/*
* Copyright 2001-2007 Internet2
- *
+ *
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
/**
* AssertionLookup.cpp
- *
+ *
* Handler for looking assertions in SessionCache
*/
if (m_acl.count(request.getRemoteAddr()) == 0) {
m_log.error("request for assertion lookup blocked from invalid address (%s)", request.getRemoteAddr().c_str());
istringstream msg("Assertion Lookup Blocked");
- return make_pair(true,request.sendResponse(msg, HTTPResponse::XMLTOOLING_HTTP_STATUS_UNAUTHORIZED));
+ return make_pair(true,request.sendResponse(msg, HTTPResponse::XMLTOOLING_HTTP_STATUS_FORBIDDEN));
}
}
-
+
try {
if (conf.isEnabled(SPConfig::OutOfProcess)) {
// When out of process, we run natively and directly process the message.
// When not out of process, we remote all the message processing.
DDF out,in = wrap(request);
DDFJanitor jin(in), jout(out);
-
+
out=request.getServiceProvider().getListenerService()->send(in);
return unwrap(request, out);
}
m_log.error("couldn't find application (%s) for assertion lookup", aid ? aid : "(missing)");
throw ConfigurationException("Unable to locate application for assertion lookup, deleted?");
}
-
+
// Unpack the request.
auto_ptr<HTTPRequest> req(getRequest(in));
//m_log.debug("found %d client certificates", req->getClientCertificates().size());
DDF ret(NULL);
DDFJanitor jout(ret);
auto_ptr<HTTPResponse> resp(getResponse(ret));
-
+
// Since we're remoted, the result should either be a throw, a false/0 return,
// which we just return as an empty structure, or a response/redirect,
// which we capture in the facade and send back.
if (!m_acl.empty() && m_acl.count(request.getRemoteAddr()) == 0) {
m_log.error("request for metadata blocked from invalid address (%s)", request.getRemoteAddr().c_str());
istringstream msg("Metadata Request Blocked");
- return make_pair(true,request.sendResponse(msg, HTTPResponse::XMLTOOLING_HTTP_STATUS_UNAUTHORIZED));
+ return make_pair(true,request.sendResponse(msg, HTTPResponse::XMLTOOLING_HTTP_STATUS_FORBIDDEN));
}
}
/*
* Copyright 2001-2007 Internet2
- *
+ *
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
/**
* SessionHandler.cpp
- *
+ *
* Handler for dumping information about an active session.
*/
if (!m_acl.empty() && m_acl.count(request.getRemoteAddr()) == 0) {
m_log.error("session handler request blocked from invalid address (%s)", request.getRemoteAddr().c_str());
istringstream msg("Session Handler Blocked");
- return make_pair(true,request.sendResponse(msg, HTTPResponse::XMLTOOLING_HTTP_STATUS_UNAUTHORIZED));
+ return make_pair(true,request.sendResponse(msg, HTTPResponse::XMLTOOLING_HTTP_STATUS_FORBIDDEN));
}
stringstream s;
if (!m_values && !attributes.empty())
s << count << " value(s)" << endl;
-
+
s << "</pre></body></html>";
request.setContentType("text/html; charset=UTF-8");
request.setResponseHeader("Expires","01-Jan-1997 12:00:00 GMT");
/*
* Copyright 2001-2007 Internet2
- *
+ *
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
/**
* StatusHandler.cpp
- *
+ *
* Handler for exposing information about the internals of the SP.
*/
{
if (!m_parser)
m_parser=new CGIParser(*this);
-
+
pair<CGIParser::walker,CGIParser::walker> bounds=m_parser->getParameters(name);
return (bounds.first==bounds.second) ? NULL : bounds.first->second;
}
#ifndef XMLTOOLING_NO_XMLSEC
std::vector<XSECCryptoX509*>&
#else
- std::vector<std::string>&
+ std::vector<std::string>&
#endif
getClientCertificates() const {
return g_NoCerts;
if (!m_acl.empty() && m_acl.count(request.getRemoteAddr()) == 0) {
m_log.error("status handler request blocked from invalid address (%s)", request.getRemoteAddr().c_str());
istringstream msg("Status Handler Blocked");
- return make_pair(true,request.sendResponse(msg, HTTPResponse::XMLTOOLING_HTTP_STATUS_UNAUTHORIZED));
+ return make_pair(true,request.sendResponse(msg, HTTPResponse::XMLTOOLING_HTTP_STATUS_FORBIDDEN));
}
}
msg << "</StatusHandler>";
return make_pair(true,request.sendResponse(msg));
}
-
+
try {
if (conf.isEnabled(SPConfig::OutOfProcess)) {
// When out of process, we run natively and directly process the message.
else {
// When not out of process, we remote all the message processing.
DDF out,in = wrap(request);
- DDFJanitor jin(in), jout(out);
+ DDFJanitor jin(in), jout(out);
out=request.getServiceProvider().getListenerService()->send(in);
return unwrap(request, out);
}
m_log.error("couldn't find application (%s) for status request", aid ? aid : "(missing)");
throw ConfigurationException("Unable to locate application for status request, deleted?");
}
-
+
// Wrap a response shim.
DDF ret(NULL);
DDFJanitor jout(ret);
auto_ptr<HTTPRequest> req(getRequest(in));
auto_ptr<HTTPResponse> resp(getResponse(ret));
-
+
// Since we're remoted, the result should either be a throw, a false/0 return,
// which we just return as an empty structure, or a response/redirect,
// which we capture in the facade and send back.