shibboleth-3.0.1
shibsp::SecurityPolicyProvider Class Referenceabstract

Interface to a source of security policy settings and rules. More...

#include <shibsp/security/SecurityPolicyProvider.h>

Inheritance diagram for shibsp::SecurityPolicyProvider:

Public Member Functions

virtual const PropertySetgetPolicySettings (const char *id=nullptr) const =0
 Returns the security policy settings for an identified policy. More...
 
virtual const std::vector
< const
opensaml::SecurityPolicyRule * > & 
getPolicyRules (const char *id=nullptr) const =0
 Returns the security policy rules for an identified policy. More...
 
virtual const std::vector
< xmltooling::xstring > & 
getDefaultAlgorithmBlacklist () const
 Returns a default/implicit set of XML Signature/Encryption algorithm identifiers to block. More...
 
virtual const std::vector
< xmltooling::xstring > & 
getAlgorithmBlacklist () const =0
 Returns a set of XML Signature/Encryption algorithm identifiers to block. More...
 
virtual const std::vector
< xmltooling::xstring > & 
getAlgorithmWhitelist () const =0
 Returns a set of XML Signature/Encryption algorithm identifiers to permit. More...
 
virtual SecurityPolicycreateSecurityPolicy (const Application &application, const xmltooling::QName *role, const char *policyId=nullptr) const
 Returns a SecurityPolicy applicable to an application and/or policy identifier. More...
 

Protected Attributes

std::vector< xmltooling::xstring > m_defaultBlacklist
 Default algorithms to block in the current release. More...
 

Detailed Description

Interface to a source of security policy settings and rules.

Member Function Documentation

virtual SecurityPolicy* shibsp::SecurityPolicyProvider::createSecurityPolicy ( const Application application,
const xmltooling::QName *  role,
const char *  policyId = nullptr 
) const
virtual

Returns a SecurityPolicy applicable to an application and/or policy identifier.

The caller MUST lock the application's MetadataProvider for the life of the returned object.

Parameters
applicationreference to application applying policy
roleidentifies the role (generally IdP or SP) of the policy peer
policyIdidentifies policy, defaults to the application's default
Returns
a new policy instance, which the caller is responsible for freeing
virtual const std::vector<xmltooling::xstring>& shibsp::SecurityPolicyProvider::getAlgorithmBlacklist ( ) const
pure virtual

Returns a set of XML Signature/Encryption algorithm identifiers to block.

Returns
an array of algorithm URIs to block
virtual const std::vector<xmltooling::xstring>& shibsp::SecurityPolicyProvider::getAlgorithmWhitelist ( ) const
pure virtual

Returns a set of XML Signature/Encryption algorithm identifiers to permit.

Returns
an array of algorithm URIs to permit
virtual const std::vector<xmltooling::xstring>& shibsp::SecurityPolicyProvider::getDefaultAlgorithmBlacklist ( ) const
virtual

Returns a default/implicit set of XML Signature/Encryption algorithm identifiers to block.

Returns
an array of algorithm URIs to block
virtual const std::vector<const opensaml::SecurityPolicyRule*>& shibsp::SecurityPolicyProvider::getPolicyRules ( const char *  id = nullptr) const
pure virtual

Returns the security policy rules for an identified policy.

Parameters
ididentifies the policy to return, or nullptr for default
Returns
an array of policy rules
virtual const PropertySet* shibsp::SecurityPolicyProvider::getPolicySettings ( const char *  id = nullptr) const
pure virtual

Returns the security policy settings for an identified policy.

Parameters
ididentifies the policy to return, or nullptr for default
Returns
a PropertySet

Member Data Documentation

std::vector<xmltooling::xstring> shibsp::SecurityPolicyProvider::m_defaultBlacklist
protected

Default algorithms to block in the current release.


The documentation for this class was generated from the following file: