/*
+ * Copyright 2001-2005 Internet2
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/*
* shib-config.cpp -- ShibTarget initialization and finalization routines
*
* Created By: Derek Atkins <derek@ihtfp.com>
* $Id$
*/
-#include "shib-target.h"
+#include "internal.h"
+#include <shibsp/SPConfig.h>
+#include <shibsp/SPConstants.h>
+#include <xmltooling/XMLToolingConfig.h>
+#include <xmltooling/util/NDC.h>
-#include <log4cpp/PropertyConfigurator.hh>
-#include <log4cpp/Category.hh>
+#include <log4cpp/OstreamAppender.hh>
-using namespace saml;
-using namespace shibboleth;
+using namespace shibsp;
using namespace shibtarget;
+using namespace shibboleth;
+using namespace saml;
+using namespace log4cpp;
using namespace std;
-#ifndef SHIBTARGET_INIFILE
-#define SHIBTARGET_INIFILE "/etc/shibboleth.ini"
-#endif
-
-class STConfig : public ShibTargetConfig
-{
-public:
- STConfig(const char* app_name, const char* inifile);
- ~STConfig();
- void shutdown();
- ShibINI& getINI() { return *ini; }
-
- void ref();
-private:
- SAMLConfig& samlConf;
- ShibConfig& shibConf;
- ShibINI* ini;
- int refcount;
-};
-
-static STConfig * g_Config = NULL;
-CCache* shibtarget::g_shibTargetCCache = NULL;
-
-
-/****************************************************************************/
-// External Interface
-
-
-ShibTargetConfig& ShibTargetConfig::init(const char* app_name, const char* inifile)
-{
- if (!app_name)
- throw runtime_error ("No Application name");
-
- if (g_Config) {
- g_Config->ref();
- return *g_Config;
- }
-
- g_Config = new STConfig(app_name, inifile);
-}
-
+using xmltooling::XMLToolingConfig;
-
-/****************************************************************************/
-// Mapper
-
-class DummyMapper : public IOriginSiteMapper
-{
-public:
- DummyMapper();
- ~DummyMapper();
- virtual Iterator<xstring> getHandleServiceNames(const XMLCh* originSite) { return Iterator<xstring>(m_hsnames); }
- virtual Key* getHandleServiceKey(const XMLCh* handleService) { return NULL; }
- virtual Iterator<xstring> getSecurityDomains(const XMLCh* originSite);
- virtual Iterator<X509Certificate*> getTrustedRoots() { return Iterator<X509Certificate*>(); }
-
-private:
- typedef map<xstring,vector<xstring>*> domains_t;
- domains_t m_domains;
- vector<xstring> m_hsnames;
-};
-
-DummyMapper::DummyMapper()
-{
- auto_ptr<XMLCh> buf(XMLString::transcode("wayf.internet2.edu"));
- m_hsnames.push_back(buf.get());
+namespace {
+ STConfig g_Config;
}
-Iterator<xstring> DummyMapper::getSecurityDomains(const XMLCh* originSite)
+// Factories for built-in plugins we can manufacture. Actual definitions
+// will be with the actual object implementation.
+#ifndef WIN32
+PlugManager::Factory UnixListenerFactory;
+#endif
+PlugManager::Factory TCPListenerFactory;
+//PlugManager::Factory MemoryListenerFactory;
+PlugManager::Factory MemoryCacheFactory;
+PlugManager::Factory XMLRequestMapFactory;
+PlugManager::Factory ShibSessionInitiatorFactory;
+PlugManager::Factory SAML1POSTFactory;
+PlugManager::Factory SAML1ArtifactFactory;
+PlugManager::Factory ShibLogoutFactory;
+//PlugManager::Factory htaccessFactory;
+
+SAML_EXCEPTION_FACTORY(ListenerException);
+SAML_EXCEPTION_FACTORY(ConfigurationException);
+
+ShibTargetConfig& ShibTargetConfig::getConfig()
{
- domains_t::iterator i=m_domains.find(originSite);
- if (i==m_domains.end())
- {
- vector<xstring>* pv=new vector<xstring>();
- pv->push_back(originSite);
- pair<domains_t::iterator,bool> p=m_domains.insert(domains_t::value_type(originSite,pv));
- i=p.first;
- }
- return Iterator<xstring>(*(i->second));
+ return g_Config;
}
-DummyMapper::~DummyMapper()
+bool STConfig::init(const char* schemadir)
{
- for (domains_t::iterator i=m_domains.begin(); i!=m_domains.end(); i++)
- delete i->second;
-}
+#ifdef _DEBUG
+ xmltooling::NDC ndc("init");
+#endif
+ Category& log = Category::getInstance("shibtarget.Config");
+ if (!schemadir) {
+ log.fatal("XML schema directory not supplied");
+ return false;
+ }
+ // This will cause some extra console logging, but for now,
+ // initialize the underlying libraries.
+ SAMLConfig& samlConf=SAMLConfig::getConfig();
+ if (schemadir)
+ samlConf.schema_dir = schemadir;
+ if (!samlConf.init() || !SPConfig::getConfig().init(NULL)) {
+ log.fatal("failed to initialize SP library");
+ return false;
+ }
+ ShibConfig& shibConf=ShibConfig::getConfig();
+ if (!shibConf.init()) {
+ log.fatal("Failed to initialize Shib library");
+ samlConf.term();
+ return false;
+ }
-/****************************************************************************/
-// STConfig
+ // Register built-in plugin types.
+ REGISTER_EXCEPTION_FACTORY(ListenerException);
+ REGISTER_EXCEPTION_FACTORY(ConfigurationException);
+
+ samlConf.getPlugMgr().regFactory(shibtarget::XML::MemorySessionCacheType,&MemoryCacheFactory);
+ samlConf.getPlugMgr().regFactory(shibtarget::XML::LegacyRequestMapType,&XMLRequestMapFactory);
+ samlConf.getPlugMgr().regFactory(shibtarget::XML::XMLRequestMapType,&XMLRequestMapFactory);
+ samlConf.getPlugMgr().regFactory(shibtarget::XML::NativeRequestMapType,&XMLRequestMapFactory);
+
+ auto_ptr_char temp1(shibspconstants::SHIB1_SESSIONINIT_PROFILE_URI);
+ samlConf.getPlugMgr().regFactory(temp1.get(),&ShibSessionInitiatorFactory);
+ samlConf.getPlugMgr().regFactory(samlconstants::SAML1_PROFILE_BROWSER_POST,&SAML1POSTFactory);
+ samlConf.getPlugMgr().regFactory(samlconstants::SAML1_PROFILE_BROWSER_ARTIFACT,&SAML1ArtifactFactory);
+ auto_ptr_char temp4(shibspconstants::SHIB1_LOGOUT_PROFILE_URI);
+ samlConf.getPlugMgr().regFactory(temp4.get(),&ShibLogoutFactory);
+
+ saml::XML::registerSchema(shibtarget::XML::SHIBTARGET_NS,shibtarget::XML::SHIBTARGET_SCHEMA_ID,NULL,false);
+ saml::XML::registerSchema(samlconstants::SAML20MD_NS,shibtarget::XML::SAML2META_SCHEMA_ID,NULL,false);
+ saml::XML::registerSchema(samlconstants::SAML20_NS,shibtarget::XML::SAML2ASSERT_SCHEMA_ID,NULL,false);
+ saml::XML::registerSchema(xmlconstants::XMLENC_NS,shibtarget::XML::XMLENC_SCHEMA_ID,NULL,false);
+
+ log.info("finished initializing");
+ return true;
+}
-STConfig::STConfig(const char* app_name, const char* inifile)
- : samlConf(SAMLConfig::getConfig()), shibConf(ShibConfig::getConfig())
+bool STConfig::load(const char* config)
{
- ini = new ShibINI((inifile ? inifile : SHIBTARGET_INIFILE));
+#ifdef _DEBUG
+ xmltooling::NDC ndc("load");
+#endif
+ Category& log = Category::getInstance("shibtarget.Config");
- string app = app_name;
- string tag;
+ if (!config) {
+ log.fatal("path to configuration file not supplied");
+ shutdown();
+ return false;
+ }
- // Initialize Log4cpp
- if (ini->get_tag (app, SHIBTARGET_TAG_LOGGER, true, &tag)) {
- cerr << "Trying to load logger configuration: " << tag << "\n";
try {
- log4cpp::PropertyConfigurator::configure(tag);
- } catch (log4cpp::ConfigureFailure& e) {
- cerr << "Error reading configuration: " << e.what() << "\n";
+ log.info("loading configuration file: %s", config);
+ static const XMLCh uri[] = { chLatin_u, chLatin_r, chLatin_i, chNull };
+ DOMImplementation* impl=DOMImplementationRegistry::getDOMImplementation(NULL);
+ DOMDocument* dummydoc=impl->createDocument();
+ DOMElement* dummy = dummydoc->createElementNS(NULL,XML::Literals::ShibbolethTargetConfig);
+ auto_ptr_XMLCh src(config);
+ dummy->setAttributeNS(NULL,uri,src.get());
+ m_ini=ShibTargetConfigFactory(dummy);
+ dummydoc->release();
+ m_ini->init();
+
+ pair<bool,unsigned int> skew=m_ini->getUnsignedInt("clockSkew");
+ SAMLConfig::getConfig().clock_skew_secs=skew.first ? skew.second : 180;
+ if (skew.first)
+ XMLToolingConfig::getConfig().clock_skew_secs=skew.second;
+
+ m_tranLog=new FixedContextCategory(SHIBTRAN_LOGCAT);
+ m_tranLog->info("opened transaction log");
+ m_tranLogLock = xmltooling::Mutex::create();
}
- } else {
- log4cpp::Category& category = log4cpp::Category::getRoot();
- category.setPriority(log4cpp::Priority::DEBUG);
- cerr << "No logger configuration found\n";
- }
-
- log4cpp::Category& log = log4cpp::Category::getInstance("shibtarget.STConfig");
-
- // Init SAML
- if (ini->get_tag (app, SHIBTARGET_TAG_SCHEMAS, true, &tag))
- samlConf.schema_dir = tag;
- if (ini->get_tag (app, SHIBTARGET_TAG_CERTFILE, true, &tag))
- samlConf.ssl_certfile = tag;
- if (ini->get_tag (app, SHIBTARGET_TAG_KEYFILE, true, &tag))
- samlConf.ssl_keyfile = tag;
- if (ini->get_tag (app, SHIBTARGET_TAG_KEYPASS, true, &tag))
- samlConf.ssl_keypass = tag;
- if (ini->get_tag (app, SHIBTARGET_TAG_CALIST, true, &tag))
- samlConf.ssl_calist = tag;
-
- if (!samlConf.init()) {
- log.error ("Failed to initialize SAML Library");
- throw runtime_error ("Failed to initialize SAML Library");
- } else
- log.debug ("SAML Initialized");
-
- // Init Shib
- if (! ini->get_tag (app, SHIBTARGET_TAG_SITES, true, &tag)) {
- log.crit("No Sites File found in configuration");
- throw runtime_error ("No Sites File found in configuration");
- }
-
- shibConf.origin_mapper = new XMLOriginSiteMapper(tag.c_str(),
- Iterator<X509Certificate*>());
-
- if (!shibConf.init()) {
- log.error ("Failed to initialize Shib library");
- throw runtime_error ("Failed to initialize Shib Library");
- } else
- log.debug ("Shib Initialized");
-
- // Initialize the SHAR Cache
- if (!strcmp (app_name, SHIBTARGET_SHAR))
- g_shibTargetCCache = CCache::getInstance();
-
- // Load any extensions
- string ext = "extensions";
- if (ini->exists(ext)) {
- saml::NDC ndc("load extensions");
- ShibINI::Iterator* iter = ini->tag_iterator(ext);
-
- for (const string* str = iter->begin(); str; str = iter->next()) {
- string file = ini->get(ext, *str);
- try
- {
- samlConf.saml_register_extension(file.c_str());
- log.debug("%s: loading %s", str->c_str(), file.c_str());
- }
- catch (SAMLException& e)
- {
- log.error("%s: %s", str->c_str(), e.what());
- }
+ catch (SAMLException& ex) {
+ log.fatal("caught exception while loading/initializing configuration: %s",ex.what());
+ shutdown();
+ return false;
}
- delete iter;
- }
-
- ref();
- log.debug("finished");
-}
-
-STConfig::~STConfig()
-{
- if (ini) delete ini;
-
- if (g_shibTargetCCache)
- delete g_shibTargetCCache;
-
- delete shibConf.origin_mapper;
- shibConf.term();
- samlConf.term();
-}
+#ifndef _DEBUG
+ catch (...) {
+ log.fatal("caught exception while loading/initializing configuration");
+ shutdown();
+ return false;
+ }
+#endif
-void STConfig::ref()
-{
- refcount++;
+ log.info("finished loading configuration");
+ return true;
}
void STConfig::shutdown()
{
- refcount--;
- if (!refcount) {
- delete g_Config;
- g_Config = NULL;
- }
+#ifdef _DEBUG
+ xmltooling::NDC ndc("shutdown");
+#endif
+ Category& log = Category::getInstance("shibtarget.Config");
+ log.info("shutting down the library");
+ delete m_tranLogLock;
+ m_tranLogLock = NULL;
+ //delete m_tranLog; // This is crashing for some reason, but we're shutting down anyway.
+ delete m_ini;
+ m_ini = NULL;
+ ShibConfig::getConfig().term();
+ SAMLConfig::getConfig().term();
+ SPConfig::getConfig().term();
+ log.info("library shutdown complete");
}