Augment XMLAccessControl for time based access control.

Closing with documentation added.

http://svn.shibboleth.net/view/cpp-sp?rev=3677&view=rev

Playing with this syntax:

<AccessControlProvider type="Time" operator="AND|OR">
<TimeSinceAuthn>PT1H</TimeSinceAuthn>
<Time> LT|LE|EQ|GE|GT ISO </Time>
<Year> LT|LE|EQ|GE|GT nn </Year>
<Month> LT|LE|EQ|GE|GT nn </Month>
<Day> LT|LE|EQ|GE|GT nn </Day>
<Hour> LT|LE|EQ|GE|GT nn </Hour>
<Minute> LT|LE|EQ|GE|GT nn </Minute>
<Second> LT|LE|EQ|GE|GT nn </Second>
<DayOfWeek> LT|LE|EQ|GE|GT 0-6 </DayOfWeek>
</AccessControlProvider>

The second overlaps to some degree with SSPCPP-120, but it's a bit more tractable to do something that doesn't try to initiate a new session. I think maxTimeSinceAuthn meets the main security requirement in any case, but in all cases, you're at the mercy of what the IdP tells you the time of authentication is.

As I said on the call, it isn't practical to augment the XML plugin. I reserved no rule names other than what I did originally, so I can't use anything for this purpose. It would have to be done as a new plugin or plugins for a future release, or nothing is stopping anybody from doing an extension now.