source: TI12-security/trunk/python/ndg.security.server/ndg/security/server/SessionMgr/server-config.tac @ 2058

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg/TI12-security/trunk/python/ndg.security.server/ndg/security/server/SessionMgr/server-config.tac@2058
Revision 2058, 3.7 KB checked in by pjkersha, 13 years ago (diff)

python/ndg.security.server/ndg/security/server/AttAuthority/server-config.tac:
update to file header.

python/ndg.security.server/ndg/security/server/AttAuthority/init.py:

  • setPropFilePath val input is now a keyword
  • readProperties - removed propFilePath keyword - set from propFilePath property /

setPropFilePath method instead.

python/ndg.security.server/ndg/security/server/AttAuthority/start-container.sh:
added standard header

python/ndg.security.server/ndg/security/server/SessionMgr/server-config.tac:

  • updated header
  • removed hard coded cert file paths
  • set port number from properties file instead.

python/ndg.security.server/ndg/security/server/SessionMgr/init.py:

  • change all refs to sessMgrWSDLuri -> sessMgrURI and encrSessMgrWSDLuri -> encrSessMgrURI. For ZSI 2.0, it's the URI of the service that is important. The URI of the WSDL is not required.
  • changed keyPPhrase property to keyPwd
  • added setPropFilePath and propFilePath property, added class variable to make up properties file path from $NDG_DIR.
  • removed propFilePath keyword from readProperties method - use setPropFilePath() / propFilePath property instead.
  • renamed reqAuthorisation method getAttCert to avoid confusion with authorisation function performed by Gatekeeper.

python/ndg.security.server/ndg/security/server/SessionMgr/start-container.sh: added
standard header

python/ndg.security.server/ndg/security/server/SessionMgr/Makefile: create server side
stubs calling wsdl2dispatch and sed to convert to correct imports and stub methods
return types for Twisted.

python/www/html/sessionMgr.wsdl,
python/ndg.security.server/ndg/security/server/SessionMgr/SessionMgr_services_server.py,
python/ndg.security.common/ndg/security/common/SessionMgr/SessionMgr_services.py,
python/ndg.security.common/ndg/security/common/SessionMgr/SessionMgr_services_types.py:

  • renamed reqAuthorisation operations to getAttCert to avoid confusion with authorisation performed by the Gatekeeper.

python/conf/sessionMgrProperties.xml: renamed property keyPPhrase -> keyPwd

python/ndg.security.client/ndg/security/client/ndgSessionClient.py: changed refs from
WSDL URI and URI for Session Manager address. For ZSI 2.0, the URI of service is needed
alone, not the WSLD address.

python/ndg.security.test/ndg/security/test/AttAuthority/siteAServer.sh,
python/ndg.security.test/ndg/security/test/AttAuthority/siteBServer.sh: updates to headers

python/ndg.security.test/ndg/security/test/AttAuthority/README and
python/ndg.security.test/ndg/security/test/SessionMgr/README: added to explain setup for
running services for clients to connect to.

python/ndg.security.test/ndg/security/test/SessionMgr/SessionMgrClientTest.py and
python/ndg.security.test/ndg/security/test/SessionMgr/sessionMgrClientTest.cfg:
refs to 'ReqAuthorisation?' changed to 'getAttCert' - see above.

python/ndg.security.test/ndg/security/test/SessionMgr/server.sh: script to start
Session Manager for client unit tests.

python/ndg.security.common/ndg/security/common/AttAuthority/README,
python/ndg.security.common/ndg/security/common/SessionMgr/README: include instruction to
use Makefile.

python/ndg.security.common/ndg/security/common/Log
python/ndg.security.common/ndg/security/common/Log/log_services_server.py
python/ndg.security.common/ndg/security/common/Log/log_services.py
python/ndg.security.common/ndg/security/common/ca/init.py
python/ndg.security.common/ndg/security/common/ca/simpleCA_services.py
python/ndg.security.common/ndg/security/common/ca/CertReq.py
python/ndg.security.common/ndg/security/common/Gatekeeper
python/ndg.security.common/ndg/security/common/Gatekeeper/TestGatekeeperResrc.py
python/ndg.security.common/ndg/security/common/Gatekeeper/Gatekeeper.py
python/ndg.security.common/ndg/security/common/Gatekeeper/gatekeeper_services.py
python/ndg.security.common/ndg/security/common/Gatekeeper/gatekeeper_services_server.py:
rearranged old Log and Gatekeeper service code into their own packages. Moved
CertReq?.py and simpleCA_services.py into ca package.

Line 
1#!/usr/bin/env python
2"""NDG Security Attribute Authority .tac file
3
4This file enables the Session Manager web service to be
5called under the Twisted framework
6
7NERC Data Grid Project
8
9@author P J Kershaw 23/11/06
10
11@copyright (C) 2007 CCLRC & NERC
12
13@license This software may be distributed under the terms of the Q Public
14License, version 1.0 or later.
15"""
16import socket
17
18from ZSI.twisted.WSresource import WSResource
19from twisted.application import service, internet
20from twisted.web.server import Site
21from twisted.web.resource import Resource
22
23from SessionMgr_services_server import SessionMgrService
24from ndg.security.server.SessionMgr import SessionMgr
25from ndg.security.common.wsSecurity import WSSecurityHandlerChainFactory, \
26        WSSecurityHandler, SignatureHandler
27
28# Use for stub testing only
29from ndg.security.common.SessionCookie import SessionCookie
30from datetime import datetime, timedelta
31
32class SessionMgrServiceSub(SessionMgrService, WSResource):
33
34    # Add WS-Security handlers
35    factory = WSSecurityHandlerChainFactory
36       
37    def __init__(self):
38        WSResource.__init__(self)
39         
40        # Initialize Session Manager class - encapsulates inner workings
41        # including session management and proxy delegation
42        self.sm = SessionMgr()
43       
44    def soap_addUser(self, ps, **kw):
45        #import pdb;pdb.set_trace()
46        request, response = SessionMgrService.soap_addUser(self, ps)
47        return request, response
48
49    def soap_connect(self, ps, **kw):
50        #import pdb;pdb.set_trace()
51        request, response = SessionMgrService.soap_connect(self, ps)
52
53        if request.get_element_getCookie():
54            dtExpiry = datetime.utcnow() + timedelta(seconds=60*60)
55            cookie = SessionCookie(ndgID1='9'*64, 
56                                   ndgID2='0'*64,
57                                   dtExpiry=dtExpiry)
58            response.set_element_cookie(cookie)
59        else: 
60            response.set_element_proxyCert(proxyCert)
61                         
62        return request, response
63
64    def soap_disconnect(self, ps, **kw):
65        #import pdb;pdb.set_trace()
66        request, response = SessionMgrService.soap_disconnect(self, ps)
67        return request, response
68
69    def soap_getAttCert(self, ps, **kw):
70        #import pdb;pdb.set_trace()
71        request, response = SessionMgrService.soap_getAttCert(self, ps)
72        response.set_element_attCert(attCert)
73        response.set_element_statusCode('AcessGranted')
74        return request, response
75
76    def soap_getX509Cert(self, ps, **kw):
77        #import pdb;pdb.set_trace()
78        request, response = SessionMgrService.soap_getX509Cert(self, ps)
79        response.set_element_x509Cert(open(certFilePath).read().strip())
80        return request, response
81
82
83# Create Service
84smSrv = SessionMgrServiceSub()
85
86# Initialise WS-Security signature handler passing Attribute Authority
87# public and private keys
88WSSecurityHandler.signatureHandler = SignatureHandler(\
89                                            certFilePath=smSrv.sm['certFile'],
90                                            priKeyFilePath=smSrv.sm['keyFile'],
91                                            priKeyPwd=smSrv.sm['keyPwd'])
92
93# Add Service to Session Manager branch
94root = Resource()
95root.putChild('SessionManager', smSrv)
96siteFactory = Site(root)
97application = service.Application("SessionManagerContainer")
98
99# Use SSL connection
100from twisted.internet import ssl
101
102# Nb. ssl.DefaultOpenSSLContextFactory requires pyOpenSSL
103ctxFactory = ssl.DefaultOpenSSLContextFactory(priKeyFilePath, certFilePath)
104port = internet.SSLServer(portNum, siteFactory, ctxFactory)
105
106# Non-SSL
107#hostname = socket.gethostname()
108#port = internet.TCPServer(portNum, siteFactory)#, interface=hostname)
109
110port.setServiceParent(application)
Note: See TracBrowser for help on using the repository browser.