source: TI12-security/trunk/python/ndg.security.server/ndg/security/server/ca/CertificateAuthority_services_server.py @ 2136

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg/TI12-security/trunk/python/ndg.security.server/ndg/security/server/ca/CertificateAuthority_services_server.py@2136
Revision 2136, 7.1 KB checked in by pjkersha, 13 years ago (diff)

python/ndg.security.server/setup.py:

  • comment out Twisted from install - won't do egg install
  • updated long description

python/ndg.security.server/ndg/security/server/AttAuthority/server-config.tac:

  • added verifyingCertFilePath keyword to SignatureHandler? initialisation
  • added SSL capability

python/conf/attAuthorityProperties.xml,
python/ndg.security.test/ndg/security/test/AttAuthority/siteAAttAuthorityProperties.xml,
python/ndg.security.test/ndg/security/test/AttAuthority/siteBAttAuthorityProperties.xml,
python/ndg.security.server/ndg/security/server/AttAuthority/init.py:
added element names for reading SSL settings from properties file.

python/ndg.security.server/ndg/security/server/SessionMgr/server-config.tac:
added verifyingCertFilePath keyword to SignatureHandler? initialisation

python/conf/sessionMgrProperties.xml,
python/ndg.security.test/ndg/security/test/SessionMgr/sessionMgrProperties.xml,
python/ndg.security.server/ndg/security/server/SessionMgr/init.py:
added clntCertFile properties file element name for setting certificate for
verifying incoming SOAP messages.

python/ndg.security.server/ndg/security/server/SessionMgr/Makefile:
corrected typo.

python/ndg.security.server/ndg/security/server/MyProxy.py:
Put OpenSSLConfig and OpenSSLConfigError classes into their own package
'openssl' so that they can also be used by the Certificate Authority client.

python/www/html/certificateAuthority.wsdl,
python/ndg.security.server/ndg/security/server/ca/CertificateAuthority_services_server.py,
python/ndg.security.common/ndg/security/common/ca/CertificateAuthority_services_types.py,
python/ndg.security.common/ndg/security/common/ca/CertificateAuthority_services.py: updated operations to issueCert, revokeCert and getCRL.

python/ndg.security.test/ndg/security/test/AttAuthority/attAuthorityClientTest.cfg: changed address of service to connect to.

python/ndg.security.test/ndg/security/test/SessionMgr/sessionMgrClientTest.cfg:
alternative username connection settings

python/ndg.security.common/ndg/security/common/AttAuthority/init.py:
fixed typos in error message and comments.

ython/ndg.security.common/ndg/security/common/XMLSec.py: changed call to
getAttributeNodeNS to getAttributeNode for retrieving reference element URI
attribute.

python/ndg.security.common/ndg/security/common/ca/init.py: code for
Certificate Authority client

python/ndg.security.common/ndg/security/common/wsSecurity.py:

  • tidied up imports
  • added properties for setting keywords to reference and SignedInfo? C14N
  • changed sign method so that it is truely configurable allow use of inclusive or exclusive C14N based on the keywords set for reference and SignedInfo? C14N calls.
  • swapped calls to getAttributeNodeNS with getAttributeNode where appropriate.

java/DEWS/AttAuthority/appClientModule/META-INF/ibm-webservicesclient-bnd.xmi,
java/DEWS/AttAuthority/build/classes/META-INF/ibm-webservicesclient-bnd.xmi:
updated to that request generator correctly places X.509 cert in
BinarySecurityToken? element.

java/DEWS/AttAuthority/appClientModule/Main.java,
java/DEWS/AttAuthority/appClientjava/DEWS/AttAuthority/appClientModule/META-INF/ibm-webservicesclient-bnd.xmiModule/Main.java:
include calls to getX509Cert and getAttCert methods.

java/DEWS/SessionMgr/build/classes/META-INF/ibm-webservicesclient-bnd.xmi,
java/DEWS/SessionMgr/appClientModule/META-INF/ibm-webservicesclient-bnd.xmi:
updates for testing Session MAnager client

java/DEWS/SessionMgr/appClientModule/Main.java: switched username setting.

Line 
1##################################################
2# CertificateAuthority_services_server.py
3#      Generated by ZSI.generate.wsdl2dispatch.DelAuthServiceModuleWriter
4#
5##################################################
6
7from ndg.security.common.CertificateAuthority.CertificateAuthority_services import *
8from ZSI.ServiceContainer import ServiceSOAPBinding
9
10class CertificateAuthorityService(ServiceSOAPBinding):
11    soapAction = {}
12    root = {}
13    _wsdl = """<?xml version=\"1.0\" ?>
14<wsdl:definitions name=\"CertificateAuthority\" targetNamespace=\"urn:ndg:security:ca\" xmlns=\"http://schemas.xmlsoap.org/wsdl/\" xmlns:http=\"http://schemas.xmlsoap.org/wsdl/http/\" xmlns:soap=\"http://schemas.xmlsoap.org/wsdl/soap/\" xmlns:soapenc=\"http://schemas.xmlsoap.org/soap/encoding/\" xmlns:tns=\"urn:ndg:security:ca\" xmlns:wsdl=\"http://schemas.xmlsoap.org/wsdl/\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\">
15
16  <wsdl:types>
17    <xsd:schema targetNamespace=\"urn:ndg:security:ca\">
18   
19      <xsd:element name=\"issueCert\">
20        <xsd:complexType>
21          <xsd:sequence>
22            <xsd:element maxOccurs=\"1\" minOccurs=\"1\" name=\"x509CertReq\" type=\"xsd:string\"/>
23          </xsd:sequence>
24        </xsd:complexType>
25      </xsd:element>
26     
27      <xsd:element name=\"issueCertResponse\">
28        <xsd:complexType>
29                  <xsd:sequence>
30                <xsd:element maxOccurs=\"1\" minOccurs=\"1\" name=\"x509Cert\" type=\"xsd:string\"/>
31                  </xsd:sequence>
32                </xsd:complexType>
33      </xsd:element>
34   
35      <xsd:element name=\"revokeCert\">
36        <xsd:complexType>
37          <xsd:sequence>
38            <xsd:element maxOccurs=\"1\" minOccurs=\"1\" name=\"x509Cert\" type=\"xsd:string\"/>
39          </xsd:sequence>
40        </xsd:complexType>
41      </xsd:element>
42     
43      <xsd:element name=\"revokeCertResponse\">
44        <xsd:complexType/>
45      </xsd:element>
46   
47      <xsd:element name=\"getCRL\">
48        <xsd:complexType/>
49      </xsd:element>
50     
51      <xsd:element name=\"getCRLResponse\">
52        <xsd:complexType>
53          <xsd:sequence>
54            <xsd:element maxOccurs=\"1\" minOccurs=\"1\" name=\"crl\" type=\"xsd:string\"/>
55          </xsd:sequence>
56        </xsd:complexType>
57      </xsd:element>
58     
59    </xsd:schema>
60  </wsdl:types>
61
62  <wsdl:message name=\"issueCertInputMsg\">
63    <wsdl:part element=\"tns:issueCert\" name=\"parameters\"/>
64  </wsdl:message>
65
66  <wsdl:message name=\"issueCertOutputMsg\">
67    <wsdl:part element=\"tns:issueCertResponse\" name=\"parameters\"/>
68  </wsdl:message>
69
70  <wsdl:message name=\"revokeCertInputMsg\">
71    <wsdl:part element=\"tns:revokeCert\" name=\"parameters\"/>
72  </wsdl:message>
73
74  <wsdl:message name=\"revokeCertOutputMsg\">
75    <wsdl:part element=\"tns:revokeCertResponse\" name=\"parameters\"/>
76  </wsdl:message>
77
78  <wsdl:message name=\"getCRLInputMsg\">
79    <wsdl:part element=\"tns:getCRL\" name=\"parameters\"/>
80  </wsdl:message>
81
82  <wsdl:message name=\"getCRLOutputMsg\">
83    <wsdl:part element=\"tns:getCRLResponse\" name=\"parameters\"/>
84  </wsdl:message>
85
86  <wsdl:portType name=\"CertificateAuthority\">
87    <wsdl:operation name=\"issueCert\">
88      <wsdl:input message=\"tns:issueCertInputMsg\"/>
89      <wsdl:output message=\"tns:issueCertOutputMsg\"/>     
90    </wsdl:operation>
91   
92    <wsdl:operation name=\"revokeCert\">
93      <wsdl:input message=\"tns:revokeCertInputMsg\"/>
94      <wsdl:output message=\"tns:revokeCertOutputMsg\"/>
95    </wsdl:operation>
96   
97    <wsdl:operation name=\"getCRL\">
98      <wsdl:input message=\"tns:getCRLInputMsg\"/>
99      <wsdl:output message=\"tns:getCRLOutputMsg\"/>
100    </wsdl:operation>
101  </wsdl:portType>
102
103  <wsdl:binding name=\"CertificateAuthorityBinding\" type=\"tns:CertificateAuthority\">
104    <soap:binding style=\"document\" transport=\"http://schemas.xmlsoap.org/soap/http\"/>
105    <wsdl:operation name=\"issueCert\">
106      <soap:operation soapAction=\"issueCert\"/>
107      <wsdl:input>
108        <soap:body use=\"literal\"/>
109      </wsdl:input>
110      <wsdl:output>
111        <soap:body use=\"literal\"/>
112      </wsdl:output>
113    </wsdl:operation>
114   
115    <wsdl:operation name=\"revokeCert\">
116      <soap:operation soapAction=\"revokeCert\"/>
117      <wsdl:input>
118        <soap:body use=\"literal\"/>
119      </wsdl:input>
120      <wsdl:output>
121        <soap:body use=\"literal\"/>
122      </wsdl:output>
123    </wsdl:operation>
124   
125    <wsdl:operation name=\"getCRL\">
126      <soap:operation soapAction=\"getCRL\"/>
127      <wsdl:input>
128        <soap:body use=\"literal\"/>
129      </wsdl:input>
130      <wsdl:output>
131        <soap:body use=\"literal\"/>
132      </wsdl:output>
133    </wsdl:operation>
134  </wsdl:binding>
135
136  <wsdl:service name=\"CertificateAuthorityService\">
137    <wsdl:documentation>NDG Certificate Authority web service</wsdl:documentation>
138    <wsdl:port binding=\"tns:CertificateAuthorityBinding\" name=\"CertificateAuthority\">
139      <soap:address location=\"http://localhost:5001\"/>
140    </wsdl:port>
141  </wsdl:service>
142</wsdl:definitions>"""
143
144    def __init__(self, post='', **kw):
145        ServiceSOAPBinding.__init__(self, post)
146        if kw.has_key('impl'):
147            self.impl = kw['impl']
148        self.auth_method_name = None
149        if kw.has_key('auth_method_name'):
150            self.auth_method_name = kw['auth_method_name']
151    def authorize(self, auth_info, post, action):
152        if self.auth_method_name and hasattr(self.impl, self.auth_method_name):
153            return getattr(self.impl, self.auth_method_name)(auth_info, post, action)
154        else:
155            return 1
156
157    def soap_issueCert(self, ps):
158        self.request = ps.Parse(issueCertInputMsg.typecode)
159        parameters = self.request._x509CertReq
160
161        # If we have an implementation object use it
162        if hasattr(self,'impl'):
163            parameters = self.impl.issueCert(parameters)
164
165        result = issueCertOutputMsg()
166        # If we have an implementation object, copy the result
167        if hasattr(self,'impl'):
168            result._x509Cert = parameters
169        return self.request, result
170
171    soapAction['issueCert'] = 'soap_issueCert'
172    root[(issueCertInputMsg.typecode.nspname,issueCertInputMsg.typecode.pname)] = 'soap_issueCert'
173
174    def soap_revokeCert(self, ps):
175        self.request = ps.Parse(revokeCertInputMsg.typecode)
176        parameters = self.request._x509Cert
177
178        # If we have an implementation object use it
179        if hasattr(self,'impl'):
180            parameters = self.impl.revokeCert(parameters)
181
182        result = revokeCertOutputMsg()
183        return self.request, result
184
185    soapAction['revokeCert'] = 'soap_revokeCert'
186    root[(revokeCertInputMsg.typecode.nspname,revokeCertInputMsg.typecode.pname)] = 'soap_revokeCert'
187
188    def soap_getCRL(self, ps):
189        self.request = ps.Parse(getCRLInputMsg.typecode)
190
191        # If we have an implementation object use it
192        if hasattr(self,'impl'):
193            parameters = self.impl.getCRL()
194
195        result = getCRLOutputMsg()
196        # If we have an implementation object, copy the result
197        if hasattr(self,'impl'):
198            result._crl = parameters
199        return self.request, result
200
201    soapAction['getCRL'] = 'soap_getCRL'
202    root[(getCRLInputMsg.typecode.nspname,getCRLInputMsg.typecode.pname)] = 'soap_getCRL'
203
Note: See TracBrowser for help on using the repository browser.