Changeset 6937
- Timestamp:
- 04/06/10 16:40:43 (11 years ago)
- Location:
- TI12-security/trunk/MyProxyLogonWebService
- Files:
-
- 2 added
- 3 edited
- 1 moved
Legend:
- Unmodified
- Added
- Removed
-
TI12-security/trunk/MyProxyLogonWebService/myproxy/server/test/myproxy-ws-logon.sh
r6936 r6937 95 95 #wget $uri --http-user=$username --http-password=$password --post-file=$certreqfilepath --ca-directory=$cadir -O $outfilepath -t 1 --auth-no-challenge 96 96 #response=$(curl $uri -u $username:$password -d "$(cat $certreqfilepath)" --capath $cadir -w " %{http_code}" -s -S) 97 response=$(curl $uri -u $username:$password -F "certificate_request=@${certreqfilepath};type=text/plain" --capath $cadir -w " %{http_code}" -s -S) 97 #response=$(curl $uri -u $username:$password -F "certificate_request=@${certreqfilepath};get_trustroots=1" --capath $cadir -w " %{http_code}" -s -S) 98 response=$(curl $uri -u $username:$password --data-urlencode "certificate_request=$(cat $certreqfilepath)" --capath $cadir -w " %{http_code}" -s -S) 98 99 responsemsg=$(echo "$response"|sed '$s/ *\([^ ]* *\)$//') 99 100 responsecode=$(echo $response|awk '{print $NF}') -
TI12-security/trunk/MyProxyLogonWebService/myproxy/server/test/myproxywsgi.ini
r6897 r6937 24 24 myproxy.rePathMatchList = /logon 25 25 #myproxy.client.hostname = localhost 26 myproxy.client.hostname = myproxy.ceda.ac.uk26 myproxy.client.hostname = gabriel.badc.rl.ac.uk 27 27 myproxy.client.caCertDir = /etc/grid-security/certificates -
TI12-security/trunk/MyProxyLogonWebService/myproxy/server/wsgi/middleware.py
r6897 r6937 17 17 from cStringIO import StringIO 18 18 19 from webob import Request 19 20 from OpenSSL import crypto 21 20 22 from myproxy.client import MyProxyClient, MyProxyClientError 21 23 from myproxy.server.wsgi.httpbasicauth import HttpBasicAuthResponseException … … 45 47 'MyProxyClientMiddleware.logon') 46 48 47 WSGI_INPUT_ENV_KEYNAME = 'wsgi.input' 49 CERTIFICATE_REQUST_POST_PARAM_KEYNAME = 'certificate_request' 50 GET_TRUSTROOTS_PARAM_KEYNAME = 'get_trustroots' 51 GET_TRUSTROOTS_TRUE_STR = '1' 48 52 49 53 # Option prefixes … … 193 197 requestMethod) 194 198 raise HttpBasicAuthResponseException(response, 195 httplib.METHOD_NOT_ALLOWED) 196 197 wsgiInput = environ[MyProxyClientMiddleware.WSGI_INPUT_ENV_KEYNAME] 198 199 contentLength = int(environ.get('CONTENT_LENGTH', -1)) 200 if contentLength == -1: 201 raise MyProxyClientMiddlewareError('No "CONTENT_LENGTH" ' 202 'setting found in ' 203 'environ') 204 205 pemCertReq = wsgiInput.read(contentLength) 206 207 # Restore WSGI file object with duck typing(!) 208 wsgiInput = StringIO() 209 wsgiInput.write(pemCertReq) 210 wsgiInput.seek(0) 199 httplib.METHOD_NOT_ALLOWED) 200 201 request = Request(environ) 202 certReqKey = self.__class__.CERTIFICATE_REQUST_POST_PARAM_KEYNAME 203 pemCertReq = request.POST.get(certReqKey) 204 if pemCertReq is None: 205 response = "No %r form variable set" % certReqKey 206 log.error(response) 207 raise HttpBasicAuthResponseException(response, 208 httplib.BAD_REQUEST) 209 log.debug("cert req = %r", pemCertReq) 210 getTrustRootsKey = self.__class__.GET_TRUSTROOTS_PARAM_KEYNAME 211 getTrustRoots = (request.postvars.get(getTrustRootsKey) == 212 self.__class__.GET_TRUSTROOTS_TRUE_STR) 211 213 212 214 # Expecting PEM encoded request … … 224 226 asn1CertReq = crypto.dump_certificate_request(crypto.FILETYPE_ASN1, 225 227 certReq) 226 228 227 229 try: 230 if getTrustRoots: 231 trustRootsDict = self.myProxyClient.getTrustRoots() 232 233 trustRoots = '\n'.join([ 234 "FILEDATA_%s=%s" % (fileName, fileContents) 235 for fileName, fileContents in trustRootsDict.items() 236 ]) 237 else: 238 trustRoots = '' 239 228 240 credentials = self.myProxyClient.logon(username, 229 241 password, … … 231 243 status = self.getStatusMessage(httplib.OK) 232 244 response = '\n'.join(credentials) 245 response += '\n'+trustRoots 233 246 234 247 start_response(status,
Note: See TracChangeset
for help on using the changeset viewer.