// We've successfully "accepted" the SSO token.
// To complete processing, we need to extract and resolve attributes and then create the session.
- multimap<string,Attribute*> resolvedAttributes;
+ vector<Attribute*> resolvedAttributes;
AttributeExtractor* extractor = application.getAttributeExtractor();
if (extractor) {
m_log.debug("extracting pushed attributes...");
catch (exception& ex) {
m_log.error("caught exception filtering attributes: %s", ex.what());
m_log.error("dumping extracted attributes due to filtering exception");
- for_each(resolvedAttributes.begin(), resolvedAttributes.end(), cleanup_pair<string,shibsp::Attribute>());
+ for_each(resolvedAttributes.begin(), resolvedAttributes.end(), xmltooling::cleanup<shibsp::Attribute>());
resolvedAttributes.clear();
}
}
tokens.insert(tokens.end(), ctx->getResolvedAssertions().begin(), ctx->getResolvedAssertions().end());
// Copy over new attributes, and transfer ownership.
- resolvedAttributes.insert(ctx->getResolvedAttributes().begin(), ctx->getResolvedAttributes().end());
+ resolvedAttributes.insert(resolvedAttributes.end(), ctx->getResolvedAttributes().begin(), ctx->getResolvedAttributes().end());
ctx->getResolvedAttributes().clear();
}
&tokens,
&resolvedAttributes
);
- for_each(resolvedAttributes.begin(), resolvedAttributes.end(), cleanup_pair<string,Attribute>());
+ for_each(resolvedAttributes.begin(), resolvedAttributes.end(), xmltooling::cleanup<shibsp::Attribute>());
return key;
}
catch (exception&) {
- for_each(resolvedAttributes.begin(), resolvedAttributes.end(), cleanup_pair<string,Attribute>());
+ for_each(resolvedAttributes.begin(), resolvedAttributes.end(), xmltooling::cleanup<shibsp::Attribute>());
throw;
}
}
}
// Find the attribute(s) matching the require rule.
- pair<multimap<string,Attribute*>::const_iterator,multimap<string,Attribute*>::const_iterator> attrs =
- session->getAttributes().equal_range(w);
+ pair<multimap<string,const Attribute*>::const_iterator,multimap<string,const Attribute*>::const_iterator> attrs =
+ session->getIndexedAttributes().equal_range(w);
if (attrs.first == attrs.second) {
request.log(SPRequest::SPWarn, string("htAccessControl rule requires attribute (") + w + "), not found in session");
continue;
// Export the attributes.
bool remoteUserSet = false;
- const multimap<string,Attribute*>& attributes = session->getAttributes();
- for (multimap<string,Attribute*>::const_iterator a = attributes.begin(); a!=attributes.end(); ++a) {
+ const multimap<string,const Attribute*>& attributes = session->getIndexedAttributes();
+ for (multimap<string,const Attribute*>::const_iterator a = attributes.begin(); a!=attributes.end(); ++a) {
const vector<string>& vals = a->second->getSerializedValues();
// See if this needs to be set as the REMOTE_USER value.
/**
* Returns the resolved attributes associated with the session.
*
+ * @return an immutable array of attributes
+ */
+ virtual const std::vector<Attribute*>& getAttributes() const=0;
+
+ /**
+ * Returns the resolved attributes associated with the session, indexed by ID
+ *
* @return an immutable map of attributes keyed by attribute ID
*/
- virtual const std::multimap<std::string,Attribute*>& getAttributes() const=0;
+ virtual const std::multimap<std::string,const Attribute*>& getIndexedAttributes() const=0;
/**
* Returns the identifiers of the assertion(s) cached by the session.
* @param authncontext_class method/category of authentication event, if known
* @param authncontext_decl specifics of authentication event, if known
* @param tokens assertions to cache with session, if any
- * @param attributes optional map of resolved Attributes to cache with session
+ * @param attributes optional array of resolved Attributes to cache with session
* @return newly created session's key
*/
virtual std::string insert(
const XMLCh* authncontext_class=NULL,
const XMLCh* authncontext_decl=NULL,
const std::vector<const opensaml::Assertion*>* tokens=NULL,
- const std::multimap<std::string,Attribute*>* attributes=NULL
+ const std::vector<Attribute*>* attributes=NULL
)=0;
/**
* Filters values out of a set of attributes.
*
* @param context a FilteringContext interface
- * @param attributes a mutable map containing the attributes to filter
+ * @param attributes a mutable array containing the attributes to filter
*
* @throws AttributeFileringException thrown if there is a problem filtering attributes
*/
- virtual void filterAttributes(const FilteringContext& context, std::multimap<std::string,Attribute*>& attributes) const=0;
+ virtual void filterAttributes(const FilteringContext& context, std::vector<Attribute*>& attributes) const=0;
};
/**
*/
BasicFilteringContext(
const Application& app,
- const std::multimap<std::string,Attribute*>& attributes,
+ const std::vector<Attribute*>& attributes,
const opensaml::saml2md::RoleDescriptor* role=NULL,
const XMLCh* authncontext_class=NULL,
const XMLCh* authncontext_decl=NULL
- ) : m_app(app), m_attributes(attributes), m_role(role), m_issuer(NULL), m_class(authncontext_class), m_decl(authncontext_decl) {
+ ) : m_app(app), m_role(role), m_issuer(NULL), m_class(authncontext_class), m_decl(authncontext_decl) {
if (role)
m_issuer = dynamic_cast<opensaml::saml2md::EntityDescriptor*>(role->getParent())->getEntityID();
+ for (std::vector<Attribute*>::const_iterator a = attributes.begin(); a != attributes.end(); ++a)
+ m_attributes.insert(std::make_pair((*a)->getId(), *a));
}
virtual ~BasicFilteringContext() {}
private:
const Application& m_app;
- const std::multimap<std::string,Attribute*>& m_attributes;
+ std::multimap<std::string,Attribute*> m_attributes;
const opensaml::saml2md::RoleDescriptor* m_role;
const XMLCh* m_issuer;
const XMLCh* m_class;
void unlock() {
}
- void filterAttributes(const FilteringContext& context, multimap<string,Attribute*>& attributes) const {
+ void filterAttributes(const FilteringContext& context, vector<Attribute*>& attributes) const {
for (vector<AttributeFilter*>::const_iterator i=m_filters.begin(); i!=m_filters.end(); ++i) {
Locker locker(*i);
(*i)->filterAttributes(context, attributes);
m_document = doc;
}
- void filterAttributes(const FilteringContext& context, multimap<string,Attribute*>& attributes) const;
+ void filterAttributes(const FilteringContext& context, vector<Attribute*>& attributes) const;
private:
MatchFunctor* buildFunctor(
delete m_impl;
}
- void filterAttributes(const FilteringContext& context, multimap<string,Attribute*>& attributes) const {
+ void filterAttributes(const FilteringContext& context, vector<Attribute*>& attributes) const {
m_impl->filterAttributes(context, attributes);
}
return make_pair(string(),(MatchFunctor*)NULL);
}
-void XMLFilterImpl::filterAttributes(const FilteringContext& context, multimap<string,Attribute*>& attributes) const
+void XMLFilterImpl::filterAttributes(const FilteringContext& context, vector<Attribute*>& attributes) const
{
auto_ptr_char issuer(context.getAttributeIssuer());
if (m_policies.empty()) {
m_log.warn("no filter policies were loaded, filtering out all attributes from (%s)", issuer.get() ? issuer.get() : "unknown source");
- for_each(attributes.begin(), attributes.end(), cleanup_pair<string,Attribute>());
+ for_each(attributes.begin(), attributes.end(), xmltooling::cleanup<Attribute>());
attributes.clear();
return;
}
for (vector<Policy>::const_iterator p=m_policies.begin(); p!=m_policies.end(); ++p) {
if (p->m_applies->evaluatePolicyRequirement(context)) {
// Loop over the attributes and look for possible rules to run.
- for (multimap<string,Attribute*>::iterator a=attributes.begin(); a!=attributes.end();) {
+ for (vector<Attribute*>::size_type a=0; a<attributes.size();) {
bool ruleFound = false;
- pair<Policy::rules_t::const_iterator,Policy::rules_t::const_iterator> rules = p->m_rules.equal_range(a->second->getId());
+ Attribute* attr = attributes[a];
+ pair<Policy::rules_t::const_iterator,Policy::rules_t::const_iterator> rules = p->m_rules.equal_range(attr->getId());
if (rules.first != rules.second) {
ruleFound = true;
// Run each rule in sequence.
- m_log.debug("applying filtering rule(s) for attribute (%s) from (%s)", a->second->getId(), issuer.get() ? issuer.get() : "unknown source");
+ m_log.debug(
+ "applying filtering rule(s) for attribute (%s) from (%s)",
+ attr->getId(), issuer.get() ? issuer.get() : "unknown source"
+ );
for (; rules.first!=rules.second; ++rules.first) {
- count = a->second->valueCount();
+ count = attr->valueCount();
for (index=0; index < count;) {
// The return value tells us whether to index past the accepted value, or stay put and decrement the count.
- if (rules.first->second->evaluatePermitValue(context, *(a->second), index)) {
+ if (rules.first->second->evaluatePermitValue(context, *attr, index)) {
index++;
}
else {
m_log.warn(
"filtered value at position (%lu) of attribute (%s) from (%s)",
- index, a->second->getId(), issuer.get() ? issuer.get() : "unknown source"
+ index, attr->getId(), issuer.get() ? issuer.get() : "unknown source"
);
- a->second->removeValue(index);
+ attr->removeValue(index);
count--;
}
}
if (rules.first != rules.second) {
// Run each rule in sequence.
if (!ruleFound) {
- m_log.debug("applying wildcard rule(s) for attribute (%s) from (%s)", a->second->getId(), issuer.get() ? issuer.get() : "unknown source");
+ m_log.debug(
+ "applying wildcard rule(s) for attribute (%s) from (%s)",
+ attr->getId(), issuer.get() ? issuer.get() : "unknown source"
+ );
ruleFound = true;
}
for (; rules.first!=rules.second; ++rules.first) {
- count = a->second->valueCount();
+ count = attr->valueCount();
for (index=0; index < count;) {
// The return value tells us whether to index past the accepted value, or stay put and decrement the count.
- if (rules.first->second->evaluatePermitValue(context, *(a->second), index)) {
+ if (rules.first->second->evaluatePermitValue(context, *attr, index)) {
index++;
}
else {
m_log.warn(
"filtered value at position (%lu) of attribute (%s) from (%s)",
- index, a->second->getId(), issuer.get() ? issuer.get() : "unknown source"
+ index, attr->getId(), issuer.get() ? issuer.get() : "unknown source"
);
- a->second->removeValue(index);
+ attr->removeValue(index);
count--;
}
}
}
}
- if (!ruleFound || a->second->valueCount() == 0) {
+ if (!ruleFound || attr->valueCount() == 0) {
if (!ruleFound) {
// No rule found, so we're filtering it out.
m_log.warn(
"no rule found, filtering out values of attribute (%s) from (%s)",
- a->second->getId(), issuer.get() ? issuer.get() : "unknown source"
+ attr->getId(), issuer.get() ? issuer.get() : "unknown source"
);
}
- multimap<string,Attribute*>::iterator dead = a++;
- delete dead->second;
- attributes.erase(dead);
+ delete attr;
+ attributes.erase(attributes.begin() + a);
}
else {
++a;
* @param application Application performing the extraction
* @param issuer source of object, if known
* @param xmlObject object to extract
- * @param attributes a map to populate with the extracted attributes, keyed by id
+ * @param attributes an array to populate with the extracted attributes
*
* @throws AttributeExtractionException thrown if there is a problem extracting attributes
*/
const Application& application,
const opensaml::saml2md::RoleDescriptor* issuer,
const xmltooling::XMLObject& xmlObject,
- std::multimap<std::string,Attribute*>& attributes
+ std::vector<Attribute*>& attributes
) const=0;
/**
* @param authncontext_class method/category of authentication event, if known
* @param authncontext_decl specifics of authentication event, if known
* @param tokens assertions initiating the Session, if any
- * @param attributes map of previously resolved attributes, if any
+ * @param attributes array of previously resolved attributes, if any
* @return newly created ResolutionContext, owned by caller
*/
virtual ResolutionContext* createResolutionContext(
const XMLCh* authncontext_class=NULL,
const XMLCh* authncontext_decl=NULL,
const std::vector<const opensaml::Assertion*>* tokens=NULL,
- const std::multimap<std::string,Attribute*>* attributes=NULL
+ const std::vector<Attribute*>* attributes=NULL
) const=0;
/**
*
* @return a mutable array of Attributes.
*/
- virtual std::multimap<std::string,Attribute*>& getResolvedAttributes()=0;
+ virtual std::vector<Attribute*>& getResolvedAttributes()=0;
/**
* Returns the set of assertions resolved and added to the context.
{
~ChainingContext() {
for_each(m_contexts.begin(), m_contexts.end(), xmltooling::cleanup<ResolutionContext>());
- for_each(m_attributes.begin(), m_attributes.end(), cleanup_pair<string,shibsp::Attribute>());
+ for_each(m_attributes.begin(), m_attributes.end(), xmltooling::cleanup<shibsp::Attribute>());
for_each(m_assertions.begin(), m_assertions.end(), xmltooling::cleanup<opensaml::Assertion>());
}
- multimap<string,shibsp::Attribute*>& getResolvedAttributes() {
+ vector<shibsp::Attribute*>& getResolvedAttributes() {
return m_attributes;
}
vector<opensaml::Assertion*>& getResolvedAssertions() {
}
vector<ResolutionContext*> m_contexts;
- multimap<string,shibsp::Attribute*> m_attributes;
+ vector<shibsp::Attribute*> m_attributes;
vector<opensaml::Assertion*> m_assertions;
};
const XMLCh* authncontext_class=NULL,
const XMLCh* authncontext_decl=NULL,
const vector<const opensaml::Assertion*>* tokens=NULL,
- const multimap<string,shibsp::Attribute*>* attributes=NULL
+ const vector<shibsp::Attribute*>* attributes=NULL
) const {
auto_ptr<ChainingContext> chain(new ChainingContext());
for (vector<AttributeResolver*>::const_iterator i=m_resolvers.begin(); i!=m_resolvers.end(); ++i)
vector<ResolutionContext*>::iterator ictx = chain.m_contexts.begin();
for (vector<AttributeResolver*>::const_iterator i=m_resolvers.begin(); i!=m_resolvers.end(); ++i, ++ictx) {
(*i)->resolveAttributes(*(*ictx));
- chain.getResolvedAttributes().insert((*ictx)->getResolvedAttributes().begin(), (*ictx)->getResolvedAttributes().end());
+ chain.getResolvedAttributes().insert(chain.getResolvedAttributes().end(), (*ictx)->getResolvedAttributes().begin(), (*ictx)->getResolvedAttributes().end());
(*ictx)->getResolvedAttributes().clear();
chain.getResolvedAssertions().insert(chain.getResolvedAssertions().end(), (*ictx)->getResolvedAssertions().begin(), (*ictx)->getResolvedAssertions().end());
(*ictx)->getResolvedAssertions().clear();
const XMLCh* authncontext_class=NULL,
const XMLCh* authncontext_decl=NULL,
const vector<const opensaml::Assertion*>* tokens=NULL,
- const multimap<string,Attribute*>* attributes=NULL
+ const vector<Attribute*>* attributes=NULL
) : m_query(true), m_app(application), m_session(NULL), m_metadata(NULL), m_entity(issuer),
m_protocol(protocol), m_nameid(nameid), m_class(authncontext_class), m_decl(authncontext_decl) {
}
if (m_metadata)
m_metadata->unlock();
- for_each(m_attributes.begin(), m_attributes.end(), cleanup_pair<string,shibsp::Attribute>());
+ for_each(m_attributes.begin(), m_attributes.end(), xmltooling::cleanup<shibsp::Attribute>());
for_each(m_assertions.begin(), m_assertions.end(), xmltooling::cleanup<opensaml::Assertion>());
}
const Session* getSession() const {
return m_session;
}
- multimap<string,shibsp::Attribute*>& getResolvedAttributes() {
+ vector<shibsp::Attribute*>& getResolvedAttributes() {
return m_attributes;
}
vector<opensaml::Assertion*>& getResolvedAssertions() {
const NameID* m_nameid;
const XMLCh* m_class;
const XMLCh* m_decl;
- multimap<string,shibsp::Attribute*> m_attributes;
+ vector<shibsp::Attribute*> m_attributes;
vector<opensaml::Assertion*> m_assertions;
};
const XMLCh* authncontext_class=NULL,
const XMLCh* authncontext_decl=NULL,
const vector<const opensaml::Assertion*>* tokens=NULL,
- const multimap<string,shibsp::Attribute*>* attributes=NULL
+ const vector<shibsp::Attribute*>* attributes=NULL
) const {
return new QueryContext(application,issuer,protocol,nameid,authncontext_class,authncontext_decl,tokens,attributes);
}
}
catch (exception& ex) {
m_log.error("caught exception extracting/filtering attributes from query result: %s", ex.what());
- for_each(ctx.getResolvedAttributes().begin(), ctx.getResolvedAttributes().end(), cleanup_pair<string,shibsp::Attribute>());
+ for_each(ctx.getResolvedAttributes().begin(), ctx.getResolvedAttributes().end(), xmltooling::cleanup<shibsp::Attribute>());
ctx.getResolvedAttributes().clear();
}
}
catch (exception& ex) {
m_log.error("caught exception extracting/filtering attributes from query result: %s", ex.what());
- for_each(ctx.getResolvedAttributes().begin(), ctx.getResolvedAttributes().end(), cleanup_pair<string,shibsp::Attribute>());
+ for_each(ctx.getResolvedAttributes().begin(), ctx.getResolvedAttributes().end(), xmltooling::cleanup<shibsp::Attribute>());
ctx.getResolvedAttributes().clear();
}
}
void extractAttributes(
- const Application& application, const char* assertingParty, const NameIdentifier& nameid, multimap<string,Attribute*>& attributes
+ const Application& application, const char* assertingParty, const NameIdentifier& nameid, vector<Attribute*>& attributes
) const;
void extractAttributes(
- const Application& application, const char* assertingParty, const NameID& nameid, multimap<string,Attribute*>& attributes
+ const Application& application, const char* assertingParty, const NameID& nameid, vector<Attribute*>& attributes
) const;
void extractAttributes(
- const Application& application, const char* assertingParty, const saml1::Attribute& attr, multimap<string,Attribute*>& attributes
+ const Application& application, const char* assertingParty, const saml1::Attribute& attr, vector<Attribute*>& attributes
) const;
void extractAttributes(
- const Application& application, const char* assertingParty, const saml2::Attribute& attr, multimap<string,Attribute*>& attributes
+ const Application& application, const char* assertingParty, const saml2::Attribute& attr, vector<Attribute*>& attributes
) const;
void getAttributeIds(vector<string>& attributes) const {
}
void extractAttributes(
- const Application& application, const RoleDescriptor* issuer, const XMLObject& xmlObject, multimap<string,Attribute*>& attributes
+ const Application& application, const RoleDescriptor* issuer, const XMLObject& xmlObject, vector<Attribute*>& attributes
) const;
void getAttributeIds(std::vector<std::string>& attributes) const {
}
void XMLExtractorImpl::extractAttributes(
- const Application& application, const char* assertingParty, const NameIdentifier& nameid, multimap<string,Attribute*>& attributes
+ const Application& application, const char* assertingParty, const NameIdentifier& nameid, vector<Attribute*>& attributes
) const
{
#ifdef HAVE_GOOD_STL
#endif
Attribute* a = rule->second.first->decode(rule->second.second.c_str(), &nameid, assertingParty, application.getString("entityID").second);
if (a)
- attributes.insert(make_pair(rule->second.second, a));
+ attributes.push_back(a);
}
}
void XMLExtractorImpl::extractAttributes(
- const Application& application, const char* assertingParty, const NameID& nameid, multimap<string,Attribute*>& attributes
+ const Application& application, const char* assertingParty, const NameID& nameid, vector<Attribute*>& attributes
) const
{
#ifdef HAVE_GOOD_STL
#endif
Attribute* a = rule->second.first->decode(rule->second.second.c_str(), &nameid, assertingParty, application.getString("entityID").second);
if (a)
- attributes.insert(make_pair(rule->second.second, a));
+ attributes.push_back(a);
}
}
void XMLExtractorImpl::extractAttributes(
- const Application& application, const char* assertingParty, const saml1::Attribute& attr, multimap<string,Attribute*>& attributes
+ const Application& application, const char* assertingParty, const saml1::Attribute& attr, vector<Attribute*>& attributes
) const
{
#ifdef HAVE_GOOD_STL
#endif
Attribute* a = rule->second.first->decode(rule->second.second.c_str(), &attr, assertingParty, application.getString("entityID").second);
if (a)
- attributes.insert(make_pair(rule->second.second, a));
+ attributes.push_back(a);
}
}
void XMLExtractorImpl::extractAttributes(
- const Application& application, const char* assertingParty, const saml2::Attribute& attr, multimap<string,Attribute*>& attributes
+ const Application& application, const char* assertingParty, const saml2::Attribute& attr, vector<Attribute*>& attributes
) const
{
#ifdef HAVE_GOOD_STL
#endif
Attribute* a = rule->second.first->decode(rule->second.second.c_str(), &attr, assertingParty, application.getString("entityID").second);
if (a)
- attributes.insert(make_pair(rule->second.second, a));
+ attributes.push_back(a);
}
}
void XMLExtractor::extractAttributes(
- const Application& application, const RoleDescriptor* issuer, const XMLObject& xmlObject, multimap<string,Attribute*>& attributes
+ const Application& application, const RoleDescriptor* issuer, const XMLObject& xmlObject, vector<Attribute*>& attributes
) const
{
if (!m_impl)
const XMLCh* authncontext_class=NULL,
const XMLCh* authncontext_decl=NULL,
const std::vector<const opensaml::Assertion*>* tokens=NULL,
- const std::multimap<std::string,Attribute*>* attributes=NULL
+ const std::vector<Attribute*>* attributes=NULL
) const;
#endif
const XMLCh* authncontext_class,
const XMLCh* authncontext_decl,
const vector<const Assertion*>* tokens,
- const multimap<string,Attribute*>* attributes
+ const vector<Attribute*>* attributes
) const
{
try {
// We've successfully "accepted" at least one SSO token, along with any additional valid tokens.
// To complete processing, we need to extract and resolve attributes and then create the session.
- multimap<string,Attribute*> resolvedAttributes;
+ vector<Attribute*> resolvedAttributes;
AttributeExtractor* extractor = application.getAttributeExtractor();
if (extractor) {
m_log.debug("extracting pushed attributes...");
catch (exception& ex) {
m_log.error("caught exception filtering attributes: %s", ex.what());
m_log.error("dumping extracted attributes due to filtering exception");
- for_each(resolvedAttributes.begin(), resolvedAttributes.end(), cleanup_pair<string,shibsp::Attribute>());
+ for_each(resolvedAttributes.begin(), resolvedAttributes.end(), xmltooling::cleanup<shibsp::Attribute>());
resolvedAttributes.clear();
}
}
tokens.insert(tokens.end(), ctx->getResolvedAssertions().begin(), ctx->getResolvedAssertions().end());
// Copy over new attributes, and transfer ownership.
- resolvedAttributes.insert(ctx->getResolvedAttributes().begin(), ctx->getResolvedAttributes().end());
+ resolvedAttributes.insert(resolvedAttributes.end(), ctx->getResolvedAttributes().begin(), ctx->getResolvedAttributes().end());
ctx->getResolvedAttributes().clear();
}
&tokens,
&resolvedAttributes
);
- for_each(resolvedAttributes.begin(), resolvedAttributes.end(), cleanup_pair<string,Attribute>());
+ for_each(resolvedAttributes.begin(), resolvedAttributes.end(), xmltooling::cleanup<shibsp::Attribute>());
return key;
}
catch (exception&) {
- for_each(resolvedAttributes.begin(), resolvedAttributes.end(), cleanup_pair<string,Attribute>());
+ for_each(resolvedAttributes.begin(), resolvedAttributes.end(), xmltooling::cleanup<shibsp::Attribute>());
throw;
}
}
else
sessionExp = min(sessionExp, now + lifetime.second); // Use the lowest.
- multimap<string,Attribute*> resolvedAttributes;
+ vector<Attribute*> resolvedAttributes;
AttributeExtractor* extractor = application.getAttributeExtractor();
if (extractor) {
m_log.debug("extracting pushed attributes...");
catch (exception& ex) {
m_log.error("caught exception filtering attributes: %s", ex.what());
m_log.error("dumping extracted attributes due to filtering exception");
- for_each(resolvedAttributes.begin(), resolvedAttributes.end(), cleanup_pair<string,shibsp::Attribute>());
+ for_each(resolvedAttributes.begin(), resolvedAttributes.end(), xmltooling::cleanup<shibsp::Attribute>());
resolvedAttributes.clear();
}
}
tokens.insert(tokens.end(), ctx->getResolvedAssertions().begin(), ctx->getResolvedAssertions().end());
// Copy over new attributes, and transfer ownership.
- resolvedAttributes.insert(ctx->getResolvedAttributes().begin(), ctx->getResolvedAttributes().end());
+ resolvedAttributes.insert(resolvedAttributes.end(), ctx->getResolvedAttributes().begin(), ctx->getResolvedAttributes().end());
ctx->getResolvedAttributes().clear();
}
if (ownedName)
delete ssoName;
for_each(ownedtokens.begin(), ownedtokens.end(), xmltooling::cleanup<saml2::Assertion>());
- for_each(resolvedAttributes.begin(), resolvedAttributes.end(), cleanup_pair<string,Attribute>());
+ for_each(resolvedAttributes.begin(), resolvedAttributes.end(), xmltooling::cleanup<shibsp::Attribute>());
return key;
}
catch (exception&) {
if (ownedName)
delete ssoName;
for_each(ownedtokens.begin(), ownedtokens.end(), xmltooling::cleanup<saml2::Assertion>());
- for_each(resolvedAttributes.begin(), resolvedAttributes.end(), cleanup_pair<string,Attribute>());
+ for_each(resolvedAttributes.begin(), resolvedAttributes.end(), xmltooling::cleanup<shibsp::Attribute>());
throw;
}
}
~RemotedSession() {\r
delete m_lock;\r
m_obj.destroy();\r
- for_each(m_attributes.begin(), m_attributes.end(), cleanup_pair<string,Attribute>());\r
+ for_each(m_attributes.begin(), m_attributes.end(), xmltooling::cleanup<Attribute>());\r
}\r
\r
Lockable* lock() {\r
const char* getAuthnContextDeclRef() const {\r
return m_obj["authncontext_decl"].string();\r
}\r
- const multimap<string,Attribute*>& getAttributes() const {\r
+ const vector<Attribute*>& getAttributes() const {\r
if (m_attributes.empty())\r
unmarshallAttributes();\r
return m_attributes;\r
}\r
+ const multimap<string,const Attribute*>& getIndexedAttributes() const {\r
+ if (m_attributes.empty())\r
+ unmarshallAttributes();\r
+ return m_attributeIndex;\r
+ }\r
const vector<const char*>& getAssertionIDs() const {\r
if (m_ids.empty()) {\r
DDF ids = m_obj["assertions"];\r
\r
int m_version;\r
mutable DDF m_obj;\r
- mutable multimap<string,Attribute*> m_attributes;\r
+ mutable vector<Attribute*> m_attributes;\r
+ mutable multimap<string,const Attribute*> m_attributeIndex;\r
mutable vector<const char*> m_ids;\r
time_t m_expires,m_lastAccess;\r
RemotedCache* m_cache;\r
while (!attr.isnull()) {\r
try {\r
attribute = Attribute::unmarshall(attr);\r
- m_attributes.insert(make_pair(attribute->getId(),attribute));\r
+ m_attributes.push_back(attribute);\r
+ m_attributeIndex.insert(make_pair(attribute->getId(),attribute));\r
if (m_cache->m_log.isDebugEnabled())\r
m_cache->m_log.debug("unmarshalled attribute (ID: %s) with %d value%s",\r
attribute->getId(), attr.first().integer(), attr.first().integer()!=1 ? "s" : "");\r
if (out.isstruct()) {\r
// We got an updated record back.\r
m_ids.clear();\r
- for_each(m_attributes.begin(), m_attributes.end(), cleanup_const_pair<string,Attribute>());\r
+ for_each(m_attributes.begin(), m_attributes.end(), xmltooling::cleanup<Attribute>());\r
m_attributes.clear();\r
+ m_attributeIndex.clear();\r
m_obj.destroy();\r
m_obj = out;\r
}\r
const char* getAuthnContextDeclRef() const {
return m_obj["authncontext_decl"].string();
}
- const multimap<string,Attribute*>& getAttributes() const {
+ const vector<Attribute*>& getAttributes() const {
if (m_attributes.empty())
unmarshallAttributes();
return m_attributes;
}
+ const multimap<string,const Attribute*>& getIndexedAttributes() const {
+ if (m_attributes.empty())
+ unmarshallAttributes();
+ return m_attributeIndex;
+ }
const vector<const char*>& getAssertionIDs() const {
if (m_ids.empty()) {
DDF ids = m_obj["assertions"];
DDF m_obj;
saml2::NameID* m_nameid;
- mutable multimap<string,Attribute*> m_attributes;
+ mutable vector<Attribute*> m_attributes;
+ mutable multimap<string,const Attribute*> m_attributeIndex;
mutable vector<const char*> m_ids;
mutable map<string,Assertion*> m_tokens;
SSCache* m_cache;
const XMLCh* authncontext_class=NULL,
const XMLCh* authncontext_decl=NULL,
const vector<const Assertion*>* tokens=NULL,
- const multimap<string,Attribute*>* attributes=NULL
+ const vector<Attribute*>* attributes=NULL
);
Session* find(const char* key, const Application& application, const char* client_addr=NULL, time_t* timeout=NULL);
void remove(const char* key, const Application& application);
{
m_obj.destroy();
delete m_nameid;
- for_each(m_attributes.begin(), m_attributes.end(), cleanup_pair<string,Attribute>());
+ for_each(m_attributes.begin(), m_attributes.end(), xmltooling::cleanup<Attribute>());
for_each(m_tokens.begin(), m_tokens.end(), cleanup_pair<string,Assertion>());
}
while (!attr.isnull()) {
try {
attribute = Attribute::unmarshall(attr);
- m_attributes.insert(make_pair(attribute->getId(), attribute));
+ m_attributes.push_back(attribute);
+ m_attributeIndex.insert(make_pair(attribute->getId(), attribute));
if (m_cache->m_log.isDebugEnabled())
m_cache->m_log.debug("unmarshalled attribute (ID: %s) with %d value%s",
attribute->getId(), attr.first().integer(), attr.first().integer()!=1 ? "s" : "");
in >> newobj;
m_ids.clear();
- for_each(m_attributes.begin(), m_attributes.end(), cleanup_const_pair<string,Attribute>());
+ for_each(m_attributes.begin(), m_attributes.end(), xmltooling::cleanup<Attribute>());
m_attributes.clear();
+ m_attributeIndex.clear();
newobj["version"].integer(ver);
m_obj.destroy();
m_obj = newobj;
in >> newobj;
m_ids.clear();
- for_each(m_attributes.begin(), m_attributes.end(), cleanup_const_pair<string,Attribute>());
+ for_each(m_attributes.begin(), m_attributes.end(), xmltooling::cleanup<Attribute>());
m_attributes.clear();
+ m_attributeIndex.clear();
newobj["version"].integer(ver);
m_obj.destroy();
m_obj = newobj;
const XMLCh* authncontext_class,
const XMLCh* authncontext_decl,
const vector<const Assertion*>* tokens,
- const multimap<string,Attribute*>* attributes
+ const vector<Attribute*>* attributes
)
{
#ifdef _DEBUG
if (attributes) {
DDF attr;
DDF attrlist = obj.addmember("attributes").list();
- for (multimap<string,Attribute*>::const_iterator a=attributes->begin(); a!=attributes->end(); ++a) {
- attr = a->second->marshall();
+ for (vector<Attribute*>::const_iterator a=attributes->begin(); a!=attributes->end(); ++a) {
+ attr = (*a)->marshall();
attrlist.add(attr);
}
}
") for (applicationId: " <<
application.getId() <<
") {";
- for (multimap<string,Attribute*>::const_iterator a=attributes->begin(); a!=attributes->end(); ++a)
- xlog->log.infoStream() << "\t" << a->second->getId() << " (" << a->second->valueCount() << " values)";
+ for (vector<Attribute*>::const_iterator a=attributes->begin(); a!=attributes->end(); ++a)
+ xlog->log.infoStream() << "\t" << (*a)->getId() << " (" << (*a)->valueCount() << " values)";
xlog->log.info("}");
}
}\r
\r
// Find the attribute(s) matching the require rule.\r
- pair<multimap<string,Attribute*>::const_iterator, multimap<string,Attribute*>::const_iterator> attrs =\r
- session->getAttributes().equal_range(m_alias);\r
+ pair<multimap<string,const Attribute*>::const_iterator, multimap<string,const Attribute*>::const_iterator> attrs =\r
+ session->getIndexedAttributes().equal_range(m_alias);\r
if (attrs.first == attrs.second) {\r
request.log(SPRequest::SPWarn, string("rule requires attribute (") + m_alias + "), not found in session");\r
return false;\r