source: TI05-delivery/ows_framework/trunk/ows_server/ows_server/controllers/logout.py @ 2879

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg/TI05-delivery/ows_framework/trunk/ows_server/ows_server/controllers/logout.py@2879
Revision 2879, 4.5 KB checked in by pjkersha, 13 years ago (diff)

ows_server/ows_server/controllers/logout.py:

  • tidy up error handling with separate redirect method
  • don't catch errors on redirect_to - HTTP 302 exception is expected.
Line 
1from ows_server.lib.base import *
2from ows_server.lib.security_util import SecuritySession
3import logging
4log = logging.getLogger(__name__)
5
6from paste.request import parse_querystring
7import sys # include in case tracefile is set to sys.stderr
8import base64 # decode the return to address
9
10from ndg.security.common.SessionMgr import SessionMgrClient
11
12
13class LogoutController(BaseController):
14    ''' Provides the pylons controller for logging out and killing the cookies '''
15   
16    def __setup(self):
17        #where are we going back to?
18        self.inputs=dict(parse_querystring(request.environ))
19        if 'r' in self.inputs:
20            c.returnTo=self.inputs['r']
21        else:
22            c.returnTo=''
23
24        self.__securitySetup()
25       
26       
27    def __securitySetup(self):
28        '''PKI settings for Session Manager'''
29       
30        self.ndgCfg = request.environ['ndgConfig']
31
32        tracefileExpr = self.ndgCfg.get('NDG_SECURITY', 'tracefile')
33        if tracefileExpr:
34            self.tracefile = eval(tracefileExpr)
35       
36        # ... for SSL connections to security web services
37        try:
38            self.sslCACertFilePathList = \
39            self.ndgCfg.get('NDG_SECURITY', 'sslCACertFilePathList').split()
40               
41        except AttributeError:
42            raise OwsError, 'No "sslCACertFilePathList" security setting'
43
44        self.sslPeerCertCN = self.ndgCfg.get('NDG_SECURITY', 'sslPeerCertCN')
45
46        # ...and for WS-Security digital signature
47        self.wssCertFilePath = self.ndgCfg.get('NDG_SECURITY', 
48                                               'wssCertFilePath')
49        self.wssPriKeyFilePath = self.ndgCfg.get('NDG_SECURITY', 
50                                                 'wssKeyFilePath')
51        self.wssPriKeyPwd = self.ndgCfg.get('NDG_SECURITY', 'wssKeyPwd')
52
53        try:
54            self.wssCACertFilePathList = \
55            self.ndgCfg.get('NDG_SECURITY', 'wssCACertFilePathList').split()
56               
57        except AttributeError:
58            raise OwsError, 'No "wssCACertFilePathList" security setting'
59
60   
61    def index(self):
62        ''' Ok, you really want to logout here '''
63        self.__setup()
64
65        if 'ndgSec' not in session:
66            # There's no handle to a security session
67            log.error("logout called but no 'ndgSec' key in session object")
68            return self.__redirect()
69       
70        # Look into the session and go kill the wallet
71        smURI = self.ndgCfg.get('NDG_SECURITY', 'sessionMgrURI')
72
73        # May be better as a 'g' global set-up at start-up?
74        #
75        # tracefile could be removed for production use
76        try:
77            smClnt = SessionMgrClient(uri=smURI,
78                            sslCACertFilePathList=self.sslCACertFilePathList,
79                            sslPeerCertCN=self.sslPeerCertCN,
80                            signingCertFilePath=self.wssCertFilePath,
81                            signingPriKeyFilePath=self.wssPriKeyFilePath,
82                            signingPriKeyPwd=self.wssPriKeyPwd,
83                            caCertFilePathList=self.wssCACertFilePathList,
84                            tracefile=self.tracefile)       
85        except Exception, e:
86            log.error("logout - creating Session Manager client: %s" % e)
87            return self.__redirect() 
88       
89        # Disconnect from Session Manager
90        log.info("Calling Session Manager disconnect for logout")
91        try:
92            smClnt.disconnect(sessID=session['ndgSec']['sid'])
93        except Exception, e:
94            log.error("Error with Session Manager logout: %s" % e)
95            self.__redirect()
96           
97        try:
98            # easy to kill our cookie
99            SecuritySession.delete()
100            if 'ndgCleared' in session: del session['ndgCleared']
101            session.save()
102           
103        except Exception, e:   
104            log.error("logout - clearing security session: %s" % e)
105
106        return self.__redirect()
107   
108   
109    def __redirect(self):
110        """Handle redirect back to previous page"""
111        if c.returnTo:
112            # Decode the return to address
113            try:
114                b64decReturnTo = base64.urlsafe_b64decode(c.returnTo)
115            except Exception, e:
116                log.error("logout - decoding return URL: %s" % e) 
117                return render_response('content')
118           
119            # and now go back to whence we had come
120            h.redirect_to(b64decReturnTo)
121        else:
122            return render_response('content')
Note: See TracBrowser for help on using the repository browser.