Changeset 7781

Timestamp:

15/12/10 16:40:02 (9 years ago)

Author:

pjkersha

Message:

Incomplete - task 16: NDG Security 2.x.x - incl. updated Paster templates

• Added unit test for generic services template

Location:

TI12-security/trunk/NDGSecurity/python

Files:

• ndg_security_server/ndg/security/server/paster_templates/Makefile (modified) (1 diff)
• ndg_security_server/ndg/security/server/paster_templates/attributeservice (deleted)
• ndg_security_server/ndg/security/server/paster_templates/authorisationservice (deleted)
• ndg_security_server/ndg/security/server/paster_templates/openidprovider (deleted)
• ndg_security_server/ndg/security/server/paster_templates/template.py (modified) (4 diffs)
• ndg_security_server/setup.py (modified) (1 diff)
• ndg_security_test/ndg/security/test/config/authorisationservice/authorisation-service.ini_tmpl (deleted)
• ndg_security_test/ndg/security/test/integration/full_system/log (added)
• ndg_security_test/ndg/security/test/integration/full_system/securityservices.ini (modified) (4 diffs)
• ndg_security_test/ndg/security/test/unit/paster_templates/test_paster_templates.py (modified) (2 diffs)

TI12-security/trunk/NDGSecurity/python/ndg_security_server/ndg/security/server/paster_templates/Makefile

@@ -166 +166 @@
         
 attribute_service_tmpl_clean:
-        @-echo Clearing Authorisation Service template ...
+        @-echo Clearing Attribute Service template ...
         rm -rf ${ATTR_SERVICE_DEST_DIR}
         

TI12-security/trunk/NDGSecurity/python/ndg_security_server/ndg/security/server/paster_templates/template.py

@@ -34 +34 @@
     """
     DEFAULT_PORT_NUM = 7443
-    DEFAULT_URI = urlparse.urlunsplit(('https', _hostname, '/', None, None))
+    DEFAULT_URI = urlunsplit(('https', _hostname, '/', None, None))
     
     ATTRIBUTE_SERVICE_DEFAULT_MOUNT_POINT = '/AttributeService'
@@ -119 +119 @@
 
         var('beakerSessionSecret', 
-            ('Cookie secret for keeping security session state'),
+            'Cookie secret for keeping security session state',
             default=base64.b64encode(os.urandom(32))[:32])
     ]
@@ -132 +132 @@
     
     _template_dir = 'authorisationservice'
-    summary = (
-        'Template to create an NDG Security Authorisation Service')
+    summary = 'Create an NDG Security Authorisation Service'
     vars = [
         var('mountPoint', 
@@ -153 +152 @@
 class OpenIDProviderTemplate(Template):
     """Paster template for OpenID Provider service"""
-    
-    DEFAULT_MOUNT_POINT = '/AuthorisationService'
-    DEFAULT_ISSUER_NAME = 'O=NDG, OU=Security, CN=localhost'
-    DEFAULT_ISSUER_FORMAT = Issuer.X509_SUBJECT
-    
-    _template_dir = 'authorisationservice'
+    _template_dir = 'openid-provider'
     summary = (
         'Template to create an NDG Security Authorisation Service')
-    vars = [
-        var('mountPoint', 
-            ('URI path to mount service i.e. https://myhost/<mountPoint>'),
-            default=DEFAULT_MOUNT_POINT),
 
-        var('issuerName', 
-            ('ID of this service used in SAML queries and responses'),
-            default=DEFAULT_ISSUER_NAME),
-
-        var('issuerFormat', 
-            ('Format of issuerName string; if using the default, ensure that '
-             'the issuerName value is a correctly formatted X.509 Subject '
-             'Name'),
-            default=DEFAULT_ISSUER_FORMAT)

TI12-security/trunk/NDGSecurity/python/ndg_security_server/setup.py

@@ -36 +36 @@
     main=pylons.util:PylonsInstaller
     [paste.paster_create_template]
+    ndgsecurity_services=ndg.security.server.paster_templates.template:ServicesTemplate
     ndgsecurity_authorisation_service=ndg.security.server.paster_templates.template:AuthorisationServiceTemplate
     """

TI12-security/trunk/NDGSecurity/python/ndg_security_test/ndg/security/test/integration/full_system/securityservices.ini

@@ -140 +140 @@
 # Apply verification against a list of trusted CAs.  To skip this step, comment
 # out or remove this item.  e.g. set CA verification in the Apache config file.
-ssl.caCertFilePathList = %(testConfigDir)s/ca/d573507a.0
+ssl.caCertFilePathList = %(testConfigDir)s/pki/ca/d573507a.0
 
 # Apply whitelisting of client certificate DNs.  This should never be needed in
@@ -580 +580 @@
 authz.ctx_handler.pip.attributeQuery.sslCertFilePath = %(testConfigDir)s/pki/localhost.crt
 authz.ctx_handler.pip.attributeQuery.sslPriKeyFilePath = %(testConfigDir)s/pki/localhost.key
-authz.ctx_handler.pip.attributeQuery.sslCACertDir = %(testConfigDir)s/ca
+authz.ctx_handler.pip.attributeQuery.sslCACertDir = %(testConfigDir)s/pki/ca
 
 #______________________________________________________________________________
@@ -588 +588 @@
 
 [handlers]
-keys = console
+keys = console, logfile
 
 [formatters]
@@ -612 +612 @@
 datefmt = %Y-%m-%d %H:%M:%S
 
+[handler_logfile]
+class = handlers.RotatingFileHandler
+level=NOTSET
+formatter=generic
+args=(os.path.join('%(here)s', 'log', 'service.log'), 'a', 50000, 2)

TI12-security/trunk/NDGSecurity/python/ndg_security_test/ndg/security/test/unit/paster_templates/test_paster_templates.py

@@ -9 +9 @@
 from paste.script.create_distro import CreateDistroCommand
 
-from ndg.security.server.paster_templates.template import \
-    AuthorisationServiceTemplate
+from ndg.security.server.paster_templates.template import (ServicesTemplate,
+    AuthorisationServiceTemplate)
+     
+
+class ServicesTemplateTestCase(unittest.TestCase):
+    """Test create configuration for an application which bundles all the NDG 
+    Security Services
+    """
+    HERE_DIR = path.dirname(path.abspath(__file__))
+    SERVICE_TMPL_NAME = 'ndgsecurity_services'
+    SERVICE_CONF_DIR = 'services'
+    SERVICE_CONF_DIRPATH = path.join(HERE_DIR, SERVICE_CONF_DIR)
+    SERVICE_CONF_DIR_FILES = (
+        'pki', 'pip-mapping.txt', 'service.ini', 'policy.xml', 'user.db'
+    )
     
+    def test01Run(self):
+        cmd = CreateDistroCommand(None)
+        cmd.default_interactive = False
+        cmd.run([self.__class__.SERVICE_CONF_DIR, 
+                 '-t', 
+                 self.__class__.SERVICE_TMPL_NAME])
+        
+        createdFiles = listdir(self.__class__.SERVICE_CONF_DIRPATH)
+        
+        for _file in self.__class__.SERVICE_CONF_DIR_FILES:
+            self.assert_(_file in createdFiles, "Missing file %r" % _file)
+
+    def tearDown(self):
+        shutil.rmtree(self.__class__.SERVICE_CONF_DIRPATH, True)
+           
 
 class AuthorisationServiceTemplateTestCase(unittest.TestCase):
+    """Test creation of ini file and basic configuration settings for NDG 
+    Security Authorisation Service
+    """
     HERE_DIR = path.dirname(path.abspath(__file__))
     TMPL_CONFIG_FILEPATH = path.join(HERE_DIR, 'template.cfg')
@@ -40 +71 @@
         shutil.rmtree(self.__class__.AUTHORISATION_SERVICE_CONF_DIRPATH, True)
 
+
 if __name__ == "__main__":
     unittest.main()