projects / shibboleth / sp.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: d15bbbc)
Moved NameIdentifier out of Subject.
authorcantor <cantor@cb58f699-b61c-0410-a6fe-9272a202ed29>
Mon, 12 Apr 2004 18:37:42 +0000 (18:37 +0000)
committercantor <cantor@cb58f699-b61c-0410-a6fe-9272a202ed29>
Mon, 12 Apr 2004 18:37:42 +0000 (18:37 +0000)
git-svn-id: https://svn.middleware.georgetown.edu/cpp-sp/trunk@976 cb58f699-b61c-0410-a6fe-9272a202ed29

apache/mod_apache.cpp patch | blob | history
isapi_shib/isapi_shib.cpp patch | blob | history
shib-target/shib-ccache.cpp patch | blob | history
shib-target/shibrpc-server.cpp patch | blob | history
shib/ShibPOSTProfile.cpp patch | blob | history
test/shibtest.cpp patch | blob | history
xmlproviders/XMLTrust.cpp patch | blob | history

diff --git a/apache/mod_apache.cpp b/apache/mod_apache.cpp
index 26331ee..d90ce7e 100644 (file)
--- a/apache/mod_apache.cpp
+++ b/apache/mod_apache.cpp
@@ -388,7 +388,7 @@ extern "C" int shib_check_user(request_rec* r)
     ap_table_unset(r->headers_in,"Shib-Origin-Site");
     ap_table_unset(r->headers_in,"Shib-Authentication-Method");
     if (sso_statement) {
-        auto_ptr_char os(sso_statement->getSubject()->getNameQualifier());
+        auto_ptr_char os(sso_statement->getSubject()->getNameIdentifier()->getNameQualifier());
         auto_ptr_char am(sso_statement->getAuthMethod());
         ap_table_set(r->headers_in,"Shib-Origin-Site", os.get());
         ap_table_set(r->headers_in,"Shib-Authentication-Method", am.get());
diff --git a/isapi_shib/isapi_shib.cpp b/isapi_shib/isapi_shib.cpp
index 7f801d5..29e2401 100644 (file)
--- a/isapi_shib/isapi_shib.cpp
+++ b/isapi_shib/isapi_shib.cpp
@@ -609,7 +609,7 @@ extern "C" DWORD WINAPI HttpFilterProc(PHTTP_FILTER_CONTEXT pfc, DWORD notificat
 
         // Export the SAML AuthnMethod and the origin site name.
         if (sso_statement) {
-            auto_ptr_char os(sso_statement->getSubject()->getNameQualifier());
+            auto_ptr_char os(sso_statement->getSubject()->getNameIdentifier()->getNameQualifier());
             auto_ptr_char am(sso_statement->getAuthMethod());
             pn->SetHeader(pfc,"Shib-Origin-Site:", const_cast<char*>(os.get()));
             pn->SetHeader(pfc,"Shib-Authentication-Method:", const_cast<char*>(am.get()));
diff --git a/shib-target/shib-ccache.cpp b/shib-target/shib-ccache.cpp
index 3a57f93..8270a04 100644 (file)
--- a/shib-target/shib-ccache.cpp
+++ b/shib-target/shib-ccache.cpp
@@ -148,7 +148,7 @@ private:
   mutable time_t m_lastAccess;
   time_t m_lastRetry;
 
-  const SAMLSubject* m_subject;
+  const SAMLNameIdentifier* m_nameid;
   SAMLAuthenticationStatement* p_auth;
   SAMLResponse* m_response;
   InternalCCache *m_cache;
@@ -444,9 +444,9 @@ InternalCCacheEntry::InternalCCacheEntry(
 
   m_application_id=application->getId();
 
-  m_subject = s->getSubject();
-  auto_ptr_char h(m_subject->getName());
-  auto_ptr_char d(m_subject->getNameQualifier());
+  m_nameid = s->getSubject()->getNameIdentifier();
+  auto_ptr_char h(m_nameid->getName());
+  auto_ptr_char d(m_nameid->getNameQualifier());
   m_handle = h.get();
   m_originSite = d.get();
 
@@ -464,7 +464,7 @@ InternalCCacheEntry::InternalCCacheEntry(
   if (r) {
     // Run pushed data through the AAP. Note that we could end up with an empty response!
     Metadata m(application->getMetadataProviders());
-    const IProvider* site=m.lookup(m_subject->getNameQualifier());
+    const IProvider* site=m.lookup(m_nameid->getNameQualifier());
     if (!site)
         throw MetadataException("unable to locate origin site's metadata during attribute acceptance processing");
     Iterator<SAMLAssertion*> assertions=r->getAssertions();
@@ -677,7 +677,7 @@ SAMLResponse* InternalCCacheEntry::getNewResponse()
     
     // Try this request. The binding wrapper class handles most of the details.
     Metadata m(application->getMetadataProviders());
-    const IProvider* site=m.lookup(m_subject->getNameQualifier());
+    const IProvider* site=m.lookup(m_nameid->getNameQualifier());
     if (!site) {
         log->error("unable to locate origin site's metadata during attribute query");
         throw ShibTargetException(SHIBRPC_INTERNAL_ERROR,"Unable to locate origin site's metadata during attribute query.");
@@ -704,7 +704,9 @@ SAMLResponse* InternalCCacheEntry::getNewResponse()
     try {
         // Build a SAML Request....
         SAMLAttributeQuery* q=new SAMLAttributeQuery(
-            static_cast<SAMLSubject*>(m_subject->clone()),providerID.second,application->getAttributeDesignators().clone()
+            new SAMLSubject(static_cast<SAMLNameIdentifier*>(m_nameid->clone())),
+            providerID.second,
+            application->getAttributeDesignators().clone()
             );
         auto_ptr<SAMLRequest> req(new SAMLRequest(EMPTY(QName),q));
         
diff --git a/shib-target/shibrpc-server.cpp b/shib-target/shibrpc-server.cpp
index c8040a3..286dcee 100644 (file)
--- a/shib-target/shibrpc-server.cpp
+++ b/shib-target/shibrpc-server.cpp
@@ -177,7 +177,7 @@ shibrpc_session_is_valid_1_svc(shibrpc_session_is_valid_args_1 *argp,
         throw ShibTargetException(SHIBRPC_NO_SESSION,"Unable to locate application for session, deleted?");
 
     Metadata m(app->getMetadataProviders());
-    const IProvider* origin=m.lookup(entry->getStatement()->getSubject()->getNameQualifier());
+    const IProvider* origin=m.lookup(entry->getStatement()->getSubject()->getNameIdentifier()->getNameQualifier());
 
     // Verify the address is the same
     if (argp->checkIPAddress) {
@@ -445,7 +445,7 @@ shibrpc_get_assertions_1_svc(shibrpc_get_assertions_args_1 *argp,
       throw ShibTargetException(SHIBRPC_NO_SESSION,"Unable to locate application for session, deleted?");
 
   Metadata m(app->getMetadataProviders());
-  const IProvider* origin=m.lookup(entry->getStatement()->getSubject()->getNameQualifier());
+  const IProvider* origin=m.lookup(entry->getStatement()->getSubject()->getNameIdentifier()->getNameQualifier());
 
   try {
     try {
diff --git a/shib/ShibPOSTProfile.cpp b/shib/ShibPOSTProfile.cpp
index 3459b61..e84dbb9 100644 (file)
--- a/shib/ShibPOSTProfile.cpp
+++ b/shib/ShibPOSTProfile.cpp
@@ -94,8 +94,8 @@ const XMLCh* ShibPOSTProfile::getProviderId(const saml::SAMLResponse& r)
         Iterator<SAMLStatement*> is=a->getStatements();
         while (is.hasNext()) {
             SAMLAuthenticationStatement* as=dynamic_cast<SAMLAuthenticationStatement*>(is.next());
-            if (as && as->getSubject()->getNameQualifier())
-                return as->getSubject()->getNameQualifier();
+            if (as && as->getSubject()->getNameIdentifier()->getNameQualifier())
+                return as->getSubject()->getNameIdentifier()->getNameQualifier();
         }
     }
     return ret;
@@ -146,10 +146,10 @@ SAMLResponse* ShibPOSTProfile::accept(
     }
     else {
         // Might be a down-level origin.
-        provider=m.lookup(sso->getSubject()->getNameQualifier());
+        provider=m.lookup(sso->getSubject()->getNameIdentifier()->getNameQualifier());
         if (provider) {
             if (pproviderId)
-                *pproviderId=XMLString::replicate(sso->getSubject()->getNameQualifier());
+                *pproviderId=XMLString::replicate(sso->getSubject()->getNameIdentifier()->getNameQualifier());
             log.debug("matched subject name qualifier against metadata");
         }
     }
@@ -157,7 +157,7 @@ SAMLResponse* ShibPOSTProfile::accept(
     // No metadata at all.        
     if (!provider) {
         auto_ptr_char issuer(assertion->getIssuer());
-        auto_ptr_char nq(sso->getSubject()->getNameQualifier());
+        auto_ptr_char nq(sso->getSubject()->getNameIdentifier()->getNameQualifier());
         log.error("assertion issuer not found in metadata (Issuer='%s', NameQualifier='%s'",
             issuer.get(), (nq.get() ? nq.get() : "null"));
         throw MetadataException("ShibPOSTProfile::accept() metadata lookup failed, unable to process assertion");
@@ -193,7 +193,7 @@ SAMLResponse* ShibPOSTProfile::accept(
     }
 
     auto_ptr_char issuer(assertion->getIssuer());
-    auto_ptr_char nq(sso->getSubject()->getNameQualifier());
+    auto_ptr_char nq(sso->getSubject()->getNameIdentifier()->getNameQualifier());
     log.error("metadata for assertion issuer indicates no SAML 1.x identity provider role (Issuer='%s', NameQualifier='%s'",
         issuer.get(), (nq.get() ? nq.get() : "null"));
     throw MetadataException("ShibPOSTProfile::accept() metadata lookup failed, issuer not registered as SAML identity provider");
diff --git a/test/shibtest.cpp b/test/shibtest.cpp
index 7c5fbb1..2fae0f6 100644 (file)
--- a/test/shibtest.cpp
+++ b/test/shibtest.cpp
@@ -124,7 +124,7 @@ int main(int argc,char* argv[])
             new SAMLRequest(
                 EMPTY(saml::QName),
                 new SAMLAttributeQuery(
-                    new SAMLSubject(handle.get(),domain.get(),format.get()),
+                    new SAMLSubject(new SAMLNameIdentifier(handle.get(),domain.get(),format.get())),
                     resource.get(),
                     app->getAttributeDesignators().clone()
                     )
@@ -184,7 +184,7 @@ int main(int argc,char* argv[])
                 SAMLAttributeStatement* s=dynamic_cast<SAMLAttributeStatement*>(j.next());
                 if (s)
                 {
-                    const SAMLSubject* sub=s->getSubject();
+                    const SAMLNameIdentifier* sub=s->getSubject()->getNameIdentifier();
                     cout << "Format: "; xmlout(cout,sub->getFormat()); cout << endl;
                     cout << "Domain: "; xmlout(cout,sub->getNameQualifier()); cout << endl;
                     cout << "Handle: "; xmlout(cout,sub->getName()); cout << endl;
diff --git a/xmlproviders/XMLTrust.cpp b/xmlproviders/XMLTrust.cpp
index e2da71f..089d54a 100644 (file)
--- a/xmlproviders/XMLTrust.cpp
+++ b/xmlproviders/XMLTrust.cpp
@@ -530,8 +530,8 @@ bool XMLTrust::validate(
                         Iterator<SAMLStatement*> statements=assertion->getStatements();
                         while (!provider && statements.hasNext()) {
                             SAMLSubjectStatement* statement=dynamic_cast<SAMLSubjectStatement*>(statements.next());
-                            if (statement && statement->getSubject()->getNameQualifier())
-                                provider=metadata.lookup(statement->getSubject()->getNameQualifier());
+                            if (statement && statement->getSubject()->getNameIdentifier()->getNameQualifier())
+                                provider=metadata.lookup(statement->getSubject()->getNameIdentifier()->getNameQualifier());
                         }
                     }
                 }
@@ -542,8 +542,8 @@ bool XMLTrust::validate(
                     Iterator<SAMLStatement*> statements=dynamic_cast<const SAMLAssertion&>(token).getStatements();
                     while (!provider && statements.hasNext()) {
                         SAMLSubjectStatement* statement=dynamic_cast<SAMLSubjectStatement*>(statements.next());
-                        if (statement && statement->getSubject()->getNameQualifier())
-                            provider=metadata.lookup(statement->getSubject()->getNameQualifier());
+                        if (statement && statement->getSubject()->getNameIdentifier()->getNameQualifier())
+                            provider=metadata.lookup(statement->getSubject()->getNameIdentifier()->getNameQualifier());
                     }
                 }
             }
Shibboleth SP