source: TI12-security/trunk/python/ndg.security.test/ndg/security/test/SessionMgr/sessionMgrClientTest.cfg @ 2746

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg/TI12-security/trunk/python/ndg.security.test/ndg/security/test/SessionMgr/sessionMgrClientTest.cfg@2746
Revision 2746, 2.2 KB checked in by pjkersha, 13 years ago (diff)

ndg.security.server/ndg/security/server/conf/sessionMgrProperties.xml:

  • don't comment out hostname instead include by default

ndg.security.server/ndg/security/server/SessionMgr/init.py:

  • fixed comment typo

ndg.security.server/ndg/security/server/MyProxy.py:

to prevent setting of OpenSSL config file without the required file name and
directory path.

ndg.security.test/ndg/security/test/AttCert/attCertTest.cfg,
ndg.security.test/ndg/security/test/AttCert/AttCertTest.py:

  • fixed unit tests for AC signature verification. certFilePathList can now

be set to include CA certs. to verify the X.509 cert. used in the signature

ndg.security.test/ndg/security/test/SessionMgr/SessionMgrClientTest.py:

  • fix: extAttCertList is no longer returned in getAttCert calls to SM client.

ndg.security.test/ndg/security/test/SessionMgr/sessionMgrClientTest.cfg:

  • tests with services on glue

ndg.security.common/ndg/security/common/XMLSec.py:

  • fixed verifyEnvelopedSignature so that it is now possible to verify the

X.509 cert. in the signature against it's issuing CA cert.

ndg.security.common/ndg/security/common/SessionMgr/init.py:

  • modified getAttCert call so that extAttCertList is no longer passed back in

the returned tuple but is instead included as an attribute of the
AttributeRequestDenied? exception type.

  • updated pydoc for getAttCert method

ndg.security.common/ndg/security/common/AttAuthority/init.py:

  • typo fix - doesn't affect execution

ndg.security.common/ndg/security/common/CredWallet.py:

  • updates to getAttCert call pydoc
  • and getAttCert exception handling
Line 
1# NERC Data Grid Project
2#
3# P J Kershaw 12/01/07
4#
5# Copyright (C) 2007 CCLRC & NERC
6#
7# This software may be distributed under the terms of the Q Public License,
8# version 1.0 or later.
9#
10# $Id:$
11[setUp]
12#smuri = https://localhost:5700/SessionManager
13smuri = https://glue.badc.rl.ac.uk:50000/SessionManager
14
15# For https connections only.  !Omit ssl* settings if using http!
16# sslpeercertcn is the expected CommonName of peer cert.  Omit if it's the
17# same as peer hostname.
18#sslpeercertcn = webSphereTest
19sslcacertfilepathlist = cacert.pem
20
21# Set to False to test service without WS-Security signature
22setsignaturehandler = True
23
24# ValueType for BinarySecurityToken element of WSSE header.  Specify
25# 'X509PKIPathv1' for use with proxy certificates
26reqbinsectokvaltype = X509v3
27#reqbinsectokvaltype = X509
28#reqbinsectokvaltype = X509PKIPathv1
29
30# Test with proxy certificates or with standard certs.  Comment out as
31# appropriate
32#proxycertfilepath = ./proxy-cert.pem
33
34# Test without proxy certificates - uses AA server side cert/private key for
35# client side too (!)
36clntcertfilepath = ./clnt-cert.pem
37
38clntprikeyfilepath = ./clnt-key.pem
39#clntprikeyfilepath = ./proxy-key.pem
40
41# Password protecting client private key - if omitted it will be prompted for
42# from tty
43clntprikeypwd = 
44
45# Space separated list of CA certificate files used to verify certificate used
46# in message signature
47cacertfilepathlist = ./cacert.pem
48
49[test1AddUser]
50username = BugsBunny
51# Comment out to prompt for on tty.
52#passphrase =
53 
54[test2Connect]         
55username = lawrence
56#username = raphaelTest
57#username = gabriel
58#passphrase =
59
60[test3ConnectNoCreateServerSess]         
61username = raphaelTest
62#username = gabriel
63#passphrase =
64
65[test6GetAttCertUsingSessID]
66aaURI = https://localhost:5000/AttributeAuthority
67
68[test6aGetAttCertRefusedUsingSessID]
69aaURI = http://localhost:5100/AttributeAuthority
70
71[test6bGetMappedAttCertUsingSessID]
72aaURI = http://localhost:5100/AttributeAuthority
73
74[test6cGetAttCertWithExtAttCertListUsingSessID]
75aaURI = http://localhost:5100/AttributeAuthority
76
77[test7GetAttCertUsingProxyCert]
78#aaURI = https://localhost:5000/AttributeAuthority
79aaURI = http://glue.badc.rl.ac.uk/services/ndg/security/AttributeAuthority
Note: See TracBrowser for help on using the repository browser.