source: TI12-security/trunk/python/ndg.security.test/ndg/security/test/credwallet/credWallet.cfg @ 4293

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg-security/TI12-security/trunk/python/ndg.security.test/ndg/security/test/credwallet/credWallet.cfg@4293
Revision 4293, 2.7 KB checked in by pjkersha, 12 years ago (diff)

Refactoring of CredWallet?

  • added tests for getting mapped AC
  • unit tests now complete
Line 
1# Configuration file for Credential Wallet Settings
2#
3# NERC Data Grid Project
4#
5# P J Kershaw 03/10/08
6#
7# Copyright (C) 2008 CCLRC & NERC
8#
9# This software may be distributed under the terms of the Q Public License,
10# version 1.0 or later.
11[DEFAULT]
12userId=ndg-user
13userX509Cert=
14userPriKey=
15issuingX509Cert=
16
17# CA certificates for Attribute Certificate signautre validation
18caCertFilePathList=$NDGSEC_CREDWALLET_UNITTEST_DIR/ca/ndg-test-ca.crt
19
20# CA certificates for SSL connection peer cert. validation
21sslCACertFilePathList=$NDGSEC_CREDWALLET_UNITTEST_DIR/ca/ndg-test-ca.crt
22
23# See attAuthority unit tests to get this service running
24attributeAuthorityURI=http://localhost:5000/AttributeAuthority
25# Switch to alt port for testing with tcpmon
26#attributeAuthorityURI=http://localhost:4900/AttributeAuthority
27
28# Omit Credential Repository and use default NullCredentialRepository
29#credentialRepository=
30
31# Allow the Get Attribute Certificate call to try to get a mapped certificate
32# from another organisation trusted by the target Attribute Authority
33mapFromTrustedHosts=True
34rtnExtAttCertList=True
35
36# Refresh an Attribute Certificate, if an existing one in the wallet has only
37# this length of time left before it expires
38attCertRefreshElapse=7200
39
40# Section in this file from which to retrieve WS-Security settings for
41# digital signature of SOAP messages to Attribute Authorities
42wssCfgSection=WS-Security
43
44[WS-Security]
45#
46# OUTBOUND MESSAGE CONFIG
47
48# Signature of an outbound message
49
50# Certificate associated with private key used to sign a message.  The sign
51# method will add this to the BinarySecurityToken element of the WSSE header. 
52# binSecTokValType attribute must be set to 'X509' or 'X509v3' ValueType. 
53signingCertFilePath=$NDGSEC_CREDWALLET_UNITTEST_DIR/clnt.crt
54
55# ... or provide file path to PEM encoded private key file
56signingPriKeyFilePath=$NDGSEC_CREDWALLET_UNITTEST_DIR/clnt.key
57
58# Password protecting private key.  Leave blank if there is no password.
59signingPriKeyPwd=
60
61# Set the ValueType for the BinarySecurityToken added to the WSSE header for a
62# signed message.  See __setReqBinSecTokValType method and binSecTokValType
63# class variable for options - it may be one of X509, X509v3, X509PKIPathv1 or
64# give full namespace to alternative - see
65# ZSI.wstools.Namespaces.OASIS.X509TOKEN
66#
67# binSecTokValType determines whether signingCert or signingCertChain
68# attributes will be used.
69reqBinSecTokValType=X509v3
70
71# Add a timestamp element to an outbound message
72addTimestamp=True
73
74# For WSSE 1.1 - service returns signature confirmation containing signature
75# value sent by client
76applySignatureConfirmation=True
77
78#
79# INBOUND MESSAGE CONFIG
80
81# Provide a space separated list of file paths
82caCertFilePathList=$NDGSEC_CREDWALLET_UNITTEST_DIR/ca/ndg-test-ca.crt
Note: See TracBrowser for help on using the repository browser.