source: TI12-security/trunk/NDGSecurity/python/Tests/pylonsAttributeAuthority/ndgsecurity/ndgsecurity/config/wssecurity.py @ 7080

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg/TI12-security/trunk/NDGSecurity/python/Tests/pylonsAttributeAuthority/ndgsecurity/ndgsecurity/config/wssecurity.py@7080
Revision 7080, 2.0 KB checked in by pjkersha, 9 years ago (diff)
  • Property svn:keywords set to Id
Line 
1import logging
2log = logging.getLogger(__name__)
3
4from ZSI.parse import ParsedSoap
5
6from ZSI.writer import SoapWriter
7from ndg.security.common.wssecurity.signaturehandler.dom import SignatureHandler
8
9class SignatureMiddleware(object):
10    '''Apply WS-Security digital signature to SOAP message'''
11   
12    def __init__(self, app, app_conf):
13        self.app = app
14        self.signatureHandler = SignatureHandler(
15                                        cfg=app_conf.get('wsseCfgFilePath'))
16   
17    def __call__(self, environ, start_response):
18       
19        log.debug('Signing outbound message ...')
20        app = self.app(environ, start_response)
21
22        if 'ZSI.writer.SoapWriter' not in environ:
23            raise KeyError("Expecting 'ZSI.writer.SoapWriter' key in environ")
24       
25        sw = environ['ZSI.writer.SoapWriter']
26        self.signatureHandler.sign(sw)
27        soapOut = str(sw)
28       
29        return [soapOut]
30   
31
32class SignatureVerificationMiddleware(object):
33    '''Verify WS-Security digital signature in SOAP message'''
34   
35    def __init__(self, app, app_conf):
36        log.debug("SignatureVerificationMiddleware.__init__ ...")
37        self.app = app
38        self.signatureHandler = SignatureHandler(
39                                        cfg=app_conf.get('wsseCfgFilePath'))
40   
41    def __call__(self, environ, start_response):
42
43        log.debug("Verifying inbound message signature...")
44       
45        # TODO: allow for chunked data
46        soapIn = environ['wsgi.input'].read(environ['CONTENT_LENGTH'])
47       
48        ps = ParsedSoap(soapIn)
49        self.signatureHandler.verify(ps)
50       
51        # Pass on in environment as an efficiency measure for any following
52        # SOAP Middleware
53        environ['ZSI.parse.ParsedSoap'] = ps
54        return self.app(environ, start_response)
55
56
57def makeSignatureVerificationFilter(app, global_conf):
58    return SignatureVerificationMiddleware(app, global_conf) 
59
60def makeSignatureFilter(app, global_conf):
61    return SignatureMiddleware(app, global_conf)
Note: See TracBrowser for help on using the repository browser.