source: TI12-security/trunk/python/NDG/sessionMgr_services_server.py @ 701

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg/TI12-security/trunk/python/NDG/sessionMgr_services_server.py@701
Revision 701, 6.9 KB checked in by pjkersha, 14 years ago (diff)

ndgSessionClient.py:

  • Added options to pass in client's private key file and protecting password.

XMLMsg.py:

  • Modified logic for init: if text is passed via xmlTxt keyword and a private key file has

been set (encrPriKeyFilePath) attempt to decrypt using the key.

  • New encrypt and decrypt methods
  • Added xmlTags property - returns XML tags as a dictionary

XMLSecDoc.py:

  • Minor typo fix.

SessionClient?.py:

  • Session Manager public key can now be passed as a local file or remote over HTTP.
  • clntPriKeyFilePath keyword allows private key file to be passed for decrypting response

from Session Manager

  • clntPriKeyPwd - client private key password is required for all methods: addUser, connect

and reqAuthorisation.

sessionMgr_services_server.py: moved encryption/decryption of messages into SOAP callback
methods from where they were in their equivalent methods in Session.SessionMgr?.

Session.py:s

  • removed decryption code from SessionMgr? methods - addUser, coonect, reqAuthorisation.
  • See note above.
  • Fixes to redirectAuthorisationReq(). This method handles redirection to another

Session Manager if user session is held their.

  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
Line 
1"""NDG Session Manager Web service server side interface.  Generated and
2adapted from:
3
4wsdl2dispatch -f sessionMgr.wsdl
5
6NERC Data Grid Project
7
8P J Kershaw 18/12/05
9
10Copyright (C) 2005 CCLRC & NERC
11
12This software may be distributed under the terms of the Q Public License,
13version 1.0 or later.
14"""
15
16cvsID = '$Id$'
17
18from ZSI.ServiceContainer import ServiceSOAPBinding
19
20# wsdl2py generated
21from sessionMgr_services import *
22
23from Session import *
24
25# Create custom XML formatted error response where needed
26from SessionMgrIO import *
27
28
29class sessionMgr(ServiceSOAPBinding):
30    soapAction = {
31        'urn:sessionMgr#addUser': 'soap_addUser',
32        'urn:sessionMgr#connect': 'soap_connect',
33        'urn:sessionMgr#reqAuthorisation': 'soap_reqAuthorisation',
34        }
35
36    def __init__(self, srv, debug=False, post='/sessionMgr.wsdl', **kw):
37       
38        ServiceSOAPBinding.__init__(self, post)
39
40        # Link WS to underlying session manager class instance
41        if not isinstance(srv, SessionMgr):
42            SessionMgrError("Expecting SessionMgr type")
43           
44        self.__srv = srv
45       
46        self.__debug = debug
47       
48       
49    #_________________________________________________________________________
50    def soap_addUser(self, ps):
51        """SOAP interface to NDG Session Manager WS addUser."""
52       
53        if self.__debug:
54            import pdb
55            pdb.set_trace()
56
57        # input vals in request object
58        reqArgs = ps.Parse(addUserRequestWrapper)
59        reqTxt = str(reqArgs._addUserReq)
60
61        # assign return values to response object
62        resp = addUserResponseWrapper()
63
64       
65        # Decrypt and parse input
66        try:
67            # Connect request object returned behaves like a dictionary
68            reqKeys = AddUserReq(xmlTxt=reqTxt,
69                                 encrPriKeyFilePath=self.__srv['keyFile'],
70                                 encrPriKeyPwd=self.__srv['keyPPhrase'])
71       
72            # New user request for Session Manager
73            addUserResp = self.__srv.addUser(**reqKeys.xmlTags)
74
75        except Exception, e:
76            # Nb. catch exception here so that error message will be encrypted
77            # if 'encrCert' key was set
78            addUserResp = AddUserResp(errMsg=str(e))
79
80
81        try:
82            # Encrypt response and convert into XML formatted string
83            if 'encrCert' in reqKeys:
84               
85                # ConnectResp class expects the public key to be in a file
86                # - Copy public key string content into a temporary file
87                encrCertTmpFile = tempfile.NamedTemporaryFile()                   
88                open(encrCertTmpFile.name, "w").write(reqKeys['encrCert'])
89   
90                addUserResp.encrypt(encrPubKeyFilePath=encrCertTmpFile.name)
91               
92        except Exception, e:
93            addUserResp = AddUserResp(errMsg=str(e))
94       
95
96        # Convert response into encrypted XML formatted string
97        resp._addUserResp = addUserResp()
98        return resp
99
100
101    #_________________________________________________________________________
102    def soap_connect(self, ps):
103        """SOAP interface to NDG Session Manager WS connect."""
104       
105        if self.__debug:
106            import pdb
107            pdb.set_trace()
108           
109        # input vals in request object
110        reqArgs = ps.Parse(connectRequestWrapper)
111        reqTxt = str(reqArgs._connectReq)
112
113        # assign return values to response object
114        resp = connectResponseWrapper()
115
116       
117        # Decrypt and parse input
118        try:
119            # Connect request object returned behaves like a dictionary
120            reqKeys = ConnectReq(xmlTxt=reqTxt,
121                                 encrPriKeyFilePath=self.__srv['keyFile'],
122                                 encrPriKeyPwd=self.__srv['keyPPhrase'])
123       
124            # Request a connection from the Session Manager
125            connectResp = self.__srv.connect(**reqKeys.xmlTags) 
126
127        except Exception, e:
128            # Nb. catch exception here so that error message will be encrypted
129            # if 'encrCert' key was set
130            connectResp = ConnectResp(errMsg=str(e))
131
132
133        try:
134            # Encrypt response and convert into XML formatted string
135            if 'encrCert' in reqKeys:
136               
137                # ConnectResp class expects the public key to be in a file
138                # - Copy public key string content into a temporary file
139                encrCertTmpFile = tempfile.NamedTemporaryFile()                   
140                open(encrCertTmpFile.name, "w").write(reqKeys['encrCert'])
141   
142                connectResp.encrypt(encrPubKeyFilePath=encrCertTmpFile.name)
143               
144        except Exception, e:
145            connectResp = ConnectResp(errMsg=str(e))
146                   
147                                       
148        resp._connectResp = connectResp()       
149        return resp
150
151
152    #_________________________________________________________________________
153    def soap_reqAuthorisation(self, ps):
154        """Make an authorisation request via the session manager"""
155       
156        if self.__debug:
157            import pdb
158            pdb.set_trace()
159           
160        # input vals in request object
161        reqArgs = ps.Parse(authorisationRequestWrapper)
162        reqTxt = str(reqArgs._authorisationReq)
163       
164        # assign return values to response object
165        resp = authorisationResponseWrapper()
166
167       
168        # Decrypt and parse input
169        try:
170            # Authorisation request object returned behaves like a dictionary
171            reqKeys = AuthorisationReq(xmlTxt=reqTxt,
172                                     encrPriKeyFilePath=self.__srv['keyFile'],
173                                     encrPriKeyPwd=self.__srv['keyPPhrase'])
174
175                   
176            authResp = self.__srv.reqAuthorisation(**reqKeys.xmlTags)
177
178        except Exception, e:
179            # Nb. catch exception here so that error message will be encrypted
180            # if 'encrCert' key was set
181            authResp = AuthorisationResp(errMsg=str(e))
182
183
184        try:
185            # Encrypt response and convert into XML formatted string
186            if 'encrCert' in reqKeys:
187               
188                # ConnectResp class expects the public key to be in a file
189                # - Copy public key string content into a temporary file
190                encrCertTmpFile = tempfile.NamedTemporaryFile()                   
191                open(encrCertTmpFile.name, "w").write(reqKeys['encrCert'])
192   
193                authResp.encrypt(encrPubKeyFilePath=encrCertTmpFile.name)
194               
195        except Exception, e:
196            authResp = AuthorisationResp(\
197                                      statCode=AuthorisationResp.accessError,
198                                      errMsg=str(e))
199
200       
201        # Convert response into encrypted XML formatted string   
202        resp._authorisationResp = authResp()                                                           
203        return resp
204
Note: See TracBrowser for help on using the repository browser.