1 /**
2  * Licensed to the University Corporation for Advanced Internet
3  * Development, Inc. (UCAID) under one or more contributor license
4  * agreements. See the NOTICE file distributed with this work for
5  * additional information regarding copyright ownership.
6  *
7  * UCAID licenses this file to you under the Apache License,
8  * Version 2.0 (the "License"); you may not use this file except
9  * in compliance with the License. You may obtain a copy of the
10  * License at
11  *
12  * http://www.apache.org/licenses/LICENSE-2.0
13  *
14  * Unless required by applicable law or agreed to in writing,
15  * software distributed under the License is distributed on an
16  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
17  * either express or implied. See the License for the specific
18  * language governing permissions and limitations under the License.
19  */
20 
21 /**
22  * NullSecurityRule.cpp
23  *
24  * SecurityPolicyRule that "disables" security.
25  */
26 
27 #include "internal.h"
28 #include "binding/SecurityPolicy.h"
29 #include "binding/SecurityPolicyRule.h"
30 
31 #include <xmltooling/logging.h>
32 
33 using namespace opensaml;
34 using namespace xmltooling::logging;
35 using namespace xmltooling;
36 using namespace std;
37 
38 namespace opensaml {
39     class SAML_DLLLOCAL NullSecurityRule : public SecurityPolicyRule
40     {
41     public:
NullSecurityRule(const DOMElement * e)42         NullSecurityRule(const DOMElement* e)
43             : SecurityPolicyRule(e), m_log(Category::getInstance(SAML_LOGCAT ".SecurityPolicyRule.NullSecurity")) {}
~NullSecurityRule()44         virtual ~NullSecurityRule() {}
45 
getType() const46         const char* getType() const {
47             return NULLSECURITY_POLICY_RULE;
48         }
evaluate(const XMLObject & message,const GenericRequest * request,SecurityPolicy & policy) const49         bool evaluate(const XMLObject& message, const GenericRequest* request, SecurityPolicy& policy) const {
50             if (!SecurityPolicyRule::evaluate(message, request, policy)) {
51                 return false;
52             }
53 
54             m_log.warn("security enforced using NULL policy rule, be sure you know what you're doing");
55             policy.setAuthenticated(true);
56             return true;
57         }
58 
59     private:
60         Category& m_log;
61     };
62 
NullSecurityRuleFactory(const DOMElement * const & e,bool)63     SecurityPolicyRule* SAML_DLLLOCAL NullSecurityRuleFactory(const DOMElement* const & e, bool)
64     {
65         return new NullSecurityRule(e);
66     }
67 };
68