Changeset 625

Timestamp:

16/02/06 09:08:49 (15 years ago)

Author:

pjkersha

Message:

security.py:

• added bDebug as private attribute to class.
• SessionClient?.addUser doesn't need returned var

NDG.BAK: back-up not needed

SimpleCAClient.py: use os.path.expandvars() to allow environment variables to be
referenced in properties file.

AttAuthority?.py: fixed ref to 'usrRolesClassName' in if error block.

SessionClient?.py: addUser method if 'errMsg' in addUserResp and addUserResperrMsg?:
NOT if 'errMsg' in addUserResp and 'errMsg':

Location:

TI12-security/trunk/python

Files:

• NDG.BAK (deleted)
• NDG/AttAuthority.py (modified) (1 diff)
• NDG/SessionClient.py (modified) (4 diffs)
• NDG/SimpleCAClient.py (modified) (1 diff)
• Tests/security.py (modified) (12 diffs)

TI12-security/trunk/python/NDG/AttAuthority.py

@@ -164 +164 @@
             raise AttAuthorityError('Importing User Roles module: %s' % e)
 
-                                 
         # Check class inherits from AAUserRoles abstract base class
         if not issubclass(usrRolesClass, AAUserRoles):
             raise AttAuthorityError(\
                 "User Roles class %s must be derived from AAUserRoles" % \
-                usrRolesClassName)
+                self.__prop['usrRolesClassName'])
 
 

TI12-security/trunk/python/NDG/SessionClient.py

@@ -137 +137 @@
                                     pPhrase=pPhrase,
                                     encrPubKeyFilePath=smEncrPubKeyFilePath) 
-    
+
             # Pass encrypted request
-            resp = self.__smSrv.addUser(addUserReq=addUserReq())
+            resp = self.__smSrv.addUser(addUserReq=addUserReq())            
             addUserResp = AddUserResp(xmlTxt=str(resp['addUserResp']))
-            if 'errMsg' in addUserResp and 'errMsg':
+            if 'errMsg' in addUserResp and addUserResp['errMsg']:
                 raise SessionClientError(addUserResp['errMsg'])
             
         except Exception, e:
-            raise SessionClientError("Error: " + str(e))
+            raise SessionClientError("Error adding new user: " + str(e))
     
         
@@ -194 +194 @@
             resp = self.__smSrv.connect(connectReq=connectReq())
             connectResp = ConnectResp(xmlTxt=str(resp['connectResp']))
-            if 'errMsg' in connectResp and 'errMsg':
+            if 'errMsg' in connectResp and connectResp['errMsg']:
                 raise Exception(connectResp['errMsg'])
             
@@ -294 +294 @@
         smEncrPubKeyFilePath = '../certs/badc-sm-cert.pem'
         
-        userName = 'selatham'#'pjkersha'
+        userName = 'aharwood'#'pjkersha'
 
         sessClnt = SessionClient(smWSDL=smWSDL,
@@ -300 +300 @@
                                  traceFile=sys.stderr)
         
-#        sessClnt.addUser(userName, pPhraseFilePath="../tmp")
-        sSessCookie = sessClnt.connect(userName, pPhraseFilePath="../tmp")
-        sessCookie = SimpleCookie(sSessCookie)
-        authResp = sessClnt.reqAuthorisation(sessCookie['NDG-ID1'].value, 
-                                             sessCookie['NDG-ID2'].value,
-                                             aaWSDL=aaWSDL)
+        sessClnt.addUser(userName, pPhraseFilePath="../tmp")
+#        sSessCookie = sessClnt.connect(userName, pPhraseFilePath="../tmp")
+#        sessCookie = SimpleCookie(sSessCookie)
+#        authResp = sessClnt.reqAuthorisation(sessCookie['NDG-ID1'].value, 
+#                                             sessCookie['NDG-ID2'].value,
+#                                             aaWSDL=aaWSDL)
         print authResp
         

TI12-security/trunk/python/NDG/SimpleCAClient.py

@@ -177 +177 @@
         # Get properties from file as a data dictionary cutting out leading 
         # and trailing white space
-        prop = dict([(elem.tag, elem.text.strip()) for elem in propElem])
+        prop = {}
+        for elem in propElem:
+
+            # Check for environment variables in file paths
+            tagCaps = elem.tag.upper()
+            if 'FILE' in tagCaps or 'PATH' in tagCaps or 'DIR' in tagCaps:
+                elem.text = os.path.expandvars(elem.text)
+
+            prop[elem.tag] = elem.text.strip()
 
         # Update any existing values        

TI12-security/trunk/python/Tests/security.py

@@ -22 +22 @@
 from ZSI import ServiceProxy
 
+#if 'LD_LIBRARY_PATH' in os.environ:
+#    os.environ['LD_LIBRARY_PATH'] += ":/usr/local/NDG-Security/lib"
+#else:
+#    os.environ['LD_LIBRARY_PATH'] = "/usr/local/NDG-Security/lib"
+#
+#print "LD_LIBRARY_PATH=" + os.environ['LD_LIBRARY_PATH']
+
 from NDG.AttCert import *
 from NDG.SessionClient import *
@@ -47 +54 @@
                  passPhrase=None,
                  smEncrPubKeyFilePath=None,
-                 org=None):
+                 org=None,
+                         bDebug=False):
         """Omit username, passphrase and org if running from CGI"""
         
@@ -55 +63 @@
         self.__passPhrase = passPhrase
         self.__smEncrPubKeyFilePath = smEncrPubKeyFilePath
-
+        self.__bDebug = bDebug
 
         # Authenticating organisation
@@ -224 +232 @@
 <tr><td>User Name:</td> <td><input type=text name=userName value="">@
 <select name="org">
+    <option>BODC</option>
     <option>BADC</option>
-    <option>BODC</option>
     <option>PML</option>
     <option>NOCS</option>
@@ -270 +278 @@
     
     #_________________________________________________________________________
-    def addUser(self, bDebug=False):
+    def addUser(self):
         """Add a new NDG User account"""
 
@@ -279 +287 @@
             raise SecurityCGIError("No passphrase set")
 
-        if bDebug:
+        if self.__bDebug:
             traceFile = sys.stderr
         else:
             traceFile = None
-
-            
+           
         try:
             # Instantiate WS proxy and request connection
@@ -294 +301 @@
                         
 
-                resp = smClient.addUser(userName=self.__userName,
-                                        pPhrase=self.__passPhrase)
+                smClient.addUser(userName=self.__userName,
+                                 pPhrase=self.__passPhrase)
             except Exception, e:
-                # Socket error returns tuple - reformat to just give msg
                 raise SecurityCGIError("Session Client: " + str(e))
-            
-            if resp['errMsg']:
-                raise SecurityCGIError(str(resp['errMsg']))
 
             print \
@@ -337 +340 @@
     
     #_________________________________________________________________________
-    def authenticate(self, setCookie=True, bAuthorise=False, bDebug=False):
+    def authenticate(self, setCookie=True, bAuthorise=False):
         """Authenticate username and passphrase input from preceeding login
         form
@@ -344 +347 @@
                     recalled followed by authorisation"""
 
-        if bDebug:
+        if self.__bDebug:
             traceFile = sys.stderr
         else:
@@ -417 +420 @@
                   cookie=None,
                   reqRole='nercFunded',
-                  extTrustedHost='',
-                  bDebug=True):
+                  extTrustedHost=''):
         """Contact Attribute Authority to get Attribute Certificate for data
         access
@@ -426 +428 @@
                     testing"""
 
-        if bDebug:
+        if self.__bDebug:
             traceFile = sys.stderr
         else:
@@ -701 +703 @@
     smWSDL = "http://glue.badc.rl.ac.uk/sessionMgr.wsdl"
     aaWSDL = "http://glue.badc.rl.ac.uk/attAuthority.wsdl"
-    smPubKey = os.path.expandvars("/usr/local/NDG/conf/certs/badc-sm-cert.pem")
+    smPubKey = "/usr/local/NDG/conf/certs/badc-sm-cert.pem"
     
+
     # Instantiate and call CGI
-    security = SecurityCGI(smWSDL, aaWSDL, smEncrPubKeyFilePath=smPubKey)
+    security = SecurityCGI(smWSDL,
+                           aaWSDL,
+                           smEncrPubKeyFilePath=smPubKey,
+                           bDebug=True)
     security.cgi()