+ bool regexp = false;
+ string vals = getHeader(wrapper->getHeader());
+ for (int i = 1; i < line->tokens.size() && !vals.empty(); i++) {
+ w = line->tokens[i].c_str();
+ if (*w == '~') {
+ regexp = true;
+ continue;
+ }
+
+ try {
+ auto_ptr<RegularExpression> re;
+ if (regexp) {
+ delete re.release();
+ auto_ptr<XMLCh> trans(fromUTF8(w));
+ auto_ptr<RegularExpression> temp(new RegularExpression(trans.get()));
+ re=temp;
+ }
+
+ string vals_str(vals);
+ int j = 0;
+ for (int i = 0; i < vals_str.length(); i++) {
+ if (vals_str.at(i) == ';') {
+ if (i == 0) {
+ log(LogLevelError, string("doCheckAuthZ invalid header encoding") +
+ vals + ": starts with a semicolon");
+ throw SAMLException("Invalid information supplied to authorization module.");
+ }
+
+ if (vals_str.at(i-1) == '\\') {
+ vals_str.erase(i-1, 1);
+ i--;
+ continue;
+ }
+
+ string val = vals_str.substr(j, i-j);
+ j = i+1;
+ if (regexp) {
+ auto_ptr<XMLCh> trans(fromUTF8(val.c_str()));
+ if (re->matches(trans.get())) {
+ log(LogLevelDebug, string("doCheckAuthZ expecting ") + w +
+ ", got " + val + ": authorization granted");
+ CHECK_OK;
+ }
+ }
+ else if ((wrapper->getCaseSensitive() && val==w) ||
+ (!wrapper->getCaseSensitive() && !strcasecmp(val.c_str(),w))) {
+ log(LogLevelDebug, string("doCheckAuthZ expecting ") + w +
+ ", got " + val + ": authorization granted.");
+ CHECK_OK;
+ }
+ else {
+ log(LogLevelDebug, string("doCheckAuthZ expecting ") + w +
+ ", got " + val + ": authoritzation not granted.");
+ }
+ }
+ }
+
+ string val = vals_str.substr(j, vals_str.length()-j);
+ if (regexp) {
+ auto_ptr<XMLCh> trans(fromUTF8(val.c_str()));
+ if (re->matches(trans.get())) {
+ log(LogLevelDebug, string("doCheckAuthZ expecting ") + w +
+ ", got " + val + ": authorization granted.");
+ CHECK_OK;
+ }
+ }
+ else if ((wrapper->getCaseSensitive() && val==w) ||
+ (!wrapper->getCaseSensitive() && !strcasecmp(val.c_str(),w))) {
+ log(LogLevelDebug, string("doCheckAuthZ expecting ") + w +
+ ", got " + val + ": authorization granted");
+ CHECK_OK;
+ }
+ else {
+ log(LogLevelDebug, string("doCheckAuthZ expecting ") + w +
+ ", got " + val + ": authorization not granted");
+ }
+ }
+ catch (XMLException& ex) {
+ auto_ptr_char tmp(ex.getMessage());
+ log(LogLevelError, string("doCheckAuthZ caught exception while parsing regular expression (")
+ + w + "): " + tmp.get());
+ }
+ }
+ }
+ } // for x