source: TI12-security/trunk/python/ndg.security.server/ndg/security/server/sso/sso.cfg @ 3914

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg/TI12-security/trunk/python/ndg.security.server/ndg/security/server/sso/sso.cfg@3914
Revision 3914, 3.4 KB checked in by pjkersha, 12 years ago (diff)
  • New ndg.security.common.zsi_util.httpproxy.ProxyHTTPConnection class replaces urllib2client - easier to fit into existing ZSI client framework.
  • Further OpenID integration into Single Sign On Service. User now authenticates OK but patches needed to AuthKit? + need to handle return_to URL dynamically according to page visited before WAYF call.
Line 
1# Single Sign On Service Configuration
2
3[DEFAULT]
4# Server address for secure connections
5#sslServer: https://localhost
6#server:    http://localhost:4000
7sslServer: https://localhost/sso
8server:    http://localhost/sso
9layout:         %(server)s/layout/
10icondir:        %(server)s/layout/icons/
11disclaimer:
12
13# Redirect SOAP output to a file e.g. open(<somefile>, 'w')
14tracefile: None
15#tracefile: sys.stderr
16
17# Service addresses
18sessionMgrURI: https://gabriel.badc.rl.ac.uk/SessionManager
19attAuthorityURI: http://localhost:5000/AttributeAuthority
20
21# WS-Security signature handler - set a config file with 'wssCfgFilePath'
22# or omit and put the relevant content directly in here under
23# 'NDG_SECURITY.wssecurity' section
24#wssCfgFilePath: wssecurity.cfg
25
26# SSL Connections
27#
28# Space separated list of CA cert. files.  The peer cert.
29# must verify against at least one of these otherwise the connection is
30# dropped.
31sslCACertFilePathList: certs/ndg-test-ca.crt
32
33# Web Services HTTP Proxy fine tuning
34#
35# For most situations, these settings can be ignored and instead make use of
36# the http_proxy environment variable.  They allow for the case where specific
37# settings are needed just for the security web services calls
38
39# Overrides the http_proxy environment variable setting - may be omitted
40#httpProxyHost: wwwcache.rl.ac.uk:8080
41
42# Web service clients pick up the http_proxy environment variable setting by
43# default.  Set this flag to True to ignore http_proxy for web service
44# connections.  To use the http_proxy setting, set this parameter to False or
45# remove it completely from this file.
46ignoreHttpProxyEnv: True
47
48
49# Flag to enable OpenID login
50enableOpenID: True
51
52[WSSecurity]
53
54# Settings for signature of an outbound message ...
55
56# Certificate associated with private key used to sign a message.  The sign
57# method will add this to the BinarySecurityToken element of the WSSE header. 
58# binSecTokValType attribute must be set to 'X509' or 'X509v3' ValueType. 
59# As an alternative, use 'signingCertChain' parameter
60
61# file path PEM encoded cert
62signingCertFilePath=certs/clnt.crt
63
64# file path to PEM encoded private key file
65signingPriKeyFilePath=certs/clnt.key
66
67# Password protecting private key.  Leave blank if there is no password.
68signingPriKeyPwd=
69
70# Provide a space separated list of file paths.  CA Certs should be included
71# for all the sites this installation trusts
72caCertFilePathList=certs/ndg-test-ca.crt
73
74# Set the ValueType for the BinarySecurityToken added to the WSSE header for a
75# signed message. 
76reqBinSecTokValType=X509v3
77
78# Add a timestamp element to an outbound message
79addTimestamp=True
80
81# For WSSE 1.1 - service returns signature confirmation containing signature
82# value sent by client
83applySignatureConfirmation=False
84
85tracefile=sys.stderr
86
87[layout]
88###### user customisable:
89localLink:      http://ndg.nerc.ac.uk/
90localImage:     %(layout)sndg_logo_circle.gif
91localAlt:       visit badc
92###### ought to be the end of the customisations
93ndgLink:        http://ndg.nerc.ac.uk/
94ndgImage:       %(layout)sndg_logo_circle.gif
95ndgAlt:         visit ndg
96stfcLink:       http://ceda.stfc.ac.uk/
97stfcImage:      %(layout)sstfc-circle-sm.gif
98key:            %(icondir)spadlock.png
99keyGrey:        %(layout)skeyG.gif
100selectI:        %(layout)stick.png
101Xicon:          %(icondir)sxml.png
102plot:           %(icondir)splot.png
103printer:        %(icondir)sprinter.png
104helpIcon:       %(icondir)shelp.png
105HdrLeftAlt:     %(layout)sNatural Environment Research Council
106HdrLeftLogo:    %(layout)sNERC_Logo.gif
Note: See TracBrowser for help on using the repository browser.