source: TI12-security/trunk/python/Tests/SecurityClientTest.py @ 964

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg/TI12-security/trunk/python/Tests/SecurityClientTest.py@964
Revision 964, 8.1 KB checked in by pjkersha, 13 years ago (diff)

Tests/SecurityClientTest?.py: get proxy cert from call to Session Manager WS connect call rather
than from a local file.

conf/myProxyProperties.xml: config file just for MyProxy? - contains settings copied from
sessionMgrProperties.xml. Isolate for use by new MyProxyAdmin?.py tool. Eventually MyProxy?
config settings may be removed and kept spearate from sessionMgrProperties.xml.

conf/gatekeeperProperties.xml: properties file for NDG Gatekeeper

bin/MyProxyAdmin.py: new command line tool for MyProxy? administration. It enables new users
to be added from the command line of the host running MyProxy?. This may replace the current
Session Manager WS addUser method.

NDG/AttAuthority.py: Make sure sys.path is copied by content rather than reference in init

NDG/log_services_server.py: added reposID var for recording of version from SVN.

NDG/Gatekeeper.py: added readAccess, writeAccess and executeAccess methods.

  • Property svn:executable set to *
Line 
1#!/usr/bin/env python
2
3"""Test harness for NDG Security client - makes requests for authentication
4and authorisation
5
6NERC Data Grid Project
7
8P J Kershaw 23/02/06
9
10(Renamed from SessionClientTest.py 27/0/4/06)
11
12Copyright (C) 2006 CCLRC & NERC
13
14This software may be distributed under the terms of the Q Public License,
15version 1.0 or later.
16"""
17import unittest
18import os
19
20from Cookie import SimpleCookie
21
22from NDG.SecurityClient import *
23
24
25class SecurityClientTestCase(unittest.TestCase):
26   
27    def setUp(self):
28        try:
29            # Session Manager WSDL
30            smWSDL = 'http://glue.badc.rl.ac.uk/sessionMgr.wsdl'
31   
32            # Public key of session manager used to encrypt requests
33            # If no public key is set, it will be retrieved using the
34            # getPubKey WS method
35            smPubKeyFilePath = None
36
37            self.__clntPriKeyPwd = open("./tmp2").read().strip()
38
39            clntPubKeyFilePath = "./Junk-cert.pem"
40            clntPriKeyFilePath = "./Junk-key.pem"
41            traceFile = None#sys.stderr
42           
43            # Initialise the Session Manager client connection
44            # Omit traceFile keyword to leave out SOAP debug info
45            self.sessClnt = SessionClient(smWSDL=smWSDL,
46                                        smPubKeyFilePath=smPubKeyFilePath,
47                                        clntPubKeyFilePath=clntPubKeyFilePath,
48                                        clntPriKeyFilePath=clntPriKeyFilePath,
49                                        traceFile=traceFile) 
50
51            # Attribute Authority client tests
52            aaWSDL = 'http://glue.badc.rl.ac.uk/attAuthority.wsdl'
53            aaPubKeyFilePath = None
54           
55            self.aaClnt = AttAuthorityClient(aaWSDL=aaWSDL,
56                                        aaPubKeyFilePath=aaPubKeyFilePath,
57                                        clntPubKeyFilePath=clntPubKeyFilePath,
58                                        clntPriKeyFilePath=clntPriKeyFilePath,
59                                        traceFile=traceFile) 
60        except Exception, e:
61            self.fail(str(e))
62           
63           
64    def tearDown(self):
65        pass
66
67
68    def testAddUser(self):
69       
70        userName = 'pjkersha'
71       
72        try:
73            # Uncomment to add a new user ID to the MyProxy repository
74            # Note the pass-phrase is read from the file tmp.  To pass
75            # explicitly as a string use the 'pPhrase' keyword instead
76            self.sessClnt.addUser(userName, 
77                                  pPhraseFilePath="./tmp",
78                                  clntPriKeyPwd=self.__clntPriKeyPwd)
79            print "Added user '%s'" % userName
80           
81        except Exception, e:
82            self.fail(str(e))
83       
84
85    def cookieConnectTest(self):
86       
87        userName = 'pjkersha'
88        try:
89            # Connect as if acting as a browser client - a cookie is returned
90            sSessCookie = self.sessClnt.connect(userName, 
91                                        pPhraseFilePath="./tmp",
92                                        clntPriKeyPwd=self.__clntPriKeyPwd)
93            self.sessCookie = SimpleCookie(sSessCookie)
94            print "User '%s' connected to Session Manager:\n%s" % \
95                (userName, sSessCookie)
96
97        except Exception, e:
98            self.fail(str(e))
99           
100
101    def proxyCertConnectTest(self):
102       
103        userName = 'pjkersha'
104       
105        try:
106            # Connect as a command line client - a proxyCert is returned       
107            self.proxyCert = self.sessClnt.connect(userName, 
108                                          pPhraseFilePath="./tmp",
109                                          createServerSess=True,
110                                          getCookie=False,
111                                          clntPriKeyPwd=self.__clntPriKeyPwd)
112            print "User '%s' connected to Session Manager:\n%s" % \
113                (userName, self.proxyCert)
114
115        except Exception, e:
116            self.fail(str(e))
117
118
119    def cookieReqAuthorisationTest(self):
120        try:
121            # Request an attribute certificate from an Attribute Authority
122            # using the cookie returned from connect()
123            authResp = self.sessClnt.reqAuthorisation(\
124                        sessID=self.sessCookie['NDG-ID1'].value, 
125                        encrSessMgrWSDLuri=self.sessCookie['NDG-ID2'].value,
126                        aaWSDL=aaWSDL,
127                        clntPriKeyPwd=self.__clntPriKeyPwd)
128                                                                 
129            # The authorisation response is returned as an object which
130            # behaves like a python dictionary.  See
131            # NDG.SessionMgrIO.AuthorisationResp
132            if 'errMsg' in authResp:
133                print "Authorisation failed for user '%s':\n" % userName           
134            else:
135                print "User '%s' authorised:\n" % userName
136               
137            print authResp
138
139        except Exception, e:
140            self.fail(str(e))
141
142
143    def proxyCertReqAuthorisationTest(self):
144        try:
145            # Request an attribute certificate from an Attribute Authority
146            # using the proxyCert returned from connect()
147            authResp = self.sessClnt.reqAuthorisation(\
148                                         proxyCert=self.proxyCert,
149                                         aaWSDL=aaWSDL,
150                                         clntPriKeyPwd=self.__clntPriKeyPwd)
151                                                 
152            # The authorisation response is returned as an object which
153            # behaves like a python dictionary.  See
154            # NDG.SessionMgrIO.AuthorisationResp
155            if 'errMsg' in authResp:
156                print "Authorisation failed for user '%s':\n" % userName           
157            else:
158                print "User '%s' authorised:\n" % userName
159               
160            print authResp
161
162        except Exception, e:
163            self.fail(str(e))
164
165
166    def testGetPubKey(self):
167        try:
168            # Request an attribute certificate from an Attribute Authority
169            # using the proxyCert returned from connect()
170            pubKey = self.sessClnt.getPubKey()
171                                                 
172            print "Public Key:\n" + pubKey
173
174        except Exception, e:
175            self.fail(str(e))
176           
177
178    def testAAgetTrustedHostInfo(self):
179        """Call Attribute Authority GetTrustedHostInfo"""
180       
181        role = 'rapid'
182        try:
183            trustedHosts = self.aaClnt.getTrustedHostInfo(
184                                       role=role,
185                                       clntPriKeyPwd=self.__clntPriKeyPwd)
186            print trustedHosts
187           
188        except Exception, e:
189            self.fail(str(e))
190           
191
192    def testAAReqAuthorisation(self):
193        """Call Attribute Authority authorisation request"""
194       
195        import pdb
196        pdb.set_trace()
197        try:
198            # Alternative means of getting proxy cert - from file
199            #self.proxyCert = open("./proxy.pem").read().strip()
200            self.proxyCertConnectTest()
201            userAttCert = None
202           
203            ac = self.aaClnt.reqAuthorisation(
204                                       proxyCert=self.proxyCert,
205                                       userAttCert=userAttCert,
206                                       clntPriKeyPwd=self.__clntPriKeyPwd)
207            print ac
208           
209        except Exception, e:
210            self.fail(str(e))
211           
212           
213#_____________________________________________________________________________       
214class SecurityClientTestSuite(unittest.TestSuite):
215   
216    def __init__(self):
217        map = map(SecurityClientTestCase,
218                  (
219                    "testAddUser",
220                    "testConnect",
221                    "testReqAuthorisation",
222                    "testGetPubKey",
223                    "testAAgetTrustedHostInfo",
224                    "testAAReqAuthorisation",
225                  ))
226        unittest.TestSuite.__init__(self, map)
227           
228                                                   
229if __name__ == "__main__":
230    unittest.main()       
Note: See TracBrowser for help on using the repository browser.