opensaml::SecurityPolicyRule Class Reference

A rule that a protocol request and message must meet in order to be valid and secure. More...

#include <saml/binding/SecurityPolicyRule.h>

List of all members.

Public Member Functions

virtual const char * getType () const =0
 Returns the rule's class/type.
virtual bool evaluate (const xmltooling::XMLObject &message, const xmltooling::GenericRequest *request, SecurityPolicy &policy) const
 Evaluates the rule against the given request and message.

Protected Member Functions

 SecurityPolicyRule (const xercesc::DOMElement *e=0)
 Constructor.

Protected Attributes

std::set< std::string > m_profiles


Detailed Description

A rule that a protocol request and message must meet in order to be valid and secure.

Rules must be stateless and thread-safe across evaluations. Evaluation should not result in an exception if the request/message properties do not apply to the rule (e.g. particular security mechanisms that are not present).


Constructor & Destructor Documentation

opensaml::SecurityPolicyRule::SecurityPolicyRule ( const xercesc::DOMElement *  e = 0  )  [protected]

Constructor.

Parameters:
e root of configuration


Member Function Documentation

virtual const char* opensaml::SecurityPolicyRule::getType (  )  const [pure virtual]

Returns the rule's class/type.

Returns:
the class/type of the object

virtual bool opensaml::SecurityPolicyRule::evaluate ( const xmltooling::XMLObject &  message,
const xmltooling::GenericRequest *  request,
SecurityPolicy policy 
) const [virtual]

Evaluates the rule against the given request and message.

An exception will be raised if the message is fatally invalid according to a policy rule.

The return value is used to indicate whether a message was ignored or successfully processed. A false value signals that the rule wasn't successful because the rule was inapplicable to the message, but allows other rules to return an alternate result.

The base class version of this method will check for a non-empty profile set and return false iff the active profile from the policy is not in the set.

Parameters:
message the incoming message
request the protocol request
policy SecurityPolicy to provide various components and track message data
Returns:
indicator as to whether a message was understood and processed


The documentation for this class was generated from the following file:

Generated on Mon Apr 13 19:46:40 2020 for opensaml-3.1.0 by  doxygen 1.5.6