Changeset 6893
- Timestamp:
- 26/05/10 16:38:39 (11 years ago)
- Location:
- TI12-security/trunk/MyProxyServerUtils/myproxy
- Files:
-
- 3 added
- 1 deleted
- 9 edited
Legend:
- Unmodified
- Added
- Removed
-
TI12-security/trunk/MyProxyServerUtils/myproxy/__init__.py
r6888 r6893 15 15 __contact__ = "Philip.Kershaw@stfc.ac.uk" 16 16 __revision__ = '$Id$' 17 18 17 __import__('pkg_resources').declare_namespace(__name__) -
TI12-security/trunk/MyProxyServerUtils/myproxy/server/__init__.py
r6881 r6893 1 """MyProxy Server Utilities server package 2 """ 3 __author__ = "P J Kershaw" 4 __date__ = "21/05/10" 5 __copyright__ = "(C) 2010 Science and Technology Facilities Council" 6 __license__ = """BSD - See LICENSE file in top-level directory""" 7 __contact__ = "Philip.Kershaw@stfc.ac.uk" 8 __revision__ = '$Id$' -
TI12-security/trunk/MyProxyServerUtils/myproxy/server/test/__init__.py
r6892 r6893 20 20 21 21 def __init__(self, app=None, cfgFilePath=None, port=7443, host='0.0.0.0', 22 ssl_context=None ):22 ssl_context=None, withLoggingConfig=True): 23 23 """Load an application configuration from cfgFilePath ini file and 24 24 instantiate Paste server object … … 27 27 28 28 if cfgFilePath: 29 fileConfig(cfgFilePath) 29 if withLoggingConfig: 30 fileConfig(cfgFilePath) 30 31 app = loadapp('config:%s' % cfgFilePath) 31 32 -
TI12-security/trunk/MyProxyServerUtils/myproxy/server/test/myproxy-ws-logon.sh
r6892 r6893 10 10 # 11 11 # $Id$ 12 cmdline_opt=`getopt -o hU:l: o: --long help,uri,username,out-n "$0" -- "$@"`12 cmdline_opt=`getopt -o hU:l:So: --long help,uri:,username:,stdin_pass,out:: -n "$0" -- "$@"` 13 13 14 14 usage="Usage: myproxy-logon [-U MyProxy Web Service URI][-l username] ...\n … … 18 18 -U | --uri MyProxy web service URI\n 19 19 -l | --username <username> Username for the delegated proxy\n 20 -S | --stdin_pass pass password from stdin rather prompt from tty\n 20 21 -o | --out <path> Location of delegated proxy\n 21 22 (use '-' for stdout)\n … … 34 35 -U|--uri) uri=$2 ; shift 2 ;; 35 36 -l|--username) username=$2 ; shift 2 ;; 37 -S|--stdin_pass) stdin_pass=True ; shift 1 ;; 36 38 -o|--out) outfilepath=$2 ; shift 2 ;; 37 39 --) shift ; break ;; … … 52 54 53 55 # Read password 54 stty -echo 55 read -p "Enter MyProxy pass phrase: " password; echo 56 stty echo 56 if [ $stdin_pass ]; then 57 read password; 58 else 59 stty -echo 60 read -p "Enter MyProxy pass phrase: " password; echo 61 stty echo 62 fi 57 63 58 64 # Set-up trust root … … 82 88 83 89 # Post request to MyProxy web service passing username/password for HTTP Basic 84 # auth based authentication 85 wget $uri --http-user=$username --http-password=$password --post-file=./user.csr --ca-directory=$cadir -O $outfilepath 86 if [ $? ne 0 ]; then 90 # auth based authentication. 91 # Nb. 92 # 1) -t 1 to ensure only one attempt is made 93 # 2) --auth-no-challenge force sending of username/password to allow for servers that may not issue an authentication challenge 94 wget $uri --http-user=$username --http-password=$password --post-file=$certreqfilepath --ca-directory=$cadir -O $outfilepath -t 1 --auth-no-challenge 95 if [ "$?" != "0" ]; then 96 cat $outfilepath 87 97 exit 1 88 98 fi -
TI12-security/trunk/MyProxyServerUtils/myproxy/server/test/myproxywsgi.ini
r6888 r6893 22 22 myproxy.logonFuncEnvKeyName = MYPROXY_LOGON_FUNC 23 23 myproxy.rePathMatchList = /logon 24 myproxy.client.hostname = localhost 24 #myproxy.client.hostname = localhost 25 myproxy.client.hostname = myproxy.ceda.ac.uk 25 26 myproxy.client.caCertDir = /etc/grid-security/certificates -
TI12-security/trunk/MyProxyServerUtils/myproxy/server/test/test_myproxywsgi.cfg
r6888 r6893 15 15 username: pjk 16 16 password = mypassword 17 uri = https://localhost:10443/logon -
TI12-security/trunk/MyProxyServerUtils/myproxy/server/test/test_myproxywsgi_with_paster.py
r6892 r6893 11 11 from os import path, waitpid 12 12 from getpass import getpass 13 from cStringIO import StringIO 13 14 from ConfigParser import SafeConfigParser, NoOptionError 14 15 import subprocess … … 26 27 """Test MyProxy Logon App WSGI in Paster web application server container 27 28 """ 29 THIS_DIR = path.dirname(__file__) 28 30 INI_FILENAME = 'myproxywsgi.ini' 29 THIS_DIR = path.dirname(__file__)31 INI_FILEPATH = path.join(THIS_DIR, INI_FILENAME) 30 32 CONFIG_FILENAME = 'test_myproxywsgi.cfg' 31 33 CONFIG_FILEPATH = path.join(THIS_DIR, CONFIG_FILENAME) … … 34 36 35 37 SERVICE_PORTNUM = 10443 36 SCRIPT_CMD = 'myproxy-logon.sh' 37 WGET_USER_OPTNAME = '--http-user' 38 WGET_PASSWD_OPTNAME = '--http-password' 39 WGET_OUTPUT_OPTNAME = '--output-document' 40 WGET_STDOUT = '-' 38 SCRIPT_CMD = 'myproxy-ws-logon.sh' 39 SCRIPT_URI_OPTNAME = '--uri' 40 SCRIPT_USER_OPTNAME = '--username' 41 SCRIPT_PASSWD_OPTNAME = '--stdin_pass' 42 SCRIPT_OUTPUT_OPTNAME = '--out' 43 SCRIPT_STDIN_PASS = '--stdin_pass' 41 44 42 45 def __init__(self, *arg, **kw): … … 45 48 self.disableServiceStartup = False 46 49 47 self.cfg = SafeConfigParser({'here': MyProxyLogonAppTestCase.THIS_DIR})50 self.cfg = SafeConfigParser({'here': self.__class__.THIS_DIR}) 48 51 self.cfg.optionxform = str 49 self.cfg.read(MyProxyLogonAppWithPasterTestCase.CONFIG_FILEPATH) 52 self.cfg.read(self.__class__.CONFIG_FILEPATH) 53 54 # Start the MyProxy web service 55 self.addService(cfgFilePath=self.__class__.INI_FILEPATH, 56 port=self.__class__.SERVICE_PORTNUM, 57 withSSL=True, 58 withLoggingConfig=False) 50 59 51 60 def test01Script(self): 52 # Test wget/openssl script access61 # Test wget/openssl based client script access 53 62 username = self.cfg.get('test01Logon', 'username') 54 63 try: … … 57 66 password = getpass('test01Logon password: ') 58 67 59 cmd = "%s %s %s=%s %s=%s %s=%s" % ( 60 self.__class__.SCRIPT_CMD, uri, 61 self.__class__.WGET_USER_OPTNAME, username, 62 self.__class__.WGET_PASSWD_OPTNAME, password, 63 self.__class__.WGET_OUTPUT_OPTNAME, self.__class__.WGET_STDOUT 68 uri = self.cfg.get('test01Logon', 'uri') 69 70 cmd = ( 71 self.__class__.SCRIPT_CMD, 72 "%s=%s" % (self.__class__.SCRIPT_URI_OPTNAME, uri), 73 "%s=%s" % (self.__class__.SCRIPT_USER_OPTNAME, username), 74 self.__class__.SCRIPT_STDIN_PASS 64 75 ) 65 66 p = subprocess.Popen(cmd, shell=True) 67 status = waitpid(p.pid, 0) 68 self.failIf(status[-1] != 0, "Expecting 0 exit status for %r" % cmd) 76 77 p1 = subprocess.Popen(["echo", password], stdout=subprocess.PIPE) 78 p2 = subprocess.Popen(cmd, stdin=p1.stdout, stdout=subprocess.PIPE, 79 stderr=subprocess.PIPE, 80 env={'X509_CERT_DIR':self.__class__.THIS_DIR}) 81 stdoutdata, stderrdata = p2.communicate() 82 # self.failIf(status[-1] != 0, "Expecting 0 exit status for %r" % cmd) 83 print stdoutdata 69 84 70 85 def addService(self, *arg, **kw): … … 106 121 service.terminateThread() 107 122 108 super(MyProxyLogonAppWithPasterTestCase, self).__del__() 123 parentObj = super(MyProxyLogonAppWithPasterTestCase, self) 124 if hasattr(parentObj, '__del__'): 125 parentObj.__del__() 109 126 -
TI12-security/trunk/MyProxyServerUtils/myproxy/server/wsgi/httpbasicauth.py
r6888 r6893 7 7 __license__ = "BSD - see LICENSE file in top-level directory" 8 8 __contact__ = "Philip.Kershaw@stfc.ac.uk" 9 __revision__ = "$Id :$"9 __revision__ = "$Id$" 10 10 import logging 11 11 log = logging.getLogger(__name__) -
TI12-security/trunk/MyProxyServerUtils/myproxy/server/wsgi/middleware.py
r6888 r6893 20 20 from myproxy.client import MyProxyClient, MyProxyClientError 21 21 22 23 class MyProxyClientMiddlewareConfigError(Exception): 22 23 class MyProxyClientMiddlewareError(Exception): 24 """Runtime error with MyProxyClientMiddleware""" 25 26 27 class MyProxyClientMiddlewareConfigError(MyProxyClientMiddlewareError): 24 28 """Configuration error with MyProxyClientMiddleware""" 25 29 … … 185 189 wsgiInput = environ[ 186 190 MyProxyClientMiddleware.WSGI_INPUT_ENV_KEYNAME] 187 pemCertReq = wsgiInput.read() 191 192 contentLength = int(environ.get('CONTENT_LENGTH', -1)) 193 if contentLength == -1: 194 raise MyProxyClientMiddlewareError('No "CONTENT_LENGTH" ' 195 'setting found in ' 196 'environ') 197 198 pemCertReq = wsgiInput.read(contentLength) 188 199 189 200 # Restore WSGI file object with duck typing(!) … … 206 217 "request " % environ.get('REQUEST_METHOD', 207 218 '<Not set>')) 208 219 log.error(response) 220 start_response(status, 221 [('Content-length', str(len(response))), 222 ('Content-type', 'text/plain')]) 223 return [response] 224 209 225 try: 210 226 credentials = self.myProxyClient.logon(username, … … 219 235 220 236 except socket.error, e: 221 raise MyProxyClientMiddleware ConfigError("Socket error "237 raise MyProxyClientMiddlewareError("Socket error " 222 238 "with MyProxy server %r: %s" % 223 239 (self.myProxyClient.hostname, e))
Note: See TracChangeset
for help on using the changeset viewer.