* @param id identifier of the assertion to retrieve
* @return pointer to assertion, or NULL
*/
- virtual const opensaml::RootObject* getAssertion(const char* id) const=0;
+ virtual const opensaml::Assertion* getAssertion(const char* id) const=0;
/**
* Stores an assertion in the session.
*
* @param assertion pointer to an assertion to cache (will be freed by cache)
*/
- virtual void addAssertion(opensaml::RootObject* assertion)=0;
+ virtual void addAssertion(opensaml::Assertion* assertion)=0;
};
/**
const char* session_index=NULL,
const char* authncontext_class=NULL,
const char* authncontext_decl=NULL,
- const std::vector<const opensaml::RootObject*>* tokens=NULL,
+ const std::vector<const opensaml::Assertion*>* tokens=NULL,
const std::vector<Attribute*>* attributes=NULL
)=0;
#include <shibsp/base.h>
-#include <saml/saml1/core/Assertions.h>
+#include <saml/Assertion.h>
#include <saml/saml2/metadata/Metadata.h>
#include <xmltooling/Lockable.h>
const char* client_addr,
const opensaml::saml2md::EntityDescriptor* issuer,
const opensaml::saml2::NameID& nameid,
- const std::vector<const opensaml::RootObject*>* tokens=NULL
+ const std::vector<const opensaml::Assertion*>* tokens=NULL
) const=0;
/**
#include <shibsp/base.h>
-#include <saml/saml1/core/Assertions.h>
+#include <saml/Assertion.h>
#include <saml/saml2/metadata/Metadata.h>
namespace shibsp {
*
* @return pointer to an array of tokens, or NULL
*/
- virtual const std::vector<const opensaml::RootObject*>* getTokens() const=0;
+ virtual const std::vector<const opensaml::Assertion*>* getTokens() const=0;
/**
* Returns the active session associated with the subject, if any.
*
* @return a mutable array of Assertions
*/
- virtual std::vector<opensaml::RootObject*>& getResolvedAssertions()=0;
+ virtual std::vector<opensaml::Assertion*>& getResolvedAssertions()=0;
};
};
const char* client_addr,\r
const EntityDescriptor* issuer,\r
const NameID& nameid,\r
- const vector<const opensaml::RootObject*>* tokens=NULL\r
+ const vector<const opensaml::Assertion*>* tokens=NULL\r
) : m_app(application), m_session(NULL), m_client_addr(client_addr), m_entity(issuer), m_nameid(nameid), m_tokens(tokens) {\r
}\r
\r
if (m_metadata)\r
m_metadata->unlock();\r
for_each(m_attributes.begin(), m_attributes.end(), xmltooling::cleanup<shibsp::Attribute>());\r
- for_each(m_assertions.begin(), m_assertions.end(), xmltooling::cleanup<opensaml::RootObject>());\r
+ for_each(m_assertions.begin(), m_assertions.end(), xmltooling::cleanup<opensaml::Assertion>());\r
}\r
\r
const Application& getApplication() const {\r
const NameID& getNameID() const {\r
return m_nameid;\r
}\r
- const vector<const opensaml::RootObject*>* getTokens() const {\r
+ const vector<const opensaml::Assertion*>* getTokens() const {\r
return m_tokens;\r
}\r
const Session* getSession() const {\r
vector<shibsp::Attribute*>& getResolvedAttributes() {\r
return m_attributes;\r
}\r
- vector<opensaml::RootObject*>& getResolvedAssertions() {\r
+ vector<opensaml::Assertion*>& getResolvedAssertions() {\r
return m_assertions;\r
}\r
\r
mutable MetadataProvider* m_metadata;\r
mutable const EntityDescriptor* m_entity;\r
const NameID& m_nameid;\r
- const vector<const opensaml::RootObject*>* m_tokens;\r
+ const vector<const opensaml::Assertion*>* m_tokens;\r
vector<shibsp::Attribute*> m_attributes;\r
- vector<opensaml::RootObject*> m_assertions;\r
+ vector<opensaml::Assertion*> m_assertions;\r
};\r
\r
#if defined (_MSC_VER)\r
ResolutionContext& ctx, const NameID& nameid, const vector<const char*>* attributes=NULL\r
) const;\r
void resolve(\r
- ResolutionContext& ctx, const opensaml::saml1::Assertion* token, const vector<const char*>* attributes=NULL\r
+ ResolutionContext& ctx, const saml1::Assertion* token, const vector<const char*>* attributes=NULL\r
) const;\r
void resolve(\r
- ResolutionContext& ctx, const opensaml::saml2::Assertion* token, const vector<const char*>* attributes=NULL\r
+ ResolutionContext& ctx, const saml2::Assertion* token, const vector<const char*>* attributes=NULL\r
) const;\r
\r
bool m_allowQuery;\r
const char* client_addr,\r
const EntityDescriptor* issuer,\r
const NameID& nameid,\r
- const vector<const opensaml::RootObject*>* tokens=NULL\r
+ const vector<const opensaml::Assertion*>* tokens=NULL\r
) const {\r
return new SimpleContext(application,client_addr,issuer,nameid,tokens);\r
}\r
child = XMLHelper::getNextSiblingElement(child, SIMPLE_NS, _AttributeDecoder);\r
}\r
\r
- child = XMLHelper::getFirstChildElement(e, samlconstants::SAML20_NS, opensaml::saml2::Attribute::LOCAL_NAME);\r
+ child = XMLHelper::getFirstChildElement(e, samlconstants::SAML20_NS, saml2::Attribute::LOCAL_NAME);\r
while (child) {\r
// Check for missing Name.\r
- const XMLCh* name = child->getAttributeNS(NULL, opensaml::saml2::Attribute::NAME_ATTRIB_NAME);\r
+ const XMLCh* name = child->getAttributeNS(NULL, saml2::Attribute::NAME_ATTRIB_NAME);\r
if (!name || !*name) {\r
log.warn("skipping saml:Attribute declared with no Name");\r
- child = XMLHelper::getNextSiblingElement(child, samlconstants::SAML20_NS, opensaml::saml2::Attribute::LOCAL_NAME);\r
+ child = XMLHelper::getNextSiblingElement(child, samlconstants::SAML20_NS, saml2::Attribute::LOCAL_NAME);\r
continue;\r
}\r
\r
const AttributeDecoder* decoder=NULL;\r
- auto_ptr_char id(child->getAttributeNS(NULL, opensaml::saml2::Attribute::FRIENDLYNAME_ATTRIB_NAME));\r
+ auto_ptr_char id(child->getAttributeNS(NULL, saml2::Attribute::FRIENDLYNAME_ATTRIB_NAME));\r
auto_ptr_char d(child->getAttributeNS(SIMPLE_NS, decoderId));\r
if (!id.get() || !*id.get() || !d.get() || !*d.get() || !(decoder=m_decoderMap[d.get()])) {\r
log.warn("skipping saml:Attribute declared with no FriendlyName or resolvable AttributeDecoder");\r
- child = XMLHelper::getNextSiblingElement(child, samlconstants::SAML20_NS, opensaml::saml2::Attribute::LOCAL_NAME);\r
+ child = XMLHelper::getNextSiblingElement(child, samlconstants::SAML20_NS, saml2::Attribute::LOCAL_NAME);\r
continue;\r
}\r
\r
// Empty NameFormat implies the usual Shib URI naming defaults.\r
- const XMLCh* format = child->getAttributeNS(NULL, opensaml::saml2::Attribute::NAMEFORMAT_ATTRIB_NAME);\r
+ const XMLCh* format = child->getAttributeNS(NULL, saml2::Attribute::NAMEFORMAT_ATTRIB_NAME);\r
if (!format || XMLString::equals(format, shibspconstants::SHIB1_ATTRIBUTE_NAMESPACE_URI) ||\r
- XMLString::equals(format, opensaml::saml2::Attribute::URI_REFERENCE))\r
+ XMLString::equals(format, saml2::Attribute::URI_REFERENCE))\r
format = &chNull; // ignore default Format/Namespace values\r
\r
// Fetch/create the map entry and see if it's a duplicate rule.\r
#endif\r
if (decl.first) {\r
log.warn("skipping duplicate saml:Attribute declaration (same Name and NameFormat)");\r
- child = XMLHelper::getNextSiblingElement(child, samlconstants::SAML20_NS, opensaml::saml2::Attribute::LOCAL_NAME);\r
+ child = XMLHelper::getNextSiblingElement(child, samlconstants::SAML20_NS, saml2::Attribute::LOCAL_NAME);\r
continue;\r
}\r
\r
decl.first = decoder;\r
decl.second = id.get();\r
\r
- child = XMLHelper::getNextSiblingElement(child, samlconstants::SAML20_NS, opensaml::saml2::Attribute::LOCAL_NAME);\r
+ child = XMLHelper::getNextSiblingElement(child, samlconstants::SAML20_NS, saml2::Attribute::LOCAL_NAME);\r
}\r
}\r
\r
void SimpleResolverImpl::resolve(\r
- ResolutionContext& ctx, const opensaml::saml1::Assertion* token, const vector<const char*>* attributes\r
+ ResolutionContext& ctx, const saml1::Assertion* token, const vector<const char*>* attributes\r
) const\r
{\r
set<string> aset;\r
}\r
}\r
\r
- const vector<opensaml::saml1::AttributeStatement*>& statements = token->getAttributeStatements();\r
- for (vector<opensaml::saml1::AttributeStatement*>::const_iterator s = statements.begin(); s!=statements.end(); ++s) {\r
- const vector<opensaml::saml1::Attribute*>& attrs = const_cast<const opensaml::saml1::AttributeStatement*>(*s)->getAttributes();\r
- for (vector<opensaml::saml1::Attribute*>::const_iterator a = attrs.begin(); a!=attrs.end(); ++a) {\r
+ const vector<saml1::AttributeStatement*>& statements = token->getAttributeStatements();\r
+ for (vector<saml1::AttributeStatement*>::const_iterator s = statements.begin(); s!=statements.end(); ++s) {\r
+ const vector<saml1::Attribute*>& attrs = const_cast<const saml1::AttributeStatement*>(*s)->getAttributes();\r
+ for (vector<saml1::Attribute*>::const_iterator a = attrs.begin(); a!=attrs.end(); ++a) {\r
name = (*a)->getAttributeName();\r
format = (*a)->getAttributeNamespace();\r
if (!name || !*name)\r
}\r
\r
void SimpleResolverImpl::resolve(\r
- ResolutionContext& ctx, const opensaml::saml2::Assertion* token, const vector<const char*>* attributes\r
+ ResolutionContext& ctx, const saml2::Assertion* token, const vector<const char*>* attributes\r
) const\r
{\r
set<string> aset;\r
}\r
}\r
\r
- const vector<opensaml::saml2::AttributeStatement*>& statements = token->getAttributeStatements();\r
- for (vector<opensaml::saml2::AttributeStatement*>::const_iterator s = statements.begin(); s!=statements.end(); ++s) {\r
- const vector<opensaml::saml2::Attribute*>& attrs = const_cast<const opensaml::saml2::AttributeStatement*>(*s)->getAttributes();\r
- for (vector<opensaml::saml2::Attribute*>::const_iterator a = attrs.begin(); a!=attrs.end(); ++a) {\r
+ const vector<saml2::AttributeStatement*>& statements = token->getAttributeStatements();\r
+ for (vector<saml2::AttributeStatement*>::const_iterator s = statements.begin(); s!=statements.end(); ++s) {\r
+ const vector<saml2::Attribute*>& attrs = const_cast<const saml2::AttributeStatement*>(*s)->getAttributes();\r
+ for (vector<saml2::Attribute*>::const_iterator a = attrs.begin(); a!=attrs.end(); ++a) {\r
name = (*a)->getName();\r
format = (*a)->getNameFormat();\r
if (!name || !*name)\r
shibsp::SOAPClient soaper(ctx.getApplication(),policy);\r
\r
auto_ptr_XMLCh binding(samlconstants::SAML1_BINDING_SOAP);\r
- opensaml::saml1p::Response* response=NULL;\r
+ saml1p::Response* response=NULL;\r
const vector<AttributeService*>& endpoints=AA->getAttributeServices();\r
for (vector<AttributeService*>::const_iterator ep=endpoints.begin(); !response && ep!=endpoints.end(); ++ep) {\r
try {\r
continue;\r
auto_ptr_char loc((*ep)->getLocation());\r
auto_ptr_XMLCh issuer(ctx.getApplication().getString("providerId").second);\r
- opensaml::saml1::Subject* subject = opensaml::saml1::SubjectBuilder::buildSubject();\r
+ saml1::Subject* subject = saml1::SubjectBuilder::buildSubject();\r
subject->setNameIdentifier(nameid.cloneNameIdentifier());\r
- opensaml::saml1p::AttributeQuery* query = opensaml::saml1p::AttributeQueryBuilder::buildAttributeQuery();\r
+ saml1p::AttributeQuery* query = saml1p::AttributeQueryBuilder::buildAttributeQuery();\r
query->setSubject(subject);\r
Request* request = RequestBuilder::buildRequest();\r
request->setAttributeQuery(query);\r
\r
time_t now = time(NULL);\r
const Validator* tokval = ctx.getApplication().getTokenValidator(now, AA);\r
- const vector<opensaml::saml1::Assertion*>& assertions = const_cast<const opensaml::saml1p::Response*>(response)->getAssertions();\r
+ const vector<saml1::Assertion*>& assertions = const_cast<const saml1p::Response*>(response)->getAssertions();\r
if (assertions.size()==1) {\r
- auto_ptr<opensaml::saml1p::Response> wrapper(response);\r
- opensaml::saml1::Assertion* newtoken = assertions.front();\r
+ auto_ptr<saml1p::Response> wrapper(response);\r
+ saml1::Assertion* newtoken = assertions.front();\r
if (!XMLString::equals(policy.getIssuer() ? policy.getIssuer()->getName() : NULL, newtoken->getIssuer())) {\r
log.error("assertion issued by someone other than AA, rejecting it");\r
return;\r
resolve(ctx, newtoken, attributes);\r
}\r
else {\r
- auto_ptr<opensaml::saml1p::Response> wrapper(response);\r
- for (vector<opensaml::saml1::Assertion*>::const_iterator a = assertions.begin(); a!=assertions.end(); ++a) {\r
+ auto_ptr<saml1p::Response> wrapper(response);\r
+ for (vector<saml1::Assertion*>::const_iterator a = assertions.begin(); a!=assertions.end(); ++a) {\r
if (!XMLString::equals(policy.getIssuer() ? policy.getIssuer()->getName() : NULL, (*a)->getIssuer())) {\r
log.error("assertion issued by someone other than AA, rejecting it");\r
continue;\r
shibsp::SOAPClient soaper(ctx.getApplication(),policy);\r
\r
auto_ptr_XMLCh binding(samlconstants::SAML20_BINDING_SOAP);\r
- opensaml::saml2p::StatusResponseType* srt=NULL;\r
+ saml2p::StatusResponseType* srt=NULL;\r
const vector<AttributeService*>& endpoints=AA->getAttributeServices();\r
for (vector<AttributeService*>::const_iterator ep=endpoints.begin(); !srt && ep!=endpoints.end(); ++ep) {\r
try {\r
continue;\r
auto_ptr_char loc((*ep)->getLocation());\r
auto_ptr_XMLCh issuer(ctx.getApplication().getString("providerId").second);\r
- opensaml::saml2::Subject* subject = opensaml::saml2::SubjectBuilder::buildSubject();\r
+ saml2::Subject* subject = saml2::SubjectBuilder::buildSubject();\r
subject->setNameID(nameid.cloneNameID());\r
- opensaml::saml2p::AttributeQuery* query = opensaml::saml2p::AttributeQueryBuilder::buildAttributeQuery();\r
+ saml2p::AttributeQuery* query = saml2p::AttributeQueryBuilder::buildAttributeQuery();\r
query->setSubject(subject);\r
Issuer* iss = IssuerBuilder::buildIssuer();\r
query->setIssuer(iss);\r
log.error("unable to successfully query for attributes");\r
return;\r
}\r
- opensaml::saml2p::Response* response = dynamic_cast<opensaml::saml2p::Response*>(srt);\r
+ saml2p::Response* response = dynamic_cast<saml2p::Response*>(srt);\r
if (!response) {\r
delete srt;\r
log.error("message was not a samlp:Response");\r
\r
time_t now = time(NULL);\r
const Validator* tokval = ctx.getApplication().getTokenValidator(now, AA);\r
- const vector<opensaml::saml2::Assertion*>& assertions = const_cast<const opensaml::saml2p::Response*>(response)->getAssertions();\r
+ const vector<saml2::Assertion*>& assertions = const_cast<const saml2p::Response*>(response)->getAssertions();\r
if (assertions.size()==1) {\r
- auto_ptr<opensaml::saml2p::Response> wrapper(response);\r
- opensaml::saml2::Assertion* newtoken = assertions.front();\r
+ auto_ptr<saml2p::Response> wrapper(response);\r
+ saml2::Assertion* newtoken = assertions.front();\r
if (!XMLString::equals(policy.getIssuer() ? policy.getIssuer()->getName() : NULL, newtoken->getIssuer() ? newtoken->getIssuer()->getName() : NULL)) {\r
log.error("assertion issued by someone other than AA, rejecting it");\r
return;\r
resolve(ctx, newtoken, attributes);\r
}\r
else {\r
- auto_ptr<opensaml::saml2p::Response> wrapper(response);\r
- for (vector<opensaml::saml2::Assertion*>::const_iterator a = assertions.begin(); a!=assertions.end(); ++a) {\r
+ auto_ptr<saml2p::Response> wrapper(response);\r
+ for (vector<saml2::Assertion*>::const_iterator a = assertions.begin(); a!=assertions.end(); ++a) {\r
if (!XMLString::equals(policy.getIssuer() ? policy.getIssuer()->getName() : NULL, (*a)->getIssuer() ? (*a)->getIssuer()->getName() : NULL)) {\r
log.error("assertion issued by someone other than AA, rejecting it");\r
return;\r
log.debug("examining tokens to resolve");\r
\r
bool query = m_impl->m_allowQuery;\r
- const opensaml::saml1::Assertion* token1;\r
- const opensaml::saml2::Assertion* token2;\r
+ const saml1::Assertion* token1;\r
+ const saml2::Assertion* token2;\r
if (ctx.getTokens()) {\r
- for (vector<const opensaml::RootObject*>::const_iterator t = ctx.getTokens()->begin(); t!=ctx.getTokens()->end(); ++t) {\r
- token2 = dynamic_cast<const opensaml::saml2::Assertion*>(*t);\r
+ for (vector<const opensaml::Assertion*>::const_iterator t = ctx.getTokens()->begin(); t!=ctx.getTokens()->end(); ++t) {\r
+ token2 = dynamic_cast<const saml2::Assertion*>(*t);\r
if (token2 && !token2->getAttributeStatements().empty()) {\r
log.debug("resolving SAML 2 token with an AttributeStatement");\r
m_impl->resolve(ctx, token2, attributes);\r
query = false;\r
}\r
else {\r
- token1 = dynamic_cast<const opensaml::saml1::Assertion*>(*t);\r
+ token1 = dynamic_cast<const saml1::Assertion*>(*t);\r
if (token1 && !token1->getAttributeStatements().empty()) {\r
log.debug("resolving SAML 1 token with an AttributeStatement");\r
m_impl->resolve(ctx, token1, attributes);\r
policy.addRule(*rule);
policy.setMetadataProvider(application.getMetadataProvider());
policy.setTrustEngine(application.getTrustEngine());
+ pair<bool,bool> validate = m_settings->getBool("validate");
+ policy.setValidating(validate.first && validate.second);
+ setValidating(validate.first && validate.second);
}
void SOAPClient::send(const soap11::Envelope& env, const KeyInfoSource& peer, const char* endpoint)
m_obj.destroy();\r
delete m_nameid;\r
for_each(m_attributes.begin(), m_attributes.end(), cleanup_const_pair<string,Attribute>());\r
- for_each(m_tokens.begin(), m_tokens.end(), cleanup_pair<string,RootObject>());\r
+ for_each(m_tokens.begin(), m_tokens.end(), cleanup_pair<string,Assertion>());\r
}\r
\r
Lockable* lock() {\r
return m_ids;\r
}\r
\r
- const RootObject* getAssertion(const char* id) const;\r
+ const Assertion* getAssertion(const char* id) const;\r
\r
void addAttributes(const vector<Attribute*>& attributes) {\r
throw ConfigurationException("addAttributes method not implemented by this session cache plugin.");\r
}\r
- void addAssertion(RootObject* assertion) {\r
+ void addAssertion(Assertion* assertion) {\r
throw ConfigurationException("addAssertion method not implemented by this session cache plugin.");\r
}\r
\r
saml2::NameID* m_nameid;\r
mutable map<string,const Attribute*> m_attributes;\r
mutable vector<const char*> m_ids;\r
- mutable map<string,RootObject*> m_tokens;\r
+ mutable map<string,Assertion*> m_tokens;\r
time_t m_expires,m_lastAccess;\r
RemotedCache* m_cache;\r
Mutex* m_lock;\r
const char* session_index=NULL,\r
const char* authncontext_class=NULL,\r
const char* authncontext_decl=NULL,\r
- const vector<const RootObject*>* tokens=NULL,\r
+ const vector<const Assertion*>* tokens=NULL,\r
const vector<Attribute*>* attributes=NULL\r
);\r
Session* find(const char* key, const Application& application, const char* client_addr=NULL, time_t timeout=0);\r
}\r
}\r
\r
-const RootObject* RemotedSession::getAssertion(const char* id) const\r
+const Assertion* RemotedSession::getAssertion(const char* id) const\r
{\r
- map<string,RootObject*>::const_iterator i = m_tokens.find(id);\r
+ map<string,Assertion*>::const_iterator i = m_tokens.find(id);\r
if (i!=m_tokens.end())\r
return i->second;\r
\r
auto_ptr<XMLObject> xmlObject(XMLObjectBuilder::buildOneFromElement(doc->getDocumentElement(), true));\r
janitor.release();\r
\r
- RootObject* token = dynamic_cast<RootObject*>(xmlObject.get());\r
- if (!token || !token->isAssertion())\r
+ Assertion* token = dynamic_cast<Assertion*>(xmlObject.get());\r
+ if (!token)\r
throw FatalProfileException("Cached assertion was of an unknown object type.");\r
\r
// Transfer ownership to us.\r
const char* session_index,\r
const char* authncontext_class,\r
const char* authncontext_decl,\r
- const vector<const RootObject*>* tokens,\r
+ const vector<const Assertion*>* tokens,\r
const vector<Attribute*>* attributes\r
)\r
{\r
if (tokens) {\r
in.addmember("assertions").list();\r
in.addmember("tokens").list();\r
- for (vector<const RootObject*>::const_iterator t = tokens->begin(); t!=tokens->end(); ++t) {\r
+ for (vector<const Assertion*>::const_iterator t = tokens->begin(); t!=tokens->end(); ++t) {\r
ostringstream tokenstr;\r
tokenstr << *(*t);\r
auto_ptr_char tokenid((*t)->getID());\r
m_attributes.insert(m_attributes.end(), attributes.begin(), attributes.end());\r
}\r
\r
-void RemotedSession::addAssertion(RootObject* assertion)\r
+void RemotedSession::addAssertion(Assertion* assertion)\r
{\r
- if (!assertion || !assertion->isAssertion())\r
+ if (!assertion)\r
throw FatalProfileException("Unknown object type passed to session cache for storage.");\r
\r
DDF in("addAssertion::"REMOTED_SESSION_CACHE);\r
}\r
\r
void addAttributes(const vector<Attribute*>& attributes);\r
- const RootObject* getAssertion(const char* id) const;\r
- void addAssertion(RootObject* assertion);\r
+ const Assertion* getAssertion(const char* id) const;\r
+ void addAssertion(Assertion* assertion);\r
\r
private:\r
void unmarshallAttributes() const;\r
saml2::NameID* m_nameid;\r
mutable map<string,const Attribute*> m_attributes;\r
mutable vector<const char*> m_ids;\r
- mutable map<string,RootObject*> m_tokens;\r
+ mutable map<string,Assertion*> m_tokens;\r
SSCache* m_cache;\r
};\r
\r
const char* session_index=NULL,\r
const char* authncontext_class=NULL,\r
const char* authncontext_decl=NULL,\r
- const vector<const RootObject*>* tokens=NULL,\r
+ const vector<const Assertion*>* tokens=NULL,\r
const vector<Attribute*>* attributes=NULL\r
);\r
Session* find(const char* key, const Application& application, const char* client_addr=NULL, time_t timeout=0);\r
m_obj.destroy();\r
delete m_nameid;\r
for_each(m_attributes.begin(), m_attributes.end(), cleanup_const_pair<string,Attribute>());\r
- for_each(m_tokens.begin(), m_tokens.end(), cleanup_pair<string,RootObject>());\r
+ for_each(m_tokens.begin(), m_tokens.end(), cleanup_pair<string,Assertion>());\r
}\r
\r
void StoredSession::unmarshallAttributes() const\r
for_each(attributes.begin(), attributes.end(), xmltooling::cleanup<Attribute>());\r
}\r
\r
-const RootObject* StoredSession::getAssertion(const char* id) const\r
+const Assertion* StoredSession::getAssertion(const char* id) const\r
{\r
- map<string,RootObject*>::const_iterator i = m_tokens.find(id);\r
+ map<string,Assertion*>::const_iterator i = m_tokens.find(id);\r
if (i!=m_tokens.end())\r
return i->second;\r
\r
auto_ptr<XMLObject> xmlObject(XMLObjectBuilder::buildOneFromElement(doc->getDocumentElement(), true));\r
janitor.release();\r
\r
- RootObject* token = dynamic_cast<RootObject*>(xmlObject.get());\r
- if (!token || !token->isAssertion())\r
+ Assertion* token = dynamic_cast<Assertion*>(xmlObject.get());\r
+ if (!token)\r
throw FatalProfileException("Request for cached assertion returned an unknown object type.");\r
\r
// Transfer ownership to us.\r
return token;\r
}\r
\r
-void StoredSession::addAssertion(RootObject* assertion)\r
+void StoredSession::addAssertion(Assertion* assertion)\r
{\r
#ifdef _DEBUG\r
xmltooling::NDC ndc("addAssertion");\r
#endif\r
\r
- if (!assertion || !assertion->isAssertion())\r
+ if (!assertion)\r
throw FatalProfileException("Unknown object type passed to session for storage.");\r
\r
auto_ptr_char id(assertion->getID());\r
const char* session_index,\r
const char* authncontext_class,\r
const char* authncontext_decl,\r
- const vector<const RootObject*>* tokens,\r
+ const vector<const Assertion*>* tokens,\r
const vector<Attribute*>* attributes\r
)\r
{\r
\r
if (tokens) {\r
obj.addmember("assertions").list();\r
- for (vector<const RootObject*>::const_iterator t = tokens->begin(); t!=tokens->end(); ++t) {\r
+ for (vector<const Assertion*>::const_iterator t = tokens->begin(); t!=tokens->end(); ++t) {\r
auto_ptr_char tokenid((*t)->getID());\r
DDF tokid = DDF(NULL).string(tokenid.get());\r
obj["assertions"].add(tokid);\r
m_storage->createText(key.get(), "session", record.str().c_str(), now + m_cacheTimeout);\r
if (tokens) {\r
try {\r
- for (vector<const RootObject*>::const_iterator t = tokens->begin(); t!=tokens->end(); ++t) {\r
+ for (vector<const Assertion*>::const_iterator t = tokens->begin(); t!=tokens->end(); ++t) {\r
ostringstream tokenstr;\r
tokenstr << *(*t);\r
auto_ptr_char tokenid((*t)->getID());\r
const vector<const XMLCh*>& getAudiences() const {\r
return (m_audiences.empty() && m_base) ? m_base->getAudiences() : m_audiences;\r
}\r
- Validator* getTokenValidator(time_t ts=0, const opensaml::saml2md::RoleDescriptor* role=NULL) const {\r
+ Validator* getTokenValidator(time_t ts=0, const saml2md::RoleDescriptor* role=NULL) const {\r
return new TokenValidator(*this, ts, role);\r
}\r
\r
#endif\r
Category& log=Category::getInstance(SHIBSP_LOGCAT".Application");\r
\r
- const opensaml::RootObject* root = NULL;\r
- const opensaml::saml2::Assertion* token2 = dynamic_cast<const opensaml::saml2::Assertion*>(xmlObject);\r
+ const opensaml::Assertion* root = NULL;\r
+ const saml2::Assertion* token2 = dynamic_cast<const saml2::Assertion*>(xmlObject);\r
if (token2) {\r
- const opensaml::saml2::Conditions* conds = token2->getConditions();\r
+ const saml2::Conditions* conds = token2->getConditions();\r
// First verify the time conditions, using the specified timestamp, if non-zero.\r
if (m_ts>0 && conds) {\r
unsigned int skew = XMLToolingConfig::getConfig().clock_skew_secs;\r
}\r
\r
// Now we process conditions. Only audience restrictions at the moment.\r
- const vector<opensaml::saml2::Condition*>& convec = conds->getConditions();\r
- for (vector<opensaml::saml2::Condition*>::const_iterator c = convec.begin(); c!=convec.end(); ++c) {\r
- const opensaml::saml2::AudienceRestriction* ac=dynamic_cast<const opensaml::saml2::AudienceRestriction*>(*c);\r
+ const vector<saml2::Condition*>& convec = conds->getConditions();\r
+ for (vector<saml2::Condition*>::const_iterator c = convec.begin(); c!=convec.end(); ++c) {\r
+ const saml2::AudienceRestriction* ac=dynamic_cast<const saml2::AudienceRestriction*>(*c);\r
if (!ac) {\r
log.error("unrecognized Condition in assertion (%s)",\r
(*c)->getSchemaType() ? (*c)->getSchemaType()->toString().c_str() : (*c)->getElementQName().toString().c_str());\r
}\r
\r
bool found = false;\r
- const vector<opensaml::saml2::Audience*>& auds1 = ac->getAudiences();\r
+ const vector<saml2::Audience*>& auds1 = ac->getAudiences();\r
const vector<const XMLCh*>& auds2 = m_app.getAudiences();\r
- for (vector<opensaml::saml2::Audience*>::const_iterator a = auds1.begin(); !found && a!=auds1.end(); ++a) {\r
+ for (vector<saml2::Audience*>::const_iterator a = auds1.begin(); !found && a!=auds1.end(); ++a) {\r
for (vector<const XMLCh*>::const_iterator a2 = auds2.begin(); !found && a2!=auds2.end(); ++a2) {\r
found = XMLString::equals((*a)->getAudienceURI(), *a2);\r
}\r
root = token2;\r
}\r
else {\r
- const opensaml::saml1::Assertion* token1 = dynamic_cast<const opensaml::saml1::Assertion*>(xmlObject);\r
+ const saml1::Assertion* token1 = dynamic_cast<const saml1::Assertion*>(xmlObject);\r
if (token1) {\r
- const opensaml::saml1::Conditions* conds = token1->getConditions();\r
+ const saml1::Conditions* conds = token1->getConditions();\r
// First verify the time conditions, using the specified timestamp, if non-zero.\r
if (m_ts>0 && conds) {\r
unsigned int skew = XMLToolingConfig::getConfig().clock_skew_secs;\r
}\r
\r
// Now we process conditions. Only audience restrictions at the moment.\r
- const vector<opensaml::saml1::Condition*>& convec = conds->getConditions();\r
- for (vector<opensaml::saml1::Condition*>::const_iterator c = convec.begin(); c!=convec.end(); ++c) {\r
- const opensaml::saml1::AudienceRestrictionCondition* ac=dynamic_cast<const opensaml::saml1::AudienceRestrictionCondition*>(*c);\r
+ const vector<saml1::Condition*>& convec = conds->getConditions();\r
+ for (vector<saml1::Condition*>::const_iterator c = convec.begin(); c!=convec.end(); ++c) {\r
+ const saml1::AudienceRestrictionCondition* ac=dynamic_cast<const saml1::AudienceRestrictionCondition*>(*c);\r
if (!ac) {\r
log.error("unrecognized Condition in assertion (%s)",\r
(*c)->getSchemaType() ? (*c)->getSchemaType()->toString().c_str() : (*c)->getElementQName().toString().c_str());\r
}\r
\r
bool found = false;\r
- const vector<opensaml::saml1::Audience*>& auds1 = ac->getAudiences();\r
+ const vector<saml1::Audience*>& auds1 = ac->getAudiences();\r
const vector<const XMLCh*>& auds2 = m_app.getAudiences();\r
- for (vector<opensaml::saml1::Audience*>::const_iterator a = auds1.begin(); !found && a!=auds1.end(); ++a) {\r
+ for (vector<saml1::Audience*>::const_iterator a = auds1.begin(); !found && a!=auds1.end(); ++a) {\r
for (vector<const XMLCh*>::const_iterator a2 = auds2.begin(); !found && a2!=auds2.end(); ++a2) {\r
found = XMLString::equals((*a)->getAudienceURI(), *a2);\r
}\r
while (child) {\r
DOMPropertySet* rp=new DOMPropertySet();\r
rp->load(child,log,this);\r
- m_credMap[child->getAttributeNS(NULL,opensaml::saml2::Attribute::NAME_ATTRIB_NAME)]=rp;\r
+ m_credMap[child->getAttributeNS(NULL,saml2::Attribute::NAME_ATTRIB_NAME)]=rp;\r
child = XMLHelper::getNextSiblingElement(child,RelyingParty);\r
}\r
}\r
\r
short XMLApplication::acceptNode(const DOMNode* node) const\r
{\r
- if (XMLHelper::isNodeNamed(node,samlconstants::SAML20_NS,opensaml::saml2::Attribute::LOCAL_NAME))\r
+ if (XMLHelper::isNodeNamed(node,samlconstants::SAML20_NS,saml2::Attribute::LOCAL_NAME))\r
return FILTER_REJECT;\r
else if (XMLHelper::isNodeNamed(node,samlconstants::SAML20_NS,Audience::LOCAL_NAME))\r
return FILTER_REJECT;\r
projects / shibboleth / cpp-sp.git / commitdiff