log_error(LOG_INFORM,"nsapi_shib_init",sn,rq,"nsapi_shib loaded for host (%s)",g_ServerName.c_str());
const char* schemadir=pblock_findval("shib-schemas",pb);
- if (!schemadir)
- schemadir=getenv("SHIBSP_SCHEMAS");
- if (!schemadir)
- schemadir=SHIBSP_SCHEMAS;
- const char* config=pblock_findval("shib-config",pb);
- if (!config)
- config=getenv("SHIBSP_CONFIG");
- if (!config)
- config=SHIBSP_CONFIG;
+ const char* prefix=pblock_findval("shib-prefix",pb);
+
g_Config=&SPConfig::getConfig();
g_Config->setFeatures(
SPConfig::Listener |
SPConfig::Logging |
SPConfig::Handlers
);
- if (!g_Config->init(schemadir)) {
+ if (!g_Config->init(schemadir,prefix)) {
g_Config=NULL;
pblock_nvinsert("error","unable to initialize Shibboleth libraries",pb);
return REQ_ABORTED;
g_Config->RequestMapperManager.registerFactory(XML_REQUEST_MAPPER,&SunRequestMapFactory);
+ const char* config=pblock_findval("shib-config",pb);
+ if (!config)
+ config=getenv("SHIBSP_CONFIG");
+ if (!config)
+ config=SHIBSP_CONFIG;
+
try {
xercesc::DOMDocument* dummydoc=XMLToolingConfig::getConfig().getParser().newDocument();
XercesJanitor<xercesc::DOMDocument> docjanitor(dummydoc);
qstr = pblock_findval("auth-type", rq->vars);
if (qstr && !strcmp(qstr, "shibboleth"))
m_firsttime = false;
- if (!m_firsttime)
+ if (!m_firsttime || rq->orig_rq)
log(SPDebug, "nsapi_shib function running more than once");
}
~ShibTargetNSAPI() { }
}
}
void clearHeader(const char* rawname, const char* cginame) {
- if (m_firsttime && g_checkSpoofing) {
+ if (g_checkSpoofing && m_firsttime && !m_rq->orig_rq) {
if (m_allhttp.empty()) {
// Populate the set of client-supplied headers for spoof checking.
const pb_entry* entry;