source: TI05-delivery/ows_framework/trunk/ows_server/ndgDiscovery.config @ 3056

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg/TI05-delivery/ows_framework/trunk/ows_server/ndgDiscovery.config@3056
Revision 3056, 6.1 KB checked in by pjkersha, 12 years ago (diff)

Important fix for ticket #883 - ensures cookie at users login site is kept in sync with their Session Manager.

ows_server/ndgDiscovery.config: default SM URI goes through Apache now

ows_server/ows_server/controllers/login.py: added call to SessionMgr?.getSessionStatus in LoginController?.index. This checks the users session and if not found on the Session Manager, offers re-login. This is a likely scenario where the user logs off at a remote site removing their session from the Session Manager but leave stale security session cookie details on their home site.

ows_server/ows_server/lib/security_util.py: fix to LoginServiceQuery? - raise new LoginServiceQueryError? type exception
Line 
1#
2# NDG Configuration File
3# At deployment time the only pieces that a user ought to need to customise
4# will be
5#    - the server address
6#    - it might be necessary to customise the location of the layout directory
7#    - the localLink, localImage and localAlt in the [layout] section
8#
9[DEFAULT]
10#
11# the following is the server on which this browse/discovery instance runs!
12#server:         http://localhost
13server:         http://localhost:8080
14
15#
16# the following is the server on which the NDG discovery service is running! (Not to be confused with
17# the server on which the NDG discovery web service is running). This can and probably should be the local
18# server (i.e. dont change it!)
19#
20ndgServer:      %(server)s
21#
22# this is the physical file location of the layout directory on this machine
23#
24layoutdir:      /home/bnl/sandboxes/ndg/TI07-MOLES/trunk/PythonCode/wsgi/
25#
26# this should never be changed
27#
28layout:         /layout/
29icondir:        /layout/icons/
30#
31mailserver:       outbox.rl.ac.uk
32metadataMaintainer: b.n.lawrence@rl.ac.uk
33repository:       http://localhost:8080
34tbrecipient:      b.n.lawrence@rl.ac.uk
35
36# The following should only be needed for debugging some parts of the code when running on sandboxes behind a firewall
37proxyServer:      http://wwwcache3.rl.ac.uk:8080/
38
39[SEARCH]
40advancedURL:        %(ndgServer)s/discovery
41discoveryURL:       %(ndgServer)s/discovery
42helpURL:            %(ndgServer)s/discovery?help=1
43
44[logging]
45debuglog:        discovery.log
46
47[layout]
48###### user customisable:
49localLink:      http://ndg.nerc.ac.uk/
50localImage:     %(layout)sndg_logo_circle.gif
51localAlt:       visit badc
52###### ought to be the end of the customisations
53ndgLink:        http://ndg.nerc.ac.uk/
54ndgImage:       %(layout)sndg_logo_circle.gif
55ndgAlt:         visit ndg
56stfcLink:       http://ceda.stfc.ac.uk/
57stfcImage:      %(layout)sstfc-circle-sm.gif
58key:            %(icondir)spadlock.png
59keyGrey:        %(layout)skeyG.gif
60selectI:        %(layout)stick.png
61Xicon:          %(icondir)sxml.png
62printer:        %(icondir)sprinter.png
63helpIcon:       %(icondir)shelp.png
64HdrLeftAlt:     %(layout)sNatural Environment Research Council
65HdrLeftLogo:    %(layout)sNERC_Logo.gif
66
67pageLogo:       %(layout)s20050502_albert-park_silhouetted-trees-and-clouds_02_cropped.jpg
68
69ndgJavascript:  %(layout)sndgJavascript.js
70
71[HELP]
72helpFile:       %(layoutdir)s%(layout)shelp.html
73
74[NDG_A_SERVICE]
75badc.nerc.ac.uk: http://glue.badc.rl.ac.uk/cgi-bin/dxui
76icon: %(icondir)sdata_aservice.png
77icon_alt: A Service
78service_name: A
79icon_title: LINKS to a DATA BROWSE view of this dataset
80instance: datasetURI_%s
81
82[NDG_B_SERVICE]
83#
84#These are the hosts which are publicly available on which the browse
85#service is running. The list should be of the form repository: hostname
86#where repository is the NDG identifier ....
87#
88neodc.nerc.ac.uk: %(server)s
89badc.nerc.ac.uk: %(server)s
90www.npm.ac.uk: http://wwwdev.neodaas.ac.uk/projects/ndg
91grid.bodc.nerc.ac.uk: http://grid.bodc.nerc.ac.uk
92ndg.noc.soton.ac.uk: http://ndg.noc.soton.ac.uk:8001
93icon: %(icondir)sbrowse_bservice.png
94icon_alt: B Service
95icon_title: Links to a METADATA BROWSE view of this dataset
96service_name: B
97instance: SERVICEHOST/view/URI
98
99[NDG_EXIST]
100#
101# following is a list of repository servers, actually only one is needed,
102# at any one location running browse, and that is the local one. The
103# entire purpose of the rest of the list is to simplify updates. These
104# hosts do not need to be visible outside of corporate firewalls.
105# The list should be of the form repository: hostname where repository
106# is the NDG identifier.
107#
108local: chinook.badc.rl.ac.uk
109badc.nerc.ac.uk: chinook.badc.rl.ac.uk
110neodc.nerc.ac.uk: chinook.badc.rl.ac.uk
111grid.bodc.nerc.ac.uk: grid.bodc.nerc.ac.uk
112ndg.noc.soton.ac.uk: ndg.noc.soton.ac.uk
113www.npm.ac.uk: pgsql.npm.ac.uk
114#passwordFile: /home/bnl/sandboxes/ndg/TI05-delivery/ows_framework/trunk/ows_server/passwords.txt
115passwordFile: ./passwords.txt
116
117[NDG_SECURITY]
118# Server address for secure connections
119#sslServer: https://localhost
120sslServer: https://ndgbeta.badc.rl.ac.uk
121
122# Redirect SOAP output to a file e.g. open(<somefile>, 'w')
123tracefile: None
124#tracefile: sys.stderr
125
126# Service addresses
127#sessionMgrURI: https://localhost:5700/SessionManager
128sessionMgrURI: https://ndgbeta.badc.rl.ac.uk/SessionManager
129#attAuthorityURI: http://localhost:5000/AttributeAuthority
130attAuthorityURI: http://aa.ceda.rl.ac.uk
131
132# WS-Security signature handler
133# This is an application certificate ... (which may be a machine certificate)
134# X.509 certificate sent with outbound signed messages
135wssCertFilePath: secpem/Junk-cert.pem
136
137# Private key used to sign messages
138# This is an application certificate ... (which may be a machine certificate)
139wssKeyFilePath: secpem/Junk-key.pem
140
141# Password for private key - comment out if the file is not password protected
142wssKeyPwd: Junk
143
144# Space separated list of CA cert. files to validate certs against when
145# verifying responses
146wssCACertFilePathList: secpem/cacert.pem
147
148# SSL Connections
149#
150# Space separated list of CA cert. files.  The peer cert.
151# must verify against at least one of these otherwise the connection is
152# dropped.
153sslCACertFilePathList: secpem/cacert.pem
154
155# Set an alternate CommonName to match with peer cert for SSL
156# Connections.  If the CN=hostname of the peer then this option
157# can be commented out
158#sslPeerCertCN:
159
160# Gatekeeper Attribute Certificate check
161# Issuer - should match with the issuer element of the users Attribute
162# Certificate submitted in order to gain access
163acIssuer: /CN=AttributeAuthority/O=NDG/OU=BADC
164#acIssuer: /CN=Junk/O=NDG/OU=Gabriel
165
166# verification of X.509 cert back to CA
167acCACertFilePathList: secpem/cacert.pem
168
169[RELATED]
170icon: %(icondir)srelated_link.png
171icon_alt: Related
172service_name: Related
173icon_title: Links to a RELATED URL
174instance: uri
175
176[DISCOVERY]
177icon: %(icondir)scatalogue_dservice.png
178icon_alt: Catalogue
179service_name: Catalogue
180default: %(server)s
181formatDefault=DIF
182icon_title: Links to the DISCOVERY RECORD for this dataset
183
184[OWS_SERVER]
185#
186# Configure the OWS_SERVER framework here
187#
188
189# exception_type: whether OGC servers should send a valid ExceptionReport on errors
190#     or use pylon's debugger.  Very useful for debugging OWS controllers.  Default is ogc
191#exception_type: ogc
192#exception_type: pylons
193
Note: See TracBrowser for help on using the repository browser.