Ignore:
Timestamp:
30/11/06 10:47:28 (13 years ago)
Author:
pjkersha
Message:

Added WSSecurityHandler and WSSecurityHandlerChainFactory to allow integration of
wsSecurity.signatureHandler into Twisted framework.

server/SessionMgr/server-config.tac still contains a stub to the real Session Manager code but stub
adapted to return example Attribute Certificate, cookie and proxy certificate in order to test for
problems against the signature handler.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • TI12-security/trunk/python/ndg.security.server/ndg/security/server/SessionMgr/server-config.tac

    r1784 r1785  
    2323from SessionMgr_services_server import SessionMgrService 
    2424from ndg.security.server.SessionMgr import SessionMgr 
     25from ndg.security.common.wsSecurity import WSSecurityHandlerChainFactory, \ 
     26        WSSecurityHandler, SignatureHandler 
    2527 
    2628# Use for stub testing only 
     
    2931 
    3032# Temporary - for testing 
     33 
     34# Use to verify signatures from client - in practice would be different to 
     35# certFilePath 
     36clntCertFilePath = '../../../../../Tests/webSphereTestcert.pem' 
     37 
     38# Private key used to sign messages and also used for SSL connection 
    3139priKeyFilePath = '../../../../../Tests/webSphereTestkey.pem' 
    32 certFilePath = '../../../../../Tests/webSphereTestcert.pem' 
    3340priKeyPwd = '../../../../../Tests/tmp' 
    3441 
     42# Cert file path used for SSL connection 
     43certFilePath = '../../../../../Tests/webSphereTestcert.pem' 
     44 
     45 
     46WSSecurityHandler.signatureHandler = SignatureHandler(\ 
     47                                                            certFilePath=clntCertFilePath, 
     48                                                            priKeyFilePath=priKeyFilePath, 
     49                                                            priKeyPwd=priKeyPwd) 
     50 
     51# Test stub data for connect and reqAuthorisation calls 
     52proxyCert = open('../../../../../Tests/x509up_u500').read().strip() 
     53attCert = open('../../../../../Tests/ac-Rz_Qnn.xml').read().strip() 
     54 
     55 
    3556class SessionMgrServiceSub(SessionMgrService, WSResource): 
     57 
     58    # Add WS-Security handlers 
     59    factory = WSSecurityHandlerChainFactory 
     60         
    3661    def __init__(self): 
    3762        WSResource.__init__(self) 
    3863          
    39         # Initialize Attribute Authority class 
     64        # Initialize Session Manager class - encapsulates inner workings  
     65        # including session management and proxy delegation 
    4066        self.__sm = SessionMgr() 
    4167         
     
    5682            response.set_element_cookie(cookie) 
    5783        else:  
    58             response.set_element_proxyCert('PROXY CERT') 
     84            response.set_element_proxyCert(proxyCert) 
    5985                          
    6086        return request, response 
     
    6894        #import pdb;pdb.set_trace() 
    6995        request, response = SessionMgrService.soap_reqAuthorisation(self, ps) 
    70         response.set_element_attCert('ATTRIBUTE CERTIFICATE') 
     96        response.set_element_attCert(attCert) 
    7197        response.set_element_statusCode('AcessGranted') 
    7298        return request, response 
     
    89115# Try SSL 
    90116from twisted.internet import ssl 
    91 kw = {} 
     117 
     118# Nb. ssl.DefaultOpenSSLContextFactory requires pyOpenSSL 
    92119ctxFactory = ssl.DefaultOpenSSLContextFactory(priKeyFilePath, certFilePath) 
    93120port = internet.SSLServer(portNum, siteFactory, ctxFactory) 
    94121 
     122# Non-SSL 
    95123#port = internet.TCPServer(portNum, siteFactory)#, interface=hostname) 
    96124port.setServiceParent(application) 
Note: See TracChangeset for help on using the changeset viewer.