source: TI12-security/trunk/python/ndg.security.test/ndg/security/test/sessionMgrClient/README @ 3195

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg/TI12-security/trunk/python/ndg.security.test/ndg/security/test/sessionMgrClient/README@3195
Revision 3195, 3.8 KB checked in by pjkersha, 12 years ago (diff)

fixes to X509, XMLSecDoc, wsSecurity and sessionMgrClient unit tests - latter still to complete

security/python/ndg.security.test/ndg/security/test/SecurityCGItest.py: deleted as this code is no longer needed. Pylons code replaces it. The module that the unit test is based still exists.

security/python/ndg.security.test/ndg/security/test/sessionMgrClient/README: more detailed instructions

security/python/ndg.security.test/ndg/security/test/server.py: repalce equivalent .sh bash script with python version

security/python/ndg.security.test/ndg/security/test/sessionMgrClient/sessionMgrClient.cfg: extra comments and use unit test dir env var to ref all files to enable running from any dir

security/python/ndg.security.test/ndg/security/test/sessionMgrClient/SessionMgrClient.py: part way through refactoring for changes as of the previous

security/python/ndg.security.test/ndg/security/test/sessionMgrClient/sessionMgrProperties.xml: fix env var refs.

security/python/ndg.security.test/ndg/security/test/wsSecurity/*,
security/python/ndg.security.test/ndg/security/test/X509/*,
security/python/ndg.security.test/ndg/security/test/XMLSecDoc/*: fixed for use with env vars

Line 
1Unit tests for Session Manager Web Service Client
2=================================================
3This is the most complicated unit test suite and requires a number of services
4to be running:
5 * Test Session Manager web service run from this directory
6 * MyProxy server
7 * Two test Attribute Authorities run from the Attribute Authority unit test
8 directory ../attAuthority
9 
10It is worthwhile trying out the Attribute Authority (../attAuthority) and
11Session Manager (../sessionMgr) unit tests first.  These tests differ from
12the Session Manager unit tests in that they test a SOAP *client* to a
13Session Manager web service whereas the Session Manager tests just the server
14side code.
15
16MyProxy is installed as part of the NDG Security installation.  See the
17installation guide for details:
18
19http://proj.badc.rl.ac.uk/ndg/browser/TI12-security/trunk/documentation/InstallationGuide/pdf/NDGSecurityInstallationGuide.pdf?format=raw
20
211) Ensure MyProxy is running on it's host machine.  Depending on how you have
22configured it it may be running as SysV init script or with xinetd or inetd.
23Check with the Installation guide.  To start myproxy-server manually as root
24run,
25
26$ myproxy-server
27
282) Edit sessionMgrProperties.xml in this directory and set the hostname element
29to the fully qualified domain name (FQDN) of the MyProxy host OR alternatively
30set the environment variable MYPROXY_SERVER to the FQDN e.g.
31
32export MYPROXY_SERVER=myproxyhost.somewhere.uk
33
343) Edit sessionMgrClientTest.cfg and set the username for the MyProxy account
35you wish to test: NDG Security uses MyProxy with a PAM plugin to enable
36authentication against an external source such as a user database or a UNIX
37system account.  The passphrase field can also be filled, or alternatively if
38omitted from the file or commented out it will be prompted for from the
39command line.  Both test1Connect and test3ConnectNoCreateServerSess fields
40should be set.
41 
423) Two test Attribute Authority services are required.  These can be run from
43the Attribute Authority unit test directory.  It's path relative to this
44directory is ../attAuthority. 
45
46The Attribute Authorities accept requests from this Session Manager
47authenticated based on the MyProxy user credentials used in the unit test
48test1Connect.  In order to accept these, the Attribute Authorities must be
49configured to trust the MyProxy CA.  This can be done by including the MyProxy
50CA certificate in the list of trusted CA files in the respective Attribute
51Authority configuration files:
52 i) edit 'caCertFileList' element in
53 ../attAuthority/siteAAttAuthorityProperties.xml and add a new entry for the
54 MyProxy CA:
55
56 -8<---------------------------------------------------------------------------
57    <caCertFileList>
58        <caCertFile>$NDGSEC_AACLNT_UNITTEST_DIR/ca/ndg-test-ca.crt</caCertFile>
59-->     <caCertFile>/etc/grid-security/certificates/abcdef01.0</caCertFile>
60    </caCertFileList>
61 -8<---------------------------------------------------------------------------
62 The exact name of the CA certificate file will be unique to your installation.
63 In the above, it is "abcdef01.0".  Ammend to the correct setting.  Edit
64 ../attAuthority/siteAAttAuthorityProperties.xml and in the same way add a new
65 entry for the MyProxy CA certificate.
66 
67 Nb. You can check the MyProxy certificate file independently with OpenSSL:
68 
69 $ openssl x509 -in  /etc/grid-security/certificates/abcdef01.0 -text
70
714) Start the Session Manager test service in this directory but from a separate
72terminal:
73
74$ python ./server.py
75
765) Run the tests with the command:
77
78$ python ./SessionMgrClientTest.py
79
806) To run individual tests give the test method name:
81
82$ python ./SessionMgrClientTest.py SessionMgrClientTestCase.test1Connect
83
84Finally,
85 * See sessionMgrClientTest.cfg configuration file to change test parameters.
86 * See the installation guide for MyProxy trouble shooting information.
87
Note: See TracBrowser for help on using the repository browser.