Duh, signing was already implemented.

author Scott Cantor <cantor.2@osu.edu>

Thu, 16 Aug 2007 01:14:58 +0000 (01:14 +0000)

committer Scott Cantor <cantor.2@osu.edu>

Thu, 16 Aug 2007 01:14:58 +0000 (01:14 +0000)
author Scott Cantor <cantor.2@osu.edu>
Thu, 16 Aug 2007 01:14:58 +0000 (01:14 +0000)
committer Scott Cantor <cantor.2@osu.edu>
Thu, 16 Aug 2007 01:14:58 +0000 (01:14 +0000)
diff --git a/shibsp/attribute/resolver/impl/QueryAttributeResolver.cpp b/shibsp/attribute/resolver/impl/QueryAttributeResolver.cpp

index c757647..b4cdaa2 100644 (file)
--- a/shibsp/attribute/resolver/impl/QueryAttributeResolver.cpp
+++ b/shibsp/attribute/resolver/impl/QueryAttributeResolver.cpp
@@ -203,7 +203,6 @@ namespace shibsp {
      private:
          bool SAML1Query(QueryContext& ctx) const;
          bool SAML2Query(QueryContext& ctx) const;
-        void signMessage(const Application& app, const RoleDescriptor& role, SignableObject& msg) const;
  
          Category& m_log;
          vector<AttributeDesignator*> m_SAML1Designators;
@@ -255,50 +254,6 @@ QueryResolver::QueryResolver(const DOMElement* e) : m_log(Category::getInstance(
      }
  }
  
-void QueryResolver::signMessage(const Application& application, const RoleDescriptor& role, SignableObject& msg) const
-{
-    const PropertySet* relyingParty = application.getRelyingParty(dynamic_cast<const EntityDescriptor*>(role.getParent()));
-    pair<bool,const char*> prop = relyingParty->getString("signing");
-    if (prop.first && (!strcmp(prop.second, "true") || !strcmp(prop.second, "back"))) {
-        CredentialResolver* credResolver=application.getCredentialResolver();
-        if (credResolver) {
-            Locker credLocker(credResolver);
-            // Fill in criteria to use.
-            MetadataCredentialCriteria mcc(role);
-            mcc.setUsage(CredentialCriteria::SIGNING_CREDENTIAL);
-            prop = relyingParty->getString("keyName");
-            if (prop.first)
-                mcc.getKeyNames().insert(prop.second);
-            pair<bool,const XMLCh*> sigalg = relyingParty->getXMLString("signingAlg");
-            if (sigalg.first)
-                mcc.setXMLAlgorithm(sigalg.second);
-            const Credential* cred = credResolver->resolve(&mcc);
-            if (cred) {
-                xmlsignature::Signature* sig = xmlsignature::SignatureBuilder::buildSignature();
-                msg.setSignature(sig);
-                if (sigalg.first)
-                    sig->setSignatureAlgorithm(sigalg.second);
-                sigalg = relyingParty->getXMLString("digestAlg");
-                if (sigalg.first) {
-                    ContentReference* cr = dynamic_cast<ContentReference*>(sig->getContentReference());
-                    if (cr)
-                        cr->setDigestAlgorithm(sigalg.second);
-                }
-        
-                // Sign response while marshalling.
-                vector<xmlsignature::Signature*> sigs(1,sig);
-                msg.marshall((DOMDocument*)NULL,&sigs,cred);
-            }
-            else {
-                m_log.warn("no signing credential resolved, leaving query unsigned");
-            }
-        }
-        else {
-            m_log.warn("no credential resolver installed, leaving query unsigned");
-        }
-    }
-}
-
  bool QueryResolver::SAML1Query(QueryContext& ctx) const
  {
  #ifdef _DEBUG
@@ -342,7 +297,6 @@ bool QueryResolver::SAML1Query(QueryContext& ctx) const
              Request* request = RequestBuilder::buildRequest();
              request->setAttributeQuery(query);
              request->setMinorVersion(version);
-            signMessage(ctx.getApplication(), *AA, *request);
  
              SAML1SOAPClient client(soaper, false);
              client.sendSAML(request, mcc, loc.get());
@@ -480,7 +434,6 @@ bool QueryResolver::SAML2Query(QueryContext& ctx) const
              query->setIssuer(iss);
              for (vector<saml2::Attribute*>::const_iterator ad = m_SAML2Designators.begin(); ad!=m_SAML2Designators.end(); ++ad)
                  query->getAttributes().push_back((*ad)->cloneAttribute());
-            signMessage(ctx.getApplication(), *AA, *query);
  
              SAML2SOAPClient client(soaper, false);
              client.sendSAML(query, mcc, loc.get());
author	Scott Cantor <cantor.2@osu.edu>
	Thu, 16 Aug 2007 01:14:58 +0000 (01:14 +0000)
committer	Scott Cantor <cantor.2@osu.edu>
	Thu, 16 Aug 2007 01:14:58 +0000 (01:14 +0000)