class ShibTargetNSAPI : public AbstractSPRequest
{
- string m_uri;
mutable string m_body;
- mutable bool m_gotBody;
+ mutable bool m_gotBody,m_firsttime;
mutable vector<string> m_certs;
set<string> m_allhttp;
public:
- ShibTargetNSAPI(pblock* pb, ::Session* sn, Request* rq) : m_gotBody(false) {
- m_pb = pb;
- m_sn = sn;
- m_rq = rq;
+ pblock* m_pb;
+ ::Session* m_sn;
+ Request* m_rq;
+
+ ShibTargetNSAPI(pblock* pb, ::Session* sn, Request* rq)
+ : AbstractSPRequest(SHIBSP_LOGCAT".NSAPI"), m_gotBody(false), m_firsttime(true), m_pb(pb), m_sn(sn), m_rq(rq) {
const char* uri=pblock_findval("uri", rq->reqpb);
const char* qstr=pblock_findval("query", rq->reqpb);
- if (uri)
- m_uri = uri;
- if (qstr)
- m_uri = m_uri + '?' + qstr;
- }
- ~ShibTargetNSAPI() {
+ if (qstr) {
+ string temp = string(uri) + '?' + qstr;
+ setRequestURI(temp.c_str());
+ }
+ else {
+ setRequestURI(uri);
+ }
+
+ // See if this is the first time we've run.
+ qstr = pblock_findval("auth-type", rq->vars);
+ if (qstr && !strcmp(qstr, "shibboleth"))
+ m_firsttime = false;
+ if (!m_firsttime || rq->orig_rq)
+ log(SPDebug, "nsapi_shib function running more than once");
}
+ ~ShibTargetNSAPI() { }
const char* getScheme() const {
return security_active ? "https" : "http";
int getPort() const {
return server_portnum;
}
- const char* getRequestURI() const {
- return m_uri.c_str();
- }
const char* getMethod() const {
return pblock_findval("method", m_rq->reqpb);
}
}
}
void clearHeader(const char* rawname, const char* cginame) {
- if (g_checkSpoofing) {
+ if (g_checkSpoofing && m_firsttime && !m_rq->orig_rq) {
if (m_allhttp.empty()) {
// Populate the set of client-supplied headers for spoof checking.
const pb_entry* entry;
}
return m_certs;
}
-
- pblock* m_pb;
- ::Session* m_sn;
- Request* m_rq;
};
/********************************************************************************/
return WriteClientError(sn, rq, FUNC, "Shibboleth module threw an exception, see web server log for error.");
}
catch (...) {
+ log_error(LOG_FAILURE,FUNC,sn,rq,const_cast<char*>("Shibboleth module threw an unknown exception."));
if (g_catchAll)
- return WriteClientError(sn, rq, FUNC, "Shibboleth module threw an uncaught exception.");
+ return WriteClientError(sn, rq, FUNC, "Shibboleth module threw an unknown exception.");
throw;
}
}