source: TI12-security/trunk/python/Tests/security.py @ 1022

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg/TI12-security/trunk/python/Tests/security.py@1022
Revision 1022, 6.8 KB checked in by pjkersha, 14 years ago (diff)

Updates to Tests/security.py and NDG/SecurityCGI.py: call to AA to get login hosts works but no further.

Line 
1#!/usr/local/NDG/ActivePython-2.4/bin/python
2
3"""Example NDG Security CGI service based on SecurityCGI base class
4
5NERC Data Grid Project
6
7P J Kershaw 25/05/06
8
9Copyright (C) 2006 CCLRC & NERC
10
11This software may be distributed under the terms of the Q Public License,
12version 1.0 or later.
13"""
14import os
15from NDG.SecurityCGI import *
16
17
18class TestSecurityCGI(SecurityCGI):
19    """CGI interface test class for NDG Security"""
20
21
22    #_________________________________________________________________________
23    def showLogin(self, returnURI=None, **kwargs):
24        """Display initial NDG login form"""
25
26        if returnURI:
27            returnURIfield = \
28                "<input type=hidden name=returnURI value=\"%s\">" % returnURI
29        else:
30            returnURIfield = ''
31
32
33        if bAuthorise:
34            authoriseArg = "<input type=hidden name=authorise value=\"1\">"
35        else:
36            authoriseArg = ""
37
38
39        # Set authorisation method default
40        authorisationMethodChk = {  "allowMapping":              '',
41                                    "allowMappingWithPrompt" :   '',
42                                    "noMapping":                 ''}
43   
44        if self.__authorisationMethod is None:
45            # Default to safest option for user
46            authorisationMethodChk["allowMappingWithPrompt"] = ' checked'
47        else:
48            authorisationMethodChk[self.__authorisationMethod] = ' checked'
49   
50
51        print """Content-type: text/html
52       
53<html>"   
54<head>
55<title>%s</title>
56<style type=\"text/css\">
57<!--
58.al {
59text-align: justify
60}
61a{
62text-decoration:none;
63}
64a:hover{
65color:#0000FF;
66}
67    body { font-family: Verdana, sans-serif; font-size: 11}
68    table { font-family: Verdana, sans-serif; font-size: 11}
69-->
70</style>
71</head>
72<body>
73    <script language="javascript">
74        <!--
75            function toggleLayer(layerId)
76            {
77                if (document.getElementById)
78                {
79                    // Standard
80                    var style = document.getElementById(layerId).style;
81                }
82                else if (document.all)
83                {
84                    // Old msie versions
85                    var style = document.all[whichLayer].style;
86                }
87                else if (document.layers)
88                {
89                    // nn4
90                    var style = document.layers[whichLayer].style;
91                }
92                style.visibility = style.visibility == "visible" ? "hidden":"visible";
93            }
94        //-->
95    </script>
96    <h3>NERC Data Grid Site Login (Test)<BR clear=all></h3>
97    <hr>
98   
99    <form action="%s" method="POST">
100   
101    <table bgcolor=#ADD8E6 cellspacing=0 border=0 cellpadding=5>
102    <tbody>
103    <tr><td>User Name:</td> <td><input type=text name=userName value="">
104    </td></tr>
105    <tr>
106        <td>Password:</td>
107        <td><input type=password name=passPhrase></td>
108    </tr>
109    <tr>
110        <td colspan="2" align="right">
111            <a href="javascript:toggleLayer('advSettings');">Advanced Settings</a>
112            <input type=submit value="Login">
113        </td>
114    </tr>
115    <input type=hidden name=authenticate value="1">
116    %s"""  % (self.scriptName, returnURIfield)
117   
118        print \
119    """</tbody></table>
120    <br>
121    <div id="advSettings" style="position: relative; visibility: hidden;">
122        <h4>Role Mapping for access to other trusted sites</h4>
123        <p>Your account has roles or <i>privileges</i> which determine what data you have access to.  If you access data at another NDG trusted site, these roles can be mapped to local roles at that site to help you gain access:
124        </p>
125        <table bgcolor=#ADD8E6 cellspacing=0 border=0 cellpadding=5>
126        <tbody>
127        <tr>
128        <td>
129            <input type="radio" name="authorisationMethod" value="allowMapping"%s>
130        </td>
131            <td>
132                Allow my roles to be mapped to local roles at other NDG trusted sites.
133            </td>
134        </tr>
135        <tr>
136            <td>
137                <input type="radio" name="authorisationMethod" value="allowMappingWithPrompt"%s>
138            </td>
139        <td>
140            Allow my roles to be mapped, but prompt me so that I may choose which roles to map before gaining access.
141        </td>
142        <tr>
143        <td>
144            <input type="radio" name="authorisationMethod" value="noMapping"%s>
145        </td>
146        <td>
147            Don't allow mapping of my roles.
148        </td>
149        </tr>
150        </tbody>
151        </table>
152    </div>
153    </form>
154</body>
155</html>""" % (authorisationMethodChk['allowMapping'], \
156              authorisationMethodChk['allowMappingWithPrompt'], \
157              authorisationMethodChk['noMapping'])
158
159        # end of showLogin()
160
161
162    def showHomeSiteSelect(self, **kwargs):
163
164        if not self.trustedHostInfo:
165            self.getTrustedHostInfo()
166
167        print """Content-type: text/html
168
169<html>
170<head>
171    <title>Select site to retrieve credentials</title>
172    <style type=\"text/css\">
173    <!--
174    .al {
175    text-align: justify
176    }
177    a{
178    text-decoration:none;
179    }
180    a:hover{
181    color:#0000FF;
182    }
183        body { font-family: Verdana, sans-serif; font-size: 11}
184        table { font-family: Verdana, sans-serif; font-size: 11}
185    -->
186    </style>
187</head>
188<body>
189    <form action="%s" method="POST">
190    <table bgcolor=#ADD8E6 cellspacing=0 border=0 cellpadding=5>
191    <tbody>
192    <tr>
193      <td>
194        <select name="requestURI">
195          <option value="">Select your home site...""" % self.scriptName
196
197        for hostname, info in self.trustedHostInfo.items():
198            print "<option value=\"%s\">%s" % (info['loginURI'], hostname)
199
200        print \
201"""     </select>
202      </td>
203      <td align="right">
204        <input type=submit value="Go">
205      </td>
206    </tr>
207    </tbody>
208    </table>
209    </form>
210</body>
211</html>"""
212
213        # end of showHomeSiteSelect()
214
215
216       
217if __name__ == "__main__":
218   
219    smWSDL = "http://gabriel.bnsc.rl.ac.uk/sessionMgr.wsdl"
220    aaWSDL = 'http://gabriel.bnsc.rl.ac.uk/attAuthority.wsdl'
221
222    smPubKeyFilePath = "/usr/local/NDG/conf/certs/gabriel-sm-cert.pem"
223    aaPubKeyFilePath = "/usr/local/NDG/conf/certs/gabriel-aa-cert.pem"
224   
225    clntPubKeyFilePath = "../certs/GabrielCGI-cert.pem"
226    clntPriKeyFilePath = "../certs/GabrielCGI-key.pem"
227
228    returnURI = "https://gabriel.bnsc.rl.ac.uk/cgi-bin/security.py"
229
230    securityCGI = TestSecurityCGI(smWSDL,
231                                  aaWSDL,
232                                                                  scriptName=os.path.basename(__file__),
233                                  smPubKeyFilePath=smPubKeyFilePath,
234                                  aaPubKeyFilePath=aaPubKeyFilePath,
235                                  clntPubKeyFilePath=clntPubKeyFilePath,
236                                  clntPriKeyFilePath=clntPriKeyFilePath,
237                                  returnURI=returnURI)
238    securityCGI()
Note: See TracBrowser for help on using the repository browser.