<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<link rel="stylesheet" type="text/css" href="<shibmlp styleSheet/>" />
- <title>Unauthorized Identity Provider</title>
+ <title>Unknown Identity Provider</title>
</head>
<body>
<div class="head">
<img src="<shibmlp logoLocation/>" alt="Logo" />
-<h1>Unauthorized Identity Provider</h1>
+<h1>Unknown Identity Provider</h1>
</div>
<p>The identity provider supplying your login credentials is not authorized for use with this service.</p>
enabled for your use.</p>
<p>Please include the following error message in any email:</p>
-<p class="error">Metadata lookup failure at (<shibmlp requestURL/>)</p>
+<p class="error">Identity provider lookup failed at (<shibmlp requestURL/>)</p>
<shibmlpif entityID>
<p><strong>EntityID:</strong> <shibmlp entityID/></p>
</shibmlpif>
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE html
- PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
- "DTD/xhtml1-strict.dtd">
-
-<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
-<head>
- <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
- <link rel="stylesheet" type="text/css" href="<shibmlp styleSheet/>" />
- <title>Access System Failure</title>
-</head>
-
-<body>
-<div class="head">
-<img src="<shibmlp logoLocation/>" alt="Logo" />
-<h1>Inter-institutional Access System Failure</h1>
-</div>
-
-<p>The inter-institutional access system experienced a technical failure at
-<shibmlp now/></p>
-
-<p>Please email <a href="mailto:<shibmlp supportContact/>"><shibmlp supportContact/></a>
-and include the following error message:</p>
-
-<p class="error">Resource Manager failure at (<shibmlp requestURL/>)</p>
-<p><shibmlp errorType/></p>
-
-</body>
-</html>
const Application& app=request.getApplication();
if (isHandler) {
+ option = request.getParameter("SAMLDS");
+ if (option && !strcmp(option,"1"))
+ throw MetadataException("No identity provider was selected by user.");
+
option = request.getParameter("target");
if (option)
target = option;
string returnURL=request.getHandlerURL(target.c_str());
pair<bool,const char*> thisloc = getString("Location");
if (thisloc.first) returnURL += thisloc.second;
+ returnURL += "?SAMLDS=1"; // signals us not to loop if we get no answer back
if (isHandler) {
// We may already have RelayState set if we looped back here,
query = strchr(query, '&');
// If we still have more, just append it.
if (query && *(++query))
- returnURL = returnURL + '?' + query;
+ returnURL = returnURL + '&' + query;
}
else {
// There's something in the query before target appears, so we have to find it.
thisloc.second = strstr(query,"&target=");
if (thisloc.second) {
// We found it, so first append everything up to it.
- returnURL += '?';
+ returnURL += '&';
returnURL.append(query, thisloc.second - query);
query = thisloc.second + 8; // move up just past the equals sign.
thisloc.second = strchr(query, '&');
}
else {
// No target in the existing query, so just append it as is.
- returnURL = returnURL + '?' + query;
+ returnURL = returnURL + '&' + query;
}
}
}
// Now append the sanitized target as needed.
if (!target.empty())
- returnURL = returnURL + (returnURL.rfind('?')==string::npos ? '?' : '&') + "target=" + urlenc->encode(target.c_str());
+ returnURL = returnURL + "&target=" + urlenc->encode(target.c_str());
}
else if (!target.empty()) {
// For a virtual handler, we just append target to the return link.
- returnURL = returnURL + "?target=" + urlenc->encode(target.c_str());;
+ returnURL = returnURL + "&target=" + urlenc->encode(target.c_str());;
}
string req=string(m_url) + (strchr(m_url,'?') ? '&' : '?') + "entityID=" + urlenc->encode(app.getString("entityID").second) +