virtual std::string getNotificationURL(const char* request, bool front, unsigned int index) const=0;
/**
- * Returns a set of attribute IDs to use as a REMOTE_USER value.
- * <p>The first attribute with a value (and only a single value) will be used.
+ * Returns an array of attribute IDs to use as a REMOTE_USER value, in order of preference.
*
- * @return a set of attribute IDs, or an empty set
+ * @return an array of attribute IDs, possibly empty
*/
- virtual const std::set<std::string>& getRemoteUserAttributeIds() const=0;
+ virtual const std::vector<std::string>& getRemoteUserAttributeIds() const=0;
/**
* Clears any headers that may be used to hold attributes after export.
}
// Export the attributes.
- bool remoteUserSet = false;
const multimap<string,const Attribute*>& attributes = session->getIndexedAttributes();
for (multimap<string,const Attribute*>::const_iterator a = attributes.begin(); a!=attributes.end(); ++a) {
- const vector<string>& vals = a->second->getSerializedValues();
-
- // See if this needs to be set as the REMOTE_USER value.
- if (!remoteUserSet && !vals.empty() && app->getRemoteUserAttributeIds().count(a->first)) {
- request.setRemoteUser(vals.front().c_str());
- remoteUserSet = true;
- }
-
- // Handle the normal export case.
string header(request.getSecureHeader(a->first.c_str()));
+ const vector<string>& vals = a->second->getSerializedValues();
for (vector<string>::const_iterator v = vals.begin(); v!=vals.end(); ++v) {
if (!header.empty())
header += ";";
request.setHeader(a->first.c_str(), header.c_str());
}
+ // Check for REMOTE_USER.
+ bool remoteUserSet = false;
+ const vector<string>& rmids = app->getRemoteUserAttributeIds();
+ for (vector<string>::const_iterator rmid = rmids.begin(); !remoteUserSet && rmid != rmids.end(); ++rmid) {
+ pair<multimap<string,const Attribute*>::const_iterator,multimap<string,const Attribute*>::const_iterator> matches =
+ attributes.equal_range(*rmid);
+ while (matches.first != matches.second) {
+ const vector<string>& vals = matches.first->second->getSerializedValues();
+ if (!vals.empty()) {
+ request.setRemoteUser(vals.front().c_str());
+ remoteUserSet = true;
+ break;
+ }
+ }
+ }
+
return make_pair(false,0L);
}
catch (exception& e) {
s << "<u>Miscellaneous</u>" << endl;
- s << "<strong>Client Address</strong>: " << (session->getClientAddress() ? session->getClientAddress() : "(none)") << endl;
- s << "<strong>Identity Provider</strong>: " << (session->getEntityID() ? session->getEntityID() : "(none)") << endl;
- s << "<strong>SSO Protocol</strong>: " << (session->getProtocol() ? session->getProtocol() : "(none)") << endl;
- s << "<strong>Authentication Time</strong>: " << (session->getAuthnInstant() ? session->getAuthnInstant() : "(none)") << endl;
- s << "<strong>Authentication Context Class</strong>: " << (session->getAuthnContextClassRef() ? session->getAuthnContextClassRef() : "(none)") << endl;
- s << "<strong>Authentication Context Decl</strong>: " << (session->getAuthnContextDeclRef() ? session->getAuthnContextDeclRef() : "(none)") << endl;
- s << "<strong>Session Expiration (barring inactivity)</strong>: ";
+ s << "<strong>Client Address:</strong> " << (session->getClientAddress() ? session->getClientAddress() : "(none)") << endl;
+ s << "<strong>Identity Provider:</strong> " << (session->getEntityID() ? session->getEntityID() : "(none)") << endl;
+ s << "<strong>SSO Protocol:</strong> " << (session->getProtocol() ? session->getProtocol() : "(none)") << endl;
+ s << "<strong>Authentication Time:</strong> " << (session->getAuthnInstant() ? session->getAuthnInstant() : "(none)") << endl;
+ s << "<strong>Authentication Context Class:</strong> " << (session->getAuthnContextClassRef() ? session->getAuthnContextClassRef() : "(none)") << endl;
+ s << "<strong>Authentication Context Decl:</strong> " << (session->getAuthnContextDeclRef() ? session->getAuthnContextDeclRef() : "(none)") << endl;
+ s << "<strong>Session Expiration (barring inactivity):</strong> ";
if (session->getExpiration())
s << ((session->getExpiration() - time(NULL)) / 60) << " minute(s)" << endl;
else
s << "Infinite" << endl;
-
+
s << endl << "<u>Attributes</u>" << endl;
string key;
#endif
string getNotificationURL(const char* resource, bool front, unsigned int index) const;
- const set<string>& getRemoteUserAttributeIds() const {
+ const vector<string>& getRemoteUserAttributeIds() const {
return (m_remoteUsers.empty() && m_base) ? m_base->getRemoteUserAttributeIds() : m_remoteUsers;
}
map<const XMLCh*,PropertySet*> m_partyMap;
#endif
#endif
- set<string> m_remoteUsers;
- vector<string> m_frontLogout,m_backLogout;
+ vector<string> m_remoteUsers,m_frontLogout,m_backLogout;
// manage handler objects
vector<Handler*> m_handlers;
pos = strchr(start,' ');
if (pos)
*pos=0;
- m_remoteUsers.insert(start);
+ m_remoteUsers.push_back(start);
start = pos ? pos+1 : NULL;
}
free(dup);