source: TI12-security/trunk/python/ndg.security.test/ndg/security/test/integration/dap/template/server-pydap2.ini @ 5294

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg/TI12-security/trunk/python/ndg.security.test/ndg/security/test/integration/dap/template/server-pydap2.ini@5294
Revision 5294, 3.8 KB checked in by pjkersha, 12 years ago (diff)

configuration for former pyDAP 2.0 integrated with security. Settings for pyDAP 3.0 in server.ini now supercede this.

Line 
1#
2# NDG Security pyDAP version 2.0 Test configuration
3#
4# NERC DataGrid
5#
6# Author: P J Kershaw
7#
8# Date: 15/05/09
9#
10# Copyright: STFC 2009
11#
12# Licence: BSD - see top level directory for details
13#
14# The %(here)s variable will be replaced with the parent directory of this
15# file
16#
17[server:main]
18use = egg:Paste#http
19# Change to 0.0.0.0 to make public
20host = 127.0.0.1
21port = 8080
22
23[app:static]
24use = egg:Paste#static
25document_root = %(here)s/data
26
27[app:pydap]
28use = egg:dap
29name = My-Server
30root = %(here)s/data
31verbose = 0
32template = %(here)s/template
33
34[app:staticLayout]
35use = egg:Paste#static
36document_root = %(here)s/layout
37
38[filter-app:dapApp]
39use = egg:Paste#httpexceptions
40next = cascade
41
42# Composite for OpenID Provider to enable settings for picking up static
43# content
44[composit:cascade]
45use = egg:Paste#cascade
46app1 = static
47app2 = staticLayout
48app3 = pydap
49catch = 404
50
51[pipeline:main]
52pipeline = AuthenticationFilter AuthorizationFilter dapApp
53
54[filter:AuthenticationFilter]
55paste.filter_app_factory = ndg.security.server.wsgi.authn:AuthenticationMiddleware
56prefix = authN.
57
58# Set redirect for OpenID Relying Party in the Security Services app instance
59#authN.redirectURI = https://localhost/verify
60authN.redirectURI = http://localhost:7443/verify
61
62# Beaker Session set-up
63beaker.session.key = ndg.security.session
64beaker.session.secret = rBIvKXLa+REYB8pM/8pdPoorVpKQuaOW
65beaker.cache.data_dir = %(here)s/authn/beaker/pki/cache
66beaker.session.data_dir = %(here)s/authn/beaker/sessions
67
68# AuthKit Set-up
69authkit.setup.method=cookie
70
71# This cookie name and secret MUST agree with the name used by the security web
72# services app
73authkit.cookie.name=ndg.security.auth
74authkit.cookie.secret=9wvZObs9anUEhSIAnJNoY2iJq59FfYZr
75authkit.cookie.signoutpath = /logout
76
77[filter:AuthorizationFilter]
78paste.filter_app_factory=ndg.security.server.wsgi.authz:AuthorizationMiddleware.filter_app_factory
79prefix = authz.
80policy.filePath = %(here)s/authz/policy.xml
81
82# Settings for Policy Information Point used by the Policy Decision Point to
83# retrieve subject attributes from the Attribute Authority associated with the
84# resource to be accessed
85pip.sslCACertFilePathList=
86
87# List of CA certificates used to verify the signatures of
88# Attribute Certificates retrieved
89pip.caCertFilePathList=%(here)s/pki/ca/ndg-test-ca.crt
90
91#
92# WS-Security Settings for call to Session Manager
93
94# Signature of an outbound message
95
96# Certificate associated with private key used to sign a message.  The sign
97# method will add this to the BinarySecurityToken element of the WSSE header. 
98# binSecTokValType attribute must be set to 'X509' or 'X509v3' ValueType. 
99# As an alternative, use signingCertChain - see below...
100
101# PEM encode cert
102pip.wssecurity.signingCertFilePath=%(here)s/pki/wsse-server.crt
103
104# PEM encoded private key file
105pip.wssecurity.signingPriKeyFilePath=%(here)s/pki/wsse-server.key
106
107# Password protecting private key.  Leave blank if there is no password.
108pip.wssecurity.signingPriKeyPwd=
109
110# For signature verification.  Provide a space separated list of file paths
111pip.wssecurity.caCertFilePathList=%(here)s/pki/ca/ndg-test-ca.crt
112
113# ValueType for the BinarySecurityToken added to the WSSE header
114pip.wssecurity.reqBinSecTokValType=X509v3
115
116# Add a timestamp element to an outbound message
117pip.wssecurity.addTimestamp=True
118
119# Logging configuration
120[loggers]
121keys = root, ndg
122
123[handlers]
124keys = console,logfile
125
126[formatters]
127keys = generic
128
129[logger_root]
130level = INFO
131handlers = console
132
133[logger_ndg]
134level = DEBUG
135handlers = logfile
136qualname = ndg
137
138[handler_console]
139class = StreamHandler
140args = (sys.stderr,)
141level = NOTSET
142formatter = generic
143
144[handler_logfile]
145class = handlers.RotatingFileHandler
146level=NOTSET
147formatter=generic
148args=(os.path.join('./', 'log', 'server.log'), 'a', 100000, 10)
149
150[formatter_generic]
151format = %(asctime)s,%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
152datefmt = %H:%M:%S
Note: See TracBrowser for help on using the repository browser.