1 /** 2 * Licensed to the University Corporation for Advanced Internet 3 * Development, Inc. (UCAID) under one or more contributor license 4 * agreements. See the NOTICE file distributed with this work for 5 * additional information regarding copyright ownership. 6 * 7 * UCAID licenses this file to you under the Apache License, 8 * Version 2.0 (the "License"); you may not use this file except 9 * in compliance with the License. You may obtain a copy of the 10 * License at 11 * 12 * http://www.apache.org/licenses/LICENSE-2.0 13 * 14 * Unless required by applicable law or agreed to in writing, 15 * software distributed under the License is distributed on an 16 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, 17 * either express or implied. See the License for the specific 18 * language governing permissions and limitations under the License. 19 */ 20 21 /** 22 * @file shibsp/SPConfig.h 23 * 24 * Library configuration. 25 */ 26 27 #ifndef __shibsp_config_h__ 28 #define __shibsp_config_h__ 29 30 #include <shibsp/base.h> 31 32 #include <string> 33 #ifndef SHIBSP_LITE 34 # include <shibsp/TransactionLog.h> 35 # include <saml/binding/MessageDecoder.h> 36 # include <saml/binding/MessageEncoder.h> 37 #else 38 # include <xmltooling/logging.h> 39 #endif 40 #include <xmltooling/PluginManager.h> 41 #include <xmltooling/QName.h> 42 #include <xercesc/dom/DOM.hpp> 43 44 /** 45 * @namespace shibsp 46 * Shibboleth Service Provider Library 47 */ 48 namespace shibsp { 49 50 class SHIBSP_API AccessControl; 51 class SHIBSP_API Handler; 52 class SHIBSP_API ListenerService; 53 class SHIBSP_API RequestMapper; 54 class SHIBSP_API ProtocolProvider; 55 class SHIBSP_API ServiceProvider; 56 class SHIBSP_API SessionCache; 57 class SHIBSP_API SessionInitiator; 58 59 #ifndef SHIBSP_LITE 60 class SHIBSP_API AttributeDecoder; 61 class SHIBSP_API AttributeExtractor; 62 class SHIBSP_API AttributeFilter; 63 class SHIBSP_API AttributeResolver; 64 class SHIBSP_API FilterPolicyContext; 65 class SHIBSP_API MatchFunctor; 66 class SHIBSP_API SecurityPolicyProvider; 67 #endif 68 69 #if defined (_MSC_VER) 70 #pragma warning( push ) 71 #pragma warning( disable : 4250 4251 ) 72 #endif 73 74 /** 75 * Singleton object that manages library startup/shutdown. 76 */ 77 class SHIBSP_API SPConfig 78 { 79 MAKE_NONCOPYABLE(SPConfig); 80 public: 81 SPConfig(); 82 83 virtual ~SPConfig(); 84 85 /** 86 * Returns the global configuration object for the library. 87 * 88 * @return reference to the global library configuration object 89 */ 90 static SPConfig& getConfig(); 91 92 /** 93 * Bitmask values representing subsystems of the library. 94 */ 95 enum components_t { 96 Listener = 1, 97 Caching = 2, 98 #ifndef SHIBSP_LITE 99 Metadata = 4, 100 Trust = 8, 101 Credentials = 16, 102 AttributeResolution = 32, 103 #endif 104 RequestMapping = 64, 105 OutOfProcess = 128, 106 InProcess = 256, 107 Logging = 512, 108 Handlers = 1024 109 }; 110 111 /** 112 * Set a bitmask of subsystems to activate. 113 * 114 * @param enabled bitmask of component constants 115 */ 116 void setFeatures(unsigned long enabled); 117 118 119 /** 120 * Gets the bitmask of subsystems being activated. 121 * 122 * @return bitmask of component constants 123 */ 124 unsigned long getFeatures() const; 125 126 /** 127 * Test whether a subsystem is enabled. 128 * 129 * @param feature subsystem/component to test 130 * @return true iff feature is enabled 131 */ 132 bool isEnabled(components_t feature) const; 133 134 /** 135 * Initializes library 136 * 137 * Each process using the library MUST call this function exactly once 138 * before using any library classes. 139 * 140 * @param catalog_path delimited set of schema catalog files to load 141 * @param inst_prefix installation prefix for software 142 * @return true iff initialization was successful 143 */ 144 virtual bool init(const char* catalog_path=nullptr, const char* inst_prefix=nullptr); 145 146 /** 147 * Shuts down library 148 * 149 * Each process using the library SHOULD call this function exactly once 150 * before terminating itself. 151 */ 152 virtual void term(); 153 154 /** 155 * Sets the global ServiceProvider instance. 156 * This method must be externally synchronized with any code that uses the object. 157 * Any previously set object is destroyed. 158 * 159 * @param serviceProvider new ServiceProvider instance to store 160 */ 161 void setServiceProvider(ServiceProvider* serviceProvider); 162 163 /** 164 * Returns the global ServiceProvider instance. 165 * 166 * @return global ServiceProvider or nullptr 167 */ 168 ServiceProvider* getServiceProvider() const; 169 170 /** 171 * Instantiates and installs a ServiceProvider instance based on an XML configuration string 172 * or a configuration pathname. 173 * 174 * @param config a snippet of XML to parse (it <strong>MUST</strong> contain a type attribute) or a pathname 175 * @param rethrow true iff caught exceptions should be rethrown instead of just returning the status 176 * @return true iff instantiation was successful 177 */ 178 virtual bool instantiate(const char* config=nullptr, bool rethrow=false); 179 180 #ifndef SHIBSP_LITE 181 /** 182 * Sets the global ArtifactResolver instance. 183 * 184 * <p>This method must be externally synchronized with any code that uses the object. 185 * Any previously set object is destroyed. 186 * 187 * @param artifactResolver new ArtifactResolver instance to store 188 */ 189 void setArtifactResolver(opensaml::MessageDecoder::ArtifactResolver* artifactResolver); 190 191 /** 192 * Returns the global ArtifactResolver instance. 193 * 194 * @return global ArtifactResolver or nullptr 195 */ 196 const opensaml::MessageDecoder::ArtifactResolver* getArtifactResolver() const; 197 #endif 198 199 /** 200 * Separator for serialized values of multi-valued attributes. 201 * 202 * <p>This is deprecated, and was never actually read within the code.</p> 203 * 204 * @deprecated 205 */ 206 char attribute_value_delimeter; 207 208 /** 209 * Manages factories for AccessControl plugins. 210 */ 211 xmltooling::PluginManager<AccessControl,std::string,const xercesc::DOMElement*> AccessControlManager; 212 213 #ifndef SHIBSP_LITE 214 /** 215 * Manages factories for AttributeDecoder plugins. 216 */ 217 xmltooling::PluginManager<AttributeDecoder,xmltooling::QName,const xercesc::DOMElement*> AttributeDecoderManager; 218 219 /** 220 * Manages factories for AttributeExtractor plugins. 221 */ 222 xmltooling::PluginManager<AttributeExtractor,std::string,const xercesc::DOMElement*> AttributeExtractorManager; 223 224 /** 225 * Manages factories for AttributeFilter plugins. 226 */ 227 xmltooling::PluginManager<AttributeFilter,std::string,const xercesc::DOMElement*> AttributeFilterManager; 228 229 /** 230 * Manages factories for AttributeResolver plugins. 231 */ 232 xmltooling::PluginManager<AttributeResolver,std::string,const xercesc::DOMElement*> AttributeResolverManager; 233 234 /** 235 * Manages factories for Event plugins. 236 */ 237 xmltooling::PluginManager<TransactionLog::Event,std::string,void*> EventManager; 238 239 /** 240 * Manages factories for MatchFunctor plugins. 241 */ 242 xmltooling::PluginManager< MatchFunctor,xmltooling::QName,std::pair<const FilterPolicyContext*,const xercesc::DOMElement*> > MatchFunctorManager; 243 244 /** 245 * Manages factories for SecurityPolicyProvider plugins. 246 */ 247 xmltooling::PluginManager<SecurityPolicyProvider,std::string,const xercesc::DOMElement*> SecurityPolicyProviderManager; 248 #endif 249 250 /** 251 * Manages factories for Handler plugins that implement ArtifactResolutionService functionality. 252 */ 253 xmltooling::PluginManager< Handler,std::string,std::pair<const xercesc::DOMElement*,const char*> > ArtifactResolutionServiceManager; 254 255 /** 256 * Manages factories for Handler plugins that implement AssertionConsumerService functionality. 257 */ 258 xmltooling::PluginManager< Handler,std::string,std::pair<const xercesc::DOMElement*,const char*> > AssertionConsumerServiceManager; 259 260 /** 261 * Manages factories for Handler plugins that implement customized functionality. 262 */ 263 xmltooling::PluginManager< Handler,std::string,std::pair<const xercesc::DOMElement*,const char*> > HandlerManager; 264 265 /** 266 * Manages factories for ListenerService plugins. 267 */ 268 xmltooling::PluginManager<ListenerService,std::string,const xercesc::DOMElement*> ListenerServiceManager; 269 270 /** 271 * Manages factories for Handler plugins that implement LogoutInitiator functionality. 272 */ 273 xmltooling::PluginManager< Handler,std::string,std::pair<const xercesc::DOMElement*,const char*> > LogoutInitiatorManager; 274 275 /** 276 * Manages factories for Handler plugins that implement ManageNameIDService functionality. 277 */ 278 xmltooling::PluginManager< Handler,std::string,std::pair<const xercesc::DOMElement*,const char*> > ManageNameIDServiceManager; 279 280 /** 281 * Manages factories for ProtocolProvider plugins. 282 */ 283 xmltooling::PluginManager<ProtocolProvider,std::string,const xercesc::DOMElement*> ProtocolProviderManager; 284 285 /** 286 * Manages factories for RequestMapper plugins. 287 */ 288 xmltooling::PluginManager<RequestMapper,std::string,const xercesc::DOMElement*> RequestMapperManager; 289 290 /** 291 * Manages factories for ServiceProvider plugins. 292 */ 293 xmltooling::PluginManager<ServiceProvider,std::string,const xercesc::DOMElement*> ServiceProviderManager; 294 295 /** 296 * Manages factories for SessionCache plugins. 297 */ 298 xmltooling::PluginManager<SessionCache,std::string,const xercesc::DOMElement*> SessionCacheManager; 299 300 /** 301 * Manages factories for Handler plugins that implement SessionInitiator functionality. 302 */ 303 xmltooling::PluginManager< SessionInitiator,std::string,std::pair<const xercesc::DOMElement*,const char*> > SessionInitiatorManager; 304 305 /** 306 * Manages factories for Handler plugins that implement SingleLogoutService functionality. 307 */ 308 xmltooling::PluginManager< Handler,std::string,std::pair<const xercesc::DOMElement*,const char*> > SingleLogoutServiceManager; 309 310 #ifndef SHIBSP_LITE 311 /** 312 * Determine whether messages should be digitally signed or encrypted based on the setting and endpoint. 313 * 314 * @param setting the applicable "signing" or "encryption" property in effect 315 * @param isUserAgentPresent true iff the user agent is mediating the exchange 316 * @param URL of endpoint to receive message 317 * @return whether requests should be digitally signed or encrypted 318 */ 319 static bool shouldSignOrEncrypt(const char* setting, const char* endpoint, bool isUserAgentPresent); 320 #endif 321 322 /** 323 * Helper for deprecation warnings about an at-risk feature or setting. 324 */ 325 xmltooling::logging::Category& deprecation() const; 326 327 protected: 328 /** Global ServiceProvider instance. */ 329 ServiceProvider* m_serviceProvider; 330 331 #ifndef SHIBSP_LITE 332 /** Global ArtifactResolver instance. */ 333 opensaml::MessageDecoder::ArtifactResolver* m_artifactResolver; 334 #endif 335 336 private: 337 unsigned long m_features; 338 xercesc::DOMDocument* m_configDoc; 339 }; 340 341 #if defined (_MSC_VER) 342 #pragma warning( pop ) 343 #endif 344 345 }; 346 347 #endif /* __shibsp_config_h__ */ 348