source: TI12-security/trunk/NDGSecurity/python/ndg_security_test/ndg/security/test/unit/wsgi/authz/saml-policy.xml @ 7077

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg/TI12-security/trunk/NDGSecurity/python/ndg_security_test/ndg/security/test/unit/wsgi/authz/saml-policy.xml@7077
Revision 7077, 1.7 KB checked in by pjkersha, 9 years ago (diff)
  • Property svn:keywords set to Id
Line 
1<?xml version="1.0" encoding="UTF-8"?>
2<Policy PolicyId="SAMLAuthZUnitTests" xmlns="urn:ndg:security:authz:1.1:policy">
3    <Description>Restrict access for SAML based Authorization unit tests</Description>
4   
5    <Target>
6        <URIPattern>^/test_accessGrantedToSecuredURI$</URIPattern>
7        <Attributes>
8            <Attribute>
9                <Name>urn:siteA:security:authz:1.0:attr:staff</Name>
10                <!-- Endpoint is for SOAP/SAML based ESG Interface -->
11                <AttributeAuthorityURI>https://localhost:5443/AttributeAuthority</AttributeAuthorityURI>
12            </Attribute>
13        </Attributes>
14    </Target>
15    <Target>
16        <URIPattern>^/test_accessDeniedToSecuredURI$</URIPattern>
17        <Attributes>
18            <Attribute>
19                <Name>urn:siteA:security:authz:1.0:attr:forbidden</Name>
20                <AttributeAuthorityURI>https://localhost:5443/AttributeAuthority</AttributeAuthorityURI>
21            </Attribute>
22            <Attribute>
23                <Name>urn:siteA:security:authz:1.0:attr:keepout</Name>
24                <AttributeAuthorityURI>https://localhost:5443/AttributeAuthority</AttributeAuthorityURI>
25            </Attribute>
26        </Attributes>
27    </Target>
28    <Target>
29        <!--
30            Special extra target puts additional restriction in place if
31            admin query argument is set
32        -->
33        <URIPattern>^/test_accessGrantedToSecuredURI\?admin=1$</URIPattern>
34        <Attributes>
35            <Attribute>
36                <Name>urn:siteA:security:authz:1.0:attr:admin</Name>
37                <AttributeAuthorityURI>https://localhost:5443/AttributeAuthority</AttributeAuthorityURI>
38            </Attribute>
39        </Attributes>
40    </Target>
41</Policy>
Note: See TracBrowser for help on using the repository browser.