From: Scott Cantor Date: Wed, 2 Jul 2008 19:06:36 +0000 (+0000) Subject: Add setting to limit metadata caching. X-Git-Tag: 2.1.0~14 X-Git-Url: http://www.project-moonshot.org/gitweb/?p=shibboleth%2Fcpp-opensaml.git;a=commitdiff_plain;h=807f7429a14b87055f56c6e7171ec7aae5def13f Add setting to limit metadata caching. --- diff --git a/saml/saml2/metadata/DynamicMetadataProvider.h b/saml/saml2/metadata/DynamicMetadataProvider.h index 7ca322c..fb9968b 100644 --- a/saml/saml2/metadata/DynamicMetadataProvider.h +++ b/saml/saml2/metadata/DynamicMetadataProvider.h @@ -1,6 +1,6 @@ /* * Copyright 2001-2007 Internet2 - * + * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -16,7 +16,7 @@ /** * @file saml/saml2/metadata/DynamicMetadataProvider.h - * + * * Simple implementation of a dynamic caching MetadataProvider. */ @@ -36,7 +36,7 @@ namespace opensaml { public: /** * Constructor. - * + * * @param e DOM to supply configuration for provider */ DynamicMetadataProvider(const xercesc::DOMElement* e=NULL); @@ -65,9 +65,12 @@ namespace opensaml { /** Controls XML schema validation. */ bool m_validate; + /** Caps the allowable cache duration of a metadata instance. */ + time_t m_maxCacheDuration; + /** * Resolves an entityID into a metadata instance for that entity. - * + * * @param entityID entity ID to resolve * @return a valid metadata instance */ @@ -76,7 +79,7 @@ namespace opensaml { private: mutable xmltooling::RWLock* m_lock; }; - + }; }; diff --git a/saml/saml2/metadata/impl/DynamicMetadataProvider.cpp b/saml/saml2/metadata/impl/DynamicMetadataProvider.cpp index 835a2ed..4ccd536 100644 --- a/saml/saml2/metadata/impl/DynamicMetadataProvider.cpp +++ b/saml/saml2/metadata/impl/DynamicMetadataProvider.cpp @@ -1,6 +1,6 @@ /* * Copyright 2001-2007 Internet2 - * + * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -16,7 +16,7 @@ /** * DynamicMetadataProvider.cpp - * + * * Simple implementation of a dynamic caching MetadataProvider. */ @@ -36,7 +36,12 @@ using namespace xmltooling::logging; using namespace xmltooling; using namespace std; -static const XMLCh validate[] = UNICODE_LITERAL_8(v,a,l,i,d,a,t,e); +# ifndef min +# define min(a,b) (((a) < (b)) ? (a) : (b)) +# endif + +static const XMLCh maxCacheDuration[] = UNICODE_LITERAL_16(m,a,x,C,a,c,h,e,D,u,r,a,t,i,o,n); +static const XMLCh validate[] = UNICODE_LITERAL_8(v,a,l,i,d,a,t,e); namespace opensaml { namespace saml2md { @@ -48,10 +53,13 @@ namespace opensaml { }; DynamicMetadataProvider::DynamicMetadataProvider(const DOMElement* e) - : AbstractMetadataProvider(e), m_lock(RWLock::create()) + : AbstractMetadataProvider(e), m_maxCacheDuration(0), m_lock(RWLock::create()) { const XMLCh* flag=e ? e->getAttributeNS(NULL,validate) : NULL; m_validate=(XMLString::equals(flag,xmlconstants::XML_TRUE) || XMLString::equals(flag,xmlconstants::XML_ONE)); + flag = e ? e->getAttributeNS(NULL,maxCacheDuration) : NULL; + if (flag && *flag) + m_maxCacheDuration = XMLString::parseInt(flag); } DynamicMetadataProvider::~DynamicMetadataProvider() @@ -93,7 +101,7 @@ pair DynamicMetadataProvider::get // Translate cacheDuration into validUntil. if (entity2->getCacheDuration()) - entity2->setValidUntil(time(NULL) + entity2->getCacheDurationEpoch()); + entity2->setValidUntil(time(NULL) + min(m_maxCacheDuration, entity2->getCacheDurationEpoch())); // Upgrade our lock so we can cache the new metadata. m_lock->unlock(); @@ -127,7 +135,7 @@ EntityDescriptor* DynamicMetadataProvider::resolve(const char* entityID) const // Wrap the document for now. XercesJanitor docjanitor(doc); - + // Unmarshall objects, binding the document. auto_ptr xmlObject(XMLObjectBuilder::buildOneFromElement(doc->getDocumentElement(), true)); docjanitor.release();