source: TI12-security/trunk/python/ndg.security.test/ndg/security/test/integration/authz/securedapp.ini @ 5168

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg/TI12-security/trunk/python/ndg.security.test/ndg/security/test/integration/authz/securedapp.ini@5168
Revision 5168, 2.4 KB checked in by pjkersha, 11 years ago (diff)

Added new access control interface and functionality to OpenID Provider to enable a custom context object to be passed between login and logout calls.

Line 
1#
2# AuthN WSGI Testing environment configuration
3#
4# The %(here)s variable will be replaced with the parent directory of this file
5#
6[DEFAULT]
7
8[server:main]
9use = egg:Paste#http
10host = 0.0.0.0
11port = 7080
12
13[pipeline:main]
14pipeline = AuthenticationFilter AuthorizationFilter AuthZTestApp
15
16[app:AuthZTestApp]
17paste.app_factory = ndg.security.test.integration.authz.securedapp:AuthZTestMiddleware.app_factory
18
19[filter:AuthenticationFilter]
20paste.filter_app_factory = ndg.security.server.wsgi.authn:AuthenticationMiddleware
21prefix = authN.
22
23# Set redirect for OpenID Relying Party in the Security Services app instance
24authN.redirectURI = http://localhost:7443/verify
25
26# Beaker Session set-up
27beaker.session.key = ndg.security.session
28beaker.session.secret = rBIvKXLa+REYB8pM/8pdPoorVpKQuaOW
29beaker.cache.data_dir = %(here)s/authn/beaker/cache
30beaker.session.data_dir = %(here)s/authn/beaker/sessions
31
32# AuthKit Set-up
33authkit.setup.method=cookie
34
35# This cookie name and secret MUST agree with the name used by the security web
36# services app
37authkit.cookie.name=ndg.security.auth
38authkit.cookie.secret=9wvZObs9anUEhSIAnJNoY2iJq59FfYZr
39authkit.cookie.signoutpath = /logout
40
41[filter:AuthorizationFilter]
42paste.filter_app_factory=ndg.security.server.wsgi.authz:AuthorizationMiddleware.filter_app_factory
43prefix = authz.
44pdp.policyFilePath = %(here)s/policy.xml
45
46# Settings for connection to the user's Session Manager
47sessionManagerClient.sslCACertFilePathList=
48#
49# WS-Security Settings for call to Session Manager
50
51# Signature of an outbound message
52
53# Certificate associated with private key used to sign a message.  The sign
54# method will add this to the BinarySecurityToken element of the WSSE header. 
55# binSecTokValType attribute must be set to 'X509' or 'X509v3' ValueType. 
56# As an alternative, use signingCertChain - see below...
57
58# PEM encode cert
59sessionManagerClient.wssecurity.signingCertFilePath=
60
61# PEM encoded private key file
62sessionManagerClient.wssecurity.signingPriKeyFilePath=
63
64# Password protecting private key.  Leave blank if there is no password.
65sessionManagerClient.wssecurity.signingPriKeyPwd=
66
67# Provide a space separated list of file paths
68sessionManagerClient.wssecurity.caCertFilePathList=
69
70# ValueType for the BinarySecurityToken added to the WSSE header
71sessionManagerClient.wssecurity.reqBinSecTokValType=X509v3
72
73# Add a timestamp element to an outbound message
74sessionManagerClient.wssecurity.addTimestamp=True
Note: See TracBrowser for help on using the repository browser.