- if (!XMLString::equals((*ep)->getBinding(),binding.get()))
- continue;
- foundEndpoint = true;
- auto_ptr_char loc((*ep)->getLocation());
- ArtifactResolve* request = ArtifactResolveBuilder::buildArtifactResolve();
- Issuer* iss = IssuerBuilder::buildIssuer();
- request->setIssuer(iss);
- iss->setName(sppolicy.getApplication().getRelyingParty(dynamic_cast<EntityDescriptor*>(ssoDescriptor.getParent()))->getXMLString("entityID").second);
- auto_ptr_XMLCh artbuf(artifact.encode().c_str());
- Artifact* a = ArtifactBuilder::buildArtifact();
- a->setArtifact(artbuf.get());
- request->setArtifact(a);
-
- SAML2SOAPClient client(soaper, false);
- client.sendSAML(request, sppolicy.getApplication().getId(), mcc, loc.get());
- StatusResponseType* srt = client.receiveSAML();
- if (!(response = dynamic_cast<ArtifactResponse*>(srt))) {
- delete srt;
- break;
+ if (XMLString::equals((*ep)->getBinding(), binding.get())) {
+ foundEndpoint = true;
+ auto_ptr_char loc((*ep)->getLocation());
+ ArtifactResolve* request = ArtifactResolveBuilder::buildArtifactResolve();
+ Issuer* iss = IssuerBuilder::buildIssuer();
+ request->setIssuer(iss);
+ iss->setName(rp->getXMLString("entityID").second);
+ auto_ptr_XMLCh artbuf(artifact.encode().c_str());
+ Artifact* a = ArtifactBuilder::buildArtifact();
+ a->setArtifact(artbuf.get());
+ request->setArtifact(a);
+
+ SAML2SOAPClient client(soaper, false);
+ client.sendSAML(request, sppolicy.getApplication().getId(), mcc, loc.get());
+ StatusResponseType* srt = client.receiveSAML();
+ if (!(response = dynamic_cast<ArtifactResponse*>(srt))) {
+ delete srt;
+ break;
+ }
+ }
+ else if (artifactByFilesystem.first && artifactByFilesystem.second && XMLString::equals((*ep)->getBinding(), shibspconstants::SHIB2_BINDING_FILE)) {
+ // This implements a resolution process against the local file system for custom integration needs.
+ // The local filesystem is presumed to be "secure" so that unsigned, unencrypted responses are acceptable.
+ // The binding here is not SOAP, but rather REST-like, with the base location used to construct a filename
+ // containing the artifact message handle.
+ foundEndpoint = true;
+ auto_ptr_char temp((*ep)->getLocation());
+ if (temp.get()) {
+ string loc(temp.get());
+ if (starts_with(loc, "file://"))
+ loc = loc.substr(7);
+ XMLToolingConfig::getConfig().getPathResolver()->resolve(loc, PathResolver::XMLTOOLING_RUN_FILE);
+ loc += '/' + SAMLArtifact::toHex(artifact.getMessageHandle());
+ ifstream in(loc.c_str());
+ if (in) {
+ auto_ptr<XMLObject> xmlObject;
+ try {
+ DOMDocument* doc = (policy.getValidating() ? XMLToolingConfig::getConfig().getValidatingParser() : XMLToolingConfig::getConfig().getParser()).parse(in);
+ XercesJanitor<DOMDocument> docjanitor(doc);
+
+ if (log.isDebugEnabled()) {
+ string buf;
+ XMLHelper::serialize(doc->getDocumentElement(), buf);
+ log.debugStream() << "received XML:\n" << buf << logging::eol;
+ }
+ xmlObject.reset(XMLObjectBuilder::buildOneFromElement(doc->getDocumentElement(), true));
+ docjanitor.release();
+ }
+ catch (std::exception&) {
+ in.close();
+ remove(loc.c_str());
+ throw;
+ }
+ in.close();
+ remove(loc.c_str());
+ if (response = dynamic_cast<ArtifactResponse*>(xmlObject.get())) {
+ xmlObject.release();
+ policy.setAuthenticated(true);
+ }
+ else {
+ break;
+ }
+ }
+ else {
+ throw BindingException("Unable to open artifact response file ($1)", params(1, loc.c_str()));
+ }
+ }