source: TI12-security/trunk/NDGSecurity/python/ndg_security_test/ndg/security/test/config/attributeauthority/sitea/site-a.ini @ 6686

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg/TI12-security/trunk/NDGSecurity/python/ndg_security_test/ndg/security/test/config/attributeauthority/sitea/site-a.ini@6686
Revision 6686, 3.2 KB checked in by pjkersha, 10 years ago (diff)

Refactoring Attribute Authority to remove NDG Attribute Certificate and role mapping code.

Line 
1#
2# PasteDeploy ini file for Attribute Authority Unit tests Site A Server
3#
4# NERC Data Grid Project
5#
6# P J Kershaw 12/09/08
7#
8# Copyright (C) 2009 Science and Technology Facilities Council
9#
10# BSD - See LICENCE file for details
11
12[DEFAULT]
13attributeAuthorityEnvironKeyName = attribute-authority
14attributeQueryInterfaceEnvironKeyName = attributeQueryInterface
15attributeAuthoritySoapWsdlServicePath = /AttributeAuthority
16
17[server:main]
18use = egg:Paste#http
19host = 0.0.0.0
20port = 5000
21
22[app:mainApp]
23paste.app_factory = ndg.security.test.config.attributeauthority.sitea.siteAServerApp:app_factory
24
25# Chain of SOAP Middleware filters - Nb. WS-Security filters apply to the SOAP
26# Binding filter only.
27[pipeline:main]
28pipeline = AttributeAuthorityFilter
29                   AttributeAuthoritySamlSoapBindingFilter
30                   mainApp
31
32
33[filter:AttributeAuthorityFilter]
34paste.filter_app_factory = ndg.security.server.wsgi.attributeauthority:AttributeAuthorityMiddleware.filter_app_factory
35prefix = attributeAuthority.
36
37# Key name by which the WSDL SOAP based interface may reference this
38# service
39attributeAuthority.environKeyName = %(attributeAuthorityEnvironKeyName)s
40
41# Key name for the SAML SOAP binding based interface to reference this
42# service's attribute query method
43attributeAuthority.environKeyNameAttributeQueryInterface: %(attributeQueryInterfaceEnvironKeyName)s
44
45# Attribute Authority settings
46# 'name' setting MUST agree with map config file 'thisHost' name attribute
47attributeAuthority.name: Site A
48
49# Lifetime is measured in seconds
50attributeAuthority.attCertLifetime: 28800 
51
52# Allow an offset for clock skew between servers running
53# security services. NB, measured in seconds - use a minus sign for time in the
54# past
55attributeAuthority.attCertNotBeforeOff: 0
56
57# Clock skew for SAML Attribute Queries - allow clockSkew number of seconds
58# tolerance for query issueInstant parameter. Set here to 3 minutes
59attributeAuthority.clockSkew: 180.0
60
61attributeAuthority.dnSeparator:/
62
63# Settings for custom AttributeInterface derived class to get user roles for given
64# user ID
65attributeAuthority.attributeInterface.modFilePath: %(here)s
66attributeAuthority.attributeInterface.modName: siteAUserRoles
67attributeAuthority.attributeInterface.className: TestUserRoles
68
69# SAML SOAP Binding to the Attribute Authority
70[filter:AttributeAuthoritySamlSoapBindingFilter]
71paste.filter_app_factory = ndg.security.server.wsgi.saml:SOAPQueryInterfaceMiddleware.filter_app_factory
72prefix = saml.soapbinding.
73
74saml.soapbinding.deserialise = ndg.saml.xml.etree:AttributeQueryElementTree.fromXML
75
76# Specialisation to incorporate ESG Group/Role type
77saml.soapbinding.serialise = ndg.security.common.saml_utils.esg.xml.etree:EsgResponseElementTree.toXML
78
79saml.soapbinding.pathMatchList = /AttributeAuthority/saml
80saml.soapbinding.queryInterfaceKeyName = %(attributeQueryInterfaceEnvironKeyName)s
81
82
83# Logging configuration
84[loggers]
85keys = root, ndg
86
87[handlers]
88keys = console
89
90[formatters]
91keys = generic
92
93[logger_root]
94level = INFO
95handlers = console
96
97[logger_ndg]
98level = DEBUG
99handlers = 
100qualname = ndg
101
102[handler_console]
103class = StreamHandler
104args = (sys.stderr,)
105level = NOTSET
106formatter = generic
107
108[formatter_generic]
109format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
110datefmt = %Y/%m/%d %H:%M:%S
Note: See TracBrowser for help on using the repository browser.