namespace opensaml {
SAML_DLLLOCAL PluginManager<SecurityPolicyRule,string,const DOMElement*>::Factory ClientCertAuthRuleFactory;
SAML_DLLLOCAL PluginManager<SecurityPolicyRule,string,const DOMElement*>::Factory MessageFlowRuleFactory;
+ SAML_DLLLOCAL PluginManager<SecurityPolicyRule,string,const DOMElement*>::Factory NullSecurityRuleFactory;
SAML_DLLLOCAL PluginManager<SecurityPolicyRule,string,const DOMElement*>::Factory SAML1MessageRuleFactory;
SAML_DLLLOCAL PluginManager<SecurityPolicyRule,string,const DOMElement*>::Factory SAML2MessageRuleFactory;
SAML_DLLLOCAL PluginManager<SecurityPolicyRule,string,const DOMElement*>::Factory SimpleSigningRuleFactory;
SAMLConfig& conf=SAMLConfig::getConfig();
conf.SecurityPolicyRuleManager.registerFactory(CLIENTCERTAUTH_POLICY_RULE, ClientCertAuthRuleFactory);
conf.SecurityPolicyRuleManager.registerFactory(MESSAGEFLOW_POLICY_RULE, MessageFlowRuleFactory);
+ conf.SecurityPolicyRuleManager.registerFactory(NULLSECURITY_POLICY_RULE, NullSecurityRuleFactory);
conf.SecurityPolicyRuleManager.registerFactory(SAML1MESSAGE_POLICY_RULE, SAML1MessageRuleFactory);
conf.SecurityPolicyRuleManager.registerFactory(SAML2MESSAGE_POLICY_RULE, SAML2MessageRuleFactory);
conf.SecurityPolicyRuleManager.registerFactory(SIMPLESIGNING_POLICY_RULE, SimpleSigningRuleFactory);
SecurityPolicy::~SecurityPolicy()
{
- reset();
+ reset(false);
}
-void SecurityPolicy::reset()
+void SecurityPolicy::reset(bool messageOnly)
{
- delete m_messageQName;
XMLString::release(&m_messageID);
- delete m_issuer;
- m_messageQName=NULL;
m_messageID=NULL;
m_issueInstant=0;
- m_issuer=NULL;
- m_issuerRole=NULL;
- m_secure=false;
+ if (!messageOnly) {
+ delete m_issuer;
+ m_issuer=NULL;
+ m_issuerRole=NULL;
+ m_secure=false;
+ }
}
-void SecurityPolicy::evaluate(const XMLObject& message, const GenericRequest* request)
+void SecurityPolicy::evaluate(const XMLObject& message, const GenericRequest* request, const XMLCh* protocol)
{
for (vector<const SecurityPolicyRule*>::const_iterator i=m_rules.begin(); i!=m_rules.end(); ++i)
- (*i)->evaluate(message,request,*this);
+ (*i)->evaluate(message,request,protocol,*this);
}
void SecurityPolicy::setIssuer(const Issuer* issuer)