source: TI12-security/trunk/python/ndg.security.test/ndg/security/test/sessionMgrClient/sessionMgrProperties.xml @ 3199

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg/TI12-security/trunk/python/ndg.security.test/ndg/security/test/sessionMgrClient/sessionMgrProperties.xml@3199
Revision 3199, 3.8 KB checked in by pjkersha, 12 years ago (diff)

Fixes to unit tests ready for OMII-UK first software drop.

security/python/ndg.security.server/ndg/security/server/conf/attAuthorityProperties.xml,
security/python/ndg.security.server/ndg/security/server/conf/sessionMgrProperties.xml: include comment about addition of CA certs from other trusted NDG sites.

security/python/ndg.security.test/ndg/security/test/attCert/attCertTest.cfg: fix file paths - ref by $NDGSEC_ATTCERT_UNITTEST_DIR env var

security/python/ndg.security.test/ndg/security/test/attCert/AttCertTest.py: some file paths not having $NDGSEC_ATTCERT_UNITTEST_DIR expanded correctly

security/python/ndg.security.test/ndg/security/test/sessionMgr/README,
security/python/ndg.security.test/ndg/security/test/sessionMgrClient/README: fix instructions for including CA cert from MyProxy? CA.

security/python/ndg.security.test/ndg/security/test/sessionMgrClient/SessionMgrClientTest.py:

  • fix for some file paths - env var not expanded
  • fix test1Connect writing of user.creds - ensure new lines between concatenated certs. and private key content

security/python/ndg.security.test/ndg/security/test/sessionMgrClient/sessionMgrProperties.xml: add instructions for adding MyProxy? CA cert into caCertFileList elem.

security/python/ndg.security.test/ndg/security/test/XMLSecDoc/README: missed out before

security/python/ndg.security.test/setup.py: fixes for missing package data for various tests.

Line 
1<?xml version="1.0" encoding="utf-8"?>
2<sessMgrProp>
3    <portNum>5700</portNum>
4    <useSSL>Yes</useSSL> <!-- leave blank to use http -->
5    <!--<useSSL>Yes</useSSL>  leave blank to use http -->
6    <sslCertFile>$NDGSEC_SMCLNT_UNITTEST_DIR/sm.crt</sslCertFile>
7    <sslKeyFile>$NDGSEC_SMCLNT_UNITTEST_DIR/sm.key</sslKeyFile>
8    <!--
9    Directory containing CA cert.s to verify SSL peer cert against
10     - ignored if useSSL is blank
11    -->
12    <sslCACertDir>$NDGSEC_SMCLNT_UNITTEST_DIR/ca</sslCACertDir>
13    <!--
14    PKI settings for WS-Security signature of outbound SOAP messages
15    -->
16    <!--
17    PKI settings for signature of outbound SOAP messages
18    -->
19    <useSignatureHandler>Yes</useSignatureHandler> <!-- leave blank for no signature -->
20    <!--
21    CA Certificates used to verify X.509 certs used in peer SOAP messages,
22    SSL connections and Attribute Certificates
23    -->
24    <caCertFileList>
25        <caCertFile>$NDGSEC_SMCLNT_UNITTEST_DIR/ca/ndg-test-ca.crt</caCertFile>
26        <!--
27        To also trust certificates issued from your MyProxy CA, replace
28        "abcdef01.0" with the unique name for your CA certificate and uncomment
29        the following line:
30        <caCertFile>$NDGSEC_SMCLNT_UNITTEST_DIR/ca/abcdef01.0</caCertFile>
31        -->
32    </caCertFileList>
33    <certFile>$NDGSEC_SMCLNT_UNITTEST_DIR/sm.crt</certFile>
34    <keyFile>$NDGSEC_SMCLNT_UNITTEST_DIR/sm.key</keyFile>
35    <keyPwd/>
36    <!--
37    Set the certificate used to verify the signature of messages from the
38    client.  This can usually be left blank since the client is expected to
39    include the cert with the signature in the inbound SOAP message
40    -->
41    <clntCertFile></clntCertFile>   
42    <sessMgrEncrKey>abcdef0123456789</sessMgrEncrKey>
43    <sessMgrURI>https://localhost:5700/SessionManager</sessMgrURI>
44    <cookieDomain></cookieDomain>
45        <myProxyProp>
46                <!--
47                Delete this element and take setting from MYPROXY_SERVER environment
48                variable if required
49                <hostname>localhost</hostname>
50                -->
51                <!--
52                Delete this element to take default setting 7512 or read
53                MYPROXY_SERVER_PORT setting
54                -->
55                <port>7512</port>
56                <!--
57                Useful if hostname and certificate CN don't match correctly.  Globus
58                host DN is set to "host/<fqdn>".  Delete this element and set from
59                MYPROXY_SERVER_DN environment variable if preferred
60                <serverDN>/O=NDG/OU=BADC/OU=Gabriel/CN=localhost</serverDN>
61                -->
62                <!--
63                Set "host/" prefix to host cert CN as is default with globus otherwise
64                client SSL peer cert check fails
65                -->
66                <serverCNprefix>host/</serverCNprefix> 
67                <!--
68                This directory path is used to locate the OpenSSL configuration file
69               
70                The settings are used to set up the defaults for the Distinguished Name of
71                the new proxy cert. issued
72               
73                GLOBUS_LOCATION or GRID_SECURITY_DIR environment variables may be used
74                but the settings can be independent of any Globus installation
75                -->
76                <openSSLConfFilePath>$NDGSEC_SMCLNT_UNITTEST_DIR/openssl.conf</openSSLConfFilePath>
77                <tmpDir>/tmp</tmpDir>
78                <!--
79                        Limit on maximum lifetime any proxy certificate can have -
80                        specified when a certificate is first created by store() method
81                -->
82                <proxyCertMaxLifetime>43200</proxyCertMaxLifetime> <!-- in seconds -->
83                <!--
84                        Life time of a proxy certificate when issued from the Proxy Server
85                        with getDelegation() method
86                -->
87                <proxyCertLifetime>43200</proxyCertLifetime> <!-- in seconds -->
88                <caCertFile>$NDGSEC_SMCLNT_UNITTEST_DIR/ca/cacert.pem</caCertFile>
89        </myProxyProp>
90        <simpleCACltProp>
91            <uri></uri>
92        <xmlSigKeyFile></xmlSigKeyFile>
93        <xmlSigCertFile></xmlSigCertFile>
94        <xmlSigCertPwd></xmlSigCertPwd>
95    </simpleCACltProp>
96    <credReposProp>
97            <modFilePath></modFilePath>
98            <modName>ndg.security.common.CredWallet</modName>
99            <className>NullCredRepos</className>
100            <propFile></propFile>
101    </credReposProp>
102</sessMgrProp>
Note: See TracBrowser for help on using the repository browser.