source: TI05-delivery/ows_framework/trunk/ows_server/ndgDiscovery.config @ 4259

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg/TI05-delivery/ows_framework/trunk/ows_server/ndgDiscovery.config@4259
Revision 4259, 10.8 KB checked in by cbyrom, 11 years ago (diff)

Add ability to set the discovery service URL from the ndgDiscovery.config
file + remove unused 'layoutdir' config property.

Line 
1#
2# NDG Configuration File
3# At deployment time the only pieces that a user ought to need to customise
4# will be
5#    - the server address
6#    - it might be necessary to customise the location of the layout directory
7#    - the localLink, localImage and localAlt in the [layout] section
8#
9[DEFAULT]
10#
11# the following is the server on which this browse/discovery instance runs!
12server:         http://localhost
13#server:       http://superglue.badc.rl.ac.uk:8083
14## This is the proxied server root
15#server: http://superglue.badc.rl.ac.uk/ndg-test
16
17#
18# the following is the server on which the NDG discovery service is running! (Not to be confused with
19# the server on which the NDG discovery web service is running). This can and probably should be the local
20# server (i.e. don't change it!)
21#
22ndgServer:      %(server)s
23#
24##!NOTE: These are changed to  reflect the proxy prefix
25#layout:         /ndg-test/layout/
26#icondir:        /ndg-test/layout/icons/
27layout:          /layout/
28icondir:         /layout/icons/
29
30#
31mailserver:       xxxoutbox.rl.ac.uk
32metadataMaintainer: b.n.lawrence@rl.ac.uk
33repository:        %(server)s
34tbrecipient:      b.n.lawrence@rl.ac.uk
35
36# The following should only be needed for debugging some parts of the code when running on sandboxes behind a firewall
37proxyServer:      http://wwwcache3.rl.ac.uk:8080/
38disclaimer:       
39
40[SEARCH]
41advancedURL:        %(ndgServer)s/discovery
42discoveryURL:       %(ndgServer)s/discovery
43helpURL:            %(ndgServer)s/discovery?help=1
44
45[logging]
46debuglog:        discovery.log
47
48[layout]
49###### user customisable:
50localLink:      %(ndgServer)s/layout/
51localImage:     %(layout)sndg_logo_circle.gif
52localAlt:       visit badc
53###### ought to be the end of the customisations
54ndgLink:        http://ndg.nerc.ac.uk/
55ndgImage:       %(layout)sndg_logo_circle.gif
56ndgAlt:         visit ndg
57stfcLink:       http://ceda.stfc.ac.uk/
58stfcImage:      %(layout)sstfc-circle-sm.gif
59key:            %(icondir)spadlock.png
60keyGrey:        %(layout)skeyG.gif
61selectI:        %(layout)stick.png
62Xicon:          %(icondir)sxml.png
63plot:           %(icondir)splot.png
64printer:        %(icondir)sprinter.png
65helpIcon:       %(icondir)shelp.png
66HdrLeftAlt:     %(layout)s Natural Environment Research Council
67HdrLeftLogo:    %(layout)sNERC_Logo.gif
68
69pageLogo:       %(layout)s20050502_albert-park_silhouetted-trees-and-clouds_02_cropped.jpg
70
71ndgJavascript:  %(layout)sndgJavascript.js
72
73[HELP]
74helpFile:       %(layout)shelp.html
75
76[NDG_A_SERVICE]
77badc.nerc.ac.uk: http://glue.badc.rl.ac.uk/cgi-bin/dxui
78icon: %(icondir)splot.png
79#%(icondir)sdata_aservice.png
80icon_alt: A Service
81service_name: A
82icon_title: LINKS to a DATA BROWSE view of this dataset
83instance: datasetURI_%s
84
85[NDG_B_SERVICE]
86#
87#These are the hosts which are publicly available on which the browse
88#service is running. The list should be of the form repository: hostname
89#where repository is the NDG identifier ....
90#
91neodc.nerc.ac.uk: %(server)s
92badc.nerc.ac.uk: %(server)s
93www.npm.ac.uk: http://wwwdev.neodaas.ac.uk/projects/ndg
94grid.bodc.nerc.ac.uk: http://grid.bodc.nerc.ac.uk
95ndg.noc.soton.ac.uk: http://ndg.noc.soton.ac.uk:8001
96icon: %(icondir)sbrowse_bservice.png
97icon_alt: B Service
98icon_title: Links to a METADATA BROWSE view of this dataset
99service_name: B
100instance: SERVICEHOST/view/URI
101
102[NDG_EXIST]
103#
104# following is a list of repository servers, actually only one is needed,
105# at any one location running browse, and that is the local one. The
106# entire purpose of the rest of the list is to simplify updates. These
107# hosts do not need to be visible outside of corporate firewalls.
108# The list should be of the form repository: hostname where repository
109# is the NDG identifier.
110#
111local: chinook.badc.rl.ac.uk
112badc.nerc.ac.uk: chinook.badc.rl.ac.uk
113neodc.nerc.ac.uk: chinook.badc.rl.ac.uk
114grid.bodc.nerc.ac.uk: grid.bodc.nerc.ac.uk
115ndg.noc.soton.ac.uk: ndg.noc.soton.ac.uk
116www.npm.ac.uk: pgsql.npm.ac.uk
117#passwordFile: /home/bnl/sandboxes/ndg/TI05-delivery/ows_framework/trunk/ows_server/passwords.txt
118passwordFile: ./passwords.txt
119
120#
121# NDG Security
122#
123
124# Security settings for configuration as a client to a Single Sign On Service
125# i.e. Where Are You From, login and logout operations are handled by a
126# separate standalone paster instance
127#[NDG_SECURITY.ssoClient]
128## THIS service's address for secure connections - the Single Sign On service
129## returns security parameters to this service along this channel
130#sslServer: https://localhost
131##sslServer: https://ndgbeta.badc.rl.ac.uk
132#
133## THIS service's address for unencrypted connections - when login is complete,
134## the BaseController redirects to an equivalent address under this host name.
135## sslServer and server settings must match for the sharing of cookies.
136#server: http://localhost
137#
138## WAYF running on Single Sign On Service - omit to default to WAYF running on
139## THIS paster instance
140#wayfURI:               https://localhost/sso/wayf
141#
142## Logout URI running on Single Sign On Service - omit to default to logout
143## running on THIS paster instance
144#logoutURI:             https://localhost/sso/logout
145
146# Security settings for running a Single Sign On Service from this paster
147# instance.  Either NDG_SECURITY.ssoClient or NDG_SECURITY.ssoService sections
148# should be set but NOT both
149
150# Single Sign On Service Settings
151[NDG_SECURITY.ssoService]
152
153# THIS service's address for secure connections - the Single Sign On service
154# returns security parameters to this service along this channel
155sslServer: https://localhost
156#sslServer: https://ndgbeta.badc.rl.ac.uk
157
158# THIS service's address for unencrypted connections - when login is complete,
159# the BaseController redirects to an equivalent address under this host name.
160# sslServer and server settings must match for the sharing of cookies.
161server: http://localhost
162
163enableOpenID: True
164
165# Redirect SOAP output to a file e.g. open(<somefile>, 'w')
166tracefile: None
167#tracefile: sys.stderr
168
169# Service addresses
170sessionMgrURI: https://localhost/SessionManager
171#sessionMgrURI: https://ndgbeta.badc.rl.ac.uk/SessionManager
172attAuthorityURI: http://localhost:5000/AttributeAuthority
173#attAuthorityURI: http://aa.ceda.rl.ac.uk
174
175# SSL Connections
176#
177# Space separated list of CA cert. files.  The peer cert.
178# must verify against at least one of these otherwise the connection is
179# dropped.  Include CA certs for all the sites trusted
180sslCACertFilePathList: certs/ndg-test-ca.crt
181
182# Web Services HTTP Proxy fine tuning
183#
184# For most situations, these settings can be ignored and instead make use of
185# the http_proxy environment variable.  They allow for the case where specific
186# settings are needed just for the security web services calls
187
188# Overrides the http_proxy environment variable setting - may be omitted
189#httpProxyHost: wwwcache.rl.ac.uk:8080
190
191# Web service clients pick up the no_proxy environment variable setting by
192# default.  Set this parameter to override no_proxy for web service
193# connections. 
194#noHttpProxyList: localhost, 127.0.0.1
195
196# WS-Security signature handler - set a config file with 'wssCfgFilePath'
197# or omit and put the relevant content directly in here under
198# 'NDG_SECURITY.wssecurity' section
199#wssCfgFilePath: wssecurity.cfg
200
201[NDG_SECURITY.wssecurity]
202
203# Settings for signature of an outbound message ...
204
205# Certificate associated with private key used to sign a message.  The sign
206# method will add this to the BinarySecurityToken element of the WSSE header. 
207# binSecTokValType attribute must be set to 'X509' or 'X509v3' ValueType. 
208# As an alternative, use 'signingCertChain' parameter
209
210# file path PEM encoded cert
211signingCertFilePath=certs/clnt.crt
212
213# file path to PEM encoded private key file
214signingPriKeyFilePath=certs/clnt.key
215
216# Password protecting private key.  Leave blank if there is no password.
217signingPriKeyPwd=
218
219# Provide a space separated list of file paths.  CA Certs should be included
220# for all the sites this installation trusts
221caCertFilePathList=certs/ndg-test-ca.crt
222
223# Set the ValueType for the BinarySecurityToken added to the WSSE header for a
224# signed message. 
225reqBinSecTokValType=X509v3
226
227# Add a timestamp element to an outbound message
228addTimestamp=True
229
230# For WSSE 1.1 - service returns signature confirmation containing signature
231# value sent by client
232applySignatureConfirmation=False
233
234#
235# Gatekeeper settings
236#
237[NDG_SECURITY.gatekeeper]
238#
239# Policy Enforcement Point calls a Policy Decision Point interface:
240
241# File path to Python module containing the PDP class - leave blank if the
242# module is in PYTHONPATH env var
243pdpModFilePath:
244
245# Name of PDP Python module
246pdpModName: ndg.security.common.authz.pdp.browse
247
248# Name of PDP class used
249pdpClassName: BrowsePDP
250
251# File Path to configuration file used by PDP class (environment variables
252# can be used in this path e.g. $PDP_CONFIG_DIR/pdp.cfg.  Omit this parameter
253# to make the PEP read the PDP settings from THIS config file
254#pdpCfgFilePath:
255
256# Read PDP params from THIS section
257pdpCfgSection: NDG_SECURITY.gatekeeper
258
259#
260# Settings for Policy Decision Point called by the PEP
261
262# Address of Attribute Authority for Data Provider
263#aaURI: http://aa.ceda.rl.ac.uk
264aaURI: http://localhost:5000/AttributeAuthority
265
266# Verify peer cert for SSL connections to Session Manager
267sslCACertFilePathList: certs/ndg-test-ca.crt
268
269# Set to file object to dump SOAP message output for debugging
270tracefile:
271
272# CA certificates used to verify the signature of user Attribute Certificates
273# - space delimited list but note that currently only the CA of this site
274# is needed because only mapped Attribute Certificates may be accepted.
275acCACertFilePathList: certs/ndg-test-ca.crt
276
277# X.509 Distinguished Name for Attribute Certificate issuer - should match with
278# the issuer element of the users Attribute Certificate submitted in order to
279# gain access
280acIssuer: /CN=AttributeAuthority/O=NDG Security Test/OU=Site A
281#acIssuer: /CN=AttributeAuthority/O=NDG/OU=BADC
282
283# WS-Security signature handler - set a config file with 'wssCfgFilePath'
284# or omit and put the relevant content directly in here under the section name
285# specified by 'wssCfgSection' below
286#wssCfgFilePath: wssecurity.cfg
287
288# Config file section for WS-Security settings - Nb. the gatekeeper shares the
289# same settings as the Single Sign On Service.
290wssCfgSection: NDG_SECURITY.wssecurity
291
292[RELATED]
293icon: %(icondir)srelated_link.png
294icon_alt: Related
295service_name: Related
296icon_title: Links to a RELATED URL
297instance: uri
298
299[DISCOVERY]
300icon: %(icondir)scatalogue_dservice.png
301icon_alt: Catalogue
302service_name: Catalogue
303default: %(server)s
304formatDefault=DIF
305icon_title: Links to the DISCOVERY RECORD for this dataset
306#standalone: True
307standalone: False
308#NB, if unset, this will default to the discovery service at ndg.badc.rl.ac.uk
309#discoveryServiceURL:http://localhost:8080/axis2/services/DiscoveryService
310
311[OWS_SERVER]
312#
313# Configure the OWS_SERVER framework here
314#
315
316# exception_type: whether OGC servers should send a valid ExceptionReport on errors
317#     or use pylon's debugger.  Very useful for debugging OWS controllers.  Default is ogc
318#exception_type: ogc
319#exception_type: pylons
320
Note: See TracBrowser for help on using the repository browser.