMLObjectMarshaller,
public AbstractXMLObjectUnmarshaller
{
: AbstractXMLObject(nsURI, localName, prefix, schemaType) {
}
- AdviceImpl(const AdviceImpl& src)
- : AbstractXMLObject(src),
- AbstractDOMCachingXMLObject(src),
- AbstractValidatingXMLObject(src) {
+ AdviceImpl(const AdviceImpl& src) : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src) {
for (list<XMLObject*>::const_iterator i=src.m_children.begin(); i!=src.m_children.end(); i++) {
if (*i) {
class SAML_DLLLOCAL AssertionImpl : public virtual Assertion,
public AbstractComplexElement,
public AbstractDOMCachingXMLObject,
- public AbstractValidatingXMLObject,
public AbstractXMLObjectMarshaller,
public AbstractXMLObjectUnmarshaller
{
init();
}
- AssertionImpl(const AssertionImpl& src)
- : AbstractXMLObject(src),
- AbstractDOMCachingXMLObject(src),
- AbstractValidatingXMLObject(src) {
+ AssertionImpl(const AssertionImpl& src) : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src) {
init();
setMinorVersion(src.m_MinorVersion);
setAssertionID(src.getAssertionID());
#include <xmltooling/io/AbstractXMLObjectMarshaller.h>
#include <xmltooling/io/AbstractXMLObjectUnmarshaller.h>
#include <xmltooling/util/XMLHelper.h>
-#include <xmltooling/validation/AbstractValidatingXMLObject.h>
#include <ctime>
#include <xercesc/util/XMLUniDefs.hpp>
protected AbstractSimpleElement,
public AbstractChildlessElement,
public AbstractDOMCachingXMLObject,
- public AbstractValidatingXMLObject,
public AbstractXMLObjectMarshaller,
public AbstractXMLObjectUnmarshaller
{
}
RespondWithImpl(const RespondWithImpl& src)
- : AbstractXMLObject(src),
- AbstractSimpleElement(src),
- AbstractDOMCachingXMLObject(src),
- AbstractValidatingXMLObject(src), m_qname(NULL) {
+ : AbstractXMLObject(src), AbstractSimpleElement(src), AbstractDOMCachingXMLObject(src), m_qname(NULL) {
setQName(src.getQName());
}
class SAML_DLLLOCAL SubjectQueryImpl : public virtual SubjectQuery,
public AbstractComplexElement,
public AbstractDOMCachingXMLObject,
- public AbstractValidatingXMLObject,
public AbstractXMLObjectMarshaller,
public AbstractXMLObjectUnmarshaller
{
init();
}
- SubjectQueryImpl(const SubjectQueryImpl& src)
- : AbstractXMLObject(src),
- AbstractDOMCachingXMLObject(src),
- AbstractValidatingXMLObject(src) {
+ SubjectQueryImpl(const SubjectQueryImpl& src) : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src) {
init();
if (src.getSubject())
setSubject(src.getSubject()->cloneSubject());
init();
}
- AuthenticationQueryImpl(const AuthenticationQueryImpl& src)
- : AbstractXMLObject(src), SubjectQueryImpl(src) {
+ AuthenticationQueryImpl(const AuthenticationQueryImpl& src) : AbstractXMLObject(src), SubjectQueryImpl(src) {
init();
setAuthenticationMethod(src.getAuthenticationMethod());
}
init();
}
- AttributeQueryImpl(const AttributeQueryImpl& src)
- : AbstractXMLObject(src), SubjectQueryImpl(src) {
+ AttributeQueryImpl(const AttributeQueryImpl& src) : AbstractXMLObject(src), SubjectQueryImpl(src) {
init();
setResource(src.getResource());
VectorOf(AttributeDesignator) v=getAttributeDesignators();
init();
}
- AuthorizationDecisionQueryImpl(const AuthorizationDecisionQueryImpl& src)
- : AbstractXMLObject(src), SubjectQueryImpl(src) {
+ AuthorizationDecisionQueryImpl(const AuthorizationDecisionQueryImpl& src) : AbstractXMLObject(src), SubjectQueryImpl(src) {
init();
setResource(src.getResource());
if (src.getEvidence())
class SAML_DLLLOCAL RequestAbstractTypeImpl : public virtual RequestAbstractType,
public AbstractComplexElement,
public AbstractDOMCachingXMLObject,
- public AbstractValidatingXMLObject,
public AbstractXMLObjectMarshaller,
public AbstractXMLObjectUnmarshaller
{
init();
}
- RequestAbstractTypeImpl(const RequestAbstractTypeImpl& src)
- : AbstractXMLObject(src),
- AbstractDOMCachingXMLObject(src),
- AbstractValidatingXMLObject(src) {
+ RequestAbstractTypeImpl(const RequestAbstractTypeImpl& src) : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src) {
init();
setMinorVersion(src.m_MinorVersion);
setRequestID(src.getRequestID());
init();
}
- RequestImpl(const RequestImpl& src)
- : AbstractXMLObject(src), RequestAbstractTypeImpl(src) {
+ RequestImpl(const RequestImpl& src) : AbstractXMLObject(src), RequestAbstractTypeImpl(src) {
init();
if (src.getQuery())
setQuery(src.getQuery()->cloneQuery());
class SAML_DLLLOCAL StatusCodeImpl : public virtual StatusCode,
public AbstractComplexElement,
public AbstractDOMCachingXMLObject,
- public AbstractValidatingXMLObject,
public AbstractXMLObjectMarshaller,
public AbstractXMLObjectUnmarshaller
{
init();
}
- StatusCodeImpl(const StatusCodeImpl& src)
- : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src), AbstractValidatingXMLObject(src) {
+ StatusCodeImpl(const StatusCodeImpl& src) : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src) {
init();
setValue(src.getValue());
if (src.getStatusCode())
class SAML_DLLLOCAL StatusDetailImpl : public virtual StatusDetail,
public AbstractComplexElement,
public AbstractDOMCachingXMLObject,
- public AbstractValidatingXMLObject,
public AbstractXMLObjectMarshaller,
public AbstractXMLObjectUnmarshaller
{
: AbstractXMLObject(nsURI, localName, prefix, schemaType) {
}
- StatusDetailImpl(const StatusDetailImpl& src)
- : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src), AbstractValidatingXMLObject(src) {
+ StatusDetailImpl(const StatusDetailImpl& src) : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src) {
VectorOf(XMLObject) v=getDetails();
for (vector<XMLObject*>::const_iterator i=src.m_Details.begin(); i!=src.m_Details.end(); i++) {
if (*i) {
class SAML_DLLLOCAL StatusImpl : public virtual Status,
public AbstractComplexElement,
public AbstractDOMCachingXMLObject,
- public AbstractValidatingXMLObject,
public AbstractXMLObjectMarshaller,
public AbstractXMLObjectUnmarshaller
{
init();
}
- StatusImpl(const StatusImpl& src)
- : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src), AbstractValidatingXMLObject(src) {
+ StatusImpl(const StatusImpl& src) : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src) {
init();
if (src.getStatusCode())
setStatusCode(src.getStatusCode()->cloneStatusCode());
class SAML_DLLLOCAL ResponseAbstractTypeImpl : public virtual ResponseAbstractType,
public AbstractComplexElement,
public AbstractDOMCachingXMLObject,
- public AbstractValidatingXMLObject,
public AbstractXMLObjectMarshaller,
public AbstractXMLObjectUnmarshaller
{
init();
}
- ResponseAbstractTypeImpl(const ResponseAbstractTypeImpl& src)
- : AbstractXMLObject(src),
- AbstractDOMCachingXMLObject(src),
- AbstractValidatingXMLObject(src) {
+ ResponseAbstractTypeImpl(const ResponseAbstractTypeImpl& src) : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src) {
init();
setMinorVersion(src.m_MinorVersion);
setResponseID(src.getResponseID());
init();
}
- ResponseImpl(const ResponseImpl& src)
- : AbstractXMLObject(src), ResponseAbstractTypeImpl(src) {
+ ResponseImpl(const ResponseImpl& src) : AbstractXMLObject(src), ResponseAbstractTypeImpl(src) {
init();
if (src.getStatus())
setStatus(src.getStatus()->cloneStatus());
#include <xmltooling/signature/KeyResolver.h>
#include <xmltooling/signature/Signature.h>
#include <xmltooling/util/DateTime.h>
-#include <xmltooling/validation/ValidatingXMLObject.h>
#include <xmltooling/validation/ValidatorSuite.h>
#define DECL_SAML2OBJECTBUILDER(cname) \
#include <xmltooling/io/AbstractXMLObjectMarshaller.h>
#include <xmltooling/io/AbstractXMLObjectUnmarshaller.h>
#include <xmltooling/util/XMLHelper.h>
-#include <xmltooling/validation/AbstractValidatingXMLObject.h>
#include <ctime>
#include <xercesc/util/XMLUniDefs.hpp>
public AbstractSimpleElement,
public AbstractChildlessElement,
public AbstractDOMCachingXMLObject,
- public AbstractValidatingXMLObject,
public AbstractXMLObjectMarshaller,
public AbstractXMLObjectUnmarshaller
{
}
NameIDTypeImpl(const NameIDTypeImpl& src)
- : AbstractXMLObject(src), AbstractSimpleElement(src),
- AbstractDOMCachingXMLObject(src), AbstractValidatingXMLObject(src) {
+ : AbstractXMLObject(src), AbstractSimpleElement(src), AbstractDOMCachingXMLObject(src) {
init();
setNameQualifier(src.getNameQualifier());
setSPNameQualifier(src.getSPNameQualifier());
class SAML_DLLLOCAL EncryptedElementTypeImpl : public virtual EncryptedElementType,
public AbstractComplexElement,
public AbstractDOMCachingXMLObject,
- public AbstractValidatingXMLObject,
public AbstractXMLObjectMarshaller,
public AbstractXMLObjectUnmarshaller
{
}
EncryptedElementTypeImpl(const EncryptedElementTypeImpl& src)
- : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src), AbstractValidatingXMLObject(src) {
+ : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src) {
init();
if (src.getEncryptedData())
setEncryptedData(src.getEncryptedData()->cloneEncryptedData());
class SAML_DLLLOCAL AudienceRestrictionImpl : public virtual AudienceRestriction,
public AbstractComplexElement,
public AbstractDOMCachingXMLObject,
- public AbstractValidatingXMLObject,
public AbstractXMLObjectMarshaller,
public AbstractXMLObjectUnmarshaller
{
: AbstractXMLObject(nsURI, localName, prefix, schemaType) {
}
- AudienceRestrictionImpl(const AudienceRestrictionImpl& src)
- : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src), AbstractValidatingXMLObject(src) {
+ AudienceRestrictionImpl(const AudienceRestrictionImpl& src) : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src) {
VectorOf(Audience) v=getAudiences();
for (vector<Audience*>::const_iterator i=src.m_Audiences.begin(); i!=src.m_Audiences.end(); i++) {
if (*i) {
class SAML_DLLLOCAL OneTimeUseImpl : public virtual OneTimeUse,
public AbstractChildlessElement,
public AbstractDOMCachingXMLObject,
- public AbstractValidatingXMLObject,
public AbstractXMLObjectMarshaller,
public AbstractXMLObjectUnmarshaller
{
: AbstractXMLObject(nsURI, localName, prefix, schemaType) {
}
- OneTimeUseImpl(const OneTimeUseImpl& src)
- : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src), AbstractValidatingXMLObject(src) {
+ OneTimeUseImpl(const OneTimeUseImpl& src) : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src) {
}
IMPL_XMLOBJECT_CLONE(OneTimeUse);
class SAML_DLLLOCAL ProxyRestrictionImpl : public virtual ProxyRestriction,
public AbstractComplexElement,
public AbstractDOMCachingXMLObject,
- public AbstractValidatingXMLObject,
public AbstractXMLObjectMarshaller,
public AbstractXMLObjectUnmarshaller
{
m_Count=NULL;
}
- ProxyRestrictionImpl(const ProxyRestrictionImpl& src)
- : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src), AbstractValidatingXMLObject(src) {
+ ProxyRestrictionImpl(const ProxyRestrictionImpl& src) : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src) {
setCount(src.m_Count);
VectorOf(Audience) v=getAudiences();
for (vector<Audience*>::const_iterator i=src.m_Audiences.begin(); i!=src.m_Audiences.end(); i++) {
class SAML_DLLLOCAL ConditionsImpl : public virtual Conditions,
public AbstractComplexElement,
public AbstractDOMCachingXMLObject,
- public AbstractValidatingXMLObject,
public AbstractXMLObjectMarshaller,
public AbstractXMLObjectUnmarshaller
{
init();
}
- ConditionsImpl(const ConditionsImpl& src)
- : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src), AbstractValidatingXMLObject(src) {
+ ConditionsImpl(const ConditionsImpl& src) : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src) {
init();
setNotBefore(src.getNotBefore());
setNotOnOrAfter(src.getNotOnOrAfter());
}
};
- class SAML_DLLLOCAL SubjectConfirmationDataImpl
- : public virtual SubjectConfirmationData, public AnyElementImpl, public AbstractValidatingXMLObject
+ class SAML_DLLLOCAL SubjectConfirmationDataImpl : public virtual SubjectConfirmationData, public AnyElementImpl
{
void init() {
m_NotBefore=m_NotOnOrAfter=NULL;
init();
}
- SubjectConfirmationDataImpl(const SubjectConfirmationDataImpl& src)
- : AnyElementImpl(src), AbstractValidatingXMLObject(src) {
+ SubjectConfirmationDataImpl(const SubjectConfirmationDataImpl& src) : AnyElementImpl(src) {
init();
setNotBefore(src.getNotBefore());
setNotOnOrAfter(src.getNotOnOrAfter());
};
class SAML_DLLLOCAL KeyInfoConfirmationDataTypeImpl : public virtual KeyInfoConfirmationDataType,
- public AbstractDOMCachingXMLObject,
public AbstractComplexElement,
public AbstractAttributeExtensibleXMLObject,
+ public AbstractDOMCachingXMLObject,
public AbstractXMLObjectMarshaller,
- public AbstractXMLObjectUnmarshaller,
- public AbstractValidatingXMLObject
+ public AbstractXMLObjectUnmarshaller
{
void init() {
m_NotBefore=m_NotOnOrAfter=NULL;
}
KeyInfoConfirmationDataTypeImpl(const KeyInfoConfirmationDataTypeImpl& src)
- : AbstractXMLObject(src),
- AbstractDOMCachingXMLObject(src),
- AbstractAttributeExtensibleXMLObject(src),
- AbstractValidatingXMLObject(src) {
+ : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src), AbstractAttributeExtensibleXMLObject(src) {
init();
setNotBefore(src.getNotBefore());
setNotOnOrAfter(src.getNotOnOrAfter());
class SAML_DLLLOCAL SubjectConfirmationImpl : public virtual SubjectConfirmation,
public AbstractComplexElement,
public AbstractDOMCachingXMLObject,
- public AbstractValidatingXMLObject,
public AbstractXMLObjectMarshaller,
public AbstractXMLObjectUnmarshaller
{
init();
}
- SubjectConfirmationImpl(const SubjectConfirmationImpl& src)
- : AbstractXMLObject(src),
- AbstractDOMCachingXMLObject(src),
- AbstractValidatingXMLObject(src) {
+ SubjectConfirmationImpl(const SubjectConfirmationImpl& src) : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src) {
init();
setMethod(src.getMethod());
if (src.getBaseID())
class SAML_DLLLOCAL SubjectImpl : public virtual Subject,
public AbstractComplexElement,
public AbstractDOMCachingXMLObject,
- public AbstractValidatingXMLObject,
public AbstractXMLObjectMarshaller,
public AbstractXMLObjectUnmarshaller
{
init();
}
- SubjectImpl(const SubjectImpl& src)
- : AbstractXMLObject(src),
- AbstractDOMCachingXMLObject(src),
- AbstractValidatingXMLObject(src) {
+ SubjectImpl(const SubjectImpl& src) : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src) {
init();
if (src.getBaseID())
setBaseID(src.getBaseID()->cloneBaseID());
class SAML_DLLLOCAL SubjectLocalityImpl : public virtual SubjectLocality,
public AbstractChildlessElement,
public AbstractDOMCachingXMLObject,
- public AbstractValidatingXMLObject,
public AbstractXMLObjectMarshaller,
public AbstractXMLObjectUnmarshaller
{
init();
}
- SubjectLocalityImpl(const SubjectLocalityImpl& src)
- : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src), AbstractValidatingXMLObject(src) {
+ SubjectLocalityImpl(const SubjectLocalityImpl& src) : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src) {
init();
setAddress(src.getAddress());
setDNSName(src.getDNSName());
}
};
- class SAML_DLLLOCAL AuthnContextDeclImpl
- : public virtual AuthnContextDecl, public AnyElementImpl, public AbstractValidatingXMLObject
+ class SAML_DLLLOCAL AuthnContextDeclImpl : public virtual AuthnContextDecl, public AnyElementImpl
{
public:
virtual ~AuthnContextDeclImpl() {}
: AbstractXMLObject(nsURI, localName, prefix, schemaType) {
}
- AuthnContextDeclImpl(const AuthnContextDeclImpl& src) : AnyElementImpl(src), AbstractValidatingXMLObject(src) {}
+ AuthnContextDeclImpl(const AuthnContextDeclImpl& src) : AnyElementImpl(src) {
+ }
IMPL_XMLOBJECT_CLONE(AuthnContextDecl);
};
class SAML_DLLLOCAL AuthnContextImpl : public virtual AuthnContext,
public AbstractComplexElement,
public AbstractDOMCachingXMLObject,
- public AbstractValidatingXMLObject,
public AbstractXMLObjectMarshaller,
public AbstractXMLObjectUnmarshaller
{
init();
}
- AuthnContextImpl(const AuthnContextImpl& src)
- : AbstractXMLObject(src),
- AbstractDOMCachingXMLObject(src),
- AbstractValidatingXMLObject(src) {
+ AuthnContextImpl(const AuthnContextImpl& src) : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src) {
init();
if (src.getAuthnContextClassRef())
setAuthnContextClassRef(src.getAuthnContextClassRef()->cloneAuthnContextClassRef());
class SAML_DLLLOCAL AuthnStatementImpl : public virtual AuthnStatement,
public AbstractComplexElement,
public AbstractDOMCachingXMLObject,
- public AbstractValidatingXMLObject,
public AbstractXMLObjectMarshaller,
public AbstractXMLObjectUnmarshaller
{
init();
}
- AuthnStatementImpl(const AuthnStatementImpl& src)
- : AbstractXMLObject(src),
- AbstractDOMCachingXMLObject(src),
- AbstractValidatingXMLObject(src) {
+ AuthnStatementImpl(const AuthnStatementImpl& src) : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src) {
init();
setAuthnInstant(src.getAuthnInstant());
setSessionIndex(src.getSessionIndex());
public AbstractSimpleElement,
public AbstractChildlessElement,
public AbstractDOMCachingXMLObject,
- public AbstractValidatingXMLObject,
public AbstractXMLObjectMarshaller,
public AbstractXMLObjectUnmarshaller
{
: AbstractXMLObject(nsURI, localName, prefix, schemaType), m_Namespace(NULL) {
}
- ActionImpl(const ActionImpl& src) : AbstractXMLObject(src),
- AbstractSimpleElement(src),
- AbstractDOMCachingXMLObject(src),
- AbstractValidatingXMLObject(src) {
+ ActionImpl(const ActionImpl& src)
+ : AbstractXMLObject(src), AbstractSimpleElement(src), AbstractDOMCachingXMLObject(src) {
setNamespace(src.getNamespace());
}
class SAML_DLLLOCAL EvidenceImpl : public virtual Evidence,
public AbstractComplexElement,
public AbstractDOMCachingXMLObject,
- public AbstractValidatingXMLObject,
public AbstractXMLObjectMarshaller,
public AbstractXMLObjectUnmarshaller
{
: AbstractXMLObject(nsURI, localName, prefix, schemaType) {
}
- EvidenceImpl(const EvidenceImpl& src)
- : AbstractXMLObject(src),
- AbstractDOMCachingXMLObject(src),
- AbstractValidatingXMLObject(src) {
+ EvidenceImpl(const EvidenceImpl& src) : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src) {
for (list<XMLObject*>::const_iterator i=src.m_children.begin(); i!=src.m_children.end(); i++) {
if (*i) {
AssertionIDRef* ref=dynamic_cast<AssertionIDRef*>(*i);
class SAML_DLLLOCAL AuthzDecisionStatementImpl : public virtual AuthzDecisionStatement,
public AbstractComplexElement,
public AbstractDOMCachingXMLObject,
- public AbstractValidatingXMLObject,
public AbstractXMLObjectMarshaller,
public AbstractXMLObjectUnmarshaller
{
}
AuthzDecisionStatementImpl(const AuthzDecisionStatementImpl& src)
- : AbstractXMLObject(src),
- AbstractDOMCachingXMLObject(src),
- AbstractValidatingXMLObject(src) {
+ : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src) {
init();
setResource(src.getResource());
setDecision(src.getDecision());
}
};
- class SAML_DLLLOCAL AttributeValueImpl
- : public virtual AttributeValue, public AnyElementImpl, public AbstractValidatingXMLObject
+ class SAML_DLLLOCAL AttributeValueImpl : public virtual AttributeValue, public AnyElementImpl
{
public:
virtual ~AttributeValueImpl() {}
: AbstractXMLObject(nsURI, localName, prefix, schemaType) {
}
- AttributeValueImpl(const AttributeValueImpl& src) : AnyElementImpl(src), AbstractValidatingXMLObject(src) {}
+ AttributeValueImpl(const AttributeValueImpl& src) : AnyElementImpl(src) {
+ }
IMPL_XMLOBJECT_CLONE(AttributeValue);
};
public AbstractComplexElement,
public AbstractAttributeExtensibleXMLObject,
public AbstractDOMCachingXMLObject,
- public AbstractValidatingXMLObject,
public AbstractXMLObjectMarshaller,
public AbstractXMLObjectUnmarshaller
{
}
AttributeImpl(const AttributeImpl& src)
- : AbstractXMLObject(src),
- AbstractAttributeExtensibleXMLObject(src),
- AbstractDOMCachingXMLObject(src),
- AbstractValidatingXMLObject(src) {
+ : AbstractXMLObject(src), AbstractAttributeExtensibleXMLObject(src), AbstractDOMCachingXMLObject(src) {
init();
setName(src.getName());
setNameFormat(src.getNameFormat());
class SAML_DLLLOCAL AttributeStatementImpl : public virtual AttributeStatement,
public AbstractComplexElement,
public AbstractDOMCachingXMLObject,
- public AbstractValidatingXMLObject,
public AbstractXMLObjectMarshaller,
public AbstractXMLObjectUnmarshaller
{
: AbstractXMLObject(nsURI, localName, prefix, schemaType) {
}
- AttributeStatementImpl(const AttributeStatementImpl& src)
- : AbstractXMLObject(src),
- AbstractDOMCachingXMLObject(src),
- AbstractValidatingXMLObject(src) {
+ AttributeStatementImpl(const AttributeStatementImpl& src) : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src) {
for (list<XMLObject*>::const_iterator i=src.m_children.begin(); i!=src.m_children.end(); i++) {
if (*i) {
Attribute* attribute=dynamic_cast<Attribute*>(*i);
class SAML_DLLLOCAL AdviceImpl : public virtual Advice,
public AbstractComplexElement,
public AbstractDOMCachingXMLObject,
- public AbstractValidatingXMLObject,
public AbstractXMLObjectMarshaller,
public AbstractXMLObjectUnmarshaller
{
: AbstractXMLObject(nsURI, localName, prefix, schemaType) {
}
- AdviceImpl(const AdviceImpl& src)
- : AbstractXMLObject(src),
- AbstractDOMCachingXMLObject(src),
- AbstractValidatingXMLObject(src) {
+ AdviceImpl(const AdviceImpl& src) : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src) {
for (list<XMLObject*>::const_iterator i=src.m_children.begin(); i!=src.m_children.end(); i++) {
if (*i) {
AssertionIDRef* ref=dynamic_cast<AssertionIDRef*>(*i);
class SAML_DLLLOCAL AssertionImpl : public virtual Assertion,
public AbstractComplexElement,
public AbstractDOMCachingXMLObject,
- public AbstractValidatingXMLObject,
public AbstractXMLObjectMarshaller,
public AbstractXMLObjectUnmarshaller
{
init();
}
- AssertionImpl(const AssertionImpl& src)
- : AbstractXMLObject(src),
- AbstractDOMCachingXMLObject(src),
- AbstractValidatingXMLObject(src) {
+ AssertionImpl(const AssertionImpl& src) : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src) {
init();
setVersion(src.getVersion());
setID(src.getID());
#include <xmltooling/io/AbstractXMLObjectMarshaller.h>
#include <xmltooling/io/AbstractXMLObjectUnmarshaller.h>
#include <xmltooling/util/XMLHelper.h>
-#include <xmltooling/validation/AbstractValidatingXMLObject.h>
#include <ctime>
#include <xercesc/util/XMLUniDefs.hpp>
//TODO need unit test for this, using objects from another namespace
class SAML_DLLLOCAL ExtensionsImpl : public virtual Extensions,
- public AbstractDOMCachingXMLObject,
- public AbstractElementProxy,
- public AbstractValidatingXMLObject,
- public AbstractXMLObjectMarshaller,
- public AbstractXMLObjectUnmarshaller
+ public AbstractElementProxy,
+ public AbstractDOMCachingXMLObject,
+ public AbstractXMLObjectMarshaller,
+ public AbstractXMLObjectUnmarshaller
{
public:
virtual ~ExtensionsImpl() {}
}
ExtensionsImpl(const ExtensionsImpl& src)
- : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src), AbstractElementProxy(src),
- AbstractValidatingXMLObject(src) {
+ : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src), AbstractElementProxy(src) {
for (list<XMLObject*>::const_iterator i=src.m_children.begin(); i!=src.m_children.end(); i++) {
if (*i) {
getXMLObjects().push_back((*i)->clone());
};
class SAML_DLLLOCAL StatusCodeImpl : public virtual StatusCode,
- public AbstractComplexElement,
- public AbstractDOMCachingXMLObject,
- public AbstractValidatingXMLObject,
- public AbstractXMLObjectMarshaller,
- public AbstractXMLObjectUnmarshaller
+ public AbstractComplexElement,
+ public AbstractDOMCachingXMLObject,
+ public AbstractXMLObjectMarshaller,
+ public AbstractXMLObjectUnmarshaller
{
void init() {
m_Value=NULL;
init();
}
- StatusCodeImpl(const StatusCodeImpl& src) : AbstractXMLObject(src),
- AbstractDOMCachingXMLObject(src),
- AbstractValidatingXMLObject(src)
- {
+ StatusCodeImpl(const StatusCodeImpl& src) : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src) {
init();
setValue(src.getValue());
if (src.getStatusCode())
//TODO need unit tests for non-SAML namespace children
class SAML_DLLLOCAL StatusDetailImpl : public virtual StatusDetail,
- public AbstractComplexElement,
- public AbstractDOMCachingXMLObject,
- public AbstractValidatingXMLObject,
- public AbstractXMLObjectMarshaller,
- public AbstractXMLObjectUnmarshaller
+ public AbstractComplexElement,
+ public AbstractDOMCachingXMLObject,
+ public AbstractXMLObjectMarshaller,
+ public AbstractXMLObjectUnmarshaller
{
public:
virtual ~StatusDetailImpl() {}
StatusDetailImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const QName* schemaType)
: AbstractXMLObject(nsURI, localName, prefix, schemaType) { }
- StatusDetailImpl(const StatusDetailImpl& src) : AbstractXMLObject(src),
- AbstractDOMCachingXMLObject(src),
- AbstractValidatingXMLObject(src)
- {
+ StatusDetailImpl(const StatusDetailImpl& src) : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src) {
VectorOf(XMLObject) v=getDetails();
for (vector<XMLObject*>::const_iterator i=src.m_Details.begin(); i!=src.m_Details.end(); i++) {
if (*i) {
class SAML_DLLLOCAL StatusImpl : public virtual Status,
- public AbstractComplexElement,
- public AbstractDOMCachingXMLObject,
- public AbstractValidatingXMLObject,
- public AbstractXMLObjectMarshaller,
- public AbstractXMLObjectUnmarshaller
+ public AbstractComplexElement,
+ public AbstractDOMCachingXMLObject,
+ public AbstractXMLObjectMarshaller,
+ public AbstractXMLObjectUnmarshaller
{
void init() {
m_StatusCode=NULL;
init();
}
- StatusImpl(const StatusImpl& src) : AbstractXMLObject(src),
- AbstractDOMCachingXMLObject(src),
- AbstractValidatingXMLObject(src)
- {
+ StatusImpl(const StatusImpl& src) : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src) {
init();
if (src.getStatusCode())
setStatusCode(src.getStatusCode()->cloneStatusCode());
class SAML_DLLLOCAL RequestImpl : public virtual Request,
- public AbstractComplexElement,
- public AbstractDOMCachingXMLObject,
- public AbstractValidatingXMLObject,
- public AbstractXMLObjectMarshaller,
- public AbstractXMLObjectUnmarshaller
+ public AbstractComplexElement,
+ public AbstractDOMCachingXMLObject,
+ public AbstractXMLObjectMarshaller,
+ public AbstractXMLObjectUnmarshaller
{
void init() {
m_ID=NULL;
init();
}
- RequestImpl(const RequestImpl& src) : AbstractXMLObject(src),
- AbstractDOMCachingXMLObject(src),
- AbstractValidatingXMLObject(src)
- {
+ RequestImpl(const RequestImpl& src) : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src) {
init();
setID(src.getID());
setVersion(src.getVersion());
AssertionIDRequestImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const QName* schemaType)
: AbstractXMLObject(nsURI, localName, prefix, schemaType) { }
- AssertionIDRequestImpl(const AssertionIDRequestImpl& src) : AbstractXMLObject(src),
- RequestImpl(src)
- {
+ AssertionIDRequestImpl(const AssertionIDRequestImpl& src) : AbstractXMLObject(src), RequestImpl(src) {
VectorOf(AssertionIDRef) v=getAssertionIDRefs();
for (vector<AssertionIDRef*>::const_iterator i=src.m_AssertionIDRefs.begin(); i!=src.m_AssertionIDRefs.end(); i++) {
if (*i) {
init();
}
- SubjectQueryImpl(const SubjectQueryImpl& src) : AbstractXMLObject(src),
- RequestImpl(src)
- {
+ SubjectQueryImpl(const SubjectQueryImpl& src) : AbstractXMLObject(src), RequestImpl(src) {
init();
if (src.getSubject())
setSubject(src.getSubject()->cloneSubject());
class SAML_DLLLOCAL RequestedAuthnContextImpl : public virtual RequestedAuthnContext,
- public AbstractComplexElement,
- public AbstractDOMCachingXMLObject,
- public AbstractValidatingXMLObject,
- public AbstractXMLObjectMarshaller,
- public AbstractXMLObjectUnmarshaller
+ public AbstractComplexElement,
+ public AbstractDOMCachingXMLObject,
+ public AbstractXMLObjectMarshaller,
+ public AbstractXMLObjectUnmarshaller
{
void init() {
m_Comparison=NULL;
init();
}
- RequestedAuthnContextImpl(const RequestedAuthnContextImpl& src) : AbstractXMLObject(src),
- AbstractDOMCachingXMLObject(src),
- AbstractValidatingXMLObject(src)
- {
+ RequestedAuthnContextImpl(const RequestedAuthnContextImpl& src) : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src) {
init();
setComparison(src.getComparison());
for (list<XMLObject*>::const_iterator i=src.m_children.begin(); i!=src.m_children.end(); i++) {
init();
}
- AuthnQueryImpl(const AuthnQueryImpl& src) : AbstractXMLObject(src),
- SubjectQueryImpl(src)
- {
+ AuthnQueryImpl(const AuthnQueryImpl& src) : AbstractXMLObject(src), SubjectQueryImpl(src) {
init();
setSessionIndex(src.getSessionIndex());
if (src.getRequestedAuthnContext())
AttributeQueryImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const QName* schemaType)
: AbstractXMLObject(nsURI, localName, prefix, schemaType) { }
- AttributeQueryImpl(const AttributeQueryImpl& src) : AbstractXMLObject(src),
- SubjectQueryImpl(src)
- {
+ AttributeQueryImpl(const AttributeQueryImpl& src) : AbstractXMLObject(src), SubjectQueryImpl(src) {
for (list<XMLObject*>::const_iterator i=src.m_children.begin(); i!=src.m_children.end(); i++) {
if (*i) {
Attribute* attrib=dynamic_cast<Attribute*>(*i);
init();
}
- AuthzDecisionQueryImpl(const AuthzDecisionQueryImpl& src) : AbstractXMLObject(src),
- SubjectQueryImpl(src)
- {
+ AuthzDecisionQueryImpl(const AuthzDecisionQueryImpl& src) : AbstractXMLObject(src), SubjectQueryImpl(src) {
init();
setResource(src.getResource());
if (src.getEvidence())
};
class SAML_DLLLOCAL NameIDPolicyImpl : public virtual NameIDPolicy,
- public AbstractChildlessElement,
- public AbstractDOMCachingXMLObject,
- public AbstractValidatingXMLObject,
- public AbstractXMLObjectMarshaller,
- public AbstractXMLObjectUnmarshaller
+ public AbstractChildlessElement,
+ public AbstractDOMCachingXMLObject,
+ public AbstractXMLObjectMarshaller,
+ public AbstractXMLObjectUnmarshaller
{
void init() {
m_Format=NULL;
init();
}
- NameIDPolicyImpl(const NameIDPolicyImpl& src) : AbstractXMLObject(src),
- AbstractDOMCachingXMLObject(src),
- AbstractValidatingXMLObject(src)
- {
+ NameIDPolicyImpl(const NameIDPolicyImpl& src) : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src) {
init();
setFormat(src.getFormat());
setSPNameQualifier(src.getSPNameQualifier());
};
class SAML_DLLLOCAL IDPEntryImpl : public virtual IDPEntry,
- public AbstractChildlessElement,
- public AbstractDOMCachingXMLObject,
- public AbstractValidatingXMLObject,
- public AbstractXMLObjectMarshaller,
- public AbstractXMLObjectUnmarshaller
+ public AbstractChildlessElement,
+ public AbstractDOMCachingXMLObject,
+ public AbstractXMLObjectMarshaller,
+ public AbstractXMLObjectUnmarshaller
{
void init() {
m_ProviderID=NULL;
init();
}
- IDPEntryImpl(const IDPEntryImpl& src) : AbstractXMLObject(src),
- AbstractDOMCachingXMLObject(src),
- AbstractValidatingXMLObject(src)
- {
+ IDPEntryImpl(const IDPEntryImpl& src) : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src) {
init();
setProviderID(src.getProviderID());
setName(src.getName());
};
class SAML_DLLLOCAL IDPListImpl : public virtual IDPList,
- public AbstractComplexElement,
- public AbstractDOMCachingXMLObject,
- public AbstractValidatingXMLObject,
- public AbstractXMLObjectMarshaller,
- public AbstractXMLObjectUnmarshaller
+ public AbstractComplexElement,
+ public AbstractDOMCachingXMLObject,
+ public AbstractXMLObjectMarshaller,
+ public AbstractXMLObjectUnmarshaller
{
void init() {
m_GetComplete=NULL;
init();
}
- IDPListImpl(const IDPListImpl& src) : AbstractXMLObject(src),
- AbstractComplexElement(src),
- AbstractDOMCachingXMLObject(src),
- AbstractValidatingXMLObject(src)
- {
+ IDPListImpl(const IDPListImpl& src)
+ : AbstractXMLObject(src), AbstractComplexElement(src), AbstractDOMCachingXMLObject(src) {
init();
if (src.getGetComplete())
setGetComplete(src.getGetComplete()->cloneGetComplete());
class SAML_DLLLOCAL ScopingImpl : public virtual Scoping,
- public AbstractComplexElement,
- public AbstractDOMCachingXMLObject,
- public AbstractValidatingXMLObject,
- public AbstractXMLObjectMarshaller,
- public AbstractXMLObjectUnmarshaller
+ public AbstractComplexElement,
+ public AbstractDOMCachingXMLObject,
+ public AbstractXMLObjectMarshaller,
+ public AbstractXMLObjectUnmarshaller
{
void init() {
m_ProxyCount=NULL;
init();
}
- ScopingImpl(const ScopingImpl& src) : AbstractXMLObject(src),
- AbstractComplexElement(src),
- AbstractDOMCachingXMLObject(src),
- AbstractValidatingXMLObject(src)
- {
+ ScopingImpl(const ScopingImpl& src)
+ : AbstractXMLObject(src), AbstractComplexElement(src), AbstractDOMCachingXMLObject(src) {
init();
setProxyCount(m_ProxyCount);
if (src.getIDPList())
init();
}
- AuthnRequestImpl(const AuthnRequestImpl& src) : AbstractXMLObject(src),
- RequestImpl(src)
- {
+ AuthnRequestImpl(const AuthnRequestImpl& src) : AbstractXMLObject(src), RequestImpl(src) {
init();
ForceAuthn(m_ForceAuthn);
};
class SAML_DLLLOCAL StatusResponseImpl : public virtual StatusResponse,
- public AbstractComplexElement,
- public AbstractDOMCachingXMLObject,
- public AbstractValidatingXMLObject,
- public AbstractXMLObjectMarshaller,
- public AbstractXMLObjectUnmarshaller
+ public AbstractComplexElement,
+ public AbstractDOMCachingXMLObject,
+ public AbstractXMLObjectMarshaller,
+ public AbstractXMLObjectUnmarshaller
{
void init() {
m_ID=NULL;
init();
}
- StatusResponseImpl(const StatusResponseImpl& src) : AbstractXMLObject(src),
- AbstractDOMCachingXMLObject(src),
- AbstractValidatingXMLObject(src)
- {
+ StatusResponseImpl(const StatusResponseImpl& src) : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src) {
init();
setID(src.getID());
setInResponseTo(src.getInResponseTo());
ResponseImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const QName* schemaType)
: AbstractXMLObject(nsURI, localName, prefix, schemaType) { }
- ResponseImpl(const ResponseImpl& src) : AbstractXMLObject(src),
- StatusResponseImpl(src)
- {
+ ResponseImpl(const ResponseImpl& src) : AbstractXMLObject(src), StatusResponseImpl(src) {
for (list<XMLObject*>::const_iterator i=src.m_children.begin(); i!=src.m_children.end(); i++) {
if (*i) {
Assertion* assertion=dynamic_cast<Assertion*>(*i);
init();
}
- ArtifactResolveImpl(const ArtifactResolveImpl& src) : AbstractXMLObject(src),
- RequestImpl(src)
- {
+ ArtifactResolveImpl(const ArtifactResolveImpl& src) : AbstractXMLObject(src), RequestImpl(src) {
init();
if(src.getArtifact())
setArtifact(src.getArtifact()->cloneArtifact());
init();
}
- ArtifactResponseImpl(const ArtifactResponseImpl& src) : AbstractXMLObject(src),
- StatusResponseImpl(src)
- {
+ ArtifactResponseImpl(const ArtifactResponseImpl& src) : AbstractXMLObject(src), StatusResponseImpl(src) {
init();
if (src.getPayload())
setPayload(getPayload()->clone());
};
class SAML_DLLLOCAL NewEncryptedIDImpl : public virtual NewEncryptedID,
- public AbstractComplexElement,
- public AbstractDOMCachingXMLObject,
- public AbstractValidatingXMLObject,
- public AbstractXMLObjectMarshaller,
- public AbstractXMLObjectUnmarshaller
+ public AbstractComplexElement,
+ public AbstractDOMCachingXMLObject,
+ public AbstractXMLObjectMarshaller,
+ public AbstractXMLObjectUnmarshaller
{
void init() {
m_EncryptedData=NULL;
init();
}
- NewEncryptedIDImpl(const NewEncryptedIDImpl& src)
- : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src), AbstractValidatingXMLObject(src)
- {
+ NewEncryptedIDImpl(const NewEncryptedIDImpl& src) : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src) {
init();
if (src.getEncryptedData())
setEncryptedData(src.getEncryptedData()->cloneEncryptedData());
};
class SAML_DLLLOCAL TerminateImpl : public virtual Terminate,
- public AbstractChildlessElement,
- public AbstractDOMCachingXMLObject,
- public AbstractValidatingXMLObject,
- public AbstractXMLObjectMarshaller,
- public AbstractXMLObjectUnmarshaller
+ public AbstractChildlessElement,
+ public AbstractDOMCachingXMLObject,
+ public AbstractXMLObjectMarshaller,
+ public AbstractXMLObjectUnmarshaller
{
public:
virtual ~TerminateImpl() { }
TerminateImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const QName* schemaType)
: AbstractXMLObject(nsURI, localName, prefix, schemaType) { }
- TerminateImpl(const TerminateImpl& src) : AbstractXMLObject(src),
- AbstractDOMCachingXMLObject(src),
- AbstractValidatingXMLObject(src) { }
+ TerminateImpl(const TerminateImpl& src) : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src) {
+ }
IMPL_XMLOBJECT_CLONE(Terminate);
init();
}
- ManageNameIDRequestImpl(const ManageNameIDRequestImpl& src) : AbstractXMLObject(src),
- RequestImpl(src)
- {
+ ManageNameIDRequestImpl(const ManageNameIDRequestImpl& src) : AbstractXMLObject(src), RequestImpl(src) {
init();
if (src.getNameID())
ManageNameIDResponseImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const QName* schemaType)
: AbstractXMLObject(nsURI, localName, prefix, schemaType) { }
- ManageNameIDResponseImpl(const ManageNameIDResponseImpl& src) : AbstractXMLObject(src),
- StatusResponseImpl(src) { }
+ ManageNameIDResponseImpl(const ManageNameIDResponseImpl& src) : AbstractXMLObject(src), StatusResponseImpl(src) {
+ }
IMPL_XMLOBJECT_CLONE(ManageNameIDResponse);
};
init();
}
- LogoutRequestImpl(const LogoutRequestImpl& src) : AbstractXMLObject(src),
- RequestImpl(src)
- {
+ LogoutRequestImpl(const LogoutRequestImpl& src) : AbstractXMLObject(src), RequestImpl(src) {
init();
setReason(src.getReason());
LogoutResponseImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const QName* schemaType)
: AbstractXMLObject(nsURI, localName, prefix, schemaType) { }
- LogoutResponseImpl(const LogoutResponseImpl& src) : AbstractXMLObject(src),
- StatusResponseImpl(src) { }
+ LogoutResponseImpl(const LogoutResponseImpl& src) : AbstractXMLObject(src), StatusResponseImpl(src) {
+ }
IMPL_XMLOBJECT_CLONE(LogoutResponse);
};
init();
}
- NameIDMappingRequestImpl(const NameIDMappingRequestImpl& src) : AbstractXMLObject(src),
- RequestImpl(src)
- {
+ NameIDMappingRequestImpl(const NameIDMappingRequestImpl& src) : AbstractXMLObject(src), RequestImpl(src) {
init();
if (src.getBaseID())
init();
}
- NameIDMappingResponseImpl(const NameIDMappingResponseImpl& src) : AbstractXMLObject(src),
- StatusResponseImpl(src)
- {
+ NameIDMappingResponseImpl(const NameIDMappingResponseImpl& src) : AbstractXMLObject(src), StatusResponseImpl(src) {
init();
if (src.getNameID())
#include <xmltooling/signature/KeyInfo.h>
#include <xmltooling/signature/Signature.h>
#include <xmltooling/util/DateTime.h>
-#include <xmltooling/validation/ValidatingXMLObject.h>
#define DECL_SAML2MDOBJECTBUILDER(cname) \
DECL_XMLOBJECTBUILDER(SAML_API,cname,opensaml::SAMLConstants::SAML20MD_NS,opensaml::SAMLConstants::SAML20MD_PREFIX)
--- /dev/null
+/*
+ * Copyright 2001-2006 Internet2
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/**
+ * @file MetadataFilter.h
+ *
+ * Processes metadata after it's been unmarshalled.
+ */
+
+#ifndef __saml2_metadatafilt_h__
+#define __saml2_metadatafilt_h__
+
+#include <saml/saml2/metadata/Metadata.h>
+
+namespace opensaml {
+
+ namespace saml2md {
+
+ /**
+ * A metadata filter is used to process metadata after resolution and unmarshalling.
+ *
+ * Some filters might remove everything but identity provider roles, decreasing the data a service provider
+ * needs to work with, or a filter could be used to perform integrity checking on the retrieved metadata by
+ * verifying a digital signature.
+ */
+ class SAML_API MetadataFilter
+ {
+ MAKE_NONCOPYABLE(MetadataFilter);
+
+ public:
+ virtual ~MetadataFilter() {}
+
+ /**
+ * Returns an identifying string for the filter.
+ *
+ * @return the ID string
+ */
+ virtual const char* getId() const=0;
+
+ /**
+ * Filters the given metadata. Exceptions should generally not be thrown to
+ * signal the removal of information, only for systemic processing failure.
+ *
+ * @param xmlObject the metadata to be filtered.
+ * @throws FilterException thrown if an error occurs during the filtering process
+ */
+ virtual void doFilter(xmltooling::XMLObject& xmlObject) const=0;
+ };
+
+ };
+};
+
+#endif /* __saml2_metadatafilt_h__ */
--- /dev/null
+/*
+ * Copyright 2001-2006 Internet2
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/**
+ * @file MetadataProvider.h
+ *
+ * Supplies an individual source of metadata.
+ */
+
+#ifndef __saml2_metadataprov_h__
+#define __saml2_metadataprov_h__
+
+#include <xmltooling/Lockable.h>
+#include <saml/saml2/metadata/MetadataFilter.h>
+
+namespace opensaml {
+
+ namespace saml2md {
+
+ /**
+ * Supplies an individual source of metadata.
+ *
+ * The source can be a local file, remote service, or the result of a
+ * dynamic lookup, can include local caching, etc.
+ */
+ class SAML_API MetadataProvider : public virtual xmltooling::Lockable
+ {
+ MAKE_NONCOPYABLE(MetadataProvider);
+ protected:
+ MetadataProvider() : m_filter(NULL) {}
+
+ public:
+ virtual ~MetadataProvider() {
+ delete m_filter;
+ }
+
+ /**
+ * Gets the metadata filter applied to the resolved metadata.
+ *
+ * @return the metadata filter applied to the resolved metadata
+ */
+ const MetadataFilter* getMetadataFilter() const {
+ return m_filter;
+ }
+
+ /**
+ * Sets the metadata filter applied to the resolved metadata.
+ *
+ * @param newFilter the metadata filter applied to the resolved metadata
+ */
+ void setMetadataFilter(MetadataFilter* newFilter) {
+ delete m_filter;
+ m_filter=newFilter;
+ }
+
+ /**
+ * Should be called after instantiating provider and setting filter, but before
+ * performing any lookup operations. Allows the provider to defer initialization
+ * processes that are likely to result in exceptions until after the provider is
+ * safely created. Providers SHOULD perform as much processing as possible in
+ * this method so as to report/log any errors that would affect later processing.
+ * Also, any inputs supplied to the factory MUST persist until the completion of
+ * this method, but the caller is then free to modify or delete them.
+ */
+ virtual void init()=0;
+
+ /**
+ * Gets the metadata for a given entity. If a valid entity is returned,
+ * the provider will be left in a locked state. The caller MUST unlock the
+ * provider when finished with the entity.
+ *
+ * @param id the ID of the entity
+ * @param requireValidMetadata indicates whether the metadata for the entity must be valid/current
+ *
+ * @return the entity's metadata or NULL if there is no metadata or no valid metadata
+ */
+ virtual const EntityDescriptor* lookup(const XMLCh* id, bool requireValidMetadata=true) const=0;
+
+ /**
+ * Gets the metadata for a given entity. If a valid entity is returned,
+ * the provider will be left in a locked state. The caller MUST unlock the
+ * provider when finished with the entity.
+ *
+ * @param id the ID of the entity
+ * @param requireValidMetadata indicates whether the metadata for the entity must be valid/current
+ *
+ * @return the entity's metadata or NULL if there is no metadata or no valid metadata
+ */
+ virtual const EntityDescriptor* lookup(const char* id, bool requireValidMetadata=true) const=0;
+
+ /**
+ * Gets the metadata for a given group of entities. If a valid group is returned,
+ * the resolver will be left in a locked state. The caller MUST unlock the
+ * resolver when finished with the group.
+ *
+ * @param name the name of the group
+ * @param requireValidMetadata indicates whether the metadata for the group must be valid/current
+ *
+ * @return the group's metadata or NULL if there is no metadata or no valid metadata
+ */
+ virtual const EntitiesDescriptor* lookupGroup(const XMLCh* name, bool requireValidMetadata=true) const=0;
+
+ /**
+ * Gets the metadata for a given group of entities. If a valid group is returned,
+ * the resolver will be left in a locked state. The caller MUST unlock the
+ * resolver when finished with the group.
+ *
+ * @param name the name of the group
+ * @param requireValidMetadata indicates whether the metadata for the group must be valid/current
+ *
+ * @return the group's metadata or NULL if there is no metadata or no valid metadata
+ */
+ virtual const EntitiesDescriptor* lookupGroup(const char* name, bool requireValidMetadata=true) const=0;
+
+ protected:
+ MetadataFilter* m_filter;
+ };
+
+ /**
+ * Registers MetadataProvider classes into the runtime.
+ */
+ void SAML_API registerMetadataProviders();
+
+ /** MetadataProvider based on local XML files */
+ #define FILESYSTEM_METADATA_PROVIDER "org.opensaml.saml2.metadata.provider.FilesystemMetadataProvider"
+ };
+};
+
+#endif /* __saml2_metadataprov_h__ */
--- /dev/null
+/*
+ * Copyright 2001-2006 Internet2
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/**
+ * FilesystemMetadataProvider.cpp
+ *
+ * Supplies metadata from a local file, detecting and reloading changes.
+ */
+
+#include "internal.h"
+#include "saml2/metadata/MetadataProvider.h"
+
+#include <ctime>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <log4cpp/Category.hh>
+#include <xercesc/framework/LocalFileInputSource.hpp>
+#include <xercesc/framework/Wrapper4InputSource.hpp>
+#include <xmltooling/util/NDC.h>
+#include <xmltooling/util/Threads.h>
+
+using namespace opensaml::saml2md;
+using namespace xmltooling;
+using namespace log4cpp;
+using namespace std;
+
+namespace opensaml {
+ namespace saml2md {
+
+
+ class SAML_DLLLOCAL FilesystemMetadataProvider : public MetadataProvider
+ {
+ public:
+ FilesystemMetadataProvider(const DOMElement* e);
+ ~FilesystemMetadataProvider();
+
+ Lockable* lock();
+ void unlock() {
+ if (m_lock)
+ m_lock->unlock();
+ }
+
+ void init();
+
+ const EntityDescriptor* lookup(const XMLCh* id, bool requireValidMetadata=true) const;
+ const EntityDescriptor* lookup(const char* id, bool requireValidMetadata=true) const;
+ const EntitiesDescriptor* lookupGroup(const XMLCh* name, bool requireValidMetadata=true) const;
+ const EntitiesDescriptor* lookupGroup(const char* name, bool requireValidMetadata=true) const;
+
+ private:
+ XMLObject* load() const;
+ void index();
+ void index(EntityDescriptor* site, time_t validUntil=LLONG_MAX);
+ void index(EntitiesDescriptor* group, time_t validUntil=LLONG_MAX);
+
+ // index of loaded metadata
+ typedef multimap<string,const EntityDescriptor*> sitemap_t;
+ typedef multimap<string,const EntitiesDescriptor*> groupmap_t;
+ sitemap_t m_sites;
+ sitemap_t m_sources;
+ groupmap_t m_groups;
+
+ const DOMElement* m_root; // survives only until init() method is done
+ std::string m_source;
+ time_t m_filestamp;
+ bool m_validate;
+ RWLock* m_lock;
+ XMLObject* m_object;
+ };
+
+ MetadataProvider* SAML_DLLLOCAL FilesystemMetadataProviderFactory(const DOMElement* const & e)
+ {
+ return new FilesystemMetadataProvider(e);
+ }
+
+ };
+};
+
+static const XMLCh uri[] = UNICODE_LITERAL_3(u,r,i);
+static const XMLCh url[] = UNICODE_LITERAL_3(u,r,l);
+static const XMLCh path[] = UNICODE_LITERAL_4(p,a,t,h);
+static const XMLCh pathname[] = UNICODE_LITERAL_8(p,a,t,h,n,a,m,e);
+static const XMLCh file[] = UNICODE_LITERAL_4(f,i,l,e);
+static const XMLCh filename[] = UNICODE_LITERAL_8(f,i,l,e,n,a,m,e);
+static const XMLCh validate[] = UNICODE_LITERAL_8(v,a,l,i,d,a,t,e);
+
+FilesystemMetadataProvider::FilesystemMetadataProvider(const DOMElement* e)
+ : m_root(e), m_filestamp(0), m_validate(false), m_lock(NULL), m_object(NULL)
+{
+#ifdef _DEBUG
+ NDC ndc("FilesystemMetadataProvider");
+#endif
+ Category& log=Category::getInstance(SAML_LOGCAT".Metadata");
+
+ // Establish source of data...
+ const XMLCh* source=e->getAttributeNS(NULL,uri);
+ if (!source || !*source) {
+ source=e->getAttributeNS(NULL,url);
+ if (!source || !*source) {
+ source=e->getAttributeNS(NULL,path);
+ if (!source || !*source) {
+ source=e->getAttributeNS(NULL,pathname);
+ if (!source || !*source) {
+ source=e->getAttributeNS(NULL,file);
+ if (!source || !*source) {
+ source=e->getAttributeNS(NULL,filename);
+ }
+ }
+ }
+ }
+ }
+
+ if (source && *source) {
+ const XMLCh* valflag=e->getAttributeNS(NULL,validate);
+ m_validate=(XMLString::equals(valflag,XMLConstants::XML_TRUE) || XMLString::equals(valflag,XMLConstants::XML_ONE));
+
+ auto_ptr_char temp(source);
+ m_source=temp.get();
+ log.debug("using external metadata file (%s)", temp.get());
+
+#ifdef WIN32
+ struct _stat stat_buf;
+ if (_stat(m_source.c_str(), &stat_buf) == 0)
+#else
+ struct stat stat_buf;
+ if (stat(m_source.c_str(), &stat_buf) == 0)
+#endif
+ m_filestamp=stat_buf.st_mtime;
+ m_lock=RWLock::create();
+ }
+ else
+ log.debug("no file path/name supplied, will look for metadata inline");
+}
+
+FilesystemMetadataProvider::~FilesystemMetadataProvider()
+{
+ delete m_lock;
+ delete m_object;
+}
+
+void FilesystemMetadataProvider::init()
+{
+ m_object=load();
+ index();
+}
+
+XMLObject* FilesystemMetadataProvider::load() const
+{
+#ifdef _DEBUG
+ NDC ndc("load");
+#endif
+ Category& log=Category::getInstance(SAML_LOGCAT".Metadata");
+
+ try {
+ XMLObject* xmlObject=NULL;
+
+ if (!m_source.empty()) {
+ // Data comes from a file we have to parse.
+ log.debug("loading metadata from file...");
+ auto_ptr_XMLCh widenit(m_source.c_str());
+ LocalFileInputSource src(widenit.get());
+ Wrapper4InputSource dsrc(&src,false);
+ DOMDocument* doc=NULL;
+ if (m_validate)
+ doc=XMLToolingConfig::getConfig().getValidatingParser().parse(dsrc);
+ else
+ doc=XMLToolingConfig::getConfig().getParser().parse(dsrc);
+ XercesJanitor<DOMDocument> docjanitor(doc);
+ log.infoStream() << "loaded and parsed XML file (" << m_source << ")" << CategoryStream::ENDLINE;
+
+ // Unmarshall objects, binding the document.
+ xmlObject = XMLObjectBuilder::buildOneFromElement(doc->getDocumentElement(), true);
+ docjanitor.release();
+ }
+ else {
+ // Data comes from the DOM we were handed.
+ log.debug("loading inline metadata...");
+ DOMElement* child = XMLHelper::getFirstChildElement(m_root);
+ if (!child)
+ throw XMLToolingException("No metadata was found inline.");
+ xmlObject = XMLObjectBuilder::buildOneFromElement(child);
+ }
+
+ auto_ptr<XMLObject> xmlObjectPtr(xmlObject);
+
+ if (m_filter) {
+ log.info("applying metadata filter (%s)", m_filter->getId());
+ m_filter->doFilter(*xmlObject);
+ }
+
+ xmlObjectPtr->releaseThisAndChildrenDOM();
+ xmlObjectPtr->setDocument(NULL);
+ return xmlObjectPtr.release();
+ }
+ catch (XMLException& e) {
+ auto_ptr_char msg(e.getMessage());
+ log.errorStream() << "Xerces parser error while loading metadata from ("
+ << (m_source.empty() ? "inline" : m_source) << "): " << msg.get() << CategoryStream::ENDLINE;
+ throw XMLParserException(msg.get());
+ }
+ catch (XMLToolingException& e) {
+ log.errorStream() << "error while loading metadata from ("
+ << (m_source.empty() ? "inline" : m_source) << "): " << e.what() << CategoryStream::ENDLINE;
+ throw;
+ }
+}
+
+Lockable* FilesystemMetadataProvider::lock()
+{
+ if (!m_lock)
+ return this;
+
+ m_lock->rdlock();
+
+ // Check if we need to refresh.
+#ifdef WIN32
+ struct _stat stat_buf;
+ if (_stat(m_source.c_str(), &stat_buf) == 0)
+#else
+ struct stat stat_buf;
+ if (stat(m_source.c_str(), &stat_buf) == 0)
+#endif
+ {
+ if (m_filestamp>0 && m_filestamp<stat_buf.st_mtime) {
+ // Elevate lock and recheck.
+ m_lock->unlock();
+ m_lock->wrlock();
+ if (m_filestamp>0 && m_filestamp<stat_buf.st_mtime) {
+ SharedLock lockwrap(m_lock,false); // pops write lock
+ try {
+ // Update the timestamp regardless. No point in repeatedly trying.
+ m_filestamp=stat_buf.st_mtime;
+ XMLObject* newstuff = load();
+ delete m_object;
+ m_object = newstuff;
+ index();
+ }
+ catch(XMLToolingException& e) {
+ Category::getInstance(SAML_LOGCAT".Metadata").error("failed to reload metadata from file, sticking with what we have: %s", e.what());
+ }
+ }
+ else {
+ m_lock->unlock();
+ }
+ m_lock->rdlock();
+ }
+ }
+ return this;
+}
+
+void FilesystemMetadataProvider::index()
+{
+ m_sources.clear();
+ m_sites.clear();
+ m_groups.clear();
+
+ EntitiesDescriptor* group=dynamic_cast<EntitiesDescriptor*>(m_object);
+ if (group) {
+ index(group);
+ return;
+ }
+ EntityDescriptor* site=dynamic_cast<EntityDescriptor*>(m_object);
+ index(site);
+}
+
+void FilesystemMetadataProvider::index(EntityDescriptor* site, time_t validUntil)
+{
+ if (validUntil < site->getValidUntilEpoch())
+ site->setValidUntil(validUntil);
+
+ auto_ptr_char id(site->getEntityID());
+ if (id.get()) {
+ m_sites.insert(make_pair(id.get(),site));
+ }
+}
+
+void FilesystemMetadataProvider::index(EntitiesDescriptor* group, time_t validUntil)
+{
+ if (validUntil < group->getValidUntilEpoch())
+ group->setValidUntil(validUntil);
+
+ auto_ptr_char name(group->getName());
+ if (name.get()) {
+ m_groups.insert(make_pair(name.get(),group));
+ }
+
+ const vector<EntitiesDescriptor*>& groups=const_cast<const EntitiesDescriptor*>(group)->getEntitiesDescriptors();
+ for (vector<EntitiesDescriptor*>::const_iterator i=groups.begin(); i!=groups.end(); i++)
+ index(*i,group->getValidUntilEpoch());
+
+ const vector<EntityDescriptor*>& sites=const_cast<const EntitiesDescriptor*>(group)->getEntityDescriptors();
+ for (vector<EntityDescriptor*>::const_iterator j=sites.begin(); j!=sites.end(); j++)
+ index(*j,group->getValidUntilEpoch());
+}
+
+const EntitiesDescriptor* FilesystemMetadataProvider::lookupGroup(const char* name, bool strict) const
+{
+ pair<groupmap_t::const_iterator,groupmap_t::const_iterator> range=m_groups.equal_range(name);
+
+ time_t now=time(NULL);
+ for (groupmap_t::const_iterator i=range.first; i!=range.second; i++)
+ if (now < i->second->getValidUntilEpoch())
+ return i->second;
+
+ if (!strict && range.first!=range.second)
+ return range.first->second;
+
+ return NULL;
+}
+
+const EntitiesDescriptor* FilesystemMetadataProvider::lookupGroup(const XMLCh* name, bool strict) const
+{
+ auto_ptr_char temp(name);
+ return lookupGroup(temp.get(),strict);
+}
+
+const EntityDescriptor* FilesystemMetadataProvider::lookup(const char* name, bool strict) const
+{
+ pair<sitemap_t::const_iterator,sitemap_t::const_iterator> range=m_sites.equal_range(name);
+
+ time_t now=time(NULL);
+ for (sitemap_t::const_iterator i=range.first; i!=range.second; i++)
+ if (now < i->second->getValidUntilEpoch())
+ return i->second;
+
+ if (!strict && range.first!=range.second)
+ return range.first->second;
+
+ return NULL;
+}
+
+const EntityDescriptor* FilesystemMetadataProvider::lookup(const XMLCh* name, bool strict) const
+{
+ auto_ptr_char temp(name);
+ return lookup(temp.get(),strict);
+}
#include <xmltooling/io/AbstractXMLObjectMarshaller.h>
#include <xmltooling/io/AbstractXMLObjectUnmarshaller.h>
#include <xmltooling/util/XMLHelper.h>
-#include <xmltooling/validation/AbstractValidatingXMLObject.h>
#include <ctime>
#include <xercesc/util/XMLUniDefs.hpp>
public AbstractSimpleElement,
public AbstractChildlessElement,
public AbstractDOMCachingXMLObject,
- public AbstractValidatingXMLObject,
public AbstractXMLObjectMarshaller,
public AbstractXMLObjectUnmarshaller
{
}
localizedNameTypeImpl(const localizedNameTypeImpl& src)
- : AbstractXMLObject(src), AbstractSimpleElement(src),
- AbstractDOMCachingXMLObject(src), AbstractValidatingXMLObject(src) {
+ : AbstractXMLObject(src), AbstractSimpleElement(src), AbstractDOMCachingXMLObject(src) {
init();
setLang(src.getLang());
}
public AbstractSimpleElement,
public AbstractChildlessElement,
public AbstractDOMCachingXMLObject,
- public AbstractValidatingXMLObject,
public AbstractXMLObjectMarshaller,
public AbstractXMLObjectUnmarshaller
{
}
localizedURITypeImpl(const localizedURITypeImpl& src)
- : AbstractXMLObject(src), AbstractSimpleElement(src),
- AbstractDOMCachingXMLObject(src), AbstractValidatingXMLObject(src) {
+ : AbstractXMLObject(src), AbstractSimpleElement(src), AbstractDOMCachingXMLObject(src) {
init();
setLang(src.getLang());
}
};
class SAML_DLLLOCAL ExtensionsImpl : public virtual Extensions,
- public AbstractDOMCachingXMLObject,
public AbstractElementProxy,
- public AbstractValidatingXMLObject,
+ public AbstractDOMCachingXMLObject,
public AbstractXMLObjectMarshaller,
public AbstractXMLObjectUnmarshaller
{
}
ExtensionsImpl(const ExtensionsImpl& src)
- : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src), AbstractElementProxy(src),
- AbstractValidatingXMLObject(src) {
+ : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src), AbstractElementProxy(src) {
for (list<XMLObject*>::const_iterator i=src.m_children.begin(); i!=src.m_children.end(); i++) {
if (*i) {
getXMLObjects().push_back((*i)->clone());
public AbstractComplexElement,
public AbstractAttributeExtensibleXMLObject,
public AbstractDOMCachingXMLObject,
- public AbstractValidatingXMLObject,
public AbstractXMLObjectMarshaller,
public AbstractXMLObjectUnmarshaller
{
}
OrganizationImpl(const OrganizationImpl& src)
- : AbstractXMLObject(src),
- AbstractAttributeExtensibleXMLObject(src),
- AbstractDOMCachingXMLObject(src),
- AbstractValidatingXMLObject(src) {
+ : AbstractXMLObject(src), AbstractAttributeExtensibleXMLObject(src), AbstractDOMCachingXMLObject(src) {
init();
if (src.getExtensions())
setExtensions(src.getExtensions()->cloneExtensions());
public AbstractComplexElement,
public AbstractAttributeExtensibleXMLObject,
public AbstractDOMCachingXMLObject,
- public AbstractValidatingXMLObject,
public AbstractXMLObjectMarshaller,
public AbstractXMLObjectUnmarshaller
{
}
ContactPersonImpl(const ContactPersonImpl& src)
- : AbstractXMLObject(src),
- AbstractAttributeExtensibleXMLObject(src),
- AbstractDOMCachingXMLObject(src),
- AbstractValidatingXMLObject(src) {
+ : AbstractXMLObject(src), AbstractAttributeExtensibleXMLObject(src), AbstractDOMCachingXMLObject(src) {
init();
if (src.getExtensions())
setExtensions(src.getExtensions()->cloneExtensions());
public AbstractSimpleElement,
public AbstractChildlessElement,
public AbstractDOMCachingXMLObject,
- public AbstractValidatingXMLObject,
public AbstractXMLObjectMarshaller,
public AbstractXMLObjectUnmarshaller
{
}
AdditionalMetadataLocationImpl(const AdditionalMetadataLocationImpl& src)
- : AbstractXMLObject(src), AbstractSimpleElement(src),
- AbstractDOMCachingXMLObject(src), AbstractValidatingXMLObject(src) {
+ : AbstractXMLObject(src), AbstractSimpleElement(src), AbstractDOMCachingXMLObject(src) {
init();
}
class SAML_DLLLOCAL KeyDescriptorImpl : public virtual KeyDescriptor,
public AbstractComplexElement,
public AbstractDOMCachingXMLObject,
- public AbstractValidatingXMLObject,
public AbstractXMLObjectMarshaller,
public AbstractXMLObjectUnmarshaller
{
init();
}
- KeyDescriptorImpl(const KeyDescriptorImpl& src)
- : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src), AbstractValidatingXMLObject(src) {
+ KeyDescriptorImpl(const KeyDescriptorImpl& src) : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src) {
init();
setUse(src.getUse());
if (src.getKeyInfo())
};
class SAML_DLLLOCAL EndpointTypeImpl : public virtual EndpointType,
- public AbstractDOMCachingXMLObject,
public AbstractElementProxy,
public AbstractAttributeExtensibleXMLObject,
- public AbstractValidatingXMLObject,
+ public AbstractDOMCachingXMLObject,
public AbstractXMLObjectMarshaller,
public AbstractXMLObjectUnmarshaller
{
}
EndpointTypeImpl(const EndpointTypeImpl& src)
- : AbstractXMLObject(src),
- AbstractDOMCachingXMLObject(src),
- AbstractElementProxy(src),
- AbstractAttributeExtensibleXMLObject(src),
- AbstractValidatingXMLObject(src) {
+ : AbstractXMLObject(src), AbstractElementProxy(src),
+ AbstractAttributeExtensibleXMLObject(src), AbstractDOMCachingXMLObject(src) {
setBinding(src.getBinding());
setLocation(src.getLocation());
setResponseLocation(src.getResponseLocation());
public AbstractComplexElement,
public AbstractAttributeExtensibleXMLObject,
public AbstractDOMCachingXMLObject,
- public AbstractValidatingXMLObject,
public AbstractXMLObjectMarshaller,
public AbstractXMLObjectUnmarshaller
{
}
RoleDescriptorImpl(const RoleDescriptorImpl& src)
- : AbstractXMLObject(src),
- AbstractAttributeExtensibleXMLObject(src),
- AbstractDOMCachingXMLObject(src),
- AbstractValidatingXMLObject(src) {
+ : AbstractXMLObject(src), AbstractAttributeExtensibleXMLObject(src), AbstractDOMCachingXMLObject(src) {
init();
setID(src.getID());
setProtocolSupportEnumeration(src.getProtocolSupportEnumeration());
public AbstractComplexElement,
public AbstractAttributeExtensibleXMLObject,
public AbstractDOMCachingXMLObject,
- public AbstractValidatingXMLObject,
public AbstractXMLObjectMarshaller,
public AbstractXMLObjectUnmarshaller
{
}
RequestedAttributeImpl(const RequestedAttributeImpl& src)
- : AbstractXMLObject(src),
- AbstractAttributeExtensibleXMLObject(src),
- AbstractDOMCachingXMLObject(src),
- AbstractValidatingXMLObject(src) {
+ : AbstractXMLObject(src), AbstractAttributeExtensibleXMLObject(src), AbstractDOMCachingXMLObject(src) {
init();
setName(src.getName());
setNameFormat(src.getNameFormat());
class SAML_DLLLOCAL AttributeConsumingServiceImpl : public virtual AttributeConsumingService,
public AbstractComplexElement,
public AbstractDOMCachingXMLObject,
- public AbstractValidatingXMLObject,
public AbstractXMLObjectMarshaller,
public AbstractXMLObjectUnmarshaller
{
}
AttributeConsumingServiceImpl(const AttributeConsumingServiceImpl& src)
- : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src), AbstractValidatingXMLObject(src) {
+ : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src) {
init();
setIndex(src.m_Index);
isDefault(src.m_isDefault);
public AbstractComplexElement,
public AbstractAttributeExtensibleXMLObject,
public AbstractDOMCachingXMLObject,
- public AbstractValidatingXMLObject,
public AbstractXMLObjectMarshaller,
public AbstractXMLObjectUnmarshaller
{
}
AffiliationDescriptorImpl(const AffiliationDescriptorImpl& src)
- : AbstractXMLObject(src),
- AbstractAttributeExtensibleXMLObject(src),
- AbstractDOMCachingXMLObject(src),
- AbstractValidatingXMLObject(src) {
+ : AbstractXMLObject(src), AbstractAttributeExtensibleXMLObject(src), AbstractDOMCachingXMLObject(src) {
init();
setID(src.getID());
setAffiliationOwnerID(src.getAffiliationOwnerID());
public AbstractComplexElement,
public AbstractAttributeExtensibleXMLObject,
public AbstractDOMCachingXMLObject,
- public AbstractValidatingXMLObject,
public AbstractXMLObjectMarshaller,
public AbstractXMLObjectUnmarshaller
{
}
EntityDescriptorImpl(const EntityDescriptorImpl& src)
- : AbstractXMLObject(src),
- AbstractAttributeExtensibleXMLObject(src),
- AbstractDOMCachingXMLObject(src),
- AbstractValidatingXMLObject(src) {
+ : AbstractXMLObject(src), AbstractAttributeExtensibleXMLObject(src), AbstractDOMCachingXMLObject(src) {
init();
setID(src.getID());
setEntityID(src.getEntityID());
public virtual SignableObject,
public AbstractComplexElement,
public AbstractDOMCachingXMLObject,
- public AbstractValidatingXMLObject,
public AbstractXMLObjectMarshaller,
public AbstractXMLObjectUnmarshaller
{
init();
}
- EntitiesDescriptorImpl(const EntitiesDescriptorImpl& src)
- : AbstractXMLObject(src),
- AbstractDOMCachingXMLObject(src),
- AbstractValidatingXMLObject(src) {
+ EntitiesDescriptorImpl(const EntitiesDescriptorImpl& src) : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src) {
init();
setID(src.getID());
setName(src.getName());
--- /dev/null
+/*
+ * Copyright 2001-2006 Internet2
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/**
+ * MetadataProvider.cpp
+ *
+ * Registration of factories for built-in providers
+ */
+
+#include "internal.h"
+#include "saml2/metadata/MetadataProvider.h"
+
+using namespace xmltooling;
+
+namespace opensaml {
+ namespace saml2md {
+ SAML_DLLLOCAL PluginManager<MetadataProvider,const DOMElement*>::Factory FilesystemMetadataProviderFactory;
+ };
+};
+
+void SAML_API opensaml::saml2md::registerMetadataProviders()
+{
+ SAMLConfig::getConfig().MetadataProviderManager.registerFactory(FILESYSTEM_METADATA_PROVIDER, FilesystemMetadataProviderFactory);
+}
virtual ~SignatureProfileValidator() {}\r
\r
void validate(const xmltooling::XMLObject* xmlObject) const;\r
- \r
- SignatureProfileValidator* clone() const {\r
- return new SignatureProfileValidator();\r
- }\r
};\r
\r
};\r
--- /dev/null
+<EntitiesDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" Name="urn:mace:incommon" xsi:schemaLocation="urn:oasis:names:tc:SAML:2.0:metadata sstc-saml-schema-metadata-2.0.xsd urn:mace:shibboleth:metadata:1.0 shibboleth-metadata-1.0.xsd http://www.w3.org/2000/09/xmldsig# xmldsig-core-schema.xsd"><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+<ds:SignedInfo>
+<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments"/>
+<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+<ds:Reference URI="">
+<ds:Transforms>
+<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments"/>
+</ds:Transforms>
+<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+<ds:DigestValue>91oiRc8Bwf+DJq/kO/4vQh723F8=</ds:DigestValue>
+</ds:Reference>
+</ds:SignedInfo>
+<ds:SignatureValue>
+txodSjGrZlegJY9lHLlxfhOpK0v8SGNmFFHPXM9j54gZdbK+N8+4rPEjVCOg33Bk8RZ+OcBQNQQH
+otCvlXEpput84qTDVbe8xIGXzTbRH+45oLV6PQCEvZ4Pd3W/D2BZmI77DLHOlsQFJW2B6Ct98sO6
+qvWi7hStX8qaPnZe3hpDOgdhNpfZh/WiY5VTPsYT/+KHFv1wM3AqIPUKJ/9q6ahD80NlpJzpliE9
+PbEnEiuUKWq255jNBnbl/xR4jN+MhX1pOzxD1x+tDqJLVL+rgoHQZJHoxHzYykRKW4FITRL0ASXZ
+lgKxBy5k/W0hPzm4ntrX3OvpW49S0ys3BlAEWQ==
+</ds:SignatureValue>
+<ds:KeyInfo>
+<ds:X509Data>
+<ds:X509Certificate>
+MIIF2zCCBMOgAwIBAgIBQjANBgkqhkiG9w0BAQUFADBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMT
+SW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRo
+b3JpdHkwHhcNMDYwNDEwMTY1NjM3WhcNMDcwNDEwMTY1NjM3WjBSMQswCQYDVQQGEwJVUzEcMBoG
+A1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjElMCMGA1UEAxMcZmVkb3AuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANAoXZK5/nRuWY+S91CMPsXl
+oDc5vGo8O/xcqkUNUow+C34NlgnZX4zq2BjZ1WTAk3yLaF00qYOK18R0LMpHjYmEbtvtNrjEvtaZ
+walo83TyRNKHfqvBG3bxOkoYpo8jZ9MkHxskCgjXWLnPu+TCB7GiDgBLQ2VEk/UneKHlNc0Y1drB
+r1HfiRR73lAIUXNG/iRGXyBLqvyyFPasZv/oBWmsJZqI2T8jlmdSZbMG66yWGMp9dKoJyb44fYGV
+lyo5j8arxyiXAEz4QIdoFhmm1k1wSQnJDHtYaxwpf72wywps9P6GLqGkg8z+sxPWEgP8QqZWhwNJ
+qAtVbNh+TDkBpXsCAwEAAaOCArYwggKyMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0G
+A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQU5ij9YLU5zQ6K75kPgVpyQ2N/
+lPswfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJBgNVBAYTAlVTMRww
+GgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0
+aW9uIEF1dGhvcml0eYIBADCBugYIKwYBBQUHAQEEga0wgaowgacGCCsGAQUFBzAChoGaaHR0cDov
+L2luY29tbW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRz
+LnA3YgoJCUNBIElzc3VlcnMgLSBVUkk6aHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7hjlo
+dHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmww
+P6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVj
+cmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9p
+bmNvbW1vbmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAnBgNVHREEIDAe
+ghxmZWRvcC5pbmNvbW1vbmZlZGVyYXRpb24ub3JnMA0GCSqGSIb3DQEBBQUAA4IBAQDNwpH5FdVi
+qXKwN51xRQhSabH04DIFo9tnGWA/U2MOH1Gwh2Vt0JzlxZ5gZrsUM9gQBMLmifjxB29rY2xnhhjW
+FJhoTsI2F2KPav6W5Eqykq3yDV06oqNq0N0yMtB+og2yCIIZFvEG0wTKyv2n3bZqNaXz9r808b7p
+v/OVPW4HnmUtfFDg8q7C4Y2wbWqBYINkOi4lVbKzi2Sk5nVohuRGBja7eTYlpBP3nF+E/xb49JxQ
+AErc8wFZhJJdKNBnGWKOxelxC4nwda+g3mcc2T6REM0OUU7ArAlOdXW1eYNtflZe1G4qJ+6lTbpx
+8unyNnbIxDshbno8FbG0gIXOQ/4s
+</ds:X509Certificate>
+<ds:X509Certificate>
+MIIFmjCCBIKgAwIBAgIBADANBgkqhkiG9w0BAQUFADBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMT
+SW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRo
+b3JpdHkwHhcNMDQwMzMwMjAzNDAwWhcNMTQwMzI5MjAzNDAwWjBWMQswCQYDVQQGEwJVUzEcMBoG
+A1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlv
+biBBdXRob3JpdHkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRGjKsUM2QAupLAaWx
+82/CWPalKjKFY8UPmz0T3gf7tJPztTy1Zq8pD0WFRLcQeSBKZGCu8upe8X966b6TZ5yuoUDA754I
+f0DWismuHNoMgRR/l0UvZmPWDGRWd3NBTB8/soLA4EbqFf5Xq8MOJKhPtzcDR33gtaAb3oilZ+ZT
+pnhTFFrn/qXrAKcSDBpuW2JRpi3xaF/hTPI097oUShOzD1Zj21UYLA6iSFVN+1wlfwilf2KFNK/+
+zbkCge6wgipZyXxaOAam6ncqmkxy+hy/OiJMmdB+6xkO0xXSBUUcqxJrOcUQhA1vntgb3q5zOJIS
+XhC4RAReA0HyBp/wd0iDAgMBAAGjggJxMIICbTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUw
+AwEB/zAdBgNVHQ4EFgQUky3IYRitY+ObZbOd3Y2TuufKY0UwfgYDVR0jBHcwdYAUky3IYRitY+Ob
+ZbOd3Y2TuufKY0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0
+aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBugYIKwYB
+BQUHAQEEga0wgaowgacGCCsGAQUFBzAChoGaaHR0cDovL2luY29tbW9uY2ExLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YgoJCUNBIElzc3VlcnMgLSBVUkk6
+aHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2Nh
+LWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNy
+bDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysG
+AQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvcHJhY3RpY2VzLnBkZjANBgkqhkiG9w0BAQUFAAOCAQEAZfgKUPA+Ky+Ou/vclMlF
+TMlUGspfbNSdG/fmIq+E/Lv1d2c73Am1zGhOpxgdkM8SE+BPnXW2rl71/N8gaqwgBBxkpwn410si
+umxlDTwV3HoVFvCGWylNy9o8OE1LyTCqfo8PRwrMzhwcagDgD813BIyjuJg/JQz1LnHMocIW/Jli
+gloSIzF1O435/+ckfWXQsmBIhvV5TmA3ZrcycrI1cHGEZqrCXL0FMZLSr+Vady/tFbVojqI8pSub
+SMxNkZectePTBjVj1Qeb4hmG8jRv/fwy1Iw6OFH8RKny8nQaO5mOe/fF/swEsMVU9TDpvLIgbhTw
+nP7Nhfotgaxf5wG8WA==
+</ds:X509Certificate>
+</ds:X509Data>
+</ds:KeyInfo></ds:Signature>
+ <Extensions>
+ <shibmd:KeyAuthority xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" VerifyDepth="5">
+ <!-- InCommon CA -->
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIFmjCCBIKgAwIBAgIBADANBgkqhkiG9w0BAQUFADBWMQswCQYDVQQGEwJVUzEc
+MBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMgSW5Db21tb24g
+Q2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDQwMzMwMjAzNDAwWhcNMTQwMzI5
+MjAzNDAwWjBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJh
+dGlvbjEpMCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkw
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRGjKsUM2QAupLAaWx82/C
+WPalKjKFY8UPmz0T3gf7tJPztTy1Zq8pD0WFRLcQeSBKZGCu8upe8X966b6TZ5yu
+oUDA754If0DWismuHNoMgRR/l0UvZmPWDGRWd3NBTB8/soLA4EbqFf5Xq8MOJKhP
+tzcDR33gtaAb3oilZ+ZTpnhTFFrn/qXrAKcSDBpuW2JRpi3xaF/hTPI097oUShOz
+D1Zj21UYLA6iSFVN+1wlfwilf2KFNK/+zbkCge6wgipZyXxaOAam6ncqmkxy+hy/
+OiJMmdB+6xkO0xXSBUUcqxJrOcUQhA1vntgb3q5zOJISXhC4RAReA0HyBp/wd0iD
+AgMBAAGjggJxMIICbTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAd
+BgNVHQ4EFgQUky3IYRitY+ObZbOd3Y2TuufKY0UwfgYDVR0jBHcwdYAUky3IYRit
+Y+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNv
+bW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9u
+IEF1dGhvcml0eYIBADCBugYIKwYBBQUHAQEEga0wgaowgacGCCsGAQUFBzAChoGa
+aHR0cDovL2luY29tbW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdl
+L2NlcnRzL2NhLWNlcnRzLnA3YgoJCUNBIElzc3VlcnMgLSBVUkk6aHR0cDovL2lu
+Y29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2Nh
+LWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25j
+cmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuG
+OWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwv
+ZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUH
+AgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJh
+Y3RpY2VzLnBkZjANBgkqhkiG9w0BAQUFAAOCAQEAZfgKUPA+Ky+Ou/vclMlFTMlU
+GspfbNSdG/fmIq+E/Lv1d2c73Am1zGhOpxgdkM8SE+BPnXW2rl71/N8gaqwgBBxk
+pwn410siumxlDTwV3HoVFvCGWylNy9o8OE1LyTCqfo8PRwrMzhwcagDgD813BIyj
+uJg/JQz1LnHMocIW/JligloSIzF1O435/+ckfWXQsmBIhvV5TmA3ZrcycrI1cHGE
+ZqrCXL0FMZLSr+Vady/tFbVojqI8pSubSMxNkZectePTBjVj1Qeb4hmG8jRv/fwy
+1Iw6OFH8RKny8nQaO5mOe/fF/swEsMVU9TDpvLIgbhTwnP7Nhfotgaxf5wG8WA==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </shibmd:KeyAuthority>
+ </Extensions>
+
+<EntityDescriptor entityID="urn:mace:incommon:internet2.edu">
+ <IDPSSODescriptor errorURL="https://origin.internet2.edu/error.html" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">internet2.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>origin.internet2.edu</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://origin.internet2.edu/shibboleth/HS"/>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">internet2.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>origin.internet2.edu</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://origin.internet2.edu:8443/shibboleth/AA"/>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Internet2</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Internet2</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en"/>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>IJ Kim</GivenName>
+ <EmailAddress>ij@internet2.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+ <EntityDescriptor entityID="urn:mace:incommon:dartmouth.edu">
+ <IDPSSODescriptor errorURL="http://giza.dartmouth.edu/shibboleth/error.html" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">dartmouth.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>giza.dartmouth.edu</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://giza.dartmouth.edu/shibboleth/HS"/>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor errorURL="http://giza.dartmouth.edu/shibboleth/error.html" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">dartmouth.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>giza.dartmouth.edu</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://giza.dartmouth.edu:8443/shibboleth/AA"/>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Dartmouth College</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Dartmouth College</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.dartmouth.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Robert Brentrup</GivenName>
+ <EmailAddress>Robert.J.Brentrup@dartmouth.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Robert Brentrup</GivenName>
+ <EmailAddress>Robert.J.Brentrup@dartmouth.edu</EmailAddress>
+ </ContactPerson>
+ </EntityDescriptor>
+ <EntityDescriptor entityID="urn:mace:incommon:rochester.edu">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">rochester.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>shib.its.rochester.edu</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shib.its.rochester.edu/shibboleth/HS"/>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">rochester.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>shib.its.rochester.edu</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shib.its.rochester.edu/shibboleth/AA"/>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Rochester</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Rochester</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.rochester.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Sean Singh</GivenName>
+ <EmailAddress>sean.singh@rochester.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Sean Singh</GivenName>
+ <EmailAddress>sean.singh@rochester.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Charles Yanaitis</GivenName>
+ <EmailAddress>charles.yanaitis@rochester.edu</EmailAddress>
+ </ContactPerson>
+ </EntityDescriptor>
+<EntityDescriptor entityID="urn:mace:incommon:osu.edu">
+ <IDPSSODescriptor errorURL="https://webauth.service.ohio-state.edu/support.html" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">osu.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>webauth.service.ohio-state.edu</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://webauth.service.ohio-state.edu:8443/shibboleth/Artifact" index="1"/>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://webauth.service.ohio-state.edu/shibboleth/SSO"/>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">osu.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>webauth.service.ohio-state.edu</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://webauth.service.ohio-state.edu:8443/shibboleth/AA"/>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">The Ohio State University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">The Ohio State University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.osu.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Scott Cantor</GivenName>
+ <EmailAddress>cantor.2@osu.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Scott Cantor</GivenName>
+ <EmailAddress>cantor.2@osu.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="urn:mace:incommon:uci.edu">
+ <IDPSSODescriptor errorURL="http://shib.nacs.uci.edu/error.html" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">uci.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>shib.nacs.uci.edu</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shib.nacs.uci.edu/shibboleth-idp/Artifact" index="1"/>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shib.nacs.uci.edu/shibboleth-idp/SSO"/>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">uci.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>shib.nacs.uci.edu</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shib.nacs.uci.edu:8443/shibboleth-idp/AA"/>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of California-Irvine</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of California-Irvine</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.uci.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Brian Roode</GivenName>
+ <EmailAddress>bgroode@uci.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Paul Main</GivenName>
+ <EmailAddress>pmain@uci.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+ <EntityDescriptor entityID="urn:mace:incommon:buffalo.edu">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">buffalo.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>shibboleth.buffalo.edu</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shibboleth.buffalo.edu/shibboleth-ext/HS"/>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">buffalo.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>shibboleth.buffalo.edu</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibboleth.buffalo.edu:7443/shibboleth-ext/AA"/>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">The State University of New York at Buffalo</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">The State University of New York at Buffalo</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.buffalo.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Charles Dunn</GivenName>
+ <EmailAddress>chuck@buffalo.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>John A Ball</GivenName>
+ <EmailAddress>auth-support@gory.acsu.buffalo.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Joel W. Murphy</GivenName>
+ <EmailAddress>jmurphy@buffalo.edu</EmailAddress>
+ </ContactPerson>
+ </EntityDescriptor>
+ <EntityDescriptor entityID="urn:mace:incommon:washington.edu">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">washington.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>hs.so.cac.washington.edu</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://hs.so.cac.washington.edu/shibboleth/HS"/>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">washington.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>hs.so.cac.washington.edu</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://aa.so.cac.washington.edu/shibboleth/AA"/>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Washington</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Washington</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.washington.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Nathan Dors</GivenName>
+ <EmailAddress>dors@cac.washington.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Nathan Dors</GivenName>
+ <EmailAddress>pubcookie@cac.washington.edu</EmailAddress>
+ </ContactPerson>
+ </EntityDescriptor>
+ <EntityDescriptor entityID="urn:mace:incommon:cornell.edu">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">cornell.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>shiborigin.cit.cornell.edu</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shiborigin.cit.cornell.edu/shibboleth/HS"/>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">cornell.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>shiborigin.cit.cornell.edu</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shiborigin.cit.cornell.edu:8443/shibboleth/AA"/>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Cornell University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Cornell University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.cornell.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Andrea Beesing</GivenName>
+ <EmailAddress>amb3@cornell.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Steve Edgar</GivenName>
+ <EmailAddress>se10@cornell.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Ron DiNapoli</GivenName>
+ <EmailAddress>rd29@cornell.edu</EmailAddress>
+ </ContactPerson>
+ </EntityDescriptor>
+<EntityDescriptor entityID="urn:mace:incommon:psu.edu">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">psu.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>as1.fim.psu.edu</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://as1.fim.psu.edu/shibboleth-idp/SSO"/>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">psu.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>as1.fim.psu.edu</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://as1.fim.psu.edu:8443/shibboleth-idp/AA"/>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">The Pennsylvania State University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">The Pennsylvania State University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.psu.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Technical Staff</GivenName>
+ <EmailAddress>root@aset.psu.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Kevin Morooney</GivenName>
+ <EmailAddress>kxm@psu.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Mark Miller</GivenName>
+ <EmailAddress>max@psu.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor entityID="urn:mace:incommon:usc.edu">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">usc.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>shib1.usc.edu</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shib1.usc.edu/shibboleth/HS"/>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">usc.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>shib1.usc.edu</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shib1.usc.edu/shibboleth/AA"/>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Southern California</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Southern California</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.usc.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Cecelia E. Henderson</GivenName>
+ <EmailAddress>shelley@usc.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Phil Dibowitz</GivenName>
+ <EmailAddress>phil@usc.edu</EmailAddress>
+ </ContactPerson>
+ </EntityDescriptor>
+ <EntityDescriptor entityID="urn:mace:incommon:ucsd.edu">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">ucsd.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>a4.ucsd.edu</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://a4.ucsd.edu/tritON/HS"/>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">ucsd.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>a4.ucsd.edu</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://a4.ucsd.edu:8443/tritON/AA"/>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of California-San Diego</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of California-San Diego</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ucsd.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Crystal Harris</GivenName>
+ <EmailAddress>crys@ucsd.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Anthony R. Wood</GivenName>
+ <EmailAddress>twood@ucsd.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Anthony R. Wood</GivenName>
+ <EmailAddress>twood@ucsd.edu</EmailAddress>
+ </ContactPerson>
+ </EntityDescriptor>
+ <EntityDescriptor entityID="urn:mace:incommon:ohio.edu">
+ <IDPSSODescriptor errorURL="https://shibboleth.ohio.edu" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">ohio.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>shibboleth.ohio.edu</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shibboleth.ohio.edu/shibboleth/HS"/>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor errorURL="https://shibboleth.ohio.edu" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">ohio.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>shibboleth.ohio.edu</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibboleth.ohio.edu:8443/shibboleth/AA"/>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Ohio University Main Campus</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Ohio University Main Campus</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ohiou.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Todd Acheson</GivenName>
+ <EmailAddress>acheson@ohio.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Vitaliy Shipitsyn</GivenName>
+ <EmailAddress>vshipits@ohio.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>David Alexander</GivenName>
+ <EmailAddress>alexandd@ohio.edu</EmailAddress>
+ </ContactPerson>
+ </EntityDescriptor>
+
+<EntityDescriptor entityID="https://getz.internet2.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>getz.internet2.edu</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://getz.internet2.edu/Shibboleth.sso/SAML/POST" index="0"/>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://getz.internet2.edu/Shibboleth.shire" index="0"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Internet2</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Internet2</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en"/>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>IJ Kim</GivenName>
+ <EmailAddress>ij@internet2.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor entityID="https://www.internet2.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>www.internet2.edu</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://www.internet2.edu/Shibboleth.shire" index="0"/>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://www.internet2.edu/Shibboleth.shire" index="1"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Internet2 Web Site</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Internet2 Web Site</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.internet2.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>IJ Kim</GivenName>
+ <EmailAddress>ij@internet2.edu</EmailAddress>
+ </ContactPerson>
+ </EntityDescriptor>
+ <EntityDescriptor entityID="https://sdauth.sciencedirect.com/">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>sdauth.sciencedirect.com</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://sdauth.sciencedirect.com/SHIRE" index="0"/>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://sdauth-cert3.sciencedirect.com/SHIRE" index="1"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">ScienceDirect</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">ScienceDirect</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.sciencedirect.com/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Chris Shillum</GivenName>
+ <EmailAddress>c.shillum@elsevier.com</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Chris Shillum</GivenName>
+ <EmailAddress>c.shillum@elsevier.com</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Tony Gast</GivenName>
+ <EmailAddress>tony.gast@lexisnexis.com</EmailAddress>
+ </ContactPerson>
+ </EntityDescriptor>
+
+
+<EntityDescriptor entityID="https://wiki.it.ohio-state.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>wiki.it.ohio-state.edu</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://authdev.it.ohio-state.edu/twiki/Shibboleth.sso/SAML/Artifact" index="1" isDefault="true"/>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://wiki.it.ohio-state.edu/twiki/Shibboleth.sso/SAML/POST" index="2"/>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://wiki.it.ohio-state.edu/twiki/Shibboleth.sso/SAML/Artifact" index="3"/>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://authdev.it.ohio-state.edu/twiki/Shibboleth.sso/SAML/POST" index="4"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">The Ohio State University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">The Ohio State University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.osu.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Webauth Technical Support Staff</GivenName>
+ <EmailAddress>webauth-admin@lists.acs.ohio-state.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Webauth Technical Support Staff</GivenName>
+ <EmailAddress>webauth-admin@lists.acs.ohio-state.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+ <EntityDescriptor entityID="http://www.sciencedirect.com/">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>sdauth.sciencedirect.com</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://sdauth.sciencedirect.com/SHIRE" index="0"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">ScienceDirect</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">ScienceDirect</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.sciencedirect.com/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Tony Gast</GivenName>
+ <EmailAddress>tony.gast@lexisnexis.com</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Chris Shillum</GivenName>
+ <EmailAddress>c.shillum@elsevier.com</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Tony Gast</GivenName>
+ <EmailAddress>tony.gast@lexisnexis.com</EmailAddress>
+ </ContactPerson>
+ </EntityDescriptor>
+<EntityDescriptor entityID="https://shib.dev.oclc.org/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>shib.dev.oclc.org</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://shib.dev.oclc.org:2080/Shibboleth.shire" index="1"/>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shib.dev.oclc.org:2443/Shibboleth.shire" index="2"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Online Computer Library Center Inc.</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Online Computer Library Center Inc.</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.oclc.org</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Eva Marie Allen</GivenName>
+ <EmailAddress>allene@oclc.org</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Eva Marie Allen</GivenName>
+ <EmailAddress>allene@oclc.org</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<EntityDescriptor entityID="https://shib.oclc.org/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>shib.oclc.org</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shib.oclc.org:2443/Shibboleth.shire" index="1"/>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://shib.oclc.org:2080/Shibboleth.shire" index="2"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Online Computer Library Center Inc.</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Online Computer Library Center Inc.</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.oclc.org</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Sharon Ramsay</GivenName>
+ <EmailAddress>shibboleth@oclc.org</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Eva Marie Allen</GivenName>
+ <EmailAddress>shibboleth@oclc.org</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Richard Scranton</GivenName>
+ <EmailAddress>shibboleth@oclc.org</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+ <EntityDescriptor entityID="https://shibtest.nac.uci.edu/cgi-bin/printenv">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>shibtest.nac.uci.edu</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shibtest.nac.uci.edu/Shibboleth.shire" index="0"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">UCIs InCommon Demo Resource</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">UCIs InCommon Demo Resource</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.uci.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Paul Main</GivenName>
+ <EmailAddress>pmain@uci.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Brian Roode</GivenName>
+ <EmailAddress>bgroode@uci.edu</EmailAddress>
+ </ContactPerson>
+ </EntityDescriptor>
+
+ <EntityDescriptor entityID="https://share.internet2.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>share.internet2.edu</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://share.internet2.edu/Shibboleth.shire" index="0"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Internet2 Wiki</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Internet2 Wiki</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.internet2.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>IJ Kim</GivenName>
+ <EmailAddress>ij@internet2.edu</EmailAddress>
+ </ContactPerson>
+ </EntityDescriptor>
+<EntityDescriptor entityID="https://www.webassign.net/Shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>www.webassign.net</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://www.webassign.net/Shibboleth.sso" index="0"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">WebAssign</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">WebAssign</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.webassign.net/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Brian Marks</GivenName>
+ <EmailAddress>brian@webassign.net</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="urn:mace:incommon:cornell.edu">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">cornell.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>shiborigin.cit.cornell.edu</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shiborigin.cit.cornell.edu/shibboleth/HS"/>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">cornell.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>shiborigin.cit.cornell.edu</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shiborigin.cit.cornell.edu:8443/shibboleth/AA"/>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Cornell University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Cornell University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.cornell.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Todd Zino</GivenName>
+ <EmailAddress>tcz3@cornell.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Pete Bosanko</GivenName>
+ <EmailAddress>pb10@cornell.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Andrea Beesing</GivenName>
+ <EmailAddress>amb3@cornell.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="urn:mace:incommon:case.edu">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">case.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>shibb.case.edu</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shibb.case.edu/shibboleth/HS"/>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">case.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>shibb.case.edu</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibb.case.edu:8443/shibboleth/AA"/>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Case Western Reserve University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Case Western Reserve University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.cwru.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Jeremy Smith</GivenName>
+ <EmailAddress>jeremy.smith@case.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>David Kovacic</GivenName>
+ <EmailAddress>david.kovacic@case.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://www.e-education.psu.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>www.e-education.psu.edu</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://www.e-education.psu.edu/Shibboleth.sso/SAML/POST" index="1"/>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://www.e-education.psu.edu/Shibboleth.sso/SAML/Artifact" index="2"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">The Pennsylvania State University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">The Pennsylvania State University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.psu.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Jeff Buechler</GivenName>
+ <EmailAddress>jdb11@psu.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Jeff Wolfe</GivenName>
+ <EmailAddress>wolfe@ems.psu.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://angelshibaccept.ais.psu.edu/Shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>angelshibaccept.ais.psu.edu</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://angelshibaccept.ais.psu.edu/Shibboleth/Shibboleth.shire" index="1"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">The Pennsylvania State University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">The Pennsylvania State University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.psu.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Andy Fisher</GivenName>
+ <EmailAddress>anf107@psu.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Terry O'Heron</GivenName>
+ <EmailAddress>tno1@psu.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://shib.cms.psu.edu/Shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>shib.cms.psu.edu</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shib.cms.psu.edu/Shibboleth/Shibboleth.shire" index="1"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">The Pennsylvania State University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">The Pennsylvania State University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.psu.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Andy Fisher</GivenName>
+ <EmailAddress>anf107@psu.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Terry O'Heron</GivenName>
+ <EmailAddress>tno1@psu.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://shib.nacs.uci.edu/cgi-bin/printenv">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>shib.nacs.uci.edu</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shib.nacs.uci.edu/Shibboleth.sso/SAML/POST" index="1"/>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://shib.nacs.uci.edu/Shibboleth.sso/SAML/Artifact" index="2"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of California-Irvine</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of California-Irvine</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.uci.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Paul Main</GivenName>
+ <EmailAddress>pmain@uci.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Brian Roode</GivenName>
+ <EmailAddress>bgroode@uci.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://cms.psu.edu/Shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>cms.psu.edu</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://cms.psu.edu/Shibboleth/Shibboleth.shire" index="1"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">The Pennsylvania State University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">The Pennsylvania State University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.psu.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Andy Fisher</GivenName>
+ <EmailAddress>anf107@psu.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Terry O'Heron</GivenName>
+ <EmailAddress>tno1@psu.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="urn:mace:incommon:ucla.edu">
+ <IDPSSODescriptor errorURL="https://shb.ais.ucla.edu/shibboleth-idp/WAYFerror" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">ucla.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>shb.ais.ucla.edu</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shb.ais.ucla.edu/shibboleth-idp/Artifact" index="1"/>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shb.ais.ucla.edu/shibboleth-idp/SSO"/>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">ucla.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>shb.ais.ucla.edu</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shb.ais.ucla.edu/shibboleth-idp/AA"/>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of California-Los Angeles</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of California-Los Angeles</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ucla.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Datta Mahabalagiri</GivenName>
+ <EmailAddress>datta@ais.ucla.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Albert Wu</GivenName>
+ <EmailAddress>albertwu@ucla.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+</EntitiesDescriptor>
\ No newline at end of file
--- /dev/null
+/*\r
+ * Copyright 2001-2006 Internet2\r
+ * \r
+ * Licensed under the Apache License, Version 2.0 (the "License");\r
+ * you may not use this file except in compliance with the License.\r
+ * You may obtain a copy of the License at\r
+ *\r
+ * http://www.apache.org/licenses/LICENSE-2.0\r
+ *\r
+ * Unless required by applicable law or agreed to in writing, software\r
+ * distributed under the License is distributed on an "AS IS" BASIS,\r
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
+ * See the License for the specific language governing permissions and\r
+ * limitations under the License.\r
+ */\r
+\r
+#include "internal.h"\r
+#include <saml/saml2/metadata/MetadataProvider.h>\r
+\r
+using namespace opensaml::saml2md;\r
+\r
+class FilesystemMetadataProviderTest : public CxxTest::TestSuite, public SAMLObjectBaseTestCase {\r
+ XMLCh* entityID;\r
+ XMLCh* supportedProtocol;\r
+ MetadataProvider* metadataProvider;\r
+\r
+public:\r
+ void setUp() {\r
+ entityID=XMLString::transcode("urn:mace:incommon:washington.edu");\r
+ supportedProtocol=XMLString::transcode("urn:oasis:names:tc:SAML:1.1:protocol");\r
+ \r
+ auto_ptr_XMLCh MP("MetadataProvider");\r
+ auto_ptr_XMLCh path("path");\r
+ auto_ptr_XMLCh validate("validate");\r
+ string s=data_path + "saml2/metadata/InCommon-metadata.xml";\r
+ auto_ptr_XMLCh file(s.c_str());\r
+ DOMDocument* doc=XMLToolingConfig::getConfig().getParser().newDocument();\r
+ XercesJanitor<DOMDocument> janitor(doc);\r
+ DOMElement* root=doc->createElementNS(NULL,MP.get());\r
+ root->setAttributeNS(NULL,path.get(),file.get());\r
+ root->setAttributeNS(NULL,validate.get(),XMLConstants::XML_ZERO);\r
+ metadataProvider = NULL;\r
+ metadataProvider = SAMLConfig::getConfig().MetadataProviderManager.newPlugin(FILESYSTEM_METADATA_PROVIDER,root);\r
+ metadataProvider->init();\r
+ \r
+ SAMLObjectBaseTestCase::setUp();\r
+ }\r
+ \r
+ void tearDown() {\r
+ XMLString::release(&entityID);\r
+ XMLString::release(&supportedProtocol);\r
+ delete metadataProvider;\r
+ SAMLObjectBaseTestCase::tearDown();\r
+ }\r
+\r
+ void testGetEntityDescriptor() {\r
+ Locker locker(metadataProvider);\r
+ const EntityDescriptor* descriptor = metadataProvider->lookup(entityID);\r
+ TSM_ASSERT("Retrieved entity descriptor was null", descriptor!=NULL);\r
+ assertEquals("Entity's ID does not match requested ID", entityID, descriptor->getEntityID());\r
+ }\r
+\r
+};\r
</File>\r
</Filter>\r
</Filter>\r
+ <Filter\r
+ Name="metadata"\r
+ >\r
+ <File\r
+ RelativePath=".\saml2\metadata\FilesystemMetadataProviderTest.cpp"\r
+ >\r
+ </File>\r
+ </Filter>\r
</Filter>\r
</Filter>\r
<Filter\r
</File>\r
</Filter>\r
</Filter>\r
+ <Filter\r
+ Name="metadata"\r
+ >\r
+ <File\r
+ RelativePath=".\saml2\metadata\FilesystemMetadataProviderTest.h"\r
+ >\r
+ <FileConfiguration\r
+ Name="Debug|Win32"\r
+ >\r
+ <Tool\r
+ Name="VCCustomBuildTool"\r
+ CommandLine="\perl\bin\perl.exe -w \cxxtest\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "$(InputDir)$(InputName)".cpp "$(InputPath)""\r
+ Outputs=""$(InputDir)$(InputName)".cpp"\r
+ />\r
+ </FileConfiguration>\r
+ <FileConfiguration\r
+ Name="Release|Win32"\r
+ >\r
+ <Tool\r
+ Name="VCCustomBuildTool"\r
+ CommandLine="\perl\bin\perl.exe -w \cxxtest\cxxtestgen.pl --part --have-eh --have-std --abort-on-fail -o "$(InputDir)$(InputName)".cpp "$(InputPath)""\r
+ Outputs=""$(InputDir)$(InputName)".cpp"\r
+ />\r
+ </FileConfiguration>\r
+ </File>\r
+ </Filter>\r
</Filter>\r
</Filter>\r
<Filter\r
assertEquals(expectedChildElementsDOM, b->buildFromDocument(doc));\r
\r
try {\r
- assertion->getSignature()->registerValidator(new SignatureProfileValidator());\r
- assertion->getSignature()->registerValidator(new SignatureValidator(new KeyResolver(m_key->clone())));\r
- assertion->getSignature()->validate(true);\r
+ SignatureProfileValidator spv;\r
+ SignatureValidator sv(new KeyResolver(m_key->clone()));\r
+ spv.validate(assertion->getSignature());\r
+ sv.validate(assertion->getSignature());\r
}\r
catch (XMLToolingException& e) {\r
TS_TRACE(e.what());\r
assertEquals(expectedChildElementsDOM, b->buildFromDocument(doc));\r
\r
try {\r
- request->getSignature()->registerValidator(new SignatureProfileValidator());\r
- request->getSignature()->registerValidator(new SignatureValidator(new KeyResolver(m_key->clone())));\r
- request->getSignature()->validate(true);\r
+ SignatureProfileValidator spv;\r
+ SignatureValidator sv(new KeyResolver(m_key->clone()));\r
+ spv.validate(request->getSignature());\r
+ sv.validate(request->getSignature());\r
}\r
catch (XMLToolingException& e) {\r
TS_TRACE(e.what());\r
assertEquals(expectedChildElementsDOM, b->buildFromDocument(doc));\r
\r
try {\r
- assertion->getSignature()->registerValidator(new SignatureProfileValidator());\r
- assertion->getSignature()->registerValidator(new SignatureValidator(new KeyResolver(m_key->clone())));\r
- assertion->getSignature()->validate(true);\r
- response->getSignature()->registerValidator(new SignatureProfileValidator());\r
- response->getSignature()->registerValidator(new SignatureValidator(new KeyResolver(m_key->clone())));\r
- response->getSignature()->validate(true);\r
+ SignatureProfileValidator spv;\r
+ spv.validate(assertion->getSignature());\r
+ spv.validate(response->getSignature());\r
+\r
+ SignatureValidator sv(new KeyResolver(m_key->clone()));\r
+ sv.validate(assertion->getSignature());\r
+ sv.validate(response->getSignature());\r
}\r
catch (XMLToolingException& e) {\r
TS_TRACE(e.what());\r
assertEquals(expectedChildElementsDOM, b->buildFromDocument(doc));\r
\r
try {\r
- assertion->getSignature()->registerValidator(new SignatureProfileValidator());\r
- assertion->getSignature()->registerValidator(new SignatureValidator(new KeyResolver(m_key->clone())));\r
- assertion->getSignature()->validate(true);\r
+ SignatureProfileValidator spv;\r
+ SignatureValidator sv(new KeyResolver(m_key->clone()));\r
+ spv.validate(assertion->getSignature());\r
+ sv.validate(assertion->getSignature());\r
}\r
catch (XMLToolingException& e) {\r
TS_TRACE(e.what());\r