Move config logic into an "XML" SP plugin, divorce shibd and modules from old libs.

diff --git a/Shibboleth.sln b/Shibboleth.sln
index beabdcc..fdedcf9 100644 (file)
--- a/Shibboleth.sln
+++ b/Shibboleth.sln
@@ -1,36 +1,52 @@
 Microsoft Visual Studio Solution File, Format Version 9.00
 # Visual Studio 2005
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "isapi_shib", "isapi_shib\isapi_shib.vcproj", "{87C25D4E-8D19-4513-B0BA-BC668BC2DEE3}"
+       ProjectSection(WebsiteProperties) = preProject
+               Debug.AspNetCompiler.Debug = "True"
+               Release.AspNetCompiler.Debug = "False"
+       EndProjectSection
        ProjectSection(ProjectDependencies) = postProject
                {81F0F7A6-DC36-46EF-957F-F9E81D4403F6} = {81F0F7A6-DC36-46EF-957F-F9E81D4403F6}
-               {84890110-2190-4AAE-9BDC-58F90DF71E4F} = {84890110-2190-4AAE-9BDC-58F90DF71E4F}
-               {E6CAB6C8-1D73-4410-970A-52BF9EC57810} = {E6CAB6C8-1D73-4410-970A-52BF9EC57810}
        EndProjectSection
 EndProject
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "isapi_shib_gui", "isapi_shib_gui\isapi_shib_gui.vcproj", "{D341DCD8-7DCD-43A2-8559-C07DAB838711}"
+       ProjectSection(WebsiteProperties) = preProject
+               Debug.AspNetCompiler.Debug = "True"
+               Release.AspNetCompiler.Debug = "False"
+       EndProjectSection
 EndProject
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "mod_shib13", "apache\mod_shib13.vcproj", "{D243B43E-728E-4F32-BDFF-B3A897037C6D}"
+       ProjectSection(WebsiteProperties) = preProject
+               Debug.AspNetCompiler.Debug = "True"
+               Release.AspNetCompiler.Debug = "False"
+       EndProjectSection
        ProjectSection(ProjectDependencies) = postProject
                {81F0F7A6-DC36-46EF-957F-F9E81D4403F6} = {81F0F7A6-DC36-46EF-957F-F9E81D4403F6}
-               {84890110-2190-4AAE-9BDC-58F90DF71E4F} = {84890110-2190-4AAE-9BDC-58F90DF71E4F}
-               {E6CAB6C8-1D73-4410-970A-52BF9EC57810} = {E6CAB6C8-1D73-4410-970A-52BF9EC57810}
        EndProjectSection
 EndProject
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "mod_shib20", "apache\mod_shib20.vcproj", "{68E9568B-476C-4289-B93C-893432378ADC}"
+       ProjectSection(WebsiteProperties) = preProject
+               Debug.AspNetCompiler.Debug = "True"
+               Release.AspNetCompiler.Debug = "False"
+       EndProjectSection
        ProjectSection(ProjectDependencies) = postProject
                {81F0F7A6-DC36-46EF-957F-F9E81D4403F6} = {81F0F7A6-DC36-46EF-957F-F9E81D4403F6}
-               {84890110-2190-4AAE-9BDC-58F90DF71E4F} = {84890110-2190-4AAE-9BDC-58F90DF71E4F}
-               {E6CAB6C8-1D73-4410-970A-52BF9EC57810} = {E6CAB6C8-1D73-4410-970A-52BF9EC57810}
        EndProjectSection
 EndProject
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "nsapi_shib", "nsapi_shib\nsapi_shib.vcproj", "{1396D80A-8672-4224-9B02-95F3F4207CDB}"
+       ProjectSection(WebsiteProperties) = preProject
+               Debug.AspNetCompiler.Debug = "True"
+               Release.AspNetCompiler.Debug = "False"
+       EndProjectSection
        ProjectSection(ProjectDependencies) = postProject
-               {E6CAB6C8-1D73-4410-970A-52BF9EC57810} = {E6CAB6C8-1D73-4410-970A-52BF9EC57810}
                {81F0F7A6-DC36-46EF-957F-F9E81D4403F6} = {81F0F7A6-DC36-46EF-957F-F9E81D4403F6}
-               {84890110-2190-4AAE-9BDC-58F90DF71E4F} = {84890110-2190-4AAE-9BDC-58F90DF71E4F}
        EndProjectSection
 EndProject
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "posttest", "posttest\posttest.vcproj", "{16E70C47-789E-43D5-AFDF-964D386C3CB5}"
+       ProjectSection(WebsiteProperties) = preProject
+               Debug.AspNetCompiler.Debug = "True"
+               Release.AspNetCompiler.Debug = "False"
+       EndProjectSection
        ProjectSection(ProjectDependencies) = postProject
                {E6CAB6C8-1D73-4410-970A-52BF9EC57810} = {E6CAB6C8-1D73-4410-970A-52BF9EC57810}
                {81F0F7A6-DC36-46EF-957F-F9E81D4403F6} = {81F0F7A6-DC36-46EF-957F-F9E81D4403F6}
@@ -38,20 +54,35 @@ Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "posttest", "posttest\postte
        EndProjectSection
 EndProject
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "shar", "shar\shar.vcproj", "{F13141B5-6C87-40BB-8D4E-5CC56EBB4C59}"
+       ProjectSection(WebsiteProperties) = preProject
+               Debug.AspNetCompiler.Debug = "True"
+               Release.AspNetCompiler.Debug = "False"
+       EndProjectSection
        ProjectSection(ProjectDependencies) = postProject
                {81F0F7A6-DC36-46EF-957F-F9E81D4403F6} = {81F0F7A6-DC36-46EF-957F-F9E81D4403F6}
-               {84890110-2190-4AAE-9BDC-58F90DF71E4F} = {84890110-2190-4AAE-9BDC-58F90DF71E4F}
        EndProjectSection
 EndProject
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "shib", "shib\shib.vcproj", "{E6CAB6C8-1D73-4410-970A-52BF9EC57810}"
+       ProjectSection(WebsiteProperties) = preProject
+               Debug.AspNetCompiler.Debug = "True"
+               Release.AspNetCompiler.Debug = "False"
+       EndProjectSection
 EndProject
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "shibtarget", "shib-target\shibtarget.vcproj", "{84890110-2190-4AAE-9BDC-58F90DF71E4F}"
+       ProjectSection(WebsiteProperties) = preProject
+               Debug.AspNetCompiler.Debug = "True"
+               Release.AspNetCompiler.Debug = "False"
+       EndProjectSection
        ProjectSection(ProjectDependencies) = postProject
                {E6CAB6C8-1D73-4410-970A-52BF9EC57810} = {E6CAB6C8-1D73-4410-970A-52BF9EC57810}
                {81F0F7A6-DC36-46EF-957F-F9E81D4403F6} = {81F0F7A6-DC36-46EF-957F-F9E81D4403F6}
        EndProjectSection
 EndProject
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "shibtest", "shibtest\shibtest.vcproj", "{67AF22A3-C26E-40BE-B0CA-2ABEE5123763}"
+       ProjectSection(WebsiteProperties) = preProject
+               Debug.AspNetCompiler.Debug = "True"
+               Release.AspNetCompiler.Debug = "False"
+       EndProjectSection
        ProjectSection(ProjectDependencies) = postProject
                {84890110-2190-4AAE-9BDC-58F90DF71E4F} = {84890110-2190-4AAE-9BDC-58F90DF71E4F}
                {E6CAB6C8-1D73-4410-970A-52BF9EC57810} = {E6CAB6C8-1D73-4410-970A-52BF9EC57810}
@@ -59,8 +90,16 @@ Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "shibtest", "shibtest\shibte
        EndProjectSection
 EndProject
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "siterefresh", "siterefresh\siterefresh.vcproj", "{4D02F36E-D2CD-4FD1-AC50-2941E27BB3FB}"
+       ProjectSection(WebsiteProperties) = preProject
+               Debug.AspNetCompiler.Debug = "True"
+               Release.AspNetCompiler.Debug = "False"
+       EndProjectSection
 EndProject
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "testclient", "shar\testclient.vcproj", "{B3F1E899-86F9-4D3A-8026-B57D1A5B90B1}"
+       ProjectSection(WebsiteProperties) = preProject
+               Debug.AspNetCompiler.Debug = "True"
+               Release.AspNetCompiler.Debug = "False"
+       EndProjectSection
        ProjectSection(ProjectDependencies) = postProject
                {E6CAB6C8-1D73-4410-970A-52BF9EC57810} = {E6CAB6C8-1D73-4410-970A-52BF9EC57810}
                {81F0F7A6-DC36-46EF-957F-F9E81D4403F6} = {81F0F7A6-DC36-46EF-957F-F9E81D4403F6}
@@ -68,21 +107,43 @@ Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "testclient", "shar\testclie
        EndProjectSection
 EndProject
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "mod_shib22", "apache\mod_shib22.vcproj", "{B44C0852-83B8-4FB2-A86E-097C9C8256D0}"
+       ProjectSection(WebsiteProperties) = preProject
+               Debug.AspNetCompiler.Debug = "True"
+               Release.AspNetCompiler.Debug = "False"
+       EndProjectSection
        ProjectSection(ProjectDependencies) = postProject
                {81F0F7A6-DC36-46EF-957F-F9E81D4403F6} = {81F0F7A6-DC36-46EF-957F-F9E81D4403F6}
-               {84890110-2190-4AAE-9BDC-58F90DF71E4F} = {84890110-2190-4AAE-9BDC-58F90DF71E4F}
-               {E6CAB6C8-1D73-4410-970A-52BF9EC57810} = {E6CAB6C8-1D73-4410-970A-52BF9EC57810}
        EndProjectSection
 EndProject
 Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Server Modules", "Server Modules", "{26BA8F84-6E42-41FA-9B13-5D3F4B5B2050}"
+       ProjectSection(WebsiteProperties) = preProject
+               Debug.AspNetCompiler.Debug = "True"
+               Release.AspNetCompiler.Debug = "False"
+       EndProjectSection
 EndProject
 Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Extensions", "Extensions", "{96AE4FC9-45EF-4C18-9F3B-EDA439E26E4C}"
+       ProjectSection(WebsiteProperties) = preProject
+               Debug.AspNetCompiler.Debug = "True"
+               Release.AspNetCompiler.Debug = "False"
+       EndProjectSection
 EndProject
 Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Utilities", "Utilities", "{FED80230-119E-4B2F-9F53-D2660A5F022B}"
+       ProjectSection(WebsiteProperties) = preProject
+               Debug.AspNetCompiler.Debug = "True"
+               Release.AspNetCompiler.Debug = "False"
+       EndProjectSection
 EndProject
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "odbc-store", "odbc-store\odbc-store.vcproj", "{666A63A7-983F-4C19-8411-207F24305197}"
+       ProjectSection(WebsiteProperties) = preProject
+               Debug.AspNetCompiler.Debug = "True"
+               Release.AspNetCompiler.Debug = "False"
+       EndProjectSection
 EndProject
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "shibsp", "shibsp\shibsp.vcproj", "{81F0F7A6-DC36-46EF-957F-F9E81D4403F6}"
+       ProjectSection(WebsiteProperties) = preProject
+               Debug.AspNetCompiler.Debug = "True"
+               Release.AspNetCompiler.Debug = "False"
+       EndProjectSection
 EndProject
 Global
        GlobalSection(SolutionConfigurationPlatforms) = preSolution

diff --git a/apache/mod_apache.cpp b/apache/mod_apache.cpp
index 5acfaf5..1b4f190 100644 (file)
--- a/apache/mod_apache.cpp
+++ b/apache/mod_apache.cpp
@@ -36,12 +36,15 @@
 #include <shibsp/exceptions.h>
 #include <shibsp/RequestMapper.h>
 #include <shibsp/SPConfig.h>
+#include <shibsp/ServiceProvider.h>
+#include <shibsp/SessionCache.h>
 #include <shibsp/attribute/Attribute.h>
 
-#include <shib-target/shib-target.h>
 #include <xercesc/util/regx/RegularExpression.hpp>
+#include <xmltooling/XMLToolingConfig.h>
 #include <xmltooling/util/NDC.h>
 #include <xmltooling/util/Threads.h>
+#include <xmltooling/util/XMLHelper.h>
 
 #ifdef WIN32
 # include <winsock.h>
@@ -78,11 +81,12 @@ using namespace std;
 extern "C" module MODULE_VAR_EXPORT mod_shib;
 
 namespace {
-    char* g_szSHIBConfig = NULL;
-    char* g_szSchemaDir = NULL;
-    shibtarget::ShibTargetConfig* g_Config = NULL;
+    char* g_szSHIBConfig = SHIBSP_CONFIG;
+    char* g_szSchemaDir = SHIBSP_SCHEMAS;
+    SPConfig* g_Config = NULL;
     string g_unsetHeaderValue;
     static const char* g_UserDataKey = "_shib_check_user_";
+    static const XMLCh path[] = UNICODE_LITERAL_4(p,a,t,h);
 }
 
 /* Apache 2.2.x headers must be accumulated and set in the output filter.
@@ -920,7 +924,7 @@ bool htAccessControl::authorized(const SPRequest& request, const Session* sessio
 extern "C" apr_status_t shib_exit(void* data)
 {
     if (g_Config) {
-        g_Config->shutdown();
+        g_Config->term();
         g_Config = NULL;
     }
     ap_log_error(APLOG_MARK,APLOG_DEBUG|APLOG_NOERRNO,0,NULL,"shib_exit() done");
@@ -977,7 +981,7 @@ extern "C" apr_status_t shib_child_exit(void* data)
 #endif
 
     ap_log_error(APLOG_MARK,APLOG_DEBUG|APLOG_NOERRNO,SH_AP_R(s),"shib_child_exit(%d) dealing with g_Config..", (int)getpid());
-    g_Config->shutdown();
+    g_Config->term();
     g_Config = NULL;
     ap_log_error(APLOG_MARK,APLOG_DEBUG|APLOG_NOERRNO,SH_AP_R(s),"shib_child_exit() done");
 
@@ -1006,43 +1010,47 @@ extern "C" void shib_child_init(apr_pool_t* p, server_rec* s)
         exit(1);
     }
 
+    g_Config=&SPConfig::getConfig();
+    g_Config->setFeatures(
+        SPConfig::Caching |
+        SPConfig::Listener |
+        SPConfig::Metadata |
+        SPConfig::RequestMapping |
+        SPConfig::InProcess |
+        SPConfig::Logging
+        );
+    if (!g_Config->init(g_szSchemaDir)) {
+        ap_log_error(APLOG_MARK,APLOG_CRIT|APLOG_NOERRNO,SH_AP_R(s),"shib_child_init() failed to initialize libraries");
+        exit(1);
+    }
+    g_Config->AccessControlManager.registerFactory(HT_ACCESS_CONTROL,&htAccessFactory);
+    g_Config->RequestMapperManager.registerFactory(NATIVE_REQUEST_MAPPER,&ApacheRequestMapFactory);
+    
     try {
-        g_Config=&shibtarget::ShibTargetConfig::getConfig();
-        SPConfig::getConfig().setFeatures(
-            SPConfig::Caching |
-            SPConfig::Listener |
-            SPConfig::Metadata |
-            SPConfig::AAP |
-            SPConfig::RequestMapping |
-            SPConfig::InProcess |
-            SPConfig::Logging
-            );
-        if (!g_Config->init(g_szSchemaDir)) {
-            ap_log_error(APLOG_MARK,APLOG_CRIT|APLOG_NOERRNO,SH_AP_R(s),"shib_child_init() failed to initialize libraries");
-            exit(1);
-        }
-        SPConfig::getConfig().AccessControlManager.registerFactory(HT_ACCESS_CONTROL,&htAccessFactory);
-        SPConfig::getConfig().RequestMapperManager.registerFactory(NATIVE_REQUEST_MAPPER,&ApacheRequestMapFactory);
-        
-        if (!g_Config->load(g_szSHIBConfig)) {
-            ap_log_error(APLOG_MARK,APLOG_CRIT|APLOG_NOERRNO,SH_AP_R(s),"shib_child_init() failed to load configuration");
-            exit(1);
-        }
-
-        ServiceProvider* conf=SPConfig::getConfig().getServiceProvider();
-        xmltooling::Locker locker(conf);
-        const PropertySet* props=conf->getPropertySet("Local");
-        if (props) {
-            pair<bool,const char*> unsetValue=props->getString("unsetHeaderValue");
-            if (unsetValue.first)
-                g_unsetHeaderValue = unsetValue.second;
-        }
+        DOMDocument* dummydoc=XMLToolingConfig::getConfig().getParser().newDocument();
+        XercesJanitor<DOMDocument> docjanitor(dummydoc);
+        DOMElement* dummy = dummydoc->createElementNS(NULL,path);
+        auto_ptr_XMLCh src(g_szSHIBConfig);
+        dummy->setAttributeNS(NULL,path,src.get());
+
+        g_Config->setServiceProvider(g_Config->ServiceProviderManager.newPlugin(XML_SERVICE_PROVIDER,dummy));
+        g_Config->getServiceProvider()->init();
     }
-    catch (...) {
-        ap_log_error(APLOG_MARK,APLOG_CRIT|APLOG_NOERRNO,SH_AP_R(s),"shib_child_init() failed to initialize system");
+    catch (exception& ex) {
+        ap_log_error(APLOG_MARK,APLOG_CRIT|APLOG_NOERRNO,SH_AP_R(s),ex.what());
+        ap_log_error(APLOG_MARK,APLOG_CRIT|APLOG_NOERRNO,SH_AP_R(s),"shib_child_init() failed to load configuration");
         exit(1);
     }
 
+    ServiceProvider* sp=g_Config->getServiceProvider();
+    xmltooling::Locker locker(sp);
+    const PropertySet* props=sp->getPropertySet("Local");
+    if (props) {
+        pair<bool,const char*> unsetValue=props->getString("unsetHeaderValue");
+        if (unsetValue.first)
+            g_unsetHeaderValue = unsetValue.second;
+    }
+
     // Set the cleanup handler
     apr_pool_cleanup_register(p, NULL, &shib_exit, &shib_child_exit);
 

diff --git a/isapi_shib/isapi_shib.cpp b/isapi_shib/isapi_shib.cpp
index d14c932..d67aad2 100644 (file)
--- a/isapi_shib/isapi_shib.cpp
+++ b/isapi_shib/isapi_shib.cpp
@@ -27,10 +27,14 @@
 
 #include <shibsp/AbstractSPRequest.h>
 #include <shibsp/SPConfig.h>
+#include <shibsp/ServiceProvider.h>
+#include <xmltooling/unicode.h>
+#include <xmltooling/XMLToolingConfig.h>
 #include <xmltooling/util/NDC.h>
+#include <xmltooling/util/XMLHelper.h>
+#include <xercesc/util/XMLUniDefs.hpp>
 
-#include <shib-target/shib-target.h>
-
+#include <set>
 #include <sstream>
 #include <fstream>
 #include <process.h>
@@ -40,10 +44,12 @@
 
 using namespace shibsp;
 using namespace xmltooling;
+using namespace xercesc;
 using namespace std;
 
 // globals
 namespace {
+    static const XMLCh path[] =             UNICODE_LITERAL_4(p,a,t,h);
     static const XMLCh name[] =             UNICODE_LITERAL_4(n,a,m,e);
     static const XMLCh port[] =             UNICODE_LITERAL_4(p,o,r,t);
     static const XMLCh sslport[] =          UNICODE_LITERAL_7(s,s,l,p,o,r,t);
@@ -80,7 +86,7 @@ namespace {
     };
     
     HINSTANCE g_hinstDLL;
-    shibtarget::ShibTargetConfig* g_Config = NULL;
+    SPConfig* g_Config = NULL;
     map<string,site_t> g_Sites;
     bool g_bNormalizeRequest = true;
 }
@@ -137,65 +143,65 @@ extern "C" BOOL WINAPI GetFilterVersion(PHTTP_FILTER_VERSION pVer)
         return TRUE;
     }
 
-#ifndef _DEBUG
-    try
-    {
-#endif
-        LPCSTR schemadir=getenv("SHIBSCHEMAS");
-        if (!schemadir)
-            schemadir=SHIB_SCHEMAS;
-        LPCSTR config=getenv("SHIBCONFIG");
-        if (!config)
-            config=SHIB_CONFIG;
-        g_Config=&shibtarget::ShibTargetConfig::getConfig();
-        SPConfig::getConfig().setFeatures(
-            SPConfig::Listener |
-            SPConfig::Caching |
-            SPConfig::Metadata |
-            SPConfig::AAP |
-            SPConfig::RequestMapping |
-            SPConfig::InProcess |
-            SPConfig::Logging
-            );
-        if (!g_Config->init(schemadir)) {
-            g_Config=NULL;
-            LogEvent(NULL, EVENTLOG_ERROR_TYPE, 2100, NULL,
-                    "Filter startup failed during library initialization, check native log for help.");
-            return FALSE;
-        }
-        else if (!g_Config->load(config)) {
-            g_Config=NULL;
-            LogEvent(NULL, EVENTLOG_ERROR_TYPE, 2100, NULL,
-                    "Filter startup failed to load configuration, check native log for help.");
-            return FALSE;
-        }
-        
-        // Access the implementation-specifics for site mappings.
-        ServiceProvider* conf=SPConfig::getConfig().getServiceProvider();
-        xmltooling::Locker locker(conf);
-        const PropertySet* props=conf->getPropertySet("Local");
-        if (props) {
-            const DOMElement* impl=XMLHelper::getFirstChildElement(props->getElement(),Implementation);
-            if (impl && (impl=XMLHelper::getFirstChildElement(impl,ISAPI))) {
-                const XMLCh* flag=impl->getAttributeNS(NULL,normalizeRequest);
-                g_bNormalizeRequest=(!flag || !*flag || *flag==chDigit_1 || *flag==chLatin_t);
-                impl=XMLHelper::getFirstChildElement(impl,Site);
-                while (impl) {
-                    auto_ptr_char id(impl->getAttributeNS(NULL,id));
-                    if (id.get())
-                        g_Sites.insert(pair<string,site_t>(id.get(),site_t(impl)));
-                    impl=XMLHelper::getNextSiblingElement(impl,Site);
-                }
-            }
-        }
-#ifndef _DEBUG
+    LPCSTR schemadir=getenv("SHIBSCHEMAS");
+    if (!schemadir)
+        schemadir=SHIBSP_SCHEMAS;
+    LPCSTR config=getenv("SHIBCONFIG");
+    if (!config)
+        config=SHIBSP_CONFIG;
+    g_Config=&SPConfig::getConfig();
+    g_Config->setFeatures(
+        SPConfig::Listener |
+        SPConfig::Caching |
+        SPConfig::Metadata |
+        SPConfig::RequestMapping |
+        SPConfig::InProcess |
+        SPConfig::Logging
+        );
+    if (!g_Config->init(schemadir)) {
+        g_Config=NULL;
+        LogEvent(NULL, EVENTLOG_ERROR_TYPE, 2100, NULL,
+                "Filter startup failed during library initialization, check native log for help.");
+        return FALSE;
     }
-    catch (...)
-    {
-        LogEvent(NULL, EVENTLOG_ERROR_TYPE, 2100, NULL, "Filter startup failed with an exception.");
+
+    try {
+        DOMDocument* dummydoc=XMLToolingConfig::getConfig().getParser().newDocument();
+        XercesJanitor<DOMDocument> docjanitor(dummydoc);
+        DOMElement* dummy = dummydoc->createElementNS(NULL,path);
+        auto_ptr_XMLCh src(config);
+        dummy->setAttributeNS(NULL,path,src.get());
+
+        g_Config->setServiceProvider(g_Config->ServiceProviderManager.newPlugin(XML_SERVICE_PROVIDER,dummy));
+        g_Config->getServiceProvider()->init();
+    }
+    catch (exception& ex) {
+        g_Config->term();
+        g_Config=NULL;
+        LogEvent(NULL, EVENTLOG_ERROR_TYPE, 2100, NULL, ex.what());
+        LogEvent(NULL, EVENTLOG_ERROR_TYPE, 2100, NULL,
+                "Filter startup failed to load configuration, check native log for details.");
         return FALSE;
     }
-#endif
+    
+    // Access the implementation-specifics for site mappings.
+    ServiceProvider* sp=g_Config->getServiceProvider();
+    xmltooling::Locker locker(sp);
+    const PropertySet* props=sp->getPropertySet("Local");
+    if (props) {
+        const DOMElement* impl=XMLHelper::getFirstChildElement(props->getElement(),Implementation);
+        if (impl && (impl=XMLHelper::getFirstChildElement(impl,ISAPI))) {
+            const XMLCh* flag=impl->getAttributeNS(NULL,normalizeRequest);
+            g_bNormalizeRequest=(!flag || !*flag || *flag==chDigit_1 || *flag==chLatin_t);
+            impl=XMLHelper::getFirstChildElement(impl,Site);
+            while (impl) {
+                auto_ptr_char id(impl->getAttributeNS(NULL,id));
+                if (id.get())
+                    g_Sites.insert(pair<string,site_t>(id.get(),site_t(impl)));
+                impl=XMLHelper::getNextSiblingElement(impl,Site);
+            }
+        }
+    }
 
     pVer->dwFilterVersion=HTTP_FILTER_REVISION;
     strncpy(pVer->lpszFilterDesc,"Shibboleth ISAPI Filter",SF_MAX_FILTER_DESC_LEN);
@@ -211,7 +217,7 @@ extern "C" BOOL WINAPI GetFilterVersion(PHTTP_FILTER_VERSION pVer)
 extern "C" BOOL WINAPI TerminateFilter(DWORD)
 {
     if (g_Config)
-        g_Config->shutdown();
+        g_Config->term();
     g_Config = NULL;
     LogEvent(NULL, EVENTLOG_INFORMATION_TYPE, 7701, NULL, "Filter shut down...");
     return TRUE;
@@ -497,8 +503,8 @@ public:
   }
   
   // The filter never processes the POST, so stub these methods.
-  const char* getQueryString() const { throw runtime_error("getQueryString not implemented"); }
-  const char* getRequestBody() const { throw runtime_error("getRequestBody not implemented"); }
+  const char* getQueryString() const { throw IOException("getQueryString not implemented"); }
+  const char* getRequestBody() const { throw IOException("getRequestBody not implemented"); }
 };
 
 DWORD WriteClientError(PHTTP_FILTER_CONTEXT pfc, const char* msg)
@@ -756,7 +762,7 @@ public:
         DWORD buflen=8192;
         BOOL ret = m_lpECB->ReadClient(m_lpECB->ConnID, buf, &buflen);
         if (!ret || !buflen)
-            throw saml::SAMLException("Error reading POST request body from browser.");
+            throw IOException("Error reading POST request body from browser.");
         m_body.append(buf, buflen);
         datalen-=buflen;
       }

diff --git a/nsapi_shib/nsapi_shib.cpp b/nsapi_shib/nsapi_shib.cpp
index 1b3891f..9e35a83 100644 (file)
--- a/nsapi_shib/nsapi_shib.cpp
+++ b/nsapi_shib/nsapi_shib.cpp
@@ -34,10 +34,12 @@
 #include <shibsp/AbstractSPRequest.h>
 #include <shibsp/RequestMapper.h>
 #include <shibsp/SPConfig.h>
+#include <shibsp/ServiceProvider.h>
+#include <xmltooling/XMLToolingConfig.h>
 #include <xmltooling/util/NDC.h>
 #include <xmltooling/util/Threads.h>
-
-#include <shib-target/shib-target.h>
+#include <xmltooling/util/XMLHelper.h>
+#include <xercesc/util/XMLUniDefs.hpp>
 
 #include <fstream>
 #include <sstream>
@@ -66,10 +68,12 @@ using namespace std;
     if (IO_ERROR==net_write(sn->csd,str,strlen(str))) return REQ_EXIT
 
 namespace {
-    shibtarget::ShibTargetConfig* g_Config=NULL;
+    SPConfig* g_Config=NULL;
     string g_ServerName;
     string g_ServerScheme;
     string g_unsetHeaderValue;
+
+    static const XMLCh path[] =             UNICODE_LITERAL_4(p,a,t,h);
 }
 
 PluginManager<RequestMapper,const DOMElement*>::Factory SunRequestMapFactory;
@@ -77,7 +81,7 @@ PluginManager<RequestMapper,const DOMElement*>::Factory SunRequestMapFactory;
 extern "C" NSAPI_PUBLIC void nsapi_shib_exit(void*)
 {
     if (g_Config)
-        g_Config->shutdown();
+        g_Config->term();
     g_Config = NULL;
 }
 
@@ -109,61 +113,60 @@ extern "C" NSAPI_PUBLIC int nsapi_shib_init(pblock* pb, ::Session* sn, Request*
 
     log_error(LOG_INFORM,"nsapi_shib_init",sn,rq,"nsapi_shib loaded for host (%s)",g_ServerName.c_str());
 
-#ifndef _DEBUG
-    try {
-#endif
-        const char* schemadir=pblock_findval("shib-schemas",pb);
-        if (!schemadir)
-            schemadir=getenv("SHIBSCHEMAS");
-        if (!schemadir)
-            schemadir=SHIB_SCHEMAS;
-        const char* config=pblock_findval("shib-config",pb);
-        if (!config)
-            config=getenv("SHIBCONFIG");
-        if (!config)
-            config=SHIB_CONFIG;
-        g_Config=&shibtarget::ShibTargetConfig::getConfig();
-        SPConfig::getConfig().setFeatures(
-            SPConfig::Listener |
-            SPConfig::Caching |
-            SPConfig::Metadata |
-            SPConfig::AAP |
-            SPConfig::RequestMapping |
-            SPConfig::InProcess |
-            SPConfig::Logging
-            );
-        if (!g_Config->init(schemadir)) {
-            g_Config=NULL;
-            pblock_nvinsert("error","unable to initialize Shibboleth libraries",pb);
-            return REQ_ABORTED;
-        }
-
-        SPConfig::getConfig().RequestMapperManager.registerFactory(XML_REQUEST_MAPPER,&SunRequestMapFactory);
-
-        if (!g_Config->load(config)) {
-            g_Config=NULL;
-            pblock_nvinsert("error","unable to initialize load Shibboleth configuration",pb);
-            return REQ_ABORTED;
-        }
+    const char* schemadir=pblock_findval("shib-schemas",pb);
+    if (!schemadir)
+        schemadir=getenv("SHIBSCHEMAS");
+    if (!schemadir)
+        schemadir=SHIBSP_SCHEMAS;
+    const char* config=pblock_findval("shib-config",pb);
+    if (!config)
+        config=getenv("SHIBCONFIG");
+    if (!config)
+        config=SHIBSP_CONFIG;
+    g_Config=&SPConfig::getConfig();
+    g_Config->setFeatures(
+        SPConfig::Listener |
+        SPConfig::Caching |
+        SPConfig::Metadata |
+        SPConfig::RequestMapping |
+        SPConfig::InProcess |
+        SPConfig::Logging
+        );
+    if (!g_Config->init(schemadir)) {
+        g_Config=NULL;
+        pblock_nvinsert("error","unable to initialize Shibboleth libraries",pb);
+        return REQ_ABORTED;
+    }
 
-        daemon_atrestart(nsapi_shib_exit,NULL);
+    g_Config->RequestMapperManager.registerFactory(XML_REQUEST_MAPPER,&SunRequestMapFactory);
 
-        ServiceProvider* conf=SPConfig::getConfig().getServiceProvider();
-        Locker locker(conf);
-        const PropertySet* props=conf->getPropertySet("Local");
-        if (props) {
-            pair<bool,const char*> unsetValue=props->getString("unsetHeaderValue");
-            if (unsetValue.first)
-                g_unsetHeaderValue = unsetValue.second;
-        }
-#ifndef _DEBUG
+    try {
+        DOMDocument* dummydoc=XMLToolingConfig::getConfig().getParser().newDocument();
+        XercesJanitor<DOMDocument> docjanitor(dummydoc);
+        DOMElement* dummy = dummydoc->createElementNS(NULL,path);
+        auto_ptr_XMLCh src(config);
+        dummy->setAttributeNS(NULL,path,src.get());
+
+        g_Config->setServiceProvider(g_Config->ServiceProviderManager.newPlugin(XML_SERVICE_PROVIDER,dummy));
+        g_Config->getServiceProvider()->init();
     }
-    catch (...) {
+    catch (exception& ex) {
+        pblock_nvinsert("error",ex.what(),pb);
+        g_Config->term();
         g_Config=NULL;
-        pblock_nvinsert("error","caught exception, unable to initialize Shibboleth libraries",pb);
         return REQ_ABORTED;
     }
-#endif
+
+    daemon_atrestart(nsapi_shib_exit,NULL);
+
+    ServiceProvider* sp=g_Config->getServiceProvider();
+    Locker locker(sp);
+    const PropertySet* props=sp->getPropertySet("Local");
+    if (props) {
+        pair<bool,const char*> unsetValue=props->getString("unsetHeaderValue");
+        if (unsetValue.first)
+            g_unsetHeaderValue = unsetValue.second;
+    }
     return REQ_PROCEED;
 }
 

diff --git a/shar/shar.cpp b/shar/shar.cpp
index edcbc7c..48ac4c4 100644 (file)
--- a/shar/shar.cpp
+++ b/shar/shar.cpp
@@ -35,7 +35,6 @@
 # define _CRT_SECURE_NO_DEPRECATE 1
 #endif
 
-#include <shib-target/shib-target.h>
 #include <shibsp/SPConfig.h>
 
 #ifdef HAVE_UNISTD_H
@@ -46,12 +45,15 @@
 #include <stdio.h>
 #include <signal.h>
 #include <log4cpp/Category.hh>
+#include <shibsp/ServiceProvider.h>
+#include <shibsp/remoting/ListenerService.h>
+#include <xercesc/util/XMLUniDefs.hpp>
+#include <xmltooling/XMLToolingConfig.h>
+#include <xmltooling/util/XMLHelper.h>
 
 using namespace shibsp;
-using namespace shibtarget;
-using namespace shibboleth;
-using namespace saml;
 using namespace log4cpp;
+using namespace xmltooling;
 using namespace std;
 
 bool shibd_shutdown = false;
@@ -102,17 +104,17 @@ int MyAllocHook(int nAllocType, void *pvData,
 
 int real_main(int preinit)
 {
-    ShibTargetConfig& conf=ShibTargetConfig::getConfig();
+    SPConfig& conf=SPConfig::getConfig();
     if (preinit) {
 
-        // initialize the shib-target library
-        SPConfig::getConfig().setFeatures(
+        // Initialize the SP library.
+        conf.setFeatures(
             SPConfig::Listener |
             SPConfig::Caching |
             SPConfig::Metadata |
             SPConfig::Trust |
             SPConfig::Credentials |
-            SPConfig::AAP |
+            SPConfig::AttributeResolver |
             SPConfig::OutOfProcess |
             (shar_checkonly ? (SPConfig::InProcess | SPConfig::RequestMapping) : SPConfig::Logging)
             );
@@ -121,11 +123,29 @@ int real_main(int preinit)
         if (!shar_schemadir)
             shar_schemadir=getenv("SHIBSCHEMAS");
         if (!shar_schemadir)
-            shar_schemadir=SHIB_SCHEMAS;
+            shar_schemadir=SHIBSP_SCHEMAS;
         if (!shar_config)
-            shar_config=SHIB_CONFIG;
-        if (!conf.init(shar_schemadir) || !conf.load(shar_config)) {
+            shar_config=SHIBSP_CONFIG;
+        if (!conf.init(shar_schemadir)) {
             fprintf(stderr, "configuration is invalid, see console for specific problems\n");
+            return -1;
+        }
+        
+        try {
+            fprintf(stderr, "loading configuration file: %s\n", shar_config);
+            static const XMLCh path[] = UNICODE_LITERAL_4(p,a,t,h);
+            DOMDocument* dummydoc=XMLToolingConfig::getConfig().getParser().newDocument();
+            XercesJanitor<DOMDocument> docjanitor(dummydoc);
+            DOMElement* dummy = dummydoc->createElementNS(NULL,path);
+            auto_ptr_XMLCh src(shar_config);
+            dummy->setAttributeNS(NULL,path,src.get());
+    
+            conf.setServiceProvider(conf.ServiceProviderManager.newPlugin(XML_SERVICE_PROVIDER,dummy));
+            conf.getServiceProvider()->init();
+        }
+        catch (exception& ex) {
+            fprintf(stderr, "caught exception while loading configuration: %s\n", ex.what());
+            conf.term();
             return -2;
         }
 
@@ -143,13 +163,13 @@ int real_main(int preinit)
         if (!shar_checkonly) {
 
             // Run the listener.
-            if (!SPConfig::getConfig().getServiceProvider()->getListenerService()->run(&shibd_shutdown)) {
+            if (!conf.getServiceProvider()->getListenerService()->run(&shibd_shutdown)) {
                 fprintf(stderr, "listener failed to enter listen loop\n");
                 return -3;
             }
         }
 
-        conf.shutdown();
+        conf.term();
     }
     return 0;
 }
@@ -244,24 +264,42 @@ int main(int argc, char *argv[])
     if (!shar_schemadir)
         shar_schemadir=getenv("SHIBSCHEMAS");
     if (!shar_schemadir)
-        shar_schemadir=SHIB_SCHEMAS;
+        shar_schemadir=SHIBSP_SCHEMAS;
     if (!shar_config)
-        shar_config=SHIB_CONFIG;
+        shar_config=SHIBSP_CONFIG;
 
     // initialize the shib-target library
-    ShibTargetConfig& conf=ShibTargetConfig::getConfig();
-    SPConfig::getConfig().setFeatures(
+    SPConfig& conf=SPConfig::getConfig();
+    conf.setFeatures(
         SPConfig::Listener |
         SPConfig::Caching |
         SPConfig::Metadata |
         SPConfig::Trust |
         SPConfig::Credentials |
-        SPConfig::AAP |
+        SPConfig::AttributeResolver |
         SPConfig::OutOfProcess |
         (shar_checkonly ? (SPConfig::InProcess | SPConfig::RequestMapping) : SPConfig::Logging)
         );
-    if (!conf.init(shar_schemadir) || !conf.load(shar_config)) {
+    if (!conf.init(shar_schemadir)) {
         fprintf(stderr, "configuration is invalid, check console for specific problems\n");
+        return -1;
+    }
+
+    try {
+        fprintf(stderr, "loading configuration file: %s\n", shar_config);
+        static const XMLCh path[] = UNICODE_LITERAL_4(p,a,t,h);
+        DOMDocument* dummydoc=XMLToolingConfig::getConfig().getParser().newDocument();
+        XercesJanitor<DOMDocument> docjanitor(dummydoc);
+        DOMElement* dummy = dummydoc->createElementNS(NULL,path);
+        auto_ptr_XMLCh src(shar_config);
+        dummy->setAttributeNS(NULL,path,src.get());
+
+        conf.setServiceProvider(conf.ServiceProviderManager.newPlugin(XML_SERVICE_PROVIDER,dummy));
+        conf.getServiceProvider()->init();
+    }
+    catch (exception& ex) {
+        fprintf(stderr, "caught exception while loading configuration: %s\n", ex.what());
+        conf.term();
         return -2;
     }
 
@@ -281,13 +319,13 @@ int main(int argc, char *argv[])
         }
     
         // Run the listener
-        if (!SPConfig::getConfig().getServiceProvider()->getListenerService()->run(&shibd_shutdown)) {
+        if (!conf.getServiceProvider()->getListenerService()->run(&shibd_shutdown)) {
             fprintf(stderr, "listener failed to enter listen loop\n");
             return -3;
         }
     }
 
-    conf.shutdown();
+    conf.term();
     if (pidfile)
         unlink(pidfile);
     return 0;

diff --git a/shib-target/shib-config.cpp b/shib-target/shib-config.cpp
index edaab90..382c91f 100644 (file)
--- a/shib-target/shib-config.cpp
+++ b/shib-target/shib-config.cpp
@@ -138,8 +138,6 @@ bool STConfig::load(const char* config)
         
         pair<bool,unsigned int> skew=sp->getUnsignedInt("clockSkew");
         SAMLConfig::getConfig().clock_skew_secs=skew.first ? skew.second : 180;
-        if (skew.first)
-            XMLToolingConfig::getConfig().clock_skew_secs=skew.second;
         SPConfig::getConfig().setServiceProvider(sp.release());
         
         m_tranLog=new FixedContextCategory(SHIBTRAN_LOGCAT);

diff --git a/shib-target/shib-ini.cpp b/shib-target/shib-ini.cpp
index 8f328d3..edf5908 100644 (file)
--- a/shib-target/shib-ini.cpp
+++ b/shib-target/shib-ini.cpp
@@ -452,7 +452,7 @@ XMLApplication::XMLApplication(
         // Always include our own providerId as an audience.
         m_audiences.push_back(getXMLString("providerId").second);
 
-        if (conf.isEnabled(SPConfig::AAP)) {
+        if (conf.isEnabled(SPConfig::AttributeResolver)) {
             child = XMLHelper::getFirstChildElement(e,AAPProvider);
             while (child) {
                 // TODO: some kind of compatibility
@@ -819,7 +819,8 @@ const Handler* XMLApplication::getHandler(const char* path) const
 
 short XMLConfigImpl::acceptNode(const DOMNode* node) const
 {
-    if (!XMLString::equals(node->getNamespaceURI(),shibspconstants::SHIB1SPCONFIG_NS))
+    if (!XMLString::equals(node->getNamespaceURI(),shibspconstants::SHIB1SPCONFIG_NS) &&
+        !XMLString::equals(node->getNamespaceURI(),shibspconstants::SHIB2SPCONFIG_NS))
         return FILTER_ACCEPT;
     const XMLCh* name=node->getLocalName();
     if (XMLString::equals(name,Applications) ||
@@ -880,7 +881,6 @@ XMLConfigImpl::XMLConfigImpl(const DOMElement* e, bool first, const XMLConfig* o
 
     try {
         SPConfig& conf=SPConfig::getConfig();
-        SAMLConfig& shibConf=SAMLConfig::getConfig();
         XMLToolingConfig& xmlConf=XMLToolingConfig::getConfig();
         const DOMElement* SHAR=XMLHelper::getFirstChildElement(e,OutOfProcess);
         if (!SHAR)
@@ -919,6 +919,10 @@ XMLConfigImpl::XMLConfigImpl(const DOMElement* e, bool first, const XMLConfig* o
 
         // Much of the processing can only occur on the first instantiation.
         if (first) {
+            // Set clock skew.
+            pair<bool,unsigned int> skew=getUnsignedInt("clockSkew");
+            if (skew.first)
+                xmlConf.clock_skew_secs=skew.second;
 
             // Extensions
             doExtensions(e, "global", log);
@@ -1091,34 +1095,6 @@ XMLConfigImpl::XMLConfigImpl(const DOMElement* e, bool first, const XMLConfig* o
             }
         }
 
-        // Now we load any attribute factories
-        child = XMLHelper::getFirstChildElement(e,AttributeFactory);
-        while (child) {
-            xmltooling::auto_ptr_char type(child->getAttributeNS(NULL,_type));
-            log.info("building Attribute factory of type %s...",type.get());
-            try {
-                IPlugIn* plugin=shibConf.getPlugMgr().newPlugin(type.get(),child);
-                if (plugin) {
-                    IAttributeFactory* fact=dynamic_cast<IAttributeFactory*>(plugin);
-                    if (fact) {
-                        m_attrFactories.push_back(fact);
-                        ShibConfig::getConfig().regAttributeMapping(
-                            child->getAttributeNS(NULL,opensaml::saml1::Attribute::ATTRIBUTENAME_ATTRIB_NAME), fact
-                            );
-                    }
-                    else {
-                        delete plugin;
-                        log.crit("plugin was not an Attribute factory");
-                    }
-                }
-            }
-            catch (exception& ex) {
-                log.crit("error building Attribute factory: %s", ex.what());
-            }
-
-            child = XMLHelper::getNextSiblingElement(child,AttributeFactory);
-        }
-
         // Load the default application. This actually has a fixed ID of "default". ;-)
         child=XMLHelper::getFirstChildElement(e,Applications);
         if (!child) {

diff --git a/shibsp/Makefile.am b/shibsp/Makefile.am
index 899e045..33b0e17 100644 (file)
--- a/shibsp/Makefile.am
+++ b/shibsp/Makefile.am
@@ -72,6 +72,7 @@ libshibsp_la_SOURCES = \
        impl/StorageServiceSessionCache.cpp \
        impl/XMLAccessControl.cpp \
        impl/XMLRequestMapper.cpp \
+       impl/XMLServiceProvider.cpp \
        metadata/MetadataExtImpl.cpp \
        metadata/MetadataExtSchemaValidators.cpp \
        remoting/impl/ddf.cpp \

diff --git a/shibsp/SPConfig.h b/shibsp/SPConfig.h
index 3418808..70b46c2 100644 (file)
--- a/shibsp/SPConfig.h
+++ b/shibsp/SPConfig.h
@@ -70,7 +70,7 @@ namespace shibsp {
             Metadata = 4,
             Trust = 8,
             Credentials = 16,
-            AAP = 32,
+            AttributeResolver = 32,
             RequestMapping = 64,
             OutOfProcess = 128,
             InProcess = 256,

diff --git a/shibsp/ServiceProvider.cpp b/shibsp/ServiceProvider.cpp
index 377d138..ff97ad2 100644 (file)
--- a/shibsp/ServiceProvider.cpp
+++ b/shibsp/ServiceProvider.cpp
@@ -46,7 +46,7 @@ using namespace xmltooling;
 using namespace std;
 
 namespace shibsp {
-    //SHIBSP_DLLLOCAL PluginManager<ServiceProvider,const DOMElement*>::Factory XMLServiceProviderFactory;
+    SHIBSP_DLLLOCAL PluginManager<ServiceProvider,const DOMElement*>::Factory XMLServiceProviderFactory;
 
     long SHIBSP_DLLLOCAL sendError(
         SPRequest& request, const Application* app, const char* page, TemplateParameters& tp, const XMLToolingException* ex=NULL
@@ -110,7 +110,7 @@ namespace shibsp {
 
 void SHIBSP_API shibsp::registerServiceProviders()
 {
-    //SPConfig::getConfig().ServiceProviderManager.registerFactory(XML_SERVICE_PROVIDER, XMLServiceProviderFactory);
+    SPConfig::getConfig().ServiceProviderManager.registerFactory(XML_SERVICE_PROVIDER, XMLServiceProviderFactory);
 }
 
 pair<bool,long> ServiceProvider::doAuthentication(SPRequest& request, bool handler) const

diff --git a/shibsp/impl/XMLServiceProvider.cpp b/shibsp/impl/XMLServiceProvider.cpp
new file mode 100644 (file)
index 0000000..4267ccd
--- /dev/null
+++ b/shibsp/impl/XMLServiceProvider.cpp
@@ -0,0 +1,1081 @@
+/*\r
+ *  Copyright 2001-2007 Internet2\r
+ * \r
+ * Licensed under the Apache License, Version 2.0 (the "License");\r
+ * you may not use this file except in compliance with the License.\r
+ * You may obtain a copy of the License at\r
+ *\r
+ *     http://www.apache.org/licenses/LICENSE-2.0\r
+ *\r
+ * Unless required by applicable law or agreed to in writing, software\r
+ * distributed under the License is distributed on an "AS IS" BASIS,\r
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
+ * See the License for the specific language governing permissions and\r
+ * limitations under the License.\r
+ */\r
+\r
+/**\r
+ * XMLServiceProvider.cpp\r
+ *\r
+ * XML-based SP configuration and mgmt\r
+ */\r
+\r
+#include "internal.h"\r
+#include "exceptions.h"\r
+#include "AccessControl.h"\r
+#include "Application.h"\r
+#include "Handler.h"\r
+#include "RequestMapper.h"\r
+#include "ServiceProvider.h"\r
+#include "SessionCache.h"\r
+#include "SPConfig.h"\r
+#include "SPRequest.h"\r
+#include "TransactionLog.h"\r
+#include "attribute/Attribute.h"\r
+#include "remoting/ListenerService.h"\r
+#include "security/PKIXTrustEngine.h"\r
+#include "util/DOMPropertySet.h"\r
+#include "util/SPConstants.h"\r
+\r
+#include <sys/types.h>\r
+#include <sys/stat.h>\r
+#include <log4cpp/Category.hh>\r
+#include <log4cpp/PropertyConfigurator.hh>\r
+#include <saml/SAMLConfig.h>\r
+#include <saml/saml1/core/Assertions.h>\r
+#include <saml/saml2/metadata/ChainingMetadataProvider.h>\r
+#include <xmltooling/XMLToolingConfig.h>\r
+#include <xmltooling/security/ChainingTrustEngine.h>\r
+#include <xmltooling/util/NDC.h>\r
+#include <xmltooling/util/ReloadableXMLFile.h>\r
+#include <xmltooling/util/ReplayCache.h>\r
+\r
+using namespace shibsp;\r
+using namespace opensaml::saml1;\r
+using namespace opensaml::saml2md;\r
+using namespace opensaml;\r
+using namespace xmltooling;\r
+using namespace log4cpp;\r
+using namespace std;\r
+using xmlsignature::CredentialResolver;\r
+\r
+namespace shibsp {\r
+\r
+#if defined (_MSC_VER)\r
+    #pragma warning( push )\r
+    #pragma warning( disable : 4250 )\r
+#endif\r
+\r
+    static vector<const Handler*> g_noHandlers;\r
+\r
+    // Application configuration wrapper\r
+    class SHIBSP_DLLLOCAL XMLApplication : public virtual Application, public DOMPropertySet, public DOMNodeFilter\r
+    {\r
+    public:\r
+        XMLApplication(const ServiceProvider*, const DOMElement* e, const XMLApplication* base=NULL);\r
+        ~XMLApplication() { cleanup(); }\r
+    \r
+        // PropertySet\r
+        pair<bool,bool> getBool(const char* name, const char* ns=NULL) const;\r
+        pair<bool,const char*> getString(const char* name, const char* ns=NULL) const;\r
+        pair<bool,const XMLCh*> getXMLString(const char* name, const char* ns=NULL) const;\r
+        pair<bool,unsigned int> getUnsignedInt(const char* name, const char* ns=NULL) const;\r
+        pair<bool,int> getInt(const char* name, const char* ns=NULL) const;\r
+        const PropertySet* getPropertySet(const char* name, const char* ns="urn:mace:shibboleth:target:config:1.0") const;\r
+\r
+        // Application\r
+        const char* getId() const {return getString("id").second;}\r
+        const char* getHash() const {return m_hash.c_str();}\r
+        MetadataProvider* getMetadataProvider() const;\r
+        TrustEngine* getTrustEngine() const;\r
+        const vector<const XMLCh*>& getAudiences() const;\r
+        const PropertySet* getCredentialUse(const EntityDescriptor* provider) const;\r
+\r
+        const Handler* getDefaultSessionInitiator() const;\r
+        const Handler* getSessionInitiatorById(const char* id) const;\r
+        const Handler* getDefaultAssertionConsumerService() const;\r
+        const Handler* getAssertionConsumerServiceByIndex(unsigned short index) const;\r
+        const vector<const Handler*>& getAssertionConsumerServicesByBinding(const XMLCh* binding) const;\r
+        const Handler* getHandler(const char* path) const;\r
+        \r
+        // Provides filter to exclude special config elements.\r
+        short acceptNode(const DOMNode* node) const;\r
+    \r
+    private:\r
+        void cleanup();\r
+        const ServiceProvider* m_sp;   // this is ok because its locking scope includes us\r
+        const XMLApplication* m_base;\r
+        string m_hash;\r
+        MetadataProvider* m_metadata;\r
+        TrustEngine* m_trust;\r
+        vector<const XMLCh*> m_audiences;\r
+\r
+        // manage handler objects\r
+        vector<Handler*> m_handlers;\r
+\r
+        // maps location (path info) to applicable handlers\r
+        map<string,const Handler*> m_handlerMap;\r
+\r
+        // maps unique indexes to consumer services\r
+        map<unsigned int,const Handler*> m_acsIndexMap;\r
+        \r
+        // pointer to default consumer service\r
+        const Handler* m_acsDefault;\r
+\r
+        // maps binding strings to supporting consumer service(s)\r
+#ifdef HAVE_GOOD_STL\r
+        typedef map<xmltooling::xstring,vector<const Handler*> > ACSBindingMap;\r
+#else\r
+        typedef map<string,vector<const Handler*> > ACSBindingMap;\r
+#endif\r
+        ACSBindingMap m_acsBindingMap;\r
+\r
+        // maps unique ID strings to session initiators\r
+        map<string,const Handler*> m_sessionInitMap;\r
+\r
+        // pointer to default session initiator\r
+        const Handler* m_sessionInitDefault;\r
+\r
+        DOMPropertySet* m_credDefault;\r
+#ifdef HAVE_GOOD_STL\r
+        map<xmltooling::xstring,PropertySet*> m_credMap;\r
+#else\r
+        map<const XMLCh*,PropertySet*> m_credMap;\r
+#endif\r
+    };\r
+\r
+    // Top-level configuration implementation\r
+    class SHIBSP_DLLLOCAL XMLConfig;\r
+    class SHIBSP_DLLLOCAL XMLConfigImpl : public DOMPropertySet, public DOMNodeFilter\r
+    {\r
+    public:\r
+        XMLConfigImpl(const DOMElement* e, bool first, const XMLConfig* outer);\r
+        ~XMLConfigImpl();\r
+        \r
+        RequestMapper* m_requestMapper;\r
+        map<string,Application*> m_appmap;\r
+        map<string,CredentialResolver*> m_credResolverMap;\r
+        \r
+        // Provides filter to exclude special config elements.\r
+        short acceptNode(const DOMNode* node) const;\r
+\r
+        void setDocument(DOMDocument* doc) {\r
+            m_document = doc;\r
+        }\r
+\r
+    private:\r
+        void doExtensions(const DOMElement* e, const char* label, Category& log);\r
+\r
+        const XMLConfig* m_outer;\r
+        DOMDocument* m_document;\r
+    };\r
+\r
+    class SHIBSP_DLLLOCAL XMLConfig : public ServiceProvider, public ReloadableXMLFile\r
+    {\r
+    public:\r
+        XMLConfig(const DOMElement* e)\r
+            : ReloadableXMLFile(e), m_impl(NULL), m_listener(NULL), m_sessionCache(NULL) {\r
+        }\r
+        \r
+        void init() {\r
+            load();\r
+        }\r
+\r
+        ~XMLConfig() {\r
+            delete m_impl;\r
+            delete m_sessionCache;\r
+            delete m_listener;\r
+            delete m_tranLog;\r
+            XMLToolingConfig::getConfig().setReplayCache(NULL);\r
+            for_each(m_storage.begin(), m_storage.end(), cleanup_pair<string,StorageService>());\r
+        }\r
+\r
+        // PropertySet\r
+        pair<bool,bool> getBool(const char* name, const char* ns=NULL) const {return m_impl->getBool(name,ns);}\r
+        pair<bool,const char*> getString(const char* name, const char* ns=NULL) const {return m_impl->getString(name,ns);}\r
+        pair<bool,const XMLCh*> getXMLString(const char* name, const char* ns=NULL) const {return m_impl->getXMLString(name,ns);}\r
+        pair<bool,unsigned int> getUnsignedInt(const char* name, const char* ns=NULL) const {return m_impl->getUnsignedInt(name,ns);}\r
+        pair<bool,int> getInt(const char* name, const char* ns=NULL) const {return m_impl->getInt(name,ns);}\r
+        const PropertySet* getPropertySet(const char* name, const char* ns="urn:mace:shibboleth:target:config:1.0") const {return m_impl->getPropertySet(name,ns);}\r
+        const DOMElement* getElement() const {return m_impl->getElement();}\r
+\r
+        // ServiceProvider\r
+        TransactionLog* getTransactionLog() const {\r
+            if (m_tranLog)\r
+                return m_tranLog;\r
+            throw ConfigurationException("No TransactionLog available.");\r
+        }\r
+\r
+        StorageService* getStorageService(const char* id) const {\r
+            if (id) {\r
+                map<string,StorageService*>::const_iterator i=m_storage.find(id);\r
+                if (i!=m_storage.end())\r
+                    return i->second;\r
+            }\r
+            return NULL;\r
+        }\r
+\r
+        ListenerService* getListenerService(bool required=true) const {\r
+            if (required && !m_listener)\r
+                throw ConfigurationException("No ListenerService available.");\r
+            return m_listener;\r
+        }\r
+\r
+        SessionCache* getSessionCache(bool required=true) const {\r
+            if (required && !m_sessionCache)\r
+                throw ConfigurationException("No SessionCache available.");\r
+            return m_sessionCache;\r
+        }\r
+\r
+        RequestMapper* getRequestMapper(bool required=true) const {\r
+            if (required && !m_impl->m_requestMapper)\r
+                throw ConfigurationException("No RequestMapper available.");\r
+            return m_impl->m_requestMapper;\r
+        }\r
+\r
+        const Application* getApplication(const char* applicationId) const {\r
+            map<string,Application*>::const_iterator i=m_impl->m_appmap.find(applicationId);\r
+            return (i!=m_impl->m_appmap.end()) ? i->second : NULL;\r
+        }\r
+\r
+        CredentialResolver* getCredentialResolver(const char* id) const {\r
+            if (id) {\r
+                map<string,CredentialResolver*>::const_iterator i=m_impl->m_credResolverMap.find(id);\r
+                if (i!=m_impl->m_credResolverMap.end())\r
+                    return i->second;\r
+            }\r
+            return NULL;\r
+        }\r
+\r
+    protected:\r
+        pair<bool,DOMElement*> load();\r
+\r
+    private:\r
+        friend class XMLConfigImpl;\r
+        XMLConfigImpl* m_impl;\r
+        mutable ListenerService* m_listener;\r
+        mutable SessionCache* m_sessionCache;\r
+        mutable TransactionLog* m_tranLog;\r
+        mutable map<string,StorageService*> m_storage;\r
+    };\r
+\r
+#if defined (_MSC_VER)\r
+    #pragma warning( pop )\r
+#endif\r
+\r
+    ServiceProvider* XMLServiceProviderFactory(const DOMElement* const & e)\r
+    {\r
+        return new XMLConfig(e);\r
+    }\r
+\r
+    static const XMLCh AAPProvider[] =          UNICODE_LITERAL_11(A,A,P,P,r,o,v,i,d,e,r);\r
+    static const XMLCh _Application[] =         UNICODE_LITERAL_11(A,p,p,l,i,c,a,t,i,o,n);\r
+    static const XMLCh Applications[] =         UNICODE_LITERAL_12(A,p,p,l,i,c,a,t,i,o,n,s);\r
+    static const XMLCh AttributeFactory[] =     UNICODE_LITERAL_16(A,t,t,r,i,b,u,t,e,F,a,c,t,o,r,y);\r
+    static const XMLCh Credentials[] =          UNICODE_LITERAL_11(C,r,e,d,e,n,t,i,a,l,s);\r
+    static const XMLCh CredentialsProvider[] =  UNICODE_LITERAL_19(C,r,e,d,e,n,t,i,a,l,s,P,r,o,v,i,d,e,r);\r
+    static const XMLCh CredentialUse[] =        UNICODE_LITERAL_13(C,r,e,d,e,n,t,i,a,l,U,s,e);\r
+    static const XMLCh DiagnosticService[] =    UNICODE_LITERAL_17(D,i,a,g,n,o,s,t,i,c,S,e,r,v,i,c,e);\r
+    static const XMLCh fatal[] =                UNICODE_LITERAL_5(f,a,t,a,l);\r
+    static const XMLCh FileResolver[] =         UNICODE_LITERAL_12(F,i,l,e,R,e,s,o,l,v,e,r);\r
+    static const XMLCh Global[] =               UNICODE_LITERAL_6(G,l,o,b,a,l);\r
+    static const XMLCh Id[] =                   UNICODE_LITERAL_2(I,d);\r
+    static const XMLCh Implementation[] =       UNICODE_LITERAL_14(I,m,p,l,e,m,e,n,t,a,t,i,o,n);\r
+    static const XMLCh InProcess[] =            UNICODE_LITERAL_9(I,n,P,r,o,c,e,s,s);\r
+    static const XMLCh Library[] =              UNICODE_LITERAL_7(L,i,b,r,a,r,y);\r
+    static const XMLCh Listener[] =             UNICODE_LITERAL_8(L,i,s,t,e,n,e,r);\r
+    static const XMLCh Local[] =                UNICODE_LITERAL_5(L,o,c,a,l);\r
+    static const XMLCh logger[] =               UNICODE_LITERAL_6(l,o,g,g,e,r);\r
+    static const XMLCh MemoryListener[] =       UNICODE_LITERAL_14(M,e,m,o,r,y,L,i,s,t,e,n,e,r);\r
+    static const XMLCh MemorySessionCache[] =   UNICODE_LITERAL_18(M,e,m,o,r,y,S,e,s,s,i,o,n,C,a,c,h,e);\r
+    static const XMLCh RelyingParty[] =         UNICODE_LITERAL_12(R,e,l,y,i,n,g,P,a,r,t,y);\r
+    static const XMLCh _ReplayCache[] =         UNICODE_LITERAL_11(R,e,p,l,a,y,C,a,c,h,e);\r
+    static const XMLCh RequestMapProvider[] =   UNICODE_LITERAL_18(R,e,q,u,e,s,t,M,a,p,P,r,o,v,i,d,e,r);\r
+    static const XMLCh _SessionCache[] =        UNICODE_LITERAL_12(S,e,s,s,i,o,n,C,a,c,h,e);\r
+    static const XMLCh SessionInitiator[] =     UNICODE_LITERAL_16(S,e,s,s,i,o,n,I,n,i,t,i,a,t,o,r);\r
+    static const XMLCh _StorageService[] =      UNICODE_LITERAL_14(S,t,o,r,a,g,e,S,e,r,v,i,c,e);\r
+    static const XMLCh OutOfProcess[] =         UNICODE_LITERAL_12(O,u,t,O,f,P,r,o,c,e,s,s);\r
+    static const XMLCh TCPListener[] =          UNICODE_LITERAL_11(T,C,P,L,i,s,t,e,n,e,r);\r
+    static const XMLCh TrustProvider[] =        UNICODE_LITERAL_13(T,r,u,s,t,P,r,o,v,i,d,e,r);\r
+    static const XMLCh UnixListener[] =         UNICODE_LITERAL_12(U,n,i,x,L,i,s,t,e,n,e,r);\r
+    static const XMLCh _MetadataProvider[] =    UNICODE_LITERAL_16(M,e,t,a,d,a,t,a,P,r,o,v,i,d,e,r);\r
+    static const XMLCh _path[] =                UNICODE_LITERAL_4(p,a,t,h);\r
+    static const XMLCh _type[] =                UNICODE_LITERAL_4(t,y,p,e);\r
+};\r
+\r
+XMLApplication::XMLApplication(\r
+    const ServiceProvider* sp,\r
+    const DOMElement* e,\r
+    const XMLApplication* base\r
+    ) : m_sp(sp), m_base(base), m_metadata(NULL), m_trust(NULL),\r
+        m_credDefault(NULL), m_sessionInitDefault(NULL), m_acsDefault(NULL)\r
+{\r
+#ifdef _DEBUG\r
+    xmltooling::NDC ndc("XMLApplication");\r
+#endif\r
+    Category& log=Category::getInstance(SHIBSP_LOGCAT".Application");\r
+\r
+    try {\r
+        // First load any property sets.\r
+        map<string,string> root_remap;\r
+        root_remap["shire"]="session";\r
+        root_remap["shireURL"]="handlerURL";\r
+        root_remap["shireSSL"]="handlerSSL";\r
+        load(e,log,this,&root_remap);\r
+\r
+        const PropertySet* propcheck=getPropertySet("Errors");\r
+        if (propcheck && !propcheck->getString("session").first)\r
+            throw ConfigurationException("<Errors> element requires 'session' (or deprecated 'shire') attribute");\r
+        propcheck=getPropertySet("Sessions");\r
+        if (propcheck && !propcheck->getString("handlerURL").first)\r
+            throw ConfigurationException("<Sessions> element requires 'handlerURL' (or deprecated 'shireURL') attribute");\r
+\r
+        SPConfig& conf=SPConfig::getConfig();\r
+        SAMLConfig& samlConf=SAMLConfig::getConfig();\r
+        XMLToolingConfig& xmlConf=XMLToolingConfig::getConfig();\r
+\r
+        m_hash=getId();\r
+        m_hash+=getString("providerId").second;\r
+        m_hash=samlConf.hashSHA1(m_hash.c_str(), true);\r
+\r
+        // Process handlers.\r
+        Handler* handler=NULL;\r
+        bool hardACS=false, hardSessionInit=false;\r
+        const DOMElement* child = XMLHelper::getFirstChildElement(propcheck->getElement());\r
+        while (child) {\r
+            xmltooling::auto_ptr_char bindprop(child->getAttributeNS(NULL,EndpointType::BINDING_ATTRIB_NAME));\r
+            if (!bindprop.get() || !*(bindprop.get())) {\r
+                log.warn("md:AssertionConsumerService element has no Binding attribute, skipping it...");\r
+                child = XMLHelper::getNextSiblingElement(child);\r
+                continue;\r
+            }\r
+            \r
+            try {\r
+                // A handler is based on the Binding property in conjunction with the element name.\r
+                // If it's an ACS or SI, also handle index/id mappings and defaulting.\r
+                if (XMLHelper::isNodeNamed(child,samlconstants::SAML20MD_NS,AssertionConsumerService::LOCAL_NAME)) {\r
+                    handler=conf.AssertionConsumerServiceManager.newPlugin(bindprop.get(),child);\r
+                    // Map by binding (may be > 1 per binding, e.g. SAML 1.0 vs 1.1)\r
+#ifdef HAVE_GOOD_STL\r
+                    m_acsBindingMap[handler->getXMLString("Binding").second].push_back(handler);\r
+#else\r
+                    m_acsBindingMap[handler->getString("Binding").second].push_back(handler);\r
+#endif\r
+                    m_acsIndexMap[handler->getUnsignedInt("index").second]=handler;\r
+                    \r
+                    if (!hardACS) {\r
+                        pair<bool,bool> defprop=handler->getBool("isDefault");\r
+                        if (defprop.first) {\r
+                            if (defprop.second) {\r
+                                hardACS=true;\r
+                                m_acsDefault=handler;\r
+                            }\r
+                        }\r
+                        else if (!m_acsDefault)\r
+                            m_acsDefault=handler;\r
+                    }\r
+                }\r
+                else if (XMLString::equals(child->getLocalName(),SessionInitiator)) {\r
+                    handler=conf.SessionInitiatorManager.newPlugin(bindprop.get(),child);\r
+                    pair<bool,const char*> si_id=handler->getString("id");\r
+                    if (si_id.first && si_id.second)\r
+                        m_sessionInitMap[si_id.second]=handler;\r
+                    if (!hardSessionInit) {\r
+                        pair<bool,bool> defprop=handler->getBool("isDefault");\r
+                        if (defprop.first) {\r
+                            if (defprop.second) {\r
+                                hardSessionInit=true;\r
+                                m_sessionInitDefault=handler;\r
+                            }\r
+                        }\r
+                        else if (!m_sessionInitDefault)\r
+                            m_sessionInitDefault=handler;\r
+                    }\r
+                }\r
+                else if (XMLHelper::isNodeNamed(child,samlconstants::SAML20MD_NS,SingleLogoutService::LOCAL_NAME)) {\r
+                    handler=conf.SingleLogoutServiceManager.newPlugin(bindprop.get(),child);\r
+                }\r
+                else if (XMLHelper::isNodeNamed(child,samlconstants::SAML20MD_NS,ManageNameIDService::LOCAL_NAME)) {\r
+                    handler=conf.ManageNameIDServiceManager.newPlugin(bindprop.get(),child);\r
+                }\r
+                else {\r
+                    handler=conf.HandlerManager.newPlugin(bindprop.get(),child);\r
+                }\r
+\r
+                // Save off the objects after giving the property set to the handler for its use.\r
+                m_handlers.push_back(handler);\r
+\r
+                // Insert into location map.\r
+                pair<bool,const char*> location=handler->getString("Location");\r
+                if (location.first && *location.second == '/')\r
+                    m_handlerMap[location.second]=handler;\r
+                else if (location.first)\r
+                    m_handlerMap[string("/") + location.second]=handler;\r
+\r
+            }\r
+            catch (exception& ex) {\r
+                log.error("caught exception processing handler element: %s", ex.what());\r
+            }\r
+            \r
+            child = XMLHelper::getNextSiblingElement(child);\r
+        }\r
+\r
+        // If no handlers defined at the root, assume a legacy configuration.\r
+        if (!m_base && m_handlers.empty()) {\r
+            try {\r
+                // A legacy config installs a SAML POST handler at the root handler location.\r
+                // We use the Sessions element itself as the PropertySet.\r
+                Handler* h1=conf.SessionInitiatorManager.newPlugin(\r
+                    shibspconstants::SHIB1_SESSIONINIT_PROFILE_URI,propcheck->getElement()\r
+                    );\r
+                m_handlers.push_back(h1);\r
+                m_sessionInitDefault=h1;\r
+\r
+                Handler* h2=conf.AssertionConsumerServiceManager.newPlugin(\r
+                    samlconstants::SAML1_PROFILE_BROWSER_POST,propcheck->getElement()\r
+                    );\r
+                m_handlers.push_back(h2);\r
+                m_handlerMap[""] = h2;\r
+                m_acsDefault=h2;\r
+            }\r
+            catch (exception& ex) {\r
+                log.crit("error installing legacy handler configuration: %s", ex.what());\r
+            }\r
+        }\r
+        \r
+        DOMNodeList* nlist=e->getElementsByTagNameNS(samlconstants::SAML1_NS,Audience::LOCAL_NAME);\r
+        for (XMLSize_t i=0; nlist && i<nlist->getLength(); i++)\r
+            if (nlist->item(i)->getParentNode()->isSameNode(e) && nlist->item(i)->hasChildNodes())\r
+                m_audiences.push_back(nlist->item(i)->getFirstChild()->getNodeValue());\r
+\r
+        // Always include our own providerId as an audience.\r
+        m_audiences.push_back(getXMLString("providerId").second);\r
+\r
+        if (conf.isEnabled(SPConfig::AttributeResolver)) {\r
+            child = XMLHelper::getFirstChildElement(e,AAPProvider);\r
+            while (child) {\r
+                // TODO: some kind of compatibility\r
+                child = XMLHelper::getNextSiblingElement(child,AAPProvider);\r
+            }\r
+        }\r
+\r
+        if (conf.isEnabled(SPConfig::Metadata)) {\r
+            vector<MetadataProvider*> os2providers;\r
+            child = XMLHelper::getFirstChildElement(e,_MetadataProvider);\r
+            while (child) {\r
+                xmltooling::auto_ptr_char type(child->getAttributeNS(NULL,_type));\r
+                log.info("building metadata provider of type %s...",type.get());\r
+                try {\r
+                    auto_ptr<MetadataProvider> mp(samlConf.MetadataProviderManager.newPlugin(type.get(),child));\r
+                    mp->init();\r
+                    os2providers.push_back(mp.release());\r
+                }\r
+                catch (exception& ex) {\r
+                    log.crit("error building/initializing metadata provider: %s", ex.what());\r
+                }\r
+\r
+                child = XMLHelper::getNextSiblingElement(child,_MetadataProvider);\r
+            }\r
+            \r
+            if (os2providers.size()==1)\r
+                m_metadata=os2providers.front();\r
+            else if (os2providers.size()>1) {\r
+                try {\r
+                    m_metadata = samlConf.MetadataProviderManager.newPlugin(CHAINING_METADATA_PROVIDER,NULL);\r
+                    ChainingMetadataProvider* chainMeta = dynamic_cast<ChainingMetadataProvider*>(m_metadata);\r
+                    while (!os2providers.empty()) {\r
+                        chainMeta->addMetadataProvider(os2providers.back());\r
+                        os2providers.pop_back();\r
+                    }\r
+                }\r
+                catch (exception& ex) {\r
+                    log.crit("error building chaining metadata provider wrapper: %s",ex.what());\r
+                    for_each(os2providers.begin(), os2providers.end(), xmltooling::cleanup<MetadataProvider>());\r
+                }\r
+            }\r
+        }\r
+\r
+        if (conf.isEnabled(SPConfig::Trust)) {\r
+            ChainingTrustEngine* chainTrust = NULL;\r
+            child = XMLHelper::getFirstChildElement(e,TrustProvider);\r
+            while (child) {\r
+                xmltooling::auto_ptr_char type(child->getAttributeNS(NULL,_type));\r
+                log.info("building trust provider of type %s...",type.get());\r
+                try {\r
+                    if (!m_trust) {\r
+                        // For compatibility with old engine types, we're assuming a Shib engine is likely,\r
+                        // which requires chaining, so we'll build that regardless.\r
+                        m_trust = xmlConf.TrustEngineManager.newPlugin(CHAINING_TRUSTENGINE,NULL);\r
+                        chainTrust = dynamic_cast<ChainingTrustEngine*>(m_trust);\r
+                    }\r
+                    if (!strcmp(type.get(),"edu.internet2.middleware.shibboleth.common.provider.ShibbolethTrust")) {\r
+                        chainTrust->addTrustEngine(xmlConf.TrustEngineManager.newPlugin(EXPLICIT_KEY_TRUSTENGINE,child));\r
+                        chainTrust->addTrustEngine(xmlConf.TrustEngineManager.newPlugin(SHIBBOLETH_PKIX_TRUSTENGINE,child));\r
+                    }\r
+                    else if (!strcmp(type.get(),"edu.internet2.middleware.shibboleth.common.provider.BasicTrust")) {\r
+                        chainTrust->addTrustEngine(xmlConf.TrustEngineManager.newPlugin(EXPLICIT_KEY_TRUSTENGINE,child));\r
+                    }\r
+                    else {\r
+                        chainTrust->addTrustEngine(xmlConf.TrustEngineManager.newPlugin(type.get(),child));\r
+                    }\r
+                }\r
+                catch (exception& ex) {\r
+                    log.crit("error building trust provider: %s",ex.what());\r
+                }\r
+    \r
+                child = XMLHelper::getNextSiblingElement(child,TrustProvider);\r
+            }\r
+        }\r
+        \r
+        // Finally, load credential mappings.\r
+        child = XMLHelper::getFirstChildElement(e,CredentialUse);\r
+        if (child) {\r
+            m_credDefault=new DOMPropertySet();\r
+            m_credDefault->load(child,log,this);\r
+            child = XMLHelper::getFirstChildElement(child,RelyingParty);\r
+            while (child) {\r
+                DOMPropertySet* rp=new DOMPropertySet();\r
+                rp->load(child,log,this);\r
+                m_credMap[child->getAttributeNS(NULL,opensaml::saml2::Attribute::NAME_ATTRIB_NAME)]=rp;\r
+                child = XMLHelper::getNextSiblingElement(child,RelyingParty);\r
+            }\r
+        }\r
+        \r
+        if (conf.isEnabled(SPConfig::OutOfProcess)) {\r
+            // Really finally, build local browser profile and binding objects.\r
+            // TODO: may need some bits here...\r
+        }\r
+    }\r
+    catch (exception&) {\r
+        cleanup();\r
+        throw;\r
+    }\r
+#ifndef _DEBUG\r
+    catch (...) {\r
+        cleanup();\r
+        throw;\r
+    }\r
+#endif\r
+}\r
+\r
+void XMLApplication::cleanup()\r
+{\r
+    for_each(m_handlers.begin(),m_handlers.end(),xmltooling::cleanup<Handler>());\r
+    \r
+    delete m_credDefault;\r
+#ifdef HAVE_GOOD_STL\r
+    for_each(m_credMap.begin(),m_credMap.end(),cleanup_pair<xmltooling::xstring,PropertySet>());\r
+#else\r
+    for_each(m_credMap.begin(),m_credMap.end(),cleanup_pair<const XMLCh*,PropertySet>());\r
+#endif\r
+\r
+    delete m_trust;\r
+    delete m_metadata;\r
+}\r
+\r
+short XMLApplication::acceptNode(const DOMNode* node) const\r
+{\r
+    if (XMLHelper::isNodeNamed(node,samlconstants::SAML1_NS,AttributeDesignator::LOCAL_NAME))\r
+        return FILTER_REJECT;\r
+    else if (XMLHelper::isNodeNamed(node,samlconstants::SAML20_NS,opensaml::saml1::Attribute::LOCAL_NAME))\r
+        return FILTER_REJECT;\r
+    else if (XMLHelper::isNodeNamed(node,samlconstants::SAML1_NS,Audience::LOCAL_NAME))\r
+        return FILTER_REJECT;\r
+    const XMLCh* name=node->getLocalName();\r
+    if (XMLString::equals(name,_Application) ||\r
+        XMLString::equals(name,AssertionConsumerService::LOCAL_NAME) ||\r
+        XMLString::equals(name,SingleLogoutService::LOCAL_NAME) ||\r
+        XMLString::equals(name,DiagnosticService) ||\r
+        XMLString::equals(name,SessionInitiator) ||\r
+        XMLString::equals(name,AAPProvider) ||\r
+        XMLString::equals(name,CredentialUse) ||\r
+        XMLString::equals(name,RelyingParty) ||\r
+        XMLString::equals(name,_MetadataProvider) ||\r
+        XMLString::equals(name,TrustProvider))\r
+        return FILTER_REJECT;\r
+\r
+    return FILTER_ACCEPT;\r
+}\r
+\r
+pair<bool,bool> XMLApplication::getBool(const char* name, const char* ns) const\r
+{\r
+    pair<bool,bool> ret=DOMPropertySet::getBool(name,ns);\r
+    if (ret.first)\r
+        return ret;\r
+    return m_base ? m_base->getBool(name,ns) : ret;\r
+}\r
+\r
+pair<bool,const char*> XMLApplication::getString(const char* name, const char* ns) const\r
+{\r
+    pair<bool,const char*> ret=DOMPropertySet::getString(name,ns);\r
+    if (ret.first)\r
+        return ret;\r
+    return m_base ? m_base->getString(name,ns) : ret;\r
+}\r
+\r
+pair<bool,const XMLCh*> XMLApplication::getXMLString(const char* name, const char* ns) const\r
+{\r
+    pair<bool,const XMLCh*> ret=DOMPropertySet::getXMLString(name,ns);\r
+    if (ret.first)\r
+        return ret;\r
+    return m_base ? m_base->getXMLString(name,ns) : ret;\r
+}\r
+\r
+pair<bool,unsigned int> XMLApplication::getUnsignedInt(const char* name, const char* ns) const\r
+{\r
+    pair<bool,unsigned int> ret=DOMPropertySet::getUnsignedInt(name,ns);\r
+    if (ret.first)\r
+        return ret;\r
+    return m_base ? m_base->getUnsignedInt(name,ns) : ret;\r
+}\r
+\r
+pair<bool,int> XMLApplication::getInt(const char* name, const char* ns) const\r
+{\r
+    pair<bool,int> ret=DOMPropertySet::getInt(name,ns);\r
+    if (ret.first)\r
+        return ret;\r
+    return m_base ? m_base->getInt(name,ns) : ret;\r
+}\r
+\r
+const PropertySet* XMLApplication::getPropertySet(const char* name, const char* ns) const\r
+{\r
+    const PropertySet* ret=DOMPropertySet::getPropertySet(name,ns);\r
+    if (ret || !m_base)\r
+        return ret;\r
+    return m_base->getPropertySet(name,ns);\r
+}\r
+\r
+MetadataProvider* XMLApplication::getMetadataProvider() const\r
+{\r
+    return (!m_metadata && m_base) ? m_base->getMetadataProvider() : m_metadata;\r
+}\r
+\r
+TrustEngine* XMLApplication::getTrustEngine() const\r
+{\r
+    return (!m_trust && m_base) ? m_base->getTrustEngine() : m_trust;\r
+}\r
+\r
+const vector<const XMLCh*>& XMLApplication::getAudiences() const\r
+{\r
+    return (m_audiences.empty() && m_base) ? m_base->getAudiences() : m_audiences;\r
+}\r
+\r
+const PropertySet* XMLApplication::getCredentialUse(const EntityDescriptor* provider) const\r
+{\r
+    if (!m_credDefault && m_base)\r
+        return m_base->getCredentialUse(provider);\r
+        \r
+#ifdef HAVE_GOOD_STL\r
+    map<xmltooling::xstring,PropertySet*>::const_iterator i=m_credMap.find(provider->getEntityID());\r
+    if (i!=m_credMap.end())\r
+        return i->second;\r
+    const EntitiesDescriptor* group=dynamic_cast<const EntitiesDescriptor*>(provider->getParent());\r
+    while (group) {\r
+        if (group->getName()) {\r
+            i=m_credMap.find(group->getName());\r
+            if (i!=m_credMap.end())\r
+                return i->second;\r
+        }\r
+        group=dynamic_cast<const EntitiesDescriptor*>(group->getParent());\r
+    }\r
+#else\r
+    map<const XMLCh*,PropertySet*>::const_iterator i=m_credMap.begin();\r
+    for (; i!=m_credMap.end(); i++) {\r
+        if (XMLString::equals(i->first,provider->getId()))\r
+            return i->second;\r
+        const EntitiesDescriptor* group=dynamic_cast<const EntitiesDescriptor*>(provider->getParent());\r
+        while (group) {\r
+            if (XMLString::equals(i->first,group->getName()))\r
+                return i->second;\r
+            group=dynamic_cast<const EntitiesDescriptor*>(group->getParent());\r
+        }\r
+    }\r
+#endif\r
+    return m_credDefault;\r
+}\r
+\r
+const Handler* XMLApplication::getDefaultSessionInitiator() const\r
+{\r
+    if (m_sessionInitDefault) return m_sessionInitDefault;\r
+    return m_base ? m_base->getDefaultSessionInitiator() : NULL;\r
+}\r
+\r
+const Handler* XMLApplication::getSessionInitiatorById(const char* id) const\r
+{\r
+    map<string,const Handler*>::const_iterator i=m_sessionInitMap.find(id);\r
+    if (i!=m_sessionInitMap.end()) return i->second;\r
+    return m_base ? m_base->getSessionInitiatorById(id) : NULL;\r
+}\r
+\r
+const Handler* XMLApplication::getDefaultAssertionConsumerService() const\r
+{\r
+    if (m_acsDefault) return m_acsDefault;\r
+    return m_base ? m_base->getDefaultAssertionConsumerService() : NULL;\r
+}\r
+\r
+const Handler* XMLApplication::getAssertionConsumerServiceByIndex(unsigned short index) const\r
+{\r
+    map<unsigned int,const Handler*>::const_iterator i=m_acsIndexMap.find(index);\r
+    if (i!=m_acsIndexMap.end()) return i->second;\r
+    return m_base ? m_base->getAssertionConsumerServiceByIndex(index) : NULL;\r
+}\r
+\r
+const vector<const Handler*>& XMLApplication::getAssertionConsumerServicesByBinding(const XMLCh* binding) const\r
+{\r
+#ifdef HAVE_GOOD_STL\r
+    ACSBindingMap::const_iterator i=m_acsBindingMap.find(binding);\r
+#else\r
+    xmltooling::auto_ptr_char temp(binding);\r
+    ACSBindingMap::const_iterator i=m_acsBindingMap.find(temp.get());\r
+#endif\r
+    if (i!=m_acsBindingMap.end())\r
+        return i->second;\r
+    return m_base ? m_base->getAssertionConsumerServicesByBinding(binding) : g_noHandlers;\r
+}\r
+\r
+const Handler* XMLApplication::getHandler(const char* path) const\r
+{\r
+    string wrap(path);\r
+    map<string,const Handler*>::const_iterator i=m_handlerMap.find(wrap.substr(0,wrap.find('?')));\r
+    if (i!=m_handlerMap.end())\r
+        return i->second;\r
+    return m_base ? m_base->getHandler(path) : NULL;\r
+}\r
+\r
+short XMLConfigImpl::acceptNode(const DOMNode* node) const\r
+{\r
+    if (!XMLString::equals(node->getNamespaceURI(),shibspconstants::SHIB1SPCONFIG_NS) &&\r
+        !XMLString::equals(node->getNamespaceURI(),shibspconstants::SHIB2SPCONFIG_NS))\r
+        return FILTER_ACCEPT;\r
+    const XMLCh* name=node->getLocalName();\r
+    if (XMLString::equals(name,Applications) ||\r
+        XMLString::equals(name,AttributeFactory) ||\r
+        XMLString::equals(name,Credentials) ||\r
+        XMLString::equals(name,CredentialsProvider) ||\r
+        XMLString::equals(name,Extensions::LOCAL_NAME) ||\r
+        XMLString::equals(name,Implementation) ||\r
+        XMLString::equals(name,Listener) ||\r
+        XMLString::equals(name,MemoryListener) ||\r
+        XMLString::equals(name,MemorySessionCache) ||\r
+        XMLString::equals(name,RequestMapProvider) ||\r
+        XMLString::equals(name,_ReplayCache) ||\r
+        XMLString::equals(name,_SessionCache) ||\r
+        XMLString::equals(name,_StorageService) ||\r
+        XMLString::equals(name,TCPListener) ||\r
+        XMLString::equals(name,UnixListener))\r
+        return FILTER_REJECT;\r
+\r
+    return FILTER_ACCEPT;\r
+}\r
+\r
+void XMLConfigImpl::doExtensions(const DOMElement* e, const char* label, Category& log)\r
+{\r
+    const DOMElement* exts=XMLHelper::getFirstChildElement(e,Extensions::LOCAL_NAME);\r
+    if (exts) {\r
+        exts=XMLHelper::getFirstChildElement(exts,Library);\r
+        while (exts) {\r
+            xmltooling::auto_ptr_char path(exts->getAttributeNS(NULL,_path));\r
+            try {\r
+                if (path.get()) {\r
+                    XMLToolingConfig::getConfig().load_library(path.get(),(void*)exts);\r
+                    log.debug("loaded %s extension library (%s)", label, path.get());\r
+                }\r
+            }\r
+            catch (exception& e) {\r
+                const XMLCh* fatal=exts->getAttributeNS(NULL,fatal);\r
+                if (fatal && (*fatal==chLatin_t || *fatal==chDigit_1)) {\r
+                    log.fatal("unable to load mandatory %s extension library %s: %s", label, path.get(), e.what());\r
+                    throw;\r
+                }\r
+                else {\r
+                    log.crit("unable to load optional %s extension library %s: %s", label, path.get(), e.what());\r
+                }\r
+            }\r
+            exts=XMLHelper::getNextSiblingElement(exts,Library);\r
+        }\r
+    }\r
+}\r
+\r
+XMLConfigImpl::XMLConfigImpl(const DOMElement* e, bool first, const XMLConfig* outer) : m_outer(outer), m_document(NULL), m_requestMapper(NULL)\r
+{\r
+#ifdef _DEBUG\r
+    xmltooling::NDC ndc("XMLConfigImpl");\r
+#endif\r
+    Category& log=Category::getInstance(SHIBSP_LOGCAT".Config");\r
+\r
+    try {\r
+        SPConfig& conf=SPConfig::getConfig();\r
+        XMLToolingConfig& xmlConf=XMLToolingConfig::getConfig();\r
+        const DOMElement* SHAR=XMLHelper::getFirstChildElement(e,OutOfProcess);\r
+        if (!SHAR)\r
+            SHAR=XMLHelper::getFirstChildElement(e,Global);\r
+        const DOMElement* SHIRE=XMLHelper::getFirstChildElement(e,InProcess);\r
+        if (!SHIRE)\r
+            SHIRE=XMLHelper::getFirstChildElement(e,Local);\r
+\r
+        // Initialize log4cpp manually in order to redirect log messages as soon as possible.\r
+        if (conf.isEnabled(SPConfig::Logging)) {\r
+            const XMLCh* logconf=NULL;\r
+            if (conf.isEnabled(SPConfig::OutOfProcess))\r
+                logconf=SHAR->getAttributeNS(NULL,logger);\r
+            else if (conf.isEnabled(SPConfig::InProcess))\r
+                logconf=SHIRE->getAttributeNS(NULL,logger);\r
+            if (!logconf || !*logconf)\r
+                logconf=e->getAttributeNS(NULL,logger);\r
+            if (logconf && *logconf) {\r
+                xmltooling::auto_ptr_char logpath(logconf);\r
+                log.debug("loading new logging configuration from (%s), check log destination for status of configuration",logpath.get());\r
+                XMLToolingConfig::getConfig().log_config(logpath.get());\r
+            }\r
+            \r
+            if (first)\r
+                m_outer->m_tranLog = new TransactionLog();\r
+        }\r
+        \r
+        // First load any property sets.\r
+        map<string,string> root_remap;\r
+        root_remap["Global"]="OutOfProcess";\r
+        root_remap["Local"]="InProcess";\r
+        load(e,log,this,&root_remap);\r
+\r
+        const DOMElement* child;\r
+        string plugtype;\r
+\r
+        // Much of the processing can only occur on the first instantiation.\r
+        if (first) {\r
+            // Set clock skew.\r
+            pair<bool,unsigned int> skew=getUnsignedInt("clockSkew");\r
+            if (skew.first)\r
+                xmlConf.clock_skew_secs=skew.second;\r
+\r
+            // Extensions\r
+            doExtensions(e, "global", log);\r
+            if (conf.isEnabled(SPConfig::OutOfProcess))\r
+                doExtensions(SHAR, "out of process", log);\r
+\r
+            if (conf.isEnabled(SPConfig::InProcess))\r
+                doExtensions(SHIRE, "in process", log);\r
+            \r
+            // Instantiate the ListenerService and SessionCache objects.\r
+            if (conf.isEnabled(SPConfig::Listener)) {\r
+                child=XMLHelper::getFirstChildElement(SHAR,UnixListener);\r
+                if (child)\r
+                    plugtype=UNIX_LISTENER_SERVICE;\r
+                else {\r
+                    child=XMLHelper::getFirstChildElement(SHAR,TCPListener);\r
+                    if (child)\r
+                        plugtype=TCP_LISTENER_SERVICE;\r
+                    else {\r
+                        child=XMLHelper::getFirstChildElement(SHAR,MemoryListener);\r
+                        if (child)\r
+                            plugtype=MEMORY_LISTENER_SERVICE;\r
+                        else {\r
+                            child=XMLHelper::getFirstChildElement(SHAR,Listener);\r
+                            if (child) {\r
+                                xmltooling::auto_ptr_char type(child->getAttributeNS(NULL,_type));\r
+                                if (type.get())\r
+                                    plugtype=type.get();\r
+                            }\r
+                        }\r
+                    }\r
+                }\r
+                if (child) {\r
+                    log.info("building ListenerService of type %s...", plugtype.c_str());\r
+                    m_outer->m_listener = conf.ListenerServiceManager.newPlugin(plugtype.c_str(),child);\r
+                }\r
+                else {\r
+                    log.fatal("can't build ListenerService, missing conf:Listener element?");\r
+                    throw ConfigurationException("Can't build ListenerService, missing conf:Listener element?");\r
+                }\r
+            }\r
+\r
+            if (conf.isEnabled(SPConfig::Caching)) {\r
+                // TODO: This code's a mess, due to a very bad config layout for the caches...\r
+                // Needs rework with the new config file.\r
+                const DOMElement* container=conf.isEnabled(SPConfig::OutOfProcess) ? SHAR : SHIRE;\r
+\r
+                // First build any StorageServices.\r
+                string inmemID;\r
+                child=XMLHelper::getFirstChildElement(container,_StorageService);\r
+                while (child) {\r
+                    xmltooling::auto_ptr_char id(child->getAttributeNS(NULL,Id));\r
+                    xmltooling::auto_ptr_char type(child->getAttributeNS(NULL,_type));\r
+                    if (id.get() && type.get()) {\r
+                        try {\r
+                            log.info("building StorageService (%s) of type %s...", id.get(), type.get());\r
+                            m_outer->m_storage[id.get()] = xmlConf.StorageServiceManager.newPlugin(type.get(),child);\r
+                            if (!strcmp(type.get(),MEMORY_STORAGE_SERVICE))\r
+                                inmemID = id.get();\r
+                        }\r
+                        catch (exception& ex) {\r
+                            log.crit("failed to instantiate StorageService (%s): %s", id.get(), ex.what());\r
+                        }\r
+                    }\r
+                    child=XMLHelper::getNextSiblingElement(container,_StorageService);\r
+                }\r
+                \r
+                child=XMLHelper::getFirstChildElement(container,_SessionCache);\r
+                if (child) {\r
+                    xmltooling::auto_ptr_char type(child->getAttributeNS(NULL,_type));\r
+                    log.info("building Session Cache of type %s...",type.get());\r
+                    m_outer->m_sessionCache=conf.SessionCacheManager.newPlugin(type.get(),child);\r
+                }\r
+                else if (conf.isEnabled(SPConfig::OutOfProcess)) {\r
+                    log.warn("custom SessionCache unspecified or no longer supported, building SessionCache of type %s...",STORAGESERVICE_SESSION_CACHE);\r
+                    if (inmemID.empty()) {\r
+                        inmemID = "memory";\r
+                        log.info("no StorageServices configured, providing in-memory version for legacy config");\r
+                        m_outer->m_storage[inmemID] = xmlConf.StorageServiceManager.newPlugin(MEMORY_STORAGE_SERVICE,NULL);\r
+                    }\r
+                    child = container->getOwnerDocument()->createElementNS(NULL,_SessionCache);\r
+                    xmltooling::auto_ptr_XMLCh ssid(inmemID.c_str());\r
+                    const_cast<DOMElement*>(child)->setAttributeNS(NULL,_StorageService,ssid.get());\r
+                    m_outer->m_sessionCache=conf.SessionCacheManager.newPlugin(STORAGESERVICE_SESSION_CACHE,child);\r
+                }\r
+                else {\r
+                    log.warn("custom SessionCache unspecified or no longer supported, building SessionCache of type %s...",REMOTED_SESSION_CACHE);\r
+                    m_outer->m_sessionCache=conf.SessionCacheManager.newPlugin(REMOTED_SESSION_CACHE,NULL);\r
+                }\r
+                \r
+                // Replay cache.\r
+                StorageService* replaySS=NULL;\r
+                child=XMLHelper::getFirstChildElement(container,_ReplayCache);\r
+                if (child) {\r
+                    xmltooling::auto_ptr_char ssid(child->getAttributeNS(NULL,_StorageService));\r
+                    if (ssid.get() && *ssid.get()) {\r
+                        replaySS = m_outer->m_storage[ssid.get()];\r
+                        if (replaySS)\r
+                            log.info("building ReplayCache on top of StorageService (%s)...", ssid.get());\r
+                        else\r
+                            log.crit("unable to locate StorageService (%s) in configuration", ssid.get());\r
+                    }\r
+                }\r
+                if (!replaySS) {\r
+                    log.info("building ReplayCache using in-memory StorageService...");\r
+                    if (inmemID.empty()) {\r
+                        inmemID = "memory";\r
+                        log.info("no StorageServices configured, providing in-memory version for legacy config");\r
+                        m_outer->m_storage[inmemID] = xmlConf.StorageServiceManager.newPlugin(MEMORY_STORAGE_SERVICE,NULL);\r
+                    }\r
+                    replaySS = m_outer->m_storage[inmemID];\r
+                }\r
+                xmlConf.setReplayCache(new ReplayCache(replaySS));\r
+            }\r
+        } // end of first-time-only stuff\r
+        \r
+        // Back to the fully dynamic stuff...next up is the RequestMapper.\r
+        if (conf.isEnabled(SPConfig::RequestMapping)) {\r
+            child=XMLHelper::getFirstChildElement(SHIRE,RequestMapProvider);\r
+            if (child) {\r
+                xmltooling::auto_ptr_char type(child->getAttributeNS(NULL,_type));\r
+                log.info("building RequestMapper of type %s...",type.get());\r
+                m_requestMapper=conf.RequestMapperManager.newPlugin(type.get(),child);\r
+            }\r
+            else {\r
+                log.fatal("can't build RequestMapper, missing conf:RequestMapProvider element?");\r
+                throw ConfigurationException("can't build RequestMapper, missing conf:RequestMapProvider element?");\r
+            }\r
+        }\r
+        \r
+        // Now we load the credentials map.\r
+        if (conf.isEnabled(SPConfig::Credentials)) {\r
+            // Old format was to wrap it in a CredentialsProvider plugin, we're inlining that...\r
+            child = XMLHelper::getFirstChildElement(e,CredentialsProvider);\r
+            child = XMLHelper::getFirstChildElement(child ? child : e,Credentials);\r
+            if (child) {\r
+                // Step down and process resolvers.\r
+                child=XMLHelper::getFirstChildElement(child);\r
+                while (child) {\r
+                    xmltooling::auto_ptr_char id(child->getAttributeNS(NULL,Id));\r
+                    if (!id.get() || !*(id.get())) {\r
+                        log.warn("skipping CredentialsResolver with no Id attribute");\r
+                        child = XMLHelper::getNextSiblingElement(child);\r
+                        continue;\r
+                    }\r
+                    \r
+                    if (XMLString::equals(child->getLocalName(),FileResolver))\r
+                        plugtype=FILESYSTEM_CREDENTIAL_RESOLVER;\r
+                    else {\r
+                        xmltooling::auto_ptr_char c(child->getAttributeNS(NULL,_type));\r
+                        plugtype=c.get();\r
+                    }\r
+                    \r
+                    if (!plugtype.empty()) {\r
+                        try {\r
+                            CredentialResolver* cr=\r
+                                XMLToolingConfig::getConfig().CredentialResolverManager.newPlugin(plugtype.c_str(),child);\r
+                            m_credResolverMap[id.get()] = cr;\r
+                        }\r
+                        catch (exception& ex) {\r
+                            log.crit("failed to instantiate CredentialResolver (%s): %s", id.get(), ex.what());\r
+                        }\r
+                    }\r
+                    else {\r
+                        log.error("unknown type of CredentialResolver with Id (%s)", id.get());\r
+                    }\r
+                    \r
+                    child = XMLHelper::getNextSiblingElement(child);\r
+                }\r
+            }\r
+        }\r
+\r
+        // Load the default application. This actually has a fixed ID of "default". ;-)\r
+        child=XMLHelper::getFirstChildElement(e,Applications);\r
+        if (!child) {\r
+            log.fatal("can't build default Application object, missing conf:Applications element?");\r
+            throw ConfigurationException("can't build default Application object, missing conf:Applications element?");\r
+        }\r
+        XMLApplication* defapp=new XMLApplication(m_outer,child);\r
+        m_appmap[defapp->getId()]=defapp;\r
+        \r
+        // Load any overrides.\r
+        child = XMLHelper::getFirstChildElement(child,_Application);\r
+        while (child) {\r
+            auto_ptr<XMLApplication> iapp(new XMLApplication(m_outer,child,defapp));\r
+            if (m_appmap.find(iapp->getId())!=m_appmap.end())\r
+                log.crit("found conf:Application element with duplicate Id attribute (%s), skipping it", iapp->getId());\r
+            else\r
+                m_appmap[iapp->getId()]=iapp.release();\r
+\r
+            child = XMLHelper::getNextSiblingElement(child,_Application);\r
+        }\r
+    }\r
+    catch (exception&) {\r
+        this->~XMLConfigImpl();\r
+        throw;\r
+    }\r
+#ifndef _DEBUG\r
+    catch (...) {\r
+        this->~XMLConfigImpl();\r
+        throw;\r
+    }\r
+#endif\r
+}\r
+\r
+XMLConfigImpl::~XMLConfigImpl()\r
+{\r
+    for_each(m_appmap.begin(),m_appmap.end(),cleanup_pair<string,Application>());\r
+    for_each(m_credResolverMap.begin(),m_credResolverMap.end(),cleanup_pair<string,CredentialResolver>());\r
+    delete m_requestMapper;\r
+    if (m_document)\r
+        m_document->release();\r
+}\r
+\r
+pair<bool,DOMElement*> XMLConfig::load()\r
+{\r
+    // Load from source using base class.\r
+    pair<bool,DOMElement*> raw = ReloadableXMLFile::load();\r
+    \r
+    // If we own it, wrap it.\r
+    XercesJanitor<DOMDocument> docjanitor(raw.first ? raw.second->getOwnerDocument() : NULL);\r
+\r
+    XMLConfigImpl* impl = new XMLConfigImpl(raw.second,(m_impl==NULL),this);\r
+    \r
+    // If we held the document, transfer it to the impl. If we didn't, it's a no-op.\r
+    impl->setDocument(docjanitor.release());\r
+\r
+    delete m_impl;\r
+    m_impl = impl;\r
+\r
+    return make_pair(false,(DOMElement*)NULL);\r
+}\r

diff --git a/shibsp/remoting/impl/SocketListener.cpp b/shibsp/remoting/impl/SocketListener.cpp
index 8d94983..95a887f 100644 (file)
--- a/shibsp/remoting/impl/SocketListener.cpp
+++ b/shibsp/remoting/impl/SocketListener.cpp
@@ -180,6 +180,7 @@ bool SocketListener::run(bool* shutdown)
 #ifdef _DEBUG
     NDC ndc("run");
 #endif
+    log->info("listener service starting");
 
     // Save flag to monitor for shutdown request.
     m_shutdown=shutdown;

diff --git a/shibsp/shibsp.vcproj b/shibsp/shibsp.vcproj
index 3ac525b..2642f23 100644 (file)
--- a/shibsp/shibsp.vcproj
+++ b/shibsp/shibsp.vcproj
@@ -295,6 +295,10 @@
                                        RelativePath=".\impl\XMLRequestMapper.cpp"\r
                                        >\r
                                </File>\r
+                               <File\r
+                                       RelativePath=".\impl\XMLServiceProvider.cpp"\r
+                                       >\r
+                               </File>\r
                        </Filter>\r
                        <Filter\r
                                Name="attribute"\r

diff --git a/test/shibtest.cpp b/test/shibtest.cpp
index 9e15f0f..19b343e 100644 (file)
--- a/test/shibtest.cpp
+++ b/test/shibtest.cpp
@@ -74,7 +74,7 @@ int main(int argc,char* argv[])
         SPConfig::Metadata |
         SPConfig::Trust |
         SPConfig::Credentials |
-        SPConfig::AAP |
+        SPConfig::AttributeResolver |
         SPConfig::OutOfProcess |
         SPConfig::Caching
         );