diff options
| author | manu@netbsd.org <manu@netbsd.org@a716ebb1-153a-0410-b759-cfb97c6a1b53> | 2013-04-15 14:54:38 +0000 |
|---|---|---|
| committer | manu@netbsd.org <manu@netbsd.org@a716ebb1-153a-0410-b759-cfb97c6a1b53> | 2013-04-15 14:54:38 +0000 |
| commit | 1d2c882ba14c007d9cf966ac1c131fb3628bb810 (patch) | |
| tree | 26e8dbc9b20f87a7f19d1a1f896ae072c582a1bd | |
| parent | 0b11c9f3ee5d7bc3580a7ae592d5200dad07a007 (diff) | |
| download | mod_auth_mellon-1d2c882ba14c007d9cf966ac1c131fb3628bb810.tar.gz mod_auth_mellon-1d2c882ba14c007d9cf966ac1c131fb3628bb810.tar.xz mod_auth_mellon-1d2c882ba14c007d9cf966ac1c131fb3628bb810.zip | |
Add MellonSPentityId to control entityId in autogenerated metadata
git-svn-id: https://modmellon.googlecode.com/svn/trunk@205 a716ebb1-153a-0410-b759-cfb97c6a1b53
| -rw-r--r-- | NEWS | 5 | ||||
| -rw-r--r-- | README | 6 | ||||
| -rw-r--r-- | auth_mellon.h | 1 | ||||
| -rw-r--r-- | auth_mellon_config.c | 12 | ||||
| -rw-r--r-- | auth_mellon_handler.c | 8 |
5 files changed, 29 insertions, 3 deletions
@@ -1,3 +1,8 @@ +Version 0.6.2 +--------------------------------------------------------------------------- + +* Add MellonSPentityId to control entityId in autogenerated metadata + Version 0.6.1 --------------------------------------------------------------------------- @@ -332,7 +332,11 @@ MellonPostCount 100 # Default: None set. MellonSPMetadataFile /etc/apache2/mellon/sp-metadata.xml - # If you choose to autogenerate metadata, these option + # If you choose to autogenerate metadata, this option + # can be used to control the SP entityId + # MellonSPentityId "https://www.example.net/foo" + # + # If you choose to autogenerate metadata, these options # can be used to fill the <Organization> element. They # all follow the syntax "option [lang] value": # MellonOrganizationName "random-service" diff --git a/auth_mellon.h b/auth_mellon.h index fa3df40..c4e40d9 100644 --- a/auth_mellon.h +++ b/auth_mellon.h @@ -195,6 +195,7 @@ typedef struct am_dir_cfg_rec { GList *idp_ignore; /* metadata autogeneration helper */ + char *sp_entity_id; apr_hash_t *sp_org_name; apr_hash_t *sp_org_display_name; apr_hash_t *sp_org_url; diff --git a/auth_mellon_config.c b/auth_mellon_config.c index 19ae37c..91ccbec 100644 --- a/auth_mellon_config.c +++ b/auth_mellon_config.c @@ -1064,6 +1064,13 @@ const command_rec auth_mellon_commands[] = { OR_AUTHCFG, "List of IdP entityId to ignore." ), + AP_INIT_TAKE1( + "MellonSPentityId", + ap_set_string_slot, + (void *)APR_OFFSETOF(am_dir_cfg_rec, sp_entity_id), + OR_AUTHCFG, + "SP entity Id to be used for metadata auto generation." + ), AP_INIT_TAKE12( "MellonOrganizationName", am_set_langstring_slot, @@ -1231,6 +1238,7 @@ void *auth_mellon_dir_config(apr_pool_t *p, char *d) dir->probe_discovery_timeout = -1; /* -1 means no probe discovery */ dir->probe_discovery_idp = apr_table_make(p, 0); + dir->sp_entity_id = NULL; dir->sp_org_name = apr_hash_make(p); dir->sp_org_display_name = apr_hash_make(p); dir->sp_org_url = apr_hash_make(p); @@ -1400,6 +1408,10 @@ void *auth_mellon_dir_merge(apr_pool_t *p, void *base, void *add) add_cfg->idp_ignore : base_cfg->idp_ignore; + new_cfg->sp_entity_id = (add_cfg->sp_entity_id ? + add_cfg->sp_entity_id : + base_cfg->sp_entity_id); + new_cfg->sp_org_name = apr_hash_copy(p, (apr_hash_count(add_cfg->sp_org_name) > 0) ? add_cfg->sp_org_name : diff --git a/auth_mellon_handler.c b/auth_mellon_handler.c index d78beec..a24f59b 100644 --- a/auth_mellon_handler.c +++ b/auth_mellon_handler.c @@ -117,6 +117,9 @@ static char *am_generate_metadata(apr_pool_t *p, request_rec *r) am_dir_cfg_rec *cfg = am_get_dir_cfg(r); char *url = am_get_endpoint_url(r); char *cert = ""; + const char *sp_entity_id; + + sp_entity_id = cfg->sp_entity_id ? cfg->sp_entity_id : url; if (cfg->sp_cert_file) { char *sp_cert_file; @@ -171,7 +174,7 @@ static char *am_generate_metadata(apr_pool_t *p, request_rec *r) return apr_psprintf(p, "<?xml version=\"1.0\" encoding=\"UTF-8\" standalone=\"yes\"?>\n\ <EntityDescriptor\n\ - entityID=\"%smetadata\"\n\ + entityID=\"%s%s\"\n\ xmlns=\"urn:oasis:names:tc:SAML:2.0:metadata\">\n\ <SPSSODescriptor\n\ AuthnRequestsSigned=\"true\"\n\ @@ -197,7 +200,8 @@ static char *am_generate_metadata(apr_pool_t *p, request_rec *r) </SPSSODescriptor>\n\ %s\n\ </EntityDescriptor>", - url, cert, url, url, url, url, am_optional_metadata(p, r)); + sp_entity_id, cfg->sp_entity_id ? "" : "metadata", + cert, url, url, url, url, am_optional_metadata(p, r)); } #endif /* HAVE_lasso_server_new_from_buffers */ |