Bug 925 - add bindings check for NameIDMappingService element

mdx/check_bindings.xsl

@@ -83,6 +83,19 @@
 		</xsl:call-template>
 	</xsl:template>
 
+	<xsl:template match="md:NameIDMappingService
+		[@Binding != 'urn:oasis:names:tc:SAML:2.0:bindings:SOAP']
+		">
+		<xsl:call-template name="error">
+			<xsl:with-param name="m">
+				<xsl:text>invalid binding '</xsl:text>
+				<xsl:value-of select="@Binding"/>
+				<xsl:text>' on </xsl:text>
+				<xsl:value-of select="name()"/>
+			</xsl:with-param>
+		</xsl:call-template>
+	</xsl:template>
+
 	<xsl:template match="md:SingleLogoutService
 		[@Binding != 'http://schemas.xmlsoap.org/ws/2003/07/secext']
 		[@Binding != 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact']
@@ -118,12 +131,18 @@
 		</xsl:call-template>
 	</xsl:template>
 
+	<!--
+		Issue warnings for all Bindings on elements other than the ones
+		called out above, as they may well be accurate but need additional
+		checks researched.
+	-->
 	<xsl:template match="md:*
 		[@Binding]
 		[local-name() != 'ArtifactResolutionService']
 		[local-name() != 'AssertionConsumerService']
 		[local-name() != 'AttributeService']
 		[local-name() != 'ManageNameIDService']
+		[local-name() != 'NameIDMappingService']
 		[local-name() != 'SingleLogoutService']
 		[local-name() != 'SingleSignOnService']
 		">