2 * The Shibboleth License, Version 1.
4 * University Corporation for Advanced Internet Development, Inc.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions are met:
11 * Redistributions of source code must retain the above copyright notice, this
12 * list of conditions and the following disclaimer.
14 * Redistributions in binary form must reproduce the above copyright notice,
15 * this list of conditions and the following disclaimer in the documentation
16 * and/or other materials provided with the distribution, if any, must include
17 * the following acknowledgment: "This product includes software developed by
18 * the University Corporation for Advanced Internet Development
19 * <http://www.ucaid.edu>Internet2 Project. Alternately, this acknowledegement
20 * may appear in the software itself, if and wherever such third-party
21 * acknowledgments normally appear.
23 * Neither the name of Shibboleth nor the names of its contributors, nor
24 * Internet2, nor the University Corporation for Advanced Internet Development,
25 * Inc., nor UCAID may be used to endorse or promote products derived from this
26 * software without specific prior written permission. For written permission,
27 * please contact shibboleth@shibboleth.org
29 * Products derived from this software may not be called Shibboleth, Internet2,
30 * UCAID, or the University Corporation for Advanced Internet Development, nor
31 * may Shibboleth appear in their name, without prior written permission of the
32 * University Corporation for Advanced Internet Development.
35 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
36 * AND WITH ALL FAULTS. ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
37 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A
38 * PARTICULAR PURPOSE, AND NON-INFRINGEMENT ARE DISCLAIMED AND THE ENTIRE RISK
39 * OF SATISFACTORY QUALITY, PERFORMANCE, ACCURACY, AND EFFORT IS WITH LICENSEE.
40 * IN NO EVENT SHALL THE COPYRIGHT OWNER, CONTRIBUTORS OR THE UNIVERSITY
41 * CORPORATION FOR ADVANCED INTERNET DEVELOPMENT, INC. BE LIABLE FOR ANY DIRECT,
42 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
43 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
44 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
45 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
46 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
47 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
51 * shib-target.cpp -- The ShibTarget class, a superclass for general
54 * Created by: Derek Atkins <derek@ihtfp.com>
68 #include <shib/shib-threads.h>
69 #include <log4cpp/Category.hh>
70 #include <log4cpp/PropertyConfigurator.hh>
71 #include <xercesc/util/Base64.hpp>
75 using namespace shibboleth;
76 using namespace shibtarget;
77 using namespace log4cpp;
79 namespace shibtarget {
83 CgiParse(const char* data, unsigned int len);
85 const char* get_value(const char* name) const;
88 char * fmakeword(char stop, unsigned int *cl, const char** ppch);
89 char * makeword(char *line, char stop);
90 void plustospace(char *str);
92 void url_decode(char *url);
94 map<string,char*> kvp_map;
103 string url_encode(const char* s);
104 void get_application(string protocol, string hostname, int port, string uri);
106 IRequestMapper::Settings m_settings;
107 const IApplication *m_app;
110 string m_authnRequest;
113 // These are the actual request parameters set via the init method.
116 string m_content_type;
117 string m_remote_addr;
120 ShibTargetConfig* m_Config;
125 /*************************************************************************
126 * Shib Target implementation
129 ShibTarget::ShibTarget(void) : m_priv(NULL)
131 m_priv = new ShibTargetPriv();
134 ShibTarget::ShibTarget(const IApplication *app) : m_priv(NULL)
136 m_priv = new ShibTargetPriv();
140 ShibTarget::~ShibTarget(void)
142 if (m_priv) delete m_priv;
145 void ShibTarget::init(ShibTargetConfig *config,
146 string protocol, string hostname, int port,
147 string uri, string content_type, string remote_host,
150 m_priv->m_method = protocol;
151 m_priv->m_content_type = content_type;
152 m_priv->m_remote_addr = remote_host;
153 m_priv->m_total_bytes = total_bytes;
154 m_priv->m_Config = config;
155 m_priv->get_application(protocol, hostname, port, uri);
159 // These functions implement the server-agnostic shibboleth engine
160 // The web server modules implement a subclass and then call into
161 // these methods once they instantiate their request object.
163 ShibTarget::doCheckAuthN(void)
166 const char *targetURL = NULL;
167 const char *procState = "Process Initialization Error";
172 throw ShibTargetException(SHIBRPC_OK, "ShibTarget Uninitialized. Application did not supply request information.");
174 targetURL = m_priv->m_url.c_str();
175 const char *shireURL = getShireURL(targetURL);
177 throw ShibTargetException(SHIBRPC_OK, "Cannot map target URL to Shire URL. Check configuration");
179 if (strstr(targetURL,shireURL))
180 return doHandlePOST();
182 string auth_type = getAuthType();
183 #ifdef HAVE_STRCASECMP
184 if (strcasecmp(auth_type.c_str(),"shibboleth"))
186 if (stricmp(auth_type.c_str(),"shibboleth"))
188 return returnDecline();
190 pair<bool,bool> requireSession = getRequireSession(m_priv->m_settings);
191 pair<const char*, const char *> shib_cookie = getCookieNameProps();
193 const char *session_id = NULL;
194 string cookies = getCookies();
195 if (!cookies.empty()) {
196 if (session_id = strstr(cookies.c_str(), shib_cookie.first)) {
197 // We found a cookie. pull it out (our session_id)
198 session_id += strlen(shib_cookie.first) + 1; // skip over the '='
199 char *cookieend = strchr(session_id, ';');
205 if (!session_id || !*session_id) {
206 // No session. Maybe that's acceptable?
208 if (!requireSession.second)
211 // No cookie, but we require a session. Generate an AuthnRequest.
212 return sendRedirect(getAuthnRequest(targetURL));
215 procState = "Session Processing Error";
216 RPCError *status = sessionIsValid(session_id, m_priv->m_remote_addr.c_str());
218 if (status->isError()) {
220 // If no session is required, bail now.
221 if (!requireSession.second)
222 return returnOK(); // XXX: Or should this be DECLINED?
223 // Has to be OK because DECLINED will just cause Apache
224 // to fail when it can't locate anything to process the
225 // AuthType. No session plus requireSession false means
226 // do not authenticate the user at this time.
227 else if (status->isRetryable()) {
228 // Session is invalid but we can retry the auth -- generate an AuthnRequest
230 return sendRedirect(getAuthnRequest(targetURL));
243 } catch (ShibTargetException &e) {
244 mlp.insert("errorText", e.what());
247 mlp.insert("errorText", "Unexpected Exception");
251 // If we get here then we've got an error.
252 mlp.insert("errorType", procState);
253 mlp.insert("errorDesc", "An error occurred while processing your request.");
257 mlp.insert("requestURL", targetURL);
260 return sendPage(res);
264 ShibTarget::doHandlePOST(void)
270 ShibTarget::doCheckAuthZ(void)
278 // Get the session cookie name and properties for the application
279 std::pair<const char*,const char*>
280 ShibTarget::getCookieNameProps() const
282 static const char* defProps="; path=/";
283 static const char* defName="_shibsession_";
285 // XXX: What to do if m_app isn't set?
287 const IPropertySet* props=m_priv->m_app->getPropertySet("Sessions");
289 pair<bool,const char*> p=props->getString("cookieProps");
292 if (!m_priv->m_cookieName.empty())
293 return pair<const char*,const char*>(m_priv->m_cookieName.c_str(),
295 pair<bool,const char*> p2=props->getString("cookieName");
297 m_priv->m_cookieName=p2.second;
298 return pair<const char*,const char*>(p2.second,p.second);
300 m_priv->m_cookieName=defName;
301 m_priv->m_cookieName+=m_priv->m_app->getId();
302 return pair<const char*,const char*>(m_priv->m_cookieName.c_str(),p.second);
304 m_priv->m_cookieName=defName;
305 m_priv->m_cookieName+=m_priv->m_app->getId();
306 return pair<const char*,const char*>(m_priv->m_cookieName.c_str(),defProps);
309 // Find the default assertion consumer service for the resource
311 ShibTarget::getShireURL(const char* resource) const
313 if (!m_priv->m_shireURL.empty())
314 return m_priv->m_shireURL.c_str();
316 // XXX: what to do is m_app is NULL?
318 bool shire_ssl_only=false;
319 const char* shire=NULL;
320 const IPropertySet* props=m_priv->m_app->getPropertySet("Sessions");
322 pair<bool,bool> p=props->getBool("shireSSL");
324 shire_ssl_only=p.second;
325 pair<bool,const char*> p2=props->getString("shireURL");
330 // Should never happen...
331 if (!shire || (*shire!='/' && strncmp(shire,"http:",5) && strncmp(shire,"https:",6)))
334 // The "shireURL" property can be in one of three formats:
336 // 1) a full URI: http://host/foo/bar
337 // 2) a hostless URI: http:///foo/bar
338 // 3) a relative path: /foo/bar
340 // # Protocol Host Path
341 // 1 shire shire shire
342 // 2 shire resource shire
343 // 3 resource resource shire
345 // note: if shire_ssl_only is true, make sure the protocol is https
347 const char* path = NULL;
349 // Decide whether to use the shire or the resource for the "protocol"
359 // break apart the "protocol" string into protocol, host, and "the rest"
360 const char* colon=strchr(prot,':');
362 const char* slash=strchr(colon,'/');
366 // Compute the actual protocol and store in member.
368 m_priv->m_shireURL.assign("https://");
370 m_priv->m_shireURL.assign(prot, colon-prot);
372 // create the "host" from either the colon/slash or from the target string
373 // If prot == shire then we're in either #1 or #2, else #3.
374 // If slash == colon then we're in #2.
375 if (prot != shire || slash == colon) {
376 colon = strchr(resource, ':');
377 colon += 3; // Get past the ://
378 slash = strchr(colon, '/');
380 string host(colon, slash-colon);
382 // Build the shire URL
383 m_priv->m_shireURL+=host + path;
384 return m_priv->m_shireURL.c_str();
387 // Generate a Shib 1.x AuthnRequest redirect URL for the resource
389 ShibTarget::getAuthnRequest(const char* resource) const
391 if (!m_priv->m_authnRequest.empty())
392 return m_priv->m_authnRequest.c_str();
394 // XXX: what to do if m_app is NULL?
397 sprintf(timebuf,"%u",time(NULL));
399 const IPropertySet* props=m_priv->m_app->getPropertySet("Sessions");
401 pair<bool,const char*> wayf=props->getString("wayfURL");
403 m_priv->m_authnRequest=m_priv->m_authnRequest + wayf.second + "?shire=" + m_priv->url_encode(getShireURL(resource)) +
404 "&target=" + m_priv->url_encode(resource) + "&time=" + timebuf;
405 pair<bool,bool> old=m_priv->m_app->getBool("oldAuthnRequest");
406 if (!old.first || !old.second) {
407 wayf=m_priv->m_app->getString("providerId");
409 m_priv->m_authnRequest=m_priv->m_authnRequest + "&providerId=" + m_priv->url_encode(wayf.second);
413 return m_priv->m_authnRequest.c_str();
416 // Process a lazy session setup request and turn it into an AuthnRequest
418 ShibTarget::getLazyAuthnRequest(const char* query_string) const
420 CgiParse parser(query_string,strlen(query_string));
421 const char* target=parser.get_value("target");
422 if (!target || !*target)
424 return getAuthnRequest(target);
427 // Process a POST profile submission, and return (SAMLResponse,TARGET) pair.
428 std::pair<const char*,const char*>
429 ShibTarget::getFormSubmission(const char* post, unsigned int len) const
431 m_priv->m_parser = new CgiParse(post,len);
432 return pair<const char*,const char*>(m_priv->m_parser->get_value("SAMLResponse"),m_priv->m_parser->get_value("TARGET"));
436 ShibTarget::sessionCreate(const char* response, const char* ip, std::string &cookie)
439 saml::NDC ndc("sessionCreate");
440 Category& log = Category::getInstance("shibtarget.SHIRE");
442 if (!response || !*response) {
443 log.error ("Empty SAML response content");
444 return new RPCError(-1, "Empty SAML response content");
448 log.error ("Invalid IP address");
449 return new RPCError(-1, "Invalid IP address");
452 shibrpc_new_session_args_1 arg;
453 arg.shire_location = (char*) m_priv->m_shireURL.c_str();
454 arg.application_id = (char*) m_priv->m_app->getId();
455 arg.saml_post = (char*)response;
456 arg.client_addr = (char*)ip;
457 arg.checkIPAddress = true;
459 log.info ("create session for user at %s for application %s", ip, arg.application_id);
461 const IPropertySet* props=m_priv->m_app->getPropertySet("Sessions");
463 pair<bool,bool> pcheck=props->getBool("checkAddress");
465 arg.checkIPAddress = pcheck.second;
468 shibrpc_new_session_ret_1 ret;
469 memset (&ret, 0, sizeof(ret));
471 // Loop on the RPC in case we lost contact the first time through
476 clnt = rpc->connect();
477 clnt_stat status = shibrpc_new_session_1 (&arg, &ret, clnt);
478 if (status != RPC_SUCCESS) {
479 // FAILED. Release, disconnect, and retry
480 log.error("RPC Failure: %p (%p) (%d): %s", this, clnt, status, clnt_spcreateerror("shibrpc_new_session_1"));
485 return new RPCError(-1, "RPC Failure");
488 // SUCCESS. Pool and continue
493 log.debug("RPC completed with status %d (%p)", ret.status.status, this);
496 if (ret.status.status)
497 retval = new RPCError(&ret.status);
499 log.debug ("new cookie: %s", ret.cookie);
501 retval = new RPCError();
504 clnt_freeres(clnt, (xdrproc_t)xdr_shibrpc_new_session_ret_1, (caddr_t)&ret);
507 log.debug("returning");
512 ShibTarget::sessionIsValid(const char* session_id, const char* ip) const
514 saml::NDC ndc("sessionIsValid");
515 Category& log = Category::getInstance("shibtarget.SHIRE");
517 if (!session_id || !*session_id) {
518 log.error ("No cookie value was provided");
519 return new RPCError(SHIBRPC_NO_SESSION, "No cookie value was provided");
521 else if (strchr(session_id,'=')) {
522 log.error ("The cookie value wasn't extracted successfully, use a more unique cookie name for your installation.");
523 return new RPCError(SHIBRPC_INTERNAL_ERROR, "The cookie value wasn't extracted successfully, use a more unique cookie name for your installation.");
527 log.error ("Invalid IP Address");
528 return new RPCError(SHIBRPC_IPADDR_MISSING, "Invalid IP Address");
531 log.info ("is session valid: %s", ip);
532 log.debug ("session cookie: %s", session_id);
534 shibrpc_session_is_valid_args_1 arg;
536 arg.cookie.cookie = (char*)session_id;
537 arg.cookie.client_addr = (char *)ip;
538 arg.application_id = (char *)m_priv->m_app->getId();
540 // Get rest of input from the application Session properties.
543 arg.checkIPAddress = true;
544 const IPropertySet* props=m_priv->m_app->getPropertySet("Sessions");
546 pair<bool,unsigned int> p=props->getUnsignedInt("lifetime");
548 arg.lifetime = p.second;
549 p=props->getUnsignedInt("timeout");
551 arg.timeout = p.second;
552 pair<bool,bool> pcheck=props->getBool("checkAddress");
554 arg.checkIPAddress = pcheck.second;
557 shibrpc_session_is_valid_ret_1 ret;
558 memset (&ret, 0, sizeof(ret));
560 // Loop on the RPC in case we lost contact the first time through
565 clnt = rpc->connect();
566 clnt_stat status = shibrpc_session_is_valid_1(&arg, &ret, clnt);
567 if (status != RPC_SUCCESS) {
568 // FAILED. Release, disconnect, and try again...
569 log.error("RPC Failure: %p (%p) (%d) %s", this, clnt, status, clnt_spcreateerror("shibrpc_session_is_valid_1"));
574 return new RPCError(-1, "RPC Failure");
582 log.debug("RPC completed with status %d, %p", ret.status.status, this);
585 if (ret.status.status)
586 retval = new RPCError(&ret.status);
588 retval = new RPCError();
590 clnt_freeres (clnt, (xdrproc_t)xdr_shibrpc_session_is_valid_ret_1, (caddr_t)&ret);
593 log.debug("returning");
600 ShibTarget::getAssertions(const char* cookie, const char* ip,
601 std::vector<saml::SAMLAssertion*>& assertions,
602 saml::SAMLAuthenticationStatement **statement
605 saml::NDC ndc("getAssertions");
606 Category& log=Category::getInstance("shibtarget.RM");
607 log.info("get assertions...");
609 if (!cookie || !*cookie) {
610 log.error ("No cookie value provided.");
611 return new RPCError(-1, "No cookie value provided.");
615 log.error ("Invalid ip address");
616 return new RPCError(-1, "Invalid IP address");
619 log.debug("session cookie: %s", cookie);
621 shibrpc_get_assertions_args_1 arg;
622 arg.cookie.cookie = (char*)cookie;
623 arg.cookie.client_addr = (char*)ip;
624 arg.checkIPAddress = true;
625 arg.application_id = (char *)m_priv->m_app->getId();
627 log.info("request from %s for \"%s\"", ip, arg.application_id);
629 const IPropertySet* props=m_priv->m_app->getPropertySet("Sessions");
631 pair<bool,bool> pcheck=props->getBool("checkAddress");
633 arg.checkIPAddress = pcheck.second;
636 shibrpc_get_assertions_ret_1 ret;
637 memset (&ret, 0, sizeof(ret));
639 // Loop on the RPC in case we lost contact the first time through
644 clnt = rpc->connect();
645 clnt_stat status = shibrpc_get_assertions_1(&arg, &ret, clnt);
646 if (status != RPC_SUCCESS) {
647 // FAILED. Release, disconnect, and try again.
648 log.debug("RPC Failure: %p (%p) (%d): %s", this, clnt, status, clnt_spcreateerror("shibrpc_get_assertions_1"));
653 return new RPCError(-1, "RPC Failure");
656 // SUCCESS. Release back into pool
661 log.debug("RPC completed with status %d (%p)", ret.status.status, this);
663 RPCError* retval = NULL;
664 if (ret.status.status)
665 retval = new RPCError(&ret.status);
669 for (u_int i = 0; i < ret.assertions.assertions_len; i++) {
670 istringstream attrstream(ret.assertions.assertions_val[i].xml_string);
671 SAMLAssertion *as = NULL;
672 log.debugStream() << "Trying to decode assertion " << i << ": " <<
673 ret.assertions.assertions_val[i].xml_string << CategoryStream::ENDLINE;
674 assertions.push_back(new SAMLAssertion(attrstream));
677 // return the Authentication Statement
679 istringstream authstream(ret.auth_statement.xml_string);
680 SAMLAuthenticationStatement *auth = NULL;
682 log.debugStream() << "Trying to decode authentication statement: " <<
683 ret.auth_statement.xml_string << CategoryStream::ENDLINE;
684 auth = new SAMLAuthenticationStatement(authstream);
686 // Save off the statement
690 catch (SAMLException& e) {
691 log.error ("SAML Exception: %s", e.what());
694 throw ShibTargetException(SHIBRPC_SAML_EXCEPTION, os.str().c_str());
696 catch (XMLException& e) {
697 log.error ("XML Exception: %s", e.getMessage());
698 auto_ptr_char msg(e.getMessage());
699 throw ShibTargetException (SHIBRPC_XML_EXCEPTION, msg.get());
702 catch (ShibTargetException &e) {
703 retval = new RPCError(e);
707 retval = new RPCError();
710 clnt_freeres(clnt, (xdrproc_t)xdr_shibrpc_get_assertions_ret_1, (caddr_t)&ret);
713 log.debug ("returning..");
718 ShibTarget::serialize(saml::SAMLAssertion &assertion, std::string &result)
720 saml::NDC ndc("serialize");
721 Category& log=Category::getInstance("shibtarget.RM");
726 char* assn = (char*) os.str().c_str();
727 XMLByte* serialized = Base64::encode(reinterpret_cast<XMLByte*>(assn), os.str().length(), &outlen);
728 result = (char*) serialized;
729 XMLString::release(&serialized);
733 /*************************************************************************
734 * Shib Target Private implementation
737 ShibTargetPriv::ShibTargetPriv() : m_parser(NULL), m_app(NULL)
742 ShibTargetPriv::~ShibTargetPriv()
744 if (m_parser) delete m_parser;
745 //if (m_app) delete m_app;
748 static inline char hexchar(unsigned short s)
750 return (s<=9) ? ('0' + s) : ('A' + s - 10);
754 ShibTargetPriv::url_encode(const char* s)
756 static char badchars[]="\"\\+<>#%{}|^~[]`;/?:@=&";
760 if (strchr(badchars,*s) || *s<=0x1F || *s>=0x7F) {
762 ret+=hexchar(*s >> 4);
763 ret+=hexchar(*s & 0x0F);
772 ShibTargetPriv::get_application(string protocol, string hostname, int port,
778 // We lock the configuration system for the duration.
779 IConfig* conf=m_Config->getINI();
782 // Map request to application and content settings.
783 IRequestMapper* mapper=conf->getRequestMapper();
784 Locker locker2(mapper);
786 // Obtain the application settings from the parsed URL
787 m_settings = mapper->getSettingsFromParsedURL(protocol.c_str(), hostname.c_str(),
790 // Now find the application from the URL settings
791 pair<bool,const char*> application_id=m_settings.first->getString("applicationId");
792 const IApplication* application=conf->getApplication(application_id.second);
794 throw ShibTargetException(SHIBRPC_OK, "unable to map request to application settings. Check configuration");
797 // Store the application for later use
800 // Compute the target URL
801 m_url = protocol + "://" + hostname;
802 if ((protocol == "http" && port != 80) || (protocol == "https" && port != 443))
808 /*************************************************************************
809 * CGI Parser implementation
812 CgiParse::CgiParse(const char* data, unsigned int len)
814 const char* pch = data;
815 unsigned int cl = len;
820 value=fmakeword('&',&cl,&pch);
823 name=makeword(value,'=');
829 CgiParse::~CgiParse()
831 for (map<string,char*>::iterator i=kvp_map.begin(); i!=kvp_map.end(); i++)
836 CgiParse::get_value(const char* name) const
838 map<string,char*>::const_iterator i=kvp_map.find(name);
839 if (i==kvp_map.end())
844 /* Parsing routines modified from NCSA source. */
846 CgiParse::makeword(char *line, char stop)
849 char *word = (char *) malloc(sizeof(char) * (strlen(line) + 1));
851 for(x=0;((line[x]) && (line[x] != stop));x++)
860 line[y++] = line[x++];
866 CgiParse::fmakeword(char stop, unsigned int *cl, const char** ppch)
874 word = (char *) malloc(sizeof(char) * (wsize + 1));
878 word[ll] = *((*ppch)++);
883 word = (char *)realloc(word,sizeof(char)*(wsize+1));
886 if((word[ll] == stop) || word[ll] == EOF || (!(*cl)))
898 CgiParse::plustospace(char *str)
903 if(str[x] == '+') str[x] = ' ';
907 CgiParse::x2c(char *what)
911 digit = (what[0] >= 'A' ? ((what[0] & 0xdf) - 'A')+10 : (what[0] - '0'));
913 digit += (what[1] >= 'A' ? ((what[1] & 0xdf) - 'A')+10 : (what[1] - '0'));
918 CgiParse::url_decode(char *url)
922 for(x=0,y=0;url[y];++x,++y)
924 if((url[x] = url[y]) == '%')
926 url[x] = x2c(&url[y+1]);
934 * We need to implement this so the SHIRE (and RM) recodes work
935 * in terms of the ShibTarget
937 void ShibTarget::log(ShibLogLevel level, string &msg)
939 throw runtime_error("Invalid Usage");
941 string ShibTarget::getCookies(void)
943 throw runtime_error("Invalid Usage");
945 void ShibTarget::setCookie(string &name, string &value)
947 throw runtime_error("Invalid Usage");
949 string ShibTarget::getPostData(void)
951 throw runtime_error("Invalid Usage");
953 void ShibTarget::setAuthType(std::string)
955 throw runtime_error("Invalid Usage");
957 //virtual HTAccessInfo& getAccessInfo(void);
958 void* ShibTarget::sendPage(string &msg, pair<string,string> headers[], int code)
960 throw runtime_error("Invalid Usage");
962 void* ShibTarget::sendRedirect(std::string url)
964 throw runtime_error("Invalid Usage");
967 // Subclasses may not need to override these particular virtual methods.
968 string ShibTarget::getAuthType(void)
970 return string("shibboleth");
972 void* ShibTarget::returnDecline(void)
976 void* ShibTarget::returnOK(void)
981 ShibTarget::getRequireSession(IRequestMapper::Settings &settings)
983 return settings.first->getBool("requireSession");