source: TI12-security/trunk/python/ndg.security.test/ndg/security/test/integration/authz/__init__.py @ 4909

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg/TI12-security/trunk/python/ndg.security.test/ndg/security/test/integration/authz/__init__.py@5017
Revision 4909, 337 bytes checked in by pjkersha, 11 years ago (diff)

Major progress on authentication and authorisation WSGI chain:

  • integration test harness in ndg.security.test.integration.authz
    • chain PEP middleware catches secured URIs. If URI is a secured one, it sets the status to 403.
    • The 403 status is caught by the PDP. The PDP checks for a login cookie, if not set it sets 401 Unauthorized
    • 401 is caught by OpenID handler and sets OpenID signin form response so that the user can login
    • If the user is logged in, the PDP checks authZ credentials (TODO) if not set it sets a 403 status and responds with an access denied message
  • The PDP uses authkit.authenticate.multi.MultiHandler? to trap 403 responses from the PEP and display an access denied message.
  • ndg.security.server.wsgi.pdp needs cleaning up in line with change to use authkit MultiHandler?
Line 
1"""NDG Security WSGI authorization integration testing package
2
3NERC DataGrid Project
4"""
5__author__ = "P J Kershaw"
6__date__ = "05/02/2009"
7__copyright__ = "(C) 2009 Science and Technology Facilities Council"
8__license__ = "BSD - see top-level directory for LICENSE file"
9__contact__ = "Philip.Kershaw@stfc.ac.uk"
10__revision__ = "$Id$"
Note: See TracBrowser for help on using the repository browser.