2 * The Shibboleth License, Version 1.
4 * University Corporation for Advanced Internet Development, Inc.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions are met:
11 * Redistributions of source code must retain the above copyright notice, this
12 * list of conditions and the following disclaimer.
14 * Redistributions in binary form must reproduce the above copyright notice,
15 * this list of conditions and the following disclaimer in the documentation
16 * and/or other materials provided with the distribution, if any, must include
17 * the following acknowledgment: "This product includes software developed by
18 * the University Corporation for Advanced Internet Development
19 * <http://www.ucaid.edu>Internet2 Project. Alternately, this acknowledegement
20 * may appear in the software itself, if and wherever such third-party
21 * acknowledgments normally appear.
23 * Neither the name of Shibboleth nor the names of its contributors, nor
24 * Internet2, nor the University Corporation for Advanced Internet Development,
25 * Inc., nor UCAID may be used to endorse or promote products derived from this
26 * software without specific prior written permission. For written permission,
27 * please contact shibboleth@shibboleth.org
29 * Products derived from this software may not be called Shibboleth, Internet2,
30 * UCAID, or the University Corporation for Advanced Internet Development, nor
31 * may Shibboleth appear in their name, without prior written permission of the
32 * University Corporation for Advanced Internet Development.
35 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
36 * AND WITH ALL FAULTS. ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
37 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A
38 * PARTICULAR PURPOSE, AND NON-INFRINGEMENT ARE DISCLAIMED AND THE ENTIRE RISK
39 * OF SATISFACTORY QUALITY, PERFORMANCE, ACCURACY, AND EFFORT IS WITH LICENSEE.
40 * IN NO EVENT SHALL THE COPYRIGHT OWNER, CONTRIBUTORS OR THE UNIVERSITY
41 * CORPORATION FOR ADVANCED INTERNET DEVELOPMENT, INC. BE LIABLE FOR ANY DIRECT,
42 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
43 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
44 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
45 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
46 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
47 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
51 /* internal.h - internally visible declarations
59 #ifndef __shibtarget_internal_h__
60 #define __shibtarget_internal_h__
63 # define SHIBTARGET_EXPORTS __declspec(dllexport)
66 // eventually we might be able to support autoconf via cygwin...
67 #if defined (_MSC_VER) || defined(__BORLANDC__)
68 # include "config_win32.h"
73 #include "shib-target.h"
75 #include <log4cpp/Category.hh>
76 #include <log4cpp/FixedContextCategory.hh>
78 #define SHIBT_L(s) shibtarget::XML::Literals::s
79 #define SHIBT_L_QNAME(p,s) shibtarget::XML::Literals::p##_##s
80 #define SHIBTRAN_LOGCAT "Shibboleth-TRANSACTION"
82 namespace shibtarget {
84 // Wraps the actual RPC connection
91 CLIENT* connect(void); // connects and returns the CLIENT handle
92 void disconnect(); // disconnects, should not return disconnected handles to pool!
95 log4cpp::Category* log;
97 IListener::ShibSocket m_sock;
100 // Manages the pool of connections
104 RPCHandlePool() : m_lock(shibboleth::Mutex::create()) {}
107 void put(RPCHandle*);
110 std::auto_ptr<shibboleth::Mutex> m_lock;
111 std::stack<RPCHandle*> m_pool;
114 // Cleans up after use
119 ~RPC() {delete m_handle;}
120 RPCHandle* operator->() {return m_handle;}
121 void pool() {m_pool.put(m_handle); m_handle=NULL;}
124 RPCHandlePool& m_pool;
128 // Generic class, which handles the IPropertySet configuration interface.
129 // Most of the basic configuration details are exposed via this interface.
130 // This implementation extracts the XML tree structure and caches it in a map
131 // with the attributes stored in the various possible formats they might be fetched.
132 // Elements are treated as nested IPropertySets.
133 // The "trick" to this is to pass in an "exclude list" using a DOMNodeFilter. Nested
134 // property sets are extracted by running a TreeWalker againt the filter for the
135 // immediate children. The filter should skip any excluded elements that will be
136 // processed separately.
137 class XMLPropertySet : public virtual IPropertySet
143 std::pair<bool,bool> getBool(const char* name, const char* ns=NULL) const;
144 std::pair<bool,const char*> getString(const char* name, const char* ns=NULL) const;
145 std::pair<bool,const XMLCh*> getXMLString(const char* name, const char* ns=NULL) const;
146 std::pair<bool,unsigned int> getUnsignedInt(const char* name, const char* ns=NULL) const;
147 std::pair<bool,int> getInt(const char* name, const char* ns=NULL) const;
148 const IPropertySet* getPropertySet(const char* name, const char* ns="urn:mace:shibboleth:target:config:1.0") const;
149 const DOMElement* getElement() const {return m_root;}
152 void load(const DOMElement* e, log4cpp::Category& log, DOMNodeFilter* filter);
155 const DOMElement* m_root;
156 std::map<std::string,std::pair<char*,const XMLCh*> > m_map;
157 std::map<std::string,IPropertySet*> m_nested;
160 class STConfig : public ShibTargetConfig
163 STConfig() : m_tranLog(NULL), m_tranLogLock(NULL) {}
166 bool init(const char* schemadir, const char* config);
169 RPCHandlePool& getRPCHandlePool() {return m_rpcpool;}
170 log4cpp::Category& getTransactionLog() { m_tranLogLock->lock(); return *m_tranLog; }
171 void releaseTransactionLog() { m_tranLogLock->unlock();}
173 RPCHandlePool m_rpcpool;
174 log4cpp::FixedContextCategory* m_tranLog;
175 shibboleth::Mutex* m_tranLogLock;
176 static IConfig* ShibTargetConfigFactory(const DOMElement* e);
182 static const XMLCh SHIBTARGET_SCHEMA_ID[];
184 static const char htaccessType[];
185 static const char MemorySessionCacheType[];
186 static const char MySQLSessionCacheType[];
187 static const char RequestMapType[];
188 static const char TCPListenerType[];
189 static const char UnixListenerType[];
193 static const XMLCh AAPProvider[];
194 static const XMLCh AccessControlProvider[];
195 static const XMLCh AND[];
196 static const XMLCh applicationId[];
197 static const XMLCh Application[];
198 static const XMLCh Applications[];
199 static const XMLCh CredentialsProvider[];
200 static const XMLCh CredentialUse[];
201 static const XMLCh Extensions[];
202 static const XMLCh fatal[];
203 static const XMLCh FederationProvider[];
204 static const XMLCh Host[];
205 static const XMLCh htaccess[];
206 static const XMLCh Implementation[];
207 static const XMLCh Library[];
208 static const XMLCh Listener[];
209 static const XMLCh logger[];
210 static const XMLCh MemorySessionCache[];
211 static const XMLCh MySQLSessionCache[];
212 static const XMLCh name[];
213 static const XMLCh Name[];
214 static const XMLCh NOT[];
215 static const XMLCh OR[];
216 static const XMLCh Path[];
217 static const XMLCh path[];
218 static const XMLCh RelyingParty[];
219 static const XMLCh RequestMap[];
220 static const XMLCh RequestMapProvider[];
221 static const XMLCh require[];
222 static const XMLCh RevocationProvider[];
223 static const XMLCh Rule[];
224 static const XMLCh SessionCache[];
225 static const XMLCh SHAR[];
226 static const XMLCh ShibbolethTargetConfig[];
227 static const XMLCh SHIRE[];
228 static const XMLCh Signing[];
229 static const XMLCh TCPListener[];
230 static const XMLCh TLS[];
231 static const XMLCh TrustProvider[];
232 static const XMLCh type[];
233 static const XMLCh UnixListener[];