#ifndef SHIBSP_LITE
void receive(DDF& in, ostream& out);
- string insert(
+ void insert(
time_t expires,
const Application& application,
- const char* client_addr=NULL,
+ const HTTPRequest& httpRequest,
+ HTTPResponse& httpResponse,
const saml2md::EntityDescriptor* issuer=NULL,
const XMLCh* protocol=NULL,
const saml2::NameID* nameid=NULL,
vector<string>& sessions
);
bool matches(
- const char* key,
+ const xmltooling::HTTPRequest& request,
const saml2md::EntityDescriptor* issuer,
const saml2::NameID& nameid,
const set<string>* indexes,
void remove(const char* key, const Application& application);
void test();
+ string active(const xmltooling::HTTPRequest& request, const Application& application) const {
+ pair<string,const char*> shib_cookie = application.getCookieNameProps("_shibsession_");
+ const char* session_id = request.getCookie(shib_cookie.first.c_str());
+ return (session_id ? session_id : "");
+ }
+
+ Session* find(const HTTPRequest& request, const Application& application, const char* client_addr=NULL, time_t* timeout=NULL) {
+ string id = active(request, application);
+ if (!id.empty())
+ return find(id.c_str(), application, client_addr, timeout);
+ return NULL;
+ }
+
+ void remove(const HTTPRequest& request, HTTPResponse* response, const Application& application) {
+ pair<string,const char*> shib_cookie = application.getCookieNameProps("_shibsession_");
+ const char* session_id = request.getCookie(shib_cookie.first.c_str());
+ if (session_id && *session_id) {
+ if (response)
+ response->setCookie(shib_cookie.first.c_str(), shib_cookie.second);
+ remove(session_id, application);
+ }
+ }
+
void cleanup();
Category& m_log;
}
}
-string SSCache::insert(
+void SSCache::insert(
time_t expires,
const Application& application,
- const char* client_addr,
+ const HTTPRequest& httpRequest,
+ HTTPResponse& httpResponse,
const saml2md::EntityDescriptor* issuer,
const XMLCh* protocol,
const saml2::NameID* nameid,
strftime(timebuf,32,"%Y-%m-%dT%H:%M:%SZ",ptime);
obj.addmember("expires").string(timebuf);
- if (client_addr)
- obj.addmember("client_addr").string(client_addr);
+ obj.addmember("client_addr").string(httpRequest.getRemoteAddr().c_str());
if (issuer)
obj.addmember("entity_id").string(entity_id.get());
if (protocol) {
}
const char* pid = obj["entity_id"].string();
- m_log.info("new session created: SessionID (%s) IdP (%s) Address (%s)", key.get(), pid ? pid : "none", client_addr);
+ m_log.info("new session created: SessionID (%s) IdP (%s) Address (%s)", key.get(), pid ? pid : "none", httpRequest.getRemoteAddr().c_str());
// Transaction Logging
TransactionLog* xlog = application.getServiceProvider().getTransactionLog();
") for principal from (IdP: " <<
(pid ? pid : "none") <<
") at (ClientAddress: " <<
- (client_addr ? client_addr : "none") <<
+ httpRequest.getRemoteAddr() <<
") with (NameIdentifier: " <<
(nameid ? name.get() : "none") <<
")";
xlog->log.info("}");
}
- return key.get();
+ pair<string,const char*> shib_cookie = application.getCookieNameProps("_shibsession_");
+ string k(key.get());\r
+ k += shib_cookie.second;
+ httpResponse.setCookie(shib_cookie.first.c_str(), k.c_str());
}
bool SSCache::matches(
- const char* key,
+ const xmltooling::HTTPRequest& request,
const saml2md::EntityDescriptor* issuer,
const saml2::NameID& nameid,
const set<string>* indexes,
{
auto_ptr_char entityID(issuer ? issuer->getEntityID() : NULL);
try {
- Session* session = find(key, application);
+ Session* session = find(request, application);
if (session) {
Locker locker(session, false);
if (XMLString::equals(session->getEntityID(), entityID.get()) && session->getNameID() &&
}
}
catch (exception& ex) {
- m_log.error("error while matching session (%s): %s", key, ex.what());
+ m_log.error("error while matching session: %s", ex.what());
}
return false;
}