source: TI12-security/trunk/python/Tests/authtest/development.ini @ 3892

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg/TI12-security/trunk/python/Tests/authtest/development.ini@3892
Revision 3892, 2.3 KB checked in by pjkersha, 12 years ago (diff)
  • Big changes enabling modularised security from Discovery/Browse? Pylons code stack. Changes are for login only and don't include the Gatekeeper yet.
  • Updates to OpenID AuthKit? test code to enable kid templates.

ndg.security.server/ndg/security/server/sso/sso/config/ssoServiceMiddleware.py

  • include client in ndg.security.client.cfg class for globals - needed for server/sslServer config settings for SSO Client BaseController?
  • read WS-Security settings using ndg.security.common.wssecurity.WSSecurityConfig

ndg.security.server/ndg/security/server/sso/sso/controllers/login.py,
ndg.security.server/ndg/security/server/sso/sso/controllers/logout.py:

  • Give specific alias for kid templates to enable a separate security templates dir to ows_server

ndg.security.server/ndg/security/server/sso/sso/controllers/wayf.py:

  • ditto to above
  • fix to URL input into base 64 encode - convert from unicode to regular string as otherwise b64 code will fail

ndg.security.server/ndg/security/server/sso/sso/lib/base.py:

  • Provide full path to sso.* imports so that controllers can be imported across into ows_server or any other pylons code stack.
  • LoginServiceQuery? -> SSOServiceQuery

ndg.security.server/ndg/security/server/sso/sso/templates/ndg/security/wayf.kid:

  • got rid of login status info - it's confusing to the user

ndg.security.client/ndg/security/client/ssoclient/ssoClient.cfg:

  • added tracefile option for ZSI SOAP i/o display

ndg.security.client/ndg/security/client/ssoclient/ssoclient/config/ssoClientMiddleware.py:

  • SSOMiddleware interface changed to enable reading direct from an existing config object as well as from file

ndg.security.client/ndg/security/client/ssoclient/ssoclient/controllers/logout.py:

  • fixes for full path import statements + correct g config attr settings

ndg.security.client/ndg/security/client/ssoclient/ssoclient/lib/base.py:

  • enable processing of logout response from a separate SSO Service - logout flag in URL arg tells base controller to delete the security details from the cookie.

ndg.security.client/ndg/security/client/ssoclient/ssoclient/templates/ndg/security/ndgPage.kid: typo fix

Tests/authtest/development.ini,
Tests/authtest/authtest/config/environment.py,
Tests/authtest/authtest/controllers/auth.py:

  • enable kid template for OpenID signin

Tests/authtest/authtest/tests/functional/test_test2.py,
Tests/authtest/authtest/controllers/test2.py: test controller

ndg.security.common/ndg/security/common/wssecurity/init.py:

  • enable initialisation from an existing config file object

ndg.security.common/ndg/security/common/pylons/security_util.py:

ndg.security.common/ndg/security/common/init.py: fix to imports

ndg.security.common/ndg/security/common/wsSecurity.py: fix for altered WSSecurityConfig interface

ndg.security.common/ndg/security/common/m2CryptoSSLUtility.py:

  • fix to HostCheck?.call - check for peerCert is None when peer tries http instead of https
Line 
1#
2# authtest - Pylons development environment configuration
3#
4# The %(here)s variable will be replaced with the parent directory of this file
5#
6[DEFAULT]
7debug = true
8# Uncomment and replace with the address which should receive any error reports
9#email_to = you@yourdomain.com
10smtp_server = localhost
11error_email_from = paste@localhost
12
13[server:main]
14use = egg:Paste#http
15host = 0.0.0.0
16port = 5000
17
18[app:main]
19use = egg:authtest
20full_stack = true
21cache_dir = %(here)s/data
22beaker.session.key = authtest
23beaker.session.secret = somesecret
24
25# If you'd like to fine-tune the individual locations of the cache data dirs
26# for the Cache data, or the Session saves, un-comment the desired settings
27# here:
28#beaker.cache.data_dir = %(here)s/data/cache
29#beaker.session.data_dir = %(here)s/data/sessions
30
31# WARNING: *THE LINE BELOW MUST BE UNCOMMENTED ON A PRODUCTION ENVIRONMENT*
32# Debug mode will enable the interactive debugging tool, allowing ANYONE to
33# execute malicious code after an exception is raised.
34#set debug = false
35
36#authkit.setup.method = form, cookie
37#authkit.form.authenticate.user.data = visitor:open_sesame
38#                                                                       nobody:password
39#authkit.cookie.secret = secret string
40#authkit.cookie.signoutpath = /auth/signout
41
42authkit.setup.method=openid, cookie
43authkit.cookie.secret=secret encryption string
44authkit.cookie.signoutpath = /auth/signout
45authkit.openid.path.signedin=/
46authkit.openid.store.type=file
47authkit.openid.store.config=%(here)s/data/openid
48
49# Copied from http://wiki.pylonshq.com/display/authkitcookbook/OpenID+Passurl
50#authkit.openid.session.middleware = beaker.session
51#authkit.openid.session.key = authkit_openid
52#authkit.openid.session.secret = random string
53
54# This is optional - see:
55# http://wiki.pylonshq.com/display/authkitcookbook/OpenID+Passurl
56authkit.openid.baseurl = http://localhost:5000
57
58# Template for signin
59authkit.openid.template.obj = authtest.lib.template:make_template
60
61# Logging configuration
62[loggers]
63keys = root, authtest
64
65[handlers]
66keys = console
67
68[formatters]
69keys = generic
70
71[logger_root]
72level = INFO
73handlers = console
74
75[logger_authtest]
76level = DEBUG
77handlers =
78qualname = authtest
79
80[handler_console]
81class = StreamHandler
82args = (sys.stderr,)
83level = NOTSET
84formatter = generic
85
86[formatter_generic]
87format = %(asctime)s,%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
88datefmt = [%H:%M:%S]
Note: See TracBrowser for help on using the repository browser.