Changeset 4158
- Timestamp:
- 01/09/08 14:37:03 (13 years ago)
- Location:
- TI12-security/trunk/python
- Files:
-
- 8 added
- 12 edited
Legend:
- Unmodified
- Added
- Removed
-
TI12-security/trunk/python/ndg.security.server/ndg/security/server/AttAuthority/__init__.py
r4139 r4158 41 41 42 42 from ndg.security.common.utils.ConfigFileParsers import readAndValidateProperties 43 from ndg.security.common.utils.ClassFactory import instantiateClass 43 44 44 45 #_____________________________________________________________________________ … … 130 131 read. Set this flag to False to override. 131 132 """ 132 log.info("Initialising service ... 133 log.info("Initialising service ...") 133 134 134 135 # Base class initialisation … … 182 183 self.__issuerSerialNumber = self.__cert.serialNumber 183 184 184 185 185 # Load host sites custom user roles interface to enable the AA to 186 186 # assign roles in an attribute certificate on a getAttCert request 187 self.loadUserRolesInterface() 188 187 self.__userRoles = instantiateClass(self.__prop['userRolesModName'],\ 188 self.__prop['userRolesClassName'],\ 189 moduleFilePath=self.__prop.get('userRolesModFilePath'),\ 190 objectType=AAUserRoles, \ 191 classProperties=self.__prop.get('userRolesPropFile')) 189 192 190 193 attCertFilePath = os.path.join(self.__prop['attCertDir'], … … 201 204 ''' 202 205 # Configuration file properties are held together in a dictionary 203 self.__prop = readAndValidateProperties(self.propFilePath, validKeys=AttAuthority.__validKeys) 206 self.__prop = readAndValidateProperties(self.propFilePath, \ 207 validKeys=AttAuthority.__validKeys) 204 208 205 209 # add the WS-security properties to the main properties … … 220 224 'Invalid directory path Attribute Certificates store "%s": %s' % \ 221 225 (self.__prop['attCertDir'], osError.strerror) 222 223 #_________________________________________________________________________224 def loadUserRolesInterface(self):225 """Set-up user roles interface - load host sites custom AAUserRoles226 derived class. This class interfaces with the sites mechanism for227 mapping user ID to the roles to which they are entitled. This228 could be via a user database"""229 230 log.debug("Loading User roles interface ...")231 try:232 try:233 # Module file path may be None if the new module to be loaded234 # can be found in the existing system path235 if self.__prop['userRolesModFilePath'] is not None:236 if not os.path.exists(\237 self.__prop['userRolesModFilePath']):238 raise Exception, "File path '%s' doesn't exist" % \239 self.__prop['userRolesModFilePath']240 241 # Temporarily extend system path ready for import242 sysPathBak = sys.path[:]243 244 sys.path.append(self.__prop['userRolesModFilePath'])245 246 # Import module name specified in properties file247 userRolesMod = __import__(self.__prop['userRolesModName'],248 globals(),249 locals(),250 [self.__prop['userRolesClassName']])251 252 userRolesClass = eval('userRolesMod.' + \253 self.__prop['userRolesClassName'])254 finally:255 try:256 sys.path[:] = sysPathBak257 except NameError:258 # sysPathBak may not have been defined259 pass260 261 except Exception, e:262 raise AttAuthorityError,'Importing User Roles module: %s' % str(e)263 264 # Check class inherits from AAUserRoles abstract base class265 if not issubclass(userRolesClass, AAUserRoles):266 raise AttAuthorityError, \267 "User Roles class %s must be derived from AAUserRoles" % \268 self.__prop['userRolesClassName']269 270 271 # Instantiate custom class272 try:273 self.__userRoles=userRolesClass(self.__prop['userRolesPropFile'])274 275 except Exception, e:276 raise AttAuthorityError, \277 "Error instantiating User Roles interface: " + str(e)278 279 log.info(\280 'Instantiated "%s" class from user roles module: "%s" in "%s"' %\281 (self.__prop['userRolesClassName'],282 self.__prop['userRolesModName'],283 self.__prop['userRolesModFilePath']))284 226 285 227 -
TI12-security/trunk/python/ndg.security.server/ndg/security/server/SessionMgr/__init__.py
r4144 r4158 14 14 15 15 # Modify sys.path when carrying out dynamic import for Credential Repository 16 import sys 16 import sys, os 17 17 18 18 # Time module for use with cookie expiry … … 44 44 X509CertExpired, X509CertInvalidNotBeforeTime 45 45 46 # MyProxy server interface47 from ndg.security.server.MyProxy import *48 49 46 # Use client package to allow redirection of authorisation requests and 50 47 # to retrieve Attribute Authority public key … … 57 54 from ndg.security.common.utils.ConfigFileParsers import readAndValidateProperties 58 55 56 # utility to instantiate classes dynamically 57 from ndg.security.common.utils.ClassFactory import instantiateClass 59 58 # Use in SessionMgr __redirectAttCertReq to retrieve and store Public 60 59 # key … … 343 342 344 343 # valid configuration property keywords 344 WS_SETTINGS_KEY = 'WS-Security' 345 AUTHN_KEY_NAME = 'authNServiceProp' 346 CRED_REPOS_KEY_NAME = 'credReposProp' 347 345 348 __validElem = \ 346 349 { … … 353 356 'sessMgrURI': None, 354 357 'cookieDomain': None, 355 ' myProxyProp':None,356 'credReposProp': ('modFilePath', 'modName', 'className',358 'authNServiceProp': None, 359 CRED_REPOS_KEY_NAME: ('modFilePath', 'modName', 'className', 357 360 'propFile'), 358 361 'simpleCACltProp': ('uri', 'xmlSigKeyFile', 'xmlSigCertFile', … … 362 365 __confDir = "conf" 363 366 __propFileName = "sessionMgrProperties.xml" 364 365 WS_SETTINGS_KEY = 'WS-Security'366 367 367 368 #_________________________________________________________________________ … … 390 391 # setProperties/readProperties and then loadCredReposInterface 391 392 self.__credRepos = None 392 393 # MyProxy interface394 try:395 self.__myPx = MyProxyClient()396 397 except Exception, e:398 raise SessionMgrError("Creating MyProxy interface: %s" % e)399 393 400 394 # Set from input or use defaults based or environment variables … … 404 398 self.readProperties() 405 399 400 # Instantiate the authentication service to use with the session manager 401 self.__authNService = instantiateClass( 402 self.__prop[self.AUTHN_KEY_NAME].get('moduleName'),\ 403 self.__prop[self.AUTHN_KEY_NAME].get('className'),\ 404 moduleFilePath=self.__prop[self.AUTHN_KEY_NAME].get('moduleFilePath'),\ 405 objectType=AbstractAutheNService, \ 406 classProperties=self.__prop[self.AUTHN_KEY_NAME]) 407 408 406 409 # Call here as we can safely expect that all Credential Repository 407 410 # parameters have been set above 408 self.loadCredReposInterface() 409 411 self.__credRepos = instantiateClass( 412 self.__prop[self.CRED_REPOS_KEY_NAME].get('modName'),\ 413 self.__prop[self.CRED_REPOS_KEY_NAME].get('className'),\ 414 moduleFilePath=self.__prop[self.CRED_REPOS_KEY_NAME].get('modFilePath'),\ 415 objectType=CredRepos, \ 416 classProperties=self.__prop[self.CRED_REPOS_KEY_NAME]) 417 410 418 # Set any properties that were provided by keyword input 411 # 412 # Nb. If any are duplicated with tags in the properties file they 419 # NB If any are duplicated with tags in the properties file they 413 420 # will overwrite the latter 414 #415 # loadCredReposInterface must be called explicitly if propFilePath416 # wasn't set. This is because if properties are passed by keyword417 # alone there is no guarantee that those needed to load the interface418 # will be present. readProperties however, requires that all the419 # required parameters are present in the properties file.420 421 self.setProperties(**prop) 421 422 423 #_________________________________________________________________________424 def loadCredReposInterface(self, credReposPPhrase=None, Force=False):425 """426 Pick up and instantiate Credential Repository interface class from427 properties file settings/keywords set by setProperties/__init__428 429 @type credReposPPhrase: string430 @param credReposPPhrase: password for CredentialRepository database431 This is passed into the Credential Repository object but may not432 be needed. e.g. the custom class could pick up a password from433 the properties file for it - ['credRepos']['propFilePath']434 435 @type Force: boolean436 @param Force: flag to force reload of Credential Repository instance437 """438 439 log.debug("Loading Credential Repository interface ...")440 441 # Don't bother if object has already been created. Use Force=True442 # to override and force reload443 if Force is False and self.__credRepos is not None:444 return445 446 # Credentials repository - permanent store of user credentials447 try:448 try:449 # Module file path may be None if the new module to be loaded450 # can be found in the existing system path451 if self.__prop['credReposProp']['modFilePath'] is not None:452 # Temporarily extend system path ready for import453 sysPathBak = sys.path[:]454 455 if not os.path.exists(\456 self.__prop['credReposProp']['modFilePath']):457 raise Exception, "File path '%s' doesn't exist" % \458 self.__prop['credReposProp']['modFilePath']459 460 sys.path.append(\461 self.__prop['credReposProp']['modFilePath'])462 463 # Import module name specified in properties file464 credReposMod = \465 __import__(self.__prop['credReposProp']['modName'],466 globals(),467 locals(),468 [self.__prop['credReposProp']['className']])469 470 credReposClass = eval(\471 'credReposMod.' + self.__prop['credReposProp']['className'])472 finally:473 try:474 sys.path[:] = sysPathBak475 except NameError:476 # sysPathBak may not have been defined477 pass478 479 except KeyError, e:480 raise SessionMgrError('Missing %s element for credential '481 'repository module import' % str(e))482 483 except Exception, e:484 raise SessionMgrError('Importing credential repository module: %s'\485 % str(e))486 487 # Check class inherits from CredWallet.CredRepos abstract base class488 if not issubclass(credReposClass, CredRepos):489 raise SessionMgrError("Credential Repository class %s must be "490 "inherited from %s" % \491 (credReposClass, CredRepos))492 493 # Instantiate custom class494 try:495 self.__credRepos = credReposClass(\496 propFilePath=self.__prop['credReposProp']['propFile'],497 dbPPhrase=credReposPPhrase)498 499 except Exception, e:500 raise SessionMgrError(501 "Error instantiating Credential Repository interface: " + str(e))502 503 log.info(\504 'Instantiated "%s" class from Credential Repository module: "%s" file path %s' % \505 (self.__prop['credReposProp']['className'],506 self.__prop['credReposProp']['modName'],507 self.__prop['credReposProp']['modFilePath'] or "from PYTHONPATH"))508 509 422 510 423 #_________________________________________________________________________ … … 624 537 continue 625 538 626 if key == 'myProxyProp': 627 self.__myPx.setProperties(**val) 628 629 elif key == 'credReposProp': 539 if key == self.CRED_REPOS_KEY_NAME: 630 540 # Check for missing elements 631 541 missingElem.extend(getMissingElem(\ 632 self.__validElem[ 'credReposProp'],633 self.__prop[ 'credReposProp']))542 self.__validElem[self.CRED_REPOS_KEY_NAME], 543 self.__prop[self.CRED_REPOS_KEY_NAME])) 634 544 635 545 elif key == 'simpleCACltProp': … … 640 550 641 551 642 missingElem.extend(getMissingElem(self.__ prop, self.__validElem))552 missingElem.extend(getMissingElem(self.__validElem, self.__prop)) 643 553 errMsg = '' 644 554 … … 665 575 for key, value in prop.items(): 666 576 667 if key == ' myProxyProp':668 self.__ myPx.setProperties(prop[key])669 670 elif key == 'credReposProp':671 self.__prop[ 'credReposProp'] = prop[key].copy()577 if key == 'authNProp': 578 self.__authNService.setProperties(prop[key]) 579 580 elif key == self.CRED_REPOS_KEY_NAME: 581 self.__prop[self.CRED_REPOS_KEY_NAME] = prop[key].copy() 672 582 673 583 elif key in self.__validElem: … … 681 591 raise SessionMgrError(\ 682 592 "Key \"%s\" is not a valid Session Manager property" % key) 683 684 685 #_________________________________________________________________________686 def addUser(self, username, passphrase=None):687 """Register a new user with an NDG data centre688 689 addUser([caConfigFilePath, ]|[, caPassPhrase]690 |[, userName=u, pPhrase=p])691 692 returns XML formatted response message693 694 caConfigFilePath|caPassPhrase: pass phrase for SimpleCA's695 certificate. Set via file or direct696 string input respectively. Set here697 to override setting [if any] made at698 object creation.699 700 Passphrase is only required if701 SimpleCA is instantiated on the local702 machine. If SimpleCA WS is called no703 passphrase is required.704 705 **kw: use as alternative to706 reqXMLtxt keyword - pass in707 username and pass-phrase for new user708 unencrypted as keywords username709 and pPhrase respectively."""710 711 log.debug("Calling SessionMgr.addUser ...")712 713 # Ask CA to sign certificate714 715 # Add new user certificate to MyProxy Repository716 self.__myPx.store(username,717 certFile,718 keyFile,719 ownerCertFile=None,720 ownerKeyFile=None,721 ownerPassphrase=None,722 lifetime=None,723 force=True)724 725 return userDN726 593 727 594 … … 833 700 # Get a proxy certificate to represent users ID for the new 834 701 # session 835 userCreds = self.__ myPx.logon(username, passphrase)702 userCreds = self.__authNService.logon(username, passphrase) 836 703 837 704 # unpack … … 902 769 *creds) 903 770 except Exception, e: 904 raise SessionMgrError("Creating User Session: %s" % e) 771 raise SessionMgrError( 772 "Error occurred whilst creating User Session: %s" % e) 905 773 906 774 # Also allow access by user DN … … 1211 1079 log.debug("Calling SessionMgr.auditCredRepos ...") 1212 1080 self.__credRepos.auditCredentials() 1081 1082 1083 class AbstractAutheNService: 1084 """ 1085 An abstract base class to define the authentication service interface for use 1086 with a SessionMgr service 1087 """ 1088 1089 # valid configuration property keywords 1090 __validKeys = ('hostname', 1091 'port', 1092 'serverDN', 1093 'serverCNprefix', 1094 'gridSecurityDir', 1095 'openSSLConfFilePath', 1096 'tmpDir', 1097 'proxyCertMaxLifetime', 1098 'proxyCertLifetime', 1099 'caCertFile') 1100 1101 def __init__(self, propFilePath=None, **prop): 1102 """Make an initial settings for client connections to MyProxy 1103 1104 Settings are held in a dictionary which can be set from **prop, 1105 a call to setProperties() or by passing settings in an XML file 1106 given by propFilePath 1107 1108 @param propFilePath: set properties via a configuration file 1109 @param **prop: set properties via keywords - see __validKeys 1110 class variable for a list of these 1111 """ 1112 pass 1113 1114 1115 def setProperties(self, **prop): 1116 """Update existing properties from an input dictionary 1117 Check input keys are valid names""" 1118 raise NotImplementedError, \ 1119 self.getRoles.__doc__.replace('\n ','') 1120 1121 1122 def logon(self, username, passphrase, lifetime=None): 1123 """ 1124 Retrieve a proxy credential from a proxy server 1125 1126 @type username: basestring 1127 @param username: username of credential 1128 1129 @type passphrase: basestring 1130 @param passphrase: pass-phrase for private key of credential held on 1131 server 1132 1133 @type lifetime: int 1134 @param lifetime: lifetime for generated certificate 1135 1136 @raise GetError: 1137 @raise RetrieveError: 1138 @rtype: tuple 1139 @return credentials as strings in PEM format: the 1140 user certificate, its private key and the issuing certificate. The 1141 issuing certificate is only set if the user certificate is a proxy 1142 """ 1143 raise NotImplementedError, \ 1144 self.getRoles.__doc__.replace('\n ','') 1145 -
TI12-security/trunk/python/ndg.security.server/ndg/security/server/conf/sessionMgr.cfg
r4139 r4158 109 109 110 110 111 # MyProxy Clientproperties112 [ myProxyProp]111 # Authentication service properties 112 [authNServiceProp] 113 113 # Delete this element and take setting from MYPROXY_SERVER environment 114 114 # variable if required -
TI12-security/trunk/python/ndg.security.server/ndg/security/server/conf/sessionMgrProperties.xml
r4139 r4158 61 61 --> 62 62 <cookieDomain></cookieDomain> 63 <!-- MyProxy Client properties --> 64 <myProxyProp> 63 <!-- Proxy Client properties --> 64 <authNServiceProp> 65 <moduleFilePath></moduleFilePath> 66 <moduleName>ndg.security.server.authenservice.session_mgr_my_proxy_client</moduleName> 67 <className>SessionMgrMyProxyClient</className> 68 <!-- If properties file specified, the contents will augment/override any 69 other properties set here --> 70 <propertiesFile></propertiesFile> 65 71 <!-- 66 72 Delete this element and take setting from MYPROXY_SERVER environment … … 109 115 --> 110 116 <caCertFile>$NDGSEC_DIR/conf/certs/cacert.pem</caCertFile> 111 </ myProxyProp>117 </authNServiceProp> 112 118 <!-- 113 119 Properties for a Session Manager client to a Simple CA. -
TI12-security/trunk/python/ndg.security.test/ndg/security/test/attAuthority/siteAAttAuthorityProperties.xml
r4139 r4158 22 22 <caCertFilePathList> 23 23 <caCertFile>$NDGSEC_AACLNT_UNITTEST_DIR/ca/ndg-test-ca.crt</caCertFile> 24 <caCertFile>$NDGSEC_AACLNT_UNITTEST_DIR/ca/cacert.pem</caCertFile>25 24 <!-- 26 25 To also trust certificates issued from your MyProxy CA, replace -
TI12-security/trunk/python/ndg.security.test/ndg/security/test/attAuthority/siteBAttAuthorityProperties.xml
r4139 r4158 21 21 <caCertFilePathList> 22 22 <caCertFile>$NDGSEC_AACLNT_UNITTEST_DIR/ca/ndg-test-ca.crt</caCertFile> 23 <caCertFile>$NDGSEC_AACLNT_UNITTEST_DIR/ca/cacert.pem</caCertFile>24 23 <!-- 25 24 To also trust certificates issued from your MyProxy CA, replace -
TI12-security/trunk/python/ndg.security.test/ndg/security/test/sessionMgr/sessionMgrProperties.xml
r4139 r4158 42 42 <sessMgrURI>https://localhost:5700/SessionManager</sessMgrURI> 43 43 <cookieDomain></cookieDomain> 44 <myProxyProp> 44 <authNServiceProp> 45 <moduleFilePath></moduleFilePath> 46 <moduleName>ndg.security.test.authenservice.test_authen_service</moduleName> 47 <className>TestAutheNService</className> 48 <!-- If properties file specified, the contents will augment/override any 49 other properties set here --> 50 <propertiesFile></propertiesFile> 45 51 <!-- 46 52 Delete this element and take setting from MYPROXY_SERVER environment … … 85 91 --> 86 92 <proxyCertLifetime>43200</proxyCertLifetime> <!-- in seconds --> 87 <caCertFile>$NDGSEC_SM_UNITTEST_DIR/ ndg-test-ca.crt</caCertFile>88 </ myProxyProp>93 <caCertFile>$NDGSEC_SM_UNITTEST_DIR/ca/ndg-test-ca.crt</caCertFile> 94 </authNServiceProp> 89 95 <simpleCACltProp> 90 96 <uri></uri> -
TI12-security/trunk/python/ndg.security.test/ndg/security/test/sessionMgr/sessionMgrTest.cfg
r3192 r4158 17 17 # Note also setting for test3ConnectNoCreateServerSess test below. 18 18 username = testuser 19 #passphrase = testpassword19 passphrase = testpassword 20 20 21 21 [test2GetSessionStatus] … … 23 23 [test3ConnectNoCreateServerSess] 24 24 username = testuser 25 #passphrase = testpassword25 passphrase = testpassword 26 26 27 27 [test6GetAttCertWithSessID] 28 aaURI = http://localhost: 5000/AttributeAuthority28 aaURI = http://localhost:4900/AttributeAuthority 29 29 acOutFilePath = $NDGSEC_SM_UNITTEST_DIR/ac-out.xml 30 30 -
TI12-security/trunk/python/ndg.security.test/ndg/security/test/sessionMgr/test.py
r4120 r4158 29 29 30 30 import logging 31 logging.basicConfig(level=logging. ERROR)31 logging.basicConfig(level=logging.DEBUG) 32 32 33 33 … … 59 59 propFilePath = xpdVars(self.cfg.get('setUp', 'propFilePath')) 60 60 self.sm = SessionMgr(propFilePath=propFilePath) 61 62 63 def test1Connect(self): 64 """test1Connect: make a new session""" 65 66 print "\n\t" + self.test1Connect.__doc__ 67 61 62 def sessionMgrConnect(self): 63 print "Connecting to session manager..." 68 64 username = self.cfg.get('test1Connect', 'username') 69 70 65 if SessionMgrTestCase.test1Passphrase is None and \ 71 66 self.cfg.has_option('test1Connect', 'passphrase'): … … 77 72 prompt="\ntest1Connect pass-phrase for user %s: " % username) 78 73 74 print "Connecting to session manager as user: %s..." %username 79 75 userCert, self.userPriKey, self.issuingCert, self.sessID = \ 80 76 self.sm.connect(username=username, … … 88 84 self.userPriKey)) 89 85 open(mkPath("user.creds"), "w").write(creds) 86 print "Finished setting up connection" 87 88 89 def test1Connect(self): 90 """test1Connect: make a new session""" 91 92 username = self.cfg.get('test1Connect', 'username') 93 if SessionMgrTestCase.test1Passphrase is None and \ 94 self.cfg.has_option('test1Connect', 'passphrase'): 95 SessionMgrTestCase.test1Passphrase = \ 96 self.cfg.get('test1Connect', 'passphrase') 97 98 if not SessionMgrTestCase.test1Passphrase: 99 SessionMgrTestCase.test1Passphrase = getpass.getpass(\ 100 prompt="\ntest1Connect pass-phrase for user %s: " % username) 101 102 print "Connecting to session manager as user: %s..." %username 103 userCert, self.userPriKey, self.issuingCert, self.sessID = \ 104 self.sm.connect(username=username, 105 passphrase=SessionMgrTestCase.test1Passphrase) 106 self.userCert = X509CertParse(userCert) 107 108 print "User '%s' connected to Session Manager:\n%s" % \ 109 (username, self.sessID) 110 creds='\n'.join((self.issuingCert or '', 111 self.userCert.asPEM().strip(), 112 self.userPriKey)) 113 open(mkPath("user.creds"), "w").write(creds) 90 114 91 115 92 116 def test2GetSessionStatus(self): 93 117 """test2GetSessionStatus: check a session is alive""" 94 print "\n\t" + self.test2GetSessionStatus.__doc__ 95 96 self.test1Connect() 118 119 self.sessionMgrConnect() 97 120 assert self.sm.getSessionStatus(sessID=self.sessID), "Session is dead" 98 121 print "User connected to Session Manager with sessID=%s" % self.sessID … … 107 130 sessID should be None""" 108 131 109 print "\n\t" + self.test3ConnectNoCreateServerSess.__doc__110 111 132 username = self.cfg.get('test3ConnectNoCreateServerSess', 'username') 112 133 … … 138 159 """ 139 160 140 print "\n\t" + self.test4DisconnectWithSessID.__doc__ 141 self.test1Connect() 161 self.sessionMgrConnect() 142 162 self.sm.deleteUserSession(sessID=self.sessID) 143 163 … … 149 169 """ 150 170 151 print "\n\t" + self.test5DisconnectWithUserCert.__doc__ 152 self.test1Connect() 171 self.sessionMgrConnect() 153 172 154 173 # Proxy cert in signature determines ID of session to … … 162 181 a session ID as authentication credential""" 163 182 164 print "\n\t" + self.test6GetAttCertWithSessID.__doc__ 165 self.test1Connect() 183 self.sessionMgrConnect() 166 184 167 185 attCert, errMsg, extAttCertList = self.sm.getAttCert(\ … … 184 202 Attribute Authority where the user is NOT registered""" 185 203 186 print "\n\t" + self.test6aGetAttCertRefusedWithSessID.__doc__ 187 self.test1Connect() 204 self.sessionMgrConnect() 188 205 189 206 aaURI = self.cfg.get('test6aGetAttCertRefusedWithSessID', 'aauri') … … 203 220 a session ID as authentication credential""" 204 221 205 print "\n\t" + self.test6bGetMappedAttCertWithSessID.__doc__ 206 self.test1Connect() 222 self.sessionMgrConnect() 207 223 208 224 # Attribute Certificate cached in test 6 can be used to get a mapped … … 225 241 a session ID as authentication credential""" 226 242 227 print "\n\t" + \ 228 self.test6cGetAttCertWithExtAttCertListWithSessID.__doc__ 229 self.test1Connect() 243 self.sessionMgrConnect() 230 244 231 245 aaURI = \ … … 251 265 """test7GetAttCertWithUserCert: make an attribute request using 252 266 a user cert as authentication credential""" 253 print "\n\t" + self.test7GetAttCertWithUserCert.__doc__ 254 self.test1Connect() 267 self.sessionMgrConnect() 255 268 256 269 # Request an attribute certificate from an Attribute Authority -
TI12-security/trunk/python/ndg.security.test/ndg/security/test/sessionMgrClient/sessionMgrProperties.xml
r4139 r4158 48 48 <sessMgrURI>https://localhost:5700/SessionManager</sessMgrURI> 49 49 <cookieDomain></cookieDomain> 50 <myProxyProp> 50 <simpleCACltProp> 51 <uri></uri> 52 <xmlSigKeyFile></xmlSigKeyFile> 53 <xmlSigCertFile></xmlSigCertFile> 54 <xmlSigCertPwd></xmlSigCertPwd> 55 </simpleCACltProp> 56 <credReposProp> 57 <modFilePath></modFilePath> 58 <modName>ndg.security.common.CredWallet</modName> 59 <className>NullCredRepos</className> 60 <propFile></propFile> 61 </credReposProp> 62 <authNServiceProp> 63 <moduleFilePath>$NDGSEC_AACLNT_UNITTEST_DIR</moduleFilePath> 64 <moduleName>ndg.security.server.authenservice.session_mgr_my_proxy_client</moduleName> 65 <className>SessionMgrMyProxyClient</className> 66 <!-- If properties file specified, the contents will augment/override any 67 other properties set here --> 68 <propertiesFile></propertiesFile> 51 69 <!-- 52 70 Delete this element and take setting from MYPROXY_SERVER environment … … 92 110 <proxyCertLifetime>43200</proxyCertLifetime> <!-- in seconds --> 93 111 <caCertFile>$NDGSEC_SMCLNT_UNITTEST_DIR/ca/cacert.pem</caCertFile> 94 </myProxyProp> 95 <simpleCACltProp> 96 <uri></uri> 97 <xmlSigKeyFile></xmlSigKeyFile> 98 <xmlSigCertFile></xmlSigCertFile> 99 <xmlSigCertPwd></xmlSigCertPwd> 100 </simpleCACltProp> 101 <credReposProp> 102 <modFilePath></modFilePath> 103 <modName>ndg.security.common.CredWallet</modName> 104 <className>NullCredRepos</className> 105 <propFile></propFile> 106 </credReposProp> 112 </authNServiceProp> 113 107 114 </sessMgrProp> -
TI12-security/trunk/python/ndg.security.test/ndg/security/test/utils/sessionMgr.cfg
r4139 r4158 109 109 110 110 111 # MyProxy Client properties 112 [myProxyProp] 111 # Authentication service properties 112 [authNServiceProp] 113 moduleFilePath: 114 moduleName: ndg.security.server.authenservice.session_mgr_my_proxy_client 115 className: SessionMgrMyProxyClient 116 propertiesFile: 113 117 # Delete this element and take setting from MYPROXY_SERVER environment 114 118 # variable if required -
TI12-security/trunk/python/ndg.security.test/ndg/security/test/utils/sessionMgrProperties.xml
r4139 r4158 62 62 <cookieDomain></cookieDomain> 63 63 <!-- MyProxy Client properties --> 64 < myProxyProp>64 <authNServiceProp> 65 65 <!-- 66 66 Delete this element and take setting from MYPROXY_SERVER environment … … 109 109 --> 110 110 <caCertFile>$NDGSEC_DIR/conf/certs/cacert.pem</caCertFile> 111 </ myProxyProp>111 </authNServiceProp> 112 112 <!-- 113 113 Properties for a Session Manager client to a Simple CA.
Note: See TracChangeset
for help on using the changeset viewer.