source: TI12-security/trunk/NDGSecurity/python/ndg_security_test/ndg/security/test/unit/authz/xacml/saml_pip.cfg @ 7698

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg-security/TI12-security/trunk/NDGSecurity/python/ndg_security_test/ndg/security/test/unit/authz/xacml/saml_pip.cfg@7698
Revision 7698, 1.4 KB checked in by pjkersha, 10 years ago (diff)

Integrated SAML ESGF Group/Role? attribute value type into SAML Attribute Authority client unit tests.

Line 
1#
2# NDG Security XACML Policy Information Point configuration file
3#
4# NERC DataGrid
5#
6# Author: P J Kershaw
7#
8# Date: 11/08/10
9#
10# Copyright: STFC 2010
11#
12# Licence: BSD - See top-level LICENCE file for licence details
13#
14# $Id$
15[DEFAULT]
16# Attribute ID -> Attribute Authority mapping file.  The PIP, on receipt of a
17# query from the XACML context handler, checks the attribute(s) being queried
18# for and looks up this mapping to determine which attribute authority to query
19# to find out if the subject has the attribute in their entitlement
20saml_pip.mappingFilePath = %(here)s/pip-mapping.txt
21
22# Cache assertions retrieved from the Attribute Authority to optimise performance
23saml_pip.sessionCacheDataDir = %(here)s/query-results-cache
24
25# Timeout cache in 30mins
26saml_pip.sessionCacheTimeout = 1800
27
28# The attribute ID of the subject value to extract from the XACML request
29# context and pass in the SAML attribute query
30saml_pip.subjectAttributeId = urn:esg:openid
31
32saml_pip.attributeQuery.issuerName = O=NDG, OU=Security, CN=localhost
33saml_pip.attributeQuery.issuerFormat = urn:oasis:names:tc:SAML:1.1:nameid-format:x509SubjectName
34
35# These settings configure SSL mutual authentication for the query to the SAML
36# Attribute Authority
37saml_pip.attributeQuery.sslCertFilePath = $NDGSEC_TEST_CONFIG_DIR/pki/localhost.crt
38saml_pip.attributeQuery.sslPriKeyFilePath = $NDGSEC_TEST_CONFIG_DIR/pki/localhost.key
39saml_pip.attributeQuery.sslCACertDir = $NDGSEC_TEST_CONFIG_DIR/ca
Note: See TracBrowser for help on using the repository browser.