{
public:
WAYFSessionInitiator(const DOMElement* e, const char* appId)
- : AbstractHandler(e, Category::getInstance(SHIBSP_LOGCAT".SessionInitiator.WAYF"), NULL, &m_remapper), m_url(NULL) {
+ : AbstractHandler(e, Category::getInstance(SHIBSP_LOGCAT".SessionInitiator.WAYF"), nullptr, &m_remapper), m_url(nullptr) {
pair<bool,const char*> url = getString("URL");
if (!url.first)
throw ConfigurationException("WAYF SessionInitiator requires a URL property.");
string target;
pair<bool,const char*> prop;
- const Handler* ACS=NULL;
+ const Handler* ACS=nullptr;
const Application& app=request.getApplication();
pair<bool,const char*> discoveryURL = pair<bool,const char*>(true, m_url);
// Since we're not passing by index, we need to fully compute the return URL.
if (!ACS) {
+ // Try fixed index property, or incoming binding set, or default, in order.
pair<bool,unsigned int> index = getUnsignedInt("acsIndex", request, HANDLER_PROPERTY_MAP|HANDLER_PROPERTY_FIXED);
if (index.first) {
ACS = app.getAssertionConsumerServiceByIndex(index.second);
if (!ACS)
request.log(SPRequest::SPWarn, "invalid acsIndex property, using default ACS location");
}
+ /*
+ for (vector<string>::const_iterator b = m_incomingBindings.begin(); !ACS && b != m_incomingBindings.end(); ++b) {
+ ACS = app.getAssertionConsumerServiceByBinding(b->c_str());
+ if (ACS && !XMLString::equals(getProtocolFamily(), ACS->getProtocolFamily()))
+ ACS = nullptr;
+ }
+ */
if (!ACS)
ACS = app.getDefaultAssertionConsumerService();
}
// Validate the ACS for use with this protocol.
- pair<bool,const char*> ACSbinding = ACS ? ACS->getString("Binding") : pair<bool,const char*>(false,NULL);
- if (ACSbinding.first) {
- pair<bool,const char*> compatibleBindings = getString("compatibleBindings");
- if (compatibleBindings.first && strstr(compatibleBindings.second, ACSbinding.second) == NULL) {
- m_log.error("configured or requested ACS has non-SAML 1.x binding");
- throw ConfigurationException("Configured or requested ACS has non-SAML 1.x binding ($1).", params(1, ACSbinding.second));
- }
- else if (strcmp(ACSbinding.second, samlconstants::SAML1_PROFILE_BROWSER_POST) &&
- strcmp(ACSbinding.second, samlconstants::SAML1_PROFILE_BROWSER_ARTIFACT)) {
- m_log.error("configured or requested ACS has non-SAML 1.x binding");
- throw ConfigurationException("Configured or requested ACS has non-SAML 1.x binding ($1).", params(1, ACSbinding.second));
- }
+ if (ACS && !XMLString::equals(samlconstants::SAML11_PROTOCOL_ENUM, ACS->getProtocolFamily())) {
+ m_log.error("configured or requested ACS has non-SAML 1.x binding");
+ throw ConfigurationException("Configured or requested ACS has non-SAML 1.x binding ($1).", params(1, ACS->getString("Binding").second));
}
if (!discoveryURL.first)
// Compute the ACS URL. We add the ACS location to the base handlerURL.
string ACSloc = request.getHandlerURL(target.c_str());
- prop = ACS ? ACS->getString("Location") : pair<bool,const char*>(false,NULL);
+ prop = ACS ? ACS->getString("Location") : pair<bool,const char*>(false,nullptr);
if (prop.first)
ACSloc += prop.second;
target = "default";
char timebuf[16];
- sprintf(timebuf,"%lu",time(NULL));
+ sprintf(timebuf,"%lu",time(nullptr));
const URLEncoder* urlenc = XMLToolingConfig::getConfig().getURLEncoder();
string req=string(discoveryURL.second) + (strchr(discoveryURL.second,'?') ? '&' : '?') + "shire=" + urlenc->encode(ACSloc.c_str()) +
"&time=" + timebuf + "&target=" + urlenc->encode(target.c_str()) +