Shibboleth Developers

[Derek Atkins <>]

"Scott Cantor" 
<>
 writes:

> Sure. But if the SHIRE object is the callback object (or I should say if the
> SHIRE class is a base of the callback class) then the information and
> callbacks are right there.
[snip]
> I didn't see it as radically different from what you had, apart from just
> moving the statics into instance methods and optimizing out the callback
> parameter.

Ok, here's another try..

-derek


class ShibTarget {
public:
  virtual ~ShibTarget() {}

  // These are defined here so the subclass does not need to specifically
  // depend on log4cpp.  We could use log4cpp::Priority::PriorityLevel
  // but this is just as easy, IMHO.  It's just a case statement in the
  // implementation to handle the event level.
  enum ShibLogLevel {
    LogLevelDebug,
    LogLevelInfo,
    LogLevelWarn,
    LogLevelError
  };

  // Send a message to the Webserver log
  virtual void log(ShibLogLevel level, String msg) = 0;

  // Get/Set a cookie for this connection
  virtual String getCookie(String name) = 0;
  virtual String setCookie(String name, String value) = 0;

  // Get the request's POST data from the server
  virtual String getPostData(void) = 0;

  // Not sure if I need these, but I might for something like Apache
  // in order to "fix" the auth type in the case of basicHijack.  In
  // particular we need to maintain some state between the different
  // APIs to know whether or not to proceed with shib processing.
  virtual String getAuthType(void) = 0;
  virtual void setAuthType(String) = 0;

  // Note: we still need to define exactly what kind of data in contained
  // in the HTAccessInfo -- perhaps we can stub it out so non-htaccess
  // systems have something they can plug in?
  virtual HTAccessInfo& getAccessInfo(void) = 0;

  // We're done.  Finish up.  Send either a result (error?) page or a 
redirect.
  virtual void* sendPage(String msg, pair<String,String> headers[] = null,
                         int code = 200) = 0;
  virtual void* sendRedirect(String url) = 0;

  // These functions implement the server-agnostic shibboleth engine
  // The web server modules implement a subclass and then call into 
  // these methods once they instantiate their request object.
  void* doCheckAuthN(ShibWSCallbacks &cbs);
  void* doHandlePOST(ShibWSCallbacks &cbs);
  void* doCheckAuthZ(ShibWSCallbacks &cbs);

protected:
  // These are the actual request parameters that must be set in the subclass
  // constructor.
  String m_url;
  String m_method;
  String m_content_type;
  String m_remote_addr;
  int m_total_bytes;
};

-- 
       Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
       Member, MIT Student Information Processing Board  (SIPB)
       URL: http://web.mit.edu/warlord/    PP-ASEL-IA     N1NWH
       

                        PGP key available