[wiki: Security] / ndg_security
= `ndg_security` =
[[PageOutline]]
These pages give the details of the Python code base for NDG Security. It uses the [wiki:SAML2.0 ndg_saml], [wiki:XACML ndg_xacml] and [wiki:MyProxyClient MyProxyClient] packages.  For an overview of NDG Security see wiki:.

NDG Security uses a modular server side architecture based on the Python WSGI.  WSGI filters front applications to be protected enforcing access control.  Attribute and Authorisation web services, OpenID applications are all built around the WSGI specification.  Using `PasteDeploy`, it is possible to make a flexibile configuration at deployment by arranging the filters and applications by following a simple ini file syntax.

== Requirements ==
The code base has been tested on a variety of Linux distributions including Ubuntu and SUSE.  Python 2.6 is required for the `ndg_security` version 2.0.0.  The 1.5.x branch works with Python 2.5.  For server deployment, Apache2 with `mod_wsgi` are the recommended containers for running applications and filters.  Links to [wiki:ndg_security#Installation installation and configuration details] are given below.

== Source ==
Code is maintained in a !SubVersion Repository http://proj.badc.rl.ac.uk/svn/ndg/TI12-security.  Access the [source:TI12-security/trunk/NDGSecurity/python trunk].  For the latest stable release, refer to the Releases section below.

== Releases ==
Code is released as Python eggs and uploaded to the NERC !DataGrid Python distributions repository at http://ndg.nerc.ac.uk/dist/.  Releases once created are copied into the [source:/TI12-security/tags tags] SVN directory.  Branches are maintained where an earlier release has forked from the main development trunk e.g. the [source:/TI12-security/branches/ndg-security-1.5.x here 1.5.x branch] 

=== 2.0.0 ===
Adds integration with XACML 2.0 implementation [wiki:XACML ndg_xacml], and SAML authorisation service interface.

=== 1.5.x Branch ===
Maintained for some existing deployments.  Uses custom authorisation interface.

See [source:/TI12-security/branches/ndg-security-1.5.x here] for !SubVersion development branch.  See [source:TI12-security/tags here] for release snapshots.

== Installation ==
Code can be installed from the NDG distributions repository.  To install the eggs e.g.
{{{
$ easy_install -f http://ndg.nerc.ac.uk/dist/ ndg_security
}}}
To pick up unit and integration tests:
{{{
$ easy_install -f http://ndg.nerc.ac.uk/dist/ ndg_security_test
}}}
`tar.gz` based distributions will be added soon for [http://pypi.python.org/pypi/pip PIP] support.

A full set of configuration instructions will follow soon (as of writing 07/01/11).

=== Server-side ===
For server side components, the recommended configuration is with `mod_wsgi` with Apache2:

==== Apache2 and `mod_wsgi` configuration ====
See wiki:ndg_security/Apache2.