diff options
author | Frederic Peters <fpeters@entrouvert.com> | 2004-12-22 19:16:09 +0000 |
---|---|---|
committer | Frederic Peters <fpeters@entrouvert.com> | 2004-12-22 19:16:09 +0000 |
commit | 2a63b8f603a02844bcf5126f81d86dbebd1be075 (patch) | |
tree | 292b2b0e45be3354ebb70d2bfee68bd1a1f4e2c3 /docs/reference | |
parent | 4a4e5e023cc3b7894fad3fd76f40d21ad5bb0708 (diff) | |
download | lasso-2a63b8f603a02844bcf5126f81d86dbebd1be075.tar.gz lasso-2a63b8f603a02844bcf5126f81d86dbebd1be075.tar.xz lasso-2a63b8f603a02844bcf5126f81d86dbebd1be075.zip |
documented service provider assertion consumer service url
Diffstat (limited to 'docs/reference')
-rw-r--r-- | docs/reference/tmpl/login.sgml | 66 |
1 files changed, 66 insertions, 0 deletions
diff --git a/docs/reference/tmpl/login.sgml b/docs/reference/tmpl/login.sgml index 628fca81..7e6931e8 100644 --- a/docs/reference/tmpl/login.sgml +++ b/docs/reference/tmpl/login.sgml @@ -58,6 +58,72 @@ printf("Location: %s\n\nRedirected to IdP\n", LASSO_PROFILE(login)->msg_url); </programlisting> </example> +<example> +<title>Service Provider Assertion Consumer URL</title> +<programlisting> +LassoLogin *login; +char *request_method = getenv("REQUEST_METHOD"); +char *artifact_msg = NULL, *lares = NULL, *lareq = NULL; +char *name_identifier; +lassoHttpMethod method; + +login = lasso_login_new(server); +if (strcmp(request_method, "GET") == 0) { + artifact_msg = getenv("QUERY_STRING"); + method = LASSO_HTTP_METHOD_REDIRECT; +} else { + /* read submitted form; if it has a LAREQ field, put it in lareq, + * if it has a LARES field, put it in lares */ + if (lareq) { + artifact_msg = lareq; + } else if (lares) { + response_msg = lares; + } else { + /* bail out */ + } + method = LASSO_HTTP_METHOD_POST; +} + +if (artifact_msg) { + lasso_login_init_request(login, artifact_msg, method); + lasso_login_build_request_msg(login); + /* makes a SOAP call, soap_call is NOT a Lasso function */ + soap_answer_msg = soap_call(LASSO_PROFILE(login)->msg_url, + LASSO_PROFILE(login)->msg_body); + lasso_login_process_response_msg(login, soap_answer_msg); +} else if (response_msg) { + lasso_login_process_authn_response_msg(login, response_msg); +} + +/* looks up name_identifier in local file, database, whatever and gets back + * two things: identity_dump and session_dump */ +name_identifier = LASSO_PROFILE(login)->nameIdentifier +lasso_profile_set_identity_from_dump(LASSO_PROFILE(login), identity_dump); +lasso_profile_set_session_from_dump(LASSO_PROFILE(login), session_dump); + +lasso_login_accept_sso(login); + +if (lasso_profile_is_identity_dirty(LASSO_PROFILE(login))) { + LassoIdentity *identity; + char *identity_dump; + identity = lasso_profile_get_identity(LASSO_PROFILE(login)); + identity_dump = lasso_identity_dump(identity); + /* record identity_dump in file, database... */ +} + +if (lasso_profile_is_session_dirty(LASSO_PROFILE(login))) { + LassoSession *session; + char *session_dump; + session = lasso_profile_get_session(LASSO_PROFILE(login)); + session_dump = lasso_session_dump(session); + /* record session_dump in file, database... */ +} + +/* redirect user anywhere */ +printf("Location: /\n\nRedirected to site root\n"); +</programlisting> +</example> + <!-- ##### SECTION See_Also ##### --> <para> |