source: TI12-security/trunk/python/ndg.security.test/ndg/security/test/attAuthority/invalidSiteAAttAuthority.cfg @ 4131

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg/TI12-security/trunk/python/ndg.security.test/ndg/security/test/attAuthority/invalidSiteAAttAuthority.cfg@4131
Revision 4131, 2.5 KB checked in by cbyrom, 11 years ago (diff)

Create new utility package with class, ConfigFileParsers? - a utility
class with parsers for XML and INI style config files. This takes
a filename, together with an optional dictionary of valid keys (to
check for invalid config inputs) + optional section list (to restrict
parsing of INI files to particular sections) and returns a
dictionary of read in properties. NB, if valid keys are specified
and not featured in the prop file, default values are set up in the
returned property dict.
Implemented use of the ConfigFileParsers? in the AttAuthority? service.
Added new testsuite (together with noseTests class to drive tests) to
exercise the new parsers in the context of the AttAuthority? section +
added test config files.

  • Property svn:executable set to *
Line 
1<?xml version="1.0" encoding="utf-8"?>
2<AAprop>
3    <name>Site A</name>
4    <portNum>5000</portNum>
5    <useSSL></useSSL> <!-- leave blank to use http -->
6    <sslCertFile>$NDGSEC_AACLNT_UNITTEST_DIR/siteA-aa.crt</sslCertFile>
7    <sslKeyFile>$NDGSEC_AACLNT_UNITTEST_DIR/siteA-aa.key</sslKeyFile>
8    <sslKeyPwd></sslKeyPwd>
9    <!-- 
10    Directory containing CA cert.s to verify SSL peer cert against 
11     - ignored if useSSL is blank
12    -->
13    <sslCACertDir>$NDGSEC_AACLNT_UNITTEST_DIR/ca</sslCACertDir>
14    <!-- 
15        WS-Security settings leave 'useSignatureHandler' blank for no 
16        signature 
17        -->
18    <useSignatureHandler>Yes</useSignatureHandler> 
19    <certFile>$NDGSEC_AACLNT_UNITTEST_DIR/siteA-aa.crt</certFile>
20    <keyFile>$NDGSEC_AACLNT_UNITTEST_DIR/siteA-aa.key</keyFile>
21    <keyPwd></keyPwd>
22        <wssRefInclNS></wssRefInclNS>
23        <wssSignedInfoInclNS></wssSignedInfoInclNS>
24    <caCertFileList>
25        <caCertFile>$NDGSEC_AACLNT_UNITTEST_DIR/ca/ndg-test-ca.crt</caCertFile>
26        <caCertFile>$NDGSEC_AACLNT_UNITTEST_DIR/ca/cacert.pem</caCertFile>
27        <!-- 
28        To also trust certificates issued from your MyProxy CA, replace 
29        "abcdef01.0" with the unique name for your CA certificate and uncomment
30        the following line:
31        <caCertFile>/etc/grid-security/certificates/abcdef01.0</caCertFile>
32        -->
33    </caCertFileList>
34    <!-- Set the value type of the server cert -->
35    <reqBinSecTokValType>X509v3</reqBinSecTokValType>
36    <!-- Set the response message header to include a SignatureConfirmation element -->
37    <applySignatureConfirmation>True</applySignatureConfirmation>
38    <!-- 
39    Set the certificate used to verify the signature of messages from the 
40    client.  This can usually be left blank since the client is expected to 
41    include the cert with the signature in the inbound SOAP message
42    -->
43    <clntCertFile></clntCertFile>   
44    <attCertLifetime>28800</attCertLifetime>
45    <attCertNotBeforeOff>0</attCertNotBeforeOff>
46    <attCertFileName>ac.xml</attCertFileName>
47    <attCertFileLogCnt>16</attCertFileLogCnt>
48    <mapConfigFile>$NDGSEC_AACLNT_UNITTEST_DIR/siteAMapConfig.xml</mapConfigFile>
49    <attCertDir>$NDGSEC_AACLNT_UNITTEST_DIR/attCertLog</attCertDir>
50    <dnSeparator>/</dnSeparator>
51    <userRolesModFilePath>$NDGSEC_AACLNT_UNITTEST_DIR</userRolesModFilePath>
52    <userRolesModName>siteAUserRoles</userRolesModName>
53    <userRolesClassName>TestUserRoles</userRolesClassName>
54    <userRolesPropFile></userRolesPropFile>
55</AAprop>
Note: See TracBrowser for help on using the repository browser.