#include "SPConfig.h"\r
#include "SPRequest.h"\r
#include "TransactionLog.h"\r
+#include "attribute/filtering/AttributeFilter.h"\r
#include "attribute/resolver/AttributeExtractor.h"\r
#include "attribute/resolver/AttributeResolver.h"\r
#include "handler/SessionInitiator.h"\r
const char* getId() const {return getString("id").second;}\r
const char* getHash() const {return m_hash.c_str();}\r
\r
- MetadataProvider* getMetadataProvider() const {\r
+ MetadataProvider* getMetadataProvider(bool required=true) const {\r
+ if (required && !m_base && !m_metadata)\r
+ throw ConfigurationException("No MetadataProvider available.");\r
return (!m_metadata && m_base) ? m_base->getMetadataProvider() : m_metadata;\r
}\r
- TrustEngine* getTrustEngine() const {\r
+ TrustEngine* getTrustEngine(bool required=true) const {\r
+ if (required && !m_base && !m_trust)\r
+ throw ConfigurationException("No TrustEngine available.");\r
return (!m_trust && m_base) ? m_base->getTrustEngine() : m_trust;\r
}\r
AttributeExtractor* getAttributeExtractor() const {\r
return (!m_attrExtractor && m_base) ? m_base->getAttributeExtractor() : m_attrExtractor;\r
}\r
+ AttributeFilter* getAttributeFilter() const {\r
+ return (!m_attrFilter && m_base) ? m_base->getAttributeFilter() : m_attrFilter;\r
+ }\r
AttributeResolver* getAttributeResolver() const {\r
return (!m_attrResolver && m_base) ? m_base->getAttributeResolver() : m_attrResolver;\r
}\r
+ const set<string>& getRemoteUserAttributeIds() const {\r
+ return (m_attributeIds.empty() && m_base) ? m_base->getRemoteUserAttributeIds() : m_attributeIds;\r
+ }\r
CredentialResolver* getCredentialResolver() const {\r
return (!m_credResolver && m_base) ? m_base->getCredentialResolver() : m_credResolver;\r
}\r
MetadataProvider* m_metadata;\r
TrustEngine* m_trust;\r
AttributeExtractor* m_attrExtractor;\r
+ AttributeFilter* m_attrFilter;\r
AttributeResolver* m_attrResolver;\r
CredentialResolver* m_credResolver;\r
vector<const XMLCh*> m_audiences;\r
+ set<string> m_attributeIds;\r
\r
// manage handler objects\r
vector<Handler*> m_handlers;\r
const ServiceProvider* sp,\r
const DOMElement* e,\r
const XMLApplication* base\r
- ) : m_sp(sp), m_base(base), m_metadata(NULL), m_trust(NULL), m_attrExtractor(NULL), m_attrResolver(NULL),\r
+ ) : m_sp(sp), m_base(base), m_metadata(NULL), m_trust(NULL), m_attrExtractor(NULL), m_attrFilter(NULL), m_attrResolver(NULL),\r
m_credResolver(NULL), m_partyDefault(NULL), m_sessionInitDefault(NULL), m_acsDefault(NULL)\r
{\r
#ifdef _DEBUG\r
m_hash+=getString("entityID").second;\r
m_hash=samlConf.hashSHA1(m_hash.c_str(), true);\r
\r
+ pair<bool,const char*> attributes = getString("REMOTE_USER");\r
+ if (attributes.first) {\r
+ char* dup = strdup(attributes.second);\r
+ char* pos;\r
+ char* start = dup;\r
+ while (start && *start) {\r
+ while (*start && isspace(*start))\r
+ start++;\r
+ if (!*start)\r
+ break;\r
+ pos = strchr(start,' ');\r
+ if (pos)\r
+ *pos=0;\r
+ m_attributeIds.insert(start);\r
+ start = pos ? pos+1 : NULL;\r
+ }\r
+ free(dup);\r
+ }\r
+\r
const PropertySet* sessions = getPropertySet("Sessions");\r
\r
// Process handlers.\r
}\r
}\r
\r
+ child = XMLHelper::getFirstChildElement(e,_AttributeFilter);\r
+ if (child) {\r
+ auto_ptr_char type(child->getAttributeNS(NULL,_type));\r
+ log.info("building AttributeFilter of type %s...",type.get());\r
+ try {\r
+ m_attrFilter = conf.AttributeFilterManager.newPlugin(type.get(),child);\r
+ }\r
+ catch (exception& ex) {\r
+ log.crit("error building AttributeFilter: %s", ex.what());\r
+ }\r
+ }\r
+\r
child = XMLHelper::getFirstChildElement(e,_AttributeResolver);\r
if (child) {\r
auto_ptr_char type(child->getAttributeNS(NULL,_type));\r
for_each(m_handlers.begin(),m_handlers.end(),xmltooling::cleanup<Handler>());\r
delete m_credResolver;\r
delete m_attrResolver;\r
+ delete m_attrFilter;\r
delete m_attrExtractor;\r
delete m_trust;\r
delete m_metadata;\r