Changeset 1301
- Timestamp:
- 14/07/06 11:45:38 (15 years ago)
- Location:
- TI12-security/trunk/python
- Files:
-
- 7 edited
-
NDG/CredWallet.py (modified) (5 diffs)
-
NDG/GatekeeperClient.py (modified) (2 diffs)
-
NDG/LogClient.py (modified) (3 diffs)
-
NDG/Session.py (modified) (2 diffs)
-
NDG/SimpleCAClient.py (modified) (2 diffs)
-
README (modified) (1 diff)
-
setup.py (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
TI12-security/trunk/python/NDG/CredWallet.py
r1180 r1301 21 21 from datetime import timedelta 22 22 23 # Keyword formatting/XML message creation for Attribute Authority WS 24 from AttAuthorityIO import * 25 26 from SecurityClient import AttAuthorityClient, AttAuthorityClientError 27 28 # Access Attribute Authority's web service using ZSI - allow pass if not loaded 29 # since it's possible to make AttAuthority instance locally without using 30 # the WS 23 24 # Access Attribute Authority's web service using ZSI - allow pass if not 25 # loaded since it's possible to make AttAuthority instance locally without 26 # using the WS 31 27 aaImportError = True 32 28 try: 33 from ZSI import ServiceProxy 34 import socket # handle socket errors from WS 29 from SecurityClient import AttAuthorityClient, AttAuthorityClientError 35 30 aaImportError = False 36 31 … … 530 525 used to making a mapping should the user not 531 526 be registered with the Attribute Authority""" 532 533 if extAttCert is not None:534 if not isinstance(extAttCert, AttCert):535 raise CredWalletError(\536 "Input Attribute Certificate must be AttCert type")537 527 538 528 if aaWSDL is not None: 539 if not isinstance(aaWSDL, basestring):540 raise CredWalletError("Attribute Authority WSDL file " + \541 "path must be a valid string")542 543 529 try: 544 # Get Attribute Authority web service interface 545 if bDebug: 546 traceFile = sys.stderr 547 else: 548 traceFile = None 549 550 aaSrv = ServiceProxy(aaWSDL, 551 use_wsdl=True, 552 tracefile=traceFile) 530 aaClnt = AttAuthorityClient(aaWSDL=aaWSDL, 531 aaPubKeyFilePath=aaPubKeyFilePath) 532 533 authzResp = aaClnt.reqAuthorisation(self.__proxyCertTxt, 534 userAttCert=extAttCert, 535 clntPriKeyPwd=self.__clntPriKeyPwd) 553 536 except Exception, e: 554 raise CredWalletError(\ 555 "ServiceProxy for authorisation request: " + str(e)) 556 557 558 if aaPubKeyFilePath is None: 559 # Try retrieving from the web service 560 try: 561 pubKeyReq = PubKeyReq() 562 resp = aaSrv.getPubKey(pubKeyReq=pubKeyReq()) 563 pubKeyResp = PubKeyResp(xmlTxt=resp['pubKeyResp']) 564 565 if 'errMsg' in pubKeyResp and pubKeyResp['errMsg']: 566 raise Exception(pubKeyResp['errMsg']) 567 568 aaPubKeyTmpFile = tempfile.NamedTemporaryFile() 569 open(aaPubKeyTmpFile.name,"w").write(pubKeyResp['pubKey']) 570 571 aaPubKeyFilePath = aaPubKeyTmpFile.name 572 573 except IOError, (errNo, errMsg): 574 raise CredWalletError(\ 575 "Writing public key to temporary file: %s" % errMsg) 576 577 except Exception, e: 578 raise CredWalletError(\ 579 "Retrieving Attribute Authority public key: "+ str(e)) 580 581 582 try: 583 # Format XML request message 584 # 585 # Message will be encrypted if aaPubKeyFilePath was set 586 authorisationReq = AuthorisationReq(\ 587 proxyCert=self.__proxyCertTxt, 588 userAttCert=extAttCert, 589 encrCert=self.__clntPubKey, 590 encrPubKeyFilePath=aaPubKeyFilePath) 591 592 # Call Attribute Authority's Web service 593 resp = aaSrv.reqAuthorisation(\ 594 authorisationReq=authorisationReq()) 595 596 except socket.error, (dummy, e): 597 raise CredWalletError("Requesting authorisation: %s" % str(e)) 598 599 except Exception, e: 600 raise CredWalletError("Requesting authorisation: %s" % str(e)) 601 602 603 # Parse the response 604 authorisationResp = AuthorisationResp(\ 605 xmlTxt=resp['authorisationResp'], 606 encrPriKeyFilePath=self.__clntPriKeyFilePath, 607 encrPriKeyPwd=self.__clntPriKeyPwd) 608 609 # Check the status code returned from the authorisation request 610 if authorisationResp['statCode'] == authorisationResp.accessError: 611 raise CredWalletError(authorisationResp['errMsg']) 612 613 elif authorisationResp['statCode'] == \ 614 authorisationResp.accessDenied: 615 raise CredWalletAuthorisationDenied(\ 616 "Authorisation denied: %s" % authorisationResp['errMsg']) 617 618 elif authorisationResp['statCode'] == \ 619 authorisationResp.accessGranted: 620 attCert = authorisationResp['credential'] 621 537 raise CredWalletError, "Requesting authorisation: %s" % str(e) 538 539 540 if authzResp['statCode'] == authorisationResp.accessDenied: 541 raise CredWalletAuthorisationDenied,\ 542 "Authorisation denied: %s" % authzResp['errMsg'] 543 544 elif authzResp['statCode'] == authorisationResp.accessGranted: 545 attCert = authzResp['credential'] 546 622 547 else: 623 raise CredWalletError ("Attribute Authority authorisation " +\624 "status code not recognised")548 raise CredWalletError, "Attribute Authority authorisation " +\ 549 "status code not recognised" 625 550 626 551 elif aaPropFilePath is not None: … … 688 613 specify a local Attribute Authority 689 614 configuration file.""" 690 691 if userRole is not None and not isinstance(userRole, basestring):692 raise CredWalletError("User Role must be a valid string")693 694 615 695 616 if aaWSDL is not None: 696 617 # Call Attribute Authority WS 697 if not isinstance(aaWSDL, basestring): 698 raise CredWalletError("Attribute Authority WSDL file " + \ 699 "path must be a valid string") 700 701 try: 702 if bDebug: 703 traceFile = sys.stderr 704 else: 705 traceFile = None 706 707 aaSrv = ServiceProxy(aaWSDL, 708 use_wsdl=True, 709 tracefile=traceFile) 618 try: 619 aaClnt = AttAuthorityClient(aaWSDL=aaWSDL, 620 aaPubKeyFilePath=aaPubKeyFilePath, 621 clntPubKeyFilePath=self.__clntPubKeyFilePath) 622 623 trustedHostInfo = aaClnt.getTrustedHostInfo(role=userRole, 624 clntPriKeyPwd=self.__clntPriKeyPwd) 625 return trustedHostInfo 626 710 627 except Exception, e: 711 raise CredWalletError(\ 712 "ServiceProxy for authorisation request: " + str(e)) 713 714 715 if aaPubKeyFilePath is None: 716 # Try retrieving from the web service 717 try: 718 pubKeyReq = PubKeyReq() 719 resp = aaSrv.getPubKey(pubKeyReq=pubKeyReq()) 720 pubKeyResp = PubKeyResp(xmlTxt=resp['pubKeyResp']) 721 722 if 'errMsg' in pubKeyResp and pubKeyResp['errMsg']: 723 raise Exception(pubKeyResp['errMsg']) 724 725 aaPubKeyTmpFile = tempfile.NamedTemporaryFile() 726 open(aaPubKeyTmpFile.name,"w").write(pubKeyResp['pubKey']) 727 728 aaPubKeyFilePath = aaPubKeyTmpFile.name 729 730 except IOError, (errNo, errMsg): 731 raise CredWalletError(\ 732 "Writing public key to temporary file: %s" % errMsg) 733 734 except Exception, e: 735 raise CredWalletError(\ 736 "Retrieving Attribute Authority public key: "+ str(e)) 737 738 739 if self.__clntPubKeyFilePath: 740 # Read client certificate into a string ready to pass over 741 # SOAP connection 742 try: 743 clntCert = open(self.__clntPubKeyFilePath).read() 744 745 except IOError, (errNo, errMsg): 746 raise optparse.OptionValueError(\ 747 "Reading client public key file \"%s\": %s" %\ 748 (self.__clntPubKeyFilePath, errMsg)) 749 750 except Exception, e: 751 raise optparse.OptionValueError(\ 752 "Reading client public key file \"%s\": %s" %\ 753 (self.__clntPubKeyFilePath, str(e))) 754 else: 755 clntCert = None 756 757 758 try: 759 # Format request 760 trustedHostInfoReq = TrustedHostInfoReq(role=userRole, 761 encrCert=clntCert, 762 encrPubKeyFilePath=aaPubKeyFilePath) 763 764 # Call Attribute Authority's Web service 765 resp = aaSrv.getTrustedHostInfo(\ 766 trustedHostInfoReq=trustedHostInfoReq()) 767 768 # Parse response 769 trustedHostInfoResp = TrustedHostInfoResp(\ 770 xmlTxt=resp['trustedHostInfoResp'], 771 encrPriKeyFilePath=self.__clntPriKeyFilePath, 772 encrPriKeyPwd=self.__clntPriKeyPwd) 773 774 if 'errMsg' in trustedHostInfoResp and \ 775 trustedHostInfoResp['errMsg']: 776 raise Exception(trustedHostInfoResp['errMsg']) 777 778 return trustedHostInfoResp['trustedHosts'] 779 780 except socket.error, e: 781 raise CredWalletError("Requesting trusted host info: %s" % \ 782 e[1]) 783 except Exception, e: 784 raise CredWalletError("Requesting trusted host info: %s" % e) 785 786 628 raise CredWalletError, \ 629 "Requesting trusted host information: %s" % str(e) 630 787 631 elif aaPropFilePath is not None: 788 632 … … 790 634 # configuration file aaPropFilePath 791 635 if not instance(aaWSDL, basestring): 792 raise CredWalletError ("Attribute Authority Configuration " +\793 "file path must be a valid string" )636 raise CredWalletError, "Attribute Authority Configuration " +\ 637 "file path must be a valid string" 794 638 795 639 try: … … 799 643 # Request a new attribute certificate from the Attribute 800 644 # Authority 801 return aa.getTrustedHost s(userRole)645 return aa.getTrustedHostInfo(role=userRole) 802 646 803 647 except Exception, e: 804 raise CredWalletError ("Requesting trusted host info: %s" % e)648 raise CredWalletError, "Requesting trusted host info: %s" % e 805 649 806 650 else: 807 raise CredWalletError ("Error requesting trusted hosts info: " + \808 "a WSDL file or Attribute Authority " + \809 "configuration file must be specified")651 raise CredWalletError, "Error requesting trusted hosts info: " + \ 652 "a WSDL file or Attribute Authority " + \ 653 "configuration file must be specified" 810 654 811 655 -
TI12-security/trunk/python/NDG/GatekeeperClient.py
r968 r1301 14 14 15 15 from ZSI import ServiceProxy 16 from ZSI.wstools.Utility import HTTPResponse 16 17 import sys 17 18 import os … … 76 77 use_wsdl=True, 77 78 tracefile=self.__traceFile) 79 except HTTPResponse, e: 80 raise GatekeeperClientError, \ 81 "Error initialising WSDL Service Proxy for \"%s\": %s %s" % \ 82 (self.__wsdl, e.status, e.reason) 83 78 84 except Exception, e: 79 raise GatekeeperClientError (\80 "Initialising WSDL Service Proxy: " + str(e) )85 raise GatekeeperClientError, \ 86 "Initialising WSDL Service Proxy: " + str(e) 81 87 82 88 -
TI12-security/trunk/python/NDG/LogClient.py
r941 r1301 14 14 15 15 from ZSI import ServiceProxy 16 from ZSI.wstools.Utility import HTTPResponse 16 17 import sys 17 18 import os … … 68 69 69 70 if not isinstance(wsdl, basestring): 70 raise LogClientError(\ 71 "Logging WSDL URI must be a valid string") 71 raise LogClientError, "Logging WSDL URI must be a valid string" 72 72 73 73 self.__wsdl = wsdl … … 86 86 use_wsdl=True, 87 87 tracefile=self.__traceFile) 88 except HTTPResponse, e: 89 raise LogClientError, \ 90 "Error initialising WSDL Service Proxy for \"%s\": %s %s" % \ 91 (self.__wsdl, e.status, e.reason) 92 88 93 except Exception, e: 89 raise LogClientError (\90 "Initialising WSDL Service Proxy: " + str(e) )94 raise LogClientError, \ 95 "Initialising WSDL Service Proxy: " + str(e) 91 96 92 97 -
TI12-security/trunk/python/NDG/Session.py
r1203 r1301 53 53 from NDG.SecurityClient import SessionClient 54 54 from NDG.SecurityClient import SessionClientError 55 56 # Use to pipe output from ZSI ServiceProxy57 from cStringIO import StringIO58 55 59 56 # Use in SessionMgr __redirectAuthorisationReq to retrieve and store Public … … 950 947 # Get public key using WS 951 948 try: 952 aaSrv = ServiceProxy(reqKeys['aaWSDL'], use_wsdl=True) 953 954 pubKeyReq = AttAuthorityIO.PubKeyReq() 955 resp = aaSrv.getPubKey(pubKeyReq=pubKeyReq()) 956 957 pubKeyResp = AttAuthorityIO.PubKeyResp(\ 958 xmlTxt=resp['pubKeyResp']) 959 960 if 'errMsg' in pubKeyResp and pubKeyResp['errMsg']: 961 raise Exception(pubKeyResp['errMsg']) 962 963 reqKeys['aaPubKey'] = pubKeyResp['pubKey'] 964 949 aaClnt = AttAuthorityClient(aaWSDL=reqKeys['aaWSDL']) 950 reqKeys['aaPubKey'] = aaClnt.getPubKey() 951 965 952 except Exception, e: 966 raise SessionMgrError (\967 "Retrieving Attribute Authority public key: "+ str(e) )953 raise SessionMgrError, \ 954 "Retrieving Attribute Authority public key: "+ str(e) 968 955 969 956 -
TI12-security/trunk/python/NDG/SimpleCAClient.py
r930 r1301 15 15 import cElementTree as ElementTree 16 16 from ZSI import ServiceProxy 17 from ZSI.wstools.Utility import HTTPResponse 17 18 import socket # handle socket errors from WS 18 19 from CertReq import * … … 196 197 197 198 if 'wsdl' not in self.__prop: 198 raise SimpleCAClientError ("Creating WS proxy: WSDL is not set")199 raise SimpleCAClientError, "Creating WS proxy: WSDL is not set" 199 200 200 201 try: 201 202 self.__srvPx = ServiceProxy(self.__prop['wsdl'], use_wsdl=True) 202 203 203 except Exception, e: 204 raise SimpleCAClientError("Creating WS proxy: %s" % e) 204 except HTTPResponse, e: 205 raise SimpleCAClientError, \ 206 "Error initialising WSDL Service Proxy for \"%s\": %s %s" % \ 207 (self.__prop['wsdl'], e.status, e.reason) 208 209 except Exception, e: 210 raise SimpleCAClientError, \ 211 "Initialising WSDL Service Proxy for \"%s\": %s %s" % \ 212 (self.__prop['wsdl'], e.status, e.reason) 205 213 206 214 -
TI12-security/trunk/python/README
r1257 r1301 1 NDG Security Alpha Release (version 0.70-Alpha) 29/06/062 ________________________________________________________ 1 NDG Security Post-Alpha Release (version development 14/07/06) 2 _____________________________________________________________ 3 3 4 4 To install: -
TI12-security/trunk/python/setup.py
r1257 r1301 18 18 { 19 19 'name': 'NDG-Security', 20 'version': ' 0.71-Alpha',20 'version': 'Development Post-Alpha', 21 21 'description': 'NERC DataGrid Security Utilities', 22 22 'author': 'P J Kershaw',
Note: See TracChangeset
for help on using the changeset viewer.
