source: TI12-security/trunk/NDGSecurity/python/ndg_security_test/ndg/security/test/unit/authz/xacml/saml_ctx_handler.cfg @ 7339

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg/TI12-security/trunk/NDGSecurity/python/ndg_security_test/ndg/security/test/unit/authz/xacml/saml_ctx_handler.cfg@7339
Revision 7339, 1.9 KB checked in by pjkersha, 9 years ago (diff)

Moved XACML unit tests to ndg.security.test.unit.authz.xacml

Line 
1#
2# NDG Security XACML Context handler configuration file
3#
4# NERC DataGrid
5#
6# Author: P J Kershaw
7#
8# Date: 11/08/10
9#
10# Copyright: STFC 2010
11#
12# Licence: BSD - See top-level LICENCE file for licence details
13#
14# $Id$
15[DEFAULT]
16saml_ctx_handler.policyFilePath = $NDGSEC_TEST_CONFIG_DIR/authorisationservice/policy.xml
17
18# Details for SAML authorisation decision response to a Policy Enforcement Point
19# making a decision query
20saml_ctx_handler.issuerName = O=NDG, OU=Security, CN=localhost
21saml_ctx_handler.issuerFormat = urn:oasis:names:tc:SAML:1.1:nameid-format:x509SubjectName
22saml_ctx_handler.assertionLifetime = 86400
23
24#
25# Policy Information Point interface settings
26#
27# The Context handler is a client to the PIP, passing on attribute queries
28# on behalf of the PDP onwards to the PIP
29
30#
31# Attribute ID -> Attribute Authority mapping file.  The PIP, on receipt of a
32# query from the XACML context handler, checks the attribute(s) being queried
33# for and looks up this mapping to determine which attribute authority to query
34# to find out if the subject has the attribute in their entitlement
35saml_ctx_handler.pip.mappingFilePath = %(here)s/pip-mapping.txt
36
37# The attribute ID of the subject value to extract from the XACML request
38# context and pass in the SAML attribute query
39saml_ctx_handler.pip.subjectAttributeId = urn:esg:openid
40
41# The context handler
42saml_ctx_handler.pip.attributeQuery.issuerName = %(saml_ctx_handler.issuerName)s
43saml_ctx_handler.pip.attributeQuery.issuerFormat = %(saml_ctx_handler.issuerFormat)s
44
45# These settings configure SSL mutual authentication for the query to the SAML Attribute Authority
46saml_ctx_handler.pip.attributeQuery.sslCertFilePath = $NDGSEC_TEST_CONFIG_DIR/pki/localhost.crt
47saml_ctx_handler.pip.attributeQuery.sslPriKeyFilePath = $NDGSEC_TEST_CONFIG_DIR/pki/localhost.key
48saml_ctx_handler.pip.attributeQuery.sslCACertDir = $NDGSEC_TEST_CONFIG_DIR/ca
Note: See TracBrowser for help on using the repository browser.