source: TI12-security/trunk/python/ndg.security.test/ndg/security/test/SessionMgr/sessionMgrProperties.xml @ 2893

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg/TI12-security/trunk/python/ndg.security.test/ndg/security/test/SessionMgr/sessionMgrProperties.xml@2893
Revision 2893, 2.9 KB checked in by pjkersha, 13 years ago (diff)

New version of MyProxy? no longer needs NDG-customised version of M2Crypto. - Now unit tested with standard M2Crypto v0.18

ndg.security.server/ndg/security/server/Log.py:

  • simplified and set-up so that handlers are added according to NDGSEC_* environment variable settings

ndg.security.server/ndg/security/server/MyProxy.py:

  • replaced customised M2Crypto code with standard M2Crypto vers 0.18 calls now that required functions are supported. These are: as_der() method for X.509 cert requests and X509.load_cert_der_string

ndg.security.test/ndg/security/test/MyProxy/myProxyClientTest.cfg:

  • set for unit test re-run

ndg.security.test/ndg/security/test/MyProxy/MyProxyClientTest.py:

  • fix to password defaults

ndg.security.test/ndg/security/test/SessionMgr/sessionMgrProperties.xml +
ndg.security.test/ndg/security/test/SessionMgr/openssl.conf:

  • use a local OpenSSL config file instead of one in Globus installation
Line 
1<?xml version="1.0" encoding="utf-8"?>
2<sessMgrProp>
3    <portNum>5700</portNum>
4    <useSSL>Yes</useSSL> <!-- leave blank to use http -->
5    <sslCertFile>$NDGSEC_SM_UNITTEST_DIR/sm-cert.pem</sslCertFile>
6    <sslKeyFile>$NDGSEC_SM_UNITTEST_DIR/sm-key.pem</sslKeyFile>
7    <!--
8    PKI settings for signature of outbound SOAP messages
9    -->
10    <useSignatureHandler>Yes</useSignatureHandler> <!-- leave blank for no signature -->
11    <caCertFile>$NDGSEC_SM_UNITTEST_DIR/cacert.pem</caCertFile>
12    <certFile>$NDGSEC_SM_UNITTEST_DIR/sm-cert.pem</certFile>
13    <keyFile>$NDGSEC_SM_UNITTEST_DIR/sm-key.pem</keyFile>
14    <keyPwd/>
15    <!--
16    Set the certificate used to verify the signature of messages from the
17    client.  This can usually be left blank since the client is expected to
18    include the cert with the signature in the inbound SOAP message
19    -->
20    <clntCertFile></clntCertFile>   
21    <sessMgrEncrKey>abcdef0123456789</sessMgrEncrKey>
22    <sessMgrURI>https://localhost:5700/SessionManager</sessMgrURI>
23    <cookieDomain></cookieDomain>
24        <myProxyProp>
25                <!--
26                Delete this element and take setting from MYPROXY_SERVER environment
27                variable if required
28                <hostname>localhost</hostname>
29                -->
30                <!--
31                Delete this element to take default setting 7512 or read
32                MYPROXY_SERVER_PORT setting
33                -->
34                <port>7512</port>
35                <!--
36                Useful if hostname and certificate CN don't match correctly.  Globus
37                host DN is set to "host/<fqdn>".  Delete this element and set from
38                MYPROXY_SERVER_DN environment variable if prefered
39                <serverDN></serverDN>
40                -->
41                <!--
42                Set "host/" prefix to host cert CN as is default with globus
43                -->
44                <!--
45                This directory path is used to locate the OpenSSL configuration file
46               
47                The settings are used to set up the defaults for the Distinguished Name of
48                the new proxy cert. issued
49               
50                GLOBUS_LOCATION or GRID_SECURITY_DIR environment variables may be used
51                but the settings can be independent of any Globus installation
52                -->
53                <openSSLConfFilePath>$NDGSEC_SM_UNITTEST_DIR/openssl.conf</openSSLConfFilePath>
54                <tmpDir>/tmp</tmpDir>
55                <!--
56                        Limit on maximum lifetime any proxy certificate can have -
57                        specified when a certificate is first created by store() method
58                -->
59                <proxyCertMaxLifetime>24</proxyCertMaxLifetime> <!-- in hours -->
60                <!--
61                        Life time of a proxy certificate when issued from the Proxy Server
62                        with getDelegation() method
63                        -->
64                <proxyCertLifetime>8</proxyCertLifetime> <!-- in hours -->
65                <caCertFile>$NDGSEC_SM_UNITTEST_DIR/cacert.pem</caCertFile>
66        </myProxyProp>
67        <simpleCACltProp>
68            <uri></uri>
69        <xmlSigKeyFile></xmlSigKeyFile>
70        <xmlSigCertFile></xmlSigCertFile>
71        <xmlSigCertPwd></xmlSigCertPwd>
72    </simpleCACltProp>
73    <credReposProp>
74            <modFilePath></modFilePath>
75            <modName>ndg.security.common.CredWallet</modName>
76            <className>NullCredRepos</className>
77            <propFile></propFile>
78    </credReposProp>
79</sessMgrProp>
Note: See TracBrowser for help on using the repository browser.