elementFormDefault="qualified"\r
attributeFormDefault="unqualified"\r
blockDefault="substitution"\r
- version="2.0">\r
+ version="2.1">\r
\r
<import namespace="urn:oasis:names:tc:SAML:2.0:assertion" schemaLocation="saml-schema-assertion-2.0.xsd"/>\r
<import namespace="urn:oasis:names:tc:SAML:2.0:protocol" schemaLocation="saml-schema-protocol-2.0.xsd"/>\r
<attribute name="exportACL" type="conf:listOfStrings" default="127.0.0.1"/>\r
<attribute name="cookieName" type="conf:string"/>\r
<attribute name="cookieProps" type="conf:string"/>\r
+ <attribute name="cookieLifetime" type="unsignedInt"/>\r
<attribute name="idpHistory" type="boolean" default="false"/>\r
<attribute name="idpHistoryDays" type="unsignedInt"/>\r
<attribute name="lifetime" type="unsignedInt" default="28800"/>\r
/*
* Copyright 2001-2007 Internet2
- *
+ *
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
/**
* Application.cpp
- *
+ *
* Interface to a Shibboleth Application instance.
*/
delete m_lock;
}
-pair<string,const char*> Application::getCookieNameProps(const char* prefix) const
+pair<string,const char*> Application::getCookieNameProps(const char* prefix, time_t* lifetime) const
{
static const char* defProps="; path=/";
-
+
+ if (lifetime)
+ *lifetime = 0;
const PropertySet* props=getPropertySet("Sessions");
if (props) {
+ if (lifetime) {
+ pair<bool,unsigned int> lt = props->getUnsignedInt("cookieLifetime");
+ if (lt.first)
+ *lifetime = lt.second;
+ }
pair<bool,const char*> p=props->getString("cookieProps");
if (!p.first)
p.second=defProps;
return make_pair(string(prefix) + p2.second,p.second);
return make_pair(string(prefix) + getHash(),p.second);
}
-
+
// Shouldn't happen, but just in case..
return pair<string,const char*>(prefix,defProps);
}
* Returns the name and cookie properties to use for this Application.
*
* @param prefix a value to prepend to the base cookie name
+ * @param lifetime if non-null, will be populated with a suggested lifetime for the cookie, or 0 if session-bound
* @return a pair containing the cookie name and the string to append to the cookie value
*/
- virtual std::pair<std::string,const char*> getCookieNameProps(const char* prefix) const;
+ virtual std::pair<std::string,const char*> getCookieNameProps(const char* prefix, time_t* lifetime=NULL) const;
#ifndef SHIBSP_LITE
/**
if (response) {
pair<string,const char*> shib_cookie = application.getCookieNameProps("_shibsession_");
string exp(shib_cookie.second);
- exp += "; expires=Mon, 01-Jan-2001 00:00:00 GMT";
+ exp += "; expires=Mon, 01 Jan 2001 00:00:00 GMT";
response->setCookie(shib_cookie.first.c_str(), exp.c_str());
}
}
if (response) {
pair<string,const char*> shib_cookie = application.getCookieNameProps("_shibsession_");
string exp(shib_cookie.second);
- exp += "; expires=Mon, 01-Jan-2001 00:00:00 GMT";
+ exp += "; expires=Mon, 01 Jan 2001 00:00:00 GMT";
response->setCookie(shib_cookie.first.c_str(), exp.c_str());
}
throw;
if (session_id && *session_id) {
if (response) {
string exp(shib_cookie.second);
- exp += "; expires=Mon, 01-Jan-2001 00:00:00 GMT";
+ exp += "; expires=Mon, 01 Jan 2001 00:00:00 GMT";
response->setCookie(shib_cookie.first.c_str(), exp.c_str());
}
remove(application, session_id);
xlog->log.info("}");
}
- pair<string,const char*> shib_cookie = application.getCookieNameProps("_shibsession_");
+ time_t cookieLifetime = 0;
+ pair<string,const char*> shib_cookie = application.getCookieNameProps("_shibsession_", &cookieLifetime);
string k(key.get());
k += shib_cookie.second;
+
+ if (cookieLifetime > 0) {
+ cookieLifetime += now;
+#ifndef HAVE_GMTIME_R
+ ptime=gmtime(&cookieLifetime);
+#else
+ ptime=gmtime_r(&cookieLifetime,&res);
+#endif
+ char cookietimebuf[64];
+ strftime(cookietimebuf,64,"; expires=%a, %d %b %Y %H:%M:%S GMT",ptime);
+ k += cookietimebuf;
+ }
+
httpResponse.setCookie(shib_cookie.first.c_str(), k.c_str());
}
projects / shibboleth / cpp-sp.git / commitdiff