Commit cf8e2e72 authored by Maiken's avatar Maiken

Merge branch 'blah-logger-voms-full-attributes' into 'master'

Support for VOMS AC tags in arc-balhp-logger

See merge request !948
parents 00233214 04078be5
Pipeline #7502 passed with stages
in 191 minutes and 3 seconds
......@@ -1528,12 +1528,12 @@ err:
status |= VOMSACInfo::InternalParsingFailed;
return false;
}
//Check AC's extension
if(!checkExtensions(ac->acinfo->exts, issuer, output, status)) res = false;
//Check AC's attribute
if(!checkAttributes(ac->acinfo->attrib, output, status)) res = false; // ??
//Check AC's extension
if(!checkExtensions(ac->acinfo->exts, issuer, output, status)) res = false;
return res;
}
......
......@@ -212,15 +212,41 @@ int main(int argc, char *argv[]) {
std::size_t pos;
if(voms_attributes.size() > 0) {
for (std::vector<Arc::VOMSACInfo>::iterator iAC = voms_attributes.begin(); iAC != voms_attributes.end(); iAC++) {
for (int acnt = 1; acnt < iAC->attributes.size(); acnt++ ) {
for (unsigned int acnt = 0; acnt < iAC->attributes.size(); acnt++ ) {
fqan = iAC->attributes[acnt];
pos = fqan.find("/Role=");
if ( pos == std::string::npos ) fqan = fqan + "/Role=NULL";
logger.msg(Arc::DEBUG, "Found VOMS AC attribute: %s", fqan);
std::list<std::string> elements;
Arc::tokenize(fqan, elements, "/");
if ( elements.size() == 0 ) {
logger.msg(Arc::DEBUG, "Malformed VOMS AC attribute %s", fqan);
continue;
}
if (elements.front().rfind("voname=", 0) == 0) {
elements.pop_front(); // crop voname=
if ( ! elements.empty() ) elements.pop_front(); // crop hostname=
if ( ! elements.empty() ) {
logger.msg(Arc::DEBUG, "VOMS AC attribute is a tag");
fqan = "";
while (! elements.empty () ) {
fqan.append("/").append(elements.front());
elements.pop_front();
}
} else {
logger.msg(Arc::DEBUG, "Skipping policyAuthority VOMS AC attribute");
continue;
}
} else {
logger.msg(Arc::DEBUG, "VOMS AC attribute is the FQAN");
pos = fqan.find("/Role=");
if ( pos == std::string::npos ) fqan = fqan + "/Role=NULL";
}
fqans_logentry += "\"userFQAN=" + Arc::trim(Arc::escape_chars(fqan, "\"\\", '\\', false)) + "\" ";
}
}
} else {
logger.msg(Arc::DEBUG, "No FQAN found. Using NULL as userFQAN value");
logger.msg(Arc::DEBUG, "No FQAN found. Using None as userFQAN value");
fqans_logentry = "\"userFQAN=/None/Role=NULL\" ";
}
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment