AC_SUBST(SHIBSP_LIBS)
fi
])dnl
+
+AC_DEFUN([AX_CHECK_SHIBRESOLVER],
+[AC_MSG_CHECKING(for Shibboleth resolver implementation)
+SHIBRESOLVER_DIR=
+found_shibresolver="no"
+AC_ARG_WITH(shibresolver,
+ AC_HELP_STRING([--with-shibresolver],
+ [Use Shibboleth resolver (in specified installation directory)]),
+ [check_shibresolver_dir="$withval"],
+ [check_shibresolver_dir=])
+for dir in $check_shibresolver_dir /usr /usr/local ; do
+ shibresolverdir="$dir"
+ if test -f "$dir/include/shibresolver/resolver.h"; then
+ found_shibresolver="yes";
+ SHIBRESOLVER_DIR="${shibresolverdir}"
+ SHIBRESOLVER_CXXFLAGS="-I$shibresolverdir/include";
+ break;
+ fi
+done
+AC_MSG_RESULT($found_shibresolver)
+if test x_$found_shibresolver != x_yes; then
+ AC_MSG_ERROR([
+----------------------------------------------------------------------
+ Cannot find Shibboleth resolver libraries.
+
+ Please install Shibboleth or specify installation directory with
+ --with-shibresolver=(dir).
+----------------------------------------------------------------------
+])
+else
+ printf "Shibboleth resolver found in $shibresolverdir\n";
+ SHIBRESOLVER_LIBS="-lshibresolver";
+ SHIBRESOLVER_LDFLAGS="-L$shibresolverdir/lib";
+ AC_SUBST(SHIBRESOLVER_CXXFLAGS)
+ AC_SUBST(SHIBRESOLVER_LDFLAGS)
+ AC_SUBST(SHIBRESOLVER_LIBS)
+fi
+])dnl
+++ /dev/null
-/*
- * Copyright 2010 Project Moonshot
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-/**
- * @file shibresolver/resolver.h
- *
- * An embeddable component interface to Shibboleth SP attribute processing.
- */
-
-#ifndef __shibresolver_h__
-#define __shibresolver_h__
-
-#if 0
-#include <shibresolver/base.h>
-#else
-#define SHIBRESOLVER_API SHIBSP_API
-#endif
-
-#include <string>
-#include <vector>
-
-namespace xmltooling {
- class XMLTOOL_API XMLObject;
-};
-
-namespace opensaml {
- namespace saml2 {
- class SAML_API Assertion;
- class SAML_API NameID;
- };
-};
-
-namespace shibsp {
- class SHIBSP_API Attribute;
-};
-
-namespace shibresolver {
-
-#if defined (_MSC_VER)
- #pragma warning( push )
- #pragma warning( disable : 4250 4251 )
-#endif
-
- /**
- * An embeddable component interface to Shibboleth SP attribute processing.
- */
- class SHIBRESOLVER_API ShibbolethResolver
- {
- MAKE_NONCOPYABLE(ShibbolethResolver);
- protected:
- ShibbolethResolver() {}
- public:
- ~ShibbolethResolver() {}
-
- /**
- * Sets the application ID to use for resolution.
- *
- * @param appID identifies an application in the SP configuration
- */
- void setApplicationID(const char* appID) {}
-
- /**
- * Sets the identity issuer to use for resolution.
- *
- * @param issuer entityID of the identity "source", if known
- */
- void setIssuer(const char* issuer) {}
-
- /**
- * Adds a SAML token as input to the resolver.
- * <p>The caller retains ownership of the object.
- *
- * @param token an input token to evaluate
- */
- void addToken(
-#ifdef SHIBSP_LITE
- const xmltooling::XMLObject* token
-#else
- const opensaml::saml2::Assertion* token
-#endif
- ) {}
-
- /**
- * Adds an Attribute as input to the resolver.
- * <p>The caller retains ownership of the object, but it MAY be modified
- * during the resolution process.
- *
- * @param attr an input attribute
- */
- void addAttribute(shibsp::Attribute* attr) {}
-
- /**
- * Resolves attributes and returns them in the supplied array.
- * <p>The caller is responsible for freeing them.
- *
- * @param attrs array to populate
- */
- void resolveAttributes(std::vector<shibsp::Attribute*>& attrs) {}
-
- /**
- * Initializes SP runtime objects based on an XML configuration string or a configuration pathname.
- * <p>Each process using the library MUST call this function exactly once before using any library classes.
- *
- * @param config a snippet of XML to parse (it <strong>MUST</strong> contain a type attribute) or a pathname
- * @param rethrow true iff caught exceptions should be rethrown instead of just returning the status
- * @return true iff initialization was successful
- */
- static bool init(const char* config=NULL, bool rethrow=false) { return true; }
-
- /**
- * Shuts down runtime.
- *
- * Each process using the library SHOULD call this function exactly once before terminating itself.
- */
- static void term() {}
-
- /**
- * Returns a ShibbolethResolver instance.
- *
- * @return a ShibbolethResolver instance, must be freed by the caller.
- */
- static ShibbolethResolver* create() { return new ShibbolethResolver(); }
-
- protected:
- /** Application ID. */
- std::string m_appID;
-
- /** Source of identity, if known. */
- std::string m_issuer;
-
- /** Input tokens. */
-#ifdef SHIBSP_LITE
- std::vector<const xmltooling::XMLObject*> m_tokens;
-#else
- std::vector<const opensaml::saml2::Assertion*> m_tokens;
-#endif
- /** Input attributes. */
- std::vector<shibsp::Attribute*> m_attributes;
- };
-
-#if defined (_MSC_VER)
- #pragma warning( pop )
-#endif
-
-};
-
-#endif /* __shibresolver_h__ */
#include <shibsp/metadata/MetadataProviderCriteria.h>
#include <shibsp/util/SPConstants.h>
-#include <saml/saml1/core/Assertions.h>
-#include <saml/saml2/core/Assertions.h>
-#include <saml/saml2/metadata/Metadata.h>
-#include <xercesc/util/XMLUniDefs.hpp>
-#include <xmltooling/XMLToolingConfig.h>
-#include <xmltooling/util/XMLHelper.h>
-
-#include "resolver.h"
+#include <shibresolver/resolver.h>
using namespace shibsp;
using namespace shibresolver;
const gss_eap_saml_assertion_provider *saml;
const gss_eap_radius_attr_provider *radius;
gss_buffer_desc nameBuf = GSS_C_EMPTY_BUFFER;
- ShibbolethResolver *resolver = NULL;
+ ShibbolethResolver *resolver;
OM_uint32 minor;
if (!gss_eap_attr_provider::initFromGssContext(manager, gssCred, gssCtx))
radius = static_cast<const gss_eap_radius_attr_provider *>
(manager->getProvider(ATTR_TYPE_RADIUS));
+ resolver = ShibbolethResolver::create();
+
if (gssCred != GSS_C_NO_CREDENTIAL &&
gss_display_name(&minor, gssCred->name, &nameBuf, NULL) == GSS_S_COMPLETE)
resolver->setApplicationID((const char *)nameBuf.value);
m_authenticated = saml->authenticated();
}
- resolver->resolveAttributes(m_attributes);
+ resolver->resolve();
+
+ m_attributes = resolver->getResolvedAttributes();
+ resolver->getResolvedAttributes().clear();
gss_release_buffer(&minor, &nameBuf);
gss_eap_shib_attr_provider::finalize(void)
{
gss_eap_attr_ctx::unregisterProvider(ATTR_TYPE_LOCAL);
- ShibbolethResolver::term();
+// ShibbolethResolver::term();
}
gss_eap_attr_provider *