class XMLAAPImpl : public ReloadableXMLFileImpl
{
public:
- XMLAAPImpl(const char* pathname);
+ XMLAAPImpl(const char* pathname) : ReloadableXMLFileImpl(pathname) { init(); }
+ XMLAAPImpl(const DOMElement* e) : ReloadableXMLFileImpl(e) { init(); }
+ void init();
~XMLAAPImpl();
class AttributeRule : public IAttributeRule
class XMLAAP : public IAAP, public ReloadableXMLFile
{
public:
- XMLAAP(const char* pathname) : ReloadableXMLFile(pathname) {}
+ XMLAAP(const DOMElement* e) : ReloadableXMLFile(e) {}
~XMLAAP() {}
const IAttributeRule* lookup(const XMLCh* attrName, const XMLCh* attrNamespace=NULL) const;
protected:
virtual ReloadableXMLFileImpl* newImplementation(const char* pathname) const;
+ virtual ReloadableXMLFileImpl* newImplementation(const DOMElement* e) const;
};
}
-extern "C" IAAP* XMLAAPFactory(const char* source)
+extern "C" IAAP* XMLAAPFactory(const DOMElement* e)
{
- XMLAAP* aap=new XMLAAP(source);
+ XMLAAP* aap=new XMLAAP(e);
try
{
aap->getImplementation();
delete aap;
throw;
}
- return aap;
+ return aap;
+}
+
+ReloadableXMLFileImpl* XMLAAP::newImplementation(const DOMElement* e) const
+{
+ return new XMLAAPImpl(e);
}
ReloadableXMLFileImpl* XMLAAP::newImplementation(const char* pathname) const
return new XMLAAPImpl(pathname);
}
-XMLAAPImpl::XMLAAPImpl(const char* pathname) : ReloadableXMLFileImpl(pathname)
+void XMLAAPImpl::init()
{
NDC ndc("XMLAAPImpl");
Category& log=Category::getInstance(SHIB_LOGCAT".XMLAAPImpl");
try
{
- DOMElement* e = m_doc->getDocumentElement();
- if (XMLString::compareString(XML::SHIB_NS,e->getNamespaceURI()) ||
- XMLString::compareString(SHIB_L(AttributeAcceptancePolicy),e->getLocalName()))
+ if (XMLString::compareString(XML::SHIB_NS,m_root->getNamespaceURI()) ||
+ XMLString::compareString(SHIB_L(AttributeAcceptancePolicy),m_root->getLocalName()))
{
log.error("Construction requires a valid AAP file: (shib:AttributeAcceptancePolicy as root element)");
throw MalformedException("Construction requires a valid AAP file: (shib:AttributeAcceptancePolicy as root element)");
}
// Loop over the AttributeRule elements.
- DOMNodeList* nlist = e->getElementsByTagNameNS(XML::SHIB_NS,SHIB_L(AttributeRule));
+ DOMNodeList* nlist = m_root->getElementsByTagNameNS(XML::SHIB_NS,SHIB_L(AttributeRule));
for (int i=0; nlist && i<nlist->getLength(); i++)
{
AttributeRule* rule=new AttributeRule(static_cast<DOMElement*>(nlist->item(i)));
using namespace log4cpp;
using namespace std;
-ReloadableXMLFileImpl::ReloadableXMLFileImpl(const char* pathname) : m_doc(NULL)
+ReloadableXMLFileImpl::ReloadableXMLFileImpl(const DOMElement* e) : m_doc(NULL), m_root(saml::XML::getFirstChildElement(e)) {}
+
+ReloadableXMLFileImpl::ReloadableXMLFileImpl(const char* pathname) : m_doc(NULL), m_root(NULL)
{
NDC ndc("ReloadableXMLFileImpl");
Category& log=Category::getInstance(SHIB_LOGCAT".ReloadableXMLFileImpl");
URLInputSource src(base,pathname);
Wrapper4InputSource dsrc(&src,false);
m_doc=p.parse(dsrc);
+ m_root=m_doc->getDocumentElement();
log.infoStream() << "Loaded and parsed XML file (" << pathname << ")" << CategoryStream::ENDLINE;
}
m_doc->release();
}
-ReloadableXMLFile::ReloadableXMLFile(const char* pathname) : m_filestamp(0), m_source(pathname), m_impl(NULL), m_lock(NULL)
+ReloadableXMLFile::ReloadableXMLFile(const DOMElement* e) : m_root(e), m_impl(NULL), m_filestamp(0), m_lock(NULL)
{
+ const XMLCh* pathname=e->getAttributeNS(NULL,shibboleth::XML::Literals::url);
+ if (pathname && *pathname)
+ {
+ auto_ptr_char temp(pathname);
+ m_source=temp.get();
+
#ifdef WIN32
- struct _stat stat_buf;
- if (_stat(pathname, &stat_buf) == 0)
+ struct _stat stat_buf;
+ if (_stat(m_source.c_str(), &stat_buf) == 0)
#else
- struct stat stat_buf;
- if (stat(pathname, &stat_buf) == 0)
+ struct stat stat_buf;
+ if (stat(m_source.c_str(), &stat_buf) == 0)
#endif
- m_filestamp=stat_buf.st_mtime;
- m_lock=RWLock::create();
+ m_filestamp=stat_buf.st_mtime;
+ m_lock=RWLock::create();
+ }
}
void ReloadableXMLFile::lock()
{
+ if (!m_lock)
+ return;
+
m_lock->rdlock();
// Check if we need to refresh.
ReloadableXMLFileImpl* ReloadableXMLFile::getImplementation() const
{
- if (!m_impl)
- m_impl=newImplementation(m_source.c_str());
+ if (!m_impl) {
+ if (m_source.empty())
+ m_impl=newImplementation(m_root);
+ else
+ m_impl=newImplementation(m_source.c_str());
+ }
return m_impl;
}
ShibConfig::~ShibConfig() {}
// Metadata Factories
-extern "C" IMetadata* XMLMetadataFactory(const char* source);
-extern "C" ITrust* XMLTrustFactory(const char* source);
-extern "C" ICredentials* XMLCredentialsFactory(const char* source);
+extern "C" IMetadata* XMLMetadataFactory(const DOMElement* source);
+extern "C" ITrust* XMLTrustFactory(const DOMElement* source);
+extern "C" ICredentials* XMLCredentialsFactory(const DOMElement* source);
extern "C" ICredResolver* FileCredResolverFactory(const DOMElement* e);
extern "C" ICredResolver* KeyInfoResolverFactory(const DOMElement* e);
-extern "C" IAAP* XMLAAPFactory(const char* source);
+extern "C" IAAP* XMLAAPFactory(const DOMElement* source);
+extern "C" IAAP* XMLAAPDOMFactory(const DOMElement* source);
extern "C" SAMLAttribute* ShibAttributeFactory(DOMElement* e)
{
SAMLAttribute::setFactory(&ShibAttributeFactory);
- // Register metadata factories (some duplicates for backward-compatibility)
- regFactory("edu.internet2.middleware.shibboleth.metadata.XML",&XMLMetadataFactory);
+ // Register metadata factories
regFactory("edu.internet2.middleware.shibboleth.metadata.provider.XML",&XMLMetadataFactory);
- regFactory("edu.internet2.middleware.shibboleth.trust.XML",&XMLTrustFactory);
regFactory("edu.internet2.middleware.shibboleth.trust.provider.XML",&XMLTrustFactory);
regFactory("edu.internet2.middleware.shibboleth.creds.provider.XML",&XMLCredentialsFactory);
regFactory("edu.internet2.middleware.shibboleth.creds.provider.FileCredResolver",&FileCredResolverFactory);
regFactory("edu.internet2.middleware.shibboleth.creds.provider.KeyInfoResolver",&KeyInfoResolverFactory);
- regFactory("edu.internet2.middleware.shibboleth.target.AAP.XML",&XMLAAPFactory);
regFactory("edu.internet2.middleware.shibboleth.target.AAP.provider.XML",&XMLAAPFactory);
return true;
}
}
-IMetadata* ShibInternalConfig::newMetadata(const char* type, const char* source) const
+IMetadata* ShibInternalConfig::newMetadata(const char* type, const DOMElement* source) const
{
MetadataFactoryMap::const_iterator i=m_metadataFactoryMap.find(type);
if (i==m_metadataFactoryMap.end())
return i->second(source);
}
-ITrust* ShibInternalConfig::newTrust(const char* type, const char* source) const
+ITrust* ShibInternalConfig::newTrust(const char* type, const DOMElement* source) const
{
TrustFactoryMap::const_iterator i=m_trustFactoryMap.find(type);
if (i==m_trustFactoryMap.end())
return i->second(source);
}
-ICredentials* ShibInternalConfig::newCredentials(const char* type, const char* source) const
+ICredentials* ShibInternalConfig::newCredentials(const char* type, const DOMElement* source) const
{
CredentialsFactoryMap::const_iterator i=m_credFactoryMap.find(type);
if (i==m_credFactoryMap.end())
return i->second(source);
}
-IAAP* ShibInternalConfig::newAAP(const char* type, const char* source) const
+IAAP* ShibInternalConfig::newAAP(const char* type, const DOMElement* source) const
{
AAPFactoryMap::const_iterator i=m_aapFactoryMap.find(type);
if (i==m_aapFactoryMap.end())
const XMLCh XML::Literals::xmlns_shib[]=
{ chLatin_x, chLatin_m, chLatin_l, chLatin_n, chLatin_s, chColon, chLatin_s, chLatin_h, chLatin_i, chLatin_b, chNull };
+
+const XMLCh XML::Literals::url[] = { chLatin_u, chLatin_r, chLatin_l, chNull };
\ No newline at end of file
class XMLCredentialsImpl : public ReloadableXMLFileImpl
{
public:
- XMLCredentialsImpl(const char* pathname);
+ XMLCredentialsImpl(const char* pathname) : ReloadableXMLFileImpl(pathname) { init(); }
+ XMLCredentialsImpl(const DOMElement* e) : ReloadableXMLFileImpl(e) { init(); }
+ void init();
~XMLCredentialsImpl();
typedef map<string,ICredResolver*> resolvermap_t;
class XMLCredentials : public ICredentials, public ReloadableXMLFile
{
public:
- XMLCredentials(const char* pathname) : ReloadableXMLFile(pathname) {}
+ XMLCredentials(const DOMElement* e) : ReloadableXMLFile(e) {}
~XMLCredentials() {}
bool attach(const XMLCh* subject, const ISite* relyingParty, SSL_CTX* ctx) const;
protected:
virtual ReloadableXMLFileImpl* newImplementation(const char* pathname) const;
+ virtual ReloadableXMLFileImpl* newImplementation(const DOMElement* e) const;
};
}
-extern "C" ICredentials* XMLCredentialsFactory(const char* source)
+extern "C" ICredentials* XMLCredentialsFactory(const DOMElement* e)
{
- XMLCredentials* creds=new XMLCredentials(source);
+ XMLCredentials* creds=new XMLCredentials(e);
try
{
creds->getImplementation();
return new XMLCredentialsImpl(pathname);
}
+ReloadableXMLFileImpl* XMLCredentials::newImplementation(const DOMElement* e) const
+{
+ return new XMLCredentialsImpl(e);
+}
+
XMLCredentialsImpl::KeyUse::KeyUse(resolvermap_t& resolverMap, const XMLCh* keyref, const XMLCh* certref) : m_key(NULL), m_cert(NULL)
{
auto_ptr<char> temp(XMLString::transcode(keyref));
}
}
-XMLCredentialsImpl::XMLCredentialsImpl(const char* pathname) : ReloadableXMLFileImpl(pathname)
+void XMLCredentialsImpl::init()
{
NDC ndc("XMLCredentialsImpl");
Category& log=Category::getInstance(SHIB_LOGCAT".XMLCredentialsImpl");
try
{
- DOMElement* e = m_doc->getDocumentElement();
- if (XMLString::compareString(XML::SHIB_NS,e->getNamespaceURI()) ||
- XMLString::compareString(SHIB_L(Credentials),e->getLocalName()))
+ if (XMLString::compareString(XML::SHIB_NS,m_root->getNamespaceURI()) ||
+ XMLString::compareString(SHIB_L(Credentials),m_root->getLocalName()))
{
log.error("Construction requires a valid creds file: (shib:Credentials as root element)");
throw MetadataException("Construction requires a valid creds file: (shib:Credentials as root element)");
}
// Process everything up to the first shib:KeyUse as a resolver.
- DOMElement* child=saml::XML::getFirstChildElement(e);
+ DOMElement* child=saml::XML::getFirstChildElement(m_root);
while (!saml::XML::isElementNamed(child,XML::SHIB_NS,SHIB_L(KeyUse)))
{
string cr_type;
class XMLMetadataImpl : public ReloadableXMLFileImpl
{
public:
- XMLMetadataImpl(const char* pathname);
+ XMLMetadataImpl(const char* pathname) : ReloadableXMLFileImpl(pathname) { init(); }
+ XMLMetadataImpl(const DOMElement* e) : ReloadableXMLFileImpl(e) { init(); }
+ void init();
~XMLMetadataImpl();
class ContactInfo : public IContactInfo
class XMLMetadata : public IMetadata, public ReloadableXMLFile
{
public:
- XMLMetadata(const char* pathname) : ReloadableXMLFile(pathname) {}
+ XMLMetadata(const DOMElement* e) : ReloadableXMLFile(e) {}
~XMLMetadata() {}
const ISite* lookup(const XMLCh* site) const;
protected:
virtual ReloadableXMLFileImpl* newImplementation(const char* pathname) const;
+ virtual ReloadableXMLFileImpl* newImplementation(const DOMElement* e) const;
};
}
-extern "C" IMetadata* XMLMetadataFactory(const char* source)
+extern "C" IMetadata* XMLMetadataFactory(const DOMElement* e)
{
- XMLMetadata* m=new XMLMetadata(source);
+ XMLMetadata* m=new XMLMetadata(e);
try
{
m->getImplementation();
return m;
}
+ReloadableXMLFileImpl* XMLMetadata::newImplementation(const DOMElement* e) const
+{
+ return new XMLMetadataImpl(e);
+}
+
ReloadableXMLFileImpl* XMLMetadata::newImplementation(const char* pathname) const
{
return new XMLMetadataImpl(pathname);
delete const_cast<IAuthority*>(*k);
}
-XMLMetadataImpl::XMLMetadataImpl(const char* pathname) : ReloadableXMLFileImpl(pathname)
+void XMLMetadataImpl::init()
{
NDC ndc("XMLMetadataImpl");
Category& log=Category::getInstance(SHIB_LOGCAT".XMLMetadataImpl");
try
{
- DOMElement* e = m_doc->getDocumentElement();
- if (XMLString::compareString(XML::SHIB_NS,e->getNamespaceURI()) ||
- XMLString::compareString(XML::Literals::SiteGroup,e->getLocalName()))
+ if (XMLString::compareString(XML::SHIB_NS,m_root->getNamespaceURI()) ||
+ XMLString::compareString(XML::Literals::SiteGroup,m_root->getLocalName()))
{
log.error("Construction requires a valid site file: (shib:SiteGroup as root element)");
throw MetadataException("Construction requires a valid site file: (shib:SiteGroup as root element)");
}
// Loop over the OriginSite elements.
- DOMNodeList* nlist = e->getElementsByTagNameNS(XML::SHIB_NS,XML::Literals::OriginSite);
+ DOMNodeList* nlist = m_root->getElementsByTagNameNS(XML::SHIB_NS,XML::Literals::OriginSite);
for (int i=0; nlist && i<nlist->getLength(); i++)
{
const XMLCh* os_name=static_cast<DOMElement*>(nlist->item(i))->getAttributeNS(NULL,XML::Literals::Name);
class XMLTrustImpl : public ReloadableXMLFileImpl
{
public:
- XMLTrustImpl(const char* pathname);
+ XMLTrustImpl(const char* pathname) : ReloadableXMLFileImpl(pathname) { init(); }
+ XMLTrustImpl(const DOMElement* e) : ReloadableXMLFileImpl(e) { init(); }
+ void init();
~XMLTrustImpl();
struct KeyAuthority
class XMLTrust : public ITrust, public ReloadableXMLFile
{
public:
- XMLTrust(const char* pathname) : ReloadableXMLFile(pathname) {}
+ XMLTrust(const DOMElement* e) : ReloadableXMLFile(e) {}
~XMLTrust() {}
saml::Iterator<XSECCryptoX509*> getCertificates(const XMLCh* subject) const;
protected:
virtual ReloadableXMLFileImpl* newImplementation(const char* pathname) const;
+ virtual ReloadableXMLFileImpl* newImplementation(const DOMElement* e) const;
};
}
-extern "C" ITrust* XMLTrustFactory(const char* source)
+extern "C" ITrust* XMLTrustFactory(const DOMElement* e)
{
- XMLTrust* t=new XMLTrust(source);
+ XMLTrust* t=new XMLTrust(e);
try
{
t->getImplementation();
return new XMLTrustImpl(pathname);
}
+ReloadableXMLFileImpl* XMLTrust::newImplementation(const DOMElement* e) const
+{
+ return new XMLTrustImpl(e);
+}
+
X509_STORE* XMLTrustImpl::KeyAuthority::getX509Store(bool cached)
{
// We cache them once they're built...
delete (*j);
}
-XMLTrustImpl::XMLTrustImpl(const char* pathname) : ReloadableXMLFileImpl(pathname)
+void XMLTrustImpl::init()
{
NDC ndc("XMLTrustImpl");
Category& log=Category::getInstance(SHIB_LOGCAT".XMLTrustImpl");
try
{
- DOMElement* e = m_doc->getDocumentElement();
- if (XMLString::compareString(XML::SHIB_NS,e->getNamespaceURI()) ||
- XMLString::compareString(SHIB_L(Trust),e->getLocalName()))
+ if (XMLString::compareString(XML::SHIB_NS,m_root->getNamespaceURI()) ||
+ XMLString::compareString(SHIB_L(Trust),m_root->getLocalName()))
{
log.error("Construction requires a valid trust file: (shib:Trust as root element)");
throw MetadataException("Construction requires a valid trust file: (shib:Trust as root element)");
}
// Loop over the KeyAuthority elements.
- DOMNodeList* nlist=e->getElementsByTagNameNS(XML::SHIB_NS,SHIB_L(KeyAuthority));
+ DOMNodeList* nlist=m_root->getElementsByTagNameNS(XML::SHIB_NS,SHIB_L(KeyAuthority));
for (int i=0; nlist && i<nlist->getLength(); i++)
{
KeyAuthority* ka=new KeyAuthority();
void regFactory(const char* type, AAPFactory* factory);
void unregFactory(const char* type);
- IMetadata* newMetadata(const char* type, const char* source) const;
- ITrust* newTrust(const char* type, const char* source) const;
- ICredentials* newCredentials(const char* type, const char* source) const;
- IAAP* newAAP(const char* type, const char* source) const;
+ IMetadata* newMetadata(const char* type, const DOMElement* source) const;
+ ITrust* newTrust(const char* type, const DOMElement* source) const;
+ ICredentials* newCredentials(const char* type, const DOMElement* source) const;
+ IAAP* newAAP(const char* type, const DOMElement* source) const;
ICredResolver* newCredResolver(const char* type, const DOMElement* source) const;
private:
};
extern "C" {
- typedef IMetadata* MetadataFactory(const char* source);
- typedef ITrust* TrustFactory(const char* source);
- typedef ICredentials* CredentialsFactory(const char* source);
+ typedef IMetadata* MetadataFactory(const DOMElement* source);
+ typedef ITrust* TrustFactory(const DOMElement* source);
+ typedef ICredentials* CredentialsFactory(const DOMElement* source);
typedef ICredResolver* CredResolverFactory(const DOMElement* source);
- typedef IAAP* AAPFactory(const char* source);
+ typedef IAAP* AAPFactory(const DOMElement* source);
}
class SHIB_EXPORTS ShibConfig
virtual void unregFactory(const char* type)=0;
// build a specific metadata lookup object
- virtual IMetadata* newMetadata(const char* type, const char* source) const=0;
- virtual ITrust* newTrust(const char* type, const char* source) const=0;
- virtual ICredentials* newCredentials(const char* type, const char* source) const=0;
- virtual IAAP* newAAP(const char* type, const char* source) const=0;
+ virtual IMetadata* newMetadata(const char* type, const DOMElement* source) const=0;
+ virtual ITrust* newTrust(const char* type, const DOMElement* source) const=0;
+ virtual ICredentials* newCredentials(const char* type, const DOMElement* source) const=0;
+ virtual IAAP* newAAP(const char* type, const DOMElement* source) const=0;
virtual ICredResolver* newCredResolver(const char* type, const DOMElement* source) const=0;
};
static const XMLCh administrative[];
static const XMLCh billing[];
static const XMLCh other[];
+
+ static const XMLCh url[];
// XML vocabulary
static const XMLCh xmlns_shib[];
{
public:
ReloadableXMLFileImpl(const char* pathname);
+ ReloadableXMLFileImpl(const DOMElement* pathname);
virtual ~ReloadableXMLFileImpl();
protected:
DOMDocument* m_doc;
+ const DOMElement* m_root;
};
class SHIB_EXPORTS ReloadableXMLFile : protected virtual ILockable
{
public:
- ReloadableXMLFile(const char* pathname);
+ ReloadableXMLFile(const DOMElement* e);
~ReloadableXMLFile() { delete m_lock; delete m_impl; }
virtual void lock();
- virtual void unlock() { m_lock->unlock(); }
+ virtual void unlock() { if (m_lock) m_lock->unlock(); }
ReloadableXMLFileImpl* getImplementation() const;
protected:
virtual ReloadableXMLFileImpl* newImplementation(const char* pathname) const=0;
+ virtual ReloadableXMLFileImpl* newImplementation(const DOMElement* e) const=0;
private:
+ const DOMElement* m_root;
std::string m_source;
time_t m_filestamp;
RWLock* m_lock;