|
opensaml-2.5.5
|
Policy subclass to track SAML 2.0 Assertion SubjectConfirmation. More...
#include <saml/saml2/profile/SAML2AssertionPolicy.h>
Public Member Functions | |
| SAML2AssertionPolicy (const saml2md::MetadataProvider *metadataProvider=nullptr, const xmltooling::QName *role=nullptr, const xmltooling::TrustEngine *trustEngine=nullptr, bool validate=true) | |
| Constructor for policy. More... | |
| virtual void | reset (bool messageOnly=false) |
| Resets the policy object and/or clears any per-message state. More... | |
| void | _reset (bool messageOnly=false) |
| const saml2::SubjectConfirmation * | getSubjectConfirmation () const |
| Returns the subject confirmation that was successfully accepted by the policy. More... | |
| void | setSubjectConfirmation (const saml2::SubjectConfirmation *confirmation) |
| Sets the SubjectConfirmation that was successfully accepted by the policy. More... | |
Public Member Functions inherited from opensaml::SecurityPolicy | |
| SecurityPolicy (const saml2md::MetadataProvider *metadataProvider=nullptr, const xmltooling::QName *role=nullptr, const xmltooling::TrustEngine *trustEngine=nullptr, bool validate=true) | |
| Constructor for policy. More... | |
| const saml2md::MetadataProvider * | getMetadataProvider () const |
| Returns the locked MetadataProvider supplied to the policy. More... | |
| virtual saml2md::MetadataProvider::Criteria & | getMetadataProviderCriteria () const |
| Returns a reference to a MetadataProvider::Criteria instance suitable for use with the installed MetadataProvider. More... | |
| const xmltooling::QName * | getRole () const |
| Returns the peer role element/type supplied to the policy. More... | |
| const xmltooling::TrustEngine * | getTrustEngine () const |
| Returns the TrustEngine supplied to the policy. More... | |
| bool | getValidating () const |
| Returns XML message validation setting. More... | |
| bool | requireEntityIssuer () const |
| Returns flag controlling non-entity issuer support. More... | |
| const std::vector < xmltooling::xstring > & | getAudiences () const |
| Returns the SAML audiences that represent the receiving peer. More... | |
| std::vector < xmltooling::xstring > & | getAudiences () |
| Returns the SAML audiences that represent the receiving peer. More... | |
| time_t | getTime () const |
| Gets the effective time of message processing. More... | |
| const XMLCh * | getCorrelationID () const |
| Returns the message identifier to which the message being evaluated is a response. More... | |
| std::vector< const SecurityPolicyRule * > & | getRules () |
| Gets a mutable array of installed policy rules. More... | |
| void | setMetadataProvider (const saml2md::MetadataProvider *metadata) |
| Sets a locked MetadataProvider for the policy. More... | |
| void | setMetadataProviderCriteria (saml2md::MetadataProvider::Criteria *criteria) |
| Sets a MetadataProvider::Criteria instance suitable for use with the installed MetadataProvider. More... | |
| void | setRole (const xmltooling::QName *role) |
| Sets a peer role element/type for to the policy. More... | |
| void | setTrustEngine (const xmltooling::TrustEngine *trust) |
| Sets a TrustEngine for the policy. More... | |
| void | setValidating (bool validate=true) |
| Controls schema validation of incoming XML messages. More... | |
| void | requireEntityIssuer (bool entityOnly=true) |
| Sets flag controlling non-entity issuer support. More... | |
| void | setTime (time_t ts) |
| Sets effective time of message processing. More... | |
| void | setCorrelationID (const XMLCh *correlationID) |
| Sets the message identifier to which the message being evaluated is a response. More... | |
| void | evaluate (const xmltooling::XMLObject &message, const xmltooling::GenericRequest *request=nullptr) |
| Evaluates the policy against the given request and message, possibly populating message information in the policy object. More... | |
| void | _reset (bool messageOnly=false) |
| Resets the policy object and/or clears any per-message state for only this specific class. More... | |
| const XMLCh * | getMessageID () const |
| Returns the message identifier as determined by the registered policies. More... | |
| time_t | getIssueInstant () const |
| Returns the message timestamp as determined by the registered policies. More... | |
| const saml2::Issuer * | getIssuer () const |
| Gets the issuer of the message as determined by the registered policies. More... | |
| const saml2md::RoleDescriptor * | getIssuerMetadata () const |
| Gets the metadata for the role the issuer is operating in. More... | |
| bool | isAuthenticated () const |
| Returns the authentication status of the message as determined by the registered policies. More... | |
| void | setMessageID (const XMLCh *id) |
| Sets the message identifier as determined by the registered policies. More... | |
| void | setIssueInstant (time_t issueInstant) |
| Sets the message timestamp as determined by the registered policies. More... | |
| void | setIssuer (const saml2::Issuer *issuer) |
| Sets the issuer of the message as determined by the registered policies. More... | |
| void | setIssuer (const XMLCh *issuer) |
| Sets the issuer of the message as determined by the registered policies. More... | |
| void | setIssuerMetadata (const saml2md::RoleDescriptor *issuerRole) |
| Sets the metadata for the role the issuer is operating in. More... | |
| void | setAuthenticated (bool auth) |
| Sets the authentication status of the message as determined by the registered policies. More... | |
| const IssuerMatchingPolicy & | getIssuerMatchingPolicy () const |
| Returns the IssuerMatchingPolicy in effect. More... | |
| void | setIssuerMatchingPolicy (IssuerMatchingPolicy *matchingPolicy) |
| Sets the IssuerMatchingPolicy in effect. More... | |
Additional Inherited Members | |
Protected Attributes inherited from opensaml::SecurityPolicy | |
| saml2md::MetadataProvider::Criteria * | m_metadataCriteria |
| Manufactured MetadataProvider::Criteria instance. More... | |
Static Protected Attributes inherited from opensaml::SecurityPolicy | |
| static IssuerMatchingPolicy | m_defaultMatching |
| A shared matching object that just supports the default matching rules. More... | |
Policy subclass to track SAML 2.0 Assertion SubjectConfirmation.
| opensaml::saml2::SAML2AssertionPolicy::SAML2AssertionPolicy | ( | const saml2md::MetadataProvider * | metadataProvider = nullptr, |
| const xmltooling::QName * | role = nullptr, |
||
| const xmltooling::TrustEngine * | trustEngine = nullptr, |
||
| bool | validate = true |
||
| ) |
Constructor for policy.
| metadataProvider | locked MetadataProvider instance |
| role | identifies the role (generally IdP or SP) of the policy peer |
| trustEngine | TrustEngine to authenticate policy peer |
| validate | true iff XML parsing should be done with validation |
| const saml2::SubjectConfirmation* opensaml::saml2::SAML2AssertionPolicy::getSubjectConfirmation | ( | ) | const |
Returns the subject confirmation that was successfully accepted by the policy.
|
virtual |
Resets the policy object and/or clears any per-message state.
Resets can be complete (the default) or merely clear the previous message ID and timestamp when evaluating multiple layers of a message.
| messageOnly | true iff security and issuer state should be left in place |
Reimplemented from opensaml::SecurityPolicy.
| void opensaml::saml2::SAML2AssertionPolicy::setSubjectConfirmation | ( | const saml2::SubjectConfirmation * | confirmation | ) |
Sets the SubjectConfirmation that was successfully accepted by the policy.
The lifetime of the SubjectConfirmation object MUST be longer than the lifetime of the policy object.
| confirmation | the successfully evaluated SubjectConfirmation |