source: TI12-security/trunk/python/ndg.security.test/ndg/security/test/integration/authz/securedapp.ini @ 5254

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg/TI12-security/trunk/python/ndg.security.test/ndg/security/test/integration/authz/securedapp.ini@5254
Revision 5254, 2.8 KB checked in by pjkersha, 11 years ago (diff)

Added additional debug logging and improved error handling

Line 
1#
2# NDG Security AuthZ WSGI Testing environment configuration
3#
4# NERC DataGrid
5#
6# Author: P J Kershaw
7#
8# Copyright: STFC 2009
9#
10# Licence: BSD
11#
12# The %(here)s variable will be replaced with the parent directory of this file
13#
14[DEFAULT]
15testConfigDir = %(here)s/../../config
16
17[server:main]
18use = egg:Paste#http
19host = 0.0.0.0
20port = 7080
21
22[pipeline:main]
23pipeline = AuthenticationFilter AuthorizationFilter AuthZTestApp
24
25[app:AuthZTestApp]
26paste.app_factory = ndg.security.test.integration.authz.securedapp:AuthZTestMiddleware.app_factory
27
28[filter:AuthenticationFilter]
29paste.filter_app_factory = ndg.security.server.wsgi.authn:AuthenticationMiddleware
30prefix = authN.
31
32# Set redirect for OpenID Relying Party in the Security Services app instance
33authN.redirectURI = http://localhost:7443/verify
34
35# Beaker Session set-up
36beaker.session.key = ndg.security.session
37beaker.session.secret = rBIvKXLa+REYB8pM/8pdPoorVpKQuaOW
38beaker.cache.data_dir = %(here)s/authn/beaker/cache
39beaker.session.data_dir = %(here)s/authn/beaker/sessions
40
41# AuthKit Set-up
42authkit.setup.method=cookie
43
44# This cookie name and secret MUST agree with the name used by the security web
45# services app
46authkit.cookie.name=ndg.security.auth
47authkit.cookie.secret=9wvZObs9anUEhSIAnJNoY2iJq59FfYZr
48authkit.cookie.signoutpath = /logout
49
50[filter:AuthorizationFilter]
51paste.filter_app_factory=ndg.security.server.wsgi.authz:AuthorizationMiddleware.filter_app_factory
52prefix = authz.
53policy.filePath = %(here)s/policy.xml
54
55# Settings for Policy Information Point used by the Policy Decision Point to
56# retrieve subject attributes from the Attribute Authority associated with the
57# resource to be accessed
58pip.sslCACertFilePathList=
59
60# List of CA certificates used to verify the signatures of
61# Attribute Certificates retrieved
62pip.caCertFilePathList=%(testConfigDir)s/ca/ndg-test-ca.crt
63
64#
65# WS-Security Settings for call to Session Manager
66
67# Signature of an outbound message
68
69# Certificate associated with private key used to sign a message.  The sign
70# method will add this to the BinarySecurityToken element of the WSSE header. 
71# binSecTokValType attribute must be set to 'X509' or 'X509v3' ValueType. 
72# As an alternative, use signingCertChain - see below...
73
74# PEM encode cert
75pip.wssecurity.signingCertFilePath=%(testConfigDir)s/pki/wsse-server.crt
76
77# PEM encoded private key file
78pip.wssecurity.signingPriKeyFilePath=%(testConfigDir)s/pki/wsse-server.key
79
80# Password protecting private key.  Leave blank if there is no password.
81pip.wssecurity.signingPriKeyPwd=
82
83# For signature verification.  Provide a space separated list of file paths
84pip.wssecurity.caCertFilePathList=%(testConfigDir)s/ca/ndg-test-ca.crt
85
86# ValueType for the BinarySecurityToken added to the WSSE header
87pip.wssecurity.reqBinSecTokValType=X509v3
88
89# Add a timestamp element to an outbound message
90pip.wssecurity.addTimestamp=True
Note: See TracBrowser for help on using the repository browser.