Convert logging to log4shib via compile time switch.

[shibboleth/opensaml2.git] / saml / saml2 / binding / impl / SAML2MessageRule.cpp

diff --git a/saml/saml2/binding/impl/SAML2MessageRule.cpp b/saml/saml2/binding/impl/SAML2MessageRule.cpp
index fe604c2..76649b1 100644 (file)
--- a/saml/saml2/binding/impl/SAML2MessageRule.cpp
+++ b/saml/saml2/binding/impl/SAML2MessageRule.cpp
@@ -1,5 +1,5 @@
 /*
- *  Copyright 2001-2006 Internet2
+ *  Copyright 2001-2007 Internet2
  * 
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -15,30 +15,39 @@
  */
 
 /**
- * SAML1MessageRule.cpp
+ * SAML2MessageRule.cpp
  * 
- * SAML 1.x message extraction rule
+ * SAML 2.0 message extraction rule
  */
 
 #include "internal.h"
 #include "exceptions.h"
-#include "saml2/binding/SAML2MessageRule.h"
+#include "binding/SecurityPolicyRule.h"
 #include "saml2/core/Protocols.h"
 #include "saml2/metadata/Metadata.h"
 #include "saml2/metadata/MetadataProvider.h"
 #include "util/SAMLConstants.h"
 
-#include <log4cpp/Category.hh>
+#include <xmltooling/logging.h>
 
 using namespace opensaml::saml2md;
 using namespace opensaml::saml2p;
 using namespace opensaml::saml2;
 using namespace opensaml;
+using namespace xmltooling::logging;
 using namespace xmltooling;
-using namespace log4cpp;
 using namespace std;
 
 namespace opensaml {
+    class SAML_DLLLOCAL SAML2MessageRule : public SecurityPolicyRule
+    {
+    public:
+        SAML2MessageRule(const DOMElement* e) {}
+        virtual ~SAML2MessageRule() {}
+        
+        void evaluate(const xmltooling::XMLObject& message, const GenericRequest* request, SecurityPolicy& policy) const;
+    };
+
     SecurityPolicyRule* SAML_DLLLOCAL SAML2MessageRuleFactory(const DOMElement* const & e)
     {
         return new SAML2MessageRule(e);
@@ -52,57 +61,56 @@ void SAML2MessageRule::evaluate(const XMLObject& message, const GenericRequest*
     const QName& q = message.getElementQName(); 
     policy.setMessageQName(&q);
     
+    if (!XMLString::equals(q.getNamespaceURI(), samlconstants::SAML20P_NS)&&
+        !XMLString::equals(q.getNamespaceURI(), samlconstants::SAML20_NS)) {
+        return;
+    }
+
     try {
-        const opensaml::RootObject& samlRoot = dynamic_cast<const opensaml::RootObject&>(message);
+        const saml2::RootObject& samlRoot = dynamic_cast<const saml2::RootObject&>(message);
         policy.setMessageID(samlRoot.getID());
         policy.setIssueInstant(samlRoot.getIssueInstantEpoch());
 
-        if (!XMLString::equals(q.getNamespaceURI(), samlconstants::SAML20P_NS)) {
-            log.warn("not a SAML 2.0 protocol message");
-            throw BindingException("Message was not a recognized SAML 2.0 protocol element.");
-        }
-
         log.debug("extracting issuer from message");
-        const saml2::RootObject& saml2Root = dynamic_cast<const saml2::RootObject&>(samlRoot);
-        Issuer* issuer = saml2Root.getIssuer();
-        if (issuer && issuer->getName()) {
-            auto_ptr<Issuer> copy(issuer->cloneIssuer());
-            policy.setIssuer(copy.get());
-            copy.release();
+        const Issuer* issuer = samlRoot.getIssuer();
+        if (issuer) {
+            policy.setIssuer(issuer);
         }
-        else {
+        else if (XMLString::equals(q.getLocalPart(), Response::LOCAL_NAME)) {
             // No issuer in the message, so we have to try the Response approach. 
-            const vector<Assertion*>& assertions = dynamic_cast<const Response&>(saml2Root).getAssertions();
+            const vector<saml2::Assertion*>& assertions = dynamic_cast<const Response&>(samlRoot).getAssertions();
             if (!assertions.empty()) {
                 issuer = assertions.front()->getIssuer();
-                if (issuer && issuer->getName()) {
-                    auto_ptr<Issuer> copy(issuer->cloneIssuer());
-                    policy.setIssuer(copy.get());
-                    copy.release();
-                }
+                if (issuer)
+                    policy.setIssuer(issuer);
             }
         }
 
-        if (!policy.getIssuer()) {
+        if (!issuer) {
             log.warn("issuer identity not extracted");
             return;
         }
 
         if (log.isDebugEnabled()) {
-            auto_ptr_char iname(policy.getIssuer()->getName());
+            auto_ptr_char iname(issuer->getName());
             log.debug("message from (%s)", iname.get());
         }
 
+        if (policy.getIssuerMetadata()) {
+            log.debug("metadata for issuer already set, leaving in place");
+            return;
+        }
+
         if (policy.getMetadataProvider() && policy.getRole()) {
-            if (policy.getIssuer()->getFormat() && !XMLString::equals(policy.getIssuer()->getFormat(), saml2::NameIDType::ENTITY)) {
+            if (issuer->getFormat() && !XMLString::equals(issuer->getFormat(), NameIDType::ENTITY)) {
                 log.warn("non-system entity issuer, skipping metadata lookup");
                 return;
             }
             
             log.debug("searching metadata for message issuer...");
-            const EntityDescriptor* entity = policy.getMetadataProvider()->getEntityDescriptor(policy.getIssuer()->getName());
+            const EntityDescriptor* entity = policy.getMetadataProvider()->getEntityDescriptor(issuer->getName());
             if (!entity) {
-                auto_ptr_char temp(policy.getIssuer()->getName());
+                auto_ptr_char temp(issuer->getName());
                 log.warn("no metadata found, can't establish identity of issuer (%s)", temp.get());
                 return;
             }