source: TI05-delivery/ows_framework/trunk/ows_server/ndgDiscovery.config @ 2878

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg/TI05-delivery/ows_framework/trunk/ows_server/ndgDiscovery.config@2882
Revision 2878, 5.8 KB checked in by pjkersha, 13 years ago (diff)

ows_server/ndgDiscovery.config: switched password.txt from local settings

ows_server/ows_server/models/ndgSecurity.py:

  • replaced hack that deals with case where AA address in the data is not set or is invalid - default to config AA URI setting instead.
  • added urlCanBeOpened class method and URLCannotBeOpened exception type for the above

ows_server/ows_server/lib/base.py:

  • fix problems with absolute paths being exposed from behind the firewall. c.requestURL is now set based on config file server setting.
  • added c.b64EncRequestURL - moved from ndgPage.kid

ows_server/ows_server/templates/ndgPage.kid:

  • moved base 64 encoding of 'r' query arg URL to base.py - see above.
Line 
1#
2# NDG Configuration File
3# At deployment time the only pieces that a user ought to need to customise
4# will be
5#    - the server address
6#    - it might be necessary to customise the location of the layout directory
7#    - the localLink, localImage and localAlt in the [layout] section
8#
9[DEFAULT]
10#
11# the following is the server on which this browse/discovery instance runs!
12server:         http://localhost:8080
13#
14# the following is the server on which the NDG discovery service is running! (Not to be confused with
15# the server on which the NDG discovery web service is running). This can and probably should be the local
16# server (i.e. dont change it!)
17#
18ndgServer:      %(server)s
19#
20# this is the physical file location of the layout directory on this machine
21#
22layoutdir:      /home/bnl/sandboxes/ndg/TI07-MOLES/trunk/PythonCode/wsgi/
23#
24# this should never be changed
25#
26layout:         /layout/
27#
28mailserver:       outbox.rl.ac.uk
29metadataMaintainer: b.n.lawrence@rl.ac.uk
30repository:       http://localhost:8080
31tbrecipient:      b.n.lawrence@rl.ac.uk
32
33# The following should only be needed for debugging some parts of the code when running on sandboxes behind a firewall
34proxyServer:      http://wwwcache3.rl.ac.uk:8080/
35
36[SEARCH]
37advancedURL:        %(ndgServer)s/discovery
38discoveryURL:       %(ndgServer)s/discovery
39helpURL:            %(ndgServer)s/discovery?help=1
40
41[logging]
42debuglog:        discovery.log
43
44[layout]
45###### user customisable:
46localLink:      http://ndg.nerc.ac.uk/
47localImage:     %(layout)sndg_logo_circle.gif
48localAlt:       visit badc
49###### ought to be the end of the customisations
50ndgLink:        http://ndg.nerc.ac.uk/
51ndgImage:       %(layout)sndg_logo_circle.gif
52ndgAlt:         visit ndg
53stfcLink:       http://ceda.stfc.ac.uk/
54stfcImage:      %(layout)sstfc-circle-sm.gif
55key:            %(layout)skey.gif
56keyGrey:        %(layout)skeyG.gif
57selectI:        %(layout)stick.png
58Xicon:          %(layout)sX.gif
59printer:        %(layout)sprinter.gif
60helpIcon:       %(layout)shelp_icon.gif
61HdrLeftAlt:     %(layout)sNatural Environment Research Council
62HdrLeftLogo:    %(layout)sNERC_Logo.gif
63
64pageLogo:       %(layout)s20050502_albert-park_silhouetted-trees-and-clouds_02_cropped.jpg
65
66ndgJavascript:  %(layout)sndgJavascript.js
67
68[HELP]
69helpFile:       %(layoutdir)s%(layout)shelp.html
70
71[NDG_A_SERVICE]
72badc.nerc.ac.uk: http://glue.badc.rl.ac.uk/cgi-bin/dxui
73icon: %(layout)s/A.gif
74icon_alt: A Service
75service_name: A
76icon_title: LINKS to a DATA BROWSE view of this dataset
77instance: datasetURI_%s
78
79[NDG_B_SERVICE]
80#
81#These are the hosts which are publicly available on which the browse
82#service is running. The list should be of the form repository: hostname
83#where repository is the NDG identifier ....
84#
85neodc.nerc.ac.uk: %(server)s
86badc.nerc.ac.uk: %(server)s
87www.npm.ac.uk: http://wwwdev.neodaas.ac.uk/projects/ndg
88grid.bodc.nerc.ac.uk: http://grid.bodc.nerc.ac.uk
89ndg.noc.soton.ac.uk: http://ndg.noc.soton.ac.uk:8001
90icon: %(layout)s/B.gif
91icon_alt: B Service
92icon_title: Links to a METADATA BROWSE view of this dataset
93service_name: B
94instance: SERVICEHOST/view/URI
95
96[NDG_EXIST]
97#
98# following is a list of repository servers, actually only one is needed,
99# at any one location running browse, and that is the local one. The
100# entire purpose of the rest of the list is to simplify updates. These
101# hosts do not need to be visible outside of corporate firewalls.
102# The list should be of the form repository: hostname where repository
103# is the NDG identifier.
104#
105badc.nerc.ac.uk: chinook.badc.rl.ac.uk
106neodc.nerc.ac.uk: chinook.badc.rl.ac.uk
107grid.bodc.nerc.ac.uk: grid.bodc.nerc.ac.uk
108ndg.noc.soton.ac.uk: ndg.noc.soton.ac.uk
109www.npm.ac.uk: pgsql.npm.ac.uk
110#passwordFile: /home/bnl/sandboxes/ndg/TI05-delivery/ows_framework/trunk/ows_server/passwords.txt
111passwordFile: ./passwords.txt
112
113[NDG_SECURITY]
114# Debug e.g. open(<somefile>, 'w')
115#tracefile: None
116tracefile: sys.stderr
117
118# Service addresses
119#sessionMgrURI: https://localhost:5700/SessionManager
120sessionMgrURI: https://glue.badc.rl.ac.uk:50000/SessionManager
121#attAuthorityURI: http://localhost:5000/AttributeAuthority
122attAuthorityURI: http://glue.badc.rl.ac.uk/services/ndg/security/AttributeAuthority
123
124# WS-Security signature handler
125# This is an application certificate ... (which may be a machine certificate)
126# X.509 certificate sent with outbound signed messages
127wssCertFilePath: secpem/Junk-cert.pem
128
129# Private key used to sign messages
130# This is an application certificate ... (which may be a machine certificate)
131wssKeyFilePath: secpem/Junk-key.pem
132
133# Password for private key - comment out if the file is not password protected
134wssKeyPwd: Junk
135
136# Space separated list of CA cert. files to validate certs against when
137# verifying responses
138wssCACertFilePathList: secpem/cacert.pem
139
140# SSL Connections
141#
142# Space separated list of CA cert. files.  The peer cert.
143# must verify against at least one of these otherwise the connection is
144# dropped.
145sslCACertFilePathList: secpem/cacert.pem
146
147# Set an alternate CommonName to match with peer cert for SSL
148# Connections.  If the CN=hostname of the peer then this option
149# can be commented out
150#sslPeerCertCN:
151
152# Gatekeeper Attribute Certificate check
153# Issuer - should match with the issuer element of the users Attribute
154# Certificate submitted in order to gain access
155acIssuer: /CN=AttributeAuthority/O=NDG/OU=BADC
156
157# verification of X.509 cert back to CA
158acCACertFilePathList: secpem/cacert.pem
159
160[RELATED]
161icon: %(layout)s/R.gif
162icon_alt: Related
163service_name: Related
164icon_title: Links to a RELATED URL
165instance: uri
166
167[DISCOVERY]
168icon: %(layout)s/D.gif
169icon_alt: Catalogue
170service_name: Catalogue
171default: %(server)s
172formatDefault=DIF
173icon_title: Links to the DISCOVERY RECORD for this dataset
174
175[OWS_SERVER]
176#
177# Configure the OWS_SERVER framework here
178#
179
180# exception_type: whether OGC servers should send a valid ExceptionReport on errors
181#     or use pylon's debugger.  Very useful for debugging OWS controllers.  Default is ogc
182#exception_type: ogc
183#exception_type: pylons
184
Note: See TracBrowser for help on using the repository browser.