~ApacheRequestMapper() { delete m_mapper; delete m_htaccess; delete m_staKey; delete m_propsKey; }
Lockable* lock() { return m_mapper->lock(); }
void unlock() { m_staKey->setData(NULL); m_propsKey->setData(NULL); m_mapper->unlock(); }
- Settings getSettings(const SPRequest& request) const;
+ Settings getSettings(const HTTPRequest& request) const;
const PropertySet* getParent() const { return NULL; }
void setParent(const PropertySet*) {}
pair<bool,const XMLCh*> getXMLString(const char* name, const char* ns=NULL) const;
pair<bool,unsigned int> getUnsignedInt(const char* name, const char* ns=NULL) const;
pair<bool,int> getInt(const char* name, const char* ns=NULL) const;
+ void getAll(map<string,const char*>& properties) const;
const PropertySet* getPropertySet(const char* name, const char* ns="urn:mace:shibboleth:2.0:native:sp:config") const;
const xercesc::DOMElement* getElement() const;
m_propsKey=ThreadKey::create(NULL);
}
-RequestMapper::Settings ApacheRequestMapper::getSettings(const SPRequest& request) const
+RequestMapper::Settings ApacheRequestMapper::getSettings(const HTTPRequest& request) const
{
Settings s=m_mapper->getSettings(request);
m_staKey->setData((void*)dynamic_cast<const ShibTargetApache*>(&request));
return s ? s->getInt(name,ns) : pair<bool,int>(false,0);
}
+void ApacheRequestMapper::getAll(map<string,const char*>& properties) const
+{
+ const ShibTargetApache* sta=reinterpret_cast<const ShibTargetApache*>(m_staKey->getData());
+ const PropertySet* s=reinterpret_cast<const PropertySet*>(m_propsKey->getData());
+
+ if (s)
+ s->getAll(properties);
+
+ const char* auth_type=ap_auth_type(sta->m_req);
+ if (auth_type) {
+ // Check for Basic Hijack
+ if (!strcasecmp(auth_type, "basic") && sta->m_dc->bBasicHijack == 1)
+ auth_type = "shibboleth";
+ properties["authType"] = auth_type;
+ }
+
+ if (sta->m_dc->szApplicationId)
+ properties["applicationId"] = sta->m_dc->szApplicationId;
+ if (sta->m_dc->szRequireWith)
+ properties["requireSessionWith"] = sta->m_dc->szRequireWith;
+ if (sta->m_dc->szRedirectToSSL)
+ properties["redirectToSSL"] = sta->m_dc->szRedirectToSSL;
+ if (sta->m_dc->bRequireSession != 0)
+ properties["requireSession"] = (sta->m_dc->bRequireSession==1) ? "true" : "false";
+ if (sta->m_dc->bExportAssertion != 0)
+ properties["exportAssertion"] = (sta->m_dc->bExportAssertion==1) ? "true" : "false";
+}
+
const PropertySet* ApacheRequestMapper::getPropertySet(const char* name, const char* ns) const
{
const PropertySet* s=reinterpret_cast<const PropertySet*>(m_propsKey->getData());
~SunRequestMapper() { delete m_mapper; delete m_stKey; delete m_propsKey; }
Lockable* lock() { return m_mapper->lock(); }
void unlock() { m_stKey->setData(NULL); m_propsKey->setData(NULL); m_mapper->unlock(); }
- Settings getSettings(const SPRequest& request) const;
+ Settings getSettings(const HTTPRequest& request) const;
const PropertySet* getParent() const { return NULL; }
void setParent(const PropertySet*) {}
pair<bool,const XMLCh*> getXMLString(const char* name, const char* ns=NULL) const;
pair<bool,unsigned int> getUnsignedInt(const char* name, const char* ns=NULL) const;
pair<bool,int> getInt(const char* name, const char* ns=NULL) const;
+ void getAll(map<string,const char*>& properties) const;
const PropertySet* getPropertySet(const char* name, const char* ns="urn:mace:shibboleth:2.0:native:sp:config") const;
const xercesc::DOMElement* getElement() const;
m_propsKey=ThreadKey::create(NULL);
}
-RequestMapper::Settings SunRequestMapper::getSettings(const SPRequest& request) const
+RequestMapper::Settings SunRequestMapper::getSettings(const HTTPRequest& request) const
{
Settings s=m_mapper->getSettings(request);
m_stKey->setData((void*)dynamic_cast<const ShibTargetNSAPI*>(&request));
return s ? s->getInt(name,ns) : pair<bool,int>(false,0);
}
+void SunRequestMapper::getAll(map<string,const char*>& properties) const
+{
+ const ShibTargetNSAPI* stn=reinterpret_cast<const ShibTargetNSAPI*>(m_stKey->getData());
+ const PropertySet* s=reinterpret_cast<const PropertySet*>(m_propsKey->getData());
+ if (s)
+ s->getAll(properties);
+ properties["authType"] = "shibboleth";
+ const pb_entry* entry;
+ for (int i=0; i<stn->m_pb->hsize; ++i) {
+ entry = stn->m_pb->ht[i];
+ while (entry) {
+ properties[entry->param->name] = entry->param->value;
+ entry = entry->next;
+ }
+ }
+}
+
const PropertySet* SunRequestMapper::getPropertySet(const char* name, const char* ns) const
{
const PropertySet* s=reinterpret_cast<const PropertySet*>(m_propsKey->getData());
#include <shibsp/base.h>
#include <xmltooling/Lockable.h>
+#include <xmltooling/io/HTTPRequest.h>
namespace shibsp {
class SHIBSP_API AccessControl;
class SHIBSP_API PropertySet;
- class SHIBSP_API SPRequest;
/**
* Interface to a request mapping plugin
* @param request SP request
* @return configuration settings and effective AccessControl plugin, if any
*/
- virtual Settings getSettings(const SPRequest& request) const=0;
+ virtual Settings getSettings(const xmltooling::HTTPRequest& request) const=0;
};
/**
class Override : public DOMPropertySet, public DOMNodeFilter\r
{\r
public:\r
- Override() : m_base(NULL), m_acl(NULL) {}\r
+ Override() : m_acl(NULL) {}\r
Override(const DOMElement* e, Category& log, const Override* base=NULL);\r
~Override();\r
\r
- // PropertySet\r
- pair<bool,bool> getBool(const char* name, const char* ns=NULL) const;\r
- pair<bool,const char*> getString(const char* name, const char* ns=NULL) const;\r
- pair<bool,const XMLCh*> getXMLString(const char* name, const char* ns=NULL) const;\r
- pair<bool,unsigned int> getUnsignedInt(const char* name, const char* ns=NULL) const;\r
- pair<bool,int> getInt(const char* name, const char* ns=NULL) const;\r
- const PropertySet* getPropertySet(const char* name, const char* ns="urn:mace:shibboleth:2.0:native:sp:config") const;\r
- \r
// Provides filter to exclude special config elements.\r
short acceptNode(const DOMNode* node) const {\r
return FILTER_REJECT;\r
}\r
\r
- const Override* locate(const SPRequest& request) const;\r
- AccessControl* getAC() const { return (m_acl ? m_acl : (m_base ? m_base->getAC() : NULL)); }\r
+ const Override* locate(const HTTPRequest& request) const;\r
+ AccessControl* getAC() const { return (m_acl ? m_acl : (getParent() ? dynamic_cast<const Override*>(getParent())->getAC() : NULL)); }\r
\r
protected:\r
void loadACL(const DOMElement* e, Category& log);\r
vector< pair< pair<string,RegularExpression*>,Override*> > m_queries;\r
\r
private:\r
- const Override* m_base;\r
AccessControl* m_acl;\r
};\r
\r
m_document = doc;\r
}\r
\r
- const Override* findOverride(const char* vhost, const SPRequest& request) const;\r
+ const Override* findOverride(const char* vhost, const HTTPRequest& request) const;\r
\r
private: \r
map<string,Override*> m_extras;\r
delete m_impl;\r
}\r
\r
- Settings getSettings(const SPRequest& request) const;\r
+ Settings getSettings(const HTTPRequest& request) const;\r
\r
protected:\r
pair<bool,DOMElement*> load();\r
}\r
}\r
\r
-Override::Override(const DOMElement* e, Category& log, const Override* base) : m_base(base), m_acl(NULL)\r
+Override::Override(const DOMElement* e, Category& log, const Override* base) : m_acl(NULL)\r
{\r
try {\r
// Load the property set.\r
load(e,log,this);\r
+ setParent(base);\r
\r
// Load any AccessControl provider.\r
loadACL(e,log);\r
}\r
}\r
\r
-pair<bool,bool> Override::getBool(const char* name, const char* ns) const\r
-{\r
- pair<bool,bool> ret=DOMPropertySet::getBool(name,ns);\r
- if (ret.first)\r
- return ret;\r
- return m_base ? m_base->getBool(name,ns) : ret;\r
-}\r
-\r
-pair<bool,const char*> Override::getString(const char* name, const char* ns) const\r
-{\r
- pair<bool,const char*> ret=DOMPropertySet::getString(name,ns);\r
- if (ret.first)\r
- return ret;\r
- return m_base ? m_base->getString(name,ns) : ret;\r
-}\r
-\r
-pair<bool,const XMLCh*> Override::getXMLString(const char* name, const char* ns) const\r
-{\r
- pair<bool,const XMLCh*> ret=DOMPropertySet::getXMLString(name,ns);\r
- if (ret.first)\r
- return ret;\r
- return m_base ? m_base->getXMLString(name,ns) : ret;\r
-}\r
-\r
-pair<bool,unsigned int> Override::getUnsignedInt(const char* name, const char* ns) const\r
-{\r
- pair<bool,unsigned int> ret=DOMPropertySet::getUnsignedInt(name,ns);\r
- if (ret.first)\r
- return ret;\r
- return m_base ? m_base->getUnsignedInt(name,ns) : ret;\r
-}\r
-\r
-pair<bool,int> Override::getInt(const char* name, const char* ns) const\r
-{\r
- pair<bool,int> ret=DOMPropertySet::getInt(name,ns);\r
- if (ret.first)\r
- return ret;\r
- return m_base ? m_base->getInt(name,ns) : ret;\r
-}\r
-\r
-const PropertySet* Override::getPropertySet(const char* name, const char* ns) const\r
-{\r
- const PropertySet* ret=DOMPropertySet::getPropertySet(name,ns);\r
- if (ret || !m_base)\r
- return ret;\r
- return m_base->getPropertySet(name,ns);\r
-}\r
-\r
-const Override* Override::locate(const SPRequest& request) const\r
+const Override* Override::locate(const HTTPRequest& request) const\r
{\r
// This function is confusing because it's *not* recursive.\r
// The whole path is tokenized and mapped in a loop, so the\r
}\r
}\r
\r
-const Override* XMLRequestMapperImpl::findOverride(const char* vhost, const SPRequest& request) const\r
+const Override* XMLRequestMapperImpl::findOverride(const char* vhost, const HTTPRequest& request) const\r
{\r
const Override* o=NULL;\r
map<string,Override*>::const_iterator i=m_map.find(vhost);\r
return make_pair(false,(DOMElement*)NULL);\r
}\r
\r
-RequestMapper::Settings XMLRequestMapper::getSettings(const SPRequest& request) const\r
+RequestMapper::Settings XMLRequestMapper::getSettings(const HTTPRequest& request) const\r
{\r
ostringstream vhost;\r
vhost << request.getScheme() << "://" << request.getHostname() << ':' << request.getPort();\r
pair<bool,const XMLCh*> getXMLString(const char* name, const char* ns=NULL) const {return m_impl->getXMLString(name,ns);}
pair<bool,unsigned int> getUnsignedInt(const char* name, const char* ns=NULL) const {return m_impl->getUnsignedInt(name,ns);}
pair<bool,int> getInt(const char* name, const char* ns=NULL) const {return m_impl->getInt(name,ns);}
+ void getAll(map<string,const char*>& properties) const {return m_impl->getAll(properties);}
const PropertySet* getPropertySet(const char* name, const char* ns="urn:mace:shibboleth:2.0:native:sp:config") const {return m_impl->getPropertySet(name,ns);}
const DOMElement* getElement() const {return m_impl->getElement();}
return pair<bool,int>(false,0);
}
+void DOMPropertySet::getAll(std::map<std::string,const char*>& properties) const
+{
+ if (m_parent)
+ m_parent->getAll(properties);
+ for (map< string,pair<char*,const XMLCh*> >::const_iterator i = m_map.begin(); i != m_map.end(); ++i)
+ properties[i->first] = i->second.first;
+}
+
const PropertySet* DOMPropertySet::getPropertySet(const char* name, const char* ns) const
{
map<string,DOMPropertySet*>::const_iterator i;
std::pair<bool,const XMLCh*> getXMLString(const char* name, const char* ns=NULL) const;
std::pair<bool,unsigned int> getUnsignedInt(const char* name, const char* ns=NULL) const;
std::pair<bool,int> getInt(const char* name, const char* ns=NULL) const;
+ void getAll(std::map<std::string,const char*>& properties) const;
const PropertySet* getPropertySet(const char* name, const char* ns="urn:mace:shibboleth:2.0:native:sp:config") const;
const xercesc::DOMElement* getElement() const {
#define __shibsp_propset_h__
#include <shibsp/base.h>
+#include <map>
#include <xercesc/dom/DOM.hpp>
namespace shibsp {
virtual std::pair<bool,int> getInt(const char* name, const char* ns=NULL) const=0;
/**
+ * Returns a map of all known properties in string form.
+ *
+ * @param properties map to populate
+ */
+ virtual void getAll(std::map<std::string,const char*>& properties) const=0;
+
+ /**
* Returns a nested property set.
*
* @param name nested property set name
projects / shibboleth / sp.git / commitdiff