2 * Copyright 2001-2007 Internet2
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
18 * @file shibsp/handler/AssertionConsumerService.h
20 * Base class for handlers that create sessions by consuming SSO protocol responses.
23 #ifndef __shibsp_acshandler_h__
24 #define __shibsp_acshandler_h__
26 #include <shibsp/handler/AbstractHandler.h>
27 #include <shibsp/handler/RemotedHandler.h>
28 #include <saml/binding/MessageDecoder.h>
29 #include <saml/saml2/metadata/Metadata.h>
33 class SHIBSP_API ResolutionContext;
35 #if defined (_MSC_VER)
36 #pragma warning( push )
37 #pragma warning( disable : 4250 )
41 * Base class for handlers that create sessions by consuming SSO protocol responses.
43 class SHIBSP_API AssertionConsumerService : public AbstractHandler, public RemotedHandler
46 virtual ~AssertionConsumerService();
48 std::pair<bool,long> run(SPRequest& request, bool isHandler=true) const;
49 void receive(DDF& in, std::ostream& out);
55 * @param e root of DOM configuration
56 * @param appId ID of application that "owns" the handler
57 * @param log a logging object to use
59 AssertionConsumerService(const xercesc::DOMElement* e, const char* appId, log4cpp::Category& log);
62 * Implement protocol-specific handling of the incoming decoded message.
64 * <p>The result of implementing the protocol should be an exception or
65 * the key to a newly created session.
67 * @param application reference to application receiving message
68 * @param httpRequest client request that included message
69 * @param policy the SecurityPolicy in effect, after having evaluated the message
70 * @param settings policy configuration settings in effect
71 * @param xmlObject a protocol-specific message object
72 * @return the key to the newly created session
74 virtual std::string implementProtocol(
75 const Application& application,
76 const opensaml::HTTPRequest& httpRequest,
77 opensaml::SecurityPolicy& policy,
78 const PropertySet* settings,
79 const xmltooling::XMLObject& xmlObject
83 * Enforce address checking requirements.
85 * @param application reference to application receiving message
86 * @param httpRequest client request that initiated session
87 * @param issuedTo address for which security assertion was issued
90 const Application& application, const opensaml::HTTPRequest& httpRequest, const char* issuedTo
94 * Attempt SSO-initiated attribute resolution using the supplied information.
96 * <p>The caller must free the returned context handle.
98 * @param application reference to application receiving message
99 * @param issuer source of SSO tokens
100 * @param nameid identifier of principal
101 * @param tokens available assertions, if any
102 * @param attributes attributes already extracted, if any
104 ResolutionContext* resolveAttributes(
105 const Application& application,
106 const opensaml::saml2md::EntityDescriptor* issuer=NULL,
107 const opensaml::saml2::NameID* nameid=NULL,
108 const std::vector<const opensaml::Assertion*>* tokens=NULL,
109 const std::multimap<std::string,Attribute*>* attributes=NULL
113 std::string processMessage(
114 const Application& application,
115 opensaml::HTTPRequest& httpRequest,
116 std::string& entityID,
117 std::string& relayState
120 std::pair<bool,long> sendRedirect(
121 SPRequest& request, const char* key, const char* entityID, const char* relayState
124 void maintainHistory(SPRequest& request, const char* entityID, const char* cookieProps) const;
126 opensaml::MessageDecoder* m_decoder;
127 xmltooling::auto_ptr_char m_configNS;
128 xmltooling::QName m_role;
131 #if defined (_MSC_VER)
132 #pragma warning( pop )
137 #endif /* __shibsp_acshandler_h__ */