source: TI05-delivery/ows_framework/trunk/ows_server/ows_server/config/ndgDiscovery.config @ 2748

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg/TI05-delivery/ows_framework/trunk/ows_server/ows_server/config/ndgDiscovery.config@2748
Revision 2748, 4.9 KB checked in by pjkersha, 12 years ago (diff)

called by HandleSecurity? function. Needs testing and fixes - see TODOs

ows_server/ows_server/config/ndgDiscovery.config:

  • added a section for security including WS-Security and SSL PKI settings.

ows_server/ows_server/config/routing.py:

  • added entry for login handling

ws_server/ows_server/controllers/login.py:

  • security web services integrated. TODO: credentials passing across http

redirect

ows_server/ows_server/controllers/logout.py:

  • security WS calls integrated

ows_server/ows_server/templates/ndgPage.kid:

  • fix to display of roles

ows_server/ows_server/templates/login.kid:

  • new page for login
Line 
1#
2# NDG Configuration File
3# At deployment time the only pieces that a user ought to need to customise
4# will be
5#    - the server address
6#    - it might be necessary to customise the location of the layout directory
7#    - the localLink, localImage and localAlt in the [layout] section
8#
9[DEFAULT]
10#
11# the following is the server on which this browse/discovery instance runs!
12server:         http://localhost:8080
13#
14# the following is the server on which the NDG discovery service is running! (Not to be confused with
15# the server on which the NDG discover web service is running)
16#
17ndgServer:      %(server)s
18#
19# this is the physical file location of the layout directory on this machine
20#
21layoutdir:      /home/bnl/sandboxes/ndg/TI07-MOLES/trunk/PythonCode/wsgi/
22#
23# this should never be changed
24#
25layout:         /layout/
26#
27mailserver:       outbox.rl.ac.uk
28metadataMaintainer: b.n.lawrence@rl.ac.uk
29repository:       http://localhost:8080
30
31
32[SEARCH]
33advancedURL:        %(ndgServer)s/discovery
34discoveryURL:       %(ndgServer)s/discovery
35helpURL:            %(ndgServer)s/discovery?help=1
36
37[logging]
38debuglog:        discovery.log
39
40[layout]
41###### user customisable:
42localLink:      http://ndg.nerc.ac.uk/
43localImage:     %(layout)sndg_logo_circle.gif
44localAlt:       visit badc
45###### ought to be the end of the customisations
46ndgLink:        http://ndg.nerc.ac.uk/
47ndgImage:       %(layout)sndg_logo_circle.gif
48ndgAlt:         visit ndg
49stfcLink:       http://ceda.stfc.ac.uk/
50stfcImage:      %(layout)sstfc-circle-sm.gif
51key:            %(layout)skeySm.gif
52keyGrey:        %(layout)skeyG.gif
53selectI:        %(layout)stick.png
54Xicon:          %(layout)sX.gif
55printer:        %(layout)sprinter.gif
56helpIcon:       %(layout)shelp_icon.gif
57HdrLeftAlt:     %(layout)sNatural Environment Research Council
58HdrLeftLogo:    %(layout)sNERC_Logo.gif
59
60pageLogo:       %(layout)s20050502_albert-park_silhouetted-trees-and-clouds_02_cropped.jpg
61
62ndgJavascript:  %(layout)sndgJavascript.js
63
64[HELP]
65helpFile:       %(layoutdir)s%(layout)shelp.html
66
67[NDG_A_SERVICE]
68badc.nerc.ac.uk: http://glue.badc.rl.ac.uk/cgi-bin/dxui
69icon: %(layout)s/A.gif
70icon_alt: A Service
71service_name: A
72icon_title: LINKS to a DATA BROWSE view of this dataset
73instance: datasetURI_%s
74
75[NDG_B_SERVICE]
76#
77#These are the hosts which are publicly available on which the browse
78#service is running. The list should be of the form repository: hostname
79#where repository is the NDG identifier ....
80#
81neodc.nerc.ac.uk: %(server)s
82badc.nerc.ac.uk: %(server)s
83npm.ac.uk: wwwdev.npm.ac.uk/rsdas/projects/ndg
84#grid.bodc.nerc.ac.uk: glue.badc.rl.ac.uk
85grid.bodc.nerc.ac.uk: localhost:8001
86ndg.noc.soton.ac.uk: ndg.noc.soton.ac.uk:8001
87icon: %(layout)s/B.gif
88icon_alt: B Service
89icon_title: Links to a METADATA BROWSE view of this dataset
90service_name: B
91instance: SERVICEHOST/view/URI
92
93[NDG_EXIST]
94#
95# following is a list of repository servers, actually only one is needed,
96# at any one location running browse, and that is the local one. The
97# entire purpose of the rest of the list is to simplify updates. These
98# hosts do not need to be visible outside of corporate firewalls.
99# The list should be of the form repositroy: hostname where repository
100# is the NDG identifier.
101#
102badc.nerc.ac.uk: chinook.badc.rl.ac.uk
103neodc.nerc.ac.uk: chinook.badc.rl.ac.uk
104grid.bodc.nerc.ac.uk: grid.bodc.nerc.ac.uk
105ndg.noc.soton.ac.uk: ndg.noc.soton.ac.uk
106npm.ac.uk: pgsql.npm.ac.uk
107
108[NDG_SECURITY]
109# Debug e.g. open(<somefile>, 'w')
110#tracefile: None
111tracefile: sys.stderr
112
113# Service addresses
114#sessionMgrURI: https://localhost:5700/SessionManager
115sessionMgrURI: https://glue.badc.rl.ac.uk:50000/SessionManager
116#attAuthorityURI: http://localhost:5000/AttributeAuthority
117attAuthorityURI: http://glue.badc.rl.ac.uk/services/ndg/security/AttributeAuthority
118
119# WS-Security signature handler
120#
121# X.509 certificate sent with outbound signed messages
122wssCertFilePath: Junk-cert.pem
123
124# Private key used to sign messages
125wssKeyFilePath: Junk-key.pem
126
127# Password for private key - comment out if the file is not password protected
128wssKeyPwd:
129
130# Space separated list of CA cert. files to validate certs against when
131# verifying responses
132wssCACertFilePathList = cacert.pem
133
134# SSL Connections
135#
136# Space separated list of CA cert. files.  The peer cert.
137# must verify against at least one of these otherwise the connection is
138# dropped.
139sslCACertFilePathList: cacert.pem
140
141# Set an alternate CommonName to match with peer cert for SSL
142# Connections.  If the CN=hostname of the peer then this option
143# can be commented out
144#sslPeerCertCN:
145
146# Attribute Certificate
147# Issuer name - should match with name element specified in
148# home Attribute Authority's attAuthorityProperties.xml
149acIssuerName: BADC
150
151# verification of X.509 cert back to CA
152acCACertFilePathList: cacert.pem
153
154[RELATED]
155icon: %(layout)s/R.gif
156icon_alt: Related
157service_name: Related
158icon_title: Links to a RELATED URL
159instance: uri
160
161[DISCOVERY]
162icon: %(layout)s/D.gif
163icon_alt: Catalogue
164service_name: Catalogue
165default: %(server)s
166formatDefault=DIF
167icon_title: Links to the DISCOVERY RECORD for this dataset
Note: See TracBrowser for help on using the repository browser.