git-svn-id: https://svn.middleware.georgetown.edu/cpp-opensaml2/branches/REL_2@528
fb386ef7-a10c-0410-8ebf-
fd3f8e989ab0
#include "saml2/metadata/MetadataCredentialCriteria.h"
#include <xercesc/util/XMLUniDefs.hpp>
#include "saml2/metadata/MetadataCredentialCriteria.h"
#include <xercesc/util/XMLUniDefs.hpp>
+#include <xmltooling/logging.h>
#include <xmltooling/XMLToolingConfig.h>
#include <xmltooling/security/Credential.h>
#include <xmltooling/security/KeyInfoResolver.h>
#include <xmltooling/XMLToolingConfig.h>
#include <xmltooling/security/Credential.h>
#include <xmltooling/security/KeyInfoResolver.h>
#include <xmltooling/util/XMLHelper.h>
using namespace opensaml::saml2md;
#include <xmltooling/util/XMLHelper.h>
using namespace opensaml::saml2md;
+using namespace xmltooling::logging;
using namespace xmltooling;
using namespace std;
using opensaml::SAMLArtifact;
using namespace xmltooling;
using namespace std;
using opensaml::SAMLArtifact;
if (now < i->second->getValidUntilEpoch())
return i->second;
if (now < i->second->getValidUntilEpoch())
return i->second;
- if (!strict && range.first!=range.second)
- return range.first->second;
-
+ if (range.first != range.second) {
+ Category& log = Category::getInstance(SAML_LOGCAT".MetadataProvider");
+ if (strict) {
+ log.warn("ignored expired metadata group (%s)", range.first->first.c_str());
+ }
+ else {
+ log.info("no valid metadata found, returning expired metadata group (%s)", range.first->first.c_str());
+ return range.first->second;
+ }
+ }
+
- if (!result.first && !criteria.validOnly && range.first!=range.second)
- result.first = range.first->second;
-
+ if (!result.first && range.first!=range.second) {
+ Category& log = Category::getInstance(SAML_LOGCAT".MetadataProvider");
+ if (criteria.validOnly) {
+ log.warn("ignored expired metadata instance for (%s)", range.first->first.c_str());
+ }
+ else {
+ log.info("no valid metadata found, returning expired instance for (%s)", range.first->first.c_str());
+ result.first = range.first->second;
+ }
+ }
+
if (result.first && criteria.role) {
result.second = result.first->getRoleDescriptor(*criteria.role, criteria.protocol);
if (!result.second && criteria.protocol2)
if (result.first && criteria.role) {
result.second = result.first->getRoleDescriptor(*criteria.role, criteria.protocol);
if (!result.second && criteria.protocol2)