source: TI12-security/trunk/python/ndg.security.test/ndg/security/test/sessionMgrClient/sessionMgrProperties.xml @ 4158

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg-security/TI12-security/trunk/python/ndg.security.test/ndg/security/test/sessionMgrClient/sessionMgrProperties.xml@4158
Revision 4158, 4.5 KB checked in by cbyrom, 13 years ago (diff)

Create new utility module, ClassFactory? - to allow generic instantiation
of classes dynamically.

Implement use of this in the AttAuth? and SessionMgr? services + adjust
the config files for these accordingly + abstract use of MyProxy? in
SessionMgr? to generic authNService - and create packages with real
and test authN services. Adjust the SessionMgr? tests to use the
test authN service.

Line 
1<?xml version="1.0" encoding="utf-8"?>
2<sessMgrProp>
3    <portNum>5700</portNum>
4    <useSSL>Yes</useSSL> <!-- leave blank to use http -->
5    <!--<useSSL>Yes</useSSL>  leave blank to use http -->
6    <sslCertFile>$NDGSEC_SMCLNT_UNITTEST_DIR/sm.crt</sslCertFile>
7    <sslKeyFile>$NDGSEC_SMCLNT_UNITTEST_DIR/sm.key</sslKeyFile>
8    <!--
9    Directory containing CA cert.s to verify SSL peer cert against
10     - ignored if useSSL is blank
11    -->
12    <sslCACertDir>$NDGSEC_SMCLNT_UNITTEST_DIR/ca</sslCACertDir>
13    <!--
14    PKI settings for WS-Security signature of outbound SOAP messages
15    NB, if no signature handling is required, do not include this element
16    -->
17    <WS-Security>
18            <!--
19        CA Certificates used to verify X.509 certs used in peer SOAP messages,
20        SSL connections and Attribute Certificates
21        -->
22            <caCertFilePathList>
23            <caCertFile>$NDGSEC_SMCLNT_UNITTEST_DIR/ca/ndg-test-ca.crt</caCertFile>
24                <!--
25                To also trust certificates issued from your MyProxy CA, replace
26            "abcdef01.0" with the unique name for your CA certificate and uncomment
27                the following line:
28                <caCertFile>$NDGSEC_SMCLNT_UNITTEST_DIR/ca/abcdef01.0</caCertFile>
29            -->
30            </caCertFilePathList>
31        <signingCertFilePath>$NDGSEC_SMCLNT_UNITTEST_DIR/sm.crt</signingCertFilePath>
32            <signingPriKeyFilePath>$NDGSEC_SMCLNT_UNITTEST_DIR/sm.key</signingPriKeyFilePath>
33        <signingPriKeyPwd/>
34                <!--
35                Inclusive namespace prefixes for reference and SignedInfo sections of
36                WS-Security digital signature
37                -->
38                <refC14nInclNS></refC14nInclNS>
39                <signedInfoC14nInclNS></signedInfoC14nInclNS>
40            <!--
41        Set the certificate used to verify the signature of messages from the
42            client.  This can usually be left blank since the client is expected to
43        include the cert with the signature in the inbound SOAP message
44            -->
45        <verifyingCertFilePath></verifyingCertFilePath>
46    </WS-Security>   
47    <sessMgrEncrKey>abcdef0123456789</sessMgrEncrKey>
48    <sessMgrURI>https://localhost:5700/SessionManager</sessMgrURI>
49    <cookieDomain></cookieDomain>
50        <simpleCACltProp>
51            <uri></uri>
52        <xmlSigKeyFile></xmlSigKeyFile>
53        <xmlSigCertFile></xmlSigCertFile>
54        <xmlSigCertPwd></xmlSigCertPwd>
55    </simpleCACltProp>
56    <credReposProp>
57            <modFilePath></modFilePath>
58            <modName>ndg.security.common.CredWallet</modName>
59            <className>NullCredRepos</className>
60            <propFile></propFile>
61    </credReposProp>
62    <authNServiceProp>
63            <moduleFilePath>$NDGSEC_AACLNT_UNITTEST_DIR</moduleFilePath>
64            <moduleName>ndg.security.server.authenservice.session_mgr_my_proxy_client</moduleName>
65            <className>SessionMgrMyProxyClient</className>
66            <!-- If properties file specified, the contents will augment/override any
67            other properties set here -->
68            <propertiesFile></propertiesFile>
69                <!--
70                Delete this element and take setting from MYPROXY_SERVER environment
71                variable if required
72                <hostname>localhost</hostname>
73                -->
74                <!--
75                Delete this element to take default setting 7512 or read
76                MYPROXY_SERVER_PORT setting
77                -->
78                <port>7512</port>
79                <!--
80                Useful if hostname and certificate CN don't match correctly.  Globus
81                host DN is set to "host/<fqdn>".  Delete this element and set from
82                MYPROXY_SERVER_DN environment variable if preferred
83                <serverDN>/O=NDG/OU=BADC/OU=Gabriel/CN=localhost</serverDN>
84                -->
85                <!--
86                Set "host/" prefix to host cert CN as is default with globus otherwise
87                client SSL peer cert check fails
88                -->
89                <serverCNprefix>host/</serverCNprefix> 
90                <!--
91                This directory path is used to locate the OpenSSL configuration file
92               
93                The settings are used to set up the defaults for the Distinguished Name of
94                the new proxy cert. issued
95               
96                GLOBUS_LOCATION or GRID_SECURITY_DIR environment variables may be used
97                but the settings can be independent of any Globus installation
98                -->
99                <openSSLConfFilePath>$NDGSEC_SMCLNT_UNITTEST_DIR/openssl.conf</openSSLConfFilePath>
100                <tmpDir>/tmp</tmpDir>
101                <!--
102                        Limit on maximum lifetime any proxy certificate can have -
103                        specified when a certificate is first created by store() method
104                -->
105                <proxyCertMaxLifetime>43200</proxyCertMaxLifetime> <!-- in seconds -->
106                <!--
107                        Life time of a proxy certificate when issued from the Proxy Server
108                        with getDelegation() method
109                -->
110                <proxyCertLifetime>43200</proxyCertLifetime> <!-- in seconds -->
111                <caCertFile>$NDGSEC_SMCLNT_UNITTEST_DIR/ca/cacert.pem</caCertFile>
112        </authNServiceProp>
113   
114</sessMgrProp>
Note: See TracBrowser for help on using the repository browser.