source: TI12-security/trunk/python/ndg.security.test/ndg/security/test/credwallet/credWallet.cfg @ 4285

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg-security/TI12-security/trunk/python/ndg.security.test/ndg/security/test/credwallet/credWallet.cfg@4285
Revision 4285, 2.7 KB checked in by pjkersha, 12 years ago (diff)

Refactoring of CredWallet? - first working unit tests for new version + fixes to Attribute Authority ZSI WSDL gen code interface.

Line 
1# Configuration file for Credential Wallet Settings
2#
3# NERC Data Grid Project
4#
5# P J Kershaw 03/10/08
6#
7# Copyright (C) 2008 CCLRC & NERC
8#
9# This software may be distributed under the terms of the Q Public License,
10# version 1.0 or later.
11[DEFAULT]
12userId=ndg-user
13userX509Cert=
14userPriKey=
15issuingX509Cert=
16
17# CA certificates for Attribute Certificate signautre validation
18caCertFilePathList=$NDGSEC_CREDWALLET_UNITTEST_DIR/ca/ndg-test-ca.crt
19
20# CA certificates for SSL connection peer cert. validation
21sslCACertFilePathList=$NDGSEC_CREDWALLET_UNITTEST_DIR/ca/ndg-test-ca.crt
22
23# See attAuthority unit tests to get this service running
24#attributeAuthorityURI=http://localhost:5000/AttributeAuthority
25attributeAuthorityURI=http://localhost:4900/AttributeAuthority
26
27# Omit Credential Repository and use default NullCredentialRepository
28#credentialRepository=
29
30# Allow the Get Attribute Certificate call to try to get a mapped certificate
31# from another organisation trusted by the target Attribute Authority
32mapFromTrustedHosts=True
33rtnExtAttCertList=True
34
35# Refresh an Attribute Certificate, if an existing one in the wallet has only
36# this length of time left before it expires
37attCertRefreshElapse=7200
38
39# Section in this file from which to retrieve WS-Security settings for
40# digital signature of SOAP messages to Attribute Authorities
41wssCfgSection=WS-Security
42
43[WS-Security]
44#
45# OUTBOUND MESSAGE CONFIG
46
47# Signature of an outbound message
48
49# Certificate associated with private key used to sign a message.  The sign
50# method will add this to the BinarySecurityToken element of the WSSE header. 
51# binSecTokValType attribute must be set to 'X509' or 'X509v3' ValueType. 
52signingCertFilePath=$NDGSEC_CREDWALLET_UNITTEST_DIR/clnt.crt
53
54# ... or provide file path to PEM encoded private key file
55signingPriKeyFilePath=$NDGSEC_CREDWALLET_UNITTEST_DIR/clnt.key
56
57# Password protecting private key.  Leave blank if there is no password.
58signingPriKeyPwd=
59
60# Set the ValueType for the BinarySecurityToken added to the WSSE header for a
61# signed message.  See __setReqBinSecTokValType method and binSecTokValType
62# class variable for options - it may be one of X509, X509v3, X509PKIPathv1 or
63# give full namespace to alternative - see
64# ZSI.wstools.Namespaces.OASIS.X509TOKEN
65#
66# binSecTokValType determines whether signingCert or signingCertChain
67# attributes will be used.
68reqBinSecTokValType=X509v3
69
70# Add a timestamp element to an outbound message
71addTimestamp=True
72
73# For WSSE 1.1 - service returns signature confirmation containing signature
74# value sent by client
75applySignatureConfirmation=True
76
77#
78# INBOUND MESSAGE CONFIG
79
80# Provide a space separated list of file paths
81caCertFilePathList=$NDGSEC_CREDWALLET_UNITTEST_DIR/ca/ndg-test-ca.crt
Note: See TracBrowser for help on using the repository browser.