#include <shibsp/ServiceProvider.h>
#include <shibsp/SessionCache.h>
#include <shibsp/attribute/Attribute.h>
-
+#include <xercesc/util/XMLUniDefs.hpp>
#include <xercesc/util/regx/RegularExpression.hpp>
#include <xmltooling/XMLToolingConfig.h>
#include <xmltooling/util/NDC.h>
AC_CHECK_HEADER([saml/saml.h],,
AC_MSG_ERROR([unable to find saml header files]))
AC_TRY_LINK(
- [#include <saml/saml.h>
+ [#include <saml/SAMLConfig.h>
#include <saml/version.h>],
[#if _OPENSAML_VERSION >= 20000
opensaml::SAMLConfig::getConfig();
AC_SUBST(XMLSEC_LIBS)
# output the underlying makefiles
-WANT_SUBDIRS="doc schemas configs shibsp shibd siterefresh util"
+WANT_SUBDIRS="doc schemas configs shibsp shibd util"
AC_CONFIG_FILES([Makefile doc/Makefile schemas/Makefile \
- configs/Makefile shibsp/Makefile shibd/Makefile siterefresh/Makefile \
+ configs/Makefile shibsp/Makefile shibd/Makefile \
util/Makefile selinux/Makefile])
#
pkgxmldir = $(datadir)/xml/@PACKAGE@
schemafiles = \
- shibboleth.xsd \
+ shibboleth.xsd \
shibboleth-metadata-1.0.xsd \
- shibboleth-2.0-native-sp-config-2.0.xsd \
+ shibboleth-2.0-native-sp-config.xsd \
shibboleth-2.0-afp.xsd \
shibboleth-2.0-afp-mf-basic.xsd \
shibboleth-2.0-afp-mf-saml.xsd \
shibboleth-2.0-attribute-map.xsd \
- shibboleth-2.0-simple-resolver.xsd \
metadata_v12_to_v13.xsl \
metadata_v13_to_v12.xsl \
trust_v13_to_v12.xsl
fprintf(stderr, "loading configuration file: %s\n", shar_config);\r
static const XMLCh path[] = UNICODE_LITERAL_4(p,a,t,h);\r
static const XMLCh validate[] = UNICODE_LITERAL_8(v,a,l,i,d,a,t,e);\r
- DOMDocument* dummydoc=XMLToolingConfig::getConfig().getParser().newDocument();\r
- XercesJanitor<DOMDocument> docjanitor(dummydoc);\r
- DOMElement* dummy = dummydoc->createElementNS(NULL,path);\r
+ xercesc::DOMDocument* dummydoc=XMLToolingConfig::getConfig().getParser().newDocument();\r
+ XercesJanitor<xercesc::DOMDocument> docjanitor(dummydoc);\r
+ xercesc::DOMElement* dummy = dummydoc->createElementNS(NULL,path);\r
auto_ptr_XMLCh src(shar_config);\r
dummy->setAttributeNS(NULL,path,src.get());\r
dummy->setAttributeNS(NULL,validate,xmlconstants::XML_ONE);\r
attribute/NameIDAttributeDecoder.cpp \
attribute/ScopedAttributeDecoder.cpp \
attribute/StringAttributeDecoder.cpp \
- attribute/filtering/AttributeFilter.cpp \
- attribute/filtering/ChainingAttributeFilter.cpp \
- attribute/filtering/XMLAttributeFilter.cpp \
- attribute/filtering/MatchFunctor.cpp \
- attribute/filtering/AndMatchFunctor.cpp \
- attribute/filtering/AnyMatchFunctor.cpp \
- attribute/filtering/NotMatchFunctor.cpp \
- attribute/filtering/OrMatchFunctor.cpp \
- attribute/filtering/AttributeIssuerStringFunctor.cpp \
- attribute/filtering/AttributeRequesterStringFunctor.cpp \
- attribute/filtering/AttributeScopeStringFunctor.cpp \
- attribute/filtering/AttributeValueStringFunctor.cpp \
- attribute/filtering/AuthenticationMethodStringFunctor.cpp \
- attribute/filtering/AttributeIssuerRegexFunctor.cpp \
- attribute/filtering/AttributeRequesterRegexFunctor.cpp \
- attribute/filtering/AttributeScopeRegexFunctor.cpp \
- attribute/filtering/AttributeValueRegexFunctor.cpp \
- attribute/filtering/AuthenticationMethodRegexFunctor.cpp \
- attribute/filtering/NumberOfAttributeValuesFunctor.cpp \
- attribute/filtering/AttributeIssuerInEntityGroupFunctor.cpp \
- attribute/filtering/AttributeRequesterInEntityGroupFunctor.cpp \
- attribute/filtering/AttributeScopeMatchesShibMDScopeFunctor.cpp \
+ attribute/filtering/impl/AttributeFilter.cpp \
+ attribute/filtering/impl/ChainingAttributeFilter.cpp \
+ attribute/filtering/impl/XMLAttributeFilter.cpp \
+ attribute/filtering/impl/MatchFunctor.cpp \
+ attribute/filtering/impl/AndMatchFunctor.cpp \
+ attribute/filtering/impl/AnyMatchFunctor.cpp \
+ attribute/filtering/impl/NotMatchFunctor.cpp \
+ attribute/filtering/impl/OrMatchFunctor.cpp \
+ attribute/filtering/impl/AttributeIssuerStringFunctor.cpp \
+ attribute/filtering/impl/AttributeRequesterStringFunctor.cpp \
+ attribute/filtering/impl/AttributeScopeStringFunctor.cpp \
+ attribute/filtering/impl/AttributeValueStringFunctor.cpp \
+ attribute/filtering/impl/AuthenticationMethodStringFunctor.cpp \
+ attribute/filtering/impl/AttributeIssuerRegexFunctor.cpp \
+ attribute/filtering/impl/AttributeRequesterRegexFunctor.cpp \
+ attribute/filtering/impl/AttributeScopeRegexFunctor.cpp \
+ attribute/filtering/impl/AttributeValueRegexFunctor.cpp \
+ attribute/filtering/impl/AuthenticationMethodRegexFunctor.cpp \
+ attribute/filtering/impl/NumberOfAttributeValuesFunctor.cpp \
+ attribute/filtering/impl/AttributeIssuerInEntityGroupFunctor.cpp \
+ attribute/filtering/impl/AttributeRequesterInEntityGroupFunctor.cpp \
+ attribute/filtering/impl/AttributeScopeMatchesShibMDScopeFunctor.cpp \
attribute/resolver/impl/ChainingAttributeResolver.cpp \
attribute/resolver/impl/QueryAttributeResolver.cpp \
attribute/resolver/impl/XMLAttributeExtractor.cpp \
m_credResolver->unlock();
m_credResolver = NULL;
opensaml::SOAPClient::reset();
-}
\ No newline at end of file
+}
+
SPConfig& conf = SPConfig::getConfig();
if (conf.isEnabled(SPConfig::InProcess)) {
if (m_acl.count(request.getRemoteAddr()) == 0) {
- m_log.error("request for assertion lookup blocked from invalid address (%s)", request.getRemoteAddr());
+ m_log.error("request for assertion lookup blocked from invalid address (%s)", request.getRemoteAddr().c_str());
istringstream msg("Assertion Lookup Blocked");
return make_pair(true,request.sendResponse(msg, HTTPResponse::XMLTOOLING_HTTP_STATUS_FORBIDDEN));
}
// Session expiration for SAML 1.x is purely SP-driven, and the method is mapped to a ctx class.
const PropertySet* sessionProps = application.getPropertySet("Sessions");
- pair<bool,unsigned int> lifetime = sessionProps ? sessionProps->getUnsignedInt("lifetime") : make_pair(true,28800);
+ pair<bool,unsigned int> lifetime = sessionProps ? sessionProps->getUnsignedInt("lifetime") : pair<bool,unsigned int>(true,28800);
if (!lifetime.first)
lifetime.second = 28800;
auto_ptr_char authnInstant(
using namespace opensaml::saml2p;
using namespace opensaml::saml2md;
using namespace opensaml;
+# ifndef min
+# define min(a,b) (((a) < (b)) ? (a) : (b))
+# endif
#endif
using namespace shibsp;
// Session expiration for SAML 2.0 is jointly IdP- and SP-driven.
time_t sessionExp = ssoStatement->getSessionNotOnOrAfter() ? ssoStatement->getSessionNotOnOrAfterEpoch() : 0;
const PropertySet* sessionProps = application.getPropertySet("Sessions");
- pair<bool,unsigned int> lifetime = sessionProps ? sessionProps->getUnsignedInt("lifetime") : make_pair(true,28800);
+ pair<bool,unsigned int> lifetime = sessionProps ? sessionProps->getUnsignedInt("lifetime") : pair<bool,unsigned int>(true,28800);
if (!lifetime.first)
lifetime.second = 28800;
if (lifetime.second != 0) {
relayState = "default";
char timebuf[16];
- sprintf(timebuf,"%u",time(NULL));
+ sprintf(timebuf,"%lu",time(NULL));
const URLEncoder* urlenc = XMLToolingConfig::getConfig().getURLEncoder();
auto_ptr_char dest(ep->getLocation());
string req=string(dest.get()) + (strchr(dest.get(),'?') ? '&' : '?') + "shire=" + urlenc->encode(acsLocation) +
target = "default";
char timebuf[16];
- sprintf(timebuf,"%u",time(NULL));
+ sprintf(timebuf,"%lu",time(NULL));
const URLEncoder* urlenc = XMLToolingConfig::getConfig().getURLEncoder();
string req=string(m_url) + (strchr(m_url,'?') ? '&' : '?') + "shire=" + urlenc->encode(ACSloc.c_str()) +
"&time=" + timebuf + "&target=" + urlenc->encode(target.c_str()) +
static const XMLCh Host[] = UNICODE_LITERAL_4(H,o,s,t);\r
static const XMLCh Path[] = UNICODE_LITERAL_4(P,a,t,h);\r
static const XMLCh name[] = UNICODE_LITERAL_4(n,a,m,e);\r
- static const XMLCh type[] = UNICODE_LITERAL_4(t,y,p,e);\r
+ static const XMLCh _type[] = UNICODE_LITERAL_4(t,y,p,e);\r
}\r
\r
void SHIBSP_API shibsp::registerRequestMappers()\r
else {\r
acl=XMLHelper::getFirstChildElement(e,AccessControlProvider);\r
if (acl) {\r
- xmltooling::auto_ptr_char type(acl->getAttributeNS(NULL,type));\r
+ auto_ptr_char type(acl->getAttributeNS(NULL,_type));\r
log.info("building AccessControl provider of type %s...",type.get());\r
m_acl=SPConfig::getConfig().AccessControlManager.newPlugin(type.get(),acl);\r
}\r
static const XMLCh _CredentialResolver[] = UNICODE_LITERAL_18(C,r,e,d,e,n,t,i,a,l,R,e,s,o,l,v,e,r);
static const XMLCh DefaultRelyingParty[] = UNICODE_LITERAL_19(D,e,f,a,u,l,t,R,e,l,y,i,n,g,P,a,r,t,y);
static const XMLCh _Extensions[] = UNICODE_LITERAL_10(E,x,t,e,n,s,i,o,n,s);
- static const XMLCh fatal[] = UNICODE_LITERAL_5(f,a,t,a,l);
+ static const XMLCh _fatal[] = UNICODE_LITERAL_5(f,a,t,a,l);
static const XMLCh _Handler[] = UNICODE_LITERAL_7(H,a,n,d,l,e,r);
static const XMLCh _id[] = UNICODE_LITERAL_2(i,d);
static const XMLCh Implementation[] = UNICODE_LITERAL_14(I,m,p,l,e,m,e,n,t,a,t,i,o,n);
}
}
catch (exception& e) {
- const XMLCh* fatal=exts->getAttributeNS(NULL,fatal);
+ const XMLCh* fatal=exts->getAttributeNS(NULL,_fatal);
if (fatal && (*fatal==chLatin_t || *fatal==chDigit_1)) {
log.fatal("unable to load mandatory %s extension library %s: %s", label, path.get(), e.what());
throw;
#include <shibsp/SPConfig.h>
#include <xmltooling/util/NDC.h>
-#ifdef HAVE_UNISTD_H
-# include <unistd.h>
+#ifndef WIN32
+# include <netinet/in.h>
#endif
using namespace shibsp;
private:
SocketListener::ShibSocket connect();
-
+
+ Category& m_log;
const SocketListener* m_listener;
- Category& m_log;
auto_ptr<Mutex> m_lock;
stack<SocketListener::ShibSocket> m_pool;
};
}
SocketListener::SocketListener(const DOMElement* e) : log(&Category::getInstance(SHIBSP_LOGCAT".Listener")),
- m_shutdown(NULL), m_child_lock(NULL), m_child_wait(NULL), m_socketpool(NULL), m_socket((ShibSocket)0)
+ m_socketpool(NULL), m_shutdown(NULL), m_child_lock(NULL), m_child_wait(NULL), m_socket((ShibSocket)0)
{
// Are we a client?
if (SPConfig::getConfig().isEnabled(SPConfig::InProcess)) {
// This is a DTD internal subset based on a compatible permutation of the WDDX spec, with the
// extension of a name attribute on all the typed elements, which DDF has, but WDDX does not.
+/*
static const char* g_DocType=
"\
<!DOCTYPE wddxPacket [\n\
<!ELEMENT var (null | number | string | array | struct)>\n\
<!ATTLIST var name CDATA #REQUIRED>\n\
]>\n";
+*/
// This function constructs a DDF object equivalent to the wddx data element rooted
// by the input.