Back to index

nordugrid-arc-nox  1.1.0~rc6
SAML2SSO_AssertionConsumerSH.h
Go to the documentation of this file.
00001 #ifndef __ARC_SEC_SAML2SSO_ASSERTIONCONSUMERSH_H__
00002 #define __ARC_SEC_SAML2SSO_ASSERTIONCONSUMERSH_H__
00003 
00004 #include <stdlib.h>
00005 
00006 #include <arc/ArcConfig.h>
00007 #include <arc/message/Message.h>
00008 #include <arc/message/MCCLoader.h>
00009 #include <arc/message/SecHandler.h>
00010 
00011 namespace ArcSec {
00012 
00014 //1.Launch a service (called SP Service) which will compose AuthnRequest according 
00015 //to the IdP information sent from client side/user agent. So the SAML2SSO_ServiceProviderSH
00016 //handler and SP Service together composes the functionality if Service Provider in 
00017 //SAML2 SSO profile
00018 //2.Consume the saml assertion from client side/user agent (Push model): 
00019 //a. assertion inside soap message as WS-Security SAML token;
00020 //b. assertion inside x509 certificate as exention. we need to parse the peer 
00021 //x509 certificate from transport level and take out the saml assertion.
00022 //Or contact the IdP and get back the saml assertion related to the client(Pull model)
00023 
00024 class SAML2SSO_AssertionConsumerSH : public SecHandler {
00025  private:
00026   std::string cert_file_;
00027   std::string key_file_;
00028   std::string ca_file_;
00029   std::string ca_dir_;
00030   Arc::MCCLoader* SP_service_loader;
00031 
00032  public:
00033   SAML2SSO_AssertionConsumerSH(Arc::Config *cfg, Arc::ChainContext* ctx);
00034   virtual ~SAML2SSO_AssertionConsumerSH(void);
00035   static Arc::Plugin* get_sechandler(Arc::PluginArgument* arg);
00036   virtual bool Handle(Arc::Message* msg) const;
00037 };
00038 
00039 } // namespace ArcSec
00040 
00041 #endif /* __ARC_SEC_SAML2SSO_ASSERTIONCONSUMERSH_H__ */
00042