X-Git-Url: http://www.project-moonshot.org/gitweb/?p=shibboleth%2Fcpp-opensaml.git;a=blobdiff_plain;f=saml%2Fsaml2%2Fbinding%2Fimpl%2FSAML2POSTEncoder.cpp;h=0ae74080deff879eb80b4e504300df7f337afb53;hp=8f122e01c6c829d9769e7e9a61a167bab39e255a;hb=54b7006826fd06e8e2bc251aaba38cccc85b3936;hpb=b5b26ae562b0317264119a51aa9de40674af1dea diff --git a/saml/saml2/binding/impl/SAML2POSTEncoder.cpp b/saml/saml2/binding/impl/SAML2POSTEncoder.cpp index 8f122e0..0ae7408 100644 --- a/saml/saml2/binding/impl/SAML2POSTEncoder.cpp +++ b/saml/saml2/binding/impl/SAML2POSTEncoder.cpp @@ -1,5 +1,5 @@ /* - * Copyright 2001-2007 Internet2 + * Copyright 2001-2009 Internet2 * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -17,7 +17,7 @@ /** * SAML2POSTEncoder.cpp * - * SAML 2.0 HTTP-POST binding message encoder + * SAML 2.0 HTTP-POST binding message encoder. */ #include "internal.h" @@ -29,7 +29,13 @@ #include #include #include +#include #include +#include +#include +#include +#include +#include #include #include #include @@ -109,12 +115,12 @@ long SAML2POSTEncoder::encode( xmltooling::NDC ndc("encode"); #endif Category& log = Category::getInstance(SAML_LOGCAT".MessageEncoder.SAML2POST"); + log.debug("validating input"); TemplateEngine* engine = XMLToolingConfig::getConfig().getTemplateEngine(); - if (!engine) - throw BindingException("Encoding message using POST requires a TemplateEngine instance."); - - log.debug("validating input"); + if (!engine || !destination) + throw BindingException("Encoding message using POST requires a TemplateEngine instance and a destination."); + HTTPResponse::sanitizeURL(destination); if (xmlObject->getParent()) throw BindingException("Cannot encode XML content with parent."); @@ -183,24 +189,32 @@ long SAML2POSTEncoder::encode( if (keyInfo.get()) { string& kstring = pmap.m_map["KeyInfo"]; XMLHelper::serialize(keyInfo->marshall((DOMDocument*)NULL), kstring); - unsigned int len=0; + xsecsize_t len=0; XMLByte* out=Base64::encode(reinterpret_cast(kstring.data()),kstring.size(),&len); if (!out) throw BindingException("Base64 encoding of XML failed."); kstring.erase(); kstring.append(reinterpret_cast(out),len); +#ifdef OPENSAML_XERCESC_HAS_XMLBYTE_RELEASE XMLString::release(&out); +#else + XMLString::release((char**)&out); +#endif } } // Base64 the message. - unsigned int len=0; + xsecsize_t len=0; XMLByte* out=Base64::encode(reinterpret_cast(msg.data()),msg.size(),&len); if (!out) throw BindingException("Base64 encoding of XML failed."); msg.erase(); msg.append(reinterpret_cast(out),len); +#ifdef OPENSAML_XERCESC_HAS_XMLBYTE_RELEASE XMLString::release(&out); +#else + XMLString::release((char**)&out); +#endif // Push the rest of it into template and send result to client. log.debug("message encoded, sending HTML form template to client"); @@ -213,6 +227,12 @@ long SAML2POSTEncoder::encode( stringstream s; engine->run(infile, s, pmap); genericResponse.setContentType("text/html"); + HTTPResponse* httpResponse = dynamic_cast(&genericResponse); + if (httpResponse) { + httpResponse->setResponseHeader("Expires", "01-Jan-1997 12:00:00 GMT"); + httpResponse->setResponseHeader("Cache-Control", "no-cache, no-store, must-revalidate, private"); + httpResponse->setResponseHeader("Pragma", "no-cache"); + } long ret = genericResponse.sendResponse(s); // Cleanup by destroying XML.