Context Navigation

ndgsecurity.wsgi @ 4609

Revision 4609, 1.2 KB checked in by pjkersha, 12 years ago (diff)

#1004 Security Filter:

added unit tests for SSLClientAuthNMiddleware. The middleware must <currently> be run under mod_wsgi to enable it to pick up SSL_CLIENT_CERT from environ.
TODO: extend to enable client authN with paste running over SSL? - Unit test dir contains an e.g. paste app running over SSL using pyOpenSSL but it's not clear how to pass SSL client cert to the middleware.
TODO: current version supports a simple scheme of matching a list of URLs from config to see which ones to secure - will need to change to something more sophisticated as proposed in the NDG3 work plan,

Line
1	"""WSGI container for loading NDG Security applications
2
3	For use with SSL Client Authentication Middleware unit tests. Requires
4	mod_wsgi to be installed and this file to be deployed so that it can be loaded
5	e.g.
6	<VirtualHost localhost:443 ...:443>
7	.
8	.
9	.
10	SSLVerifyClient optional_no_ca
11	SSLVerifyDepth 10
12	SSLOptions +StdEnvVars +ExportCertData
13	.
14	.
15	.
16	WSGIDaemonProcess localhost processes=2 threads=15 display-name=%{GROUP} python-path=...
17	WSGIProcessGroup localhost
18	WSGIScriptAlias /ndgsecurity /var/www/wsgi/ndgSecurity.wsgi
19
20	<Directory /usr/local/www/wsgi-scripts>
21	Order allow,deny
22	Allow from all
23	</Directory>
24	.
25	.
26	.
27	</VirtualHost>
28
29
30	NERC Data Grid Project
31
32	This software may be distributed under the terms of the Q Public License,
33	version 1.0 or later.
34	"""
35	__author__ = "P J Kershaw"
36	__date__ = "11/12/08"
37	__copyright__ = "(C) 2008 STFC & NERC"
38	__contact__ = "Philip.Kershaw@stfc.ac.uk"
39	__revision__ = "$Id$"
40	import logging
41	log = logging.getLogger(__name__)
42
43	import ndg.security.server.wsgi.apploader
44	from ndg.security.server.wsgi.apploader import AppLoaderMiddleware
45
46	application = AppLoaderMiddleware(configFilePath='/var/www/wsgi/ndg-security.ini')

Note: See TracBrowser for help on using the repository browser.