using namespace xmltooling;
using namespace std;
-AbstractSPRequest::AbstractSPRequest()
+AbstractSPRequest::AbstractSPRequest(const char* category)
: m_sp(NULL), m_mapper(NULL), m_app(NULL), m_sessionTried(false), m_session(NULL),
- m_log(&Category::getInstance(SHIBSP_LOGCAT".SPRequest")), m_parser(NULL)
+ m_log(&Category::getInstance(category)), m_parser(NULL)
{
m_sp=SPConfig::getConfig().getServiceProvider();
m_sp->lock();
else if (cache)
m_sessionTried = true;
- // Get session ID from cookie.
- const Application& app = getApplication();
- pair<string,const char*> shib_cookie = app.getCookieNameProps("_shibsession_");
- const char* session_id = getCookie(shib_cookie.first.c_str());
- if (!session_id || !*session_id)
- return NULL;
-
// Need address checking and timeout settings.
time_t timeout=0;
if (checkTimeout || !ignoreAddress) {
- const PropertySet* props=app.getPropertySet("Sessions");
+ const PropertySet* props=getApplication().getPropertySet("Sessions");
if (props) {
if (checkTimeout) {
pair<bool,unsigned int> p=props->getUnsignedInt("timeout");
// The cache will either silently pass a session or NULL back, or throw an exception out.
Session* session = getServiceProvider().getSessionCache()->find(
- session_id, app, ignoreAddress ? NULL : getRemoteAddr().c_str(), checkTimeout ? &timeout : NULL
+ getApplication(), *this, ignoreAddress ? NULL : getRemoteAddr().c_str(), checkTimeout ? &timeout : NULL
);
if (cache)
m_session = session;
return session;
}
-const char* AbstractSPRequest::getRequestURL() const {
+static char _x2c(const char *what)
+{
+ register char digit;
+
+ digit = (what[0] >= 'A' ? ((what[0] & 0xdf) - 'A')+10 : (what[0] - '0'));
+ digit *= 16;
+ digit += (what[1] >= 'A' ? ((what[1] & 0xdf) - 'A')+10 : (what[1] - '0'));
+ return(digit);
+}
+
+void AbstractSPRequest::setRequestURI(const char* uri)
+{
+ // Fix for bug 574, secadv 20061002
+ // Unescape URI up to query string delimiter by looking for %XX escapes.
+ // Adapted from Apache's util.c, ap_unescape_url function.
+ if (uri) {
+ while (*uri) {
+ if (*uri == '?') {
+ m_uri += uri;
+ break;
+ }
+ else if (*uri == ';') {
+ // If this is Java being stupid, skip everything up to the query string, if any.
+ if (!strncmp(uri, ";jsessionid=", 12)) {
+ if (uri = strchr(uri, '?'))
+ m_uri += uri;
+ break;
+ }
+ else {
+ m_uri += *uri;
+ }
+ }
+ else if (*uri != '%') {
+ m_uri += *uri;
+ }
+ else {
+ ++uri;
+ if (!isxdigit(*uri) || !isxdigit(*(uri+1)))
+ throw ConfigurationException("Bad request, contained unsupported encoded characters.");
+ m_uri += _x2c(uri);
+ ++uri;
+ }
+ ++uri;
+ }
+ }
+}
+
+const char* AbstractSPRequest::getRequestURL() const
+{
if (m_url.empty()) {
// Compute the full target URL
int port = getPort();
portstr << port;
m_url += ":" + portstr.str();
}
- scheme = getRequestURI();
- if (scheme)
- m_url += scheme;
+ m_url += m_uri;
}
return m_url.c_str();
}
return values.size();
}
-const char* AbstractSPRequest::getCookie(const char* name) const
-{
- if (m_cookieMap.empty()) {
- string cookies=getHeader("Cookie");
-
- string::size_type pos=0,cname,namelen,val,vallen;
- while (pos !=string::npos && pos < cookies.length()) {
- while (isspace(cookies[pos])) pos++;
- cname=pos;
- pos=cookies.find_first_of("=",pos);
- if (pos == string::npos)
- break;
- namelen=pos-cname;
- pos++;
- if (pos==cookies.length())
- break;
- val=pos;
- pos=cookies.find_first_of(";",pos);
- if (pos != string::npos) {
- vallen=pos-val;
- pos++;
- m_cookieMap.insert(make_pair(cookies.substr(cname,namelen),cookies.substr(val,vallen)));
- }
- else
- m_cookieMap.insert(make_pair(cookies.substr(cname,namelen),cookies.substr(val)));
- }
- }
- map<string,string>::const_iterator lookup=m_cookieMap.find(name);
- return (lookup==m_cookieMap.end()) ? NULL : lookup->second.c_str();
-}
-
const char* AbstractSPRequest::getHandlerURL(const char* resource) const
{
if (!resource)
projects / shibboleth / sp.git / blobdiff