source: TI05-delivery/ows_framework/trunk/ows_server/ows_server/config/ndgMiddleware.py @ 3919

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg/TI05-delivery/ows_framework/trunk/ows_server/ows_server/config/ndgMiddleware.py@3919
Revision 3919, 5.7 KB checked in by pjkersha, 12 years ago (diff)

Initial Integration of Single Sign On Service with OpenID and Pylons AuthKit?:

  • WAYF now contains an OpenID textbox for sign in
  • No role integration carried out yet - OpenID has no better privileges than an anonymous user(!)
  • Integrated into Authkit - requires lots of config settings in pylons ini file
  • HTTP 401 error get redirected automatically to WAYF
  • Need to create an AuthKit? egg from SVN 151 checkout - will put on NDG dist

SWITCH OFF security by setting standalone = False in ndgDiscovery.

Line 
1# ndg middleware
2from paste.deploy import CONFIG
3from ows_server.models.Utilities import myConfig
4
5
6class NDGConfigError(Exception): 
7    '''Errors related to reading from ndg config file'''
8     
9class ndgMiddleware:
10   
11    def __init__(self, app, g, app_conf):
12       
13        #this is the next application in the wsgi stack
14        self.app=app
15       
16        #set up the ndg configuration file
17       
18        #Changed by Dom: CONFIG.get wasn't respecting the %(home)s variable, so moved to app_conf section in ini file.
19        #cf=CONFIG.get('configfile')
20        cf= CONFIG['app_conf']['configfile']
21        cf=myConfig(cf)
22     
23        self.globals=g
24        self.globals.htdocs=cf.get('DEFAULT','htdocs',None)
25        self.globals.localLink=cf.get('layout','localLink',None)
26        self.globals.localImage=cf.get('layout','localImage',None)
27        self.globals.localAlt=cf.get('layout','localAlt','Visit Local Site')
28        self.globals.ndgLink=cf.get('layout','ndgLink','http://ndg.nerc.ac.uk')
29        self.globals.ndgImage=cf.get('layout','ndgImage',None)
30        self.globals.ndgAlt=cf.get('layout','ndgAlt','Visit NDG')
31        self.globals.stfcLink=cf.get('layout','stfcLink')
32        self.globals.stfcImage=cf.get('layout','stfcImage')
33        self.globals.helpIcon=cf.get('layout','helpIcon')
34        self.globals.LeftAlt=cf.get('layout','HdrLeftAlt')
35        self.globals.LeftLogo=cf.get('layout','HdrLeftLogo')
36        self.globals.pageLogo="bodcHdr"
37        self.globals.icons_xml=cf.get('layout','Xicon')
38        self.globals.icons_plot=cf.get('layout','plot')
39        self.globals.icons_prn=cf.get('layout','printer')
40        self.globals.icons_A=cf.get('NDG_A_SERVICE','icon')
41        self.globals.icons_B=cf.get('NDG_B_SERVICE','icon')
42        self.globals.icons_D=cf.get('DISCOVERY','icon')
43        self.globals.icons_R=cf.get('RELATED','icon')
44        self.globals.icons_key=cf.get('layout','key')
45       
46        self.globals.disclaimer=cf.get('default','disclaimer')
47       
48        self.globals.discoveryURL=cf.get('SEARCH','discoveryURL')
49       
50        self.globals.server=cf.get('DEFAULT','server','')
51
52       
53        # for standalone discovery
54        self.globals.standalone=cf.config.getboolean('DISCOVERY','standalone')       
55
56       
57        # Security Related
58
59        # Single Sign On settings - check for mode of operation:
60        # 1) act as a client to a separate Single Sign On Service
61        # or
62        # 2) Single Sign On service is integrated into THIS service
63        securityEnabled = not self.globals.standalone
64        isSSOClient = cf.config.has_section('NDG_SECURITY.ssoClient') and \
65            securityEnabled
66           
67        isSSOService = cf.config.has_section('NDG_SECURITY.ssoService') and \
68            securityEnabled
69           
70        if isSSOClient and isSSOService:
71            raise NDGConfigError(\
72                "NDG_SECURITY.ssoClient and NDG_SECURITY.ssoService " + \
73                "sections are present in the NDG Config file: " + \
74                "only one or the other may be set")
75 
76        if isSSOClient:
77            try:
78                from \
79            ndg.security.client.ssoclient.ssoclient.config.ssoClientMiddleware\
80                    import SSOMiddleware
81            except ImportError, e:
82                # If standalone flag is not present security must be enabled
83                raise NDGConfigError(\
84                    '%s: importing Single Sign On Client SSOMiddleware: %s' % \
85                        (__name__, e))
86                       
87               
88            self.app = SSOMiddleware(app, cf.config, g, app_conf,
89                                     defSection='NDG_SECURITY.ssoClient')
90           
91            self.globals.sslServer = g.ndg.security.common.sso.cfg.sslServer
92            self.globals.wayfuri=g.ndg.security.common.sso.cfg.wayfuri
93            self.globals.logout=g.ndg.security.common.sso.cfg.logoutURI
94           
95        elif isSSOService:
96            try:
97                from ndg.security.server.sso.sso.config.ssoServiceMiddleware \
98                    import SSOMiddleware
99            except ImportError, e:
100                # If standalone flag is not present security must be enabled
101                raise NDGConfigError(\
102                    '%s: importing Single Sign On Service SSOMiddleware: %s' %\
103                        (__name__, e))
104                       
105               
106            self.app = SSOMiddleware(app, g, app_conf,
107                                     defSection='NDG_SECURITY.ssoService',
108                                     wssSection='NDG_SECURITY.wssecurity')
109           
110            self.globals.sslServer=g.ndg.security.server.sso.cfg.sslServer
111            self.globals.wayfuri=g.ndg.security.server.sso.cfg.wayfuri
112            self.globals.logout=g.ndg.security.server.sso.cfg.logoutURI
113            self.globals.getCredentials=g.ndg.security.server.sso.cfg.getCredentials
114
115        # Policy Enforcement Point initialisation
116        if securityEnabled:
117            try:
118                from ndg.security.common.authz.pep import PEP
119            except ImportError, e:
120                # If standalone flag is not present security must be enabled
121                raise NDGConfigError('%s: expecting standalone config ' % \
122                        __name__ + 
123                        'flag set to False for Policy Enforcement Point ' + \
124                        'import: %s' % e)
125           
126            self.globals.pep = PEP(cfg=cf.config, 
127                                   cfgSection='NDG_SECURITY.gatekeeper')
128           
129        self.config=cf
130       
131       
132    def __call__(self,environ,start_response):
133       
134        environ['ndgConfig']=self.config
135        return self.app(environ,start_response)
136   
Note: See TracBrowser for help on using the repository browser.