#include <shibsp/attribute/Attribute.h>
#include <shibsp/attribute/resolver/ResolutionContext.h>
#include <shibsp/handler/AssertionConsumerService.h>
+#include <shibsp/metadata/MetadataProviderCriteria.h>
#include <shibsp/util/SPConstants.h>
#include <saml/saml1/core/Assertions.h>
}
private:
- string implementProtocol(
+ void implementProtocol(
const Application& application,
const HTTPRequest& httpRequest,
+ HTTPResponse& httpResponse,
SecurityPolicy& policy,
const PropertySet* settings,
const XMLObject& xmlObject
char* i_param=NULL;
char* prot = NULL;
const XMLCh* protocol = NULL;
- char* path=NULL;
- char* config=NULL;
for (int i=1; i<argc; i++) {
if (!strcmp(argv[i],"-n") && i+1<argc)
if (n_param && !i_param) {
usage();
- exit(-10);
+ return -10;
}
- path=getenv("SHIBSP_SCHEMAS");
- if (!path)
- path=SHIBSP_SCHEMAS;
- config=getenv("SHIBSP_CONFIG");
- if (!config)
- config=SHIBSP_CONFIG;
if (!a_param)
a_param="default";
- XMLToolingConfig::getConfig().log_config(getenv("SHIBSP_LOGGING") ? getenv("SHIBSP_LOGGING") : SHIBSP_LOGGING);
-
- SPConfig& conf=SPConfig::getConfig();
- conf.setFeatures(
- SPConfig::Metadata |
- SPConfig::Trust |
- SPConfig::AttributeResolution |
- SPConfig::Credentials |
- SPConfig::OutOfProcess
- );
- if (!conf.init(path))
- return -1;
-
if (n_param) {
if (!protocol) {
if (prot)
protocol = XMLString::transcode(prot);
}
if (!protocol) {
- conf.term();
usage();
- exit(-10);
+ return -10;
}
}
-
- try {
- static const XMLCh path[] = UNICODE_LITERAL_4(p,a,t,h);
- static const XMLCh validate[] = UNICODE_LITERAL_8(v,a,l,i,d,a,t,e);
- xercesc::DOMDocument* dummydoc=XMLToolingConfig::getConfig().getParser().newDocument();
- XercesJanitor<xercesc::DOMDocument> docjanitor(dummydoc);
- xercesc::DOMElement* dummy = dummydoc->createElementNS(NULL,path);
- auto_ptr_XMLCh src(config);
- dummy->setAttributeNS(NULL,path,src.get());
- dummy->setAttributeNS(NULL,validate,xmlconstants::XML_ONE);
- conf.setServiceProvider(conf.ServiceProviderManager.newPlugin(XML_SERVICE_PROVIDER,dummy));
- conf.getServiceProvider()->init();
- }
- catch (exception&) {
+ SPConfig& conf=SPConfig::getConfig();
+ conf.setFeatures(
+ SPConfig::Metadata |
+ SPConfig::Trust |
+ SPConfig::AttributeResolution |
+ SPConfig::Credentials |
+ SPConfig::OutOfProcess
+ );
+ if (!conf.init())
+ return -1;
+ if (!conf.instantiate()) {
conf.term();
return -2;
}
MetadataProvider* m=app->getMetadataProvider();
xmltooling::Locker mlocker(m);
- const EntityDescriptor* site=m->getEntityDescriptor(issuer.get());
- if (!site)
+ MetadataProviderCriteria mc(*app, i_param, &IDPSSODescriptor::ELEMENT_QNAME, protocol);
+ pair<const EntityDescriptor*,const RoleDescriptor*> site=m->getEntityDescriptor(mc);
+ if (!site.first)
throw MetadataException("Unable to locate metadata for IdP ($1).", params(1,i_param));
// Build NameID(s).
ResolverTest rt(NULL, a_param);
try {
- ctx = rt.resolveAttributes(*app, site->getIDPSSODescriptor(protocol), protocol, v1name, v2name.get(), NULL, NULL, NULL);
+ ctx = rt.resolveAttributes(*app, site.second, protocol, v1name, v2name.get(), NULL, NULL, NULL);
}
catch (...) {
delete v1name;
MetadataProvider* m=app->getMetadataProvider();
xmltooling::Locker mlocker(m);
- const EntityDescriptor* site=m->getEntityDescriptor(issuer);
- if (!site) {
+ MetadataProviderCriteria mc(*app, issuer, &IDPSSODescriptor::ELEMENT_QNAME, protocol);
+ pair<const EntityDescriptor*,const RoleDescriptor*> site=m->getEntityDescriptor(mc);
+ if (!site.first) {
auto_ptr_char temp(issuer);
throw MetadataException("Unable to locate metadata for IdP ($1).", params(1,temp.get()));
}
vector<const Assertion*> tokens(1, dynamic_cast<Assertion*>(token.get()));
ResolverTest rt(NULL, a_param);
try {
- ctx = rt.resolveAttributes(*app, site->getIDPSSODescriptor(protocol), protocol, v1name, v2name, NULL, NULL, &tokens);
+ ctx = rt.resolveAttributes(*app, site.second, protocol, v1name, v2name, NULL, NULL, &tokens);
}
catch (...) {
if (v1name)