Boost changes

author Scott Cantor <cantor.2@osu.edu>

Wed, 14 Dec 2011 09:24:33 +0000 (09:24 +0000)

committer Scott Cantor <cantor.2@osu.edu>

Wed, 14 Dec 2011 09:24:33 +0000 (09:24 +0000)
author Scott Cantor <cantor.2@osu.edu>
Wed, 14 Dec 2011 09:24:33 +0000 (09:24 +0000)
committer Scott Cantor <cantor.2@osu.edu>
Wed, 14 Dec 2011 09:24:33 +0000 (09:24 +0000)
diff --git a/saml/saml1/binding/impl/SAML1ArtifactDecoder.cpp b/saml/saml1/binding/impl/SAML1ArtifactDecoder.cpp

index 0927174..6706a62 100644 (file)
--- a/saml/saml1/binding/impl/SAML1ArtifactDecoder.cpp
+++ b/saml/saml1/binding/impl/SAML1ArtifactDecoder.cpp
@@ -33,6 +33,7 @@
  #include "saml2/metadata/Metadata.h"
  #include "saml2/metadata/MetadataProvider.h"
  
  #include "saml2/metadata/Metadata.h"
  #include "saml2/metadata/MetadataProvider.h"
  
+#include <boost/ptr_container/ptr_vector.hpp>
  #include <xmltooling/logging.h>
  #include <xmltooling/XMLToolingConfig.h>
  #include <xmltooling/io/HTTPRequest.h>
  #include <xmltooling/logging.h>
  #include <xmltooling/XMLToolingConfig.h>
  #include <xmltooling/io/HTTPRequest.h>
@@ -45,6 +46,7 @@ using namespace opensaml;
  using namespace xmltooling::logging;
  using namespace xmltooling;
  using namespace std;
  using namespace xmltooling::logging;
  using namespace xmltooling;
  using namespace std;
+using boost::ptr_vector;
  
  namespace opensaml {
      namespace saml1p {
  
  namespace opensaml {
      namespace saml1p {
@@ -93,7 +95,8 @@ XMLObject* SAML1ArtifactDecoder::decode(
          throw BindingException("Artifact profile requires ArtifactResolver and MetadataProvider implementations be supplied.");
  
      // Import the artifacts.
          throw BindingException("Artifact profile requires ArtifactResolver and MetadataProvider implementations be supplied.");
  
      // Import the artifacts.
-    vector<SAMLArtifact*> artifacts;
+    vector<SAMLArtifact*> artifactptrs; // needed for compatibility with non-Boost API in ArtifactResolver
+    ptr_vector<SAMLArtifact> artifacts;
      for (vector<const char*>::const_iterator raw=SAMLart.begin(); raw!=SAMLart.end(); ++raw) {
          try {
              log.debug("processing encoded artifact (%s)", *raw);
      for (vector<const char*>::const_iterator raw=SAMLart.begin(); raw!=SAMLart.end(); ++raw) {
          try {
              log.debug("processing encoded artifact (%s)", *raw);
@@ -110,21 +113,17 @@ XMLObject* SAML1ArtifactDecoder::decode(
                  log.warn("replay cache was not provided, this is a serious security risk!");
  
              artifacts.push_back(SAMLArtifact::parse(*raw));
                  log.warn("replay cache was not provided, this is a serious security risk!");
  
              artifacts.push_back(SAMLArtifact::parse(*raw));
+            artifactptrs.push_back(&(artifacts.back()));
          }
          catch (ArtifactException&) {
              log.error("error parsing artifact (%s)", *raw);
          }
          catch (ArtifactException&) {
              log.error("error parsing artifact (%s)", *raw);
-            for_each(artifacts.begin(), artifacts.end(), xmltooling::cleanup<SAMLArtifact>());
-            throw;
-        }
-        catch (XMLToolingException&) {
-            for_each(artifacts.begin(), artifacts.end(), xmltooling::cleanup<SAMLArtifact>());
              throw;
          }
      }
  
      log.debug("attempting to determine source of artifact(s)...");
      MetadataProvider::Criteria& mc = policy.getMetadataProviderCriteria();
              throw;
          }
      }
  
      log.debug("attempting to determine source of artifact(s)...");
      MetadataProvider::Criteria& mc = policy.getMetadataProviderCriteria();
-    mc.artifact = artifacts.front();
+    mc.artifact = &(artifacts.front());
      mc.role = policy.getRole();
      mc.protocol = samlconstants::SAML11_PROTOCOL_ENUM;
      mc.protocol2 = samlconstants::SAML10_PROTOCOL_ENUM;
      mc.role = policy.getRole();
      mc.protocol = samlconstants::SAML11_PROTOCOL_ENUM;
      mc.protocol2 = samlconstants::SAML10_PROTOCOL_ENUM;
@@ -132,9 +131,8 @@ XMLObject* SAML1ArtifactDecoder::decode(
      if (!provider.first) {
          log.error(
              "metadata lookup failed, unable to determine issuer of artifact (0x%s)",
      if (!provider.first) {
          log.error(
              "metadata lookup failed, unable to determine issuer of artifact (0x%s)",
-            SAMLArtifact::toHex(artifacts.front()->getBytes()).c_str()
+            SAMLArtifact::toHex(artifacts.front().getBytes()).c_str()
              );
              );
-        for_each(artifacts.begin(), artifacts.end(), xmltooling::cleanup<SAMLArtifact>());
          throw BindingException("Metadata lookup failed, unable to determine artifact issuer");
      }
  
          throw BindingException("Metadata lookup failed, unable to determine artifact issuer");
      }
  
@@ -145,26 +143,18 @@ XMLObject* SAML1ArtifactDecoder::decode(
  
      if (!provider.second || !dynamic_cast<const IDPSSODescriptor*>(provider.second)) {
          log.error("unable to find compatible SAML 1.x role (%s) in metadata", policy.getRole()->toString().c_str());
  
      if (!provider.second || !dynamic_cast<const IDPSSODescriptor*>(provider.second)) {
          log.error("unable to find compatible SAML 1.x role (%s) in metadata", policy.getRole()->toString().c_str());
-        for_each(artifacts.begin(), artifacts.end(), xmltooling::cleanup<SAMLArtifact>());
          throw BindingException("Unable to find compatible metadata role for artifact issuer.");
      }
      // Set Issuer for the policy.
      policy.setIssuer(provider.first->getEntityID());
      policy.setIssuerMetadata(provider.second);
  
          throw BindingException("Unable to find compatible metadata role for artifact issuer.");
      }
      // Set Issuer for the policy.
      policy.setIssuer(provider.first->getEntityID());
      policy.setIssuerMetadata(provider.second);
  
-    try {
-        log.debug("calling ArtifactResolver...");
-        auto_ptr<Response> response(
-            m_artifactResolver->resolve(artifacts, dynamic_cast<const IDPSSODescriptor&>(*provider.second), policy)
-            );
+    log.debug("calling ArtifactResolver...");
+    auto_ptr<Response> response(
+        m_artifactResolver->resolve(artifactptrs, dynamic_cast<const IDPSSODescriptor&>(*provider.second), policy)
+        );
  
  
-        // The policy should be enforced against the Response by the resolve step.
+    // The policy should be enforced against the Response by the resolve step.
  
  
-        for_each(artifacts.begin(), artifacts.end(), xmltooling::cleanup<SAMLArtifact>());
-        return response.release();
-    }
-    catch (XMLToolingException&) {
-        for_each(artifacts.begin(), artifacts.end(), xmltooling::cleanup<SAMLArtifact>());
-        throw;
-    }
+    return response.release();
  }
  }
diff --git a/saml/saml1/profile/impl/AssertionValidator.cpp b/saml/saml1/profile/impl/AssertionValidator.cpp

index ff00b8f..11e5b99 100644 (file)
--- a/saml/saml1/profile/impl/AssertionValidator.cpp
+++ b/saml/saml1/profile/impl/AssertionValidator.cpp
@@ -28,6 +28,7 @@
  #include "saml1/core/Assertions.h"
  #include "saml1/profile/AssertionValidator.h"
  
  #include "saml1/core/Assertions.h"
  #include "saml1/profile/AssertionValidator.h"
  
+#include <boost/bind.hpp>
  #include <xmltooling/logging.h>
  #include <xmltooling/XMLToolingConfig.h>
  #include <xmltooling/util/NDC.h>
  #include <xmltooling/logging.h>
  #include <xmltooling/XMLToolingConfig.h>
  #include <xmltooling/util/NDC.h>
@@ -35,6 +36,7 @@
  using namespace opensaml::saml1;
  using namespace xmltooling::logging;
  using namespace xmltooling;
  using namespace opensaml::saml1;
  using namespace xmltooling::logging;
  using namespace xmltooling;
+using namespace boost;
  using namespace std;
  
  AssertionValidator::AssertionValidator(const XMLCh* recipient, const vector<const XMLCh*>* audiences, time_t ts)
  using namespace std;
  
  AssertionValidator::AssertionValidator(const XMLCh* recipient, const vector<const XMLCh*>* audiences, time_t ts)
@@ -78,16 +80,13 @@ void AssertionValidator::validateAssertion(const Assertion& assertion) const
      // Now we process conditions, starting with the known types and then extensions.
  
      const vector<AudienceRestrictionCondition*>& acvec = conds->getAudienceRestrictionConditions();
      // Now we process conditions, starting with the known types and then extensions.
  
      const vector<AudienceRestrictionCondition*>& acvec = conds->getAudienceRestrictionConditions();
-    for (vector<AudienceRestrictionCondition*>::const_iterator ac = acvec.begin(); ac!=acvec.end(); ++ac)
-        validateCondition(*ac);
+    for_each(acvec.begin(), acvec.end(), boost::bind(&AssertionValidator::validateCondition, this, _1));
  
      const vector<DoNotCacheCondition*>& dncvec = conds->getDoNotCacheConditions();
  
      const vector<DoNotCacheCondition*>& dncvec = conds->getDoNotCacheConditions();
-    for (vector<DoNotCacheCondition*>::const_iterator dnc = dncvec.begin(); dnc!=dncvec.end(); ++dnc) 
-        validateCondition(*dnc);
+    for_each(dncvec.begin(), dncvec.end(), boost::bind(&AssertionValidator::validateCondition, this, _1));
  
      const vector<Condition*>& convec = conds->getConditions();
  
      const vector<Condition*>& convec = conds->getConditions();
-    for (vector<Condition*>::const_iterator c = convec.begin(); c!=convec.end(); ++c)
-        validateCondition(*c);
+    for_each(convec.begin(), convec.end(), boost::bind(&AssertionValidator::validateCondition, this, _1));
  }
  
  void AssertionValidator::validateCondition(const Condition* c) const
  }
  
  void AssertionValidator::validateCondition(const Condition* c) const
diff --git a/saml/saml2/binding/impl/SAML2ArtifactDecoder.cpp b/saml/saml2/binding/impl/SAML2ArtifactDecoder.cpp

index 336ddab..dafe381 100644 (file)
--- a/saml/saml2/binding/impl/SAML2ArtifactDecoder.cpp
+++ b/saml/saml2/binding/impl/SAML2ArtifactDecoder.cpp
@@ -95,7 +95,7 @@ XMLObject* SAML2ArtifactDecoder::decode(
          throw BindingException("Artifact binding requires ArtifactResolver and MetadataProvider implementations be supplied.");
  
      // Import the artifact.
          throw BindingException("Artifact binding requires ArtifactResolver and MetadataProvider implementations be supplied.");
  
      // Import the artifact.
-    SAMLArtifact* artifact=nullptr;
+    auto_ptr<SAMLArtifact> artifact;
      try {
          log.debug("processing encoded artifact (%s)", SAMLart);
  
      try {
          log.debug("processing encoded artifact (%s)", SAMLart);
  
@@ -110,7 +110,7 @@ XMLObject* SAML2ArtifactDecoder::decode(
          else
              log.warn("replay cache was not provided, this is a serious security risk!");
  
          else
              log.warn("replay cache was not provided, this is a serious security risk!");
  
-        artifact = SAMLArtifact::parse(SAMLart);
+        artifact.reset(SAMLArtifact::parse(SAMLart));
      }
      catch (ArtifactException&) {
          log.error("error parsing artifact (%s)", SAMLart);
      }
      catch (ArtifactException&) {
          log.error("error parsing artifact (%s)", SAMLart);
@@ -118,16 +118,15 @@ XMLObject* SAML2ArtifactDecoder::decode(
      }
  
      // Check the type.
      }
  
      // Check the type.
-    auto_ptr<SAML2Artifact> artifact2(dynamic_cast<SAML2Artifact*>(artifact));
-    if (!artifact2.get()) {
-        delete artifact;
+    SAML2Artifact* artifact2 = dynamic_cast<SAML2Artifact*>(artifact.get());
+    if (!artifact2) {
          log.error("wrong artifact type");
          throw BindingException("Artifact binding requires SAML 2.0 artifact.");
      }
  
      log.debug("attempting to determine source of artifact...");
      MetadataProvider::Criteria& mc = policy.getMetadataProviderCriteria();
          log.error("wrong artifact type");
          throw BindingException("Artifact binding requires SAML 2.0 artifact.");
      }
  
      log.debug("attempting to determine source of artifact...");
      MetadataProvider::Criteria& mc = policy.getMetadataProviderCriteria();
-    mc.artifact = artifact;
+    mc.artifact = artifact.get();
      mc.role = policy.getRole();
      mc.protocol = samlconstants::SAML20P_NS;
      pair<const EntityDescriptor*,const RoleDescriptor*> provider=policy.getMetadataProvider()->getEntityDescriptor(mc);
      mc.role = policy.getRole();
      mc.protocol = samlconstants::SAML20P_NS;
      pair<const EntityDescriptor*,const RoleDescriptor*> provider=policy.getMetadataProvider()->getEntityDescriptor(mc);
@@ -154,7 +153,7 @@ XMLObject* SAML2ArtifactDecoder::decode(
  
      log.debug("calling ArtifactResolver...");
      auto_ptr<ArtifactResponse> response(
  
      log.debug("calling ArtifactResolver...");
      auto_ptr<ArtifactResponse> response(
-        m_artifactResolver->resolve(*(artifact2.get()), dynamic_cast<const SSODescriptorType&>(*provider.second), policy)
+        m_artifactResolver->resolve(*artifact2, dynamic_cast<const SSODescriptorType&>(*provider.second), policy)
          );
  
      // The policy should be enforced against the ArtifactResponse by the resolve step.
          );
  
      // The policy should be enforced against the ArtifactResponse by the resolve step.
diff --git a/saml/saml2/binding/impl/SAML2ECPEncoder.cpp b/saml/saml2/binding/impl/SAML2ECPEncoder.cpp

index f2e8d19..cd9ac82 100644 (file)
--- a/saml/saml2/binding/impl/SAML2ECPEncoder.cpp
+++ b/saml/saml2/binding/impl/SAML2ECPEncoder.cpp
@@ -59,13 +59,12 @@ namespace opensaml {
          {
          public:
              SAML2ECPEncoder(const DOMElement* e, const XMLCh* ns) : m_actor("http://schemas.xmlsoap.org/soap/actor/next"),
          {
          public:
              SAML2ECPEncoder(const DOMElement* e, const XMLCh* ns) : m_actor("http://schemas.xmlsoap.org/soap/actor/next"),
-                    m_providerName(e ? e->getAttributeNS(ns, ProviderName) : nullptr), m_idpList(nullptr) {
+                    m_providerName(e ? e->getAttributeNS(ns, ProviderName) : nullptr) {
                  DOMElement* child = e ? XMLHelper::getFirstChildElement(e, SAML20P_NS, IDPList::LOCAL_NAME) : nullptr;
                  if (child)
                  DOMElement* child = e ? XMLHelper::getFirstChildElement(e, SAML20P_NS, IDPList::LOCAL_NAME) : nullptr;
                  if (child)
-                    m_idpList = dynamic_cast<IDPList*>(XMLObjectBuilder::buildOneFromElement(child));
+                    m_idpList.reset(dynamic_cast<IDPList*>(XMLObjectBuilder::buildOneFromElement(child)));
              }
              virtual ~SAML2ECPEncoder() {
              }
              virtual ~SAML2ECPEncoder() {
-                delete m_idpList;
              }
  
              const XMLCh* getProtocolFamily() const {
              }
  
              const XMLCh* getProtocolFamily() const {
@@ -87,7 +86,7 @@ namespace opensaml {
          private:
              auto_ptr_XMLCh m_actor;
              const XMLCh* m_providerName;
          private:
              auto_ptr_XMLCh m_actor;
              const XMLCh* m_providerName;
-            IDPList* m_idpList;
+            auto_ptr<IDPList> m_idpList;
              AnyElementBuilder m_anyBuilder;
          };
  
              AnyElementBuilder m_anyBuilder;
          };
  
@@ -176,7 +175,7 @@ long SAML2ECPEncoder::encode(
          hdrblock->getUnknownXMLObjects().push_back(request->getIssuer()->clone());
          if (request->getScoping() && request->getScoping()->getIDPList())
              hdrblock->getUnknownXMLObjects().push_back(request->getScoping()->getIDPList()->clone());
          hdrblock->getUnknownXMLObjects().push_back(request->getIssuer()->clone());
          if (request->getScoping() && request->getScoping()->getIDPList())
              hdrblock->getUnknownXMLObjects().push_back(request->getScoping()->getIDPList()->clone());
-        else if (m_idpList)
+        else if (m_idpList.get())
              hdrblock->getUnknownXMLObjects().push_back(m_idpList->clone());
          header->getUnknownXMLObjects().push_back(hdrblock);
      }
              hdrblock->getUnknownXMLObjects().push_back(m_idpList->clone());
          header->getUnknownXMLObjects().push_back(hdrblock);
      }
diff --git a/saml/saml2/metadata/AbstractMetadataProvider.h b/saml/saml2/metadata/AbstractMetadataProvider.h

index 8e256cd..0fe617d 100644 (file)
--- a/saml/saml2/metadata/AbstractMetadataProvider.h
+++ b/saml/saml2/metadata/AbstractMetadataProvider.h
@@ -151,7 +151,8 @@ namespace opensaml {
              mutable sitemap_t m_sources;
              mutable groupmap_t m_groups;
  
              mutable sitemap_t m_sources;
              mutable groupmap_t m_groups;
  
-            mutable xmltooling::Mutex* m_credentialLock;
+            std::auto_ptr<xmltooling::KeyInfoResolver> m_resolverWrapper;
+            std::auto_ptr<xmltooling::Mutex> m_credentialLock;
              typedef std::map< const RoleDescriptor*, std::vector<xmltooling::Credential*> > credmap_t;
              mutable credmap_t m_credentialMap;
              const credmap_t::mapped_type& resolveCredentials(const RoleDescriptor& role) const;
              typedef std::map< const RoleDescriptor*, std::vector<xmltooling::Credential*> > credmap_t;
              mutable credmap_t m_credentialMap;
              const credmap_t::mapped_type& resolveCredentials(const RoleDescriptor& role) const;
diff --git a/saml/saml2/metadata/DiscoverableMetadataProvider.h b/saml/saml2/metadata/DiscoverableMetadataProvider.h

index a8f4e7b..2086705 100644 (file)
--- a/saml/saml2/metadata/DiscoverableMetadataProvider.h
+++ b/saml/saml2/metadata/DiscoverableMetadataProvider.h
@@ -94,8 +94,8 @@ namespace opensaml {
              mutable std::string m_feedTag;
  
          private:
              mutable std::string m_feedTag;
  
          private:
-            void disco(std::string& s, const EntityDescriptor* entity, bool& first) const;
-            void disco(std::string& s, const EntitiesDescriptor* group, bool& first) const;
+            void discoEntity(std::string& s, const EntityDescriptor* entity, bool& first) const;
+            void discoGroup(std::string& s, const EntitiesDescriptor* group, bool& first) const;
  
              bool m_legacyOrgNames;
          };
  
              bool m_legacyOrgNames;
          };
diff --git a/saml/saml2/metadata/impl/AbstractMetadataProvider.cpp b/saml/saml2/metadata/impl/AbstractMetadataProvider.cpp

index 9dd9bc4..d97f5ef 100644 (file)
--- a/saml/saml2/metadata/impl/AbstractMetadataProvider.cpp
+++ b/saml/saml2/metadata/impl/AbstractMetadataProvider.cpp
@@ -31,6 +31,10 @@
  #include "saml2/metadata/MetadataCredentialContext.h"
  #include "saml2/metadata/MetadataCredentialCriteria.h"
  
  #include "saml2/metadata/MetadataCredentialContext.h"
  #include "saml2/metadata/MetadataCredentialCriteria.h"
  
+#include <boost/iterator/indirect_iterator.hpp>
+#include <boost/lambda/bind.hpp>
+#include <boost/lambda/if.hpp>
+#include <boost/lambda/lambda.hpp>
  #include <xercesc/util/XMLUniDefs.hpp>
  #include <xmltooling/logging.h>
  #include <xmltooling/XMLToolingConfig.h>
  #include <xercesc/util/XMLUniDefs.hpp>
  #include <xmltooling/logging.h>
  #include <xmltooling/XMLToolingConfig.h>
@@ -44,32 +48,34 @@
  using namespace opensaml::saml2md;
  using namespace xmltooling::logging;
  using namespace xmltooling;
  using namespace opensaml::saml2md;
  using namespace xmltooling::logging;
  using namespace xmltooling;
+using namespace boost::lambda;
+using namespace boost;
  using namespace std;
  using opensaml::SAMLArtifact;
  
  static const XMLCh _KeyInfoResolver[] = UNICODE_LITERAL_15(K,e,y,I,n,f,o,R,e,s,o,l,v,e,r);
  using namespace std;
  using opensaml::SAMLArtifact;
  
  static const XMLCh _KeyInfoResolver[] = UNICODE_LITERAL_15(K,e,y,I,n,f,o,R,e,s,o,l,v,e,r);
-static const XMLCh type[] =             UNICODE_LITERAL_4(t,y,p,e);
+static const XMLCh _type[] =            UNICODE_LITERAL_4(t,y,p,e);
  
  AbstractMetadataProvider::AbstractMetadataProvider(const DOMElement* e)
  
  AbstractMetadataProvider::AbstractMetadataProvider(const DOMElement* e)
-    : ObservableMetadataProvider(e), m_lastUpdate(0),  m_resolver(nullptr), m_credentialLock(nullptr)
+    : ObservableMetadataProvider(e), m_lastUpdate(0),  m_resolver(nullptr), m_credentialLock(Mutex::create())
  {
      e = XMLHelper::getFirstChildElement(e, _KeyInfoResolver);
      if (e) {
  {
      e = XMLHelper::getFirstChildElement(e, _KeyInfoResolver);
      if (e) {
-        string t = XMLHelper::getAttrString(e, nullptr, type);
-        if (!t.empty())
-            m_resolver = XMLToolingConfig::getConfig().KeyInfoResolverManager.newPlugin(t.c_str(), e);
-        else
+        string t = XMLHelper::getAttrString(e, nullptr, _type);
+        if (!t.empty()) {
+            m_resolverWrapper.reset(XMLToolingConfig::getConfig().KeyInfoResolverManager.newPlugin(t.c_str(), e));
+            m_resolver = m_resolverWrapper.get();
+        }
+        else {
              throw UnknownExtensionException("<KeyInfoResolver> element found with no type attribute");
              throw UnknownExtensionException("<KeyInfoResolver> element found with no type attribute");
+        }
      }
      }
-    m_credentialLock = Mutex::create();
  }
  
  AbstractMetadataProvider::~AbstractMetadataProvider()
  {
      for (credmap_t::iterator c = m_credentialMap.begin(); c!=m_credentialMap.end(); ++c)
          for_each(c->second.begin(), c->second.end(), xmltooling::cleanup<Credential>());
  }
  
  AbstractMetadataProvider::~AbstractMetadataProvider()
  {
      for (credmap_t::iterator c = m_credentialMap.begin(); c!=m_credentialMap.end(); ++c)
          for_each(c->second.begin(), c->second.end(), xmltooling::cleanup<Credential>());
-    delete m_credentialLock;
-    delete m_resolver;
  }
  
  void AbstractMetadataProvider::outputStatus(ostream& os) const
  }
  
  void AbstractMetadataProvider::outputStatus(ostream& os) const
@@ -109,9 +115,21 @@ void AbstractMetadataProvider::indexEntity(EntityDescriptor* site, time_t& valid
      auto_ptr_char id(site->getEntityID());
      if (id.get()) {
          if (replace) {
      auto_ptr_char id(site->getEntityID());
      if (id.get()) {
          if (replace) {
-            m_sites.erase(id.get());
+            // The data structure here needs work.
+            // We have to find all the sites stored against the replaced ID. Then we have to
+            // search for those sites in the entire set of sites tracked by the sources map and
+            // remove them from both places.
+            set<const EntityDescriptor*> existingSites;
+            pair<sitemap_t::const_iterator,sitemap_t::const_iterator> existingRange = m_sites.equal_range(id.get());
+            static pair<set<const EntityDescriptor*>::iterator,bool> (set<const EntityDescriptor*>::* ins)(const EntityDescriptor* const &) =
+                &set<const EntityDescriptor*>::insert;
+            for_each(
+                existingRange.first, existingRange.second,
+                lambda::bind(ins, boost::ref(existingSites), lambda::bind(&sitemap_t::value_type::second, _1))
+                );
+            m_sites.erase(existingRange.first, existingRange.second);
              for (sitemap_t::iterator s = m_sources.begin(); s != m_sources.end();) {
              for (sitemap_t::iterator s = m_sources.begin(); s != m_sources.end();) {
-                if (s->second == site) {
+                if (existingSites.count(s->second) > 0) {
                      sitemap_t::iterator temp = s;
                      ++s;
                      m_sources.erase(temp);
                      sitemap_t::iterator temp = s;
                      ++s;
                      m_sources.erase(temp);
@@ -298,12 +316,15 @@ const Credential* AbstractMetadataProvider::resolve(const CredentialCriteria* cr
      if (!metacrit)
          throw MetadataException("Cannot resolve credentials without a MetadataCredentialCriteria object.");
  
      if (!metacrit)
          throw MetadataException("Cannot resolve credentials without a MetadataCredentialCriteria object.");
  
-    Lock lock(m_credentialLock);
+    Lock lock(m_credentialLock.get());
      const credmap_t::mapped_type& creds = resolveCredentials(metacrit->getRole());
  
      const credmap_t::mapped_type& creds = resolveCredentials(metacrit->getRole());
  
-    for (credmap_t::mapped_type::const_iterator c = creds.begin(); c!=creds.end(); ++c)
-        if (metacrit->matches(*(*c)))
-            return *c;
+    // Indirect iterator derefs the pointers in the vector to pass to the matches() method by reference.
+    credmap_t::mapped_type::const_iterator c = find_if(
+        creds.begin(), creds.end(), lambda::bind(&CredentialCriteria::matches, metacrit, boost::ref(*_1))
+        );
+    if (c != creds.end())
+        return *c;
      return nullptr;
  }
  
      return nullptr;
  }
  
@@ -315,27 +336,32 @@ vector<const Credential*>::size_type AbstractMetadataProvider::resolve(
      if (!metacrit)
          throw MetadataException("Cannot resolve credentials without a MetadataCredentialCriteria object.");
  
      if (!metacrit)
          throw MetadataException("Cannot resolve credentials without a MetadataCredentialCriteria object.");
  
-    Lock lock(m_credentialLock);
+    Lock lock(m_credentialLock.get());
      const credmap_t::mapped_type& creds = resolveCredentials(metacrit->getRole());
  
      const credmap_t::mapped_type& creds = resolveCredentials(metacrit->getRole());
  
-    for (credmap_t::mapped_type::const_iterator c = creds.begin(); c!=creds.end(); ++c)
-        if (metacrit->matches(*(*c)))
-            results.push_back(*c);
+    // Add matching creds to results array.
+    static void (vector<const Credential*>::* push_back)(const Credential* const &) = &vector<const Credential*>::push_back;
+    for_each(
+        creds.begin(), creds.end(),
+        if_(lambda::bind(&CredentialCriteria::matches, metacrit, boost::ref(*_1)))[lambda::bind(push_back, boost::ref(results), _1)]
+        );
+    
      return results.size();
  }
  
  const AbstractMetadataProvider::credmap_t::mapped_type& AbstractMetadataProvider::resolveCredentials(const RoleDescriptor& role) const
  {
      credmap_t::const_iterator i = m_credentialMap.find(&role);
      return results.size();
  }
  
  const AbstractMetadataProvider::credmap_t::mapped_type& AbstractMetadataProvider::resolveCredentials(const RoleDescriptor& role) const
  {
      credmap_t::const_iterator i = m_credentialMap.find(&role);
-    if (i!=m_credentialMap.end())
+    if (i != m_credentialMap.end())
          return i->second;
  
      const KeyInfoResolver* resolver = m_resolver ? m_resolver : XMLToolingConfig::getConfig().getKeyInfoResolver();
      const vector<KeyDescriptor*>& keys = role.getKeyDescriptors();
      AbstractMetadataProvider::credmap_t::mapped_type& resolved = m_credentialMap[&role];
          return i->second;
  
      const KeyInfoResolver* resolver = m_resolver ? m_resolver : XMLToolingConfig::getConfig().getKeyInfoResolver();
      const vector<KeyDescriptor*>& keys = role.getKeyDescriptors();
      AbstractMetadataProvider::credmap_t::mapped_type& resolved = m_credentialMap[&role];
-    for (vector<KeyDescriptor*>::const_iterator k = keys.begin(); k!=keys.end(); ++k) {
-        if ((*k)->getKeyInfo()) {
-            auto_ptr<MetadataCredentialContext> mcc(new MetadataCredentialContext(*(*k)));
+    for (indirect_iterator<vector<KeyDescriptor*>::const_iterator> k = make_indirect_iterator(keys.begin());
+            k != make_indirect_iterator(keys.end()); ++k) {
+        if (k->getKeyInfo()) {
+            auto_ptr<MetadataCredentialContext> mcc(new MetadataCredentialContext(*k));
              Credential* c = resolver->resolve(mcc.get());
              mcc.release();
              resolved.push_back(c);
              Credential* c = resolver->resolve(mcc.get());
              mcc.release();
              resolved.push_back(c);
diff --git a/saml/saml2/metadata/impl/BlacklistMetadataFilter.cpp b/saml/saml2/metadata/impl/BlacklistMetadataFilter.cpp

index 12907bb..283047c 100644 (file)
--- a/saml/saml2/metadata/impl/BlacklistMetadataFilter.cpp
+++ b/saml/saml2/metadata/impl/BlacklistMetadataFilter.cpp
@@ -75,7 +75,7 @@ BlacklistMetadataFilter::BlacklistMetadataFilter(const DOMElement* e)
      e = XMLHelper::getFirstChildElement(e);
      while (e) {
          if (XMLString::equals(e->getLocalName(), Exclude) && e->hasChildNodes()) {
      e = XMLHelper::getFirstChildElement(e);
      while (e) {
          if (XMLString::equals(e->getLocalName(), Exclude) && e->hasChildNodes()) {
-            m_set.insert(e->getFirstChild()->getNodeValue());
+            m_set.insert(e->getFirstChild()->getTextContent());
          }
          e = XMLHelper::getNextSiblingElement(e);
      }
          }
          e = XMLHelper::getNextSiblingElement(e);
      }
@@ -94,7 +94,7 @@ void BlacklistMetadataFilter::doFilter(XMLObject& xmlObject) const
          doFilter(entities);
          return;
      }
          doFilter(entities);
          return;
      }
-    catch (bad_cast) {
+    catch (bad_cast&) {
      }
  
      try {
      }
  
      try {
@@ -103,7 +103,7 @@ void BlacklistMetadataFilter::doFilter(XMLObject& xmlObject) const
              throw MetadataFilterException("BlacklistMetadataFilter instructed to filter the root/only entity in the metadata.");
          return;
      }
              throw MetadataFilterException("BlacklistMetadataFilter instructed to filter the root/only entity in the metadata.");
          return;
      }
-    catch (bad_cast) {
+    catch (bad_cast&) {
      }
       
      throw MetadataFilterException("BlacklistMetadataFilter was given an improper metadata instance to filter.");
      }
       
      throw MetadataFilterException("BlacklistMetadataFilter was given an improper metadata instance to filter.");
diff --git a/saml/saml2/metadata/impl/ChainingMetadataProvider.cpp b/saml/saml2/metadata/impl/ChainingMetadataProvider.cpp

index 5bb1f50..067e6ff 100644 (file)
--- a/saml/saml2/metadata/impl/ChainingMetadataProvider.cpp
+++ b/saml/saml2/metadata/impl/ChainingMetadataProvider.cpp
@@ -34,6 +34,8 @@
  
  #include <memory>
  #include <functional>
  
  #include <memory>
  #include <functional>
+#include <boost/bind.hpp>
+#include <boost/ptr_container/ptr_vector.hpp>
  #include <xercesc/util/XMLUniDefs.hpp>
  #include <xmltooling/logging.h>
  #include <xmltooling/util/Threads.h>
  #include <xercesc/util/XMLUniDefs.hpp>
  #include <xmltooling/logging.h>
  #include <xmltooling/util/Threads.h>
@@ -45,6 +47,7 @@ using namespace opensaml;
  using namespace xmlsignature;
  using namespace xmltooling::logging;
  using namespace xmltooling;
  using namespace xmlsignature;
  using namespace xmltooling::logging;
  using namespace xmltooling;
+using namespace boost;
  using namespace std;
  
  namespace opensaml {
  using namespace std;
  
  namespace opensaml {
@@ -74,7 +77,7 @@ namespace opensaml {
              vector<const Credential*>::size_type resolve(vector<const Credential*>& results, const CredentialCriteria* criteria=nullptr) const;
  
              string getCacheTag() const {
              vector<const Credential*>::size_type resolve(vector<const Credential*>& results, const CredentialCriteria* criteria=nullptr) const;
  
              string getCacheTag() const {
-                Lock lock(m_trackerLock);
+                Lock lock(m_trackerLock.get());
                  return m_feedTag;
              }
  
                  return m_feedTag;
              }
  
@@ -82,8 +85,8 @@ namespace opensaml {
                  if (wrapArray)
                      os << '[';
                  // Lock each provider in turn and suck in its feed.
                  if (wrapArray)
                      os << '[';
                  // Lock each provider in turn and suck in its feed.
-                for (vector<MetadataProvider*>::const_iterator m = m_providers.begin(); m != m_providers.end(); ++m) {
-                    DiscoverableMetadataProvider* d = dynamic_cast<DiscoverableMetadataProvider*>(*m);
+                for (ptr_vector<MetadataProvider>::iterator m = m_providers.begin(); m != m_providers.end(); ++m) {
+                    DiscoverableMetadataProvider* d = dynamic_cast<DiscoverableMetadataProvider*>(&(*m));
                      if (d) {
                          Locker locker(d);
                          d->outputFeed(os, first, false);
                      if (d) {
                          Locker locker(d);
                          d->outputFeed(os, first, false);
@@ -95,7 +98,7 @@ namespace opensaml {
  
              void onEvent(const ObservableMetadataProvider& provider) const {
                  // Reset the cache tag for the feed.
  
              void onEvent(const ObservableMetadataProvider& provider) const {
                  // Reset the cache tag for the feed.
-                Lock lock(m_trackerLock);
+                Lock lock(m_trackerLock.get());
                  SAMLConfig::getConfig().generateRandomBytes(m_feedTag, 4);
                  m_feedTag = SAMLArtifact::toHex(m_feedTag);
                  emitChangeEvent();
                  SAMLConfig::getConfig().generateRandomBytes(m_feedTag, 4);
                  m_feedTag = SAMLArtifact::toHex(m_feedTag);
                  emitChangeEvent();
@@ -108,9 +111,9 @@ namespace opensaml {
  
          private:
              bool m_firstMatch;
  
          private:
              bool m_firstMatch;
-            mutable Mutex* m_trackerLock;
-            ThreadKey* m_tlsKey;
-            vector<MetadataProvider*> m_providers;
+            auto_ptr<Mutex> m_trackerLock;
+            auto_ptr<ThreadKey> m_tlsKey;
+            mutable ptr_vector<MetadataProvider> m_providers;
              mutable set<tracker_t*> m_trackers;
              static void tracker_cleanup(void*);
              Category& m_log;
              mutable set<tracker_t*> m_trackers;
              static void tracker_cleanup(void*);
              Category& m_log;
@@ -119,7 +122,7 @@ namespace opensaml {
  
          struct SAML_DLLLOCAL tracker_t {
              tracker_t(const ChainingMetadataProvider* m) : m_metadata(m) {
  
          struct SAML_DLLLOCAL tracker_t {
              tracker_t(const ChainingMetadataProvider* m) : m_metadata(m) {
-                Lock lock(m_metadata->m_trackerLock);
+                Lock lock(m_metadata->m_trackerLock.get());
                  m_metadata->m_trackers.insert(this);
              }
  
                  m_metadata->m_trackers.insert(this);
              }
  
@@ -166,14 +169,14 @@ void ChainingMetadataProvider::tracker_cleanup(void* ptr)
      if (ptr) {
          // free the tracker after removing it from the parent plugin's tracker set
          tracker_t* t = reinterpret_cast<tracker_t*>(ptr);
      if (ptr) {
          // free the tracker after removing it from the parent plugin's tracker set
          tracker_t* t = reinterpret_cast<tracker_t*>(ptr);
-        Lock lock(t->m_metadata->m_trackerLock);
+        Lock lock(t->m_metadata->m_trackerLock.get());
          t->m_metadata->m_trackers.erase(t);
          delete t;
      }
  }
  
  ChainingMetadataProvider::ChainingMetadataProvider(const DOMElement* e)
          t->m_metadata->m_trackers.erase(t);
          delete t;
      }
  }
  
  ChainingMetadataProvider::ChainingMetadataProvider(const DOMElement* e)
-    : ObservableMetadataProvider(e), m_firstMatch(true), m_trackerLock(nullptr), m_tlsKey(nullptr),
+    : ObservableMetadataProvider(e), m_firstMatch(true), m_trackerLock(Mutex::create()), m_tlsKey(ThreadKey::create(tracker_cleanup)),
          m_log(Category::getInstance(SAML_LOGCAT".Metadata.Chaining"))
  {
      if (XMLString::equals(e ? e->getAttributeNS(nullptr, precedence) : nullptr, last))
          m_log(Category::getInstance(SAML_LOGCAT".Metadata.Chaining"))
  {
      if (XMLString::equals(e ? e->getAttributeNS(nullptr, precedence) : nullptr, last))
@@ -198,23 +201,18 @@ ChainingMetadataProvider::ChainingMetadataProvider(const DOMElement* e)
          }
          e = XMLHelper::getNextSiblingElement(e, _MetadataProvider);
      }
          }
          e = XMLHelper::getNextSiblingElement(e, _MetadataProvider);
      }
-    m_trackerLock = Mutex::create();
-    m_tlsKey = ThreadKey::create(tracker_cleanup);
  }
  
  ChainingMetadataProvider::~ChainingMetadataProvider()
  {
  }
  
  ChainingMetadataProvider::~ChainingMetadataProvider()
  {
-    delete m_tlsKey;
-    delete m_trackerLock;
      for_each(m_trackers.begin(), m_trackers.end(), xmltooling::cleanup<tracker_t>());
      for_each(m_trackers.begin(), m_trackers.end(), xmltooling::cleanup<tracker_t>());
-    for_each(m_providers.begin(), m_providers.end(), xmltooling::cleanup<MetadataProvider>());
  }
  
  void ChainingMetadataProvider::init()
  {
  }
  
  void ChainingMetadataProvider::init()
  {
-    for (vector<MetadataProvider*>::const_iterator i=m_providers.begin(); i!=m_providers.end(); ++i) {
+    for (ptr_vector<MetadataProvider>::iterator i = m_providers.begin(); i != m_providers.end(); ++i) {
          try {
          try {
-            (*i)->init();
+            i->init();
          }
          catch (exception& ex) {
              m_log.crit("failure initializing MetadataProvider: %s", ex.what());
          }
          catch (exception& ex) {
              m_log.crit("failure initializing MetadataProvider: %s", ex.what());
@@ -228,9 +226,7 @@ void ChainingMetadataProvider::init()
  
  void ChainingMetadataProvider::outputStatus(ostream& os) const
  {
  
  void ChainingMetadataProvider::outputStatus(ostream& os) const
  {
-    for (vector<MetadataProvider*>::const_iterator i=m_providers.begin(); i!=m_providers.end(); ++i) {
-        (*i)->outputStatus(os);
-    }
+    for_each(m_providers.begin(), m_providers.end(), boost::bind(&MetadataProvider::outputStatus, _1, boost::ref(os)));
  }
  
  Lockable* ChainingMetadataProvider::lock()
  }
  
  Lockable* ChainingMetadataProvider::lock()
@@ -244,7 +240,7 @@ void ChainingMetadataProvider::unlock()
      void* ptr=m_tlsKey->getData();
      if (ptr) {
          tracker_t* t = reinterpret_cast<tracker_t*>(ptr);
      void* ptr=m_tlsKey->getData();
      if (ptr) {
          tracker_t* t = reinterpret_cast<tracker_t*>(ptr);
-        for_each(t->m_locked.begin(), t->m_locked.end(), mem_fun<void,Lockable>(&Lockable::unlock));
+        for_each(t->m_locked.begin(), t->m_locked.end(), mem_fun(&Lockable::unlock));
          t->m_locked.clear();
          t->m_objectMap.clear();
      }
          t->m_locked.clear();
          t->m_objectMap.clear();
      }
@@ -271,13 +267,13 @@ const EntitiesDescriptor* ChainingMetadataProvider::getEntitiesDescriptor(const
      MetadataProvider* held = nullptr;
      const EntitiesDescriptor* ret = nullptr;
      const EntitiesDescriptor* cur = nullptr;
      MetadataProvider* held = nullptr;
      const EntitiesDescriptor* ret = nullptr;
      const EntitiesDescriptor* cur = nullptr;
-    for (vector<MetadataProvider*>::const_iterator i=m_providers.begin(); i!=m_providers.end(); ++i) {
-        tracker->lock_if(*i);
-        if (cur=(*i)->getEntitiesDescriptor(name,requireValidMetadata)) {
+    for (ptr_vector<MetadataProvider>::iterator i = m_providers.begin(); i != m_providers.end(); ++i) {
+        tracker->lock_if(&(*i));
+        if (cur=i->getEntitiesDescriptor(name,requireValidMetadata)) {
              // Are we using a first match policy?
              if (m_firstMatch) {
                  // Save locked provider.
              // Are we using a first match policy?
              if (m_firstMatch) {
                  // Save locked provider.
-                tracker->remember(*i);
+                tracker->remember(&(*i));
                  return cur;
              }
  
                  return cur;
              }
  
@@ -288,12 +284,12 @@ const EntitiesDescriptor* ChainingMetadataProvider::getEntitiesDescriptor(const
              }
  
              // Save off the latest match.
              }
  
              // Save off the latest match.
-            held = *i;
+            held = &(*i);
              ret = cur;
          }
          else {
              // No match, so just unlock this one and move on.
              ret = cur;
          }
          else {
              // No match, so just unlock this one and move on.
-            tracker->unlock_if(*i);
+            tracker->unlock_if(&(*i));
          }
      }
  
          }
      }
  
@@ -320,9 +316,9 @@ pair<const EntityDescriptor*,const RoleDescriptor*> ChainingMetadataProvider::ge
      MetadataProvider* held = nullptr;
      pair<const EntityDescriptor*,const RoleDescriptor*> ret = pair<const EntityDescriptor*,const RoleDescriptor*>(nullptr,nullptr);
      pair<const EntityDescriptor*,const RoleDescriptor*> cur = ret;
      MetadataProvider* held = nullptr;
      pair<const EntityDescriptor*,const RoleDescriptor*> ret = pair<const EntityDescriptor*,const RoleDescriptor*>(nullptr,nullptr);
      pair<const EntityDescriptor*,const RoleDescriptor*> cur = ret;
-    for (vector<MetadataProvider*>::const_iterator i=m_providers.begin(); i!=m_providers.end(); ++i) {
-        tracker->lock_if(*i);
-        cur = (*i)->getEntityDescriptor(criteria);
+    for (ptr_vector<MetadataProvider>::iterator i = m_providers.begin(); i != m_providers.end(); ++i) {
+        tracker->lock_if(&(*i));
+        cur = i->getEntityDescriptor(criteria);
          if (cur.first) {
              if (criteria.role) {
                  // We want a role also. Did we find one?
          if (cur.first) {
              if (criteria.role) {
                  // We want a role also. Did we find one?
@@ -333,7 +329,7 @@ pair<const EntityDescriptor*,const RoleDescriptor*> ChainingMetadataProvider::ge
                          if (held)
                              tracker->unlock_if(held);
                          // Save locked provider and role mapping.
                          if (held)
                              tracker->unlock_if(held);
                          // Save locked provider and role mapping.
-                        tracker->remember(*i, cur.first);
+                        tracker->remember(&(*i), cur.first);
                          return cur;
                      }
  
                          return cur;
                      }
  
@@ -359,7 +355,7 @@ pair<const EntityDescriptor*,const RoleDescriptor*> ChainingMetadataProvider::ge
                      }
  
                      // Save off the latest match.
                      }
  
                      // Save off the latest match.
-                    held = *i;
+                    held = &(*i);
                      ret = cur;
                  }
                  else {
                      ret = cur;
                  }
                  else {
@@ -367,13 +363,13 @@ pair<const EntityDescriptor*,const RoleDescriptor*> ChainingMetadataProvider::ge
                      // but save this one if we didn't have the role yet.
                      if (ret.second) {
                          // We already had a role, so let's stick with that.
                      // but save this one if we didn't have the role yet.
                      if (ret.second) {
                          // We already had a role, so let's stick with that.
-                        tracker->unlock_if(*i);
+                        tracker->unlock_if(&(*i));
                      }
                      else {
                          // This is at least as good, so toss anything we had and keep it.
                          if (held)
                              tracker->unlock_if(held);
                      }
                      else {
                          // This is at least as good, so toss anything we had and keep it.
                          if (held)
                              tracker->unlock_if(held);
-                        held = *i;
+                        held = &(*i);
                          ret = cur;
                      }
                  }
                          ret = cur;
                      }
                  }
@@ -386,7 +382,7 @@ pair<const EntityDescriptor*,const RoleDescriptor*> ChainingMetadataProvider::ge
                          tracker->unlock_if(held);
                      
                      // Save locked provider.
                          tracker->unlock_if(held);
                      
                      // Save locked provider.
-                    tracker->remember(*i, cur.first);
+                    tracker->remember(&(*i), cur.first);
                      return cur;
                  }
  
                      return cur;
                  }
  
@@ -407,13 +403,13 @@ pair<const EntityDescriptor*,const RoleDescriptor*> ChainingMetadataProvider::ge
                  }
  
                  // Save off the latest match.
                  }
  
                  // Save off the latest match.
-                held = *i;
+                held = &(*i);
                  ret = cur;
              }
          }
          else {
              // No match, so just unlock this one and move on.
                  ret = cur;
              }
          }
          else {
              // No match, so just unlock this one and move on.
-            tracker->unlock_if(*i);
+            tracker->unlock_if(&(*i));
          }
      }
  
          }
      }
  
diff --git a/saml/saml2/metadata/impl/DiscoverableMetadataProvider.cpp b/saml/saml2/metadata/impl/DiscoverableMetadataProvider.cpp

index ce5950b..275f351 100644 (file)
--- a/saml/saml2/metadata/impl/DiscoverableMetadataProvider.cpp
+++ b/saml/saml2/metadata/impl/DiscoverableMetadataProvider.cpp
@@ -31,11 +31,14 @@
  
  #include <fstream>
  #include <sstream>
  
  #include <fstream>
  #include <sstream>
+#include <boost/bind.hpp>
+#include <boost/iterator/indirect_iterator.hpp>
  #include <xmltooling/logging.h>
  #include <xmltooling/XMLToolingConfig.h>
  
  using namespace opensaml::saml2md;
  using namespace xmltooling;
  #include <xmltooling/logging.h>
  #include <xmltooling/XMLToolingConfig.h>
  
  using namespace opensaml::saml2md;
  using namespace xmltooling;
+using namespace boost;
  using namespace std;
  
  DiscoverableMetadataProvider::DiscoverableMetadataProvider(const DOMElement* e) : MetadataProvider(e), m_legacyOrgNames(false)
  using namespace std;
  
  DiscoverableMetadataProvider::DiscoverableMetadataProvider(const DOMElement* e) : MetadataProvider(e), m_legacyOrgNames(false)
@@ -53,8 +56,8 @@ void DiscoverableMetadataProvider::generateFeed()
      m_feed.erase();
      bool first = true;
      const XMLObject* object = getMetadata();
      m_feed.erase();
      bool first = true;
      const XMLObject* object = getMetadata();
-    disco(m_feed, dynamic_cast<const EntitiesDescriptor*>(object), first);
-    disco(m_feed, dynamic_cast<const EntityDescriptor*>(object), first);
+    discoGroup(m_feed, dynamic_cast<const EntitiesDescriptor*>(object), first);
+    discoEntity(m_feed, dynamic_cast<const EntityDescriptor*>(object), first);
  
      SAMLConfig::getConfig().generateRandomBytes(m_feedTag, 4);
      m_feedTag = SAMLArtifact::toHex(m_feedTag);
  
      SAMLConfig::getConfig().generateRandomBytes(m_feedTag, 4);
      m_feedTag = SAMLArtifact::toHex(m_feedTag);
@@ -111,7 +114,7 @@ static string& json_safe(string& s, const char* buf)
      return s;
  }
  
      return s;
  }
  
-void DiscoverableMetadataProvider::disco(string& s, const EntityDescriptor* entity, bool& first) const
+void DiscoverableMetadataProvider::discoEntity(string& s, const EntityDescriptor* entity, bool& first) const
  {
      time_t now = time(nullptr);
      if (entity && entity->isValid(now)) {
  {
      time_t now = time(nullptr);
      if (entity && entity->isValid(now)) {
@@ -127,9 +130,10 @@ void DiscoverableMetadataProvider::disco(string& s, const EntityDescriptor* enti
              json_safe(s, entityid.get());
              s += '\"';
              bool extFound = false;
              json_safe(s, entityid.get());
              s += '\"';
              bool extFound = false;
-            for (vector<IDPSSODescriptor*>::const_iterator idp = idps.begin(); !extFound && idp != idps.end(); ++idp) {
-                if ((*idp)->isValid(now) && (*idp)->getExtensions()) {
-                    const vector<XMLObject*>& exts =  const_cast<const Extensions*>((*idp)->getExtensions())->getUnknownXMLObjects();
+            for (indirect_iterator<vector<IDPSSODescriptor*>::const_iterator> idp = make_indirect_iterator(idps.begin());
+                    !extFound && idp != make_indirect_iterator(idps.end()); ++idp) {
+                if (idp->isValid(now) && idp->getExtensions()) {
+                    const vector<XMLObject*>& exts =  const_cast<const Extensions*>(idp->getExtensions())->getUnknownXMLObjects();
                      for (vector<XMLObject*>::const_iterator ext = exts.begin(); !extFound && ext != exts.end(); ++ext) {
                          const UIInfo* info = dynamic_cast<UIInfo*>(*ext);
                          if (info) {
                      for (vector<XMLObject*>::const_iterator ext = exts.begin(); !extFound && ext != exts.end(); ++ext) {
                          const UIInfo* info = dynamic_cast<UIInfo*>(*ext);
                          if (info) {
@@ -137,11 +141,12 @@ void DiscoverableMetadataProvider::disco(string& s, const EntityDescriptor* enti
                              const vector<DisplayName*>& dispnames = info->getDisplayNames();
                              if (!dispnames.empty()) {
                                  s += ",\n \"DisplayNames\": [";
                              const vector<DisplayName*>& dispnames = info->getDisplayNames();
                              if (!dispnames.empty()) {
                                  s += ",\n \"DisplayNames\": [";
-                                for (vector<DisplayName*>::const_iterator dispname = dispnames.begin(); dispname != dispnames.end(); ++dispname) {
-                                    if (dispname != dispnames.begin())
+                                for (indirect_iterator<vector<DisplayName*>::const_iterator> dispname = make_indirect_iterator(dispnames.begin());
+                                        dispname != make_indirect_iterator(dispnames.end()); ++dispname) {
+                                    if (dispname.base() != dispnames.begin())
                                          s += ',';
                                          s += ',';
-                                    auto_arrayptr<char> val(toUTF8((*dispname)->getName()));
-                                    auto_ptr_char lang((*dispname)->getLang());
+                                    auto_arrayptr<char> val(toUTF8(dispname->getName()));
+                                    auto_ptr_char lang(dispname->getLang());
                                      s += "\n  {\n  \"value\": \"";
                                      json_safe(s, val.get());
                                      s += "\",\n  \"lang\": \"";
                                      s += "\n  {\n  \"value\": \"";
                                      json_safe(s, val.get());
                                      s += "\",\n  \"lang\": \"";
@@ -154,11 +159,12 @@ void DiscoverableMetadataProvider::disco(string& s, const EntityDescriptor* enti
                              const vector<Description*>& descs = info->getDescriptions();
                              if (!descs.empty()) {
                                  s += ",\n \"Descriptions\": [";
                              const vector<Description*>& descs = info->getDescriptions();
                              if (!descs.empty()) {
                                  s += ",\n \"Descriptions\": [";
-                                for (vector<Description*>::const_iterator desc = descs.begin(); desc != descs.end(); ++desc) {
-                                    if (desc != descs.begin())
+                                for (indirect_iterator<vector<Description*>::const_iterator> desc = make_indirect_iterator(descs.begin());
+                                        desc != make_indirect_iterator(descs.end()); ++desc) {
+                                    if (desc.base() != descs.begin())
                                          s += ',';
                                          s += ',';
-                                    auto_arrayptr<char> val(toUTF8((*desc)->getDescription()));
-                                    auto_ptr_char lang((*desc)->getLang());
+                                    auto_arrayptr<char> val(toUTF8(desc->getDescription()));
+                                    auto_ptr_char lang(desc->getLang());
                                      s += "\n  {\n  \"value\": \"";
                                      json_safe(s, val.get());
                                      s += "\",\n  \"lang\": \"";
                                      s += "\n  {\n  \"value\": \"";
                                      json_safe(s, val.get());
                                      s += "\",\n  \"lang\": \"";
@@ -171,11 +177,12 @@ void DiscoverableMetadataProvider::disco(string& s, const EntityDescriptor* enti
                              const vector<Keywords*>& keywords = info->getKeywordss();
                              if (!keywords.empty()) {
                                  s += ",\n \"Keywords\": [";
                              const vector<Keywords*>& keywords = info->getKeywordss();
                              if (!keywords.empty()) {
                                  s += ",\n \"Keywords\": [";
-                                for (vector<Keywords*>::const_iterator words = keywords.begin(); words != keywords.end(); ++words) {
-                                    if (words != keywords.begin())
+                                for (indirect_iterator<vector<Keywords*>::const_iterator> words = make_indirect_iterator(keywords.begin());
+                                        words != make_indirect_iterator(keywords.end()); ++words) {
+                                    if (words.base() != keywords.begin())
                                          s += ',';
                                          s += ',';
-                                    auto_arrayptr<char> val(toUTF8((*words)->getValues()));
-                                    auto_ptr_char lang((*words)->getLang());
+                                    auto_arrayptr<char> val(toUTF8(words->getValues()));
+                                    auto_ptr_char lang(words->getLang());
                                      s += "\n  {\n  \"value\": \"";
                                      json_safe(s, val.get());
                                      s += "\",\n  \"lang\": \"";
                                      s += "\n  {\n  \"value\": \"";
                                      json_safe(s, val.get());
                                      s += "\",\n  \"lang\": \"";
@@ -188,11 +195,12 @@ void DiscoverableMetadataProvider::disco(string& s, const EntityDescriptor* enti
                              const vector<InformationURL*>& infurls = info->getInformationURLs();
                              if (!infurls.empty()) {
                                  s += ",\n \"InformationURLs\": [";
                              const vector<InformationURL*>& infurls = info->getInformationURLs();
                              if (!infurls.empty()) {
                                  s += ",\n \"InformationURLs\": [";
-                                for (vector<InformationURL*>::const_iterator infurl = infurls.begin(); infurl != infurls.end(); ++infurl) {
-                                    if (infurl != infurls.begin())
+                                for (indirect_iterator<vector<InformationURL*>::const_iterator> infurl = make_indirect_iterator(infurls.begin());
+                                        infurl != make_indirect_iterator(infurls.end()); ++infurl) {
+                                    if (infurl.base() != infurls.begin())
                                          s += ',';
                                          s += ',';
-                                    auto_ptr_char val((*infurl)->getURL());
-                                    auto_ptr_char lang((*infurl)->getLang());
+                                    auto_ptr_char val(infurl->getURL());
+                                    auto_ptr_char lang(infurl->getLang());
                                      s += "\n  {\n  \"value\": \"";
                                      json_safe(s, val.get());
                                      s += "\",\n  \"lang\": \"";
                                      s += "\n  {\n  \"value\": \"";
                                      json_safe(s, val.get());
                                      s += "\",\n  \"lang\": \"";
@@ -205,11 +213,12 @@ void DiscoverableMetadataProvider::disco(string& s, const EntityDescriptor* enti
                              const vector<PrivacyStatementURL*>& privs = info->getPrivacyStatementURLs();
                              if (!privs.empty()) {
                                  s += ",\n \"PrivacyStatementURLs\": [";
                              const vector<PrivacyStatementURL*>& privs = info->getPrivacyStatementURLs();
                              if (!privs.empty()) {
                                  s += ",\n \"PrivacyStatementURLs\": [";
-                                for (vector<PrivacyStatementURL*>::const_iterator priv = privs.begin(); priv != privs.end(); ++priv) {
-                                    if (priv != privs.begin())
+                                for (indirect_iterator<vector<PrivacyStatementURL*>::const_iterator> priv = make_indirect_iterator(privs.begin());
+                                        priv != make_indirect_iterator(privs.end()); ++priv) {
+                                    if (priv.base() != privs.begin())
                                          s += ',';
                                          s += ',';
-                                    auto_ptr_char val((*priv)->getURL());
-                                    auto_ptr_char lang((*priv)->getLang());
+                                    auto_ptr_char val(priv->getURL());
+                                    auto_ptr_char lang(priv->getLang());
                                      s += "\n  {\n  \"value\": \"";
                                      json_safe(s, val.get());
                                      s += "\",\n  \"lang\": \"";
                                      s += "\n  {\n  \"value\": \"";
                                      json_safe(s, val.get());
                                      s += "\",\n  \"lang\": \"";
@@ -222,24 +231,25 @@ void DiscoverableMetadataProvider::disco(string& s, const EntityDescriptor* enti
                              const vector<Logo*>& logos = info->getLogos();
                              if (!logos.empty()) {
                                  s += ",\n \"Logos\": [";
                              const vector<Logo*>& logos = info->getLogos();
                              if (!logos.empty()) {
                                  s += ",\n \"Logos\": [";
-                                for (vector<Logo*>::const_iterator logo = logos.begin(); logo != logos.end(); ++logo) {
-                                    if (logo != logos.begin())
+                                for (indirect_iterator<vector<Logo*>::const_iterator> logo = make_indirect_iterator(logos.begin());
+                                        logo != make_indirect_iterator(logos.end()); ++logo) {
+                                    if (logo.base() != logos.begin())
                                          s += ',';
                                      s += "\n  {\n";
                                          s += ',';
                                      s += "\n  {\n";
-                                    auto_ptr_char val((*logo)->getURL());
+                                    auto_ptr_char val(logo->getURL());
                                      s += "  \"value\": \"";
                                      json_safe(s, val.get());
                                      ostringstream ht;
                                      s += "  \"value\": \"";
                                      json_safe(s, val.get());
                                      ostringstream ht;
-                                    ht << (*logo)->getHeight().second;
+                                    ht << logo->getHeight().second;
                                      s += "\",\n  \"height\": \"";
                                      s += ht.str();
                                      ostringstream wt;
                                      s += "\",\n  \"height\": \"";
                                      s += ht.str();
                                      ostringstream wt;
-                                    wt << (*logo)->getWidth().second;
+                                    wt << logo->getWidth().second;
                                      s += "\",\n  \"width\": \"";
                                      s += wt.str();
                                      s += '\"';
                                      s += "\",\n  \"width\": \"";
                                      s += wt.str();
                                      s += '\"';
-                                    if ((*logo)->getLang()) {
-                                        auto_ptr_char lang((*logo)->getLang());
+                                    if (logo->getLang()) {
+                                        auto_ptr_char lang(logo->getLang());
                                          s += ",\n  \"lang\": \"";
                                          s += lang.get();
                                          s += '\"';
                                          s += ",\n  \"lang\": \"";
                                          s += lang.get();
                                          s += '\"';
@@ -255,9 +265,10 @@ void DiscoverableMetadataProvider::disco(string& s, const EntityDescriptor* enti
  
              if (m_legacyOrgNames && !extFound) {
                  const Organization* org = nullptr;
  
              if (m_legacyOrgNames && !extFound) {
                  const Organization* org = nullptr;
-                for (vector<IDPSSODescriptor*>::const_iterator idp = idps.begin(); !org && idp != idps.end(); ++idp) {
-                    if ((*idp)->isValid(now))
-                        org = (*idp)->getOrganization();
+                for (indirect_iterator<vector<IDPSSODescriptor*>::const_iterator> idp = make_indirect_iterator(idps.begin());
+                        !org && idp != make_indirect_iterator(idps.end()); ++idp) {
+                    if (idp->isValid(now))
+                        org = idp->getOrganization();
                  }
                  if (!org)
                      org = entity->getOrganization();
                  }
                  if (!org)
                      org = entity->getOrganization();
@@ -265,11 +276,12 @@ void DiscoverableMetadataProvider::disco(string& s, const EntityDescriptor* enti
                      const vector<OrganizationDisplayName*>& odns = org->getOrganizationDisplayNames();
                      if (!odns.empty()) {
                          s += ",\n \"DisplayNames\": [";
                      const vector<OrganizationDisplayName*>& odns = org->getOrganizationDisplayNames();
                      if (!odns.empty()) {
                          s += ",\n \"DisplayNames\": [";
-                        for (vector<OrganizationDisplayName*>::const_iterator dispname = odns.begin(); dispname != odns.end(); ++dispname) {
-                            if (dispname != odns.begin())
+                        for (indirect_iterator<vector<OrganizationDisplayName*>::const_iterator> dispname = make_indirect_iterator(odns.begin());
+                                dispname != make_indirect_iterator(odns.end()); ++dispname) {
+                            if (dispname.base() != odns.begin())
                                  s += ',';
                                  s += ',';
-                            auto_arrayptr<char> val(toUTF8((*dispname)->getName()));
-                            auto_ptr_char lang((*dispname)->getLang());
+                            auto_arrayptr<char> val(toUTF8(dispname->getName()));
+                            auto_ptr_char lang(dispname->getLang());
                              s += "\n  {\n  \"value\": \"";
                              json_safe(s, val.get());
                              s += "\",\n  \"lang\": \"";
                              s += "\n  {\n  \"value\": \"";
                              json_safe(s, val.get());
                              s += "\",\n  \"lang\": \"";
@@ -287,15 +299,16 @@ void DiscoverableMetadataProvider::disco(string& s, const EntityDescriptor* enti
      }
  }
  
      }
  }
  
-void DiscoverableMetadataProvider::disco(string& s, const EntitiesDescriptor* group, bool& first) const
+void DiscoverableMetadataProvider::discoGroup(string& s, const EntitiesDescriptor* group, bool& first) const
  {
      if (group) {
  {
      if (group) {
-        const vector<EntitiesDescriptor*>& groups = group->getEntitiesDescriptors();
-        for (vector<EntitiesDescriptor*>::const_iterator i = groups.begin(); i != groups.end(); ++i)
-            disco(s, *i, first);
-
-        const vector<EntityDescriptor*>& sites = group->getEntityDescriptors();
-        for (vector<EntityDescriptor*>::const_iterator j = sites.begin(); j != sites.end(); ++j)
-            disco(s, *j, first);
+        for_each(
+            group->getEntitiesDescriptors().begin(), group->getEntitiesDescriptors().end(),
+            boost::bind(&DiscoverableMetadataProvider::discoGroup, boost::ref(this), boost::ref(s), _1, boost::ref(first))
+            );
+        for_each(
+            group->getEntityDescriptors().begin(), group->getEntityDescriptors().end(),
+            boost::bind(&DiscoverableMetadataProvider::discoEntity, boost::ref(this), boost::ref(s), _1, boost::ref(first))
+            );
      }
  }
      }
  }
diff --git a/saml/saml2/metadata/impl/WhitelistMetadataFilter.cpp b/saml/saml2/metadata/impl/WhitelistMetadataFilter.cpp

index b1590a4..ecedc3e 100644 (file)
--- a/saml/saml2/metadata/impl/WhitelistMetadataFilter.cpp
+++ b/saml/saml2/metadata/impl/WhitelistMetadataFilter.cpp
@@ -28,12 +28,15 @@
  #include "saml2/metadata/Metadata.h"
  #include "saml2/metadata/MetadataFilter.h"
  
  #include "saml2/metadata/Metadata.h"
  #include "saml2/metadata/MetadataFilter.h"
  
+#include <boost/bind.hpp>
+#include <boost/iterator/indirect_iterator.hpp>
  #include <xmltooling/logging.h>
  #include <xmltooling/util/NDC.h>
  
  using namespace opensaml::saml2md;
  using namespace xmltooling::logging;
  using namespace xmltooling;
  #include <xmltooling/logging.h>
  #include <xmltooling/util/NDC.h>
  
  using namespace opensaml::saml2md;
  using namespace xmltooling::logging;
  using namespace xmltooling;
+using namespace boost;
  using namespace std;
  
  namespace opensaml {
  using namespace std;
  
  namespace opensaml {
@@ -75,7 +78,7 @@ WhitelistMetadataFilter::WhitelistMetadataFilter(const DOMElement* e)
      e = XMLHelper::getFirstChildElement(e);
      while (e) {
          if (XMLString::equals(e->getLocalName(), Include) && e->hasChildNodes()) {
      e = XMLHelper::getFirstChildElement(e);
      while (e) {
          if (XMLString::equals(e->getLocalName(), Include) && e->hasChildNodes()) {
-            m_set.insert(e->getFirstChild()->getNodeValue());
+            m_set.insert(e->getFirstChild()->getTextContent());
          }
          e = XMLHelper::getNextSiblingElement(e);
      }
          }
          e = XMLHelper::getNextSiblingElement(e);
      }
@@ -91,7 +94,7 @@ void WhitelistMetadataFilter::doFilter(XMLObject& xmlObject) const
          doFilter(dynamic_cast<EntitiesDescriptor&>(xmlObject));
          return;
      }
          doFilter(dynamic_cast<EntitiesDescriptor&>(xmlObject));
          return;
      }
-    catch (bad_cast) {
+    catch (bad_cast&) {
      }
  
      try {
      }
  
      try {
@@ -100,7 +103,7 @@ void WhitelistMetadataFilter::doFilter(XMLObject& xmlObject) const
              throw MetadataFilterException("WhitelistMetadataFilter instructed to filter the root/only entity in the metadata.");
          return;
      }
              throw MetadataFilterException("WhitelistMetadataFilter instructed to filter the root/only entity in the metadata.");
          return;
      }
-    catch (bad_cast) {
+    catch (bad_cast&) {
      }
  
      throw MetadataFilterException("WhitelistMetadataFilter was given an improper metadata instance to filter.");
      }
  
      throw MetadataFilterException("WhitelistMetadataFilter was given an improper metadata instance to filter.");
@@ -124,6 +127,10 @@ void WhitelistMetadataFilter::doFilter(EntitiesDescriptor& entities) const
      }
  
      const vector<EntitiesDescriptor*>& groups=const_cast<const EntitiesDescriptor&>(entities).getEntitiesDescriptors();
      }
  
      const vector<EntitiesDescriptor*>& groups=const_cast<const EntitiesDescriptor&>(entities).getEntitiesDescriptors();
-    for (vector<EntitiesDescriptor*>::const_iterator j=groups.begin(); j!=groups.end(); j++)
-        doFilter(*(*j));
+    for_each(
+        make_indirect_iterator(groups.begin()), make_indirect_iterator(groups.end()),
+        boost::bind(
+            static_cast<void (WhitelistMetadataFilter::*)(EntitiesDescriptor&) const>(&WhitelistMetadataFilter::doFilter), boost::ref(this), _1
+            )
+        );
  }
  }
diff --git a/saml/saml2/profile/impl/Assertion20Validator.cpp b/saml/saml2/profile/impl/Assertion20Validator.cpp

index 6e815c3..1a2a1a3 100644 (file)
--- a/saml/saml2/profile/impl/Assertion20Validator.cpp
+++ b/saml/saml2/profile/impl/Assertion20Validator.cpp
@@ -28,6 +28,7 @@
  #include "saml2/core/Assertions.h"
  #include "saml2/profile/AssertionValidator.h"
  
  #include "saml2/core/Assertions.h"
  #include "saml2/profile/AssertionValidator.h"
  
+#include <boost/bind.hpp>
  #include <xmltooling/logging.h>
  #include <xmltooling/XMLToolingConfig.h>
  #include <xmltooling/util/NDC.h>
  #include <xmltooling/logging.h>
  #include <xmltooling/XMLToolingConfig.h>
  #include <xmltooling/util/NDC.h>
@@ -35,6 +36,7 @@
  using namespace opensaml::saml2;
  using namespace xmltooling::logging;
  using namespace xmltooling;
  using namespace opensaml::saml2;
  using namespace xmltooling::logging;
  using namespace xmltooling;
+using namespace boost;
  using namespace std;
  
  AssertionValidator::AssertionValidator(const XMLCh* recipient, const vector<const XMLCh*>* audiences, time_t ts)
  using namespace std;
  
  AssertionValidator::AssertionValidator(const XMLCh* recipient, const vector<const XMLCh*>* audiences, time_t ts)
@@ -77,16 +79,13 @@ void AssertionValidator::validateAssertion(const Assertion& assertion) const
  
      // Now we process conditions, starting with the known types and then extensions.
      const vector<AudienceRestriction*>& acvec = conds->getAudienceRestrictions();
  
      // Now we process conditions, starting with the known types and then extensions.
      const vector<AudienceRestriction*>& acvec = conds->getAudienceRestrictions();
-    for (vector<AudienceRestriction*>::const_iterator ac = acvec.begin(); ac!=acvec.end(); ++ac)
-        validateCondition(*ac);
+    for_each(acvec.begin(), acvec.end(), boost::bind(&AssertionValidator::validateCondition, this, _1));
  
      const vector<OneTimeUse*>& dncvec = conds->getOneTimeUses();
  
      const vector<OneTimeUse*>& dncvec = conds->getOneTimeUses();
-    for (vector<OneTimeUse*>::const_iterator dnc = dncvec.begin(); dnc!=dncvec.end(); ++dnc)
-        validateCondition(*dnc);
+    for_each(dncvec.begin(), dncvec.end(), boost::bind(&AssertionValidator::validateCondition, this, _1));
  
      const vector<Condition*>& convec = conds->getConditions();
  
      const vector<Condition*>& convec = conds->getConditions();
-    for (vector<Condition*>::const_iterator c = convec.begin(); c!=convec.end(); ++c)
-        validateCondition(*c);
+    for_each(convec.begin(), convec.end(), boost::bind(&AssertionValidator::validateCondition, this, _1));
  }
  
  void AssertionValidator::validateCondition(const Condition* c) const
  }
  
  void AssertionValidator::validateCondition(const Condition* c) const
diff --git a/saml/saml2/profile/impl/DelegationRestrictionRule.cpp b/saml/saml2/profile/impl/DelegationRestrictionRule.cpp

index 304d4b2..66e92a7 100644 (file)
--- a/saml/saml2/profile/impl/DelegationRestrictionRule.cpp
+++ b/saml/saml2/profile/impl/DelegationRestrictionRule.cpp
@@ -31,6 +31,7 @@
  #include "util/SAMLConstants.h"
  
  #include <ctime>
  #include "util/SAMLConstants.h"
  
  #include <ctime>
+#include <boost/ptr_container/ptr_vector.hpp>
  #include <xercesc/util/XMLUniDefs.hpp>
  #include <xmltooling/logging.h>
  #include <xmltooling/XMLToolingConfig.h>
  #include <xercesc/util/XMLUniDefs.hpp>
  #include <xmltooling/logging.h>
  #include <xmltooling/XMLToolingConfig.h>
@@ -39,6 +40,7 @@ using namespace opensaml::saml2;
  using namespace opensaml;
  using namespace xmltooling::logging;
  using namespace xmltooling;
  using namespace opensaml;
  using namespace xmltooling::logging;
  using namespace xmltooling;
+using namespace boost;
  using namespace std;
  
  namespace opensaml {
  using namespace std;
  
  namespace opensaml {
@@ -49,7 +51,6 @@ namespace opensaml {
              DelegationRestrictionRule(const DOMElement* e);
  
              virtual ~DelegationRestrictionRule() {
              DelegationRestrictionRule(const DOMElement* e);
  
              virtual ~DelegationRestrictionRule() {
-                for_each(m_delegates.begin(), m_delegates.end(), xmltooling::cleanup<Delegate>());
              }
              const char* getType() const {
                  return DELEGATION_POLICY_RULE;
              }
              const char* getType() const {
                  return DELEGATION_POLICY_RULE;
@@ -57,7 +58,7 @@ namespace opensaml {
              bool evaluate(const XMLObject& message, const GenericRequest* request, SecurityPolicy& policy) const;
  
          private:
              bool evaluate(const XMLObject& message, const GenericRequest* request, SecurityPolicy& policy) const;
  
          private:
-            vector<Delegate*> m_delegates;
+            ptr_vector<Delegate> m_delegates;
              enum {
                  MATCH_ANY,
                  MATCH_NEWEST,
              enum {
                  MATCH_ANY,
                  MATCH_NEWEST,
@@ -93,21 +94,21 @@ namespace opensaml {
              _isSameDelegate(const Delegate* d) : m_operand(d) {}
  
              // d1 is the input from the message, d2 is from the policy
              _isSameDelegate(const Delegate* d) : m_operand(d) {}
  
              // d1 is the input from the message, d2 is from the policy
-            bool operator()(const Delegate* d1, const Delegate* d2) const {
+            bool operator()(const Delegate* d1, const Delegate& d2) const {
                  if (!d1->getNameID()) {
                      Category::getInstance(SAML_LOGCAT".SecurityPolicyRule.DelegationRestriction").error(
                          "rule doesn't support evaluation of BaseID or EncryptedID in a Delegate"
                          );
                      return false;
                  }
                  if (!d1->getNameID()) {
                      Category::getInstance(SAML_LOGCAT".SecurityPolicyRule.DelegationRestriction").error(
                          "rule doesn't support evaluation of BaseID or EncryptedID in a Delegate"
                          );
                      return false;
                  }
-                if (!d2->getConfirmationMethod() || XMLString::equals(d1->getConfirmationMethod(), d2->getConfirmationMethod())) {
-                    return matches(d1->getNameID(), d2->getNameID());
+                if (!d2.getConfirmationMethod() || XMLString::equals(d1->getConfirmationMethod(), d2.getConfirmationMethod())) {
+                    return matches(d1->getNameID(), d2.getNameID());
                  }
                  return false;
              }
  
              // d is from the policy
                  }
                  return false;
              }
  
              // d is from the policy
-            bool operator()(const Delegate* d) const {
+            bool operator()(const Delegate& d) const {
                  return this->operator()(m_operand, d);
              }
          };
                  return this->operator()(m_operand, d);
              }
          };
@@ -132,21 +133,15 @@ DelegationRestrictionRule::DelegationRestrictionRule(const DOMElement* e)
          else if (m && *m && !XMLString::equals(m, any))
              throw SecurityPolicyException("Invalid value for \"match\" attribute in Delegation rule.");
  
          else if (m && *m && !XMLString::equals(m, any))
              throw SecurityPolicyException("Invalid value for \"match\" attribute in Delegation rule.");
  
-        try {
-            DOMElement* d = XMLHelper::getFirstChildElement(e, samlconstants::SAML20_DELEGATION_CONDITION_NS, Delegate::LOCAL_NAME);
-            while (d) {
-                auto_ptr<XMLObject> wrapper(XMLObjectBuilder::buildOneFromElement(d));
-                Delegate* down = dynamic_cast<Delegate*>(wrapper.get());
-                if (down) {
-                    m_delegates.push_back(down);
-                    wrapper.release();
-                }
-                d = XMLHelper::getNextSiblingElement(d, samlconstants::SAML20_DELEGATION_CONDITION_NS, Delegate::LOCAL_NAME);
+        DOMElement* d = XMLHelper::getFirstChildElement(e, samlconstants::SAML20_DELEGATION_CONDITION_NS, Delegate::LOCAL_NAME);
+        while (d) {
+            auto_ptr<XMLObject> wrapper(XMLObjectBuilder::buildOneFromElement(d));
+            Delegate* down = dynamic_cast<Delegate*>(wrapper.get());
+            if (down) {
+                m_delegates.push_back(down);
+                wrapper.release();
              }
              }
-        }
-        catch (exception&) {
-            for_each(m_delegates.begin(), m_delegates.end(), xmltooling::cleanup<Delegate>());
-            throw;
+            d = XMLHelper::getNextSiblingElement(d, samlconstants::SAML20_DELEGATION_CONDITION_NS, Delegate::LOCAL_NAME);
          }
      }
  }
          }
      }
  }
diff --git a/saml/saml2/profile/impl/SAML2AssertionPolicy.cpp b/saml/saml2/profile/impl/SAML2AssertionPolicy.cpp

index 4fcfcdf..120f7bb 100644 (file)
--- a/saml/saml2/profile/impl/SAML2AssertionPolicy.cpp
+++ b/saml/saml2/profile/impl/SAML2AssertionPolicy.cpp
@@ -34,7 +34,7 @@ using namespace xmltooling;
  
  SAML2AssertionPolicy::SAML2AssertionPolicy(
      const MetadataProvider* metadataProvider, const xmltooling::QName* role, const TrustEngine* trustEngine, bool validate
  
  SAML2AssertionPolicy::SAML2AssertionPolicy(
      const MetadataProvider* metadataProvider, const xmltooling::QName* role, const TrustEngine* trustEngine, bool validate
-    ) : SecurityPolicy(metadataProvider, role, trustEngine, validate)
+    ) : SecurityPolicy(metadataProvider, role, trustEngine, validate), m_confirmation(nullptr)
  {
  }
  
  {
  }
  
@@ -50,7 +50,7 @@ void SAML2AssertionPolicy::reset(bool messageOnly)
  
  void SAML2AssertionPolicy::_reset(bool messageOnly)
  {
  
  void SAML2AssertionPolicy::_reset(bool messageOnly)
  {
-    m_confirmation = false;
+    m_confirmation = nullptr;
  }
  
  const SubjectConfirmation* SAML2AssertionPolicy::getSubjectConfirmation() const
  }
  
  const SubjectConfirmation* SAML2AssertionPolicy::getSubjectConfirmation() const
author	Scott Cantor <cantor.2@osu.edu>
	Wed, 14 Dec 2011 09:24:33 +0000 (09:24 +0000)
committer	Scott Cantor <cantor.2@osu.edu>
	Wed, 14 Dec 2011 09:24:33 +0000 (09:24 +0000)
saml/saml1/binding/impl/SAML1ArtifactDecoder.cpp		patch \| blob \| history
saml/saml1/profile/impl/AssertionValidator.cpp		patch \| blob \| history
saml/saml2/binding/impl/SAML2ArtifactDecoder.cpp		patch \| blob \| history
saml/saml2/binding/impl/SAML2ECPEncoder.cpp		patch \| blob \| history
saml/saml2/metadata/AbstractMetadataProvider.h		patch \| blob \| history
saml/saml2/metadata/DiscoverableMetadataProvider.h		patch \| blob \| history
saml/saml2/metadata/impl/AbstractMetadataProvider.cpp		patch \| blob \| history
saml/saml2/metadata/impl/BlacklistMetadataFilter.cpp		patch \| blob \| history
saml/saml2/metadata/impl/ChainingMetadataProvider.cpp		patch \| blob \| history
saml/saml2/metadata/impl/DiscoverableMetadataProvider.cpp		patch \| blob \| history
saml/saml2/metadata/impl/WhitelistMetadataFilter.cpp		patch \| blob \| history
saml/saml2/profile/impl/Assertion20Validator.cpp		patch \| blob \| history
saml/saml2/profile/impl/DelegationRestrictionRule.cpp		patch \| blob \| history
saml/saml2/profile/impl/SAML2AssertionPolicy.cpp		patch \| blob \| history