summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authormanu@netbsd.org <manu@netbsd.org@a716ebb1-153a-0410-b759-cfb97c6a1b53>2013-04-15 14:54:38 +0000
committermanu@netbsd.org <manu@netbsd.org@a716ebb1-153a-0410-b759-cfb97c6a1b53>2013-04-15 14:54:38 +0000
commit1d2c882ba14c007d9cf966ac1c131fb3628bb810 (patch)
tree26e8dbc9b20f87a7f19d1a1f896ae072c582a1bd
parent0b11c9f3ee5d7bc3580a7ae592d5200dad07a007 (diff)
downloadmod_auth_mellon-1d2c882ba14c007d9cf966ac1c131fb3628bb810.zip
mod_auth_mellon-1d2c882ba14c007d9cf966ac1c131fb3628bb810.tar.gz
mod_auth_mellon-1d2c882ba14c007d9cf966ac1c131fb3628bb810.tar.xz
Add MellonSPentityId to control entityId in autogenerated metadata
git-svn-id: https://modmellon.googlecode.com/svn/trunk@205 a716ebb1-153a-0410-b759-cfb97c6a1b53
-rw-r--r--NEWS5
-rw-r--r--README6
-rw-r--r--auth_mellon.h1
-rw-r--r--auth_mellon_config.c12
-rw-r--r--auth_mellon_handler.c8
5 files changed, 29 insertions, 3 deletions
diff --git a/NEWS b/NEWS
index 5c8a011..99bb92c 100644
--- a/NEWS
+++ b/NEWS
@@ -1,3 +1,8 @@
+Version 0.6.2
+---------------------------------------------------------------------------
+
+* Add MellonSPentityId to control entityId in autogenerated metadata
+
Version 0.6.1
---------------------------------------------------------------------------
diff --git a/README b/README
index 62fa0e8..a626190 100644
--- a/README
+++ b/README
@@ -332,7 +332,11 @@ MellonPostCount 100
# Default: None set.
MellonSPMetadataFile /etc/apache2/mellon/sp-metadata.xml
- # If you choose to autogenerate metadata, these option
+ # If you choose to autogenerate metadata, this option
+ # can be used to control the SP entityId
+ # MellonSPentityId "https://www.example.net/foo"
+ #
+ # If you choose to autogenerate metadata, these options
# can be used to fill the <Organization> element. They
# all follow the syntax "option [lang] value":
# MellonOrganizationName "random-service"
diff --git a/auth_mellon.h b/auth_mellon.h
index fa3df40..c4e40d9 100644
--- a/auth_mellon.h
+++ b/auth_mellon.h
@@ -195,6 +195,7 @@ typedef struct am_dir_cfg_rec {
GList *idp_ignore;
/* metadata autogeneration helper */
+ char *sp_entity_id;
apr_hash_t *sp_org_name;
apr_hash_t *sp_org_display_name;
apr_hash_t *sp_org_url;
diff --git a/auth_mellon_config.c b/auth_mellon_config.c
index 19ae37c..91ccbec 100644
--- a/auth_mellon_config.c
+++ b/auth_mellon_config.c
@@ -1064,6 +1064,13 @@ const command_rec auth_mellon_commands[] = {
OR_AUTHCFG,
"List of IdP entityId to ignore."
),
+ AP_INIT_TAKE1(
+ "MellonSPentityId",
+ ap_set_string_slot,
+ (void *)APR_OFFSETOF(am_dir_cfg_rec, sp_entity_id),
+ OR_AUTHCFG,
+ "SP entity Id to be used for metadata auto generation."
+ ),
AP_INIT_TAKE12(
"MellonOrganizationName",
am_set_langstring_slot,
@@ -1231,6 +1238,7 @@ void *auth_mellon_dir_config(apr_pool_t *p, char *d)
dir->probe_discovery_timeout = -1; /* -1 means no probe discovery */
dir->probe_discovery_idp = apr_table_make(p, 0);
+ dir->sp_entity_id = NULL;
dir->sp_org_name = apr_hash_make(p);
dir->sp_org_display_name = apr_hash_make(p);
dir->sp_org_url = apr_hash_make(p);
@@ -1400,6 +1408,10 @@ void *auth_mellon_dir_merge(apr_pool_t *p, void *base, void *add)
add_cfg->idp_ignore :
base_cfg->idp_ignore;
+ new_cfg->sp_entity_id = (add_cfg->sp_entity_id ?
+ add_cfg->sp_entity_id :
+ base_cfg->sp_entity_id);
+
new_cfg->sp_org_name = apr_hash_copy(p,
(apr_hash_count(add_cfg->sp_org_name) > 0) ?
add_cfg->sp_org_name :
diff --git a/auth_mellon_handler.c b/auth_mellon_handler.c
index d78beec..a24f59b 100644
--- a/auth_mellon_handler.c
+++ b/auth_mellon_handler.c
@@ -117,6 +117,9 @@ static char *am_generate_metadata(apr_pool_t *p, request_rec *r)
am_dir_cfg_rec *cfg = am_get_dir_cfg(r);
char *url = am_get_endpoint_url(r);
char *cert = "";
+ const char *sp_entity_id;
+
+ sp_entity_id = cfg->sp_entity_id ? cfg->sp_entity_id : url;
if (cfg->sp_cert_file) {
char *sp_cert_file;
@@ -171,7 +174,7 @@ static char *am_generate_metadata(apr_pool_t *p, request_rec *r)
return apr_psprintf(p,
"<?xml version=\"1.0\" encoding=\"UTF-8\" standalone=\"yes\"?>\n\
<EntityDescriptor\n\
- entityID=\"%smetadata\"\n\
+ entityID=\"%s%s\"\n\
xmlns=\"urn:oasis:names:tc:SAML:2.0:metadata\">\n\
<SPSSODescriptor\n\
AuthnRequestsSigned=\"true\"\n\
@@ -197,7 +200,8 @@ static char *am_generate_metadata(apr_pool_t *p, request_rec *r)
</SPSSODescriptor>\n\
%s\n\
</EntityDescriptor>",
- url, cert, url, url, url, url, am_optional_metadata(p, r));
+ sp_entity_id, cfg->sp_entity_id ? "" : "metadata",
+ cert, url, url, url, url, am_optional_metadata(p, r));
}
#endif /* HAVE_lasso_server_new_from_buffers */