source: TI12-security/trunk/python/ndg.security.test/ndg/security/test/SessionMgrClientTest.py @ 1781

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg/TI12-security/trunk/python/ndg.security.test/ndg/security/test/SessionMgrClientTest.py@1781
Revision 1781, 9.0 KB checked in by pjkersha, 15 years ago (diff)

test/SessionMgrClientTest.py: working version with SSL
common/CredWallet.py: fix import of AttAuthorityClient? to be from AttAuthority?
package not AttAuthorityClient?.

  • Property svn:executable set to *
Line 
1#!/usr/bin/env python
2
3"""Test harness for NDG Session Manager client - makes requests for
4authentication and authorisation.  An Attribute Authority and Simple CA
5services must be running for the reqAuthorisation and addUser tests
6
7NERC Data Grid Project
8
9P J Kershaw 23/02/06
10
11Renamed from SessionClientTest.py 27/0/4/06
12Moved and renamed SessionMgrClientTest.py 23/11/06
13
14Copyright (C) 2006 CCLRC & NERC
15
16This software may be distributed under the terms of the Q Public License,
17version 1.0 or later.
18"""
19import unittest
20import os, sys
21 
22from Cookie import SimpleCookie
23
24from ndg.security.common.SessionMgr import SessionMgrClient
25from ndg.security.common.SessionCookie import SessionCookie
26
27
28class SessionMgrClientTestCase(unittest.TestCase):
29   
30    def setUp(self):
31        self.config = {}
32
33        testConfig = {}
34        testConfig['smURI'] = 'https://localhost:5000/SessionManager'
35        testConfig['aaURI'] = 'https://localhost:5700/AttributeAuthority'
36
37       
38        testConfig['newUserName'] = 'BugsBunny' 
39        testConfig['newUsernamePPhrase'] = open('./tmp1').read().strip()           
40        testConfig['userName'] = 'gabriel'
41        testConfig['userNamePPhrase'] = open('./tmp2').read().strip()
42        testConfig['trustedHostRequiredRole'] = 'academic'
43
44        testConfig['aaCertFilePath'] = None
45
46        # Public key of session manager used to encrypt requests
47        # If no public key is set, it will be retrieved using the
48        # getCert WS method
49        testConfig['smCertFilePath'] = None
50
51        testConfig['clntPriKeyPwd'] = None#open("./tmp3").read().strip()
52
53        testConfig['clntCertFilePath'] = None#"./Junk-cert.pem"
54        testConfig['clntPriKeyFilePath'] = None#"./Junk-key.pem"
55       
56       
57        # Gabriel settings
58        gabrielConfig = {}
59        gabrielConfig['smURI'] = 'http://gabriel.bnsc.rl.ac.uk/sessionMgr.wsdl'
60        gabrielConfig['aaURI'] = 'http://gabriel.bnsc.rl.ac.uk/attAuthority.wsdl'
61
62       
63        gabrielConfig['newUserName'] = 'BugsBunny'           
64        gabrielConfig['userName'] = 'gabriel'
65        gabrielConfig['trustedHostRequiredRole'] = 'academic'
66
67        gabrielConfig['aaCertFilePath'] = None
68
69        # Public key of session manager used to encrypt requests
70        # If no public key is set, it will be retrieved using the
71        # getCert WS method
72        gabrielConfig['smCertFilePath'] = None
73
74       
75        # Glue settings
76        glueConfig = {}
77        glueConfig['smURI'] = 'http://glue.badc.rl.ac.uk/sessionMgr.wsdl'
78        glueConfig['aaURI'] = 'http://glue.badc.rl.ac.uk/attAuthority.wsdl'
79
80       
81        glueConfig['newUserName'] = 'YosemiteSam'           
82        glueConfig['userName'] = 'lawrence'
83        glueConfig['trustedHostRequiredRole'] = 'acsoe'
84        #glueConfig['trustedHostRequiredRole'] = 'coapec'
85
86        glueConfig['aaCertFilePath'] = None
87
88        # Public key of session manager used to encrypt requests
89        # If no public key is set, it will be retrieved using the
90        # getCert WS method
91        glueConfig['smCertFilePath'] = None
92
93
94        # Uncomment for required test
95        self.config = testConfig
96        #self.config = glueConfig
97
98       
99        self.__clntPriKeyPwd = self.config['clntPriKeyPwd']
100        tracefile = sys.stderr
101       
102        # Initialise the Session Manager client connection
103        # Omit traceFile keyword to leave out SOAP debug info
104        self.clnt = SessionMgrClient(uri=self.config['smURI'],
105                        smCertFilePath=self.config['smCertFilePath'],
106                        clntCertFilePath=self.config['clntCertFilePath'],
107                        clntPriKeyFilePath=self.config['clntPriKeyFilePath'],
108                        tracefile=tracefile) 
109       
110        self.sessCookie = None
111        self.proxyCert = None
112
113
114    def testAddUser(self):
115        """Add a new user ID to the MyProxy repository"""
116       
117        # Note the pass-phrase is read from the file tmp.  To pass
118        # explicitly as a string use the 'pPhrase' keyword instead
119        self.clnt.addUser(self.config['newUserName'], 
120                          pPhrase=self.config['newUsernamePPhrase'],
121                          clntPriKeyPwd=self.__clntPriKeyPwd)
122        print "Added user '%s'" % self.config['newUserName']
123       
124
125    def testCookieConnect(self):
126        """testCookieConnect: Connect as if acting as a browser client -
127        a cookie is returned"""
128       
129        # Note the pass-phrase is read from the file tmp.  To pass
130        # explicitly as a string use the 'pPhrase' keyword instead
131        sSessCookie = self.clnt.connect(self.config['userName'], 
132                                    pPhrase=self.config['userNamePPhrase'],
133                                    clntPriKeyPwd=self.__clntPriKeyPwd)
134
135        self.sessCookie = SessionCookie(sSessCookie)
136        print "User '%s' connected to Session Manager:\n%s" % \
137            (self.config['userName'], sSessCookie)
138           
139
140    def testProxyCertConnect(self):
141        """testProxyCertConnect: Connect as a command line client -
142        a proxyCert is returned"""
143             
144        self.proxyCert = self.clnt.connect(self.config['userName'], 
145                                      pPhrase=self.config['userNamePPhrase'],
146                                      createServerSess=True,
147                                      getCookie=False,
148                                      clntPriKeyPwd=self.__clntPriKeyPwd)
149        print "User '%s' connected to Session Manager:\n%s" % \
150            (self.config['userName'], self.proxyCert)
151           
152
153    def testCookieDisconnect(self):
154        """testCookieDisconnect: disconnect as if acting as a browser client -
155        a cookie is returned"""
156       
157        # Note the pass-phrase is read from the file tmp.  To pass
158        # explicitly as a string use the 'pPhrase' keyword instead
159        self.clnt.disconnect(self.sSessCookie)
160        print "User disconnected from Session Manager:\n%s" % self.sSessCookie
161           
162
163    def testProxyCertDisconnect(self):
164        """testProxyCertDisconnect: Connect as a command line client -
165        a proxyCert is returned"""
166             
167        self.clnt.disconnect(self.proxyCert)
168        print "User '%s' connected to Session Manager:\n%s" % self.proxyCert
169
170
171    def testCookieReqAuthorisation(self):
172        """testCookieReqAuthorisation: make an authorisation request using
173        a cookie as authentication credential"""
174       
175        self.testCookieConnect()
176        resp = self.clnt.reqAuthorisation(\
177                        sessID=self.sessCookie.sessionID, 
178                        attAuthorityURI=self.config['aaURI'],
179                        encrSessionMgrURI=self.sessCookie.encrSessionMgrURI,
180                        clntPriKeyPwd=self.__clntPriKeyPwd)
181         
182        print resp
183
184
185    def testCookieReqAuthorisationWithExtAttCertList(self):
186        """testCookieReqAuthorisation: make an authorisation request using
187        a cookie as authentication credential"""
188       
189        self.testCookieConnect()
190        resp = self.clnt.reqAuthorisation(\
191                        sessID=self.sessCookie.sessionID, 
192                        attAuthorityURI=self.config['aaURI'],
193                        encrSessionMgrURI=self.sessCookie.encrSessionMgrURI,
194                        extAttCertList=['AC1', 'AC2', 'AC3'],
195                        clntPriKeyPwd=self.__clntPriKeyPwd)
196         
197        print resp
198
199
200    def testProxyCertReqAuthorisation(self):
201        """testProxyCertReqAuthorisation: make an authorisation request using
202        a proxy cert as authentication credential"""
203        self.testProxyCertConnect()
204       
205        # Request an attribute certificate from an Attribute Authority
206        # using the proxyCert returned from connect()
207        resp = self.clnt.reqAuthorisation(proxyCert=self.proxyCert,
208                                         attAuthorityURI=self.config['aaURI'],
209                                         clntPriKeyPwd=self.__clntPriKeyPwd)
210                                             
211        print resp
212
213
214    def testGetX509Cert(self):
215        "testGetX509Cert: return the Session Manager's X.509 Cert."
216        #import pdb;pdb.set_trace()
217        cert = self.clnt.getX509Cert()
218                                             
219        print "Session Manager X.509 Certificate:\n" + cert
220           
221           
222#_____________________________________________________________________________       
223class SessionMgrClientTestSuite(unittest.TestSuite):
224   
225    def __init__(self):
226        map = map(SessionMgrClientTestCase,
227                  (
228                    "testAddUser",
229                    "testCookieConnect",
230                    "testProxyCertConnect",
231                    "testCookieDisconnect",
232                    "testProxyCertDisconnect",
233                    "testCookieReqAuthorisation",
234                    "testProxyCertReqAuthorisation",
235                    "testGetX509Cert",
236                  ))
237        unittest.TestSuite.__init__(self, map)
238           
239                                                   
240if __name__ == "__main__":
241    unittest.main()       
Note: See TracBrowser for help on using the repository browser.