source: TI12-security/trunk/python/ndg_security_test/ndg/security/test/unit/wsgi/saml/test.ini @ 5656

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg/TI12-security/trunk/python/ndg_security_test/ndg/security/test/unit/wsgi/saml/test.ini@5656
Revision 5656, 3.9 KB checked in by pjkersha, 10 years ago (diff)
  • Added factory methods to ndg.security.server.attributeauthority.AttributeAuthority? in order to create getAttCert and samlAttributeQuery wrapper functions. These can then be added to the WSGI environ to be referenced by other middleware.
  • ndg.security.test.unit.saml.test_soapattributeinterface: started work on unit tests for SAML 2.0 SOAP binding to attribute query interface.
Line 
1#
2# SSL Client AuthN WSGI Testing environment configuration
3#
4# The %(here)s variable will be replaced with the parent directory of this file
5#
6[DEFAULT]
7testConfigDir = ../../../config
8[server:main]
9use = egg:Paste#http
10host = 0.0.0.0
11port = 5000
12
13[pipeline:main]
14pipeline = AttributeAuthorityFilter SAMLSoapAttributeInterfaceFilter TestApp
15
16[app:TestApp]
17paste.app_factory = ndg.security.test.unit.wsgi.saml.test_soapattributeinterface:TestApp
18
19[filter:SAMLSoapAttributeInterfaceFilter]
20paste.filter_app_factory = ndg.security.server.wsgi.saml:SOAPAttributeInterfaceMiddleware
21prefix = saml.
22saml.queryInterfaceKeyName = attributeQueryInterface
23
24#______________________________________________________________________________
25# Attribute Authority WSGI settings
26#
27[filter:AttributeAuthorityFilter]
28# This filter is a container for a binding to a SOAP based interface to the
29# Attribute Authority
30paste.filter_app_factory = ndg.security.server.wsgi.zsi:SOAPBindingMiddleware
31
32# Provide an identifier for this filter so that main WSGI app
33# CombinedServicesWSGI Session Manager filter can call this Attribute Authority
34# directly
35referencedFilters = filter:wsseSignatureVerificationFilter
36
37# Path from URL for Attribute Authority in this Paste deployment
38path = /AttributeAuthority
39
40# External endpoint for this Attribute Authority - must agree with setting used
41# to invoke this service set in:
42# * serverapp.py
43# * or port in [server:main] if calling with paster serve securityservices.ini
44# * or something else e.g. proxied through Apache?
45# This setting is used by Attribute Authority clients in this WSGI stack to see
46# if a request is being made to the local service or to another Attribute
47# Authority running elsewhere
48publishedURI = %(baseURI)s%(path)s
49
50# Enable ?wsdl query argument to list the WSDL content
51enableWSDLQuery = True
52charset = utf-8
53filterID = %(__name__)s
54
55# Use this ZSI generated SOAP service interface class to handle i/o for this
56# filter
57ServiceSOAPBindingClass = ndg.security.server.zsi.attributeauthority.AttributeAuthorityWS
58
59# SOAP Binding Class specific keywords are in this section identified by this
60# prefix:
61ServiceSOAPBindingPropPrefix = attributeAuthority
62
63attributeAuthority.wsseSignatureVerificationFilterID = filter:wsseSignatureVerificationFilter
64
65# Attribute Authority settings
66# 'name' setting MUST agree with map config file 'thisHost' name attribute
67attributeAuthority.name: Site A
68
69# Lifetime is measured in seconds
70attributeAuthority.attCertLifetime: 28800 
71
72# Allow an offset for clock skew between servers running
73# security services. NB, measured in seconds - use a minus sign for time in the
74# past
75attributeAuthority.attCertNotBeforeOff: 0
76
77# All Attribute Certificates issued are recorded in this dir
78attributeAuthority.attCertDir: %(testConfigDir)s/attributeauthority/sitea/attributeCertificateLog
79
80# Files in attCertDir are stored using a rotating file handler
81# attCertFileLogCnt sets the max number of files created before the first is
82# overwritten
83attributeAuthority.attCertFileName: ac.xml
84attributeAuthority.attCertFileLogCnt: 16
85attributeAuthority.dnSeparator:/
86
87# Location of role mapping file
88attributeAuthority.mapConfigFilePath: %(testConfigDir)s/attributeauthority/sitea/siteAMapConfig.xml
89
90# Settings for custom AttributeInterface derived class to get user roles for given
91# user ID
92#attributeAuthority.attributeInterface.modFilePath: %(testConfigDir)s/attributeauthority/sitea
93attributeAuthority.attributeInterface.modName: ndg.security.test.integration.authz.attributeinterface
94attributeAuthority.attributeInterface.className: TestUserRoles
95
96# Config for XML signature of Attribute Certificate
97attributeAuthority.signingPriKeyFilePath: %(testConfigDir)s/attributeauthority/sitea/siteA-aa.key
98attributeAuthority.signingCertFilePath: %(testConfigDir)s/attributeauthority/sitea/siteA-aa.crt
99attributeAuthority.caCertFilePathList: %(testConfigDir)s/ca/ndg-test-ca.crt
Note: See TracBrowser for help on using the repository browser.