Author: dumindu
Date: Sun Feb 24 20:40:08 2008
New Revision: 14119
Log:
Added the user_validator with apr_dso functions.
Modified:
trunk/solutions/identity/modules/mod-cspace/cspace_validator.c
trunk/solutions/identity/modules/mod-cspace/cspace_validator.h
trunk/solutions/identity/modules/mod-cspace/mod_cspace.c
Modified: trunk/solutions/identity/modules/mod-cspace/cspace_validator.c
==============================================================================
--- trunk/solutions/identity/modules/mod-cspace/cspace_validator.c
(original)
+++ trunk/solutions/identity/modules/mod-cspace/cspace_validator.c Sun Feb
24 20:40:08 2008
@@ -2,6 +2,11 @@
#include "mod_cspace_defines.h"
#include "cspace_validator.h"
+/*#ifdef CSPACE_APACHE2*/
+#include "apr_dso.h"
+#include "apr_file_info.h"
+/*#endif*/
+
/* In validating the saml token using xmlsec we anyway need the CA cert
* of the CA which signed the IdP's cert. Hence, the "promiscuous" and "cert"
* validators are the same (does nothing infact) in this module. Yet we include
@@ -26,11 +31,13 @@
const char *ppid, const char *cert,
const char *b_list);
static int cert_validator(const char *uri, const char *issuer,
- const char *ppid, const char *cert);
+ const char *ppid, const char *cert,
+ const void *data);
static int user_validator(const char *uri, const char *issuer,
const char *ppid, const char *cert,
- const void *user_data);
+ const char *dso_fname, void *cb_data,
+ void *data);
static val_type valstr2type(const char *validator);
@@ -150,21 +157,64 @@
}
static int cert_validator(const char *uri, const char *issuer,
- const char *ppid, const char *cert)
+ const char *ppid, const char *cert,
+ const void *data)
{
/* this validation is done at the cert verification */
return SUCC;
}
/* Allow all the requests in case of promiscuous */
-#define promiscuous_validator(a, b, c, d) SUCC
+#define promiscuous_validator(a, b, c, d, e) SUCC
+/*TODO: cb_user data should be requested from the user using an init()
callback*/
static int user_validator(const char *uri, const char *issuer,
const char *ppid, const char *cert,
- const void *user_data)
+ const char *dso_fname, void *cb_data,
+ void *ctx)
{
+/*#ifdef CSPACE_APACHE2*/
+ apr_status_t rv;
+ apr_dso_handle_sym_t sym = NULL;
+ apr_dso_handle_t *hand = NULL;
+ char *fname = NULL;
+ apr_pool_t *p = (apr_pool_t *) ctx;
+ cspace_user_validator_cb_t func;
- return SUCC;
+ if (!ppid || !dso_fname)
+ return FAIL;
+
+ apr_filepath_merge(&fname, NULL, dso_fname, 0, p);
+
+ rv = apr_dso_load(&hand, dso_fname, p);
+ if (rv)
+ {
+ /*read error using: apr_dso_error(hand, char [128], 128)*/
+ /*log error*/
+ apr_dso_unload(hand);
+ return FAIL;
+ }
+
+ rv = apr_dso_sym(&sym, hand, "cspace_user_validate");
+ if (rv)
+ {
+ /*read error using: apr_dso_error(hand, char [128], 128)*/
+ /*log error*/
+ apr_dso_unload(hand);
+ return FAIL;
+ }
+
+ /*is it meaningful to do a if(func)?*/
+ func = (cspace_user_validator_cb_t)sym;
+ rv = (*func)(uri, issuer, ppid, cert, cb_data);
+
+ apr_dso_unload(hand);
+
+ return rv;
+
+/*#else
+ return FAIL;
+#endif*/
}
static val_type valstr2type(const char *validator)
@@ -184,7 +234,8 @@
int validate_with_op_mode(const char *validator, const char *uri,
const char *issuer, const char *ppid,
- const char *cert, const void *data)
+ const char *cert, const void *val_data,
+ void *ctx)
{
int flag = FAIL;
@@ -192,23 +243,23 @@
switch (v_type) {
case VAL_TYPE_WHITE:
- flag = white_list_validator(uri, issuer, NULL, cert, data);
+ flag = white_list_validator(uri, issuer, NULL, cert, val_data);
break;
case VAL_TYPE_BLACK:
- flag = black_list_validator(uri, issuer, NULL, cert, data);
+ flag = black_list_validator(uri, issuer, NULL, cert, val_data);
break;
case VAL_TYPE_CERT:
- flag = cert_validator(uri, NULL, NULL, cert);
+ flag = cert_validator(uri, NULL, NULL, cert, NULL);
break;
case VAL_TYPE_USER:
- flag = user_validator(uri, issuer, ppid, cert, data);
+ flag = user_validator(uri, issuer, ppid, cert, (char *)val_data,
NULL, ctx);
break;
case VAL_TYPE_PROMISCUOUS:
- flag = promiscuous_validator(NULL, NULL, NULL, NULL);
+ flag = promiscuous_validator(NULL, NULL, NULL, NULL, NULL);
break;
default:
Modified: trunk/solutions/identity/modules/mod-cspace/cspace_validator.h
==============================================================================
--- trunk/solutions/identity/modules/mod-cspace/cspace_validator.h
(original)
+++ trunk/solutions/identity/modules/mod-cspace/cspace_validator.h Sun Feb
24 20:40:08 2008
@@ -1,3 +1,8 @@
int validate_with_op_mode(const char *validator, const char *uri,
const char *issuer, const char *ppid,
- const char *cert, const void *data);
+ const char *cert, const void *data,
+ void *ctx);
+
+typedef int (*cspace_user_validator_cb_t) (const char *uri,
+ const char *issuer, const char *ppid,
+ const char *cert, const void *data);
Modified: trunk/solutions/identity/modules/mod-cspace/mod_cspace.c
==============================================================================
--- trunk/solutions/identity/modules/mod-cspace/mod_cspace.c (original)
+++ trunk/solutions/identity/modules/mod-cspace/mod_cspace.c Sun Feb 24
20:40:08 2008
@@ -688,7 +688,7 @@
issuer,
ppid,
cert,
- svr_cfg->validator_data);
+ svr_cfg->validator_data,
r->pool);
if (allowed_flag) {
_______________________________________________
Identity-dev mailing list
[email protected]
http://wso2.org/cgi-bin/mailman/listinfo/identity-dev
