- // Now we have to extract the authentication details for session setup.
-
- // Session expiration for SAML 2.0 is jointly IdP- and SP-driven.
- time_t sessionExp = ssoStatement->getSessionNotOnOrAfter() ? ssoStatement->getSessionNotOnOrAfterEpoch() : 0;
- const PropertySet* sessionProps = application.getPropertySet("Sessions");
- pair<bool,unsigned int> lifetime = sessionProps ? sessionProps->getUnsignedInt("lifetime") : make_pair(true,28800);
- if (!lifetime.first)
- lifetime.second = 28800;
- if (lifetime.second != 0) {
- if (sessionExp == 0)
- sessionExp = now + lifetime.second; // IdP says nothing, calulate based on SP.
- else
- sessionExp = min(sessionExp, now + lifetime.second); // Use the lowest.
- }
-
- // Other details...
- const AuthnContext* authnContext = ssoStatement->getAuthnContext();
- auto_ptr_char authnClass((authnContext && authnContext->getAuthnContextClassRef()) ? authnContext->getAuthnContextClassRef()->getReference() : NULL);
- auto_ptr_char authnDecl((authnContext && authnContext->getAuthnContextDeclRef()) ? authnContext->getAuthnContextDeclRef()->getReference() : NULL);
- auto_ptr_char index(ssoStatement->getSessionIndex());
- auto_ptr_char authnInstant(ssoStatement->getAuthnInstant() ? ssoStatement->getAuthnInstant()->getRawData() : NULL);
-
- vector<shibsp::Attribute*>& attrs = ctx->getResolvedAttributes();
- string key = application.getServiceProvider().getSessionCache()->insert(
- sessionExp,