source: TI05-delivery/ows_framework/trunk/ows_server/development.ini @ 3893

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg/TI05-delivery/ows_framework/trunk/ows_server/development.ini@3893
Revision 3893, 2.3 KB checked in by pjkersha, 12 years ago (diff)

Security Single Sign On code separated out of ows_server code stack and put in ndg.security. ows_server can still run single sign on but in alternate modes:

  • Single Sign On Service run from within ows_server code stack - all SSO controllers, templates and globals are imported from ndg.security
  • ... or ows_server runs as a client to a Single Sign On service running in a separate paster instance. ows_server imports SSO client interface code from ndg.security

ows_server/development.ini:

  • added logging config as available with Pylons 0.9.6

ows_server/ndgDiscovery.config: [NDG_SECURITY] settings are now divided into sub sections:

  • NDG_SECURITY.ssoClient - for running a client to a Single Sign On service
  • NDG_SECURITY.ssoService - for running an integral SSO service
  • NDG_SECURITY.wssecurity - digital signature for web service interfaces
  • TODO: separate section for Gatekeeper


ows_server/ows_server/models/ndgSecurity.py: get rid of sslPeerCertDN setting to SM client - not needed

ows_server/ows_server/config/environment.py: include templates from ndg.security.server.sso

ows_server/ows_server/config/ndgMiddleware.py: call separate security SSO service/client middleware set-up

ows_server/ows_server/config/routing.py,
ows_server/ows_server/controllers/wayf.py: separate wayf controller

ows_server/ows_server/controllers/login.py: code moved to ndg.security.server.sso.sso.controllers.login ows_server login extends this class
ows_server/ows_server/controllers/logout.py: likewise for logout - inherit from ndg.security.server.sso equivalent

ows_server/ows_server/lib/security_util.py:

  • stripFromURI returns str type not unicode
  • SecurityConfig? class no longer needed - code transfered to ndg.security

ows_server/ows_server/lib/base.py: remove security handling code and instead inherit from ndg.security.client.ssoclient.ssoclient.base.BaseController?

ows_server/ows_server/public/layout/ndg2.css: fix to header image path

ows_server/ows_server/templates/ndgPage.kid: embed code to base 64 encode return to URL
Line 
1#
2# ows_server - Pylons development environment configuration
3#
4# The %(here)s variable will be replaced with the parent directory of this file
5#
6[DEFAULT]
7debug = true
8email_to = you@yourdomain.com
9smtp_server = localhost
10error_email_from = paste@localhost
11
12[server:main]
13use = egg:Paste#http
14host = 0.0.0.0
15port = 8080
16
17[pipeline:main]
18pipeline = logger main_app
19
20[filter:logger]
21use = egg:Paste#translogger
22
23[app:main_app]
24use = egg:ows_server
25cache_dir = %(here)s/data
26session_key = ows_server
27session_secret = somesecret
28csml_dir = /research/home/spascoe/host/saturn/data/ddc_data/obs
29tmp_dir = %(here)s/data/tmp
30#used for wcs "store":
31publish_dir=%(here)s/ows_server/private/filestore 
32ows_common_config = %(here)s/eg_ows_capabilities.xml
33configfile = %(here)s/ndgDiscovery.config
34
35#the password file needs to be outside the egg:
36#passwordFile =  %(here)s/passwords.txt 
37#but it's gone back to ndgDiscoveryq
38
39# If you'd like to fine-tune the individual locations of the cache data dirs
40# for Myghty, the Cache data, or the Session saves, un-comment the desired
41# settings here:
42#myghty_data_dir = %(here)s/data/templates
43#cache_data_dir = %(here)s/data/cache
44#session_data_dir = %(here)s/data/sessions
45
46# Specify the database for SQLAlchemy to use via
47# pylons.database.session_context.
48# %(here) may include a ':' character on Windows environments; this can
49# invalidate the URI when specifying a SQLite db via path name
50#sqlalchemy.dburi = sqlite:///%(here)s/somedb.db
51
52# Specify the database for SQLObject to use via pylons.database.PackageHub.
53#sqlobject.dburi = sqlite://%(here)s/somedb.db
54
55# WARNING: *THE LINE BELOW MUST BE UNCOMMENTED ON A PRODUCTION ENVIRONMENT*
56# Debug mode will enable the interactive debugging tool, allowing ANYONE to
57# execute malicious code after an exception is raised.
58#set debug = false
59
60# Logging configuration
61[loggers]
62keys = root, ows_server, ndg
63
64[handlers]
65keys = console
66
67[formatters]
68keys = generic
69
70[logger_root]
71level = INFO
72handlers = console
73
74[logger_ows_server]
75level = DEBUG
76handlers =
77qualname = ows_server
78
79[logger_ndg]
80level = DEBUG
81handlers =
82qualname = ndg
83
84
85[handler_console]
86class = StreamHandler
87args = (sys.stderr,)
88#level = NOTSET
89level = DEBUG
90formatter = generic
91
92[formatter_generic]
93format = %(asctime)s,%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
94datefmt = %H:%M:%S
95
Note: See TracBrowser for help on using the repository browser.