source: MILK/trunk/milk_server/milk.config @ 4599

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg/MILK/trunk/milk_server/milk.config@4599
Revision 4599, 11.0 KB checked in by cbyrom, 11 years ago (diff)

Create new config file - to specify the help text for the MILK app.
Add code to milkMiddleware to read in all data from this.

Line 
1#
2# MILK Configuration File
3# At deployment time the only pieces that a user ought to need to customise
4# will be
5#    - the server address
6#    - it might be necessary to customise the location of the layout directory
7#    - the localLink, localImage and localAlt in the [layout] section
8#
9[DEFAULT]
10#
11# the following is the server on which this browse/discovery instance runs!
12server:         http://localhost
13#server:       http://superglue.badc.rl.ac.uk:8083
14## This is the proxied server root
15#server: http://superglue.badc.rl.ac.uk/ndg-test
16
17#
18# the following is the server on which the NDG discovery service is running! (Not to be confused with
19# the server on which the NDG discovery web service is running). This can and probably should be the local
20# server (i.e. don't change it!)
21#
22ndgServer:      %(server)s
23#
24##!NOTE: These are changed to  reflect the proxy prefix
25#layout:         /ndg-test/layout/
26#icondir:        /ndg-test/layout/icons/
27layout:          /layout/
28icondir:         /layout/icons/
29
30#
31mailserver:       xxxoutbox.rl.ac.uk
32metadataMaintainer: b.n.lawrence@rl.ac.uk
33repository:        %(server)s
34tbrecipient:      b.n.lawrence@rl.ac.uk
35
36# The following should only be needed for debugging some parts of the code when running on sandboxes behind a firewall
37proxyServer:      http://wwwcache3.rl.ac.uk:8080/
38disclaimer:       
39
40[SEARCH]
41advancedURL:        %(ndgServer)s/discovery
42discoveryURL:       %(ndgServer)s/discovery
43helpURL:            %(ndgServer)s/discovery?help=1
44
45[logging]
46debuglog:        discovery.log
47
48[layout]
49###### user customisable:
50localLink:      %(ndgServer)s/layout/
51localImage:     %(icondir)sndg_logo_circle.gif
52localAlt:       visit badc
53###### ought to be the end of the customisations
54ndgLink:        http://ndg.nerc.ac.uk/
55ndgImage:       %(icondir)sndg_logo_circle.gif
56ndgAlt:         visit ndg
57stfcLink:       http://ceda.stfc.ac.uk/
58stfcImage:      %(icondir)sstfc-circle-sm.gif
59key:            %(icondir)spadlock.png
60Xicon:          %(icondir)sxml.png
61plot:           %(icondir)splot.png
62printer:        %(icondir)sprinter.png
63helpIcon:       %(icondir)shelp.png
64HdrLeftAlt:     %(icondir)s Natural Environment Research Council
65HdrLeftLogo:    %(icondir)sNERC_Logo.gif
66navMinus:       %(icondir)snavigate_minus.png
67navPlus:                %(icondir)snavigate_plus.png
68loadingIcon:    %(icondir)sloading.gif
69
70pageLogo:       %(layout)s20050502_albert-park_silhouetted-trees-and-clouds_02_cropped.jpg
71
72[HELP]
73helpFile:       %(layout)shelp.html
74
75[ATOM_EDITOR]
76# if set to True, the editor will be available
77enabled: True
78# if set to True, errors output with stacktrace to templates
79debug: True             
80
81[WMC_CLIENT]
82# specify url for the client; if not specified it will not be possible to view WMS data for
83# discovered records
84url=
85
86[NDG_A_SERVICE]
87badc.nerc.ac.uk: http://glue.badc.rl.ac.uk/cgi-bin/dxui
88icon: %(icondir)splot.png
89#%(icondir)sdata_aservice.png
90icon_alt: A Service
91service_name: A
92icon_title: LINKS to a DATA BROWSE view of this dataset
93instance: datasetURI_%s
94
95[NDG_B_SERVICE]
96#
97#These are the hosts which are publicly available on which the browse
98#service is running. The list should be of the form repository: hostname
99#where repository is the NDG identifier ....
100#
101neodc.nerc.ac.uk: %(server)s
102badc.nerc.ac.uk: %(server)s
103www.npm.ac.uk: http://wwwdev.neodaas.ac.uk/projects/ndg
104grid.bodc.nerc.ac.uk: http://grid.bodc.nerc.ac.uk
105ndg.noc.soton.ac.uk: http://ndg.noc.soton.ac.uk:8001
106icon: %(icondir)sbrowse_bservice.png
107icon_alt: B Service
108icon_title: Links to a METADATA BROWSE view of this dataset
109service_name: B
110instance: SERVICEHOST/view/URI
111
112[NDG_EXIST]
113#
114# following is a list of repository servers, actually only one is needed,
115# at any one location running browse, and that is the local one. The
116# entire purpose of the rest of the list is to simplify updates. These
117# hosts do not need to be visible outside of corporate firewalls.
118# The list should be of the form repository: hostname where repository
119# is the NDG identifier.
120#
121local: chinook.badc.rl.ac.uk
122badc.nerc.ac.uk: chinook.badc.rl.ac.uk
123neodc.nerc.ac.uk: chinook.badc.rl.ac.uk
124grid.bodc.nerc.ac.uk: grid.bodc.nerc.ac.uk
125ndg.noc.soton.ac.uk: ndg.noc.soton.ac.uk
126www.npm.ac.uk: pgsql.npm.ac.uk
127passwordFile: ./passwords.txt
128
129#
130# NDG Security
131#
132
133# Security settings for configuration as a client to a Single Sign On Service
134# i.e. Where Are You From, login and logout operations are handled by a
135# separate standalone paster instance
136#[NDG_SECURITY.ssoClient]
137## THIS service's address for secure connections - the Single Sign On service
138## returns security parameters to this service along this channel
139#sslServer: https://localhost
140##sslServer: https://ndgbeta.badc.rl.ac.uk
141#
142## THIS service's address for unencrypted connections - when login is complete,
143## the BaseController redirects to an equivalent address under this host name.
144## sslServer and server settings must match for the sharing of cookies.
145#server: http://localhost
146#
147## WAYF running on Single Sign On Service - omit to default to WAYF running on
148## THIS paster instance
149#wayfURI:               https://localhost/sso/wayf
150#
151## Logout URI running on Single Sign On Service - omit to default to logout
152## running on THIS paster instance
153#logoutURI:             https://localhost/sso/logout
154
155# Security settings for running a Single Sign On Service from this paster
156# instance.  Either NDG_SECURITY.ssoClient or NDG_SECURITY.ssoService sections
157# should be set but NOT both
158
159# Single Sign On Service Settings
160[NDG_SECURITY.ssoService]
161
162# THIS service's address for secure connections - the Single Sign On service
163# returns security parameters to this service along this channel
164sslServer: https://localhost
165#sslServer: https://ndgbeta.badc.rl.ac.uk
166
167# THIS service's address for unencrypted connections - when login is complete,
168# the BaseController redirects to an equivalent address under this host name.
169# sslServer and server settings must match for the sharing of cookies.
170server: http://localhost
171
172enableOpenID: True
173
174# Redirect SOAP output to a file e.g. open(<somefile>, 'w')
175tracefile: None
176#tracefile: sys.stderr
177
178# Service addresses
179sessionMgrURI: https://localhost/SessionManager
180#sessionMgrURI: https://ndgbeta.badc.rl.ac.uk/SessionManager
181attAuthorityURI: http://localhost:5000/AttributeAuthority
182#attAuthorityURI: http://aa.ceda.rl.ac.uk
183
184# SSL Connections
185#
186# Space separated list of CA cert. files.  The peer cert.
187# must verify against at least one of these otherwise the connection is
188# dropped.  Include CA certs for all the sites trusted
189sslCACertFilePathList: certs/ndg-test-ca.crt
190
191# Web Services HTTP Proxy fine tuning
192#
193# For most situations, these settings can be ignored and instead make use of
194# the http_proxy environment variable.  They allow for the case where specific
195# settings are needed just for the security web services calls
196
197# Overrides the http_proxy environment variable setting - may be omitted
198#httpProxyHost: wwwcache.rl.ac.uk:8080
199
200# Web service clients pick up the no_proxy environment variable setting by
201# default.  Set this parameter to override no_proxy for web service
202# connections. 
203#noHttpProxyList: localhost, 127.0.0.1
204
205# WS-Security signature handler - set a config file with 'wssCfgFilePath'
206# or omit and put the relevant content directly in here under
207# 'NDG_SECURITY.wssecurity' section
208#wssCfgFilePath: wssecurity.cfg
209
210[NDG_SECURITY.wssecurity]
211
212# Settings for signature of an outbound message ...
213
214# Certificate associated with private key used to sign a message.  The sign
215# method will add this to the BinarySecurityToken element of the WSSE header. 
216# binSecTokValType attribute must be set to 'X509' or 'X509v3' ValueType. 
217# As an alternative, use 'signingCertChain' parameter
218
219# file path PEM encoded cert
220signingCertFilePath=certs/clnt.crt
221
222# file path to PEM encoded private key file
223signingPriKeyFilePath=certs/clnt.key
224
225# Password protecting private key.  Leave blank if there is no password.
226signingPriKeyPwd=
227
228# Provide a space separated list of file paths.  CA Certs should be included
229# for all the sites this installation trusts
230caCertFilePathList=certs/ndg-test-ca.crt
231
232# Set the ValueType for the BinarySecurityToken added to the WSSE header for a
233# signed message. 
234reqBinSecTokValType=X509v3
235
236# Add a timestamp element to an outbound message
237addTimestamp=True
238
239# For WSSE 1.1 - service returns signature confirmation containing signature
240# value sent by client
241applySignatureConfirmation=False
242
243#
244# Gatekeeper settings
245#
246[NDG_SECURITY.gatekeeper]
247#
248# Policy Enforcement Point calls a Policy Decision Point interface:
249
250# File path to Python module containing the PDP class - leave blank if the
251# module is in PYTHONPATH env var
252pdpModFilePath:
253
254# Name of PDP Python module
255pdpModName: ndg.security.common.authz.pdp.browse
256
257# Name of PDP class used
258pdpClassName: BrowsePDP
259
260# File Path to configuration file used by PDP class (environment variables
261# can be used in this path e.g. $PDP_CONFIG_DIR/pdp.cfg.  Omit this parameter
262# to make the PEP read the PDP settings from THIS config file
263#pdpCfgFilePath:
264
265# Read PDP params from THIS section
266pdpCfgSection: NDG_SECURITY.gatekeeper
267
268#
269# Settings for Policy Decision Point called by the PEP
270
271# Address of Attribute Authority for Data Provider
272#aaURI: http://aa.ceda.rl.ac.uk
273aaURI: http://localhost:5000/AttributeAuthority
274
275# Verify peer cert for SSL connections to Session Manager
276sslCACertFilePathList: certs/ndg-test-ca.crt
277
278# Set to file object to dump SOAP message output for debugging
279tracefile:
280
281# CA certificates used to verify the signature of user Attribute Certificates
282# - space delimited list but note that currently only the CA of this site
283# is needed because only mapped Attribute Certificates may be accepted.
284acCACertFilePathList: certs/ndg-test-ca.crt
285
286# X.509 Distinguished Name for Attribute Certificate issuer - should match with
287# the issuer element of the users Attribute Certificate submitted in order to
288# gain access
289acIssuer: /CN=AttributeAuthority/O=NDG Security Test/OU=Site A
290#acIssuer: /CN=AttributeAuthority/O=NDG/OU=BADC
291
292# WS-Security signature handler - set a config file with 'wssCfgFilePath'
293# or omit and put the relevant content directly in here under the section name
294# specified by 'wssCfgSection' below
295#wssCfgFilePath: wssecurity.cfg
296
297# Config file section for WS-Security settings - Nb. the gatekeeper shares the
298# same settings as the Single Sign On Service.
299wssCfgSection: NDG_SECURITY.wssecurity
300
301[RELATED]
302icon: %(icondir)srelated_link.png
303icon_alt: Related
304service_name: Related
305icon_title: Links to a RELATED URL
306instance: uri
307
308[DISCOVERY]
309icon: %(icondir)scatalogue_dservice.png
310icon_alt: Catalogue
311service_name: Catalogue
312default: %(server)s
313formatDefault=DIF
314icon_title: Links to the DISCOVERY RECORD for this dataset
315#standalone: True
316standalone: False
317#NB, if unset, this will default to the discovery service at ndg.badc.rl.ac.uk
318#discoveryServiceURL:http://localhost:8080/axis2/services/DiscoveryService
319
320[MILK_SERVER]
321#
322# Configure the MILK_SERVER framework here
323#
324
325# exception_type: whether OGC servers should send a valid ExceptionReport on errors
326#     or use pylon's debugger.  Very useful for debugging OWS controllers.  Default is ogc
327#exception_type: ogc
328#exception_type: pylons
329
Note: See TracBrowser for help on using the repository browser.