#include "handler/SessionInitiator.h"
#include "util/SPConstants.h"
-#include <saml/saml2/metadata/Metadata.h>
-#include <saml/saml2/metadata/EndpointManager.h>
+#ifndef SHIBSP_LITE
+# include <saml/saml2/metadata/Metadata.h>
+# include <saml/saml2/metadata/EndpointManager.h>
+#endif
#include <xmltooling/XMLToolingConfig.h>
#include <xmltooling/util/URLEncoder.h>
using namespace opensaml::saml2md;
using namespace opensaml;
using namespace xmltooling;
-using namespace log4cpp;
using namespace std;
namespace shibsp {
const char* acsLocation,
string& relayState
) const;
-
string m_appId;
};
if (isHandler) {
option=request.getParameter("acsIndex");
- if (option)
+ if (option) {
ACS = app.getAssertionConsumerServiceByIndex(atoi(option));
+ if (!ACS)
+ request.log(SPRequest::SPWarn, "invalid acsIndex specified in request, using default ACS location");
+ }
option = request.getParameter("target");
if (option)
target=request.getRequestURL();
}
- // Since we're not passing by index, we need to fully compute the return URL and binding.
- if (!ACS)
- ACS = app.getDefaultAssertionConsumerService();
+ // Since we're not passing by index, we need to fully compute the return URL.
+ if (!ACS) {
+ pair<bool,unsigned int> index = getUnsignedInt("defaultACSIndex");
+ if (index.first) {
+ ACS = app.getAssertionConsumerServiceByIndex(index.second);
+ if (!ACS)
+ request.log(SPRequest::SPWarn, "invalid defaultACSIndex, using default ACS location");
+ }
+ if (!ACS)
+ ACS = app.getDefaultAssertionConsumerService();
+ }
// Compute the ACS URL. We add the ACS location to the base handlerURL.
string ACSloc=request.getHandlerURL(target.c_str());
string& relayState
) const
{
+#ifndef SHIBSP_LITE
// Use metadata to invoke the SSO service directly.
MetadataProvider* m=app.getMetadataProvider();
Locker locker(m);
const EntityDescriptor* entity=m->getEntityDescriptor(entityID);
if (!entity) {
m_log.error("unable to locate metadata for provider (%s)", entityID);
- return make_pair(false,0);
+ throw MetadataException("Unable to locate metadata for identity provider ($entityID)",
+ namedparams(1, "entityID", entityID));
}
const IDPSSODescriptor* role=entity->getIDPSSODescriptor(shibspconstants::SHIB1_PROTOCOL_ENUM);
if (!role) {
relayState = "default";
char timebuf[16];
- sprintf(timebuf,"%u",time(NULL));
+ sprintf(timebuf,"%lu",time(NULL));
const URLEncoder* urlenc = XMLToolingConfig::getConfig().getURLEncoder();
auto_ptr_char dest(ep->getLocation());
string req=string(dest.get()) + (strchr(dest.get(),'?') ? '&' : '?') + "shire=" + urlenc->encode(acsLocation) +
"&providerId=" + urlenc->encode(app.getString("entityID").second);
return make_pair(true, httpResponse.sendRedirect(req.c_str()));
+#else
+ return make_pair(false,0);
+#endif
}