-/*\r
- * Copyright 2010 Internet2\r
- *\r
- * Licensed under the Apache License, Version 2.0 (the "License");\r
- * you may not use this file except in compliance with the License.\r
- * You may obtain a copy of the License at\r
- *\r
- * http://www.apache.org/licenses/LICENSE-2.0\r
- *\r
- * Unless required by applicable law or agreed to in writing, software\r
- * distributed under the License is distributed on an "AS IS" BASIS,\r
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
- * See the License for the specific language governing permissions and\r
- * limitations under the License.\r
+/**
+ * Licensed to the University Corporation for Advanced Internet
+ * Development, Inc. (UCAID) under one or more contributor license
+ * agreements. See the NOTICE file distributed with this work for
+ * additional information regarding copyright ownership.
+ *
+ * UCAID licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License. You may obtain a copy of the
+ * License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
+ * either express or implied. See the License for the specific
+ * language governing permissions and limitations under the License.
*/\r
\r
/**\r
DOMDocument* m_document;\r
vector<xstring> m_whitelist,m_blacklist;\r
map< string,pair< PropertySet*,vector<const SecurityPolicyRule*> > > m_policyMap;\r
+ map< string,pair< PropertySet*,vector<const SecurityPolicyRule*> > >::const_iterator m_defaultPolicy;\r
\r
friend class SHIBSP_DLLLOCAL XMLSecurityPolicyProvider;\r
};\r
delete m_impl;\r
}\r
\r
- const PropertySet* getPolicySettings(const char* id) const {\r
+ const PropertySet* getPolicySettings(const char* id=nullptr) const {\r
+ if (!id || !*id)\r
+ return m_impl->m_defaultPolicy->second.first;\r
map<string,pair<PropertySet*,vector<const SecurityPolicyRule*> > >::const_iterator i = m_impl->m_policyMap.find(id);\r
if (i != m_impl->m_policyMap.end())\r
return i->second.first;\r
throw ConfigurationException("Security Policy ($1) not found, check <SecurityPolicies> element.", params(1,id));\r
}\r
\r
- const vector<const SecurityPolicyRule*>& getPolicyRules(const char* id) const {\r
+ const vector<const SecurityPolicyRule*>& getPolicyRules(const char* id=nullptr) const {\r
+ if (!id || !*id)\r
+ return m_impl->m_defaultPolicy->second.second;\r
map<string,pair<PropertySet*,vector<const SecurityPolicyRule*> > >::const_iterator i = m_impl->m_policyMap.find(id);\r
if (i != m_impl->m_policyMap.end())\r
return i->second.second;\r
return new SecurityPolicy(application, role, (validate.first && validate.second), policyId);\r
}\r
\r
-XMLSecurityPolicyProviderImpl::XMLSecurityPolicyProviderImpl(const DOMElement* e, Category& log) : m_document(nullptr)\r
+XMLSecurityPolicyProviderImpl::XMLSecurityPolicyProviderImpl(const DOMElement* e, Category& log)\r
+ : m_document(nullptr), m_defaultPolicy(m_policyMap.end())\r
{\r
#ifdef _DEBUG\r
xmltooling::NDC ndc("XMLSecurityPolicyProviderImpl");\r
settings->load(e, nullptr, &filter);\r
rules.first = settings.release();\r
\r
+ // Set default policy if not set, or id is "default".\r
+ if (m_defaultPolicy == m_policyMap.end() || id == "default")\r
+ m_defaultPolicy = m_policyMap.find(id);\r
+\r
// Process PolicyRule elements.\r
const DOMElement* rule = XMLHelper::getFirstChildElement(e, PolicyRule);\r
while (rule) {\r
\r
e = XMLHelper::getNextSiblingElement(e, Policy);\r
}\r
+\r
+ if (m_defaultPolicy == m_policyMap.end())\r
+ throw ConfigurationException("XML SecurityPolicyProvider requires at least one Policy.");\r
}\r
\r
pair<bool,DOMElement*> XMLSecurityPolicyProvider::load(bool backup)\r