/*.gz
/*.sdf
/*.opensdf
+/ipch
-->
</ISAPI>
</InProcess>
-
- <!-- Only one listener can be defined, to connect in-process modules to shibd. -->
- <UnixListener address="shibd.sock"/>
- <!-- <TCPListener address="127.0.0.1" port="12345" acl="127.0.0.1"/> -->
<!-- This set of components stores sessions and other persistent data in daemon memory. -->
<StorageService type="Memory" id="mem" cleanupInterval="900"/>
End If
FileSystemObj.MoveFile ConfigFile, DistDir & "apache22.config"
- ConfigFile = DistDir & "shibboleth2.xml"
- ReplaceInFile ConfigFile, " <UnixListener address=""shibd.sock""/>", "<!-- <UnixListener address=""shibd.sock""/> -->"
- ReplaceInFile ConfigFile, "<!-- <TCPListener address=""127.0.0.1"" port=""12345"" acl=""127.0.0.1""/> -->", "<TCPListener address=""127.0.0.1"" port=""" & ShibdPort & """ acl=""127.0.0.1""/>"
+ 'Now just copy the other non-edited files over as well (if possible)
+
If (NOT FileSystemObj.FileExists(ConfigDir & "shibboleth2.xml")) then
- FileSystemObj.CopyFile ConfigFile, ConfigDir & "shibboleth2.xml", false
+ FileSystemObj.CopyFile DistDir & "shibboleth2.xml", ConfigDir, false
End If
- 'Now just copy the other non-edited files over as well (if possible)
-
If (NOT FileSystemObj.FileExists(ConfigDir & "accessError.html")) then
FileSystemObj.CopyFile DistDir & "accessError.html", ConfigDir, false
End If
#include <xercesc/util/XMLUniDefs.hpp>
#include <xmltooling/security/SecurityHelper.h>
+#include <xmltooling/util/XMLHelper.h>
using namespace shibsp;
using namespace xmltooling;
}
AttributeDecoder::AttributeDecoder(const DOMElement *e)
- : m_caseSensitive(true), m_internal(false), m_hashAlg(e ? e->getAttributeNS(nullptr, hashAlg) : nullptr)
+ : m_caseSensitive(XMLHelper::getAttrBool(e, true, caseSensitive)),
+ m_internal(XMLHelper::getAttrBool(e, false, internal)),
+ m_hashAlg(XMLHelper::getAttrString(e, nullptr, hashAlg))
{
- if (e) {
- const XMLCh* flag = e->getAttributeNS(nullptr, caseSensitive);
- if (flag && (*flag == chLatin_f || *flag == chDigit_0))
- m_caseSensitive = false;
-
- flag = e->getAttributeNS(nullptr, internal);
- if (flag && (*flag == chLatin_t || *flag == chDigit_1))
- m_internal = true;
- }
}
AttributeDecoder::~AttributeDecoder()
attr->setCaseSensitive(m_caseSensitive);
attr->setInternal(m_internal);
- if (m_hashAlg.get() && *m_hashAlg.get()) {
+ if (!m_hashAlg.empty()) {
// We turn the values into strings using the supplied hash algorithm and return a SimpleAttribute instead.
auto_ptr<SimpleAttribute> simple(new SimpleAttribute(attr->getAliases()));
simple->setCaseSensitive(false);
vector<string>& newdest = simple->getValues();
const vector<string>& serialized = attr->getSerializedValues();
for (vector<string>::const_iterator ser = serialized.begin(); ser != serialized.end(); ++ser) {
- newdest.push_back(SecurityHelper::doHash(m_hashAlg.get(), ser->data(), ser->length()));
+ newdest.push_back(SecurityHelper::doHash(m_hashAlg.c_str(), ser->data(), ser->length()));
if (newdest.back().empty())
newdest.pop_back();
}
bool m_internal;
/** Hash algorithm to apply to decoded values. */
- xmltooling::auto_ptr_char m_hashAlg;
+ std::string m_hashAlg;
/**
* Helper method to handle base class decoding housekeeping.
private:
DDF convert(DOMElement* e, bool nameit=true) const;
- auto_ptr_char m_formatter;
+ string m_formatter;
map<pair<xstring,xstring>,string> m_tagMap;
};
static const XMLCh Mapping[] = UNICODE_LITERAL_7(M,a,p,p,i,n,g);
static const XMLCh _from[] = UNICODE_LITERAL_4(f,r,o,m);
static const XMLCh _to[] = UNICODE_LITERAL_2(t,o);
- static const XMLCh formatter[] = UNICODE_LITERAL_9(f,o,r,m,a,t,t,e,r);
+ static const XMLCh formatter[] =UNICODE_LITERAL_9(f,o,r,m,a,t,t,e,r);
};
DOMAttributeDecoder::DOMAttributeDecoder(const DOMElement* e)
- : AttributeDecoder(e), m_formatter(e ? e->getAttributeNS(nullptr,formatter) : nullptr)
+ : AttributeDecoder(e), m_formatter(XMLHelper::getAttrString(e, nullptr, formatter))
{
Category& log = Category::getInstance(SHIBSP_LOGCAT".AttributeDecoder.DOM");
- e = e ? XMLHelper::getFirstChildElement(e, Mapping) : nullptr;
+ e = XMLHelper::getFirstChildElement(e, Mapping);
while (e) {
if (e->hasAttributeNS(nullptr, _from) && e->hasAttributeNS(nullptr, _to)) {
auto_ptr<xmltooling::QName> f(XMLHelper::getNodeValueAsQName(e->getAttributeNodeNS(nullptr, _from)));
return nullptr;
}
- auto_ptr<ExtensibleAttribute> attr(new ExtensibleAttribute(ids, m_formatter.get()));
+ auto_ptr<ExtensibleAttribute> attr(new ExtensibleAttribute(ids, m_formatter.c_str()));
DDF dest = attr->getValues();
vector<XMLObject*>::const_iterator v,stop;
void extract(const KeyInfo* k, vector<string>& dest) const {
auto_ptr<Credential> cred (getKeyInfoResolver()->resolve(k, Credential::RESOLVE_KEYS));
if (cred.get()) {
- const char* alg = m_keyInfoHashAlg.get();
- if (!alg || !*alg)
- alg = "SHA1";
dest.push_back(string());
- dest.back() = SecurityHelper::getDEREncoding(*cred.get(), m_hash ? alg : nullptr);
+ dest.back() = SecurityHelper::getDEREncoding(*cred.get(), m_hash ? m_keyInfoHashAlg.c_str() : nullptr);
if (dest.back().empty())
dest.pop_back();
}
}
bool m_hash;
- auto_ptr_char m_keyInfoHashAlg;
+ string m_keyInfoHashAlg;
KeyInfoResolver* m_keyInfoResolver;
};
};
KeyInfoAttributeDecoder::KeyInfoAttributeDecoder(const DOMElement* e)
- : AttributeDecoder(e),
- m_hash(false),
- m_keyInfoHashAlg(e ? e->getAttributeNS(nullptr, keyInfoHashAlg) : nullptr),
- m_keyInfoResolver(nullptr) {
- const XMLCh* flag = e ? e->getAttributeNS(nullptr, _hash) : nullptr;
- m_hash = (flag && (*flag == chLatin_t || *flag == chDigit_1));
- e = e ? XMLHelper::getFirstChildElement(e,_KeyInfoResolver) : nullptr;
+ : AttributeDecoder(e),
+ m_hash(XMLHelper::getAttrBool(e, false, _hash)),
+ m_keyInfoHashAlg(XMLHelper::getAttrString(e, "SHA1", keyInfoHashAlg)),
+ m_keyInfoResolver(nullptr) {
+ e = XMLHelper::getFirstChildElement(e,_KeyInfoResolver);
if (e) {
- auto_ptr_char t(e->getAttributeNS(nullptr, _type));
- if (t.get() && *t.get())
- m_keyInfoResolver = XMLToolingConfig::getConfig().KeyInfoResolverManager.newPlugin(t.get(), e);
- else
+ string t(XMLHelper::getAttrString(e, nullptr, _type));
+ if (t.empty())
throw UnknownExtensionException("<KeyInfoResolver> element found with no type attribute");
+ m_keyInfoResolver = XMLToolingConfig::getConfig().KeyInfoResolverManager.newPlugin(t.c_str(), e);
}
}
{
public:
NameIDAttributeDecoder(const DOMElement* e)
- : AttributeDecoder(e), m_formatter(e ? e->getAttributeNS(nullptr, formatter) : nullptr), m_defaultQualifiers(false) {
- const XMLCh* flag = e ? e->getAttributeNS(nullptr, defaultQualifiers) : nullptr;
- if (flag && (*flag == chLatin_t || *flag == chDigit_1))
- m_defaultQualifiers = true;
+ : AttributeDecoder(e),
+ m_formatter(XMLHelper::getAttrString(e, nullptr, formatter)),
+ m_defaultQualifiers(XMLHelper::getAttrBool(e, false, defaultQualifiers)) {
}
~NameIDAttributeDecoder() {}
void extract(
const NameIdentifier* n, vector<NameIDAttribute::Value>& dest, const char* assertingParty, const char* relyingParty
) const;
- auto_ptr_char m_formatter;
+ string m_formatter;
bool m_defaultQualifiers;
};
) const
{
auto_ptr<NameIDAttribute> nameid(
- new NameIDAttribute(ids, (m_formatter.get() && *m_formatter.get()) ? m_formatter.get() : DEFAULT_NAMEID_FORMATTER)
+ new NameIDAttribute(ids, (!m_formatter.empty()) ? m_formatter.c_str() : DEFAULT_NAMEID_FORMATTER)
);
vector<NameIDAttribute::Value>& dest = nameid->getValues();
vector<XMLObject*>::const_iterator v,stop;
NameIDFromScopedAttributeDecoder(const DOMElement* e)
: AttributeDecoder(e),
m_delimeter('@'),
- m_format(e ? e->getAttributeNS(nullptr,format) : nullptr),
- m_formatter(e ? e->getAttributeNS(nullptr,formatter) : nullptr),
- m_defaultQualifiers(false) {
+ m_format(XMLHelper::getAttrString(e, nullptr, format)),
+ m_formatter(XMLHelper::getAttrString(e, nullptr, formatter)),
+ m_defaultQualifiers(XMLHelper::getAttrBool(e, false, defaultQualifiers)) {
if (e && e->hasAttributeNS(nullptr,scopeDelimeter)) {
auto_ptr_char d(e->getAttributeNS(nullptr,scopeDelimeter));
m_delimeter = *(d.get());
}
- const XMLCh* flag = e ? e->getAttributeNS(nullptr, defaultQualifiers) : nullptr;
- if (flag && (*flag == chLatin_t || *flag == chDigit_1))
- m_defaultQualifiers = true;
}
~NameIDFromScopedAttributeDecoder() {}
private:
char m_delimeter;
- auto_ptr_char m_format;
- auto_ptr_char m_formatter;
+ string m_format,m_formatter;
bool m_defaultQualifiers;
};
const XMLCh* xmlscope;
xmltooling::QName scopeqname(nullptr,Scope);
auto_ptr<NameIDAttribute> nameid(
- new NameIDAttribute(ids, (m_formatter.get() && *m_formatter.get()) ? m_formatter.get() : DEFAULT_NAMEID_FORMATTER)
+ new NameIDAttribute(ids, (!m_formatter.empty()) ? m_formatter.c_str() : DEFAULT_NAMEID_FORMATTER)
);
vector<NameIDAttribute::Value>& dest = nameid->getValues();
vector<XMLObject*>::const_iterator v,stop;
*scope++ = 0;
}
destval.m_Name = val;
- if (m_format.get() && *m_format.get())
- destval.m_Format = m_format.get();
+ destval.m_Format = m_format;
if (m_defaultQualifiers && assertingParty)
destval.m_NameQualifier = assertingParty;
if (m_defaultQualifiers && relyingParty)
func = buildFunctor(e, p.first);
}
else if (XMLHelper::isNodeNamed(e, shibspconstants::SHIB2ATTRIBUTEFILTER_MF_BASIC_NS, RuleReference)) {
- auto_ptr_char ref(e->getAttributeNS(nullptr, _ref));
- if (ref.get() && *ref.get()) {
- multimap<string,MatchFunctor*>::const_iterator rule = p.first->getMatchFunctors().find(ref.get());
+ string ref = XMLHelper::getAttrString(e, nullptr, _ref);
+ if (!ref.empty()) {
+ multimap<string,MatchFunctor*>::const_iterator rule = p.first->getMatchFunctors().find(ref);
func = (rule!=p.first->getMatchFunctors().end()) ? rule->second : nullptr;
}
}
MatchFunctor* AndMatchFunctor::buildFunctor(const DOMElement* e, const FilterPolicyContext* functorMap)
{
// We'll track and map IDs just for consistency, but don't require them or worry about dups.
- auto_ptr_char temp(e->getAttributeNS(nullptr,_id));
- const char* id = (temp.get() && *temp.get()) ? temp.get() : "";
- if (*id && functorMap->getMatchFunctors().count(id))
- id = "";
+ string id = XMLHelper::getAttrString(e, nullptr, _id);
+ if (!id.empty() && functorMap->getMatchFunctors().count(id))
+ id.clear();
auto_ptr<xmltooling::QName> type(XMLHelper::getXSIType(e));
if (!type.get())
{
RegularExpression* m_regex;
public:
- AttributeIssuerRegexFunctor(const DOMElement* e) {
+ AttributeIssuerRegexFunctor(const DOMElement* e) : m_regex(nullptr) {
const XMLCh* r = e ? e->getAttributeNS(nullptr,regex) : nullptr;
if (!r || !*r)
throw ConfigurationException("AttributeIssuerRegex MatchFunctor requires non-empty regex attribute.");
#include "attribute/filtering/FilterPolicyContext.h"
#include "attribute/filtering/MatchFunctor.h"
+#include <xmltooling/util/XMLHelper.h>
+using xmltooling::XMLHelper;
+
namespace shibsp {
static const XMLCh value[] = UNICODE_LITERAL_5(v,a,l,u,e);
const XMLCh* m_value;
bool m_ignoreCase;
public:
- AttributeIssuerStringFunctor(const DOMElement* e) {
+ AttributeIssuerStringFunctor(const DOMElement* e) : m_value(nullptr), m_ignoreCase(XMLHelper::getAttrBool(e, false, ignoreCase)) {
m_value = e ? e->getAttributeNS(nullptr,value) : nullptr;
if (!m_value || !*m_value)
throw ConfigurationException("AttributeIssuerString MatchFunctor requires non-empty value attribute.");
- const XMLCh* flag = e ? e->getAttributeNS(nullptr,ignoreCase) : nullptr;
- m_ignoreCase = (flag && (*flag == chLatin_t || *flag == chDigit_1));
}
bool evaluatePolicyRequirement(const FilteringContext& filterContext) const {
{
RegularExpression* m_regex;
public:
- AttributeRequesterRegexFunctor(const DOMElement* e) {
+ AttributeRequesterRegexFunctor(const DOMElement* e) : m_regex(nullptr) {
const XMLCh* r = e ? e->getAttributeNS(nullptr,regex) : nullptr;
if (!r || !*r)
throw ConfigurationException("AttributeRequesterRegex MatchFunctor requires non-empty regex attribute.");
#include "attribute/filtering/FilterPolicyContext.h"
#include "attribute/filtering/MatchFunctor.h"
+#include <xmltooling/util/XMLHelper.h>
+using xmltooling::XMLHelper;
+
namespace shibsp {
static const XMLCh value[] = UNICODE_LITERAL_5(v,a,l,u,e);
const XMLCh* m_value;
bool m_ignoreCase;
public:
- AttributeRequesterStringFunctor(const DOMElement* e) {
+ AttributeRequesterStringFunctor(const DOMElement* e) : m_value(nullptr), m_ignoreCase(XMLHelper::getAttrBool(e, false, ignoreCase)) {
m_value = e ? e->getAttributeNS(nullptr,value) : nullptr;
if (!m_value || !*m_value)
throw ConfigurationException("AttributeRequesterString MatchFunctor requires non-empty value attribute.");
- const XMLCh* flag = e ? e->getAttributeNS(nullptr,ignoreCase) : nullptr;
- m_ignoreCase = (flag && (*flag == chLatin_t || *flag == chDigit_1));
}
bool evaluatePolicyRequirement(const FilteringContext& filterContext) const {
#include "attribute/filtering/FilterPolicyContext.h"
#include "attribute/filtering/MatchFunctor.h"
+#include <xmltooling/util/XMLHelper.h>
#include <xercesc/util/regx/RegularExpression.hpp>
using namespace shibsp;
using namespace std;
+using xmltooling::XMLHelper;
namespace shibsp {
*/
class SHIBSP_DLLLOCAL AttributeScopeRegexFunctor : public MatchFunctor
{
- xmltooling::auto_ptr_char m_attributeID;
+ string m_attributeID;
RegularExpression* m_regex;
bool hasScope(const FilteringContext& filterContext) const;
bool matches(const Attribute& attribute, size_t index) const;
public:
- AttributeScopeRegexFunctor(const DOMElement* e)
- : m_attributeID(e ? e->getAttributeNS(nullptr,attributeID) : nullptr) {
+ AttributeScopeRegexFunctor(const DOMElement* e) : m_regex(nullptr), m_attributeID(XMLHelper::getAttrString(e, nullptr, attributeID)) {
const XMLCh* r = e ? e->getAttributeNS(nullptr,regex) : nullptr;
if (!r || !*r)
throw ConfigurationException("AttributeScopeRegex MatchFunctor requires non-empty regex attribute.");
}
bool evaluatePolicyRequirement(const FilteringContext& filterContext) const {
- if (!m_attributeID.get() || !*m_attributeID.get())
+ if (m_attributeID.empty())
throw AttributeFilteringException("No attributeID specified.");
return hasScope(filterContext);
}
bool evaluatePermitValue(const FilteringContext& filterContext, const Attribute& attribute, size_t index) const {
- if (!m_attributeID.get() || !*m_attributeID.get() || XMLString::equals(m_attributeID.get(), attribute.getId()))
+ if (m_attributeID.empty() || m_attributeID == attribute.getId())
return matches(attribute, index);
return hasScope(filterContext);
}
{
size_t count;
pair<multimap<string,Attribute*>::const_iterator,multimap<string,Attribute*>::const_iterator> attrs =
- filterContext.getAttributes().equal_range(m_attributeID.get());
+ filterContext.getAttributes().equal_range(m_attributeID);
for (; attrs.first != attrs.second; ++attrs.first) {
count = attrs.first->second->valueCount();
for (size_t index = 0; index < count; ++index) {
#include "attribute/filtering/FilterPolicyContext.h"
#include "attribute/filtering/MatchFunctor.h"
+#include <xmltooling/util/XMLHelper.h>
+
using namespace shibsp;
using namespace std;
+using xmltooling::XMLHelper;
namespace shibsp {
*/
class SHIBSP_DLLLOCAL AttributeScopeStringFunctor : public MatchFunctor
{
- xmltooling::auto_ptr_char m_attributeID;
+ string m_attributeID;
char* m_value;
bool m_ignoreCase;
public:
AttributeScopeStringFunctor(const DOMElement* e)
- : m_value(e ? xmltooling::toUTF8(e->getAttributeNS(nullptr,value)) : nullptr), m_attributeID(e ? e->getAttributeNS(nullptr,attributeID) : nullptr) {
+ : m_attributeID(XMLHelper::getAttrString(e, nullptr, attributeID)),
+ m_value(e ? xmltooling::toUTF8(e->getAttributeNS(nullptr,value)) : nullptr),
+ m_ignoreCase(XMLHelper::getAttrBool(e, false, ignoreCase)) {
if (!m_value || !*m_value) {
delete[] m_value;
throw ConfigurationException("AttributeScopeString MatchFunctor requires non-empty value attribute.");
}
- const XMLCh* flag = e ? e->getAttributeNS(nullptr,ignoreCase) : nullptr;
- m_ignoreCase = (flag && (*flag == chLatin_t || *flag == chDigit_1));
}
virtual ~AttributeScopeStringFunctor() {
}
bool evaluatePolicyRequirement(const FilteringContext& filterContext) const {
- if (!m_attributeID.get() || !*m_attributeID.get())
+ if (m_attributeID.empty())
throw AttributeFilteringException("No attributeID specified.");
return hasScope(filterContext);
}
bool evaluatePermitValue(const FilteringContext& filterContext, const Attribute& attribute, size_t index) const {
- if (!m_attributeID.get() || !*m_attributeID.get() || XMLString::equals(m_attributeID.get(), attribute.getId())) {
+ if (m_attributeID.empty() || m_attributeID == attribute.getId()) {
if (m_ignoreCase) {
#ifdef HAVE_STRCASECMP
return !strcasecmp(attribute.getScope(index), m_value);
{
size_t count;
pair<multimap<string,Attribute*>::const_iterator,multimap<string,Attribute*>::const_iterator> attrs =
- filterContext.getAttributes().equal_range(m_attributeID.get());
+ filterContext.getAttributes().equal_range(m_attributeID);
for (; attrs.first != attrs.second; ++attrs.first) {
count = attrs.first->second->valueCount();
for (size_t index = 0; index < count; ++index) {
#include "attribute/filtering/FilterPolicyContext.h"
#include "attribute/filtering/MatchFunctor.h"
+#include <xmltooling/util/XMLHelper.h>
+
#include <xercesc/util/regx/RegularExpression.hpp>
using namespace shibsp;
using namespace std;
+using xmltooling::XMLHelper;
namespace shibsp {
*/
class SHIBSP_DLLLOCAL AttributeValueRegexFunctor : public MatchFunctor
{
- xmltooling::auto_ptr_char m_attributeID;
+ string m_attributeID;
RegularExpression* m_regex;
bool hasValue(const FilteringContext& filterContext) const;
public:
AttributeValueRegexFunctor(const DOMElement* e)
- : m_attributeID(e ? e->getAttributeNS(nullptr,attributeID) : nullptr) {
+ : m_attributeID(XMLHelper::getAttrString(e, nullptr, attributeID)), m_regex(nullptr) {
const XMLCh* r = e ? e->getAttributeNS(nullptr,regex) : nullptr;
if (!r || !*r)
throw ConfigurationException("AttributeValueRegex MatchFunctor requires non-empty regex attribute.");
}
bool evaluatePolicyRequirement(const FilteringContext& filterContext) const {
- if (!m_attributeID.get() || !*m_attributeID.get())
+ if (m_attributeID.empty())
throw AttributeFilteringException("No attributeID specified.");
return hasValue(filterContext);
}
bool evaluatePermitValue(const FilteringContext& filterContext, const Attribute& attribute, size_t index) const {
- if (!m_attributeID.get() || !*m_attributeID.get() || XMLString::equals(m_attributeID.get(), attribute.getId()))
+ if (m_attributeID.empty() || m_attributeID == attribute.getId())
return matches(attribute, index);
return hasValue(filterContext);
}
{
size_t count;
pair<multimap<string,Attribute*>::const_iterator,multimap<string,Attribute*>::const_iterator> attrs =
- filterContext.getAttributes().equal_range(m_attributeID.get());
+ filterContext.getAttributes().equal_range(m_attributeID);
for (; attrs.first != attrs.second; ++attrs.first) {
count = attrs.first->second->valueCount();
for (size_t index = 0; index < count; ++index) {
#include "attribute/filtering/FilterPolicyContext.h"
#include "attribute/filtering/MatchFunctor.h"
+#include <xmltooling/util/XMLHelper.h>
+
using namespace shibsp;
using namespace std;
+using xmltooling::XMLHelper;
namespace shibsp {
*/
class SHIBSP_DLLLOCAL AttributeValueStringFunctor : public MatchFunctor
{
- xmltooling::auto_ptr_char m_attributeID;
+ string m_attributeID;
char* m_value;
bool hasValue(const FilteringContext& filterContext) const;
public:
AttributeValueStringFunctor(const DOMElement* e)
- : m_value(e ? xmltooling::toUTF8(e->getAttributeNS(nullptr,value)) : nullptr), m_attributeID(e ? e->getAttributeNS(nullptr,attributeID) : nullptr) {
+ : m_value(e ? xmltooling::toUTF8(e->getAttributeNS(nullptr,value)) : nullptr),
+ m_attributeID(XMLHelper::getAttrString(e, nullptr, attributeID)) {
if (!m_value || !*m_value) {
delete[] m_value;
throw ConfigurationException("AttributeValueString MatchFunctor requires non-empty value attribute.");
}
bool evaluatePolicyRequirement(const FilteringContext& filterContext) const {
- if (!m_attributeID.get() || !*m_attributeID.get())
+ if (m_attributeID.empty())
throw AttributeFilteringException("No attributeID specified.");
return hasValue(filterContext);
}
bool evaluatePermitValue(const FilteringContext& filterContext, const Attribute& attribute, size_t index) const {
- if (!m_attributeID.get() || !*m_attributeID.get() || XMLString::equals(m_attributeID.get(), attribute.getId()))
+ if (m_attributeID.empty() || m_attributeID == attribute.getId())
return matches(attribute, index);
return hasValue(filterContext);
}
{
size_t count;
pair<multimap<string,Attribute*>::const_iterator,multimap<string,Attribute*>::const_iterator> attrs =
- filterContext.getAttributes().equal_range(m_attributeID.get());
+ filterContext.getAttributes().equal_range(m_attributeID);
for (; attrs.first != attrs.second; ++attrs.first) {
count = attrs.first->second->valueCount();
for (size_t index = 0; index < count; ++index) {
{
RegularExpression* m_regex;
public:
- AuthenticationMethodRegexFunctor(const DOMElement* e) {
+ AuthenticationMethodRegexFunctor(const DOMElement* e) : m_regex(nullptr) {
const XMLCh* r = e ? e->getAttributeNS(nullptr,regex) : nullptr;
if (!r || !*r)
throw ConfigurationException("AuthenticationMethodRegex MatchFunctor requires non-empty regex attribute.");
#include "attribute/filtering/FilterPolicyContext.h"
#include "attribute/filtering/MatchFunctor.h"
+#include <xmltooling/util/XMLHelper.h>
+
+using xmltooling::XMLHelper;
+
namespace shibsp {
static const XMLCh value[] = UNICODE_LITERAL_5(v,a,l,u,e);
const XMLCh* m_value;
bool m_ignoreCase;
public:
- AuthenticationMethodStringFunctor(const DOMElement* e) : m_value(e ? e->getAttributeNS(nullptr,value) : nullptr) {
+ AuthenticationMethodStringFunctor(const DOMElement* e)
+ : m_value(e ? e->getAttributeNS(nullptr,value) : nullptr), m_ignoreCase(XMLHelper::getAttrBool(e, false, ignoreCase)) {
if (!m_value || !*m_value)
throw ConfigurationException("AuthenticationMethodString MatchFunctor requires non-empty value attribute.");
- const XMLCh* flag = e ? e->getAttributeNS(nullptr,ignoreCase) : nullptr;
- m_ignoreCase = (flag && (*flag == chLatin_t || *flag == chDigit_1));
}
bool evaluatePolicyRequirement(const FilteringContext& filterContext) const {
SPConfig& conf = SPConfig::getConfig();
// Load up the chain of handlers.
- e = e ? XMLHelper::getFirstChildElement(e, _AttributeFilter) : nullptr;
+ e = XMLHelper::getFirstChildElement(e, _AttributeFilter);
while (e) {
- auto_ptr_char type(e->getAttributeNS(nullptr,_type));
- if (type.get() && *(type.get())) {
+ string t(XMLHelper::getAttrString(e, nullptr, _type));
+ if (!t.empty()) {
try {
- m_filters.push_back(conf.AttributeFilterManager.newPlugin(type.get(),e));
+ m_filters.push_back(conf.AttributeFilterManager.newPlugin(t.c_str(), e));
}
catch (exception& ex) {
Category::getInstance(SHIBSP_LOGCAT".AttributeFilter").error(
m_functor = buildFunctor(e, p.first);
}
else if (XMLHelper::isNodeNamed(e, shibspconstants::SHIB2ATTRIBUTEFILTER_MF_BASIC_NS, RuleReference)) {
- auto_ptr_char ref(e->getAttributeNS(nullptr, _ref));
- if (ref.get() && *ref.get()) {
- multimap<string,MatchFunctor*>::const_iterator rule = p.first->getMatchFunctors().find(ref.get());
+ string ref = XMLHelper::getAttrString(e, nullptr, _ref);
+ if (!ref.empty()) {
+ multimap<string,MatchFunctor*>::const_iterator rule = p.first->getMatchFunctors().find(ref);
m_functor = (rule!=p.first->getMatchFunctors().end()) ? rule->second : nullptr;
}
}
MatchFunctor* NotMatchFunctor::buildFunctor(const DOMElement* e, const FilterPolicyContext* functorMap)
{
// We'll track and map IDs just for consistency, but don't require them or worry about dups.
- auto_ptr_char temp(e->getAttributeNS(nullptr,_id));
- const char* id = (temp.get() && *temp.get()) ? temp.get() : "";
- if (*id && functorMap->getMatchFunctors().count(id))
- id = "";
+ string id = XMLHelper::getAttrString(e, nullptr, _id);
+ if (!id.empty() && functorMap->getMatchFunctors().count(id))
+ id.clear();
auto_ptr<xmltooling::QName> type(XMLHelper::getXSIType(e));
if (!type.get())
#include "attribute/filtering/FilterPolicyContext.h"
#include "attribute/filtering/MatchFunctor.h"
+#include <xmltooling/util/XMLHelper.h>
+
using namespace shibsp;
using namespace std;
+using xmltooling::XMLHelper;
namespace shibsp {
class SHIBSP_DLLLOCAL NumberOfAttributeValuesFunctor : public MatchFunctor
{
unsigned int m_min,m_max;
- xmltooling::auto_ptr_char m_attributeID;
+ string m_attributeID;
size_t count(const FilteringContext& filterContext) const;
public:
NumberOfAttributeValuesFunctor(const DOMElement* e)
- : m_min(0), m_max(INT_MAX), m_attributeID(e ? e->getAttributeNS(nullptr,attributeID) : nullptr) {
- if (!m_attributeID.get() || !*m_attributeID.get())
+ : m_min(XMLHelper::getAttrInt(e, 0, minimum)),
+ m_max(XMLHelper::getAttrInt(e, INT_MAX, maximum)),
+ m_attributeID(XMLHelper::getAttrString(e, nullptr, attributeID)) {
+ if (m_attributeID.empty())
throw ConfigurationException("No attributeID specified.");
- const XMLCh* num = e->getAttributeNS(nullptr, minimum);
- if (num && *num)
- m_min = XMLString::parseInt(num);
- num = e->getAttributeNS(nullptr, maximum);
- if (num && *num)
- m_max = XMLString::parseInt(num);
}
bool evaluatePolicyRequirement(const FilteringContext& filterContext) const {
{
size_t count = 0;
pair<multimap<string,Attribute*>::const_iterator,multimap<string,Attribute*>::const_iterator> attrs =
- filterContext.getAttributes().equal_range(m_attributeID.get());
+ filterContext.getAttributes().equal_range(m_attributeID);
for (; attrs.first != attrs.second; ++attrs.first)
count += attrs.first->second->valueCount();
return count;
func = buildFunctor(e, p.first);
}
else if (XMLHelper::isNodeNamed(e, shibspconstants::SHIB2ATTRIBUTEFILTER_MF_BASIC_NS, RuleReference)) {
- auto_ptr_char ref(e->getAttributeNS(nullptr, _ref));
- if (ref.get() && *ref.get()) {
- multimap<string,MatchFunctor*>::const_iterator rule = p.first->getMatchFunctors().find(ref.get());
+ string ref = XMLHelper::getAttrString(e, nullptr, _ref);
+ if (!ref.empty()) {
+ multimap<string,MatchFunctor*>::const_iterator rule = p.first->getMatchFunctors().find(ref);
func = (rule!=p.first->getMatchFunctors().end()) ? rule->second : nullptr;
}
}
MatchFunctor* OrMatchFunctor::buildFunctor(const DOMElement* e, const FilterPolicyContext* functorMap)
{
// We'll track and map IDs just for consistency, but don't require them or worry about dups.
- auto_ptr_char temp(e->getAttributeNS(nullptr,_id));
- const char* id = (temp.get() && *temp.get()) ? temp.get() : "";
- if (*id && functorMap->getMatchFunctors().count(id))
- id = "";
+ string id = XMLHelper::getAttrString(e, nullptr, _id);
+ if (!id.empty() && functorMap->getMatchFunctors().count(id))
+ id.clear();
auto_ptr<xmltooling::QName> type(XMLHelper::getXSIType(e));
if (!type.get())
func = buildFunctor(e, reqFunctors, "PolicyRequirementRule", false);
}
else if (e && XMLHelper::isNodeNamed(e, SHIB2ATTRIBUTEFILTER_NS, PolicyRequirementRuleReference)) {
- auto_ptr_char ref(e->getAttributeNS(nullptr, _ref));
- if (ref.get() && *ref.get()) {
- multimap<string,MatchFunctor*>::const_iterator prr = m_policyReqRules.find(ref.get());
+ string ref(XMLHelper::getAttrString(e, nullptr, _ref));
+ if (!ref.empty()) {
+ multimap<string,MatchFunctor*>::const_iterator prr = m_policyReqRules.find(ref);
func = (prr!=m_policyReqRules.end()) ? prr->second : nullptr;
}
}
m_policies.back().m_rules.insert(Policy::rules_t::value_type(rule.first, rule.second));
}
else if (e && XMLHelper::isNodeNamed(e, SHIB2ATTRIBUTEFILTER_NS, AttributeRuleReference)) {
- auto_ptr_char ref(e->getAttributeNS(nullptr, _ref));
- if (ref.get() && *ref.get()) {
- map< string,pair< string,pair< const MatchFunctor*,const MatchFunctor*> > >::const_iterator ar = m_attrRules.find(ref.get());
+ string ref(XMLHelper::getAttrString(e, nullptr, _ref));
+ if (!ref.empty()) {
+ map< string,pair< string,pair< const MatchFunctor*,const MatchFunctor*> > >::const_iterator ar = m_attrRules.find(ref);
if (ar != m_attrRules.end())
m_policies.back().m_rules.insert(Policy::rules_t::value_type(ar->second.first, ar->second.second));
else
- m_log.warn("skipping invalid AttributeRuleReference (%s)", ref.get());
+ m_log.warn("skipping invalid AttributeRuleReference (%s)", ref.c_str());
}
}
e = XMLHelper::getNextSiblingElement(e);
const DOMElement* e, const FilterPolicyContext& functorMap, const char* logname, bool standalone
)
{
- auto_ptr_char temp(e->getAttributeNS(nullptr,_id));
- const char* id = (temp.get() && *temp.get()) ? temp.get() : "";
+ string id(XMLHelper::getAttrString(e, nullptr, _id));
- if (standalone && !*id) {
+ if (standalone && id.empty()) {
m_log.warn("skipping stand-alone %s with no id", logname);
return nullptr;
}
- else if (*id && functorMap.getMatchFunctors().count(id)) {
+ else if (!id.empty() && functorMap.getMatchFunctors().count(id)) {
if (standalone) {
- m_log.warn("skipping duplicate stand-alone %s with id (%s)", logname, id);
+ m_log.warn("skipping duplicate stand-alone %s with id (%s)", logname, id.c_str());
return nullptr;
}
else
- id = "";
+ id.clear();
}
auto_ptr<xmltooling::QName> type(XMLHelper::getXSIType(e));
const DOMElement* e, const FilterPolicyContext& permMap, const FilterPolicyContext& denyMap, bool standalone
)
{
- auto_ptr_char temp(e->getAttributeNS(nullptr,_id));
- const char* id = (temp.get() && *temp.get()) ? temp.get() : "";
+ string id(XMLHelper::getAttrString(e, nullptr, _id));
- if (standalone && !*id) {
+ if (standalone && id.empty()) {
m_log.warn("skipping stand-alone AttributeRule with no id");
return make_pair(string(),pair<const MatchFunctor*,const MatchFunctor*>(nullptr,nullptr));
}
- else if (*id && m_attrRules.count(id)) {
+ else if (!id.empty() && m_attrRules.count(id)) {
if (standalone) {
- m_log.warn("skipping duplicate stand-alone AttributeRule with id (%s)", id);
+ m_log.warn("skipping duplicate stand-alone AttributeRule with id (%s)", id.c_str());
return make_pair(string(),pair<const MatchFunctor*,const MatchFunctor*>(nullptr,nullptr));
}
else
- id = "";
+ id.clear();
}
- auto_ptr_char attrID(e->getAttributeNS(nullptr,attributeID));
- if (!attrID.get() || !*attrID.get())
+ string attrID(XMLHelper::getAttrString(e, nullptr, attributeID));
+ if (attrID.empty())
m_log.warn("skipping AttributeRule with no attributeID");
MatchFunctor* perm=nullptr;
e = XMLHelper::getNextSiblingElement(e);
}
else if (e && XMLHelper::isNodeNamed(e, SHIB2ATTRIBUTEFILTER_NS, PermitValueRuleReference)) {
- auto_ptr_char ref(e->getAttributeNS(nullptr, _ref));
- if (ref.get() && *ref.get()) {
- multimap<string,MatchFunctor*>::const_iterator pvr = m_permitValRules.find(ref.get());
+ string ref(XMLHelper::getAttrString(e, nullptr, _ref));
+ if (!ref.empty()) {
+ multimap<string,MatchFunctor*>::const_iterator pvr = m_permitValRules.find(ref);
perm = (pvr!=m_permitValRules.end()) ? pvr->second : nullptr;
}
e = XMLHelper::getNextSiblingElement(e);
deny = buildFunctor(e, denyMap, "DenyValueRule", false);
}
else if (e && XMLHelper::isNodeNamed(e, SHIB2ATTRIBUTEFILTER_NS, DenyValueRuleReference)) {
- auto_ptr_char ref(e->getAttributeNS(nullptr, _ref));
- if (ref.get() && *ref.get()) {
- multimap<string,MatchFunctor*>::const_iterator pvr = m_denyValRules.find(ref.get());
+ string ref(XMLHelper::getAttrString(e, nullptr, _ref));
+ if (!ref.empty()) {
+ multimap<string,MatchFunctor*>::const_iterator pvr = m_denyValRules.find(ref);
deny = (pvr!=m_denyValRules.end()) ? pvr->second : nullptr;
}
}
if (perm || deny) {
- if (*id) {
- m_attrRules[id] = pair< string,pair<const MatchFunctor*,const MatchFunctor*> >(attrID.get(), pair<const MatchFunctor*,const MatchFunctor*>(perm,deny));
+ if (!id.empty()) {
+ m_attrRules[id] =
+ pair< string,pair<const MatchFunctor*,const MatchFunctor*> >(attrID, pair<const MatchFunctor*,const MatchFunctor*>(perm,deny));
return m_attrRules[id];
}
else {
- return pair< string,pair<const MatchFunctor*,const MatchFunctor*> >(attrID.get(), pair<const MatchFunctor*,const MatchFunctor*>(perm,deny));
+ return pair< string,pair<const MatchFunctor*,const MatchFunctor*> >(attrID, pair<const MatchFunctor*,const MatchFunctor*>(perm,deny));
}
}
- if (*id)
- m_log.warn("skipping AttributeRule (%s), permit and denial rule(s) invalid or missing", id);
+ if (!id.empty())
+ m_log.warn("skipping AttributeRule (%s), permit and denial rule(s) invalid or missing", id.c_str());
else
m_log.warn("skipping AttributeRule, permit and denial rule(s) invalid or missing");
return pair< string,pair<const MatchFunctor*,const MatchFunctor*> >(string(),pair<const MatchFunctor*,const MatchFunctor*>(nullptr,nullptr));
SPConfig& conf = SPConfig::getConfig();
// Load up the chain of handlers.
- e = e ? XMLHelper::getFirstChildElement(e, _AttributeExtractor) : nullptr;
+ e = XMLHelper::getFirstChildElement(e, _AttributeExtractor);
while (e) {
- auto_ptr_char type(e->getAttributeNS(nullptr,_type));
- if (type.get() && *(type.get())) {
+ string t(XMLHelper::getAttrString(e, nullptr, _type));
+ if (!t.empty()) {
try {
- m_extractors.push_back(conf.AttributeExtractorManager.newPlugin(type.get(),e));
+ m_extractors.push_back(conf.AttributeExtractorManager.newPlugin(t.c_str(), e));
}
catch (exception& ex) {
Category::getInstance(SHIBSP_LOGCAT".AttributeExtractor.Chaining").error(
SPConfig& conf = SPConfig::getConfig();
// Load up the chain of handlers.
- e = e ? XMLHelper::getFirstChildElement(e, _AttributeResolver) : nullptr;
+ e = XMLHelper::getFirstChildElement(e, _AttributeResolver);
while (e) {
- auto_ptr_char type(e->getAttributeNS(nullptr,_type));
- if (type.get() && *(type.get())) {
+ string t(XMLHelper::getAttrString(e, nullptr, _type));
+ if (!t.empty()) {
try {
- m_resolvers.push_back(conf.AttributeResolverManager.newPlugin(type.get(),e));
+ m_resolvers.push_back(conf.AttributeResolverManager.newPlugin(t.c_str(), e));
}
catch (exception& ex) {
Category::getInstance(SHIBSP_LOGCAT".AttributeResolver.Chaining").error(
static const XMLCh formatter[] = UNICODE_LITERAL_9(f,o,r,m,a,t,t,e,r);
};
-DelegationExtractor::DelegationExtractor(const DOMElement* e) : m_attributeId("delegate"), m_formatter("$Name")
+DelegationExtractor::DelegationExtractor(const DOMElement* e)
+ : m_attributeId(XMLHelper::getAttrString(e, "delegate", attributeId)),
+ m_formatter(XMLHelper::getAttrString(e, "$Name", formatter))
{
- if (e) {
- const XMLCh* a = e->getAttributeNS(nullptr, attributeId);
- if (a && *a) {
- auto_ptr_char temp(a);
- m_attributeId = temp.get();
- }
- a = e->getAttributeNS(nullptr, formatter);
- if (a && *a) {
- auto_ptr_char temp(a);
- m_formatter = temp.get();
- }
- }
}
void DelegationExtractor::extractAttributes(
}
private:
- auto_ptr_char m_hashAlg;
+ string m_hashAlg;
vector<string> m_hashId;
vector<string> m_signingId;
vector<string> m_encryptionId;
static const XMLCh signingId[] = UNICODE_LITERAL_9(s,i,g,n,i,n,g,I,d);
};
-KeyDescriptorExtractor::KeyDescriptorExtractor(const DOMElement* e) : m_hashAlg(e ? e->getAttributeNS(nullptr, hashAlg) : nullptr)
+KeyDescriptorExtractor::KeyDescriptorExtractor(const DOMElement* e) : m_hashAlg(XMLHelper::getAttrString(e, "SHA1", hashAlg))
{
if (e) {
- const XMLCh* a = e->getAttributeNS(nullptr, hashId);
- if (a && *a) {
- auto_ptr_char temp(a);
- m_hashId.push_back(temp.get());
- }
- a = e->getAttributeNS(nullptr, signingId);
- if (a && *a) {
- auto_ptr_char temp(a);
- m_signingId.push_back(temp.get());
- }
- a = e->getAttributeNS(nullptr, encryptionId);
- if (a && *a) {
- auto_ptr_char temp(a);
- m_encryptionId.push_back(temp.get());
- }
+ string a(XMLHelper::getAttrString(e, nullptr, hashId));
+ if (!a.empty())
+ m_hashId.push_back(a);
+ a = XMLHelper::getAttrString(e, nullptr, signingId);
+ if (!a.empty())
+ m_signingId.push_back(a);
+ a = XMLHelper::getAttrString(e, nullptr, encryptionId);
+ if (!a.empty())
+ m_encryptionId.push_back(a);
}
if (m_hashId.empty() && m_signingId.empty() && m_encryptionId.empty())
throw ConfigurationException("KeyDescriptor AttributeExtractor requires hashId, signingId, or encryptionId property.");
mcc.setUsage(Credential::SIGNING_CREDENTIAL);
if (application.getMetadataProvider()->resolve(creds, &mcc)) {
if (!m_hashId.empty()) {
- const char* alg = m_hashAlg.get();
- if (!alg || !*alg)
- alg = "SHA1";
auto_ptr<SimpleAttribute> attr(new SimpleAttribute(m_hashId));
vector<string>& vals = attr->getValues();
for (vector<const Credential*>::const_iterator c = creds.begin(); c != creds.end(); ++c) {
if (vals.empty() || !vals.back().empty())
vals.push_back(string());
- vals.back() = SecurityHelper::getDEREncoding(*(*c), alg);
+ vals.back() = SecurityHelper::getDEREncoding(*(*c), m_hashAlg.c_str());
}
if (vals.back().empty())
vals.pop_back();
static const XMLCh subjectMatch[] = UNICODE_LITERAL_12(s,u,b,j,e,c,t,M,a,t,c,h);
};
-QueryResolver::QueryResolver(const DOMElement* e) : m_log(Category::getInstance(SHIBSP_LOGCAT".AttributeResolver.Query")), m_subjectMatch(false)
+QueryResolver::QueryResolver(const DOMElement* e)
+ : m_log(Category::getInstance(SHIBSP_LOGCAT".AttributeResolver.Query")),
+ m_policyId(XMLHelper::getAttrString(e, nullptr, policyId)),
+ m_subjectMatch(XMLHelper::getAttrBool(e, false, subjectMatch))
{
#ifdef _DEBUG
xmltooling::NDC ndc("QueryResolver");
#endif
- const XMLCh* pid = e ? e->getAttributeNS(nullptr, policyId) : nullptr;
- if (pid && *pid) {
- auto_ptr_char temp(pid);
- m_policyId = temp.get();
- }
- pid = e ? e->getAttributeNS(nullptr, subjectMatch) : nullptr;
- if (pid && (*pid == chLatin_t || *pid == chDigit_1))
- m_subjectMatch = true;
-
DOMElement* child = XMLHelper::getFirstChildElement(e);
while (child) {
try {
};
SimpleAggregationResolver::SimpleAggregationResolver(const DOMElement* e)
- : m_log(Category::getInstance(SHIBSP_LOGCAT".AttributeResolver.SimpleAggregation")), m_subjectMatch(false), m_metadata(nullptr), m_trust(nullptr)
+ : m_log(Category::getInstance(SHIBSP_LOGCAT".AttributeResolver.SimpleAggregation")),
+ m_policyId(XMLHelper::getAttrString(e, nullptr, policyId)),
+ m_subjectMatch(XMLHelper::getAttrBool(e, false, subjectMatch)),
+ m_metadata(nullptr), m_trust(nullptr)
{
#ifdef _DEBUG
xmltooling::NDC ndc("SimpleAggregationResolver");
#endif
- const XMLCh* pid = e ? e->getAttributeNS(nullptr, policyId) : nullptr;
- if (pid && *pid) {
- auto_ptr_char temp(pid);
- m_policyId = temp.get();
- }
-
- pid = e ? e->getAttributeNS(nullptr, subjectMatch) : nullptr;
- if (pid && (*pid == chLatin_t || *pid == chDigit_1))
- m_subjectMatch = true;
-
- pid = e ? e->getAttributeNS(nullptr, attributeId) : nullptr;
- if (pid && *pid) {
- char* dup = XMLString::transcode(pid);
+ const XMLCh* aid = e ? e->getAttributeNS(nullptr, attributeId) : nullptr;
+ if (aid && *aid) {
+ char* dup = XMLString::transcode(aid);
char* pos;
char* start = dup;
while (start && *start) {
}
XMLString::release(&dup);
- pid = e->getAttributeNS(nullptr, format);
- if (pid && *pid)
- m_format = pid;
+ aid = e->getAttributeNS(nullptr, format);
+ if (aid && *aid)
+ m_format = aid;
}
DOMElement* child = XMLHelper::getFirstChildElement(e, _MetadataProvider);
if (child) {
- auto_ptr_char type(child->getAttributeNS(nullptr, _type));
- if (!type.get() || !*type.get())
+ string t(XMLHelper::getAttrString(child, nullptr, _type));
+ if (t.empty())
throw ConfigurationException("MetadataProvider element missing type attribute.");
- m_log.info("building MetadataProvider of type %s...", type.get());
- auto_ptr<MetadataProvider> mp(SAMLConfig::getConfig().MetadataProviderManager.newPlugin(type.get(), child));
+ m_log.info("building MetadataProvider of type %s...", t.c_str());
+ auto_ptr<MetadataProvider> mp(SAMLConfig::getConfig().MetadataProviderManager.newPlugin(t.c_str(), child));
mp->init();
m_metadata = mp.release();
}
child = XMLHelper::getFirstChildElement(e, _TrustEngine);
if (child) {
try {
- auto_ptr_char type(child->getAttributeNS(nullptr, _type));
- if (!type.get() || !*type.get())
+ string t(XMLHelper::getAttrString(child, nullptr, _type));
+ if (t.empty())
throw ConfigurationException("TrustEngine element missing type attribute.");
- m_log.info("building TrustEngine of type %s...", type.get());
- m_trust = XMLToolingConfig::getConfig().TrustEngineManager.newPlugin(type.get(), child);
+ m_log.info("building TrustEngine of type %s...", t.c_str());
+ m_trust = XMLToolingConfig::getConfig().TrustEngineManager.newPlugin(t.c_str(), child);
}
catch (exception&) {
delete m_metadata;
child = XMLHelper::getFirstChildElement(e);
while (child) {
if (child->hasChildNodes() && XMLString::equals(child->getLocalName(), Entity)) {
- pid = child->getFirstChild()->getNodeValue();
- if (pid && *pid) {
- auto_ptr_char tpid(pid);
- m_sources.push_back(pair<string,bool>(tpid.get(),true));
+ aid = child->getFirstChild()->getNodeValue();
+ if (aid && *aid) {
+ auto_ptr_char taid(aid);
+ m_sources.push_back(pair<string,bool>(taid.get(),true));
}
}
else if (child->hasChildNodes() && XMLString::equals(child->getLocalName(), EntityReference)) {
- pid = child->getFirstChild()->getNodeValue();
- if (pid && *pid) {
- auto_ptr_char tpid(pid);
- m_sources.push_back(pair<string,bool>(tpid.get(),false));
+ aid = child->getFirstChild()->getNodeValue();
+ if (aid && *aid) {
+ auto_ptr_char taid(aid);
+ m_sources.push_back(pair<string,bool>(taid.get(),false));
}
}
else if (XMLHelper::isNodeNamed(child, samlconstants::SAML20_NS, saml2::Attribute::LOCAL_NAME)) {
vector<string> m_attributeIds;
// settings for embedded assertions in metadata
- auto_ptr_char m_policyId;
+ string m_policyId;
MetadataProvider* m_metadata;
TrustEngine* m_trust;
AttributeFilter* m_filter;
XMLExtractorImpl::XMLExtractorImpl(const DOMElement* e, Category& log)
: m_log(log),
m_document(nullptr),
- m_policyId(e ? e->getAttributeNS(nullptr, metadataPolicyId) : nullptr),
+ m_policyId(XMLHelper::getAttrString(e, nullptr, metadataPolicyId)),
m_metadata(nullptr),
m_trust(nullptr),
m_filter(nullptr),
DOMElement* child = XMLHelper::getFirstChildElement(e, shibspconstants::SHIB2ATTRIBUTEMAP_NS, _MetadataProvider);
if (child) {
try {
- auto_ptr_char type(child->getAttributeNS(nullptr, _type));
- if (!type.get() || !*type.get())
+ string t(XMLHelper::getAttrString(child, nullptr, _type));
+ if (t.empty())
throw ConfigurationException("MetadataProvider element missing type attribute.");
- m_log.info("building MetadataProvider of type %s...", type.get());
- auto_ptr<MetadataProvider> mp(SAMLConfig::getConfig().MetadataProviderManager.newPlugin(type.get(), child));
+ m_log.info("building MetadataProvider of type %s...", t.c_str());
+ auto_ptr<MetadataProvider> mp(SAMLConfig::getConfig().MetadataProviderManager.newPlugin(t.c_str(), child));
mp->init();
m_metadata = mp.release();
}
child = XMLHelper::getFirstChildElement(e, shibspconstants::SHIB2ATTRIBUTEMAP_NS, _TrustEngine);
if (child) {
try {
- auto_ptr_char type(child->getAttributeNS(nullptr, _type));
- if (!type.get() || !*type.get())
+ string t(XMLHelper::getAttrString(child, nullptr, _type));
+ if (t.empty())
throw ConfigurationException("TrustEngine element missing type attribute.");
- m_log.info("building TrustEngine of type %s...", type.get());
- m_trust = XMLToolingConfig::getConfig().TrustEngineManager.newPlugin(type.get(), child);
+ m_log.info("building TrustEngine of type %s...", t.c_str());
+ m_trust = XMLToolingConfig::getConfig().TrustEngineManager.newPlugin(t.c_str(), child);
}
catch (exception& ex) {
m_entityAssertions = false;
child = XMLHelper::getFirstChildElement(e, shibspconstants::SHIB2ATTRIBUTEMAP_NS, _AttributeFilter);
if (child) {
try {
- auto_ptr_char type(child->getAttributeNS(nullptr, _type));
- if (!type.get() || !*type.get())
+ string t(XMLHelper::getAttrString(child, nullptr, _type));
+ if (t.empty())
throw ConfigurationException("AttributeFilter element missing type attribute.");
- m_log.info("building AttributeFilter of type %s...", type.get());
- m_filter = SPConfig::getConfig().AttributeFilterManager.newPlugin(type.get(), child);
+ m_log.info("building AttributeFilter of type %s...", t.c_str());
+ m_filter = SPConfig::getConfig().AttributeFilterManager.newPlugin(t.c_str(), child);
}
catch (exception& ex) {
m_entityAssertions = false;
try {
// Set up and evaluate a policy for an AA asserting attributes to us.
- shibsp::SecurityPolicy policy(application, &AttributeAuthorityDescriptor::ELEMENT_QNAME, false, m_policyId.get());
+ shibsp::SecurityPolicy policy(application, &AttributeAuthorityDescriptor::ELEMENT_QNAME, false, m_policyId.c_str());
Locker locker(m_metadata);
if (m_metadata)
policy.setMetadataProvider(m_metadata);
throw ConfigurationException("Missing or unrecognized operator in Chaining AccessControl configuration.");
try {
- e = e ? XMLHelper::getFirstChildElement(e, _AccessControl) : nullptr;
+ e = XMLHelper::getFirstChildElement(e, _AccessControl);
while (e) {
- auto_ptr_char type(e->getAttributeNS(nullptr, _type));
- if (type.get() && *type.get()) {
- Category::getInstance(SHIBSP_LOGCAT".AccessControl.Chaining").info("building AccessControl provider of type (%s)...", type.get());
- m_ac.push_back(SPConfig::getConfig().AccessControlManager.newPlugin(type.get(), e));
+ string t(XMLHelper::getAttrString(e, nullptr, _type));
+ if (!t.empty()) {
+ Category::getInstance(SHIBSP_LOGCAT".AccessControl.Chaining").info("building AccessControl provider of type (%s)...", t.c_str());
+ m_ac.push_back(SPConfig::getConfig().AccessControlManager.newPlugin(t.c_str(), e));
}
e = XMLHelper::getNextSiblingElement(e, _AccessControl);
}
#endif
m_root(e), m_inprocTimeout(900), m_lock(nullptr), shutdown(false), shutdown_wait(nullptr), cleanup_thread(nullptr)
{
+ SPConfig& conf = SPConfig::getConfig();
+ inproc = conf.isEnabled(SPConfig::InProcess);
+
static const XMLCh cacheAssertions[] = UNICODE_LITERAL_15(c,a,c,h,e,A,s,s,e,r,t,i,o,n,s);
static const XMLCh cacheTimeout[] = UNICODE_LITERAL_12(c,a,c,h,e,T,i,m,e,o,u,t);
static const XMLCh inprocTimeout[] = UNICODE_LITERAL_13(i,n,p,r,o,c,T,i,m,e,o,u,t);
static const XMLCh _StorageService[] = UNICODE_LITERAL_14(S,t,o,r,a,g,e,S,e,r,v,i,c,e);
static const XMLCh _StorageServiceLite[] = UNICODE_LITERAL_18(S,t,o,r,a,g,e,S,e,r,v,i,c,e,L,i,t,e);
- SPConfig& conf = SPConfig::getConfig();
- inproc = conf.isEnabled(SPConfig::InProcess);
-
- if (e) {
- const XMLCh* tag=e->getAttributeNS(nullptr,cacheTimeout);
- if (tag && *tag) {
- m_cacheTimeout = XMLString::parseInt(tag);
- if (!m_cacheTimeout)
- m_cacheTimeout=28800;
- }
- if (inproc) {
- const XMLCh* tag=e->getAttributeNS(nullptr,inprocTimeout);
- if (tag && *tag) {
- m_inprocTimeout = XMLString::parseInt(tag);
- if (!m_inprocTimeout)
- m_inprocTimeout=900;
- }
- }
- }
+ m_cacheTimeout = XMLHelper::getAttrInt(e, 28800, cacheTimeout);
+ if (inproc)
+ m_inprocTimeout = XMLHelper::getAttrInt(e, 900, inprocTimeout);
#ifndef SHIBSP_LITE
if (conf.isEnabled(SPConfig::OutOfProcess)) {
- const XMLCh* tag = e ? e->getAttributeNS(nullptr,_StorageService) : nullptr;
- if (tag && *tag) {
- auto_ptr_char ssid(tag);
- m_storage = conf.getServiceProvider()->getStorageService(ssid.get());
+ string ssid = XMLHelper::getAttrString(e, nullptr, _StorageService);
+ if (!ssid.empty()) {
+ m_storage = conf.getServiceProvider()->getStorageService(ssid.c_str());
if (m_storage)
- m_log.info("bound to StorageService (%s)", ssid.get());
+ m_log.info("bound to StorageService (%s)", ssid.c_str());
}
if (!m_storage)
throw ConfigurationException("SessionCache unable to locate StorageService, check configuration.");
- tag = e ? e->getAttributeNS(nullptr,_StorageServiceLite) : nullptr;
- if (tag && *tag) {
- auto_ptr_char ssid(tag);
- m_storage_lite = conf.getServiceProvider()->getStorageService(ssid.get());
+ ssid = XMLHelper::getAttrString(e, nullptr, _StorageServiceLite);
+ if (!ssid.empty()) {
+ m_storage_lite = conf.getServiceProvider()->getStorageService(ssid.c_str());
if (m_storage_lite)
- m_log.info("bound to StorageServiceLite (%s)", ssid.get());
+ m_log.info("bound to StorageServiceLite (%s)", ssid.c_str());
}
if (!m_storage_lite) {
m_log.info("No StorageServiceLite specified. Using standard StorageService.");
m_storage_lite = m_storage;
}
- tag = e ? e->getAttributeNS(nullptr, cacheAssertions) : nullptr;
- if (tag && (*tag == chLatin_f || *tag == chDigit_0))
- m_cacheAssertions = false;
+
+ m_cacheAssertions = XMLHelper::getAttrBool(e, true, cacheAssertions);
}
#endif
ListenerService* listener=conf.getServiceProvider()->getListenerService(false);
- if (inproc ) {
+ if (inproc) {
if (!conf.isEnabled(SPConfig::OutOfProcess) && !listener)
throw ConfigurationException("SessionCache requires a ListenerService, but none available.");
m_lock = RWLock::create();
static const XMLCh _RuleRegex[] = UNICODE_LITERAL_9(R,u,l,e,R,e,g,e,x);
}
-Rule::Rule(const DOMElement* e)
+Rule::Rule(const DOMElement* e) : m_alias(XMLHelper::getAttrString(e, nullptr, require))
{
- auto_ptr_char req(e->getAttributeNS(nullptr,require));
- if (!req.get() || !*req.get())
+ if (m_alias.empty())
throw ConfigurationException("Access control rule missing require attribute");
- m_alias=req.get();
auto_arrayptr<char> vals(toUTF8(e->hasChildNodes() ? e->getFirstChild()->getNodeValue() : nullptr));
if (!vals.get())
return;
- const XMLCh* flag = e->getAttributeNS(nullptr,_list);
- if (flag && (*flag == chLatin_f || *flag == chDigit_0)) {
+ bool listflag = XMLHelper::getAttrBool(e, true, _list);
+ if (!listflag) {
if (*vals.get())
m_vals.push_back(vals.get());
return;
return shib_acl_false;
}
-RuleRegex::RuleRegex(const DOMElement* e) : m_exp(toUTF8(e->hasChildNodes() ? e->getFirstChild()->getNodeValue() : nullptr))
+RuleRegex::RuleRegex(const DOMElement* e)
+ : m_alias(XMLHelper::getAttrString(e, nullptr, require)),
+ m_exp(toUTF8(e->hasChildNodes() ? e->getFirstChild()->getNodeValue() : nullptr))
{
- auto_ptr_char req(e->getAttributeNS(nullptr,require));
- if (!req.get() || !*req.get() || !m_exp.get() || !*m_exp.get())
+ if (m_alias.empty() || !m_exp.get() || !*m_exp.get())
throw ConfigurationException("Access control rule missing require attribute or element content.");
- m_alias=req.get();
- const XMLCh* flag = e->getAttributeNS(nullptr,ignoreCase);
- bool ignore = (flag && (*flag == chLatin_t || *flag == chDigit_1));
+ bool ignore = XMLHelper::getAttrBool(e, false, ignoreCase);
try {
m_re = new RegularExpression(e->getFirstChild()->getNodeValue(), (ignore ? ignoreOption : &chNull));
}
else {
acl=XMLHelper::getFirstChildElement(e,AccessControlProvider);
if (acl) {
- auto_ptr_char type(acl->getAttributeNS(nullptr,_type));
- log.info("building AccessControl provider of type %s...",type.get());
- m_acl=SPConfig::getConfig().AccessControlManager.newPlugin(type.get(),acl);
+ string t(XMLHelper::getAttrString(acl, nullptr, _type));
+ if (!t.empty()) {
+ log.info("building AccessControl provider of type %s...", t.c_str());
+ m_acl = SPConfig::getConfig().AccessControlManager.newPlugin(t.c_str(), acl);
+ }
+ else {
+ throw ConfigurationException("<AccessControlProvider> missing type attribute.");
+ }
}
}
}
SAMLConfig& samlConf = SAMLConfig::getConfig();\r
e = XMLHelper::getFirstChildElement(e, Policy);\r
while (e) {\r
- auto_ptr_char id(e->getAttributeNS(nullptr, _id));\r
- pair< PropertySet*,vector<const SecurityPolicyRule*> >& rules = m_policyMap[id.get()];\r
+ string id(XMLHelper::getAttrString(e, nullptr, _id));\r
+ pair< PropertySet*,vector<const SecurityPolicyRule*> >& rules = m_policyMap[id];\r
rules.first = nullptr;\r
auto_ptr<DOMPropertySet> settings(new DOMPropertySet());\r
settings->load(e, nullptr, &filter);\r
// Process PolicyRule elements.\r
const DOMElement* rule = XMLHelper::getFirstChildElement(e, PolicyRule);\r
while (rule) {\r
- auto_ptr_char type(rule->getAttributeNS(nullptr, _type));\r
- try {\r
- rules.second.push_back(samlConf.SecurityPolicyRuleManager.newPlugin(type.get(), rule));\r
- }\r
- catch (exception& ex) {\r
- log.crit("error instantiating policy rule (%s) in policy (%s): %s", type.get(), id.get(), ex.what());\r
+ string t(XMLHelper::getAttrString(rule, nullptr, _type));\r
+ if (!t.empty()) {\r
+ try {\r
+ rules.second.push_back(samlConf.SecurityPolicyRuleManager.newPlugin(t.c_str(), rule));\r
+ }\r
+ catch (exception& ex) {\r
+ log.crit("error instantiating policy rule (%s) in policy (%s): %s", t.c_str(), id.c_str(), ex.what());\r
+ }\r
}\r
rule = XMLHelper::getNextSiblingElement(rule, PolicyRule);\r
}\r
log.warn("detected legacy Policy configuration, please convert to new PolicyRule syntax");\r
rule = XMLHelper::getFirstChildElement(e, Rule);\r
while (rule) {\r
- auto_ptr_char type(rule->getAttributeNS(nullptr, _type));\r
- try {\r
- rules.second.push_back(samlConf.SecurityPolicyRuleManager.newPlugin(type.get(), rule));\r
- }\r
- catch (exception& ex) {\r
- log.crit("error instantiating policy rule (%s) in policy (%s): %s", type.get(), id.get(), ex.what());\r
+ string t(XMLHelper::getAttrString(rule, nullptr, _type));\r
+ if (!t.empty()) {\r
+ try {\r
+ rules.second.push_back(samlConf.SecurityPolicyRuleManager.newPlugin(t.c_str(), rule));\r
+ }\r
+ catch (exception& ex) {\r
+ log.crit("error instantiating policy rule (%s) in policy (%s): %s", t.c_str(), id.c_str(), ex.what());\r
+ }\r
}\r
rule = XMLHelper::getNextSiblingElement(rule, Rule);\r
}\r
\r
// Manually add a basic Conditions rule.\r
- log.info("installing a default Conditions rule in policy (%s) for compatibility with legacy configuration", id.get());\r
+ log.info("installing a default Conditions rule in policy (%s) for compatibility with legacy configuration", id.c_str());\r
rules.second.push_back(samlConf.SecurityPolicyRuleManager.newPlugin(CONDITIONS_POLICY_RULE, nullptr));\r
}\r
\r
load(e,nullptr,this);
DOMElement* child;
- string plugtype;
// Much of the processing can only occur on the first instantiation.
if (first) {
// Instantiate the ListenerService and SessionCache objects.
if (conf.isEnabled(SPConfig::Listener)) {
- child=XMLHelper::getFirstChildElement(e,UnixListener);
+#ifdef WIN32
+ string plugtype(TCP_LISTENER_SERVICE);
+#else
+ string plugtype(UNIX_LISTENER_SERVICE);
+#endif
+ child = XMLHelper::getFirstChildElement(e, UnixListener);
if (child)
- plugtype=UNIX_LISTENER_SERVICE;
+ plugtype = UNIX_LISTENER_SERVICE;
else {
- child=XMLHelper::getFirstChildElement(e,TCPListener);
+ child = XMLHelper::getFirstChildElement(e, TCPListener);
if (child)
- plugtype=TCP_LISTENER_SERVICE;
+ plugtype = TCP_LISTENER_SERVICE;
else {
- child=XMLHelper::getFirstChildElement(e,Listener);
+ child = XMLHelper::getFirstChildElement(e, Listener);
if (child) {
- auto_ptr_char type(child->getAttributeNS(nullptr,_type));
- if (type.get())
- plugtype=type.get();
+ auto_ptr_char type(child->getAttributeNS(nullptr, _type));
+ if (type.get() && *type.get())
+ plugtype = type.get();
}
}
}
- if (child) {
- log.info("building ListenerService of type %s...", plugtype.c_str());
- m_outer->m_listener = conf.ListenerServiceManager.newPlugin(plugtype.c_str(), child);
- }
- else {
- log.fatal("can't build ListenerService, missing conf:Listener element?");
- throw ConfigurationException("Can't build ListenerService, missing conf:Listener element?");
- }
+
+ log.info("building ListenerService of type %s...", plugtype.c_str());
+ m_outer->m_listener = conf.ListenerServiceManager.newPlugin(plugtype.c_str(), child);
}
#ifndef SHIBSP_LITE
};
DynamicMetadataProvider::DynamicMetadataProvider(const DOMElement* e)
- : saml2md::DynamicMetadataProvider(e), m_verifyHost(true), m_ignoreTransport(false), m_encoded(true), m_trust(nullptr)
+ : saml2md::DynamicMetadataProvider(e),
+ m_verifyHost(XMLHelper::getAttrBool(e, true, verifyHost)),
+ m_ignoreTransport(XMLHelper::getAttrBool(e, false, ignoreTransport)),
+ m_encoded(true), m_trust(nullptr)
{
- const XMLCh* flag = e ? e->getAttributeNS(nullptr, verifyHost) : nullptr;
- if (flag && (*flag == chLatin_f || *flag == chDigit_0))
- m_verifyHost = false;
- flag = e ? e->getAttributeNS(nullptr, ignoreTransport) : nullptr;
- if (flag && (*flag == chLatin_t || *flag == chDigit_1)) {
- m_ignoreTransport = true;
- return;
- }
-
- const DOMElement* child = e ? XMLHelper::getFirstChildElement(e, Subst) : nullptr;
+ const DOMElement* child = XMLHelper::getFirstChildElement(e, Subst);
if (child && child->hasChildNodes()) {
auto_ptr_char s(child->getFirstChild()->getNodeValue());
if (s.get() && *s.get()) {
m_subst = s.get();
- flag = child->getAttributeNS(nullptr, encoded);
- if (flag && (*flag == chLatin_f || *flag == chDigit_0))
- m_encoded = false;
+ m_encoded = XMLHelper::getAttrBool(child, true, encoded);
}
}
if (m_subst.empty()) {
- child = e ? XMLHelper::getFirstChildElement(e, Regex) : nullptr;
+ child = XMLHelper::getFirstChildElement(e, Regex);
if (child && child->hasChildNodes() && child->hasAttributeNS(nullptr, match)) {
- auto_ptr_char m(child->getAttributeNS(nullptr, match));
+ m_match = XMLHelper::getAttrString(child, nullptr, match);
auto_ptr_char repl(child->getFirstChild()->getNodeValue());
- if (m.get() && *m.get() && repl.get() && *repl.get()) {
- m_match = m.get();
+ if (repl.get() && *repl.get())
m_regex = repl.get();
- }
}
}
- child = e ? XMLHelper::getFirstChildElement(e, _TrustEngine) : nullptr;
- auto_ptr_char t2(child ? child->getAttributeNS(nullptr,type) : nullptr);
- if (t2.get()) {
- TrustEngine* trust = XMLToolingConfig::getConfig().TrustEngineManager.newPlugin(t2.get(), child);
- if (!(m_trust = dynamic_cast<X509TrustEngine*>(trust))) {
- delete trust;
- throw ConfigurationException("DynamicMetadataProvider requires an X509TrustEngine plugin.");
+ if (!ignoreTransport) {
+ child = XMLHelper::getFirstChildElement(e, _TrustEngine);
+ string t = XMLHelper::getAttrString(child, nullptr, type);
+ if (!t.empty()) {
+ TrustEngine* trust = XMLToolingConfig::getConfig().TrustEngineManager.newPlugin(t.c_str(), child);
+ if (!(m_trust = dynamic_cast<X509TrustEngine*>(trust))) {
+ delete trust;
+ throw ConfigurationException("DynamicMetadataProvider requires an X509TrustEngine plugin.");
+ }
}
- return;
- }
- throw ConfigurationException("DynamicMetadataProvider requires an X509TrustEngine plugin unless ignoreTransport is true.");
+ if (!m_trust)
+ throw ConfigurationException("DynamicMetadataProvider requires an X509TrustEngine plugin unless ignoreTransport is true.");
+ }
}
saml2md::EntityDescriptor* DynamicMetadataProvider::resolve(const saml2md::MetadataProvider::Criteria& criteria) const
#include "internal.h"
#include "exceptions.h"
#include "ServiceProvider.h"
+#include "SPConfig.h"
#include "remoting/impl/SocketListener.h"
#include <errno.h>
#include <stack>
#include <sstream>
-#include <shibsp/SPConfig.h>
+
#include <xmltooling/util/NDC.h>
+#include <xmltooling/util/XMLHelper.h>
#ifndef WIN32
# include <netinet/in.h>
m_child_wait = CondWait::create();
static const XMLCh stackSize[] = UNICODE_LITERAL_9(s,t,a,c,k,S,i,z,e);
- const XMLCh* attr = e ? e->getAttributeNS(nullptr, stackSize) : nullptr;
- if (attr && *attr)
- m_stackSize = XMLString::parseInt(attr) * 1024;
+ m_stackSize = XMLHelper::getAttrInt(e, 0, stackSize) * 1024;
}
}
#include <xercesc/util/XMLUniDefs.hpp>
#include <xmltooling/unicode.h>
+#include <xmltooling/util/XMLHelper.h>
#ifdef HAVE_UNISTD_H
# include <sys/socket.h>
using namespace std;
namespace shibsp {
- static const XMLCh address[] = UNICODE_LITERAL_7(a,d,d,r,e,s,s);
- static const XMLCh port[] = UNICODE_LITERAL_4(p,o,r,t);
- static const XMLCh acl[] = UNICODE_LITERAL_3(a,c,l);
-
class TCPListener : virtual public SocketListener
{
public:
{
return new TCPListener(e);
}
+
+ static const XMLCh address[] = UNICODE_LITERAL_7(a,d,d,r,e,s,s);
+ static const XMLCh port[] = UNICODE_LITERAL_4(p,o,r,t);
+ static const XMLCh acl[] = UNICODE_LITERAL_3(a,c,l);
};
-TCPListener::TCPListener(const DOMElement* e) : SocketListener(e), m_address("127.0.0.1"), m_port(12345)
+TCPListener::TCPListener(const DOMElement* e)
+ : SocketListener(e), m_address(XMLHelper::getAttrString(e, "127.0.0.1", address)), m_port(XMLHelper::getAttrInt(e, 1600, port))
{
- // We're stateless, but we need to load the configuration.
- const XMLCh* tag=e->getAttributeNS(nullptr,address);
- if (tag && *tag) {
- auto_ptr_char a(tag);
- m_address=a.get();
- }
-
- tag=e->getAttributeNS(nullptr,port);
- if (tag && *tag) {
- m_port=XMLString::parseInt(tag);
- if (m_port==0)
- m_port=12345;
- }
-
- tag=e->getAttributeNS(nullptr,acl);
- if (tag && *tag) {
- auto_ptr_char temp(tag);
- string sockacl=temp.get();
- if (sockacl.length()) {
- int j = 0;
- for (unsigned int i=0; i < sockacl.length(); i++) {
- if (sockacl.at(i)==' ') {
- m_acl.insert(sockacl.substr(j, i-j));
- j = i+1;
- }
- }
- m_acl.insert(sockacl.substr(j, sockacl.length()-j));
+ int j = 0;
+ string sockacl = XMLHelper::getAttrString(e, "127.0.0.1", acl);
+ for (unsigned int i = 0; i < sockacl.length(); i++) {
+ if (sockacl.at(i) == ' ') {
+ m_acl.insert(sockacl.substr(j, i-j));
+ j = i+1;
}
}
- else
- m_acl.insert("127.0.0.1");
+ m_acl.insert(sockacl.substr(j, sockacl.length()-j));
}
void TCPListener::setup_tcp_sockaddr(struct sockaddr_in* addr) const
#include <xmltooling/XMLToolingConfig.h>
#include <xmltooling/unicode.h>
#include <xmltooling/util/PathResolver.h>
+#include <xmltooling/util/XMLHelper.h>
#ifdef HAVE_UNISTD_H
# include <sys/socket.h>
namespace shibsp {
- static const XMLCh address[] = UNICODE_LITERAL_7(a,d,d,r,e,s,s);
-
class UnixListener : virtual public SocketListener
{
public:
{
return new UnixListener(e);
}
+
+ static const XMLCh address[] = UNICODE_LITERAL_7(a,d,d,r,e,s,s);
};
-UnixListener::UnixListener(const DOMElement* e) : SocketListener(e), m_address("/var/run/shar-socket"), m_bound(false)
+UnixListener::UnixListener(const DOMElement* e)
+ : SocketListener(e), m_address(XMLHelper::getAttrString(e, "shibd.sock", address)), m_bound(false)
{
- const XMLCh* tag=e->getAttributeNS(nullptr,address);
- if (tag && *tag) {
- auto_ptr_char a(tag);
- m_address=a.get();
- XMLToolingConfig::getConfig().getPathResolver()->resolve(m_address, PathResolver::XMLTOOLING_RUN_FILE);
- }
+ XMLToolingConfig::getConfig().getPathResolver()->resolve(m_address, PathResolver::XMLTOOLING_RUN_FILE);
}
#ifndef UNIX_PATH_MAX
projects / shibboleth / cpp-sp.git / commitdiff