source: TI12-security/trunk/NDGSecurity/python/ndg_security_test/ndg/security/test/config/attributeauthority/sitea/site-a.ini @ 7777

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg/TI12-security/trunk/NDGSecurity/python/ndg_security_test/ndg/security/test/config/attributeauthority/sitea/site-a.ini@7777
Revision 7777, 3.3 KB checked in by pjkersha, 10 years ago (diff)

Incomplete - task 16: NDG Security 2.x.x - incl. updated Paster templates

  • Work on generic services template
  • Property svn:keywords set to Id
Line 
1#
2# Description: PasteDeploy ini file for Attribute Authority Unit tests Site A Server
3#
4# NERC Data Grid Project
5#
6# Author: P J Kershaw
7#
8# Date: 12/09/08
9#
10# Copyright (C) 2010 Science and Technology Facilities Council
11#
12# BSD - See LICENCE file for details
13
14[DEFAULT]
15attributeAuthorityEnvironKeyName = attribute-authority
16attributeQueryInterfaceEnvironKeyName = attributeQueryInterface
17
18[server:main]
19use = egg:Paste#http
20host = 0.0.0.0
21port = 5000
22
23[app:mainApp]
24paste.app_factory = ndg.security.test.config.attributeauthority.sitea.sitea_attributeauthority:app_factory
25
26# Chain of SOAP Middleware filters - Nb. WS-Security filters apply to the SOAP
27# Binding filter only.
28[pipeline:main]
29pipeline = AttributeAuthorityFilter AttributeAuthoritySamlSoapBindingFilter mainApp
30
31
32[filter:AttributeAuthorityFilter]
33paste.filter_app_factory = ndg.security.server.wsgi.attributeauthority:AttributeAuthorityMiddleware.filter_app_factory
34prefix = attributeAuthority.
35
36# Key name by which the WSDL SOAP based interface may reference this
37# service
38attributeAuthority.environKeyName = %(attributeAuthorityEnvironKeyName)s
39
40# Key name for the SAML SOAP binding based interface to reference this
41# service's attribute query method
42attributeAuthority.environKeyNameAttributeQueryInterface: %(attributeQueryInterfaceEnvironKeyName)s
43
44# Attribute Authority settings...
45
46# Lifetime is measured in seconds
47attributeAuthority.assertionLifetime: 28800 
48
49# Settings for custom AttributeInterface derived class to get user roles for given
50# user ID
51attributeAuthority.attributeInterface.modFilePath: %(here)s
52attributeAuthority.attributeInterface.className: sitea_attributeinterface.TestUserRoles
53
54# SAML SOAP Binding to the Attribute Authority
55[filter:AttributeAuthoritySamlSoapBindingFilter]
56paste.filter_app_factory = ndg.saml.saml2.binding.soap.server.wsgi.queryinterface:SOAPQueryInterfaceMiddleware.filter_app_factory
57prefix = saml.soapbinding.
58
59saml.soapbinding.deserialise = ndg.saml.xml.etree:AttributeQueryElementTree.fromXML
60
61# Specialisation to incorporate ESG Group/Role type
62saml.soapbinding.serialise = ndg.security.common.saml_utils.esgf.xml.etree:ESGFResponseElementTree.toXML
63
64# Otherwise use default
65#saml.soapbinding.serialise = ndg.saml.xml.etree:AttributeQueryElementTree.toXML
66
67saml.soapbinding.mountPath = /AttributeAuthority
68saml.soapbinding.queryInterfaceKeyName = %(attributeQueryInterfaceEnvironKeyName)s
69
70# Clock skew for SAML Attribute Queries - allow clockSkew number of seconds
71# tolerance for query issueInstant parameter. Set here to 3 minutes
72saml.soapbinding.clockSkewTolerance: 180.0
73
74saml.soapbinding.issuerName: /O=Site A/CN=Attribute Authority
75saml.soapbinding.issuerFormat: urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName
76
77# Logging configuration
78[loggers]
79keys = root, ndg
80
81[handlers]
82keys = console, logfile
83
84[formatters]
85keys = generic
86
87[logger_root]
88level = INFO
89handlers = console
90
91[logger_ndg]
92level = DEBUG
93handlers = 
94qualname = ndg
95
96[handler_console]
97class = StreamHandler
98args = (sys.stderr,)
99level = NOTSET
100formatter = generic
101
102[formatter_generic]
103format = %(asctime)s.%(msecs)03d %(levelname)-8.8s [%(name)s:%(lineno)d] %(message)s
104datefmt = %Y/%m/%d %H:%M:%S
105
106[handler_logfile]
107class = handlers.RotatingFileHandler
108level=NOTSET
109formatter=generic
110args=(os.path.join('%(here)s', 'service.log'), 'a', 10000, 2)
Note: See TracBrowser for help on using the repository browser.