From 5d4b679f292a46494e822e9634f0ffa06f8f421c Mon Sep 17 00:00:00 2001 From: Scott Cantor Date: Fri, 25 May 2007 05:58:15 +0000 Subject: [PATCH] Switch encoders to metadata-based recipient parameter. --- config_win32.h | 3 --- saml/binding/MessageEncoder.h | 11 +++++--- saml/saml1/binding/impl/SAML1ArtifactEncoder.cpp | 13 ++++++---- saml/saml1/binding/impl/SAML1POSTEncoder.cpp | 5 ++-- saml/saml1/binding/impl/SAML1SOAPEncoder.cpp | 5 ++-- saml/saml2/binding/impl/SAML2ArtifactEncoder.cpp | 13 ++++++---- saml/saml2/binding/impl/SAML2POSTEncoder.cpp | 5 ++-- saml/saml2/binding/impl/SAML2RedirectEncoder.cpp | 5 ++-- saml/saml2/binding/impl/SAML2SOAPEncoder.cpp | 5 ++-- samltest/saml1/binding/SAML1ArtifactTest.h | 10 +++++--- samltest/saml1/binding/SAML1POSTTest.h | 17 +++++++------ samltest/saml2/binding/SAML2ArtifactTest.h | 10 +++++--- samltest/saml2/binding/SAML2POSTTest.h | 32 +++++++++++++----------- samltest/saml2/binding/SAML2RedirectTest.h | 16 ++++++------ 14 files changed, 87 insertions(+), 63 deletions(-) diff --git a/config_win32.h b/config_win32.h index cfd83a1..b992639 100644 --- a/config_win32.h +++ b/config_win32.h @@ -90,9 +90,6 @@ /* Version number of package */ #define VERSION "2.0" -/* Define if you wish to disable XML-Security-dependent features. */ -/* #undef XMLTOOLING_NO_XMLSEC */ - /* Define to empty if `const' does not conform to ANSI C. */ /* #undef const */ diff --git a/saml/binding/MessageEncoder.h b/saml/binding/MessageEncoder.h index 1bc8e1c..7941e02 100644 --- a/saml/binding/MessageEncoder.h +++ b/saml/binding/MessageEncoder.h @@ -36,6 +36,9 @@ namespace opensaml { namespace saml2p { class SAML_API SAML2Artifact; }; + namespace saml2md { + class SAML_API EntityDescriptor; + }; /** * Interface to SAML protocol binding message encoders. @@ -78,7 +81,7 @@ namespace opensaml { * @param relyingParty the party that will recieve the artifact * @return a SAML 1.x artifact with a random assertion handle */ - virtual SAMLArtifact* generateSAML1Artifact(const char* relyingParty) const=0; + virtual SAMLArtifact* generateSAML1Artifact(const saml2md::EntityDescriptor* relyingParty) const=0; /** * Generate a SAML 2.0 artifact suitable for consumption by the relying party. @@ -86,7 +89,7 @@ namespace opensaml { * @param relyingParty the party that will recieve the artifact * @return a SAML 2.0 artifact with a random message handle */ - virtual saml2p::SAML2Artifact* generateSAML2Artifact(const char* relyingParty) const=0; + virtual saml2p::SAML2Artifact* generateSAML2Artifact(const saml2md::EntityDescriptor* relyingParty) const=0; }; /** @@ -115,7 +118,7 @@ namespace opensaml { * @param genericResponse reference to interface for sending transport response * @param xmlObject XML message to encode * @param destination destination URL for message - * @param recipientID optional entityID of message recipient + * @param recipient optional message recipient * @param relayState optional RelayState value to accompany message * @param credential optional Credential to supply signing key * @param signatureAlg optional signature algorithm identifier @@ -125,7 +128,7 @@ namespace opensaml { xmltooling::GenericResponse& genericResponse, xmltooling::XMLObject* xmlObject, const char* destination, - const char* recipientID=NULL, + const saml2md::EntityDescriptor* recipient=NULL, const char* relayState=NULL, const xmltooling::Credential* credential=NULL, const XMLCh* signatureAlg=NULL, diff --git a/saml/saml1/binding/impl/SAML1ArtifactEncoder.cpp b/saml/saml1/binding/impl/SAML1ArtifactEncoder.cpp index 5920997..3d05905 100644 --- a/saml/saml1/binding/impl/SAML1ArtifactEncoder.cpp +++ b/saml/saml1/binding/impl/SAML1ArtifactEncoder.cpp @@ -27,6 +27,7 @@ #include "binding/SAMLArtifact.h" #include "saml1/core/Assertions.h" #include "saml1/core/Protocols.h" +#include "saml2/metadata/Metadata.h" #include #include @@ -36,6 +37,7 @@ using namespace opensaml::saml1; using namespace opensaml::saml1p; +using namespace opensaml::saml2md; using namespace opensaml; using namespace xmlsignature; using namespace xmltooling; @@ -54,7 +56,7 @@ namespace opensaml { GenericResponse& genericResponse, XMLObject* xmlObject, const char* destination, - const char* recipientID=NULL, + const EntityDescriptor* recipient=NULL, const char* relayState=NULL, const Credential* credential=NULL, const XMLCh* signatureAlg=NULL, @@ -73,7 +75,7 @@ long SAML1ArtifactEncoder::encode( GenericResponse& genericResponse, XMLObject* xmlObject, const char* destination, - const char* recipientID, + const EntityDescriptor* recipient, const char* relayState, const Credential* credential, const XMLCh* signatureAlg, @@ -106,12 +108,13 @@ long SAML1ArtifactEncoder::encode( // Obtain a fresh artifact. if (!m_artifactGenerator) throw BindingException("SAML 1.x Artifact Encoder requires an ArtifactGenerator instance."); - log.debug("obtaining new artifact for relying party (%s)", recipientID ? recipientID : "unknown"); - auto_ptr artifact(m_artifactGenerator->generateSAML1Artifact(recipientID)); + auto_ptr_char recipientID(recipient ? recipient->getEntityID() : NULL); + log.debug("obtaining new artifact for relying party (%s)", recipientID.get() ? recipientID.get() : "unknown"); + auto_ptr artifact(m_artifactGenerator->generateSAML1Artifact(recipient)); // Store the assertion. Last step in storage will be to delete the XML. log.debug("storing artifact and content in map"); - mapper->storeContent(xmlObject, artifact.get(), recipientID); + mapper->storeContent(xmlObject, artifact.get(), recipientID.get()); // Generate redirect. string loc = destination; diff --git a/saml/saml1/binding/impl/SAML1POSTEncoder.cpp b/saml/saml1/binding/impl/SAML1POSTEncoder.cpp index 6b4a7d4..4525a18 100644 --- a/saml/saml1/binding/impl/SAML1POSTEncoder.cpp +++ b/saml/saml1/binding/impl/SAML1POSTEncoder.cpp @@ -34,6 +34,7 @@ #include using namespace opensaml::saml1p; +using namespace opensaml::saml2md; using namespace opensaml; using namespace xmlsignature; using namespace xmltooling; @@ -52,7 +53,7 @@ namespace opensaml { GenericResponse& genericResponse, XMLObject* xmlObject, const char* destination, - const char* recipientID=NULL, + const EntityDescriptor* recipient=NULL, const char* relayState=NULL, const Credential* credential=NULL, const XMLCh* signatureAlg=NULL, @@ -88,7 +89,7 @@ long SAML1POSTEncoder::encode( GenericResponse& genericResponse, XMLObject* xmlObject, const char* destination, - const char* recipientID, + const EntityDescriptor* recipient, const char* relayState, const Credential* credential, const XMLCh* signatureAlg, diff --git a/saml/saml1/binding/impl/SAML1SOAPEncoder.cpp b/saml/saml1/binding/impl/SAML1SOAPEncoder.cpp index c8e9e56..197ee0b 100644 --- a/saml/saml1/binding/impl/SAML1SOAPEncoder.cpp +++ b/saml/saml1/binding/impl/SAML1SOAPEncoder.cpp @@ -33,6 +33,7 @@ #include using namespace opensaml::saml1p; +using namespace opensaml::saml2md; using namespace opensaml; using namespace xmlsignature; using namespace soap11; @@ -52,7 +53,7 @@ namespace opensaml { GenericResponse& genericResponse, XMLObject* xmlObject, const char* destination, - const char* recipientID=NULL, + const EntityDescriptor* recipient=NULL, const char* relayState=NULL, const Credential* credential=NULL, const XMLCh* signatureAlg=NULL, @@ -71,7 +72,7 @@ long SAML1SOAPEncoder::encode( GenericResponse& genericResponse, XMLObject* xmlObject, const char* destination, - const char* recipientID, + const EntityDescriptor* recipient, const char* relayState, const Credential* credential, const XMLCh* signatureAlg, diff --git a/saml/saml2/binding/impl/SAML2ArtifactEncoder.cpp b/saml/saml2/binding/impl/SAML2ArtifactEncoder.cpp index cafd1b0..749d83d 100644 --- a/saml/saml2/binding/impl/SAML2ArtifactEncoder.cpp +++ b/saml/saml2/binding/impl/SAML2ArtifactEncoder.cpp @@ -26,6 +26,7 @@ #include "binding/MessageEncoder.h" #include "saml2/binding/SAML2Artifact.h" #include "saml2/core/Protocols.h" +#include "saml2/metadata/Metadata.h" #include #include @@ -36,6 +37,7 @@ #include using namespace opensaml::saml2p; +using namespace opensaml::saml2md; using namespace opensaml; using namespace xmlsignature; using namespace xmltooling; @@ -54,7 +56,7 @@ namespace opensaml { GenericResponse& genericResponse, XMLObject* xmlObject, const char* destination, - const char* recipientID=NULL, + const EntityDescriptor* recipient=NULL, const char* relayState=NULL, const Credential* credential=NULL, const XMLCh* signatureAlg=NULL, @@ -93,7 +95,7 @@ long SAML2ArtifactEncoder::encode( GenericResponse& genericResponse, XMLObject* xmlObject, const char* destination, - const char* recipientID, + const EntityDescriptor* recipient, const char* relayState, const Credential* credential, const XMLCh* signatureAlg, @@ -129,8 +131,9 @@ long SAML2ArtifactEncoder::encode( // Obtain a fresh artifact. if (!m_artifactGenerator) throw BindingException("SAML 2.0 HTTP-Artifact Encoder requires an ArtifactGenerator instance."); - log.debug("obtaining new artifact for relying party (%s)", recipientID ? recipientID : "unknown"); - auto_ptr artifact(m_artifactGenerator->generateSAML2Artifact(recipientID)); + auto_ptr_char recipientID(recipient ? recipient->getEntityID() : NULL); + log.debug("obtaining new artifact for relying party (%s)", recipientID.get() ? recipientID.get() : "unknown"); + auto_ptr artifact(m_artifactGenerator->generateSAML2Artifact(recipient)); if (credential) { // Signature based on native XML signing. @@ -159,7 +162,7 @@ long SAML2ArtifactEncoder::encode( // Store the message. Last step in storage will be to delete the XML. log.debug("storing artifact and content in map"); - mapper->storeContent(xmlObject, artifact.get(), recipientID); + mapper->storeContent(xmlObject, artifact.get(), recipientID.get()); if (m_template.empty()) { // Generate redirect. diff --git a/saml/saml2/binding/impl/SAML2POSTEncoder.cpp b/saml/saml2/binding/impl/SAML2POSTEncoder.cpp index f8242db..efa5a57 100644 --- a/saml/saml2/binding/impl/SAML2POSTEncoder.cpp +++ b/saml/saml2/binding/impl/SAML2POSTEncoder.cpp @@ -34,6 +34,7 @@ #include using namespace opensaml::saml2p; +using namespace opensaml::saml2md; using namespace opensaml; using namespace xmlsignature; using namespace xmltooling; @@ -52,7 +53,7 @@ namespace opensaml { GenericResponse& genericResponse, XMLObject* xmlObject, const char* destination, - const char* recipientID=NULL, + const EntityDescriptor* recipient=NULL, const char* relayState=NULL, const Credential* credential=NULL, const XMLCh* signatureAlg=NULL, @@ -93,7 +94,7 @@ long SAML2POSTEncoder::encode( GenericResponse& genericResponse, XMLObject* xmlObject, const char* destination, - const char* recipientID, + const EntityDescriptor* recipient, const char* relayState, const Credential* credential, const XMLCh* signatureAlg, diff --git a/saml/saml2/binding/impl/SAML2RedirectEncoder.cpp b/saml/saml2/binding/impl/SAML2RedirectEncoder.cpp index 24050d6..9135c8d 100644 --- a/saml/saml2/binding/impl/SAML2RedirectEncoder.cpp +++ b/saml/saml2/binding/impl/SAML2RedirectEncoder.cpp @@ -35,6 +35,7 @@ #include using namespace opensaml::saml2p; +using namespace opensaml::saml2md; using namespace opensaml; using namespace xmlsignature; using namespace xmltooling; @@ -57,7 +58,7 @@ namespace opensaml { GenericResponse& genericResponse, XMLObject* xmlObject, const char* destination, - const char* recipientID=NULL, + const EntityDescriptor* recipient=NULL, const char* relayState=NULL, const Credential* credential=NULL, const XMLCh* signatureAlg=NULL, @@ -76,7 +77,7 @@ long SAML2RedirectEncoder::encode( GenericResponse& genericResponse, XMLObject* xmlObject, const char* destination, - const char* recipientID, + const EntityDescriptor* recipient, const char* relayState, const Credential* credential, const XMLCh* signatureAlg, diff --git a/saml/saml2/binding/impl/SAML2SOAPEncoder.cpp b/saml/saml2/binding/impl/SAML2SOAPEncoder.cpp index 24b05d1..fccae38 100644 --- a/saml/saml2/binding/impl/SAML2SOAPEncoder.cpp +++ b/saml/saml2/binding/impl/SAML2SOAPEncoder.cpp @@ -33,6 +33,7 @@ #include using namespace opensaml::saml2p; +using namespace opensaml::saml2md; using namespace opensaml; using namespace xmlsignature; using namespace soap11; @@ -52,7 +53,7 @@ namespace opensaml { GenericResponse& genericResponse, XMLObject* xmlObject, const char* destination, - const char* recipientID=NULL, + const EntityDescriptor* recipient=NULL, const char* relayState=NULL, const Credential* credential=NULL, const XMLCh* signatureAlg=NULL, @@ -73,7 +74,7 @@ long SAML2SOAPEncoder::encode( GenericResponse& genericResponse, XMLObject* xmlObject, const char* destination, - const char* recipientID, + const EntityDescriptor* recipient, const char* relayState, const Credential* credential, const XMLCh* signatureAlg, diff --git a/samltest/saml1/binding/SAML1ArtifactTest.h b/samltest/saml1/binding/SAML1ArtifactTest.h index 5ae1dc8..d7ddf2c 100644 --- a/samltest/saml1/binding/SAML1ArtifactTest.h +++ b/samltest/saml1/binding/SAML1ArtifactTest.h @@ -62,7 +62,10 @@ public: SAMLConfig::getConfig().MessageEncoderManager.newPlugin(samlconstants::SAML1_PROFILE_BROWSER_ARTIFACT, NULL) ); encoder->setArtifactGenerator(this); - encoder->encode(*this,toSend.get(),"https://sp.example.org/SAML/SSO","https://sp.example.org/","state",cred); + Locker locker(m_metadata); + encoder->encode( + *this,toSend.get(),"https://sp.example.org/SAML/SSO",m_metadata->getEntityDescriptor("https://sp.example.org/"),"state",cred + ); toSend.release(); // Decode message. @@ -71,7 +74,6 @@ public: SAMLConfig::getConfig().MessageDecoderManager.newPlugin(samlconstants::SAML1_PROFILE_BROWSER_ARTIFACT, NULL) ); decoder->setArtifactResolver(this); - Locker locker(m_metadata); auto_ptr response(dynamic_cast(decoder->decode(relayState,*this,policy))); // Test the results. @@ -92,11 +94,11 @@ public: } } - SAMLArtifact* generateSAML1Artifact(const char* relyingParty) const { + SAMLArtifact* generateSAML1Artifact(const EntityDescriptor* relyingParty) const { return new SAMLArtifactType0001(SAMLConfig::getConfig().hashSHA1("https://idp.example.org/")); } - saml2p::SAML2Artifact* generateSAML2Artifact(const char* relyingParty) const { + saml2p::SAML2Artifact* generateSAML2Artifact(const EntityDescriptor* relyingParty) const { throw BindingException("Not implemented."); } diff --git a/samltest/saml1/binding/SAML1POSTTest.h b/samltest/saml1/binding/SAML1POSTTest.h index eb8278c..81c1d7e 100644 --- a/samltest/saml1/binding/SAML1POSTTest.h +++ b/samltest/saml1/binding/SAML1POSTTest.h @@ -46,11 +46,11 @@ public: ); janitor.release(); - CredentialCriteria cc; - cc.setUsage(CredentialCriteria::SIGNING_CREDENTIAL); - Locker clocker(m_creds); - const Credential* cred = m_creds->resolve(&cc); - TSM_ASSERT("Retrieved credential was null", cred!=NULL); + CredentialCriteria cc; + cc.setUsage(CredentialCriteria::SIGNING_CREDENTIAL); + Locker clocker(m_creds); + const Credential* cred = m_creds->resolve(&cc); + TSM_ASSERT("Retrieved credential was null", cred!=NULL); // Freshen timestamp and ID. toSend->setIssueInstant(time(NULL)); @@ -70,7 +70,11 @@ public: samlconstants::SAML1_PROFILE_BROWSER_POST, encoder_config->getDocumentElement() ) ); - encoder->encode(*this,toSend.get(),"https://sp.example.org/SAML/SSO","https://sp.example.org/","state",cred); + + Locker locker(m_metadata); + encoder->encode( + *this,toSend.get(),"https://sp.example.org/SAML/SSO",m_metadata->getEntityDescriptor("https://sp.example.org/"),"state",cred + ); toSend.release(); // Decode message. @@ -78,7 +82,6 @@ public: auto_ptr decoder( SAMLConfig::getConfig().MessageDecoderManager.newPlugin(samlconstants::SAML1_PROFILE_BROWSER_POST, NULL) ); - Locker locker(m_metadata); auto_ptr response(dynamic_cast(decoder->decode(relayState,*this,policy))); // Test the results. diff --git a/samltest/saml2/binding/SAML2ArtifactTest.h b/samltest/saml2/binding/SAML2ArtifactTest.h index ee5b5f0..336e403 100644 --- a/samltest/saml2/binding/SAML2ArtifactTest.h +++ b/samltest/saml2/binding/SAML2ArtifactTest.h @@ -64,7 +64,10 @@ public: SAMLConfig::getConfig().MessageEncoderManager.newPlugin(samlconstants::SAML20_BINDING_HTTP_ARTIFACT, NULL) ); encoder->setArtifactGenerator(this); - encoder->encode(*this,toSend.get(),"https://sp.example.org/SAML/SSO","https://sp.example.org/","state",cred); + Locker locker(m_metadata); + encoder->encode( + *this,toSend.get(),"https://sp.example.org/SAML/SSO",m_metadata->getEntityDescriptor("https://sp.example.org/"),"state",cred + ); toSend.release(); // Decode message. @@ -73,7 +76,6 @@ public: SAMLConfig::getConfig().MessageDecoderManager.newPlugin(samlconstants::SAML20_BINDING_HTTP_ARTIFACT, NULL) ); decoder->setArtifactResolver(this); - Locker locker(m_metadata); auto_ptr response(dynamic_cast(decoder->decode(relayState,*this,policy))); // Test the results. @@ -94,11 +96,11 @@ public: } } - SAMLArtifact* generateSAML1Artifact(const char* relyingParty) const { + SAMLArtifact* generateSAML1Artifact(const EntityDescriptor* relyingParty) const { throw BindingException("Not implemented."); } - saml2p::SAML2Artifact* generateSAML2Artifact(const char* relyingParty) const { + saml2p::SAML2Artifact* generateSAML2Artifact(const EntityDescriptor* relyingParty) const { return new SAML2ArtifactType0004(SAMLConfig::getConfig().hashSHA1("https://idp.example.org/"),1); } diff --git a/samltest/saml2/binding/SAML2POSTTest.h b/samltest/saml2/binding/SAML2POSTTest.h index 814873e..aed926c 100644 --- a/samltest/saml2/binding/SAML2POSTTest.h +++ b/samltest/saml2/binding/SAML2POSTTest.h @@ -46,11 +46,11 @@ public: ); janitor.release(); - CredentialCriteria cc; - cc.setUsage(CredentialCriteria::SIGNING_CREDENTIAL); - Locker clocker(m_creds); - const Credential* cred = m_creds->resolve(&cc); - TSM_ASSERT("Retrieved credential was null", cred!=NULL); + CredentialCriteria cc; + cc.setUsage(CredentialCriteria::SIGNING_CREDENTIAL); + Locker clocker(m_creds); + const Credential* cred = m_creds->resolve(&cc); + TSM_ASSERT("Retrieved credential was null", cred!=NULL); // Freshen timestamp and ID. toSend->setIssueInstant(time(NULL)); @@ -70,7 +70,10 @@ public: samlconstants::SAML20_BINDING_HTTP_POST, encoder_config->getDocumentElement() ) ); - encoder->encode(*this,toSend.get(),"https://sp.example.org/SAML/SSO","https://sp.example.org/","state",cred); + Locker locker(m_metadata); + encoder->encode( + *this,toSend.get(),"https://sp.example.org/SAML/SSO",m_metadata->getEntityDescriptor("https://sp.example.org/"),"state",cred + ); toSend.release(); // Decode message. @@ -78,7 +81,6 @@ public: auto_ptr decoder( SAMLConfig::getConfig().MessageDecoderManager.newPlugin(samlconstants::SAML20_BINDING_HTTP_POST, NULL) ); - Locker locker(m_metadata); auto_ptr response(dynamic_cast(decoder->decode(relayState,*this,policy))); // Test the results. @@ -114,11 +116,11 @@ public: ); janitor.release(); - CredentialCriteria cc; - cc.setUsage(CredentialCriteria::SIGNING_CREDENTIAL); - Locker clocker(m_creds); - const Credential* cred = m_creds->resolve(&cc); - TSM_ASSERT("Retrieved credential was null", cred!=NULL); + CredentialCriteria cc; + cc.setUsage(CredentialCriteria::SIGNING_CREDENTIAL); + Locker clocker(m_creds); + const Credential* cred = m_creds->resolve(&cc); + TSM_ASSERT("Retrieved credential was null", cred!=NULL); // Freshen timestamp and ID. toSend->setIssueInstant(time(NULL)); @@ -138,7 +140,10 @@ public: samlconstants::SAML20_BINDING_HTTP_POST_SIMPLESIGN, encoder_config->getDocumentElement() ) ); - encoder->encode(*this,toSend.get(),"https://sp.example.org/SAML/SSO","https://sp.example.org/","state",cred); + Locker locker(m_metadata); + encoder->encode( + *this,toSend.get(),"https://sp.example.org/SAML/SSO",m_metadata->getEntityDescriptor("https://sp.example.org/"),"state",cred + ); toSend.release(); // Decode message. @@ -146,7 +151,6 @@ public: auto_ptr decoder( SAMLConfig::getConfig().MessageDecoderManager.newPlugin(samlconstants::SAML20_BINDING_HTTP_POST_SIMPLESIGN, NULL) ); - Locker locker(m_metadata); auto_ptr response(dynamic_cast(decoder->decode(relayState,*this,policy))); // Test the results. diff --git a/samltest/saml2/binding/SAML2RedirectTest.h b/samltest/saml2/binding/SAML2RedirectTest.h index 59e51fd..31df7f7 100644 --- a/samltest/saml2/binding/SAML2RedirectTest.h +++ b/samltest/saml2/binding/SAML2RedirectTest.h @@ -46,11 +46,11 @@ public: ); janitor.release(); - CredentialCriteria cc; - cc.setUsage(CredentialCriteria::SIGNING_CREDENTIAL); - Locker clocker(m_creds); - const Credential* cred = m_creds->resolve(&cc); - TSM_ASSERT("Retrieved credential was null", cred!=NULL); + CredentialCriteria cc; + cc.setUsage(CredentialCriteria::SIGNING_CREDENTIAL); + Locker clocker(m_creds); + const Credential* cred = m_creds->resolve(&cc); + TSM_ASSERT("Retrieved credential was null", cred!=NULL); // Freshen timestamp and ID. toSend->setIssueInstant(time(NULL)); @@ -60,7 +60,10 @@ public: auto_ptr encoder( SAMLConfig::getConfig().MessageEncoderManager.newPlugin(samlconstants::SAML20_BINDING_HTTP_REDIRECT, NULL) ); - encoder->encode(*this,toSend.get(),"https://sp.example.org/SAML/SSO","https://sp.example.org/","state",cred); + Locker locker(m_metadata); + encoder->encode( + *this,toSend.get(),"https://sp.example.org/SAML/SSO",m_metadata->getEntityDescriptor("https://sp.example.org/"),"state",cred + ); toSend.release(); // Decode message. @@ -68,7 +71,6 @@ public: auto_ptr decoder( SAMLConfig::getConfig().MessageDecoderManager.newPlugin(samlconstants::SAML20_BINDING_HTTP_REDIRECT, NULL) ); - Locker locker(m_metadata); auto_ptr response(dynamic_cast(decoder->decode(relayState,*this,policy))); // Test the results. -- 2.1.4