source: TI12-security/trunk/python/ndg.security.server/ndg/security/server/sso/sso.cfg @ 3699

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg/TI12-security/trunk/python/ndg.security.server/ndg/security/server/sso/sso.cfg@3699
Revision 3699, 2.6 KB checked in by pjkersha, 12 years ago (diff)

Separated LoginService? into server and client components sso and ssoClient respectively. Packaging needs re-organising.

  • Made important fix to redirect_to - this doesn't work when called from a BaseController?.call in Pylons 0.9.6 - moved to before method instead.
Line 
1# Single Sign On Service Configuration
2
3[DEFAULT]
4layout:         /layout/
5icondir:        /layout/icons/
6disclaimer:
7
8[NDG_SECURITY]
9# Server address for secure connections
10#sslServer: https://localhost
11#server:    http://localhost:4000
12sslServer: https://localhost/sso
13server:    http://localhost/sso
14
15# Redirect SOAP output to a file e.g. open(<somefile>, 'w')
16tracefile: None
17#tracefile: sys.stderr
18
19# Service addresses
20sessionMgrURI: https://gabriel.badc.rl.ac.uk/SessionManager
21attAuthorityURI: http://localhost:5000/AttributeAuthority
22
23# WS-Security signature handler
24# This is an application certificate ... (which may be a machine certificate)
25# X.509 certificate sent with outbound signed messages
26wssCertFilePath: certs/clnt.crt
27
28# Private key used to sign messages
29# This is an application certificate ... (which may be a machine certificate)
30wssKeyFilePath: certs/clnt.key
31
32# Password for private key - comment out if the file is not password protected
33wssKeyPwd: 
34
35# Space separated list of CA cert. files to validate certs against when
36# verifying responses
37wssCACertFilePathList: certs/ndg-test-ca.crt
38
39# Inclusive namespaces for Exclusive C14N
40#wssRefInclNS: xmlns xsi xsd SOAP-ENV wsu wsse ns1
41#wssSignedInfoInclNS: xsi xsd SOAP-ENV ds wsse ec
42wssRefInclNS: 
43wssSignedInfoInclNS: 
44
45# SSL Connections
46#
47# Space separated list of CA cert. files.  The peer cert.
48# must verify against at least one of these otherwise the connection is
49# dropped.
50sslCACertFilePathList: certs/ndg-test-ca.crt
51
52# Set an alternate CommonName to match with peer cert for SSL
53# Connections.  If the CN=hostname of the peer then this option
54# can be commented out
55sslPeerCertCN: 
56
57# Gatekeeper Attribute Certificate check
58# Issuer - should match with the issuer element of the users Attribute
59# Certificate submitted in order to gain access
60acIssuer: /CN=AttributeAuthority/O=NDG/OU=BADC
61#acIssuer: /CN=Junk/O=NDG/OU=Gabriel
62
63# verification of X.509 cert back to CA
64acCACertFilePathList: certs/ndg-test-ca.crt
65
66[layout]
67###### user customisable:
68localLink:      http://ndg.nerc.ac.uk/
69localImage:     %(layout)sndg_logo_circle.gif
70localAlt:       visit badc
71###### ought to be the end of the customisations
72ndgLink:        http://ndg.nerc.ac.uk/
73ndgImage:       %(layout)sndg_logo_circle.gif
74ndgAlt:         visit ndg
75stfcLink:       http://ceda.stfc.ac.uk/
76stfcImage:      %(layout)sstfc-circle-sm.gif
77key:            %(icondir)spadlock.png
78keyGrey:        %(layout)skeyG.gif
79selectI:        %(layout)stick.png
80Xicon:          %(icondir)sxml.png
81plot:           %(icondir)splot.png
82printer:        %(icondir)sprinter.png
83helpIcon:       %(icondir)shelp.png
84HdrLeftAlt:     %(layout)sNatural Environment Research Council
85HdrLeftLogo:    %(layout)sNERC_Logo.gif
Note: See TracBrowser for help on using the repository browser.