shibsp/SPConfig.cpp

   1
   2 /*
   3  *  Copyright 2001-2010 Internet2
   4  *
   5  * Licensed under the Apache License, Version 2.0 (the "License");
   6  * you may not use this file except in compliance with the License.
   7  * You may obtain a copy of the License at
   8  *
   9  *     http://www.apache.org/licenses/LICENSE-2.0
  10  *
  11  * Unless required by applicable law or agreed to in writing, software
  12  * distributed under the License is distributed on an "AS IS" BASIS,
  13  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  14  * See the License for the specific language governing permissions and
  15  * limitations under the License.
  16  */
  17
  18 /**
  19  * SPConfig.cpp
  20  *
  21  * Library configuration.
  22  */
  23
  24 #include "internal.h"
  25
  26 #if defined(XMLTOOLING_LOG4SHIB)
  27 # ifndef SHIBSP_LOG4SHIB
  28 #  error "Logging library mismatch (XMLTooling is using log4shib)."
  29 # endif
  30 #elif defined(XMLTOOLING_LOG4CPP)
  31 # ifndef SHIBSP_LOG4CPP
  32 #  error "Logging library mismatch (XMLTooling is using log4cpp)."
  33 # endif
  34 #else
  35 # error "No supported logging library."
  36 #endif
  37
  38 #include "exceptions.h"
  39 #include "version.h"
  40 #include "AccessControl.h"
  41 #include "RequestMapper.h"
  42 #include "ServiceProvider.h"
  43 #include "SessionCache.h"
  44 #include "SPConfig.h"
  45 #include "TransactionLog.h"
  46 #include "attribute/Attribute.h"
  47 #include "binding/ProtocolProvider.h"
  48 #include "handler/LogoutInitiator.h"
  49 #include "handler/SessionInitiator.h"
  50 #include "remoting/ListenerService.h"
  51
  52 #ifndef SHIBSP_LITE
  53 # include "attribute/AttributeDecoder.h"
  54 # include "attribute/filtering/AttributeFilter.h"
  55 # include "attribute/filtering/MatchFunctor.h"
  56 # include "attribute/resolver/AttributeExtractor.h"
  57 # include "attribute/resolver/AttributeResolver.h"
  58 # include "binding/ArtifactResolver.h"
  59 # include "metadata/MetadataExt.h"
  60 # include "security/PKIXTrustEngine.h"
  61 # include "security/SecurityPolicyProvider.h"
  62 # include <saml/version.h>
  63 # include <saml/SAMLConfig.h>
  64 #endif
  65
  66 #include <ctime>
  67 #include <xercesc/util/XMLUniDefs.hpp>
  68 #include <xmltooling/version.h>
  69 #include <xmltooling/XMLToolingConfig.h>
  70 #include <xmltooling/util/NDC.h>
  71 #include <xmltooling/util/ParserPool.h>
  72 #include <xmltooling/util/PathResolver.h>
  73 #include <xmltooling/util/TemplateEngine.h>
  74 #include <xmltooling/util/Threads.h>
  75 #include <xmltooling/util/XMLHelper.h>
  76
  77 using namespace shibsp;
  78 using namespace opensaml;
  79 using namespace xmltooling;
  80 using namespace std;
  81
  82 DECL_XMLTOOLING_EXCEPTION_FACTORY(AttributeException,shibsp);
  83 DECL_XMLTOOLING_EXCEPTION_FACTORY(AttributeExtractionException,shibsp);
  84 DECL_XMLTOOLING_EXCEPTION_FACTORY(AttributeFilteringException,shibsp);
  85 DECL_XMLTOOLING_EXCEPTION_FACTORY(AttributeResolutionException,shibsp);
  86 DECL_XMLTOOLING_EXCEPTION_FACTORY(ConfigurationException,shibsp);
  87 DECL_XMLTOOLING_EXCEPTION_FACTORY(ListenerException,shibsp);
  88
  89 #ifdef SHIBSP_LITE
  90 DECL_XMLTOOLING_EXCEPTION_FACTORY(BindingException,opensaml);
  91 DECL_XMLTOOLING_EXCEPTION_FACTORY(SecurityPolicyException,opensaml);
  92 DECL_XMLTOOLING_EXCEPTION_FACTORY(ProfileException,opensaml);
  93 DECL_XMLTOOLING_EXCEPTION_FACTORY(FatalProfileException,opensaml);
  94 DECL_XMLTOOLING_EXCEPTION_FACTORY(RetryableProfileException,opensaml);
  95 DECL_XMLTOOLING_EXCEPTION_FACTORY(MetadataException,opensaml::saml2md);
  96 #endif
  97
  98 namespace shibsp {
  99    SPConfig g_config;
 100 }
 101
 102 SPConfig& SPConfig::getConfig()
 103 {
 104     return g_config;
 105 }
 106
 107 SPConfig::SPConfig() : attribute_value_delimeter(';'), m_serviceProvider(nullptr),
 108 #ifndef SHIBSP_LITE
 109     m_artifactResolver(nullptr),
 110 #endif
 111     m_features(0), m_configDoc(nullptr)
 112 {
 113 }
 114
 115 SPConfig::~SPConfig()
 116 {
 117 }
 118
 119 void SPConfig::setFeatures(unsigned long enabled)
 120 {
 121     m_features = enabled;
 122 }
 123
 124 unsigned long SPConfig::getFeatures() const {
 125     return m_features;
 126 }
 127
 128 bool SPConfig::isEnabled(components_t feature) const
 129 {
 130     return (m_features & feature)>0;
 131 }
 132
 133 ServiceProvider* SPConfig::getServiceProvider() const
 134 {
 135     return m_serviceProvider;
 136 }
 137
 138 void SPConfig::setServiceProvider(ServiceProvider* serviceProvider)
 139 {
 140     delete m_serviceProvider;
 141     m_serviceProvider = serviceProvider;
 142 }
 143
 144 #ifndef SHIBSP_LITE
 145 void SPConfig::setArtifactResolver(MessageDecoder::ArtifactResolver* artifactResolver)
 146 {
 147     delete m_artifactResolver;
 148     m_artifactResolver = artifactResolver;
 149 }
 150
 151 const MessageDecoder::ArtifactResolver* SPConfig::getArtifactResolver() const
 152 {
 153     return m_artifactResolver;
 154 }
 155 #endif
 156
 157 bool SPConfig::init(const char* catalog_path, const char* inst_prefix)
 158 {
 159 #ifdef _DEBUG
 160     NDC ndc("init");
 161 #endif
 162     if (!inst_prefix)
 163         inst_prefix = getenv("SHIBSP_PREFIX");
 164     if (!inst_prefix)
 165         inst_prefix = SHIBSP_PREFIX;
 166     std::string inst_prefix2;
 167     while (*inst_prefix) {
 168         inst_prefix2.push_back((*inst_prefix=='\\') ? ('/') : (*inst_prefix));
 169         ++inst_prefix;
 170     }
 171
 172     const char* loglevel=getenv("SHIBSP_LOGGING");
 173     if (!loglevel)
 174         loglevel = SHIBSP_LOGGING;
 175     std::string ll(loglevel);
 176     PathResolver localpr;
 177     localpr.setDefaultPrefix(inst_prefix2.c_str());
 178     inst_prefix = getenv("SHIBSP_CFGDIR");
 179     if (!inst_prefix)
 180         inst_prefix = SHIBSP_CFGDIR;
 181     localpr.setCfgDir(inst_prefix);
 182     XMLToolingConfig::getConfig().log_config(localpr.resolve(ll, PathResolver::XMLTOOLING_CFG_FILE, PACKAGE_NAME).c_str());
 183
 184     Category& log=Category::getInstance(SHIBSP_LOGCAT".Config");
 185     log.debug("%s library initialization started", PACKAGE_STRING);
 186
 187     if (!catalog_path)
 188         catalog_path = getenv("SHIBSP_SCHEMAS");
 189     if (!catalog_path)
 190         catalog_path = SHIBSP_SCHEMAS;
 191     XMLToolingConfig::getConfig().catalog_path = catalog_path;
 192
 193 #ifndef SHIBSP_LITE
 194     XMLToolingConfig::getConfig().user_agent = string(PACKAGE_NAME) + '/' + PACKAGE_VERSION +
 195         " OpenSAML/" + OPENSAML_FULLVERSIONDOT +
 196         " XMLTooling/" + XMLTOOLING_FULLVERSIONDOT +
 197         " XML-Security-C/" + XSEC_FULLVERSIONDOT +
 198         " Xerces-C/" + XERCES_FULLVERSIONDOT +
 199 #if defined(LOG4SHIB_VERSION)
 200         " log4shib/" + LOG4SHIB_VERSION;
 201 #elif defined(LOG4CPP_VERSION)
 202         " log4cpp/" + LOG4CPP_VERSION;
 203 #endif
 204     if (!SAMLConfig::getConfig().init()) {
 205         log.fatal("failed to initialize OpenSAML library");
 206         return false;
 207     }
 208 #else
 209     XMLToolingConfig::getConfig().user_agent = string(PACKAGE_NAME) + '/' + PACKAGE_VERSION +
 210         " XMLTooling/" + XMLTOOLING_FULLVERSIONDOT +
 211         " Xerces-C/" + XERCES_FULLVERSIONDOT +
 212 #if defined(LOG4SHIB_VERSION)
 213         " log4shib/" + LOG4SHIB_VERSION;
 214 #elif defined(LOG4CPP_VERSION)
 215         " log4cpp/" + LOG4CPP_VERSION;
 216 #endif
 217     if (!XMLToolingConfig::getConfig().init()) {
 218         log.fatal("failed to initialize XMLTooling library");
 219         return false;
 220     }
 221 #endif
 222     PathResolver* pr = XMLToolingConfig::getConfig().getPathResolver();
 223     pr->setDefaultPackageName(PACKAGE_NAME);
 224     pr->setDefaultPrefix(inst_prefix2.c_str());
 225     pr->setCfgDir(inst_prefix);
 226     inst_prefix = getenv("SHIBSP_LIBDIR");
 227     if (!inst_prefix)
 228         inst_prefix = SHIBSP_LIBDIR;
 229     pr->setLibDir(inst_prefix);
 230     inst_prefix = getenv("SHIBSP_LOGDIR");
 231     if (!inst_prefix)
 232         inst_prefix = SHIBSP_LOGDIR;
 233     pr->setLogDir(inst_prefix);
 234     inst_prefix = getenv("SHIBSP_RUNDIR");
 235     if (!inst_prefix)
 236         inst_prefix = SHIBSP_RUNDIR;
 237     pr->setRunDir(inst_prefix);
 238     inst_prefix = getenv("SHIBSP_XMLDIR");
 239     if (!inst_prefix)
 240         inst_prefix = SHIBSP_XMLDIR;
 241     pr->setXMLDir(inst_prefix);
 242
 243     XMLToolingConfig::getConfig().setTemplateEngine(new TemplateEngine());
 244     XMLToolingConfig::getConfig().getTemplateEngine()->setTagPrefix("shibmlp");
 245
 246     REGISTER_XMLTOOLING_EXCEPTION_FACTORY(AttributeException,shibsp);
 247     REGISTER_XMLTOOLING_EXCEPTION_FACTORY(AttributeExtractionException,shibsp);
 248     REGISTER_XMLTOOLING_EXCEPTION_FACTORY(AttributeFilteringException,shibsp);
 249     REGISTER_XMLTOOLING_EXCEPTION_FACTORY(AttributeResolutionException,shibsp);
 250     REGISTER_XMLTOOLING_EXCEPTION_FACTORY(ConfigurationException,shibsp);
 251     REGISTER_XMLTOOLING_EXCEPTION_FACTORY(ListenerException,shibsp);
 252
 253 #ifdef SHIBSP_LITE
 254     REGISTER_XMLTOOLING_EXCEPTION_FACTORY(BindingException,opensaml);
 255     REGISTER_XMLTOOLING_EXCEPTION_FACTORY(SecurityPolicyException,opensaml);
 256     REGISTER_XMLTOOLING_EXCEPTION_FACTORY(ProfileException,opensaml);
 257     REGISTER_XMLTOOLING_EXCEPTION_FACTORY(FatalProfileException,opensaml);
 258     REGISTER_XMLTOOLING_EXCEPTION_FACTORY(RetryableProfileException,opensaml);
 259     REGISTER_XMLTOOLING_EXCEPTION_FACTORY(MetadataException,opensaml::saml2md);
 260 #endif
 261
 262 #ifndef SHIBSP_LITE
 263     if (isEnabled(Metadata))
 264         registerMetadataExtClasses();
 265     if (isEnabled(Trust))
 266         registerPKIXTrustEngine();
 267 #endif
 268
 269     registerAttributeFactories();
 270
 271     if (isEnabled(Handlers)) {
 272         registerHandlers();
 273         registerLogoutInitiators();
 274         registerSessionInitiators();
 275         registerProtocolProviders();
 276     }
 277
 278     registerServiceProviders();
 279
 280 #ifndef SHIBSP_LITE
 281     if (isEnabled(AttributeResolution)) {
 282         registerAttributeExtractors();
 283         registerAttributeDecoders();
 284         registerAttributeResolvers();
 285         registerAttributeFilters();
 286         registerMatchFunctors();
 287     }
 288     registerSecurityPolicyProviders();
 289 #endif
 290
 291     if (isEnabled(Listener))
 292         registerListenerServices();
 293
 294     if (isEnabled(RequestMapping)) {
 295         registerAccessControls();
 296         registerRequestMappers();
 297     }
 298
 299     if (isEnabled(Caching))
 300         registerSessionCaches();
 301
 302 #ifndef SHIBSP_LITE
 303     if (isEnabled(OutOfProcess))
 304         m_artifactResolver = new ArtifactResolver();
 305 #endif
 306     srand(static_cast<unsigned int>(std::time(nullptr)));
 307
 308     log.info("%s library initialization complete", PACKAGE_STRING);
 309     return true;
 310 }
 311
 312 void SPConfig::term()
 313 {
 314 #ifdef _DEBUG
 315     NDC ndc("term");
 316 #endif
 317     Category& log=Category::getInstance(SHIBSP_LOGCAT".Config");
 318     log.info("%s library shutting down", PACKAGE_STRING);
 319
 320     setServiceProvider(nullptr);
 321     if (m_configDoc)
 322         m_configDoc->release();
 323     m_configDoc = nullptr;
 324 #ifndef SHIBSP_LITE
 325     setArtifactResolver(nullptr);
 326 #endif
 327
 328     if (isEnabled(Handlers)) {
 329         ArtifactResolutionServiceManager.deregisterFactories();
 330         AssertionConsumerServiceManager.deregisterFactories();
 331         LogoutInitiatorManager.deregisterFactories();
 332         ManageNameIDServiceManager.deregisterFactories();
 333         SessionInitiatorManager.deregisterFactories();
 334         SingleLogoutServiceManager.deregisterFactories();
 335         HandlerManager.deregisterFactories();
 336         ProtocolProviderManager.deregisterFactories();
 337     }
 338
 339     ServiceProviderManager.deregisterFactories();
 340     Attribute::deregisterFactories();
 341
 342 #ifndef SHIBSP_LITE
 343     SecurityPolicyProviderManager.deregisterFactories();
 344     if (isEnabled(AttributeResolution)) {
 345         MatchFunctorManager.deregisterFactories();
 346         AttributeFilterManager.deregisterFactories();
 347         AttributeDecoderManager.deregisterFactories();
 348         AttributeExtractorManager.deregisterFactories();
 349         AttributeResolverManager.deregisterFactories();
 350     }
 351 #endif
 352
 353     if (isEnabled(Listener))
 354         ListenerServiceManager.deregisterFactories();
 355
 356     if (isEnabled(RequestMapping)) {
 357         AccessControlManager.deregisterFactories();
 358         RequestMapperManager.deregisterFactories();
 359     }
 360
 361     if (isEnabled(Caching))
 362         SessionCacheManager.deregisterFactories();
 363
 364 #ifndef SHIBSP_LITE
 365     SAMLConfig::getConfig().term();
 366 #else
 367     XMLToolingConfig::getConfig().term();
 368 #endif
 369     log.info("%s library shutdown complete", PACKAGE_STRING);
 370 }
 371
 372 bool SPConfig::instantiate(const char* config, bool rethrow)
 373 {
 374 #ifdef _DEBUG
 375     NDC ndc("instantiate");
 376 #endif
 377     if (!config)
 378         config = getenv("SHIBSP_CONFIG");
 379     if (!config)
 380         config = SHIBSP_CONFIG;
 381     try {
 382         xercesc::DOMDocument* dummydoc;
 383         if (*config == '"' || *config == '\'') {
 384             throw ConfigurationException("The value of SHIBSP_CONFIG started with a quote.");
 385         }
 386         else if (*config != '<') {
 387
 388             // Mock up some XML.
 389             string resolved(config);
 390             stringstream snippet;
 391             snippet
 392                 << "<Dummy path='"
 393                 << XMLToolingConfig::getConfig().getPathResolver()->resolve(resolved, PathResolver::XMLTOOLING_CFG_FILE)
 394                 << "' validate='1'/>";
 395             dummydoc = XMLToolingConfig::getConfig().getParser().parse(snippet);
 396             XercesJanitor<xercesc::DOMDocument> docjanitor(dummydoc);
 397             setServiceProvider(ServiceProviderManager.newPlugin(XML_SERVICE_PROVIDER, dummydoc->getDocumentElement()));
 398             if (m_configDoc)
 399                 m_configDoc->release();
 400             m_configDoc = docjanitor.release();
 401         }
 402         else {
 403             stringstream snippet(config);
 404             dummydoc = XMLToolingConfig::getConfig().getParser().parse(snippet);
 405             XercesJanitor<xercesc::DOMDocument> docjanitor(dummydoc);
 406             static const XMLCh _type[] = UNICODE_LITERAL_4(t,y,p,e);
 407             auto_ptr_char type(dummydoc->getDocumentElement()->getAttributeNS(nullptr,_type));
 408             if (type.get() && *type.get())
 409                 setServiceProvider(ServiceProviderManager.newPlugin(type.get(), dummydoc->getDocumentElement()));
 410             else
 411                 throw ConfigurationException("The supplied XML bootstrapping configuration did not include a type attribute.");
 412             if (m_configDoc)
 413                 m_configDoc->release();
 414             m_configDoc = docjanitor.release();
 415         }
 416
 417         getServiceProvider()->init();
 418         return true;
 419     }
 420     catch (exception& ex) {
 421         if (rethrow)
 422             throw;
 423         Category::getInstance(SHIBSP_LOGCAT".Config").fatal("caught exception while loading configuration: %s", ex.what());
 424     }
 425     return false;
 426 }
 427
 428 TransactionLog::TransactionLog() : log(logging::Category::getInstance(SHIBSP_TX_LOGCAT)), m_lock(Mutex::create())
 429 {
 430 }
 431
 432 TransactionLog::~TransactionLog()
 433 {
 434     delete m_lock;
 435 }
 436
 437 Lockable* TransactionLog::lock()
 438 {
 439     m_lock->lock();
 440     return this;
 441 }
 442
 443 void TransactionLog::unlock()
 444 {
 445     m_lock->unlock();
 446 }