string g_ServerScheme;
string g_unsetHeaderValue;
bool g_checkSpoofing = true;
+ bool g_catchAll = false;
static const XMLCh path[] = UNICODE_LITERAL_4(p,a,t,h);
static const XMLCh validate[] = UNICODE_LITERAL_8(v,a,l,i,d,a,t,e);
SPConfig::Caching |
SPConfig::RequestMapping |
SPConfig::InProcess |
- SPConfig::Logging
+ SPConfig::Logging |
+ SPConfig::Handlers
);
if (!g_Config->init(schemadir)) {
g_Config=NULL;
pair<bool,const char*> unsetValue=props->getString("unsetHeaderValue");
if (unsetValue.first)
g_unsetHeaderValue = unsetValue.second;
- pair<bool,bool> checkSpoofing=props->getBool("checkSpoofing");
- if (checkSpoofing.first && !checkSpoofing.second)
- g_checkSpoofing = false;
+ pair<bool,bool> flag=props->getBool("checkSpoofing");
+ g_checkSpoofing = !flag.first || flag.second;
+ flag=props->getBool("catchAll");
+ g_catchAll = flag.first && flag.second;
}
return REQ_PROCEED;
}
if (m_allhttp.count(cginame) > 0)
throw opensaml::SecurityPolicyException("Attempt to spoof header ($1) was detected.", params(1, rawname));
}
- if (!strcmp(rawname,"REMOTE_USER")) {
- param_free(pblock_remove("auth-user",m_rq->vars));
- param_free(pblock_remove("remote-user",m_rq->headers));
- }
- else {
- param_free(pblock_remove(rawname, m_rq->headers));
- pblock_nvinsert(rawname, g_unsetHeaderValue.c_str(), m_rq->headers);
- }
+ param_free(pblock_remove(rawname, m_rq->headers));
+ pblock_nvinsert(rawname, g_unsetHeaderValue.c_str(), m_rq->headers);
}
void setHeader(const char* name, const char* value) {
param_free(pblock_remove(name, m_rq->headers));
return string(hdr ? hdr : "");
}
void setRemoteUser(const char* user) {
- pblock_nvinsert("remote-user", user, m_rq->headers);
pblock_nvinsert("auth-user", user, m_rq->vars);
}
string getRemoteUser() const {
log_error(LOG_FAILURE,FUNC,sn,rq,const_cast<char*>(e.what()));
return WriteClientError(sn, rq, FUNC, "Shibboleth module threw an exception, see web server log for error.");
}
-#ifndef _DEBUG
catch (...) {
- return WriteClientError(sn, rq, FUNC, "Shibboleth module threw an uncaught exception.");
+ if (g_catchAll)
+ return WriteClientError(sn, rq, FUNC, "Shibboleth module threw an uncaught exception.");
+ throw;
}
-#endif
}
log_error(LOG_FAILURE,FUNC,sn,rq,const_cast<char*>(e.what()));
return WriteClientError(sn, rq, FUNC, "Shibboleth handler threw an exception, see web server log for error.");
}
-#ifndef _DEBUG
catch (...) {
- return WriteClientError(sn, rq, FUNC, "Shibboleth handler threw an unknown exception.");
+ if (g_catchAll)
+ return WriteClientError(sn, rq, FUNC, "Shibboleth handler threw an unknown exception.");
+ throw;
}
-#endif
}
~SunRequestMapper() { delete m_mapper; delete m_stKey; delete m_propsKey; }
Lockable* lock() { return m_mapper->lock(); }
void unlock() { m_stKey->setData(NULL); m_propsKey->setData(NULL); m_mapper->unlock(); }
- Settings getSettings(const SPRequest& request) const;
+ Settings getSettings(const HTTPRequest& request) const;
const PropertySet* getParent() const { return NULL; }
void setParent(const PropertySet*) {}
pair<bool,const XMLCh*> getXMLString(const char* name, const char* ns=NULL) const;
pair<bool,unsigned int> getUnsignedInt(const char* name, const char* ns=NULL) const;
pair<bool,int> getInt(const char* name, const char* ns=NULL) const;
+ void getAll(map<string,const char*>& properties) const;
const PropertySet* getPropertySet(const char* name, const char* ns="urn:mace:shibboleth:2.0:native:sp:config") const;
const xercesc::DOMElement* getElement() const;
m_propsKey=ThreadKey::create(NULL);
}
-RequestMapper::Settings SunRequestMapper::getSettings(const SPRequest& request) const
+RequestMapper::Settings SunRequestMapper::getSettings(const HTTPRequest& request) const
{
Settings s=m_mapper->getSettings(request);
m_stKey->setData((void*)dynamic_cast<const ShibTargetNSAPI*>(&request));
return s ? s->getInt(name,ns) : pair<bool,int>(false,0);
}
+void SunRequestMapper::getAll(map<string,const char*>& properties) const
+{
+ const ShibTargetNSAPI* stn=reinterpret_cast<const ShibTargetNSAPI*>(m_stKey->getData());
+ const PropertySet* s=reinterpret_cast<const PropertySet*>(m_propsKey->getData());
+ if (s)
+ s->getAll(properties);
+ if (!stn)
+ return;
+ properties["authType"] = "shibboleth";
+ const pb_entry* entry;
+ for (int i=0; i<stn->m_pb->hsize; ++i) {
+ entry = stn->m_pb->ht[i];
+ while (entry) {
+ properties[entry->param->name] = entry->param->value;
+ entry = entry->next;
+ }
+ }
+}
+
const PropertySet* SunRequestMapper::getPropertySet(const char* name, const char* ns) const
{
const PropertySet* s=reinterpret_cast<const PropertySet*>(m_propsKey->getData());
projects / shibboleth / cpp-sp.git / blobdiff