source: TI12-security/trunk/python/Tests/reqAuthorisation.py @ 930

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg/TI12-security/trunk/python/Tests/reqAuthorisation.py@1257
Revision 930, 2.3 KB checked in by pjkersha, 14 years ago (diff)
  • Added Gatekeeper class.
  • Changed 'cvsID' ref global var in all files to 'reposID'
  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
Line 
1#!/usr/bin/env python
2
3"""NDG Attribute Authority client - makes requests for authorisation
4
5NERC Data Grid Project
6
7P J Kershaw 05/05/05
8
9Copyright (C) 2005 CCLRC & NERC
10
11This software may be distributed under the terms of the Q Public License,
12version 1.0 or later.
13"""
14
15reposID = '$Id$'
16
17from ZSI import ServiceProxy
18import sys
19
20from NDG.X509 import *
21
22
23def reqAuthorisation():
24   
25    """Request authorisation from NDG Attribute Authority Web Service."""
26
27    # Attribute Authority WSDL
28    aaWSDL = './attAuthority.wsdl'
29   
30    # User's proxy certificate
31    usrProxyCertFilePath = "./certs/pjkproxy.pem"
32
33    # Existing Attribute Certificate held in user's CredentialWallet.  This is
34    # available for use with trusted data centres to make new mapped Attribute
35    # Certificates
36    usrAttCertFilePath = "./attCert/attCert-pjk-BADC.xml"
37
38    # Make Attribute Authority raise an exception
39    #usrAttCertFilePath = "attCert-tampered.xml"
40
41
42    print "Requesting authorisation for user cert file: \"%s\"" % \
43          usrProxyCertFilePath
44
45
46    # Read user Proxy Certificate into a string ready for passing via WS
47    try:
48        usrProxyCertFileTxt = open(usrProxyCertFilePath, 'r').read()
49       
50    except IOError, ioErr:
51        raise "Error reading proxy certificate file \"%s\": %s" % \
52                                (ioErr.filename, ioErr.strerror)
53
54
55    # Simlarly for Attribute Certificate if present ...
56    if usrAttCertFilePath is not None:
57       
58        try:
59            usrAttCertFileTxt = open(usrAttCertFilePath, 'r').read()
60           
61        except IOError, ioErr:
62            raise "Error reading attribute certificate file \"%s\": %s" % \
63                                    (ioErr.filename, ioErr.strerror)
64    else:
65        usrAttCertFileTxt = None
66
67
68    # Instantiate WS proxy
69    aaSrv = ServiceProxy(aaWSDL, use_wsdl=True)
70       
71
72    # Make authorsation request
73    try:   
74        resp = aaSrv.reqAuthorisation(usrProxyCert=usrProxyCertFileTxt,
75                                      usrAttCert=usrAttCertFileTxt)
76        if resp['errMsg']:
77            raise Exception(resp['errMsg'])
78       
79        return resp['attCert']
80       
81    except Exception, excep:
82        print "Error: %s" % str(excep)
83   
84
85
86if __name__ == '__main__':
87   
88    print reqAuthorisation()
Note: See TracBrowser for help on using the repository browser.