opensaml-2.4.3
|
Policy subclass to track SAML 2.0 Assertion SubjectConfirmation. More...
#include <saml/saml2/profile/SAML2AssertionPolicy.h>
Public Member Functions | |
SAML2AssertionPolicy (const saml2md::MetadataProvider *metadataProvider=nullptr, const xmltooling::QName *role=nullptr, const xmltooling::TrustEngine *trustEngine=nullptr, bool validate=true) | |
Constructor for policy. More... | |
virtual void | reset (bool messageOnly=false) |
Resets the policy object and/or clears any per-message state. More... | |
void | _reset (bool messageOnly=false) |
const saml2::SubjectConfirmation * | getSubjectConfirmation () const |
Returns the subject confirmation that was successfully accepted by the policy. More... | |
void | setSubjectConfirmation (const saml2::SubjectConfirmation *confirmation) |
Sets the SubjectConfirmation that was successfully accepted by the policy. More... | |
![]() | |
SecurityPolicy (const saml2md::MetadataProvider *metadataProvider=nullptr, const xmltooling::QName *role=nullptr, const xmltooling::TrustEngine *trustEngine=nullptr, bool validate=true) | |
Constructor for policy. More... | |
const saml2md::MetadataProvider * | getMetadataProvider () const |
Returns the locked MetadataProvider supplied to the policy. More... | |
virtual saml2md::MetadataProvider::Criteria & | getMetadataProviderCriteria () const |
Returns a reference to a MetadataProvider::Criteria instance suitable for use with the installed MetadataProvider. More... | |
const xmltooling::QName * | getRole () const |
Returns the peer role element/type supplied to the policy. More... | |
const xmltooling::TrustEngine * | getTrustEngine () const |
Returns the TrustEngine supplied to the policy. More... | |
bool | getValidating () const |
Returns XML message validation setting. More... | |
bool | requireEntityIssuer () const |
Returns flag controlling non-entity issuer support. More... | |
const std::vector < xmltooling::xstring > & | getAudiences () const |
Returns the SAML audiences that represent the receiving peer. More... | |
std::vector < xmltooling::xstring > & | getAudiences () |
Returns the SAML audiences that represent the receiving peer. More... | |
time_t | getTime () const |
Gets the effective time of message processing. More... | |
const XMLCh * | getCorrelationID () const |
Returns the message identifier to which the message being evaluated is a response. More... | |
std::vector< const SecurityPolicyRule * > & | getRules () |
Gets a mutable array of installed policy rules. More... | |
void | setMetadataProvider (const saml2md::MetadataProvider *metadata) |
Sets a locked MetadataProvider for the policy. More... | |
void | setMetadataProviderCriteria (saml2md::MetadataProvider::Criteria *criteria) |
Sets a MetadataProvider::Criteria instance suitable for use with the installed MetadataProvider. More... | |
void | setRole (const xmltooling::QName *role) |
Sets a peer role element/type for to the policy. More... | |
void | setTrustEngine (const xmltooling::TrustEngine *trust) |
Sets a TrustEngine for the policy. More... | |
void | setValidating (bool validate=true) |
Controls schema validation of incoming XML messages. More... | |
void | requireEntityIssuer (bool entityOnly=true) |
Sets flag controlling non-entity issuer support. More... | |
void | setTime (time_t ts) |
Sets effective time of message processing. More... | |
void | setCorrelationID (const XMLCh *correlationID) |
Sets the message identifier to which the message being evaluated is a response. More... | |
void | evaluate (const xmltooling::XMLObject &message, const xmltooling::GenericRequest *request=nullptr) |
Evaluates the policy against the given request and message, possibly populating message information in the policy object. More... | |
void | _reset (bool messageOnly=false) |
Resets the policy object and/or clears any per-message state for only this specific class. More... | |
const XMLCh * | getMessageID () const |
Returns the message identifier as determined by the registered policies. More... | |
time_t | getIssueInstant () const |
Returns the message timestamp as determined by the registered policies. More... | |
const saml2::Issuer * | getIssuer () const |
Gets the issuer of the message as determined by the registered policies. More... | |
const saml2md::RoleDescriptor * | getIssuerMetadata () const |
Gets the metadata for the role the issuer is operating in. More... | |
bool | isAuthenticated () const |
Returns the authentication status of the message as determined by the registered policies. More... | |
void | setMessageID (const XMLCh *id) |
Sets the message identifier as determined by the registered policies. More... | |
void | setIssueInstant (time_t issueInstant) |
Sets the message timestamp as determined by the registered policies. More... | |
void | setIssuer (const saml2::Issuer *issuer) |
Sets the issuer of the message as determined by the registered policies. More... | |
void | setIssuer (const XMLCh *issuer) |
Sets the issuer of the message as determined by the registered policies. More... | |
void | setIssuerMetadata (const saml2md::RoleDescriptor *issuerRole) |
Sets the metadata for the role the issuer is operating in. More... | |
void | setAuthenticated (bool auth) |
Sets the authentication status of the message as determined by the registered policies. More... | |
const IssuerMatchingPolicy & | getIssuerMatchingPolicy () const |
Returns the IssuerMatchingPolicy in effect. More... | |
void | setIssuerMatchingPolicy (IssuerMatchingPolicy *matchingPolicy) |
Sets the IssuerMatchingPolicy in effect. More... | |
Additional Inherited Members | |
![]() | |
saml2md::MetadataProvider::Criteria * | m_metadataCriteria |
Manufactured MetadataProvider::Criteria instance. More... | |
![]() | |
static IssuerMatchingPolicy | m_defaultMatching |
A shared matching object that just supports the default matching rules. More... | |
Policy subclass to track SAML 2.0 Assertion SubjectConfirmation.
opensaml::saml2::SAML2AssertionPolicy::SAML2AssertionPolicy | ( | const saml2md::MetadataProvider * | metadataProvider = nullptr , |
const xmltooling::QName * | role = nullptr , |
||
const xmltooling::TrustEngine * | trustEngine = nullptr , |
||
bool | validate = true |
||
) |
Constructor for policy.
metadataProvider | locked MetadataProvider instance |
role | identifies the role (generally IdP or SP) of the policy peer |
trustEngine | TrustEngine to authenticate policy peer |
validate | true iff XML parsing should be done with validation |
const saml2::SubjectConfirmation* opensaml::saml2::SAML2AssertionPolicy::getSubjectConfirmation | ( | ) | const |
Returns the subject confirmation that was successfully accepted by the policy.
|
virtual |
Resets the policy object and/or clears any per-message state.
Resets can be complete (the default) or merely clear the previous message ID and timestamp when evaluating multiple layers of a message.
messageOnly | true iff security and issuer state should be left in place |
Reimplemented from opensaml::SecurityPolicy.
void opensaml::saml2::SAML2AssertionPolicy::setSubjectConfirmation | ( | const saml2::SubjectConfirmation * | confirmation | ) |
Sets the SubjectConfirmation that was successfully accepted by the policy.
The lifetime of the SubjectConfirmation object MUST be longer than the lifetime of the policy object.
confirmation | the successfully evaluated SubjectConfirmation |