|Version 15 (modified by pjkersha, 2 years ago) (diff)|
Security / ndg_security
NDG Security uses a modular server side architecture based on the Python WSGI. WSGI filters front applications to be protected enforcing access control. Attribute and Authorisation web services, OpenID applications are all built around the WSGI specification. Using PasteDeploy, it is possible to make a flexibile configuration at deployment by arranging the filters and applications by following a simple ini file syntax.
The code base has been tested on a variety of Linux distributions including Ubuntu and SUSE. Python 2.6 is required for the ndg_security version 2.0.0. The 1.5.x branch works with Python 2.5. For server deployment, Apache2 with mod_wsgi are the recommended containers for running applications and filters. Links to installation and configuration details are given below.
Code is released as Python eggs and uploaded to the NERC DataGrid Python distributions repository at http://ndg.nerc.ac.uk/dist/. Releases once created are copied into the tags SVN directory. Branches are maintained where an earlier release has forked from the main development trunk e.g. the here 1.5.x branch
Adds integration with XACML 2.0 implementation ndg_xacml, and SAML authorisation service interface.
Maintained for some existing deployments. Uses custom authorisation interface.
Code can be installed from the NDG distributions repository. To install the eggs e.g.
$ easy_install -f http://ndg.nerc.ac.uk/dist/ ndg_security
To pick up unit and integration tests:
$ easy_install -f http://ndg.nerc.ac.uk/dist/ ndg_security_test
tar.gz based distributions will be added soon for PIP support.
A full set of configuration instructions will follow soon (as of writing 07/01/11).
For server side components, the recommended configuration is with mod_wsgi with Apache2: