source: TI12-security/trunk/python/ndg.security.test/ndg/security/test/MyProxy/myProxyClientTest.cfg @ 2289

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg/TI12-security/trunk/python/ndg.security.test/ndg/security/test/MyProxy/myProxyClientTest.cfg@2289
Revision 2289, 977 bytes checked in by pjkersha, 13 years ago (diff)

python/ndg.security.server/ndg/security/server/AttAuthority/server-config.tac:
modified soap_getAttCert to allow for unsigned client messages. If the
useSignatureHandler flag is not set, then the certificate passed in to
AttAuthority?.getAttCert is the userCert element of the SOAP message.

This is a useful capability if both client and service are behind a firewall
and message security is not required.

python/ndg.security.server/ndg/security/server/AttAuthority/init.py,
python/ndg.security.server/ndg/security/server/conf/attAuthorityProperties.
xml,
python/ndg.security.test/ndg/security/test/AttAuthority/siteAAttAuthorityProperties.xml,
python/ndg.security.test/ndg/security/test/AttAuthority/siteBAttAuthorityProperties.xml:
added useSignatureHandler element to list of elements in the properties file.
If this is not set, then the service will not apply signature or signature
verification to messages.

python/ndg.security.test/ndg/security/test/AttAuthority/AttAuthorityClientTest.py: use dictionary get() rather then [key] for signature keywords. This enables
them to be omitted in the config file so as to switch off the signature handler.

python/ndg.security.test/ndg/security/test/AttAuthority/attAuthorityClientTest.cfg: experimented with omitting signature PKI settings.

python/ndg.security.test/ndg/security/test/MyProxy/myProxyProperties.xml:
set serverCNprefix element to host/ for this MyProxy? installations server cert.

python/ndg.security.test/ndg/security/test/MyProxy/myProxyClientTest.cfg:
altered for account on this machine.

python/ndg.security.common/setup.py: slight change to Python 2.5 check for
ElementTree inclusion

python/ndg.security.common/ndg/security/common/AttAuthority/init.py:
SignatureHandler? is now optional. It's left as None if none of the signature
keywords are set via init. It can be set later as the signatureHandler
property now has set capability enabled.

Line 
1# NERC Data Grid Project
2#
3# P J Kershaw 13/12/06
4#
5# Copyright (C) 2006 CCLRC & NERC
6#
7# This software may be distributed under the terms of the Q Public License,
8# version 1.0 or later.
9[setUp]
10propFilePath: ./myProxyProperties.xml
11
12[test1Store]
13#username: sstljakTestUser
14username: gabriel
15passphrase:
16certFile: ./userCert.pem
17keyFile: ./userKey.pem
18ownerCertFile: ./userCert.pem
19ownerKeyFile: ./userKey.pem
20ownerPassphrase:
21
22[test2GetDelegation]
23username: sstljakTestUser
24#username: gabriel
25passphrase:
26
27[test3Info]
28username: sstljakTestUser
29#username: gabriel
30ownerCertFile: ./proxy-cert.pem
31ownerKeyFile: ./proxy-key.pem
32ownerPassphrase: None
33
34[test4ChangePassphrase]
35username: sstljakTestUser
36#username: gabriel
37ownerCertFile: ./proxy-cert.pem
38ownerKeyFile: ./proxy-key.pem
39passphrase: 
40newPassphrase:
41ownerPassphrase: None
42
43[test5Destroy]
44#username: sstljakTestUser
45username: gabriel
46ownerCertFile: ./proxy-cert.pem
47ownerKeyFile: ./proxy-key.pem
48ownerPassphrase: None
Note: See TracBrowser for help on using the repository browser.