Interface to a source of security policy settings and rules.
More...
#include <shibsp/security/SecurityPolicyProvider.h>
Interface to a source of security policy settings and rules.
virtual SecurityPolicy* shibsp::SecurityPolicyProvider::createSecurityPolicy |
( |
const Application & |
application, |
|
|
const xmltooling::QName * |
role, |
|
|
const char * |
policyId = nullptr |
|
) |
| const |
|
virtual |
Returns a SecurityPolicy applicable to an application and/or policy identifier.
The caller MUST lock the application's MetadataProvider for the life of the returned object.
- Parameters
-
application | reference to application applying policy |
role | identifies the role (generally IdP or SP) of the policy peer |
policyId | identifies policy, defaults to the application's default |
profle | |
- Returns
- a new policy instance, which the caller is responsible for freeing
virtual SecurityPolicy* shibsp::SecurityPolicyProvider::createSecurityPolicy |
( |
const char * |
profile, |
|
|
const Application & |
application, |
|
|
const xmltooling::QName * |
role, |
|
|
const char * |
policyId = nullptr |
|
) |
| const |
|
virtual |
Returns a SecurityPolicy applicable to an application and/or policy identifier.
The caller MUST lock the application's MetadataProvider for the life of the returned object.
- Parameters
-
profile | profile identifier for the transaction |
application | reference to application applying policy |
role | identifies the role (generally IdP or SP) of the policy peer |
policyId | identifies policy, defaults to the application's default |
profle | |
- Returns
- a new policy instance, which the caller is responsible for freeing
virtual const std::vector<xmltooling::xstring>& shibsp::SecurityPolicyProvider::getAlgorithmBlacklist |
( |
| ) |
const |
|
virtual |
Returns a set of XML Signature/Encryption algorithm identifiers to block.
- Returns
- an array of algorithm URIs to block
virtual const std::vector<xmltooling::xstring>& shibsp::SecurityPolicyProvider::getAlgorithmWhitelist |
( |
| ) |
const |
|
virtual |
Returns a set of XML Signature/Encryption algorithm identifiers to permit.
- Returns
- an array of algorithm URIs to permit
virtual const std::vector<xmltooling::xstring>& shibsp::SecurityPolicyProvider::getDefaultAlgorithmBlacklist |
( |
| ) |
const |
|
virtual |
Returns a default/implicit set of XML Signature/Encryption algorithm identifiers to block.
- Returns
- an array of algorithm URIs to block
virtual const std::vector<xmltooling::xstring>& shibsp::SecurityPolicyProvider::getDefaultExcludedAlgorithms |
( |
| ) |
const |
|
virtual |
Returns a default/implicit set of XML Signature/Encryption algorithm identifiers to block.
- Returns
- an array of algorithm URIs to block
virtual const std::vector<xmltooling::xstring>& shibsp::SecurityPolicyProvider::getExcludedAlgorithms |
( |
| ) |
const |
|
virtual |
Returns a set of XML Signature/Encryption algorithm identifiers to block.
- Returns
- an array of algorithm URIs to block
virtual const std::vector<xmltooling::xstring>& shibsp::SecurityPolicyProvider::getIncludedAlgorithms |
( |
| ) |
const |
|
virtual |
Returns a set of XML Signature/Encryption algorithm identifiers to permit.
- Returns
- an array of algorithm URIs to permit
virtual const std::vector<const opensaml::SecurityPolicyRule*>& shibsp::SecurityPolicyProvider::getPolicyRules |
( |
const char * |
id = nullptr | ) |
const |
|
pure virtual |
Returns the security policy rules for an identified policy.
- Parameters
-
id | identifies the policy to return, or nullptr for default |
- Returns
- an array of policy rules
virtual const PropertySet* shibsp::SecurityPolicyProvider::getPolicySettings |
( |
const char * |
id = nullptr | ) |
const |
|
pure virtual |
Returns the security policy settings for an identified policy.
- Parameters
-
id | identifies the policy to return, or nullptr for default |
- Returns
- a PropertySet
std::vector<xmltooling::xstring> shibsp::SecurityPolicyProvider::m_defaultBlacklist |
|
protected |
Default algorithms to block in the current release.
The documentation for this class was generated from the following file: