opensaml::saml2::SAML2AssertionPolicy Class Reference

Policy subclass to track SAML 2.0 Assertion SubjectConfirmation. More...

#include <saml/saml2/profile/SAML2AssertionPolicy.h>

Inheritance diagram for opensaml::saml2::SAML2AssertionPolicy:

Collaboration diagram for opensaml::saml2::SAML2AssertionPolicy:

Public Member Functions
	SAML2AssertionPolicy (const saml2md::MetadataProvider *metadataProvider=0, const xmltooling::QName *role=0, const xmltooling::TrustEngine *trustEngine=0, bool validate=true)
	Constructor for policy.
virtual void	reset (bool messageOnly=false)
	Resets the policy object and/or clears any per-message state.
void	_reset (bool messageOnly=false)
const saml2::SubjectConfirmation *	getSubjectConfirmation () const
	Returns the subject confirmation that was successfully accepted by the policy.
void	setSubjectConfirmation (const saml2::SubjectConfirmation *confirmation)
	Sets the SubjectConfirmation that was successfully accepted by the policy.
Public Member Functions inherited from opensaml::SecurityPolicy
	SecurityPolicy (const saml2md::MetadataProvider *metadataProvider=0, const xmltooling::QName *role=0, const xmltooling::TrustEngine *trustEngine=0, bool validate=true, const char *profile=0)
	Constructor for policy.
const char *	getProfile () const
	Returns the profile identifier associated with the transaction.
const saml2md::MetadataProvider *	getMetadataProvider () const
	Returns the locked MetadataProvider supplied to the policy.
virtual saml2md::MetadataProvider::Criteria &	getMetadataProviderCriteria () const
	Returns a reference to a MetadataProvider::Criteria instance suitable for use with the installed MetadataProvider.
const xmltooling::QName *	getRole () const
	Returns the peer role element/type supplied to the policy.
const xmltooling::TrustEngine *	getTrustEngine () const
	Returns the TrustEngine supplied to the policy.
bool	getValidating () const
	Returns XML message validation setting.
bool	requireEntityIssuer () const
	Returns flag controlling non-entity issuer support.
const std::vector< xmltooling::xstring > &	getAudiences () const
	Returns the SAML audiences that represent the receiving peer.
std::vector< xmltooling::xstring > &	getAudiences ()
	Returns the SAML audiences that represent the receiving peer.
time_t	getTime () const
	Gets the effective time of message processing.
const XMLCh *	getCorrelationID () const
	Returns the message identifier to which the message being evaluated is a response.
const XMLCh *	getInResponseTo () const
	Returns the message identifier to which the message being evaluated claims to be a response.
std::vector< const SecurityPolicyRule * > &	getRules ()
	Gets a mutable array of installed policy rules.
void	setProfile (const char *id)
	Sets the profile identifier associated with the transaction.
void	setMetadataProvider (const saml2md::MetadataProvider *metadata)
	Sets a locked MetadataProvider for the policy.
void	setMetadataProviderCriteria (saml2md::MetadataProvider::Criteria *criteria)
	Sets a MetadataProvider::Criteria instance suitable for use with the installed MetadataProvider.
void	setRole (const xmltooling::QName *role)
	Sets a peer role element/type for to the policy.
void	setTrustEngine (const xmltooling::TrustEngine *trust)
	Sets a TrustEngine for the policy.
void	setValidating (bool validate=true)
	Controls schema validation of incoming XML messages.
void	requireEntityIssuer (bool entityOnly=true)
	Sets flag controlling non-entity issuer support.
void	setTime (time_t ts)
	Sets effective time of message processing.
void	setCorrelationID (const XMLCh *correlationID)
	Sets the message identifier to which the message being evaluated is a response.
void	setInResponseTo (const XMLCh *id)
	Sets the message identifier to which the message being evaluated was responding (i.e., the value to be compared to the correlation ID).
void	evaluate (const xmltooling::XMLObject &message, const xmltooling::GenericRequest *request=0)
	Evaluates the policy against the given request and message, possibly populating message information in the policy object.
void	_reset (bool messageOnly=false)
	Resets the policy object and/or clears any per-message state for only this specific class.
const XMLCh *	getMessageID () const
	Returns the message identifier as determined by the registered policies.
time_t	getIssueInstant () const
	Returns the message timestamp as determined by the registered policies.
const saml2::Issuer *	getIssuer () const
	Gets the issuer of the message as determined by the registered policies.
const saml2md::RoleDescriptor *	getIssuerMetadata () const
	Gets the metadata for the role the issuer is operating in.
bool	isAuthenticated () const
	Returns the authentication status of the message as determined by the registered policies.
void	setMessageID (const XMLCh *id)
	Sets the message identifier as determined by the registered policies.
void	setIssueInstant (time_t issueInstant)
	Sets the message timestamp as determined by the registered policies.
void	setIssuer (const saml2::Issuer *issuer)
	Sets the issuer of the message as determined by the registered policies.
void	setIssuer (const XMLCh *issuer)
	Sets the issuer of the message as determined by the registered policies.
void	setIssuerMetadata (const saml2md::RoleDescriptor *issuerRole)
	Sets the metadata for the role the issuer is operating in.
void	setAuthenticated (bool auth)
	Sets the authentication status of the message as determined by the registered policies.
const IssuerMatchingPolicy &	getIssuerMatchingPolicy () const
	Returns the IssuerMatchingPolicy in effect.
void	setIssuerMatchingPolicy (IssuerMatchingPolicy *matchingPolicy)
	Sets the IssuerMatchingPolicy in effect.

Additional Inherited Members
Protected Attributes inherited from opensaml::SecurityPolicy
saml2md::MetadataProvider::Criteria *	m_metadataCriteria
	Manufactured MetadataProvider::Criteria instance.
Static Protected Attributes inherited from opensaml::SecurityPolicy
static IssuerMatchingPolicy	m_defaultMatching
	A shared matching object that just supports the default matching rules.

Detailed Description

Policy subclass to track SAML 2.0 Assertion SubjectConfirmation.

Constructor & Destructor Documentation

SAML2AssertionPolicy()

opensaml::saml2::SAML2AssertionPolicy::SAML2AssertionPolicy	(	const saml2md::MetadataProvider *	metadataProvider = 0,
		const xmltooling::QName *	role = 0,
		const xmltooling::TrustEngine *	trustEngine = 0,
		bool	validate = true )

Constructor for policy.

Parameters

metadataProvider	locked MetadataProvider instance
role	identifies the role (generally IdP or SP) of the policy peer
trustEngine	TrustEngine to authenticate policy peer
validate	true iff XML parsing should be done with validation

Member Function Documentation

getSubjectConfirmation()

const saml2::SubjectConfirmation * opensaml::saml2::SAML2AssertionPolicy::getSubjectConfirmation

(

)

const

Returns the subject confirmation that was successfully accepted by the policy.

Returns

a successfully evaluated SubjectConfirmation

reset()

virtual void opensaml::saml2::SAML2AssertionPolicy::reset ( bool messageOnly = false )

virtual

Resets the policy object and/or clears any per-message state.

Resets can be complete (the default) or merely clear the previous message ID and timestamp when evaluating multiple layers of a message.

Parameters

messageOnly

true iff security and issuer state should be left in place

Reimplemented from opensaml::SecurityPolicy.

setSubjectConfirmation()

void opensaml::saml2::SAML2AssertionPolicy::setSubjectConfirmation

(

const saml2::SubjectConfirmation *

confirmation

)

Sets the SubjectConfirmation that was successfully accepted by the policy.

The lifetime of the SubjectConfirmation object MUST be longer than the lifetime of the policy object.

Parameters

confirmation

the successfully evaluated SubjectConfirmation

---

The documentation for this class was generated from the following file:

• saml/saml2/profile/SAML2AssertionPolicy.h