source: TI12-security/trunk/python/ndg.security.server/ndg/security/server/conf/attAuthorityProperties.xml @ 2900

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg/TI12-security/trunk/python/ndg.security.server/ndg/security/server/conf/attAuthorityProperties.xml@2900
Revision 2900, 2.2 KB checked in by pjkersha, 13 years ago (diff)

ndg.security.server/setup.py: added *.conf for conf/ openssl.conf file

ndg.security.server/ndg/security/server/AttAuthority/init.py:

  • Use RotatingFileHandler? from logging package to enable store of ACs issued to be limited. Properties file attCertFileLogCnt sets maximum number of files created before rotation.
  • newAttCertFilePath() is replaced by rotating file handler functionality
  • added logging with some debug messages - more needed to complete

ndg.security.server/ndg/security/server/conf/attCert/init.py

  • renamed to ndg.security.test/ndg/security/test/AttAuthority/attCertLog/init.py

ndg.security.server/ndg/security/server/conf/userRoles.py: userIsRegistered should return bool

ndg.security.server/ndg/security/server/conf/attAuthorityProperties.xml,
ndg.security.test/ndg/security/test/AttAuthority/siteAAttAuthorityProperties.xml,
ndg.security.test/ndg/security/test/AttAuthority/siteBAttAuthorityProperties.xml:

  • filled in default values for most attributes to ease installation config tasks
  • attCertFilePfx and attCertFileSfx replaced with attCertFileName and attCertFileLog attributes for new AC logging.

ndg.security.client/ndg/security/client/ndgSessionClient.py: removed debug calls. This module may now be surplus because of Pylons framework and plans for Java and PHP clients.

ndg.security.test/ndg/security/test/AttAuthority/siteAUserRoles.py: added coapec for testing

ndg.security.test/ndg/security/test/AttAuthority/siteAMapConfig.xml: fix formatting

ndg.security.test/ndg/security/test/AttAuthority/attAuthorityClientTest.cfg: altered settings for tests

ndg.security.test/ndg/security/test/Log/LogTest.py: exptd with log config. Eventually change to be harness for SOAP log interface

Makefile: use default python + added force target.

  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
Line 
1<?xml version="1.0" encoding="utf-8"?>
2<AAprop>
3        <!--
4        'name' setting MUST agree with map config file 'thisHost' name
5        attribute
6        -->
7    <name>YourOrganisationName</name> 
8    <portNum>5000</portNum>
9    <!--
10    PKI settings for transport level encryption
11    -->
12    <useSSL></useSSL> <!-- leave blank to use http -->
13    <sslCertFile>$NDGSEC_DIR/conf/certs/ssl-cert.pem</sslCertFile>
14    <sslKeyFile>$NDGSEC_DIR/conf/certs/ssl-key.pem</sslKeyFile>
15    <sslKeyPwd></sslKeyPwd>
16    <!--
17    PKI settings for signature of outbound SOAP messages
18    -->
19    <useSignatureHandler>Yes</useSignatureHandler> <!-- leave blank for no signature -->
20    <certFile>$NDGSEC_DIR/conf/certs/aa-cert.pem</certFile>
21    <keyFile>$NDGSEC_DIR/conf/certs/aa-key.pem</keyFile>
22    <keyPwd></keyPwd>
23    <caCertFile>$NDGSEC_DIR/conf/certs/cacert.pem</caCertFile>
24    <!--
25    Set the certificate used to verify the signature of messages from the
26    client.  This can usually be left blank since the client is expected to
27    include the cert with the signature in the inbound SOAP message
28    -->
29    <clntCertFile></clntCertFile>   
30    <attCertLifetime>86400</attCertLifetime> <!-- Measured in seconds -->
31        <!--
32        Allow an offset for clock skew between servers running
33        security services.  - Use minus sign for time in the past
34        -->
35    <attCertNotBeforeOff>0</attCertNotBeforeOff>
36    <!-- Location of role mapping file -->
37    <mapConfigFile>$NDGSEC_DIR/conf/mapConfig.xml</mapConfigFile>
38    <!-- All Attribute Certificates are recorded in this dir before dispatch
39    to SOAP requestor
40    -->
41    <attCertDir>$NDGSEC_DIR/conf/attCertLog</attCertDir>
42    <!--
43    File prefix and suffix for files stored in attCertDir
44    -->
45    <attCertFileName>ac.xml</attCertFileName>
46    <attCertFileLogCnt>1024</attCertFileLogCnt>
47    <dnSeparator>/</dnSeparator>
48    <!--
49    Settings for custom AAUserRoles derived class to get user roles for
50    given user ID
51    -->
52    <userRolesModFilePath>$NDGSEC_DIR/conf</userRolesModFilePath>
53    <userRolesModName>userRoles</userRolesModName>
54    <userRolesClassName>UserRoles</userRolesClassName>
55    <userRolesPropFile>$NDGSEC_DIR/conf/userRoles.cfg</userRolesPropFile>
56</AAprop>
Note: See TracBrowser for help on using the repository browser.