projects / shibboleth / cpp-sp.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: ae9eb23)
https://issues.shibboleth.net/jira/browse/SSPCPP-103
authorScott Cantor <cantor.2@osu.edu>
Fri, 30 Oct 2009 03:58:02 +0000 (03:58 +0000)
committerScott Cantor <cantor.2@osu.edu>
Fri, 30 Oct 2009 03:58:02 +0000 (03:58 +0000)
adfs/listener.cpp patch | blob | history
shib-target/MemoryListener.cpp patch | blob | history
shib-target/shib-ccache.cpp patch | blob | history
shib-target/shib-target.cpp patch | blob | history
shib/Makefile.am patch | blob | history
shib/ShibBrowserProfile.cpp patch | blob | history

diff --git a/adfs/listener.cpp b/adfs/listener.cpp
index 890ac27..5b6a0a1 100644 (file)
--- a/adfs/listener.cpp
+++ b/adfs/listener.cpp
@@ -1,5 +1,5 @@
 /*
- *  Copyright 2001-2005 Internet2
+ *  Copyright 2001-2009 Internet2
  * 
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -365,7 +365,11 @@ void ADFSListener::sessionNew(
     }
 
     auto_ptr_char oname(role->getEntityDescriptor()->getId());
-    auto_ptr_char hname(bpr.authnStatement->getSubject()->getNameIdentifier()->getName());
+    auto_ptr_char hname(
+        bpr.authnStatement->getSubject()->getNameIdentifier() ?
+            bpr.authnStatement->getSubject()->getNameIdentifier()->getName() :
+                NULL
+        );
 
     try {
         // Create a new session key.
@@ -423,7 +427,7 @@ void ADFSListener::sessionNew(
         ") at (ClientAddress: " <<
             ip <<
         ") with (NameIdentifier: " <<
-            hname.get() <<
+            (hname.get() ? hname.get() : "none") <<
         ")";
     //stc.releaseTransactionLog();
 }
diff --git a/shib-target/MemoryListener.cpp b/shib-target/MemoryListener.cpp
index 79b8129..0bb6a33 100644 (file)
--- a/shib-target/MemoryListener.cpp
+++ b/shib-target/MemoryListener.cpp
@@ -1,5 +1,5 @@
 /*
- *  Copyright 2001-2005 Internet2
+ *  Copyright 2001-2009 Internet2
  * 
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -232,7 +232,11 @@ void MemoryListener::sessionNew(
     }
 
     auto_ptr_char oname(role->getEntityDescriptor()->getId());
-    auto_ptr_char hname(bpr.authnStatement->getSubject()->getNameIdentifier()->getName());
+    auto_ptr_char hname(
+        bpr.authnStatement->getSubject()->getNameIdentifier() ?
+            bpr.authnStatement->getSubject()->getNameIdentifier()->getName()
+                : NULL
+        );
 
     try {
         // Create a new session key.
@@ -286,7 +290,7 @@ void MemoryListener::sessionNew(
         ") at (ClientAddress: " <<
             ip <<
         ") with (NameIdentifier: " <<
-            hname.get() <<
+            (hname.get() ? hname.get() : "none") <<
         ")";
 
     stc.releaseTransactionLog();
diff --git a/shib-target/shib-ccache.cpp b/shib-target/shib-ccache.cpp
index af3ea0e..8184158 100644 (file)
--- a/shib-target/shib-ccache.cpp
+++ b/shib-target/shib-ccache.cpp
@@ -1,5 +1,5 @@
 /*
- *  Copyright 2001-2005 Internet2
+ *  Copyright 2001-2009 Internet2
  * 
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -487,8 +487,8 @@ InternalCCacheEntry::InternalCCacheEntry(
 
   m_cache->log->info("new session created with session ID (%s)", key);
   if (m_cache->log->isDebugEnabled()) {
-      auto_ptr_char h(s->getSubject()->getNameIdentifier()->getName());
-      m_cache->log->debug("NameID (%s), IdP (%s), Address (%s)", h.get(), providerId, client_addr);
+      auto_ptr_char h(s->getSubject()->getNameIdentifier() ? s->getSubject()->getNameIdentifier()->getName() : NULL);
+      m_cache->log->debug("NameID (%s), IdP (%s), Address (%s)", (h.get() ? h.get() : "none"), providerId, client_addr);
   }
 }
 
@@ -646,6 +646,11 @@ pair<SAMLResponse*,SAMLResponse*> InternalCCacheEntry::getNewResponse()
     m_lastRetry=now;
 
     m_cache->log->debug("trying to get new attributes for session (ID=%s)", m_id.c_str());
+
+    if (!m_auth_statement->getSubject()->getNameIdentifier()) {
+        m_cache->log->info("no NameIdentifier available");
+        return pair<SAMLResponse*,SAMLResponse*>(NULL,NULL);
+    }
     
     // Transaction Logging
     STConfig& stc=static_cast<STConfig&>(ShibTargetConfig::getConfig());
diff --git a/shib-target/shib-target.cpp b/shib-target/shib-target.cpp
index b04f341..27920f3 100644 (file)
--- a/shib-target/shib-target.cpp
+++ b/shib-target/shib-target.cpp
@@ -610,7 +610,7 @@ pair<bool,void*> ShibTarget::doExportAssertions(bool requireSession)
         Iterator<IAAP*> provs=m_priv->m_app->getAAPProviders();
 
         // Export NameID?
-        while (provs.hasNext()) {
+        while (provs.hasNext() && m_priv->m_cacheEntry->getAuthnStatement()->getSubject()->getNameIdentifier()) {
             IAAP* aap=provs.next();
             Locker locker(aap);
             const XMLCh* format = m_priv->m_cacheEntry->getAuthnStatement()->getSubject()->getNameIdentifier()->getFormat();
diff --git a/shib/Makefile.am b/shib/Makefile.am
index bd2375f..9d8c4fb 100644 (file)
--- a/shib/Makefile.am
+++ b/shib/Makefile.am
@@ -22,7 +22,7 @@ libshib_la_SOURCES = \
 
 # this is different from the project version
 # http://sources.redhat.com/autobook/autobook/autobook_91.html
-libshib_la_LDFLAGS = -version-info 6:3:0
+libshib_la_LDFLAGS = -version-info 6:4:0
 
 install-exec-hook:
        for la in $(lib_LTLIBRARIES) ; do rm -f $(DESTDIR)$(libdir)/$$la ; done
diff --git a/shib/ShibBrowserProfile.cpp b/shib/ShibBrowserProfile.cpp
index 10f8467..b867129 100644 (file)
--- a/shib/ShibBrowserProfile.cpp
+++ b/shib/ShibBrowserProfile.cpp
@@ -1,5 +1,5 @@
 /*
- *  Copyright 2001-2005 Internet2
+ *  Copyright 2001-2009 Internet2
  * 
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -18,8 +18,6 @@
 
    Scott Cantor
    2/6/05
-
-   $History:$
 */
 
 #include "internal.h"
@@ -98,7 +96,11 @@ SAMLBrowserProfile::BrowserProfileResponse ShibBrowserProfile::receive(
     // No metadata at all.
     if (!provider) {
         auto_ptr_char issuer(bpr.assertion->getIssuer());
-        auto_ptr_char nq(bpr.authnStatement->getSubject()->getNameIdentifier()->getNameQualifier());
+        auto_ptr_char nq(
+            bpr.authnStatement->getSubject()->getNameIdentifier() ?
+                bpr.authnStatement->getSubject()->getNameIdentifier()->getNameQualifier()
+                    : NULL
+            );
         log.error("assertion issuer not found in metadata (Issuer='%s', NameQualifier='%s')",
             issuer.get(), (nq.get() ? nq.get() : "none"));
         
@@ -160,7 +162,11 @@ SAMLBrowserProfile::BrowserProfileResponse ShibBrowserProfile::receive(
     }
 
     auto_ptr_char issuer(bpr.assertion->getIssuer());
-    auto_ptr_char nq(bpr.authnStatement->getSubject()->getNameIdentifier()->getNameQualifier());
+    auto_ptr_char nq(
+        bpr.authnStatement->getSubject()->getNameIdentifier() ?
+            bpr.authnStatement->getSubject()->getNameIdentifier()->getNameQualifier()
+                : NULL
+        );
     log.error("metadata for assertion issuer indicates no SAML 1.%d identity provider role (Issuer='%s', NameQualifier='%s'",
         minorVersion, issuer.get(), (nq.get() ? nq.get() : "none"));
     bpr.clear();
Unnamed repository; edit this file 'description' to name the repository.