/*
- * Copyright 2001-2007 Internet2
- *
+ * Copyright 2001-2011 Internet2
+ *
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
/**
* AbstractSPRequest.cpp
- *
- * Abstract base for SPRequest implementations
+ *
+ * Abstract base for SPRequest implementations.
*/
#include "internal.h"
+#include "exceptions.h"
#include "AbstractSPRequest.h"
#include "Application.h"
+#include "GSSRequest.h"
#include "ServiceProvider.h"
#include "SessionCache.h"
+#include "util/CGIParser.h"
using namespace shibsp;
using namespace opensaml;
using namespace xmltooling;
using namespace std;
+SPRequest::SPRequest()
+{
+}
+
+SPRequest::~SPRequest()
+{
+}
+
+string SPRequest::getSecureHeader(const char* name) const
+{
+ return getHeader(name);
+}
+
+void SPRequest::setAuthType(const char* authtype)
+{
+}
+
+#ifdef SHIBSP_HAVE_GSSAPI
+GSSRequest::GSSRequest()
+{
+}
+
+GSSRequest::~GSSRequest()
+{
+}
+#endif
+
AbstractSPRequest::AbstractSPRequest(const char* category)
- : m_sp(NULL), m_mapper(NULL), m_app(NULL), m_sessionTried(false), m_session(NULL),
- m_log(&Category::getInstance(category)), m_parser(NULL)
+ : m_sp(nullptr), m_mapper(nullptr), m_app(nullptr), m_sessionTried(false), m_session(nullptr),
+ m_log(&Category::getInstance(category)), m_parser(nullptr)
{
m_sp=SPConfig::getConfig().getServiceProvider();
m_sp->lock();
delete m_parser;
}
-RequestMapper::Settings AbstractSPRequest::getRequestSettings() const
+const ServiceProvider& AbstractSPRequest::getServiceProvider() const
{
- if (m_mapper)
- return m_settings;
+ return *m_sp;
+}
- // Map request to application and content settings.
- m_mapper=m_sp->getRequestMapper();
- m_mapper->lock();
- return m_settings = m_mapper->getSettings(*this);
+RequestMapper::Settings AbstractSPRequest::getRequestSettings() const
+{
+ if (!m_mapper) {
+ // Map request to application and content settings.
+ m_mapper=m_sp->getRequestMapper();
+ m_mapper->lock();
+ m_settings = m_mapper->getSettings(*this);
+ if (reinterpret_cast<Category*>(m_log)->isDebugEnabled()) {
+ reinterpret_cast<Category*>(m_log)->debug(
+ "mapped %s to %s", getRequestURL(), m_settings.first->getString("applicationId").second
+ );
+ }
+ }
+ return m_settings;
}
const Application& AbstractSPRequest::getApplication() const
// Now find the application from the URL settings
m_app=m_sp->getApplication(getRequestSettings().first->getString("applicationId").second);
if (!m_app)
- throw ConfigurationException("Unable to map request to application settings, check configuration.");
- }
+ throw ConfigurationException("Unable to map non-default applicationId to an ApplicationOverride, check configuration.");
+ }
return *m_app;
}
-Session* AbstractSPRequest::getSession(bool checkTimeout, bool ignoreAddress, bool cache) const
+Session* AbstractSPRequest::getSession(bool checkTimeout, bool ignoreAddress, bool cache)
{
// Only attempt this once.
if (cache && m_sessionTried)
m_sessionTried = true;
// Need address checking and timeout settings.
- time_t timeout=0;
+ time_t timeout=3600;
if (checkTimeout || !ignoreAddress) {
const PropertySet* props=getApplication().getPropertySet("Sessions");
if (props) {
}
}
- // The cache will either silently pass a session or NULL back, or throw an exception out.
+ // The cache will either silently pass a session or nullptr back, or throw an exception out.
Session* session = getServiceProvider().getSessionCache()->find(
- *this, getApplication(), ignoreAddress ? NULL : getRemoteAddr().c_str(), checkTimeout ? &timeout : NULL
+ getApplication(), *this, ignoreAddress ? nullptr : getRemoteAddr().c_str(), checkTimeout ? &timeout : nullptr
);
if (cache)
m_session = session;
m_uri += uri;
break;
}
- else if (*uri == ';') {
- // If this is Java being stupid, skip everything up to the query string, if any.
- if (!strncmp(uri, ";jsessionid=", 12)) {
- if (uri = strchr(uri, '?'))
- m_uri += uri;
- break;
- }
- else {
- m_uri += *uri;
- }
- }
else if (*uri != '%') {
m_uri += *uri;
}
}
}
+const char* AbstractSPRequest::getRequestURI() const
+{
+ return m_uri.c_str();
+}
+
const char* AbstractSPRequest::getRequestURL() const
{
if (m_url.empty()) {
int port = getPort();
const char* scheme = getScheme();
m_url = string(scheme) + "://" + getHostname();
- if ((!strcmp(scheme,"http") && port!=80) || (!strcmp(scheme,"https") && port!=443)) {
+ if ((!strcmp(scheme,"http") && port!=80) || (!strcmp(scheme,"https") && port!=443)) {
ostringstream portstr;
portstr << port;
m_url += ":" + portstr.str();
return m_url.c_str();
}
+string AbstractSPRequest::getRemoteAddr() const
+{
+ pair<bool,const char*> addr = getRequestSettings().first->getString("REMOTE_ADDR");
+ return addr.first ? getHeader(addr.second) : "";
+}
+
const char* AbstractSPRequest::getParameter(const char* name) const
{
if (!m_parser)
m_parser=new CGIParser(*this);
-
+
pair<CGIParser::walker,CGIParser::walker> bounds=m_parser->getParameters(name);
- return (bounds.first==bounds.second) ? NULL : bounds.first->second;
+ return (bounds.first==bounds.second) ? nullptr : bounds.first->second;
}
vector<const char*>::size_type AbstractSPRequest::getParameters(const char* name, vector<const char*>& values) const
if (!m_handlerURL.empty() && resource && !strcmp(getRequestURL(),resource))
return m_handlerURL.c_str();
-
+
+ string stackresource;
+ if (resource && *resource == '/') {
+ // Compute a URL to the root of the site and point resource at constructed string.
+ int port = getPort();
+ const char* scheme = getScheme();
+ stackresource = string(scheme) + "://" + getHostname();
+ if ((!strcmp(scheme,"http") && port!=80) || (!strcmp(scheme,"https") && port!=443)) {
+ ostringstream portstr;
+ portstr << port;
+ stackresource += ":" + portstr.str();
+ }
+ stackresource += resource;
+ resource = stackresource.c_str();
+ }
+
#ifdef HAVE_STRCASECMP
if (!resource || (strncasecmp(resource,"http://",7) && strncasecmp(resource,"https://",8)))
#else
#endif
throw ConfigurationException("Target resource was not an absolute URL.");
- bool ssl_only=false;
- const char* handler=NULL;
- const PropertySet* props=m_app->getPropertySet("Sessions");
+ bool ssl_only=true;
+ const char* handler=nullptr;
+ const PropertySet* props=getApplication().getPropertySet("Sessions");
if (props) {
pair<bool,bool> p=props->getBool("handlerSSL");
if (p.first)
if (p2.first)
handler=p2.second;
}
-
- // Should never happen...
- if (!handler || (*handler!='/' && strncmp(handler,"http:",5) && strncmp(handler,"https:",6)))
+
+ if (!handler) {
+ handler = "/Shibboleth.sso";
+ }
+ else if (*handler!='/' && strncmp(handler,"http:",5) && strncmp(handler,"https:",6)) {
throw ConfigurationException(
- "Invalid handlerURL property ($1) in Application ($2)",
+ "Invalid handlerURL property ($1) in <Sessions> element for Application ($2)",
params(2, handler ? handler : "null", m_app->getId())
);
+ }
// The "handlerURL" property can be in one of three formats:
//
//
// note: if ssl_only is true, make sure the protocol is https
- const char* path = NULL;
+ const char* path = nullptr;
// Decide whether to use the handler or the resource for the "protocol"
const char* prot;
projects / shibboleth / sp.git / blobdiff