source: TI12-security/trunk/python/ndg.security.test/ndg/security/test/SessionMgrClientTest.py @ 1770

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg/TI12-security/trunk/python/ndg.security.test/ndg/security/test/SessionMgrClientTest.py@1770
Revision 1770, 8.2 KB checked in by pjkersha, 14 years ago (diff)

www/html/sessionMgr.wsdl: updated connect and reqAuthorisation input message args.
test/SessionMgrClientTest.py: added disconnect methods are started changes for doc/lit style WS
interface + use of WS-Security.
test/AttAuthority/AttAuthorityClientTest.py and common/AttAuthority/init.py: use URI instead of URL
throughout.
common/SessionMgr/init.py: changes for doc/lit style WS interface + use of WS-Security.
common/SessionCookie.py: added sessionID and encrSessionMgrURI read-only attributes.

  • Property svn:executable set to *
Line 
1#!/usr/bin/env python
2
3"""Test harness for NDG Session Manager client - makes requests for
4authentication and authorisation.  An Attribute Authority and Simple CA
5services must be running for the reqAuthorisation and addUser tests
6
7NERC Data Grid Project
8
9P J Kershaw 23/02/06
10
11Renamed from SessionClientTest.py 27/0/4/06
12Moved and renamed SessionMgrClientTest.py 23/11/06
13
14Copyright (C) 2006 CCLRC & NERC
15
16This software may be distributed under the terms of the Q Public License,
17version 1.0 or later.
18"""
19import unittest
20import os
21
22from Cookie import SimpleCookie
23
24from ndg.security.common.SessionMgrClient import *
25
26
27class SecurityClientTestCase(unittest.TestCase):
28   
29    def setUp(self):
30        self.config = {}
31
32        # Gabriel settings
33        gabrielConfig = {}
34        gabrielConfig['smWSDL'] = 'http://gabriel.bnsc.rl.ac.uk/sessionMgr.wsdl'
35        gabrielConfig['aaWSDL'] = 'http://gabriel.bnsc.rl.ac.uk/attAuthority.wsdl'
36
37       
38        gabrielConfig['newUserName'] = 'BugsBunny'           
39        gabrielConfig['userName'] = 'gabriel'
40        gabrielConfig['trustedHostRequiredRole'] = 'academic'
41
42        gabrielConfig['aaPubKeyFilePath'] = None
43
44        # Public key of session manager used to encrypt requests
45        # If no public key is set, it will be retrieved using the
46        # getPubKey WS method
47        gabrielConfig['smPubKeyFilePath'] = None
48
49       
50        # Glue settings
51        glueConfig = {}
52        glueConfig['smWSDL'] = 'http://glue.badc.rl.ac.uk/sessionMgr.wsdl'
53        glueConfig['aaWSDL'] = 'http://glue.badc.rl.ac.uk/attAuthority.wsdl'
54
55       
56        glueConfig['newUserName'] = 'YosemiteSam'           
57        glueConfig['userName'] = 'lawrence'
58        glueConfig['trustedHostRequiredRole'] = 'acsoe'
59        #glueConfig['trustedHostRequiredRole'] = 'coapec'
60
61        glueConfig['aaPubKeyFilePath'] = None
62
63        # Public key of session manager used to encrypt requests
64        # If no public key is set, it will be retrieved using the
65        # getPubKey WS method
66        glueConfig['smPubKeyFilePath'] = None
67
68
69        # Uncomment for required test
70        self.config = gabrielConfig
71        #self.config = glueConfig
72
73       
74        self.__clntPriKeyPwd = open("./tmp2").read().strip()
75
76        clntPubKeyFilePath = "./Junk-cert.pem"
77        clntPriKeyFilePath = "./Junk-key.pem"
78        traceFile = None#sys.stderr
79       
80        # Initialise the Session Manager client connection
81        # Omit traceFile keyword to leave out SOAP debug info
82        self.clnt = SessionMgrClient(smURI=self.config['smWSDL'],
83                        smPubKeyFilePath=self.config['smPubKeyFilePath'],
84                        clntPubKeyFilePath=clntPubKeyFilePath,
85                        clntPriKeyFilePath=clntPriKeyFilePath,
86                        traceFile=traceFile) 
87       
88        self.sessCookie = None
89        self.proxyCert = None
90
91
92    def testAddUser(self):
93        """Add a new user ID to the MyProxy repository"""
94       
95        # Note the pass-phrase is read from the file tmp.  To pass
96        # explicitly as a string use the 'pPhrase' keyword instead
97        self.clnt.addUser(self.config['newUserName'], 
98                          pPhraseFilePath="./tmp",
99                          clntPriKeyPwd=self.__clntPriKeyPwd)
100        print "Added user '%s'" % self.config['newUserName']
101       
102
103    def testCookieConnect(self):
104        """testCookieConnect: Connect as if acting as a browser client -
105        a cookie is returned"""
106       
107        # Note the pass-phrase is read from the file tmp.  To pass
108        # explicitly as a string use the 'pPhrase' keyword instead
109        sSessCookie = self.clnt.connect(self.config['userName'], 
110                                    pPhraseFilePath="./tmp",
111                                    clntPriKeyPwd=self.__clntPriKeyPwd)
112        self.sessCookie = SimpleCookie(sSessCookie)
113        print "User '%s' connected to Session Manager:\n%s" % \
114            (self.config['userName'], sSessCookie)
115           
116
117    def testProxyCertConnect(self):
118        """testProxyCertConnect: Connect as a command line client -
119        a proxyCert is returned"""
120             
121        self.proxyCert = self.clnt.connect(self.config['userName'], 
122                                      pPhraseFilePath="./tmp",
123                                      createServerSess=True,
124                                      getCookie=False,
125                                      clntPriKeyPwd=self.__clntPriKeyPwd)
126        print "User '%s' connected to Session Manager:\n%s" % \
127            (self.config['userName'], self.proxyCert)
128           
129
130    def testCookieDisconnect(self):
131        """testCookieDisconnect: disconnect as if acting as a browser client -
132        a cookie is returned"""
133       
134        # Note the pass-phrase is read from the file tmp.  To pass
135        # explicitly as a string use the 'pPhrase' keyword instead
136        self.clnt.disconnect(self.sSessCookie)
137        print "User disconnected from Session Manager:\n%s" % \
138            self.sSessCookie
139           
140
141    def testProxyCertDisconnect(self):
142        """testProxyCertDisconnect: Connect as a command line client -
143        a proxyCert is returned"""
144             
145        self.clnt.disconnect(self.proxyCert)
146        print "User '%s' connected to Session Manager:\n%s" % self.proxyCert
147
148
149    def testCookieReqAuthorisation(self):
150        """testCookieReqAuthorisation: make an authorisation request using
151        a cookie as authentication credential"""
152       
153        self.testCookieConnect()
154        authResp = self.clnt.reqAuthorisation(\
155                    sessID=self.sessCookie['NDG-ID1'].value, 
156                    aaWSDL=self.config['aaWSDL'],
157                    encrSessMgrWSDLuri=self.sessCookie['NDG-ID2'].value,
158                    clntPriKeyPwd=self.__clntPriKeyPwd)
159                                                             
160        # The authorisation response is returned as an object which
161        # behaves like a python dictionary.  See
162        # ndg.security.SessionMgrIO.AuthorisationResp
163        if 'errMsg' in authResp:
164            print "Authorisation failed for user: %s" % authResp['errMsg']           
165        else:
166            print "User authorised"
167           
168        print authResp
169
170
171    def testProxyCertReqAuthorisation(self):
172        """testProxyCertReqAuthorisation: make an authorisation request using
173        a proxy cert as authentication credential"""
174        self.testProxyCertConnect()
175       
176        # Request an attribute certificate from an Attribute Authority
177        # using the proxyCert returned from connect()
178        authResp = self.clnt.reqAuthorisation(\
179                                     proxyCert=self.proxyCert,
180                                     aaWSDL=self.config['aaWSDL'],
181                                     clntPriKeyPwd=self.__clntPriKeyPwd)
182                                             
183        # The authorisation response is returned as an object which
184        # behaves like a python dictionary.  See
185        # ndg.security.SessionMgrIO.AuthorisationResp
186        if 'errMsg' in authResp:
187            print "Authorisation failed for user %s" % authResp['errMsg']           
188        else:
189            print "User authorised"
190           
191        print authResp
192
193
194    def testGetPubKey(self):
195        "testGetPubKey: return the Session Manager's public key"
196        pubKey = self.clnt.getPubKey()
197                                             
198        print "Public Key:\n" + pubKey
199           
200           
201#_____________________________________________________________________________       
202class SessionMgrClientTestSuite(unittest.TestSuite):
203   
204    def __init__(self):
205        map = map(SessionMgrClientTestCase,
206                  (
207                    "testAddUser",
208                    "testCookieConnect",
209                    "testProxyCertConnect",
210                    "testCookieDisconnect",
211                    "testProxyCertDisconnect",
212                    "testCookieReqAuthorisation",
213                    "testProxyCertReqAuthorisation",
214                    "testGetPubKey",
215                  ))
216        unittest.TestSuite.__init__(self, map)
217           
218                                                   
219if __name__ == "__main__":
220    unittest.main()       
Note: See TracBrowser for help on using the repository browser.