opensaml-2.4.3
opensaml::saml2::SAML2AssertionPolicy Class Reference

Policy subclass to track SAML 2.0 Assertion SubjectConfirmation. More...

#include <saml/saml2/profile/SAML2AssertionPolicy.h>

Inheritance diagram for opensaml::saml2::SAML2AssertionPolicy:
opensaml::SecurityPolicy

Public Member Functions

 SAML2AssertionPolicy (const saml2md::MetadataProvider *metadataProvider=nullptr, const xmltooling::QName *role=nullptr, const xmltooling::TrustEngine *trustEngine=nullptr, bool validate=true)
 Constructor for policy. More...
 
virtual void reset (bool messageOnly=false)
 Resets the policy object and/or clears any per-message state. More...
 
void _reset (bool messageOnly=false)
 
const saml2::SubjectConfirmation * getSubjectConfirmation () const
 Returns the subject confirmation that was successfully accepted by the policy. More...
 
void setSubjectConfirmation (const saml2::SubjectConfirmation *confirmation)
 Sets the SubjectConfirmation that was successfully accepted by the policy. More...
 
- Public Member Functions inherited from opensaml::SecurityPolicy
 SecurityPolicy (const saml2md::MetadataProvider *metadataProvider=nullptr, const xmltooling::QName *role=nullptr, const xmltooling::TrustEngine *trustEngine=nullptr, bool validate=true)
 Constructor for policy. More...
 
const saml2md::MetadataProvidergetMetadataProvider () const
 Returns the locked MetadataProvider supplied to the policy. More...
 
virtual
saml2md::MetadataProvider::Criteria
getMetadataProviderCriteria () const
 Returns a reference to a MetadataProvider::Criteria instance suitable for use with the installed MetadataProvider. More...
 
const xmltooling::QName * getRole () const
 Returns the peer role element/type supplied to the policy. More...
 
const xmltooling::TrustEngine * getTrustEngine () const
 Returns the TrustEngine supplied to the policy. More...
 
bool getValidating () const
 Returns XML message validation setting. More...
 
bool requireEntityIssuer () const
 Returns flag controlling non-entity issuer support. More...
 
const std::vector
< xmltooling::xstring > & 
getAudiences () const
 Returns the SAML audiences that represent the receiving peer. More...
 
std::vector
< xmltooling::xstring > & 
getAudiences ()
 Returns the SAML audiences that represent the receiving peer. More...
 
time_t getTime () const
 Gets the effective time of message processing. More...
 
const XMLCh * getCorrelationID () const
 Returns the message identifier to which the message being evaluated is a response. More...
 
std::vector< const
SecurityPolicyRule * > & 
getRules ()
 Gets a mutable array of installed policy rules. More...
 
void setMetadataProvider (const saml2md::MetadataProvider *metadata)
 Sets a locked MetadataProvider for the policy. More...
 
void setMetadataProviderCriteria (saml2md::MetadataProvider::Criteria *criteria)
 Sets a MetadataProvider::Criteria instance suitable for use with the installed MetadataProvider. More...
 
void setRole (const xmltooling::QName *role)
 Sets a peer role element/type for to the policy. More...
 
void setTrustEngine (const xmltooling::TrustEngine *trust)
 Sets a TrustEngine for the policy. More...
 
void setValidating (bool validate=true)
 Controls schema validation of incoming XML messages. More...
 
void requireEntityIssuer (bool entityOnly=true)
 Sets flag controlling non-entity issuer support. More...
 
void setTime (time_t ts)
 Sets effective time of message processing. More...
 
void setCorrelationID (const XMLCh *correlationID)
 Sets the message identifier to which the message being evaluated is a response. More...
 
void evaluate (const xmltooling::XMLObject &message, const xmltooling::GenericRequest *request=nullptr)
 Evaluates the policy against the given request and message, possibly populating message information in the policy object. More...
 
void _reset (bool messageOnly=false)
 Resets the policy object and/or clears any per-message state for only this specific class. More...
 
const XMLCh * getMessageID () const
 Returns the message identifier as determined by the registered policies. More...
 
time_t getIssueInstant () const
 Returns the message timestamp as determined by the registered policies. More...
 
const saml2::Issuer * getIssuer () const
 Gets the issuer of the message as determined by the registered policies. More...
 
const saml2md::RoleDescriptor * getIssuerMetadata () const
 Gets the metadata for the role the issuer is operating in. More...
 
bool isAuthenticated () const
 Returns the authentication status of the message as determined by the registered policies. More...
 
void setMessageID (const XMLCh *id)
 Sets the message identifier as determined by the registered policies. More...
 
void setIssueInstant (time_t issueInstant)
 Sets the message timestamp as determined by the registered policies. More...
 
void setIssuer (const saml2::Issuer *issuer)
 Sets the issuer of the message as determined by the registered policies. More...
 
void setIssuer (const XMLCh *issuer)
 Sets the issuer of the message as determined by the registered policies. More...
 
void setIssuerMetadata (const saml2md::RoleDescriptor *issuerRole)
 Sets the metadata for the role the issuer is operating in. More...
 
void setAuthenticated (bool auth)
 Sets the authentication status of the message as determined by the registered policies. More...
 
const IssuerMatchingPolicygetIssuerMatchingPolicy () const
 Returns the IssuerMatchingPolicy in effect. More...
 
void setIssuerMatchingPolicy (IssuerMatchingPolicy *matchingPolicy)
 Sets the IssuerMatchingPolicy in effect. More...
 

Additional Inherited Members

- Protected Attributes inherited from opensaml::SecurityPolicy
saml2md::MetadataProvider::Criteriam_metadataCriteria
 Manufactured MetadataProvider::Criteria instance. More...
 
- Static Protected Attributes inherited from opensaml::SecurityPolicy
static IssuerMatchingPolicy m_defaultMatching
 A shared matching object that just supports the default matching rules. More...
 

Detailed Description

Policy subclass to track SAML 2.0 Assertion SubjectConfirmation.

Constructor & Destructor Documentation

opensaml::saml2::SAML2AssertionPolicy::SAML2AssertionPolicy ( const saml2md::MetadataProvider metadataProvider = nullptr,
const xmltooling::QName *  role = nullptr,
const xmltooling::TrustEngine *  trustEngine = nullptr,
bool  validate = true 
)

Constructor for policy.

Parameters
metadataProviderlocked MetadataProvider instance
roleidentifies the role (generally IdP or SP) of the policy peer
trustEngineTrustEngine to authenticate policy peer
validatetrue iff XML parsing should be done with validation

Member Function Documentation

const saml2::SubjectConfirmation* opensaml::saml2::SAML2AssertionPolicy::getSubjectConfirmation ( ) const

Returns the subject confirmation that was successfully accepted by the policy.

Returns
a successfully evaluated SubjectConfirmation
virtual void opensaml::saml2::SAML2AssertionPolicy::reset ( bool  messageOnly = false)
virtual

Resets the policy object and/or clears any per-message state.

Resets can be complete (the default) or merely clear the previous message ID and timestamp when evaluating multiple layers of a message.

Parameters
messageOnlytrue iff security and issuer state should be left in place

Reimplemented from opensaml::SecurityPolicy.

void opensaml::saml2::SAML2AssertionPolicy::setSubjectConfirmation ( const saml2::SubjectConfirmation *  confirmation)

Sets the SubjectConfirmation that was successfully accepted by the policy.

The lifetime of the SubjectConfirmation object MUST be longer than the lifetime of the policy object.

Parameters
confirmationthe successfully evaluated SubjectConfirmation

The documentation for this class was generated from the following file: