Ignore:
Timestamp:
24/01/07 16:36:03 (13 years ago)
Author:
pjkersha
Message:

python/ndg.security.server/ndg/security/server/AttAuthority/AttAuthority_services_server.py,
python/ndg.security.common/ndg/security/common/AttAuthority/AttAuthority_services_types.py,
python/ndg.security.common/ndg/security/common/AttAuthority/AttAuthority_services.py,
python/www/html/attAuthority.wsdl:
Comment out HostInfo? element from getTrustedHostInfoResponse until fix is available.

python/ndg.security.server/ndg/security/server/AttAuthority/init.py:

  • fixed check for mapped certificate.
  • return empty dict rather raise exception if self.localRole2RemoteRole is not set -

it's valid to have no trusted hosts.

python/ndg.security.test/ndg/security/test/AttAuthority/siteBUserRoles.py:
set getRoles method to return an empty list so that requests for ACs have to be via the
role mapping.

python/ndg.security.test/ndg/security/test/AttAuthority/AttAuthorityClientTest.py:

  • number the tests so they run in a specific order
  • test5GetAttCert - write out AC so that it can be picked up from test6GetMappedAttCert

test

  • test6GetMappedAttCert - use AttCertRead? to read in saved AC.

python/ndg.security.test/ndg/security/test/AttAuthority/siteBMapConfig.xml:
fixed role mapping to work with site A.

python/ndg.security.test/ndg/security/test/AttAuthority/attAuthorityClientTest.cfg:
changed config items in line with numbered test method names. Added items to
test6GetMappedAttCert test.

python/ndg.security.common/ndg/security/common/AttCert.py: fixed bug in AttCertRead?.

Location:
TI12-security/trunk/python/ndg.security.test/ndg/security/test/AttAuthority
Files:
4 edited

Legend:

Unmodified
Added
Removed
  • TI12-security/trunk/python/ndg.security.test/ndg/security/test/AttAuthority/AttAuthorityClientTest.py

    r2028 r2044  
    1818from ConfigParser import SafeConfigParser 
    1919 
    20 from ConfigParser import SafeConfigParser 
     20from ndg.security.common.AttAuthority import AttAuthorityClient 
     21from ndg.security.common.AttCert import AttCertRead 
    2122 
    22 from ndg.security.common.AttAuthority import AttAuthorityClient 
    2323 
    2424class AttAuthorityClientTestCase(unittest.TestCase): 
     
    4242    
    4343     
    44     def testGetX509Cert(self): 
     44    def test1GetX509Cert(self): 
    4545        '''testGetX509Cert: retrieve Attribute Authority's X.509 cert.''' 
    4646        #import pdb;pdb.set_trace() 
     
    4949         
    5050 
    51     def testGetTrustedHostInfo(self): 
     51    def test2GetTrustedHostInfo(self): 
    5252        """testGetTrustedHostInfo: retrieve trusted host info matching a 
    5353        given role""" 
     
    5656 
    5757 
    58     def testGetTrustedHostInfoWithNoRole(self): 
     58    def test3GetTrustedHostInfoWithNoRole(self): 
    5959        """testGetTrustedHostInfoWithNoRole: retrieve trusted host info  
    6060        irrespective of role""" 
    6161        self.clnt.getTrustedHostInfo() 
    6262 
    63     def testGetHostInfo(self): 
     63    def test4GetHostInfo(self): 
    6464        """testGetHostInfo: retrieve info for AA host""" 
    6565        self.clnt.getHostInfo() 
    6666 
    6767 
    68     def testGetAttCert(self):         
     68    def test5GetAttCert(self):         
    6969        """testGetAttCert: Request attribute certificate from NDG Attribute  
    7070        Authority Web Service.""" 
     
    8787        attCert = self.clnt.getAttCert(userCert=userCertTxt) 
    8888        print "Attribute Certificate: \n\n:" + str(attCert) 
     89        attCert.filePath = self.cfg['testGetAttCert']['attcertfilepath'] 
     90        attCert.write() 
    8991 
    9092 
    91     def testGetMappedAttCert(self):         
     93    def test6GetMappedAttCert(self):         
    9294        """testGetAttCert: Request mapped attribute certificate from NDG  
    9395        Attribute Authority Web Service.""" 
     
    110112        # Simlarly for Attribute Certificate  
    111113        try: 
    112             userAttCertFileTxt = open(\ 
    113         self.cfg['testGetMappedAttCert']['userattcertfilepath'], 'r').read() 
     114            userAttCert = AttCertRead(\ 
     115                      self.cfg['testGetMappedAttCert']['userattcertfilepath']) 
    114116             
    115117        except IOError, ioErr: 
    116118            raise "Error reading attribute certificate file \"%s\": %s" %\ 
    117119                                    (ioErr.filename, ioErr.strerror) 
    118              
     120         
     121        # Make client to site B Attribute Authority     
     122        clnt = AttAuthorityClient(\ 
     123   uri=self.cfg['testGetMappedAttCert']['uri'],  
     124   clntCertFilePath=self.cfg['testGetMappedAttCert']['usercertfilepath'], 
     125   clntPriKeyFilePath=self.cfg['testGetMappedAttCert']['userprikeyfilepath'], 
     126   tracefile=sys.stderr) 
    119127     
    120128        # Make attribute certificate request 
    121         attCert = self.clnt.getAttCert(userCert=userCertTxt, 
    122                                        userAttCert=userAttCertTxt) 
    123         return attCert        
     129        attCert = clnt.getAttCert(userCert=userCertTxt, 
     130                                  userAttCert=userAttCert) 
     131        print "Attribute Certificate: \n\n:" + str(attCert) 
    124132  
    125133  
  • TI12-security/trunk/python/ndg.security.test/ndg/security/test/AttAuthority/attAuthorityClientTest.cfg

    r2017 r2044  
    1717# from tty 
    1818userprikeypwd =  
    19  
    2019usercertfilepath = ./proxy-cert.pem 
    2120userprikeyfilepath = ./proxy-key.pem 
    2221 
    23 [testGetTrustedHostInfo] 
     22[test2GetTrustedHostInfo] 
    2423role = postgrad 
    2524  
    26 [testGetAttCert] 
     25[test5GetAttCert] 
    2726# If usercertfilepath is a proxy set this cert as the one that issued the  
    2827# proxy.  Comment out if usercertfilepath is a standard X.509 cert. 
    2928#issuingusercertfilepath = ./user-cert.pem 
     29# Setup for use by testGetMappedAttCert test 
     30attCertFilePath = ./ac.xml 
    3031 
    31 [testGetMappedAttCert] 
     32[test6GetMappedAttCert] 
     33userprikeypwd =  
     34usercertfilepath = ./proxy-cert.pem 
     35userprikeyfilepath = ./proxy-key.pem 
     36 
     37uri = http://localhost:5100/AttributeAuthority 
    3238userAttCertFilePath = ./ac.xml 
    3339 
  • TI12-security/trunk/python/ndg.security.test/ndg/security/test/AttAuthority/siteBMapConfig.xml

    r2039 r2044  
    88            <aaURI>attAuthorityURI</aaURI> 
    99            <loginURI>loginPageURI</loginURI> 
    10                 <role remote="postgrad" local="researcher"/> 
     10                <role remote="postdoc" local="researcher"/> 
    1111    </trusted> 
    1212</AAmap> 
  • TI12-security/trunk/python/ndg.security.test/ndg/security/test/AttAuthority/siteBUserRoles.py

    r2039 r2044  
    2929 
    3030    def getRoles(self, dn): 
    31         return ['researcher', 'government']  
     31        # Make so that Site B never returns any roles - the only way to 
     32        # get an Attribute Certificate is then through the role mapping 
     33        return []  
Note: See TracChangeset for help on using the changeset viewer.