3 files changed, 55 insertions, 1 deletions

diff --git a/lasso/id-ff/profile.c b/lasso/id-ff/profile.c
index 631278f8..e30c1691 100644
--- a/lasso/id-ff/profile.c
+++ b/lasso/id-ff/profile.c
@@ -626,6 +626,41 @@ lasso_profile_get_signature_hint(LassoProfile *profile)
 }
 
 /**
+ * lasso_profile_set_signature_verify_hint:
+ * @profile: a #LassoProfile object
+ * @signature_verify_hint: whether next received message signatures should be checked or not (or let
+ * Lasso choose from implicit information).
+ *
+ * By default each profile will choose to sign or not its messages, this method allow to force or
+ * forbid the signature of messages, on a per transaction basis.
+ */
+void
+lasso_profile_set_signature_verify_hint(LassoProfile *profile, LassoProfileSignatureVerifyHint signature_verify_hint)
+{
+	if (! LASSO_IS_PROFILE(profile) && ! profile->private_data)
+		return;
+	profile->private_data->signature_verify_hint = signature_verify_hint;
+}
+
+/**
+ * lasso_profile_get_signature_verify_hint:
+ * @profile: a #LassoProfile object
+ *
+ * Return the value of the signature verify hint attribute (see
+ * lasso_profile_set_signature_verify_hint()).
+ *
+ * Return value: a value in the enum type #LassoProfileSignatureVerifyHint.
+ */
+LassoProfileSignatureVerifyHint
+lasso_profile_get_signature_verify_hint(LassoProfile *profile)
+{
+	if (! LASSO_IS_PROFILE(profile) && ! profile->private_data)
+		return LASSO_PROFILE_SIGNATURE_HINT_MAYBE;
+	return profile->private_data->signature_verify_hint;
+}
+
+
+/**
  * lasso_profile_set_soap_fault_response:
  * @profile: a #LassoProfile object
  * @faultcode: the code for the SOAP fault
diff --git a/lasso/id-ff/profile.h b/lasso/id-ff/profile.h
index 12020407..a42ad5b5 100644
--- a/lasso/id-ff/profile.h
+++ b/lasso/id-ff/profile.h
@@ -98,7 +98,7 @@ typedef enum {
  * @LASSO_PROFILE_SIGNATURE_HINT_FORCE: generate and validate all signatures.
  * @LASSO_PROFILE_SIGNATURE_HINT_FORBID: do not generate or validate any signature.
  *
- * Advice a #LassoProfile object about the policy for generating and validating request and response
+ * Advice a #LassoProfile object about the policy for generating request and response
  * signatures.
  */
 typedef enum {
@@ -108,6 +108,21 @@ typedef enum {
 } LassoProfileSignatureHint;
 
 /**
+ * LassoProfileSignatureVerifyHint:
+ * @LASSO_PROFILE_SIGNATURE_VERIFY_HINT_MAYBE: let Lasso decide what to do.
+ * @LASSO_PROFILE_SIGNATURE_VERIFY_HINT_IGNORE: check signatures but do not stop protocol handling
+ * on failures. The result of signature checking is still available in
+ * #LassoProfile.signature_status
+ *
+ * Advice a #LassoProfile object about the policy checking request and response
+ * signatures.
+ */
+typedef enum {
+	LASSO_PROFILE_SIGNATURE_VERIFY_HINT_MAYBE = 0,
+	LASSO_PROFILE_SIGNATURE_VERIFY_HINT_IGNORE = 1
+} LassoProfileSignatureVerifyHint;
+
+/**
  * LassoProfile:
  * @server: #LassoServer object representing the provider intiating this profile,
  * @request: the currently initialized request, or the last request parsed,
@@ -185,6 +200,9 @@ LASSO_EXPORT void lasso_profile_set_signature_hint(LassoProfile *profile,
 LASSO_EXPORT LassoProfileSignatureHint lasso_profile_get_signature_hint(LassoProfile *profile);
 LASSO_EXPORT gint lasso_profile_set_soap_fault_response(LassoProfile *profile, const char
 		*faultcode, const char *faultstring, GList *details);
+LASSO_EXPORT void lasso_profile_set_signature_verify_hint(LassoProfile *profile,
+		LassoProfileSignatureVerifyHint signature_verify_hint);
+LASSO_EXPORT LassoProfileSignatureVerifyHint lasso_profile_get_signature_verify_hint(LassoProfile *profile);
 
 #ifdef __cplusplus
 }
diff --git a/lasso/id-ff/profileprivate.h b/lasso/id-ff/profileprivate.h
index 7103e2ca..df449ca6 100644
--- a/lasso/id-ff/profileprivate.h
+++ b/lasso/id-ff/profileprivate.h
@@ -38,6 +38,7 @@ struct _LassoProfilePrivate
 	char *artifact_message;
 	gboolean dispose_has_run;
 	LassoProfileSignatureHint signature_hint;
+	LassoProfileSignatureVerifyHint signature_verify_hint;
 };
 
 void lasso_profile_set_response_status(LassoProfile *profile, const gchar *statusCodeValue);