source: TI12-security/trunk/python/conf/attAuthorityProperties.xml @ 2136

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg/TI12-security/trunk/python/conf/attAuthorityProperties.xml@2136
Revision 2136, 1.7 KB checked in by pjkersha, 13 years ago (diff)

python/ndg.security.server/setup.py:

  • comment out Twisted from install - won't do egg install
  • updated long description

python/ndg.security.server/ndg/security/server/AttAuthority/server-config.tac:

  • added verifyingCertFilePath keyword to SignatureHandler? initialisation
  • added SSL capability

python/conf/attAuthorityProperties.xml,
python/ndg.security.test/ndg/security/test/AttAuthority/siteAAttAuthorityProperties.xml,
python/ndg.security.test/ndg/security/test/AttAuthority/siteBAttAuthorityProperties.xml,
python/ndg.security.server/ndg/security/server/AttAuthority/init.py:
added element names for reading SSL settings from properties file.

python/ndg.security.server/ndg/security/server/SessionMgr/server-config.tac:
added verifyingCertFilePath keyword to SignatureHandler? initialisation

python/conf/sessionMgrProperties.xml,
python/ndg.security.test/ndg/security/test/SessionMgr/sessionMgrProperties.xml,
python/ndg.security.server/ndg/security/server/SessionMgr/init.py:
added clntCertFile properties file element name for setting certificate for
verifying incoming SOAP messages.

python/ndg.security.server/ndg/security/server/SessionMgr/Makefile:
corrected typo.

python/ndg.security.server/ndg/security/server/MyProxy.py:
Put OpenSSLConfig and OpenSSLConfigError classes into their own package
'openssl' so that they can also be used by the Certificate Authority client.

python/www/html/certificateAuthority.wsdl,
python/ndg.security.server/ndg/security/server/ca/CertificateAuthority_services_server.py,
python/ndg.security.common/ndg/security/common/ca/CertificateAuthority_services_types.py,
python/ndg.security.common/ndg/security/common/ca/CertificateAuthority_services.py: updated operations to issueCert, revokeCert and getCRL.

python/ndg.security.test/ndg/security/test/AttAuthority/attAuthorityClientTest.cfg: changed address of service to connect to.

python/ndg.security.test/ndg/security/test/SessionMgr/sessionMgrClientTest.cfg:
alternative username connection settings

python/ndg.security.common/ndg/security/common/AttAuthority/init.py:
fixed typos in error message and comments.

ython/ndg.security.common/ndg/security/common/XMLSec.py: changed call to
getAttributeNodeNS to getAttributeNode for retrieving reference element URI
attribute.

python/ndg.security.common/ndg/security/common/ca/init.py: code for
Certificate Authority client

python/ndg.security.common/ndg/security/common/wsSecurity.py:

  • tidied up imports
  • added properties for setting keywords to reference and SignedInfo? C14N
  • changed sign method so that it is truely configurable allow use of inclusive or exclusive C14N based on the keywords set for reference and SignedInfo? C14N calls.
  • swapped calls to getAttributeNodeNS with getAttributeNode where appropriate.

java/DEWS/AttAuthority/appClientModule/META-INF/ibm-webservicesclient-bnd.xmi,
java/DEWS/AttAuthority/build/classes/META-INF/ibm-webservicesclient-bnd.xmi:
updated to that request generator correctly places X.509 cert in
BinarySecurityToken? element.

java/DEWS/AttAuthority/appClientModule/Main.java,
java/DEWS/AttAuthority/appClientjava/DEWS/AttAuthority/appClientModule/META-INF/ibm-webservicesclient-bnd.xmiModule/Main.java:
include calls to getX509Cert and getAttCert methods.

java/DEWS/SessionMgr/build/classes/META-INF/ibm-webservicesclient-bnd.xmi,
java/DEWS/SessionMgr/appClientModule/META-INF/ibm-webservicesclient-bnd.xmi:
updates for testing Session MAnager client

java/DEWS/SessionMgr/appClientModule/Main.java: switched username setting.

  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
RevLine 
[638]1<?xml version="1.0" encoding="utf-8"?>
[405]2<AAprop>
[2136]3        <!--
4        'name' setting MUST agree with map config file 'thisHost' name
5        attribute
6        -->
7    <name>BADC</name> 
[2039]8    <portNum>5000</portNum>
[2136]9    <useSSL>Yes</useSSL> <!-- leave blank to use http -->
10    <sslCertFile></sslCertFile>
11    <sslKeyFile></sslKeyFile>
12    <!--
13    PKI settings for signature of outbound SOAP messages
14    -->
[638]15    <keyFile></keyFile>
16    <keyPwd></keyPwd>
17    <certFile></certFile>
18    <caCertFile></caCertFile>
[2136]19    <!--
20    Set the certificate used to verify the signature of messages from the
21    client.  This can usually be left blank since the client is expected to
22    include the cert with the signature in the inbound SOAP message
23    -->
24    <clntCertFile></clntCertFile>   
25    <attCertLifetime></attCertLifetime> <!-- Measured in seconds -->
26        <!--
27        Allow an offset for clock skew between servers running
28        security services.  - Use minus sign for time in the past
29        -->
[2017]30        <attCertNotBeforeOff>0</attCertNotBeforeOff>
[2136]31    <!-- Location of role mapping file -->
32    <mapConfigFile></mapConfigFile>
33    <!-- All Attribute Certificates are recorded in this dir before dispatch
34    to SOAP requestor
35    -->
36    <attCertDir></attCertDir>
37    <!--
38    File prefix and suffix for files stored in attCertDir
39    -->
[2017]40    <attCertFilePfx>ac-</attCertFilePfx>
41    <attCertFileSfx>.xml</attCertFileSfx>
42    <dnSeparator>/</dnSeparator>
[2136]43    <!--
44    Settings for custom AAUserRoles derived class to get user roles for
45    given user ID
46    -->
[2051]47    <userRolesModFilePath></userRolesModFilePath>
48    <userRolesModName></userRolesModName>
49    <userRolesClassName></userRolesClassName>
50    <userRolesPropFile></userRolesPropFile>
[405]51</AAprop>
Note: See TracBrowser for help on using the repository browser.