...
When
...
using
...
Shibboleth,
...
the
...
IdP
...
returns
...
a
...
SAML
...
assertion
...
to
...
the
...
SP.
...
The
...
following
...
examples
...
simply
...
display
...
the
...
results
...
of
...
the
...
SAML
...
assertion.
...
This
...
gives
...
a
...
very
...
brief
...
introduction
...
which
...
shows
...
how
...
your
...
application
...
might
...
consume
...
the
...
information
...
and
...
use
...
it.
...
Perl
...
(
...
2.x
...
version)
| Code Block |
|---|
} #!/usr/bin/perl print "Content-type: text/html\n\n"; print "<html>\n"; print "<head>"; print " <title>Shibboleth Attributes - ".$ENV{SERVER_NAME}."</title>\n"; print " <META HTTP-EQUIV=\"Pragma\" CONTENT=\"no-cache\">\n"; print " <META HTTP-EQUIV=\"Expires\" CONTENT=\"-1\">\n"; print <<__ENDJSCRIPT__; <script language"JavaScript" type="text/JavaScript"> <!-- function decodeAttributeResponse() { var textarea = document.getElementById("attributeResponseArea"); var base64str = textarea.value; var decodedMessage = decode64(base64str); textarea.value = tidyXml(decodedMessage); textarea.rows = 15; document.getElementById("decodeButtonBlock").style.display='none'; } function tidyXml(xmlMessage) { //put newline before closing tags of values inside xml blocks xmlMessage = xmlMessage.replace(/([^>])</g,"\$1\\n<"); //put newline after every tag xmlMessage = xmlMessage.replace(/>/g,">\\n"); var xmlMessageArray = xmlMessage.split("\\n"); xmlMessage=""; var nestedLevel=0; for (var n=0; n < xmlMessageArray.length; n++) { if ( xmlMessageArray[n].search(/<\\//) > -1 ) { nestedLevel--; } for (i=0; i<nestedLevel; i++) { xmlMessage+=" "; } xmlMessage+=xmlMessageArray[n]+"\\n"; if ( xmlMessageArray[n].search(/\\/>/) > -1 ) { //level status the same } else if ( ( xmlMessageArray[n].search(/<\\//) < 0 ) && (xmlMessageArray[n].search(/</) > -1) ) { //only increment if this was a tag, not if it is a value nestedLevel++; } } return xmlMessage; } var base64Key = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/="; function decode64(encodedString) { var decodedMessage = ""; var char1, char2, char3; var enc1, enc2, enc3, enc4; var i = 0; //remove all characters that are not A-Z, a-z, 0-9, +, /, or = encodedString = encodedString.replace(/[^A-Za-z0-9\\+\\/\\=]/g, ""); do { enc1 = base64Key.indexOf(encodedString.charAt(i++)); enc2 = base64Key.indexOf(encodedString.charAt(i++)); enc3 = base64Key.indexOf(encodedString.charAt(i++)); enc4 = base64Key.indexOf(encodedString.charAt(i++)); char1 = (enc1 << 2) | (enc2 >> 4); char2 = ((enc2 & 15) << 4) | (enc3 >> 2); char3 = ((enc3 & 3) << 6) | enc4; decodedMessage = decodedMessage + String.fromCharCode(char1); if (enc3 != 64) { decodedMessage = decodedMessage + String.fromCharCode(char2); } if (enc4 != 64) { decodedMessage = decodedMessage + String.fromCharCode(char3); } } while (i < encodedString.length); return decodedMessage; } // --> </script> __ENDJSCRIPT__ print "</head>\n"; print "\n\n<body>\n"; print "<b>-shib-</b><br/>"; print "<table>"; foreach $var (sort(keys(%ENV))) { if ($var =~ m/SHIB/i || $var =~ m/REMOTE_USER/ || $var =~ m/HTTP_REMOTE_USER/) { $val = $ENV{$var}; $val =~ s|\n|\\n|g; $val =~ s|"|\\"|g; print "<tr>"; print "<td>${var}</td><td>${val}</td>"; print "</tr>\n"; } } print "</table>\n"; print "<br/>\n"; print "attribute response from the IdP (<code>HTTP_SHIB_ATTRIBUTES</code>):<br/>\n"; print "<textarea id=\"attributeResponseArea\" onclick=\"select()\" rows=\"1\" cols=\"130\">"; print $ENV{"HTTP_SHIB_ATTRIBUTES"}; print <<__ENDBLOCK__; </textarea><br/> <span id="decodeButtonBlock"><input type="button" id="decodeButton" value="decode base64 encoded attribute response using JavaScript" onClick="decodeAttributeResponse();"><br/></span> <br/> <small> notes:<br/> The AAP throws away invalid values (eg an unscopedAffiliation of value "myBoss@<yourdomain>" or a value with an invalid scope which scope is checked)<br/> The raw attribute response (<code>HTTP_SHIB_ATTRIBUTES</code>) is NOT filtered by the AAP and should therefore be disabled for most applications (<code>exportAssertion=false</code>).<br/> </small> <br/> <hr/> <br/> __ENDBLOCK__ print "<b>-env-</b><br/>"; print "<pre>"; foreach $var (sort(keys(%ENV))) { $val = $ENV{$var}; $val =~ s|\n|\\n|g; $val =~ s|"|\\"|g; print "${var}=\"${val}\"\n"; } print "</pre>\n"; print "<hr/><b>-end-</b><br/>\n"; print "</body>\n\n"; print "</html>\n"; {code} h2. PHP ( |
PHP (2.x
...
version)
| Code Block |
|---|
} <script language"JavaScript" type="text/JavaScript"> <!-- function decodeAttributeResponse() { var textarea = document.getElementById("attributeResponseArea"); var base64str = textarea.value; var decodedMessage = decode64(base64str); textarea.value = tidyXml(decodedMessage); textarea.rows = 15; document.getElementById("decodeButtonBlock").style.display='none'; } function tidyXml(xmlMessage) { //put newline before closing tags of values inside xml blocks xmlMessage = xmlMessage.replace(/([^>])</g,"$1\n<"); //put newline after every tag xmlMessage = xmlMessage.replace(/>/g,">\n"); var xmlMessageArray = xmlMessage.split("\n"); xmlMessage=""; var nestedLevel=0; for (var n=0; n < xmlMessageArray.length; n++) { if ( xmlMessageArray[n].search(/<\//) > -1 ) { nestedLevel--; } for (i=0; i<nestedLevel; i++) { xmlMessage+=" "; } xmlMessage+=xmlMessageArray[n]+"\n"; if ( xmlMessageArray[n].search(/\/>/) > -1 ) { //level status the same } else if ( ( xmlMessageArray[n].search(/<\//) < 0 ) && (xmlMessageArray[n].search(/</) > -1) ) { //only increment if this was a tag, not if it is a value nestedLevel++; } } return xmlMessage; } var base64Key = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/="; function decode64(encodedString) { var decodedMessage = ""; var char1, char2, char3; var enc1, enc2, enc3, enc4; var i = 0; //remove all characters that are not A-Z, a-z, 0-9, +, /, or = encodedString = encodedString.replace(/[^A-Za-z0-9\+\/\=]/g, ""); do { enc1 = base64Key.indexOf(encodedString.charAt(i++)); enc2 = base64Key.indexOf(encodedString.charAt(i++)); enc3 = base64Key.indexOf(encodedString.charAt(i++)); enc4 = base64Key.indexOf(encodedString.charAt(i++)); char1 = (enc1 << 2) | (enc2 >> 4); char2 = ((enc2 & 15) << 4) | (enc3 >> 2); char3 = ((enc3 & 3) << 6) | enc4; decodedMessage = decodedMessage + String.fromCharCode(char1); if (enc3 != 64) { decodedMessage = decodedMessage + String.fromCharCode(char2); } if (enc4 != 64) { decodedMessage = decodedMessage + String.fromCharCode(char3); } } while (i < encodedString.length); return decodedMessage; } // --> </script> <b>-all SHIB headers-</b> (<code>HTTP_SHIB_ATTRIBUTES</code> is not shown in this list) <?php echo '<table>'; foreach ($_SERVER as $key => $value) { $fkey='_'.$key; if ( strpos($fkey,'SHIB')>1 && $key!="HTTP_SHIB_ATTRIBUTES") # if ( strpos($fkey,'SHIB')>1 ) { echo '<tr>'; echo '<td>'.$key.'</td><td>'.$value.'</td>'; echo '</tr>'; } } echo '<tr><td>(REMOTE_USER)</td><td>'.$_SERVER['REMOTE_USER'].'</td></tr>'; echo '<tr><td>(HTTP_REMOTE_USER)</td><td>'.$_SERVER['HTTP_REMOTE_USER'].'</td></tr>'; echo '</table>'; ?> <br/> attribute response from the IdP (<code>HTTP_SHIB_ATTRIBUTES</code>):<br/> <textarea id="attributeResponseArea" onclick="select()" rows="1" cols="130"><?php echo $_SERVER["HTTP_SHIB_ATTRIBUTES"]; ?></textarea><br/> <span id="decodeButtonBlock"><input type="button" id="decodeButton" value="decode base64 encoded attribute response using JavaScript" onClick="decodeAttributeResponse();"><br/></span> <br/> <small> notes:<br/> The AAP throws away invalid values (eg an unscopedAffiliation of value "myBoss@<yourdomain>" or a value with an invalid scope which scope is checked)<br/> The raw attribute response (<code>HTTP_SHIB_ATTRIBUTES</code>) is NOT filtered by the AAP and should therefore be disabled for most applications (<code>exportAssertion=false</code>).<br/> </small> <br/> <hr/> <br/> <b>$_REQUEST</b> <?php echo '<table>'; foreach ($_REQUEST as $key => $value) { echo '<tr>'; echo '<td>'.$key.'</td><td>'.$value.'</td>'; echo '</tr>'; } echo '</table>' ?> <br/> <hr/> <br/> <b>$_SERVER</b> <?php echo '<table>'; foreach ($_SERVER as $key => $value) { echo '<tr>'; echo '<td>'.$key.'</td><td>'.$value.'</td>'; echo '</tr>'; } echo '</table>' ?> <br/> <hr/> <br/> <b>$_SESSION</b> <?php echo '<table>'; foreach ($_SESSION as $key => $value) { echo '<tr>'; echo '<td>'.$key.'</td><td>'.$value.'</td>'; echo '</tr>'; } echo '</table>' ?> <br/> <hr/> <br/> {code} h2. PHP |
PHP (1.3
...
version)
| Code Block |
|---|
} <?php <table> foreach($_SERVER as $key => $value) { $fkey = '_' . $key; if (strpos($fkey, 'SHIB') > 0) { echo '<tr>'; echo "<td>$key</td><td>$value</td>"; echo '</tr>'; } } </table> ?> {code} h2. Perl |
Perl (1.3
...
version)
| Code Block |
|---|
} foreach $var (sort(keys(%ENV))) { if ($var =~ m/SHIB/ || $var =~ m/REMOTE_USER/) { $val = $ENV{$var}; $val =~ s|\n|\\n|g; $val =~ s|"|\\"|g; print "<tr>"; print "<td>${var}</td><td>${val}</td>"; print "</tr>"; } } {code} h2. SSI - Server Side Includes |
SSI - Server Side Includes (1.3
...
version)
| Code Block |
|---|
} <\!\--\#printenv-\-> {code} or {code} |
or
| Code Block |
|---|
<\!--#echo var="HTTP_SHIB_EP_PERSONPRINCIPALNAME" \-->
{code}
h2. ASP |
ASP (1.3
...
version)
| Code Block |
|---|
} <table> <% For Each strKey In Request.ServerVariables %> <tr> <td><%= strKey %></td> <td><%= Request.ServerVariables(strKey) %></td> </tr> <% Next %> </table> </table> {code} h2. JSP |
JSP (1.3
...
version)
| Code Block |
|---|
} <u>HEADERS</u><br /> <table> <% java.util.Enumeration eHeaders = request.getHeaderNames(); while(eHeaders.hasMoreElements()) { String name = (String) eHeaders.nextElement(); Object object = request.getHeader(name); String value = object.toString(); out.println("" + name + "" + value + ""); } %> </table> {code} |
Similar
...
samples
...
can
...
be
...
found
...
at
...
...
...
...