source: TI05-delivery/ows_framework/trunk/ows_server/ows_server/controllers/logout.py @ 2880

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg/TI05-delivery/ows_framework/trunk/ows_server/ows_server/controllers/logout.py@2880
Revision 2880, 4.5 KB checked in by pjkersha, 13 years ago (diff)

ows_server/ows_server/controllers/login.py,
ows_server/ows_server/controllers/logout.py: added extra debug info in message prior to connect/disconnect call.
Line 
1from ows_server.lib.base import *
2from ows_server.lib.security_util import SecuritySession
3import logging
4log = logging.getLogger(__name__)
5
6from paste.request import parse_querystring
7import sys # include in case tracefile is set to sys.stderr
8import base64 # decode the return to address
9
10from ndg.security.common.SessionMgr import SessionMgrClient
11
12
13class LogoutController(BaseController):
14    ''' Provides the pylons controller for logging out and killing the cookies '''
15   
16    def __setup(self):
17        #where are we going back to?
18        self.inputs=dict(parse_querystring(request.environ))
19        if 'r' in self.inputs:
20            c.returnTo=self.inputs['r']
21        else:
22            c.returnTo=''
23
24        self.__securitySetup()
25       
26       
27    def __securitySetup(self):
28        '''PKI settings for Session Manager'''
29       
30        self.ndgCfg = request.environ['ndgConfig']
31
32        tracefileExpr = self.ndgCfg.get('NDG_SECURITY', 'tracefile')
33        if tracefileExpr:
34            self.tracefile = eval(tracefileExpr)
35       
36        # ... for SSL connections to security web services
37        try:
38            self.sslCACertFilePathList = \
39            self.ndgCfg.get('NDG_SECURITY', 'sslCACertFilePathList').split()
40               
41        except AttributeError:
42            raise OwsError, 'No "sslCACertFilePathList" security setting'
43
44        self.sslPeerCertCN = self.ndgCfg.get('NDG_SECURITY', 'sslPeerCertCN')
45
46        # ...and for WS-Security digital signature
47        self.wssCertFilePath = self.ndgCfg.get('NDG_SECURITY', 
48                                               'wssCertFilePath')
49        self.wssPriKeyFilePath = self.ndgCfg.get('NDG_SECURITY', 
50                                                 'wssKeyFilePath')
51        self.wssPriKeyPwd = self.ndgCfg.get('NDG_SECURITY', 'wssKeyPwd')
52
53        try:
54            self.wssCACertFilePathList = \
55            self.ndgCfg.get('NDG_SECURITY', 'wssCACertFilePathList').split()
56               
57        except AttributeError:
58            raise OwsError, 'No "wssCACertFilePathList" security setting'
59
60   
61    def index(self):
62        ''' Ok, you really want to logout here '''
63        self.__setup()
64
65        if 'ndgSec' not in session:
66            # There's no handle to a security session
67            log.error("logout called but no 'ndgSec' key in session object")
68            return self.__redirect()
69       
70        # Look into the session and go kill the wallet
71        smURI = self.ndgCfg.get('NDG_SECURITY', 'sessionMgrURI')
72
73        # May be better as a 'g' global set-up at start-up?
74        #
75        # tracefile could be removed for production use
76        try:
77            smClnt = SessionMgrClient(uri=smURI,
78                            sslCACertFilePathList=self.sslCACertFilePathList,
79                            sslPeerCertCN=self.sslPeerCertCN,
80                            signingCertFilePath=self.wssCertFilePath,
81                            signingPriKeyFilePath=self.wssPriKeyFilePath,
82                            signingPriKeyPwd=self.wssPriKeyPwd,
83                            caCertFilePathList=self.wssCACertFilePathList,
84                            tracefile=self.tracefile)       
85        except Exception, e:
86            log.error("logout - creating Session Manager client: %s" % e)
87            return self.__redirect() 
88       
89        # Disconnect from Session Manager
90        log.info('Calling Session Manager "%s" disconnect for logout...' % \
91                 smURI)
92        try:
93            smClnt.disconnect(sessID=session['ndgSec']['sid'])
94        except Exception, e:
95            log.error("Error with Session Manager logout: %s" % e)
96            self.__redirect()
97           
98        try:
99            # easy to kill our cookie
100            SecuritySession.delete()
101            if 'ndgCleared' in session: del session['ndgCleared']
102            session.save()
103           
104        except Exception, e:   
105            log.error("logout - clearing security session: %s" % e)
106
107        return self.__redirect()
108   
109   
110    def __redirect(self):
111        """Handle redirect back to previous page"""
112        if c.returnTo:
113            # Decode the return to address
114            try:
115                b64decReturnTo = base64.urlsafe_b64decode(c.returnTo)
116            except Exception, e:
117                log.error("logout - decoding return URL: %s" % e) 
118                return render_response('content')
119           
120            # and now go back to whence we had come
121            h.redirect_to(b64decReturnTo)
122        else:
123            return render_response('content')
Note: See TracBrowser for help on using the repository browser.