class SHIBSP_DLLLOCAL XMLApplication : public Application, public Remoted, public DOMPropertySet, public DOMNodeFilter
{
public:
- XMLApplication(const ServiceProvider*, const ProtocolProvider*, const DOMElement*, const XMLApplication* base=nullptr);
+ XMLApplication(const ServiceProvider*, const ProtocolProvider*, DOMElement*, const XMLApplication* base=nullptr);
~XMLApplication() { cleanup(); }
const char* getHash() const {return m_hash.c_str();}
acceptNode(const DOMNode* node) const;
private:
+ template <class T> T* doChainedPlugins(
+ PluginManager<T,string,const DOMElement*>& pluginMgr,
+ const char* pluginType,
+ const char* chainingType,
+ const XMLCh* localName,
+ DOMElement* e,
+ Category& log
+ );
void doAttributeInfo();
void doHandlers(const ProtocolProvider*, const DOMElement*, Category&);
void doSSO(const ProtocolProvider&, set<string>&, DOMElement*, Category&);
string m_hash;
std::pair<std::string,std::string> m_attributePrefix;
#ifndef SHIBSP_LITE
- void doAttributePlugins(const DOMElement* e, Category& log);
+ void doAttributePlugins(DOMElement* e, Category& log);
MetadataProvider* m_metadata;
TrustEngine* m_trust;
AttributeExtractor* m_attrExtractor;
class SHIBSP_DLLLOCAL XMLConfigImpl : public DOMPropertySet, public DOMNodeFilter
{
public:
- XMLConfigImpl(const DOMElement* e, bool first, const XMLConfig* outer, Category& log);
+ XMLConfigImpl(const DOMElement* e, bool first, XMLConfig* outer, Category& log);
~XMLConfigImpl();
RequestMapper* m_requestMapper;
}
private:
- void doExtensions(const DOMElement* e, const char* label, Category& log);
- void doListener(const DOMElement* e, Category& log);
- void doCaching(const DOMElement* e, Category& log);
+ void doExtensions(const DOMElement*, const char*, Category&);
+ void doListener(const DOMElement*, XMLConfig*, Category&);
+ void doCaching(const DOMElement*, XMLConfig*, Category&);
void cleanup();
- const XMLConfig* m_outer;
DOMDocument* m_document;
};
private:
friend class XMLConfigImpl;
XMLConfigImpl* m_impl;
- mutable ListenerService* m_listener;
- mutable SessionCache* m_sessionCache;
+ ListenerService* m_listener;
+ SessionCache* m_sessionCache;
#ifndef SHIBSP_LITE
- mutable TransactionLog* m_tranLog;
- mutable map<string,StorageService*> m_storage;
+ TransactionLog* m_tranLog;
+ map<string,StorageService*> m_storage;
#endif
};
XMLApplication::XMLApplication(
const ServiceProvider* sp,
const ProtocolProvider* pp,
- const DOMElement* e,
+ DOMElement* e,
const XMLApplication* base
) : Application(sp), m_base(base),
#ifndef SHIBSP_LITE
SPConfig& conf=SPConfig::getConfig();
#ifndef SHIBSP_LITE
- SAMLConfig& samlConf=SAMLConfig::getConfig();
XMLToolingConfig& xmlConf=XMLToolingConfig::getConfig();
#endif
m_audiences.push_back(nlist->item(i)->getFirstChild()->getNodeValue());
}
- const DOMElement* child;
-
if (conf.isEnabled(SPConfig::Metadata)) {
- child = XMLHelper::getFirstChildElement(e, _MetadataProvider);
- if (child) {
- string t(XMLHelper::getAttrString(child, nullptr, _type));
- try {
- if (!t.empty()) {
- log.info("building MetadataProvider of type %s...", t.c_str());
- auto_ptr<MetadataProvider> mp(samlConf.MetadataProviderManager.newPlugin(t.c_str(), child));
- mp->init();
- m_metadata = mp.release();
- }
- else {
- throw ConfigurationException("MetadataProvider element had no type attribute.");
- }
+ auto_ptr<MetadataProvider> mp(
+ doChainedPlugins(
+ SAMLConfig::getConfig().MetadataProviderManager, "MetadataProvider", CHAINING_METADATA_PROVIDER, _MetadataProvider, e, log
+ )
+ );
+ try {
+ if (mp.get()) {
+ mp->init();
+ m_metadata = mp.release();
}
- catch (exception& ex) {
- log.crit("error building/initializing MetadataProvider: %s", ex.what());
+ else if (!m_base) {
+ log.crit("no MetadataProvider available, configuration is probably unusable");
}
}
+ catch (exception& ex) {
+ log.crit("error initializing MetadataProvider: %s", ex.what());
+ }
}
if (conf.isEnabled(SPConfig::Trust)) {
- child = XMLHelper::getFirstChildElement(e, _TrustEngine);
- if (child) {
- string t(XMLHelper::getAttrString(child, nullptr, _type));
- try {
- if (!t.empty()) {
- log.info("building TrustEngine of type %s...", t.c_str());
- m_trust = xmlConf.TrustEngineManager.newPlugin(t.c_str(), child);
- }
- else {
- throw ConfigurationException("TrustEngine element had no type attribute.");
- }
- }
- catch (exception& ex) {
- log.crit("error building TrustEngine: %s", ex.what());
- }
- }
- else if (!m_base) {
+ m_trust = doChainedPlugins(xmlConf.TrustEngineManager, "TrustEngine", CHAINING_TRUSTENGINE, _TrustEngine, e, log);
+ if (!m_trust && !m_base) {
log.info(
- "no TrustEngine specified, using default chain {%s, %s}",
+ "no TrustEngine specified or installed, using default chain {%s, %s}",
EXPLICIT_KEY_TRUSTENGINE, SHIBBOLETH_PKIX_TRUSTENGINE
);
m_trust = xmlConf.TrustEngineManager.newPlugin(CHAINING_TRUSTENGINE, nullptr);
doAttributePlugins(e, log);
if (conf.isEnabled(SPConfig::Credentials)) {
- child = XMLHelper::getFirstChildElement(e,_CredentialResolver);
- if (child) {
- auto_ptr_char type(child->getAttributeNS(nullptr,_type));
- log.info("building CredentialResolver of type %s...",type.get());
- try {
- m_credResolver = xmlConf.CredentialResolverManager.newPlugin(type.get(),child);
- }
- catch (exception& ex) {
- log.crit("error building CredentialResolver: %s", ex.what());
- }
- }
+ m_credResolver = doChainedPlugins(
+ xmlConf.CredentialResolverManager, "CredentialResolver", CHAINING_CREDENTIAL_RESOLVER, _CredentialResolver, e, log
+ );
}
// Finally, load relying parties.
- child = XMLHelper::getFirstChildElement(e,RelyingParty);
+ const DOMElement* child = XMLHelper::getFirstChildElement(e, RelyingParty);
while (child) {
- auto_ptr<DOMPropertySet> rp(new DOMPropertySet());
- rp->load(child,nullptr,this);
- rp->setParent(this);
- m_partyMap[child->getAttributeNS(nullptr,saml2::Attribute::NAME_ATTRIB_NAME)]=rp.release();
- child = XMLHelper::getNextSiblingElement(child,RelyingParty);
+ if (child->hasAttributeNS(nullptr, saml2::Attribute::NAME_ATTRIB_NAME)) {
+ auto_ptr<DOMPropertySet> rp(new DOMPropertySet());
+ rp->load(child, nullptr, this);
+ rp->setParent(this);
+ m_partyMap[child->getAttributeNS(nullptr, saml2::Attribute::NAME_ATTRIB_NAME)] = rp.release();
+ }
+ child = XMLHelper::getNextSiblingElement(child, RelyingParty);
+ }
+ if (base && m_partyMap.empty() && !base->m_partyMap.empty()) {
+ // For inheritance of RPs to work, we have to pull them in to the override by cloning the DOM.
+ child = XMLHelper::getFirstChildElement(base->getElement(), RelyingParty);
+ while (child) {
+ if (child->hasAttributeNS(nullptr, saml2::Attribute::NAME_ATTRIB_NAME)) {
+ DOMElement* rpclone = static_cast<DOMElement*>(child->cloneNode(true));
+ auto_ptr<DOMPropertySet> rp(new DOMPropertySet());
+ rp->load(rpclone, nullptr, this);
+ rp->setParent(this);
+ m_partyMap[rpclone->getAttributeNS(nullptr, saml2::Attribute::NAME_ATTRIB_NAME)] = rp.release();
+ }
+ child = XMLHelper::getNextSiblingElement(child, RelyingParty);
+ }
}
#endif
#endif
}
+template <class T> T* XMLApplication::doChainedPlugins(
+ PluginManager<T,string,const DOMElement*>& pluginMgr,
+ const char* pluginType,
+ const char* chainingType,
+ const XMLCh* localName,
+ DOMElement* e,
+ Category& log
+ )
+{
+ string t;
+ DOMElement* child = XMLHelper::getFirstChildElement(e, localName);
+ if (child) {
+ // Check for multiple.
+ if (XMLHelper::getNextSiblingElement(child, localName)) {
+ log.info("multiple %s plugins, wrapping in a chain", pluginType);
+ DOMElement* chain = child->getOwnerDocument()->createElementNS(nullptr, localName);
+ while (child) {
+ chain->appendChild(child);
+ child = XMLHelper::getFirstChildElement(e, localName);
+ }
+ t = chainingType;
+ child = chain;
+ e->appendChild(chain);
+ }
+ else {
+ // Only a single one.
+ t = XMLHelper::getAttrString(child, nullptr, _type);
+ }
+
+ try {
+ if (!t.empty()) {
+ log.info("building %s of type %s...", pluginType, t.c_str());
+ return pluginMgr.newPlugin(t.c_str(), child);
+ }
+ else {
+ throw ConfigurationException("$1 element had no type attribute.", params(1, pluginType));
+ }
+ }
+ catch (exception& ex) {
+ log.crit("error building %s: %s", pluginType, ex.what());
+ }
+ }
+
+ return nullptr;
+}
+
void XMLApplication::doAttributeInfo()
{
// Populate prefix pair.
child = XMLHelper::getNextSiblingElement(child);
continue;
}
- handler = conf.AssertionConsumerServiceManager.newPlugin(bindprop.c_str(), make_pair(child, getId()));
+ handler = conf.AssertionConsumerServiceManager.newPlugin(bindprop.c_str(), pair<const DOMElement*,const char*>(child, getId()));
// Map by binding and protocol (may be > 1 per protocol and binding)
m_acsBindingMap[handler->getXMLString("Binding").second].push_back(handler);
const XMLCh* protfamily = handler->getProtocolFamily();
child = XMLHelper::getNextSiblingElement(child);
continue;
}
- SessionInitiator* sihandler = conf.SessionInitiatorManager.newPlugin(t.c_str(), make_pair(child, getId()));
+ SessionInitiator* sihandler = conf.SessionInitiatorManager.newPlugin(t.c_str(), pair<const DOMElement*,const char*>(child, getId()));
handler = sihandler;
pair<bool,const char*> si_id = handler->getString("id");
if (si_id.first && si_id.second)
child = XMLHelper::getNextSiblingElement(child);
continue;
}
- handler = conf.LogoutInitiatorManager.newPlugin(t.c_str(), make_pair(child, getId()));
+ handler = conf.LogoutInitiatorManager.newPlugin(t.c_str(), pair<const DOMElement*,const char*>(child, getId()));
}
else if (XMLString::equals(child->getLocalName(), _ArtifactResolutionService)) {
string bindprop(XMLHelper::getAttrString(child, nullptr, Binding));
child = XMLHelper::getNextSiblingElement(child);
continue;
}
- handler = conf.ArtifactResolutionServiceManager.newPlugin(bindprop.c_str(), make_pair(child, getId()));
+ handler = conf.ArtifactResolutionServiceManager.newPlugin(bindprop.c_str(), pair<const DOMElement*,const char*>(child, getId()));
if (!hardArt) {
pair<bool,bool> defprop = handler->getBool("isDefault");
child = XMLHelper::getNextSiblingElement(child);
continue;
}
- handler = conf.SingleLogoutServiceManager.newPlugin(bindprop.c_str(), make_pair(child, getId()));
+ handler = conf.SingleLogoutServiceManager.newPlugin(bindprop.c_str(), pair<const DOMElement*,const char*>(child, getId()));
}
else if (XMLString::equals(child->getLocalName(), _ManageNameIDService)) {
string bindprop(XMLHelper::getAttrString(child, nullptr, Binding));
child = XMLHelper::getNextSiblingElement(child);
continue;
}
- handler = conf.ManageNameIDServiceManager.newPlugin(bindprop.c_str(), make_pair(child, getId()));
+ handler = conf.ManageNameIDServiceManager.newPlugin(bindprop.c_str(), pair<const DOMElement*,const char*>(child, getId()));
}
else {
string t(XMLHelper::getAttrString(child, nullptr, _type));
child = XMLHelper::getNextSiblingElement(child);
continue;
}
- handler = conf.HandlerManager.newPlugin(t.c_str(), make_pair(child, getId()));
+ handler = conf.HandlerManager.newPlugin(t.c_str(), pair<const DOMElement*,const char*>(child, getId()));
}
m_handlers.push_back(handler);
acsdom->setAttributeNS(nullptr, _index, indexbuf.c_str());
log.info("adding AssertionConsumerService for Binding (%s) at (%s)", (*b)->getString("id").second, (*b)->getString("path").second);
- Handler* handler = conf.AssertionConsumerServiceManager.newPlugin((*b)->getString("id").second, make_pair(acsdom, getId()));
+ Handler* handler = conf.AssertionConsumerServiceManager.newPlugin(
+ (*b)->getString("id").second, pair<const DOMElement*,const char*>(acsdom, getId())
+ );
m_handlers.push_back(handler);
// Setup maps and defaults.
e->setAttributeNS(nullptr, Location, _loc);
// Instantiate Chaining initiator around the SSO element.
- SessionInitiator* chain = conf.SessionInitiatorManager.newPlugin(CHAINING_SESSION_INITIATOR, make_pair(e, getId()));
+ SessionInitiator* chain = conf.SessionInitiatorManager.newPlugin(
+ CHAINING_SESSION_INITIATOR, pair<const DOMElement*,const char*>(e, getId())
+ );
m_handlers.push_back(chain);
m_sessionInitDefault = chain;
m_handlerMap["/Login"] = chain;
slodom->setAttributeNS(nullptr, Location, pathprop.second);
log.info("adding SingleLogoutService for Binding (%s) at (%s)", (*b)->getString("id").second, (*b)->getString("path").second);
- Handler* handler = conf.SingleLogoutServiceManager.newPlugin((*b)->getString("id").second, make_pair(slodom, getId()));
+ Handler* handler = conf.SingleLogoutServiceManager.newPlugin(
+ (*b)->getString("id").second, pair<const DOMElement*,const char*>(slodom, getId())
+ );
m_handlers.push_back(handler);
// Insert into location map.
e->setAttributeNS(nullptr, Location, _loc);
// Instantiate Chaining initiator around the SSO element.
- Handler* chain = conf.LogoutInitiatorManager.newPlugin(CHAINING_LOGOUT_INITIATOR, make_pair(e, getId()));
+ Handler* chain = conf.LogoutInitiatorManager.newPlugin(
+ CHAINING_LOGOUT_INITIATOR, pair<const DOMElement*,const char*>(e, getId())
+ );
m_handlers.push_back(chain);
m_handlerMap["/Logout"] = chain;
}
nimdom->setAttributeNS(nullptr, Location, pathprop.second);
log.info("adding ManageNameIDService for Binding (%s) at (%s)", (*b)->getString("id").second, (*b)->getString("path").second);
- Handler* handler = conf.ManageNameIDServiceManager.newPlugin((*b)->getString("id").second, make_pair(nimdom, getId()));
+ Handler* handler = conf.ManageNameIDServiceManager.newPlugin(
+ (*b)->getString("id").second, pair<const DOMElement*,const char*>(nimdom, getId())
+ );
m_handlers.push_back(handler);
// Insert into location map.
artdom->setAttributeNS(nullptr, _index, indexbuf.c_str());
log.info("adding ArtifactResolutionService for Binding (%s) at (%s)", (*b)->getString("id").second, (*b)->getString("path").second);
- Handler* handler = conf.ArtifactResolutionServiceManager.newPlugin((*b)->getString("id").second, make_pair(artdom, getId()));
+ Handler* handler = conf.ArtifactResolutionServiceManager.newPlugin(
+ (*b)->getString("id").second, pair<const DOMElement*,const char*>(artdom, getId())
+ );
m_handlers.push_back(handler);
if (!m_artifactResolutionDefault)
}
#ifndef SHIBSP_LITE
-void XMLApplication::doAttributePlugins(const DOMElement* e, Category& log)
+void XMLApplication::doAttributePlugins(DOMElement* e, Category& log)
{
SPConfig& conf = SPConfig::getConfig();
- DOMElement* child = XMLHelper::getFirstChildElement(e, _AttributeExtractor);
- if (child) {
- string t(XMLHelper::getAttrString(child, nullptr, _type));
- try {
- if (!t.empty()) {
- log.info("building AttributeExtractor of type %s...", t.c_str());
- m_attrExtractor = conf.AttributeExtractorManager.newPlugin(t.c_str(), child);
- }
- else {
- throw ConfigurationException("AttributeExtractor element had no type attribute.");
- }
- }
- catch (exception& ex) {
- log.crit("error building AttributeExtractor: %s", ex.what());
- }
- }
+ m_attrExtractor =
+ doChainedPlugins(conf.AttributeExtractorManager, "AttributeExtractor", CHAINING_ATTRIBUTE_EXTRACTOR, _AttributeExtractor, e, log);
- child = XMLHelper::getFirstChildElement(e, _AttributeFilter);
- if (child) {
- string t(XMLHelper::getAttrString(child, nullptr, _type));
- try {
- if (!t.empty()) {
- log.info("building AttributeFilter of type %s...", t.c_str());
- m_attrFilter = conf.AttributeFilterManager.newPlugin(t.c_str(), child);
- }
- else {
- throw ConfigurationException("AttributeFilter element had no type attribute.");
- }
- }
- catch (exception& ex) {
- log.crit("error building AttributeFilter: %s", ex.what());
- }
- }
+ m_attrFilter =
+ doChainedPlugins(conf.AttributeFilterManager, "AttributeFilter", CHAINING_ATTRIBUTE_FILTER, _AttributeFilter, e, log);
- child = XMLHelper::getFirstChildElement(e, _AttributeResolver);
- if (child) {
- string t(XMLHelper::getAttrString(child, nullptr, _type));
- try {
- if (!t.empty()) {
- log.info("building AttributeResolver of type %s...", t.c_str());
- m_attrResolver = conf.AttributeResolverManager.newPlugin(t.c_str(), child);
- }
- else {
- throw ConfigurationException("AttributeResolver element had no type attribute.");
- }
- }
- catch (exception& ex) {
- log.crit("error building AttributeResolver: %s", ex.what());
- }
- }
+ m_attrResolver =
+ doChainedPlugins(conf.AttributeResolverManager, "AttributeResolver", CHAINING_ATTRIBUTE_RESOLVER, _AttributeResolver, e, log);
if (m_unsetHeaders.empty()) {
vector<string> unsetHeaders;
}
}
-void XMLConfigImpl::doListener(const DOMElement* e, Category& log)
+void XMLConfigImpl::doListener(const DOMElement* e, XMLConfig* conf, Category& log)
{
#ifdef WIN32
string plugtype(TCP_LISTENER_SERVICE);
}
log.info("building ListenerService of type %s...", plugtype.c_str());
- m_outer->m_listener = SPConfig::getConfig().ListenerServiceManager.newPlugin(plugtype.c_str(), child);
+ conf->m_listener = SPConfig::getConfig().ListenerServiceManager.newPlugin(plugtype.c_str(), child);
}
-void XMLConfigImpl::doCaching(const DOMElement* e, Category& log)
+void XMLConfigImpl::doCaching(const DOMElement* e, XMLConfig* conf, Category& log)
{
- SPConfig& conf = SPConfig::getConfig();
+ SPConfig& spConf = SPConfig::getConfig();
#ifndef SHIBSP_LITE
SAMLConfig& samlConf = SAMLConfig::getConfig();
#endif
- XMLToolingConfig& xmlConf = XMLToolingConfig::getConfig();
DOMElement* child;
#ifndef SHIBSP_LITE
- if (conf.isEnabled(SPConfig::OutOfProcess)) {
+ if (spConf.isEnabled(SPConfig::OutOfProcess)) {
+ XMLToolingConfig& xmlConf = XMLToolingConfig::getConfig();
// First build any StorageServices.
child = XMLHelper::getFirstChildElement(e, _StorageService);
while (child) {
if (!t.empty()) {
try {
log.info("building StorageService (%s) of type %s...", id.c_str(), t.c_str());
- m_outer->m_storage[id] = xmlConf.StorageServiceManager.newPlugin(t.c_str(), child);
+ conf->m_storage[id] = xmlConf.StorageServiceManager.newPlugin(t.c_str(), child);
}
catch (exception& ex) {
log.crit("failed to instantiate StorageService (%s): %s", id.c_str(), ex.what());
child = XMLHelper::getNextSiblingElement(child, _StorageService);
}
- if (m_outer->m_storage.empty()) {
+ if (conf->m_storage.empty()) {
log.info("no StorageService plugin(s) installed, using (mem) in-memory instance");
- m_outer->m_storage["id"] = xmlConf.StorageServiceManager.newPlugin(MEMORY_STORAGE_SERVICE, nullptr);
+ conf->m_storage["mem"] = xmlConf.StorageServiceManager.newPlugin(MEMORY_STORAGE_SERVICE, nullptr);
}
// Replay cache.
if (child) {
string ssid(XMLHelper::getAttrString(child, nullptr, _StorageService));
if (!ssid.empty()) {
- if (m_outer->m_storage.count(ssid)) {
+ if (conf->m_storage.count(ssid)) {
log.info("building ReplayCache on top of StorageService (%s)...", ssid.c_str());
- replaySS = m_outer->m_storage[ssid];
+ replaySS = conf->m_storage[ssid];
}
else {
log.error("unable to locate StorageService (%s), using arbitrary instance for ReplayCache", ssid.c_str());
- replaySS = m_outer->m_storage.begin()->second;
+ replaySS = conf->m_storage.begin()->second;
}
}
else {
log.info("no StorageService specified for ReplayCache, using arbitrary instance");
- replaySS = m_outer->m_storage.begin()->second;
+ replaySS = conf->m_storage.begin()->second;
}
}
else {
log.info("no ReplayCache specified, using arbitrary StorageService instance");
- replaySS = m_outer->m_storage.begin()->second;
+ replaySS = conf->m_storage.begin()->second;
}
xmlConf.setReplayCache(new ReplayCache(replaySS));
if (child) {
string ssid(XMLHelper::getAttrString(child, nullptr, _StorageService));
if (!ssid.empty()) {
- if (m_outer->m_storage.count(ssid)) {
+ if (conf->m_storage.count(ssid)) {
log.info("building ArtifactMap on top of StorageService (%s)...", ssid.c_str());
- samlConf.setArtifactMap(new ArtifactMap(child, m_outer->m_storage[ssid]));
+ samlConf.setArtifactMap(new ArtifactMap(child, conf->m_storage[ssid]));
}
else {
log.error("unable to locate StorageService (%s), using in-memory ArtifactMap", ssid.c_str());
string t(XMLHelper::getAttrString(child, nullptr, _type));
if (!t.empty()) {
log.info("building SessionCache of type %s...", t.c_str());
- m_outer->m_sessionCache = conf.SessionCacheManager.newPlugin(t.c_str(), child);
+ conf->m_sessionCache = spConf.SessionCacheManager.newPlugin(t.c_str(), child);
}
}
- if (!m_outer->m_sessionCache) {
+ if (!conf->m_sessionCache) {
log.info("no SessionCache specified, using StorageService-backed instance");
- m_outer->m_sessionCache = conf.SessionCacheManager.newPlugin(STORAGESERVICE_SESSION_CACHE, nullptr);
+ conf->m_sessionCache = spConf.SessionCacheManager.newPlugin(STORAGESERVICE_SESSION_CACHE, nullptr);
}
}
-XMLConfigImpl::XMLConfigImpl(const DOMElement* e, bool first, const XMLConfig* outer, Category& log)
+XMLConfigImpl::XMLConfigImpl(const DOMElement* e, bool first, XMLConfig* outer, Category& log)
: m_requestMapper(nullptr),
#ifndef SHIBSP_LITE
m_policy(nullptr),
#endif
- m_outer(outer), m_document(nullptr)
+ m_document(nullptr)
{
#ifdef _DEBUG
xmltooling::NDC ndc("XMLConfigImpl");
try {
SPConfig& conf=SPConfig::getConfig();
-#ifndef SHIBSP_LITE
- SAMLConfig& samlConf=SAMLConfig::getConfig();
-#endif
XMLToolingConfig& xmlConf=XMLToolingConfig::getConfig();
const DOMElement* SHAR=XMLHelper::getFirstChildElement(e, OutOfProcess);
const DOMElement* SHIRE=XMLHelper::getFirstChildElement(e, InProcess);
#ifndef SHIBSP_LITE
if (first)
- m_outer->m_tranLog = new TransactionLog();
+ outer->m_tranLog = new TransactionLog();
#endif
}
log.info("Shibboleth SP Version %s", PACKAGE_VERSION);
#ifndef SHIBSP_LITE
log.info(
- "Library versions: Xerces-C %s, XML-Security-C %s, XMLTooling-C %s, OpenSAML-C %s, Shibboleth %s",
+ "Library versions: %s %s, Xerces-C %s, XML-Security-C %s, XMLTooling-C %s, OpenSAML-C %s, Shibboleth %s",
+# if defined(LOG4SHIB_VERSION)
+ "log4shib", LOG4SHIB_VERSION,
+# elif defined(LOG4CPP_VERSION)
+ "log4cpp", LOG4CPP_VERSION,
+# else
+ "", "",
+# endif
XERCES_FULLVERSIONDOT, XSEC_FULLVERSIONDOT, XMLTOOLING_FULLVERSIONDOT, OPENSAML_FULLVERSIONDOT, SHIBSP_FULLVERSIONDOT
);
#else
log.info(
- "Library versions: Xerces-C %s, XMLTooling-C %s, Shibboleth %s",
+ "Library versions: %s %s, Xerces-C %s, XMLTooling-C %s, Shibboleth %s",
+# if defined(LOG4SHIB_VERSION)
+ "log4shib", LOG4SHIB_VERSION,
+# elif defined(LOG4CPP_VERSION)
+ "log4cpp", LOG4CPP_VERSION,
+# else
+ "", "",
+# endif
XERCES_FULLVERSIONDOT, XMLTOOLING_FULLVERSIONDOT, SHIBSP_FULLVERSIONDOT
);
#endif
// Instantiate the ListenerService and SessionCache objects.
if (conf.isEnabled(SPConfig::Listener))
- doListener(e, log);
+ doListener(e, outer, log);
#ifndef SHIBSP_LITE
- if (m_outer->m_listener && conf.isEnabled(SPConfig::OutOfProcess) && !conf.isEnabled(SPConfig::InProcess)) {
- m_outer->m_listener->regListener("set::RelayState", const_cast<XMLConfig*>(m_outer));
- m_outer->m_listener->regListener("get::RelayState", const_cast<XMLConfig*>(m_outer));
- m_outer->m_listener->regListener("set::PostData", const_cast<XMLConfig*>(m_outer));
- m_outer->m_listener->regListener("get::PostData", const_cast<XMLConfig*>(m_outer));
+ if (outer->m_listener && conf.isEnabled(SPConfig::OutOfProcess) && !conf.isEnabled(SPConfig::InProcess)) {
+ outer->m_listener->regListener("set::RelayState", outer);
+ outer->m_listener->regListener("get::RelayState", outer);
+ outer->m_listener->regListener("set::PostData", outer);
+ outer->m_listener->regListener("get::PostData", outer);
}
#endif
if (conf.isEnabled(SPConfig::Caching))
- doCaching(e, log);
+ doCaching(e, outer, log);
} // end of first-time-only stuff
// Back to the fully dynamic stuff...next up is the RequestMapper.
}
if (first) {
-#ifdef SHIBSP_XMLSEC_WHITELISTING
- vector<xstring>::const_iterator alg;
if (!m_policy->getAlgorithmBlacklist().empty()) {
- for (alg = m_policy->getAlgorithmBlacklist().begin(); alg != m_policy->getAlgorithmBlacklist().end(); ++alg)
+#ifdef SHIBSP_XMLSEC_WHITELISTING
+ for (vector<xstring>::const_iterator alg = m_policy->getAlgorithmBlacklist().begin(); alg != m_policy->getAlgorithmBlacklist().end(); ++alg)
XSECPlatformUtils::blacklistAlgorithm(alg->c_str());
+#else
+ log.crit("XML-Security-C library prior to 1.6.0 does not support algorithm white/blacklists");
+#endif
}
else if (!m_policy->getAlgorithmWhitelist().empty()) {
- for (alg = m_policy->getAlgorithmWhitelist().begin(); alg != m_policy->getAlgorithmWhitelist().end(); ++alg)
+#ifdef SHIBSP_XMLSEC_WHITELISTING
+ for (vector<xstring>::const_iterator alg = m_policy->getAlgorithmWhitelist().begin(); alg != m_policy->getAlgorithmWhitelist().end(); ++alg)
XSECPlatformUtils::whitelistAlgorithm(alg->c_str());
- }
#else
- log.fatal("XML-Security-C library prior to 1.6.0 does not support algorithm white/blacklists");
- throw ConfigurationException("XML-Security-C library prior to 1.6.0 does not support algorithm white/blacklists.");
+ log.crit("XML-Security-C library prior to 1.6.0 does not support algorithm white/blacklists");
#endif
+ }
}
// Process TransportOption elements.
log.fatal("can't build default Application object, missing conf:ApplicationDefaults element?");
throw ConfigurationException("can't build default Application object, missing conf:ApplicationDefaults element?");
}
- XMLApplication* defapp = new XMLApplication(m_outer, pp, child);
+ XMLApplication* defapp = new XMLApplication(outer, pp, child);
m_appmap[defapp->getId()] = defapp;
// Load any overrides.
child = XMLHelper::getFirstChildElement(child, ApplicationOverride);
while (child) {
- auto_ptr<XMLApplication> iapp(new XMLApplication(m_outer, pp, child, defapp));
+ auto_ptr<XMLApplication> iapp(new XMLApplication(outer, pp, child, defapp));
if (m_appmap.count(iapp->getId()))
log.crit("found conf:ApplicationOverride element with duplicate id attribute (%s), skipping it", iapp->getId());
else {
child = XMLHelper::getNextSiblingElement(child, ApplicationOverride);
}
+
+ // Check for extra AuthTypes to recognize.
+ if (conf.isEnabled(SPConfig::InProcess)) {
+ const PropertySet* inprocs = getPropertySet("InProcess");
+ if (inprocs) {
+ pair<bool,const char*> extraAuthTypes = inprocs->getString("extraAuthTypes");
+ if (extraAuthTypes.first) {
+ string types=extraAuthTypes.second;
+ unsigned int j_types=0;
+ for (unsigned int i_types=0; i_types < types.length(); i_types++) {
+ if (types.at(i_types) == ' ') {
+ outer->m_authTypes.insert(types.substr(j_types, i_types - j_types));
+ j_types = i_types + 1;
+ }
+ }
+ outer->m_authTypes.insert(types.substr(j_types, types.length() - j_types));
+ }
+ }
+ }
}
catch (exception&) {
cleanup();