source: TI12-security/trunk/python/ndg.security.test/ndg/security/test/sessionMgr/sessionMgrProperties.xml @ 3145

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg/TI12-security/trunk/python/ndg.security.test/ndg/security/test/sessionMgr/sessionMgrProperties.xml@3145
Revision 3145, 3.4 KB checked in by pjkersha, 12 years ago (diff)

python/www/html/sessionMgr.wsdl,
python/ndg.security.common/ndg/security/common/SessionMgr/SessionMgr_services.py,
python/ndg.security.common/ndg/security/common/SessionMgr/SessionMgr_services_types.py,
python/ndg.security.server/ndg/security/server/SessionMgr/SessionMgr_services_server.py:

  • remove refs to proxy certs - using MyProxy? as CA proxy certs aren't generated.
  • make issuingCert nillable as it won't be set if calling MyProxy? in Simple CA mode

python/ndg.security.server/ndg/security/server/conf/sessionMgr.tac: removes refs to proxy cert - replace with user cert

python/ndg.security.server/ndg/security/server/conf/sessionMgrProperties.xml: fix MyProxy? cert times - these are in seconds NOT hours

python/ndg.security.server/ndg/security/server/MyProxy.py: remove '\0's from get and info commands

python/ndg.security.test/ndg/security/test/sessionMgrClient/SessionMgrClientTest.py: fixed for tests with new MyProxy? config as SimpleCA

python/ndg.security.test/ndg/security/test/sessionMgrClient/server.sh: get rid of --pidfile arg to twistd - not needed.

python/ndg.security.test/ndg/security/test/sessionMgrClient/sm-clnt.crt,
python/ndg.security.test/ndg/security/test/sessionMgrClient/sm-clnt.key,

python/ndg.security.test/ndg/security/test/sessionMgr/sessionMgrProperties.xml,
python/ndg.security.test/ndg/security/test/sessionMgr/sessionMgrTest.cfg,
python/ndg.security.test/ndg/security/test/sessionMgrClient/sessionMgrProperties.xml,
python/ndg.security.test/ndg/security/test/sessionMgrClient/sessionMgrClientTest.cfg: altered for tests with multiple CAs

python/ndg.security.common/ndg/security/common/SessionMgr/init.py:

  • removed addUser method - not needed
  • switched refs to proxy cert -> user cert
Line 
1<?xml version="1.0" encoding="utf-8"?>
2<sessMgrProp>
3    <portNum>5700</portNum>
4    <useSSL></useSSL> <!-- leave blank to use http -->
5    <!--<useSSL>Yes</useSSL>  leave blank to use http -->
6    <sslCertFile>$NDGSEC_SM_UNITTEST_DIR/sm.crt</sslCertFile>
7    <sslKeyFile>$NDGSEC_SM_UNITTEST_DIR/sm.key</sslKeyFile>
8    <!--
9    Directory containing CA cert.s to verify SSL peer cert against
10     - ignored if useSSL is blank
11    -->
12    <sslCACertDir>$NDGSEC_SM_UNITTEST_DIR/ca</sslCACertDir>
13    <!--
14    PKI settings for signature of outbound SOAP messages
15    -->
16    <useSignatureHandler>Yes</useSignatureHandler> <!-- leave blank for no signature -->
17    <!--
18    CA Certificates used to verify X.509 certs used in peer SOAP messages,
19    SSL connections and Attribute Certificates
20    -->
21    <caCertFileList>
22        <caCertFile>$NDGSEC_SM_UNITTEST_DIR/ca/cacert.pem</caCertFile>
23        <caCertFile>$NDGSEC_SM_UNITTEST_DIR/ca/ndg-test-ca.crt</caCertFile>
24    </caCertFileList>
25    <certFile>$NDGSEC_SM_UNITTEST_DIR/sm.crt</certFile>
26    <keyFile>$NDGSEC_SM_UNITTEST_DIR/sm.key</keyFile>
27    <keyPwd/>
28    <!--
29    Set the certificate used to verify the signature of messages from the
30    client.  This can usually be left blank since the client is expected to
31    include the cert with the signature in the inbound SOAP message
32    -->
33    <clntCertFile></clntCertFile>   
34    <sessMgrEncrKey>abcdef0123456789</sessMgrEncrKey>
35    <sessMgrURI>https://localhost:5700/SessionManager</sessMgrURI>
36    <cookieDomain></cookieDomain>
37        <myProxyProp>
38                <!--
39                Delete this element and take setting from MYPROXY_SERVER environment
40                variable if required
41                <hostname>localhost</hostname>
42                -->
43                <!--
44                Delete this element to take default setting 7512 or read
45                MYPROXY_SERVER_PORT setting
46                -->
47                <port>7512</port>
48                <!--
49                Useful if hostname and certificate CN don't match correctly.  Globus
50                host DN is set to "host/<fqdn>".  Delete this element and set from
51                MYPROXY_SERVER_DN environment variable if prefered
52                <serverDN></serverDN>
53                -->
54                <!--
55                Set "host/" prefix to host cert CN as is default with globus
56                -->
57                <!--
58                This directory path is used to locate the OpenSSL configuration file
59               
60                The settings are used to set up the defaults for the Distinguished Name of
61                the new proxy cert. issued
62               
63                GLOBUS_LOCATION or GRID_SECURITY_DIR environment variables may be used
64                but the settings can be independent of any Globus installation
65                -->
66                <openSSLConfFilePath>$NDGSEC_SM_UNITTEST_DIR/openssl.conf</openSSLConfFilePath>
67                <tmpDir>/tmp</tmpDir>
68                <!--
69                        Limit on maximum lifetime any proxy certificate can have -
70                        specified when a certificate is first created by store() method
71                -->
72                <proxyCertMaxLifetime>43200</proxyCertMaxLifetime> <!-- in seconds -->
73                <!--
74                        Life time of a proxy certificate when issued from the Proxy Server
75                        with getDelegation() method
76                        -->
77                <proxyCertLifetime>43200</proxyCertLifetime> <!-- in seconds -->
78                <caCertFile>$NDGSEC_SM_UNITTEST_DIR/cacert.pem</caCertFile>
79        </myProxyProp>
80        <simpleCACltProp>
81            <uri></uri>
82        <xmlSigKeyFile></xmlSigKeyFile>
83        <xmlSigCertFile></xmlSigCertFile>
84        <xmlSigCertPwd></xmlSigCertPwd>
85    </simpleCACltProp>
86    <credReposProp>
87            <modFilePath></modFilePath>
88            <modName>ndg.security.common.CredWallet</modName>
89            <className>NullCredRepos</className>
90            <propFile></propFile>
91    </credReposProp>
92</sessMgrProp>
Note: See TracBrowser for help on using the repository browser.