Changeset 2058 for TI12-security


Ignore:
Timestamp:
26/01/07 10:44:13 (13 years ago)
Author:
pjkersha
Message:

python/ndg.security.server/ndg/security/server/AttAuthority/server-config.tac:
update to file header.

python/ndg.security.server/ndg/security/server/AttAuthority/init.py:

  • setPropFilePath val input is now a keyword
  • readProperties - removed propFilePath keyword - set from propFilePath property /

setPropFilePath method instead.

python/ndg.security.server/ndg/security/server/AttAuthority/start-container.sh:
added standard header

python/ndg.security.server/ndg/security/server/SessionMgr/server-config.tac:

  • updated header
  • removed hard coded cert file paths
  • set port number from properties file instead.

python/ndg.security.server/ndg/security/server/SessionMgr/init.py:

  • change all refs to sessMgrWSDLuri -> sessMgrURI and encrSessMgrWSDLuri -> encrSessMgrURI. For ZSI 2.0, it's the URI of the service that is important. The URI of the WSDL is not required.
  • changed keyPPhrase property to keyPwd
  • added setPropFilePath and propFilePath property, added class variable to make up properties file path from $NDG_DIR.
  • removed propFilePath keyword from readProperties method - use setPropFilePath() / propFilePath property instead.
  • renamed reqAuthorisation method getAttCert to avoid confusion with authorisation function performed by Gatekeeper.

python/ndg.security.server/ndg/security/server/SessionMgr/start-container.sh: added
standard header

python/ndg.security.server/ndg/security/server/SessionMgr/Makefile: create server side
stubs calling wsdl2dispatch and sed to convert to correct imports and stub methods
return types for Twisted.

python/www/html/sessionMgr.wsdl,
python/ndg.security.server/ndg/security/server/SessionMgr/SessionMgr_services_server.py,
python/ndg.security.common/ndg/security/common/SessionMgr/SessionMgr_services.py,
python/ndg.security.common/ndg/security/common/SessionMgr/SessionMgr_services_types.py:

  • renamed reqAuthorisation operations to getAttCert to avoid confusion with authorisation performed by the Gatekeeper.

python/conf/sessionMgrProperties.xml: renamed property keyPPhrase -> keyPwd

python/ndg.security.client/ndg/security/client/ndgSessionClient.py: changed refs from
WSDL URI and URI for Session Manager address. For ZSI 2.0, the URI of service is needed
alone, not the WSLD address.

python/ndg.security.test/ndg/security/test/AttAuthority/siteAServer.sh,
python/ndg.security.test/ndg/security/test/AttAuthority/siteBServer.sh: updates to headers

python/ndg.security.test/ndg/security/test/AttAuthority/README and
python/ndg.security.test/ndg/security/test/SessionMgr/README: added to explain setup for
running services for clients to connect to.

python/ndg.security.test/ndg/security/test/SessionMgr/SessionMgrClientTest.py and
python/ndg.security.test/ndg/security/test/SessionMgr/sessionMgrClientTest.cfg:
refs to 'ReqAuthorisation?' changed to 'getAttCert' - see above.

python/ndg.security.test/ndg/security/test/SessionMgr/server.sh: script to start
Session Manager for client unit tests.

python/ndg.security.common/ndg/security/common/AttAuthority/README,
python/ndg.security.common/ndg/security/common/SessionMgr/README: include instruction to
use Makefile.

python/ndg.security.common/ndg/security/common/Log
python/ndg.security.common/ndg/security/common/Log/log_services_server.py
python/ndg.security.common/ndg/security/common/Log/log_services.py
python/ndg.security.common/ndg/security/common/ca/init.py
python/ndg.security.common/ndg/security/common/ca/simpleCA_services.py
python/ndg.security.common/ndg/security/common/ca/CertReq.py
python/ndg.security.common/ndg/security/common/Gatekeeper
python/ndg.security.common/ndg/security/common/Gatekeeper/TestGatekeeperResrc.py
python/ndg.security.common/ndg/security/common/Gatekeeper/Gatekeeper.py
python/ndg.security.common/ndg/security/common/Gatekeeper/gatekeeper_services.py
python/ndg.security.common/ndg/security/common/Gatekeeper/gatekeeper_services_server.py:
rearranged old Log and Gatekeeper service code into their own packages. Moved
CertReq?.py and simpleCA_services.py into ca package.

Location:
TI12-security/trunk/python
Files:
6 added
1 deleted
20 edited
8 moved

Legend:

Unmodified
Added
Removed
  • TI12-security/trunk/python/conf/sessionMgrProperties.xml

    r2035 r2058  
    44    <certFile></certFile> 
    55    <keyFile></keyFile> 
    6     <keyPPhrase></keyPPhrase> 
     6    <keyPwd></keyPwd> 
     7    <portNum></portNum> 
    78    <sessMgrEncrKey></sessMgrEncrKey> 
    8     <sessMgrWSDLuri></sessMgrWSDLuri> 
     9    <sessMgrURI></sessMgrURI> 
    910    <cookieDomain></cookieDomain> 
    1011        <myProxyProp> 
  • TI12-security/trunk/python/ndg.security.client/ndg/security/client/ndgSessionClient.py

    r1771 r2058  
    118118    parser.add_option("-r",  
    119119                      "--req-autho",  
    120                       dest="attAuthorityWSDLuri",  
     120                      dest="attAuthorityURI",  
    121121                      help=\ 
    122122"""Get a Session Manager to request authorisation from an Attribute Authority  
     
    168168 
    169169    parser.add_option("-s", 
    170                       "--session-mgr-wsdl-uri", 
    171                       dest="sessMgrWSDLuri", 
     170                      "--session-mgr-uri", 
     171                      dest="sessMgrURI", 
    172172                      help="Address of Session Manager to connect to") 
    173173 
     
    266266#    import pdb 
    267267#    pdb.set_trace() 
    268     if not options.sessMgrWSDLuri:         
     268    if not options.sessMgrURI:         
    269269        sys.stderr.write("Error, No Session Manager WSDL URI set.\n\n") 
    270270        parser.print_help() 
     
    327327    # Initialise session client 
    328328    try: 
    329         sessClnt = SessionClient(smWSDL=options.sessMgrWSDLuri, 
     329        sessClnt = SessionClient(smWSDL=options.sessMgrURI, 
    330330                             smCertFilePath=options.smCertFilePath, 
    331331                             clntCertFilePath=options.clntCertFilePath, 
     
    355355            # Don't exit here - req-autho may have been set too 
    356356             
    357         if options.attAuthorityWSDLuri: 
     357        if options.attAuthorityURI: 
    358358            methodCall = True 
    359359 
     
    365365            authResp = sessClnt.reqAuthorisation(\ 
    366366                            sessCookie=options.sessCookie, 
    367                             aaWSDL=options.attAuthorityWSDLuri, 
     367                            aaWSDL=options.attAuthorityURI, 
    368368                            aaCert=options.aaCert, 
    369369                            mapFromTrustedHosts=options.mapFromTrustedHosts, 
  • TI12-security/trunk/python/ndg.security.common/ndg/security/common/AttAuthority/README

    r2036 r2058  
    44$ wsdl2py -be -f ../../../../../www/html/attAuthority.wsdl 
    55 
    6 See Makefile 
     6Run make to execute this command: 
     7 
     8$ make 
  • TI12-security/trunk/python/ndg.security.common/ndg/security/common/CredWallet.py

    r1945 r2058  
    1414 
    1515 
    16 # Temporary store of certificates for use with CredWallet reqAuthorisation() 
     16# Temporary store of certificates for use with CredWallet getAttCert() 
    1717import tempfile 
    1818 
     
    166166                                validation of signed Attribute Certificates. 
    167167                                If not set here, it must be input in call 
    168                                 to reqAuthorisation. 
     168                                to getAttCert. 
    169169        clntCertFilePath:     Public key certificate for this client.  
    170170                                Setting this enables return message from AA  
     
    174174        clntPriKeyPwd:          Password protecting the client private key. 
    175175        credRepos:              Credential Repository instance 
    176         mapFromTrustedHosts:    sets behaviour for reqAuthorisation().  If 
     176        mapFromTrustedHosts:    sets behaviour for getAttCert().  If 
    177177                                set True and authorisation fails with the 
    178178                                given Attribute Authority, attempt to get 
    179179                                authorisation using Attribute Certificates 
    180180                                issued by other trusted AAs 
    181         rtnExtAttCertList:     behaviour for reqAuthorisation().  If True, 
     181        rtnExtAttCertList:     behaviour for getAttCert().  If True, 
    182182                                and authorisation fails with the given 
    183183                                Attribute Authority, return a list of 
     
    519519 
    520520         
    521     def __reqAuthorisation(self, 
     521    def __getAttCert(self, 
    522522                           aaPropFilePath=None, 
    523523                           aaWSDL=None, 
     
    527527         
    528528        """Wrapper to Attribute Authority authorisation request.  See 
    529         reqAuthorisation for the classes' public interface. 
     529        getAttCert for the classes' public interface. 
    530530 
    531531        To call the Attribute Authority as a Web Service, specify a WSDL 
     
    551551                                clntPriKeyFilePath=self.__clntPriKeyFilePath) 
    552552                                     
    553                 authzResp = aaClnt.reqAuthorisation(self.__proxyCertTxt,  
     553                authzResp = aaClnt.getAttCert(self.__proxyCertTxt,  
    554554                                        userAttCert=extAttCert,  
    555555                                        clntPriKeyPwd=self.__clntPriKeyPwd)                 
     
    681681 
    682682    #_________________________________________________________________________ 
    683     def reqAuthorisation(self, 
    684                          reqRole=None, 
    685                          aaPropFilePath=None, 
    686                          aaWSDL=None, 
    687                          aaCertFilePath=None, 
    688                          mapFromTrustedHosts=None, 
    689                          rtnExtAttCertList=None, 
    690                          extAttCertList=None, 
    691                          extTrustedHostList=None, 
    692                          refreshAttCert=False): 
     683    def getAttCert(self, 
     684                   reqRole=None, 
     685                   aaPropFilePath=None, 
     686                   aaWSDL=None, 
     687                   aaCertFilePath=None, 
     688                   mapFromTrustedHosts=None, 
     689                   rtnExtAttCertList=None, 
     690                   extAttCertList=None, 
     691                   extTrustedHostList=None, 
     692                   refreshAttCert=False): 
    693693         
    694694        """For a given role, get authorisation from an Attribute Authority 
     
    718718                                list of certificates available for mapping and 
    719719                                then choose which one or ones to use for 
    720                                 mapping by re-calling reqAuthorisation with 
     720                                mapping by re-calling getAttCert with 
    721721                                extAttCertList set to these certificates 
    722722 
     
    902902            # Request Authorisation from Attribute Authority 
    903903            try: 
    904                 attCert = self.__reqAuthorisation(aaWSDL=aaWSDL, 
     904                attCert = self.__getAttCert(aaWSDL=aaWSDL, 
    905905                                            aaCertFilePath=aaCertFilePath, 
    906906                                            aaPropFilePath=aaPropFilePath, 
     
    982982 
    983983                        try: 
    984                             extAttCert = self.__reqAuthorisation(\ 
    985                                                            aaWSDL=val['wsdl']) 
     984                            extAttCert=self.__getAttCert(aaWSDL=val['aaURI']) 
    986985 
    987986                            # Check the certificate contains at least one of 
  • TI12-security/trunk/python/ndg.security.common/ndg/security/common/SessionMgr/README

    r1773 r2058  
    33 
    44$ wsdl2py -be -f ../../../../../www/html/sessionMgr.wsdl 
     5 
     6Run make to execute this command: 
     7 
     8$ make 
  • TI12-security/trunk/python/ndg.security.common/ndg/security/common/SessionMgr/SessionMgr_services.py

    r1783 r2058  
    2929        # no ws-addressing 
    3030 
    31     # op: <ZSI.wstools.WSDLTools.Message instance at 0xb6f429ac> 
     31    # op: <ZSI.wstools.WSDLTools.Message instance at 0xb6d0124c> 
    3232    def addUser(self, username,passPhrase): 
    3333 
     
    4343        return  
    4444 
    45     # op: <ZSI.wstools.WSDLTools.Message instance at 0xb6f42ccc> 
     45    # op: <ZSI.wstools.WSDLTools.Message instance at 0xb6d0156c> 
    4646    def connect(self, username,passPhrase,createServerSess,getCookie): 
    4747 
     
    6161        return cookie,proxyCert 
    6262 
    63     # op: <ZSI.wstools.WSDLTools.Message instance at 0xb6f514ac> 
     63    # op: <ZSI.wstools.WSDLTools.Message instance at 0xb6d0928c> 
    6464    def disconnect(self, proxyCert,sessID,encrSessionMgrURI): 
    6565 
     
    7676        return  
    7777 
    78     # op: <ZSI.wstools.WSDLTools.Message instance at 0xb6f51c0c> 
    79     def reqAuthorisation(self, proxyCert,sessID,encrSessionMgrURI,attAuthorityURI,attAuthorityCert,reqRole,mapFromTrustedHosts,rtnExtAttCertList,extAttCert,extTrustedHost): 
     78    # op: <ZSI.wstools.WSDLTools.Message instance at 0xb6d0942c> 
     79    def getAttCert(self, proxyCert,sessID,encrSessionMgrURI,attAuthorityURI,attAuthorityCert,reqRole,mapFromTrustedHosts,rtnExtAttCertList,extAttCert,extTrustedHost): 
    8080 
    81         request = reqAuthorisationInputMsg() 
     81        request = getAttCertInputMsg() 
    8282        request._proxyCert = proxyCert 
    8383        request._sessID = sessID 
     
    9393        kw = {} 
    9494        # no input wsaction 
    95         self.binding.Send(None, None, request, soapaction="reqAuthorisation", **kw) 
     95        self.binding.Send(None, None, request, soapaction="getAttCert", **kw) 
    9696        # no output wsaction 
    97         response = self.binding.Receive(reqAuthorisationOutputMsg.typecode) 
     97        response = self.binding.Receive(getAttCertOutputMsg.typecode) 
    9898        attCert = response._attCert 
    9999        statusCode = response._statusCode 
     
    101101        return attCert,statusCode,extAttCert 
    102102 
    103     # op: <ZSI.wstools.WSDLTools.Message instance at 0xb6f51d8c> 
     103    # op: <ZSI.wstools.WSDLTools.Message instance at 0xb6d095ac> 
    104104    def getX509Cert(self): 
    105105 
     
    126126disconnectOutputMsg = ns0.disconnectResponse_Dec().pyclass 
    127127 
    128 reqAuthorisationInputMsg = ns0.reqAuthorisation_Dec().pyclass 
     128getAttCertInputMsg = ns0.getAttCert_Dec().pyclass 
    129129 
    130 reqAuthorisationOutputMsg = ns0.reqAuthorisationResponse_Dec().pyclass 
     130getAttCertOutputMsg = ns0.getAttCertResponse_Dec().pyclass 
    131131 
    132132getX509CertInputMsg = ns0.getX509Cert_Dec().pyclass 
  • TI12-security/trunk/python/ndg.security.common/ndg/security/common/SessionMgr/SessionMgr_services_types.py

    r1783 r2058  
    157157            self.pyclass = Holder 
    158158 
    159     class attCert_Dec(ZSI.TC.String, ElementDeclaration): 
    160         literal = "attCert" 
    161         schema = "urn:ndg:security" 
    162         def __init__(self, **kw): 
    163             kw["pname"] = ("urn:ndg:security","attCert") 
    164             kw["aname"] = "_attCert" 
    165             class IHolder(str): typecode=self 
    166             kw["pyclass"] = IHolder 
    167             IHolder.__name__ = "_attCert_immutable_holder" 
    168             ZSI.TC.String.__init__(self, **kw) 
    169  
    170     class trustedHost_Dec(ZSI.TC.String, ElementDeclaration): 
    171         literal = "trustedHost" 
    172         schema = "urn:ndg:security" 
    173         def __init__(self, **kw): 
    174             kw["pname"] = ("urn:ndg:security","trustedHost") 
    175             kw["aname"] = "_trustedHost" 
    176             class IHolder(str): typecode=self 
    177             kw["pyclass"] = IHolder 
    178             IHolder.__name__ = "_trustedHost_immutable_holder" 
    179             ZSI.TC.String.__init__(self, **kw) 
    180  
    181     class reqAuthorisation_Dec(ZSI.TCcompound.ComplexType, ElementDeclaration): 
    182         literal = "reqAuthorisation" 
    183         schema = "urn:ndg:security" 
    184         def __init__(self, **kw): 
    185             ns = ns0.reqAuthorisation_Dec.schema 
     159    class getAttCert_Dec(ZSI.TCcompound.ComplexType, ElementDeclaration): 
     160        literal = "getAttCert" 
     161        schema = "urn:ndg:security" 
     162        def __init__(self, **kw): 
     163            ns = ns0.getAttCert_Dec.schema 
    186164            TClist = [ZSI.TC.String(pname="proxyCert", aname="_proxyCert", minOccurs=0, maxOccurs=1, nillable=False, typed=False, encoded=kw.get("encoded")), ZSI.TC.String(pname="sessID", aname="_sessID", minOccurs=0, maxOccurs=1, nillable=False, typed=False, encoded=kw.get("encoded")), ZSI.TC.String(pname="encrSessionMgrURI", aname="_encrSessionMgrURI", minOccurs=0, maxOccurs=1, nillable=False, typed=False, encoded=kw.get("encoded")), ZSI.TC.String(pname="attAuthorityURI", aname="_attAuthorityURI", minOccurs=1, maxOccurs=1, nillable=False, typed=False, encoded=kw.get("encoded")), ZSI.TC.String(pname="attAuthorityCert", aname="_attAuthorityCert", minOccurs=0, maxOccurs=1, nillable=False, typed=False, encoded=kw.get("encoded")), ZSI.TC.String(pname="reqRole", aname="_reqRole", minOccurs=0, maxOccurs=1, nillable=False, typed=False, encoded=kw.get("encoded")), ZSI.TC.Boolean(pname="mapFromTrustedHosts", aname="_mapFromTrustedHosts", minOccurs=1, maxOccurs=1, nillable=False, typed=False, encoded=kw.get("encoded")), ZSI.TC.Boolean(pname="rtnExtAttCertList", aname="_rtnExtAttCertList", minOccurs=1, maxOccurs=1, nillable=False, typed=False, encoded=kw.get("encoded")), ZSI.TC.String(pname="extAttCert", aname="_extAttCert", minOccurs=0, maxOccurs="unbounded", nillable=False, typed=False, encoded=kw.get("encoded")), ZSI.TC.String(pname="extTrustedHost", aname="_extTrustedHost", minOccurs=0, maxOccurs="unbounded", nillable=False, typed=False, encoded=kw.get("encoded"))] 
    187             kw["pname"] = ("urn:ndg:security","reqAuthorisation") 
    188             kw["aname"] = "_reqAuthorisation" 
     165            kw["pname"] = ("urn:ndg:security","getAttCert") 
     166            kw["aname"] = "_getAttCert" 
    189167            self.attribute_typecode_dict = {} 
    190168            ZSI.TCcompound.ComplexType.__init__(self,None,TClist,inorder=0,**kw) 
     
    205183                    self._extTrustedHost = [] 
    206184                    return 
    207             Holder.__name__ = "reqAuthorisation_Holder" 
    208             self.pyclass = Holder 
    209  
    210     class reqAuthorisationResponse_Dec(ZSI.TCcompound.ComplexType, ElementDeclaration): 
    211         literal = "reqAuthorisationResponse" 
    212         schema = "urn:ndg:security" 
    213         def __init__(self, **kw): 
    214             ns = ns0.reqAuthorisationResponse_Dec.schema 
     185            Holder.__name__ = "getAttCert_Holder" 
     186            self.pyclass = Holder 
     187 
     188    class getAttCertResponse_Dec(ZSI.TCcompound.ComplexType, ElementDeclaration): 
     189        literal = "getAttCertResponse" 
     190        schema = "urn:ndg:security" 
     191        def __init__(self, **kw): 
     192            ns = ns0.getAttCertResponse_Dec.schema 
    215193            TClist = [ZSI.TC.String(pname="attCert", aname="_attCert", minOccurs=0, maxOccurs=1, nillable=False, typed=False, encoded=kw.get("encoded")), ZSI.TC.String(pname="statusCode", aname="_statusCode", minOccurs=1, maxOccurs=1, nillable=False, typed=False, encoded=kw.get("encoded")), ZSI.TC.String(pname="extAttCert", aname="_extAttCert", minOccurs=0, maxOccurs="unbounded", nillable=False, typed=False, encoded=kw.get("encoded"))] 
    216             kw["pname"] = ("urn:ndg:security","reqAuthorisationResponse") 
    217             kw["aname"] = "_reqAuthorisationResponse" 
     194            kw["pname"] = ("urn:ndg:security","getAttCertResponse") 
     195            kw["aname"] = "_getAttCertResponse" 
    218196            self.attribute_typecode_dict = {} 
    219197            ZSI.TCcompound.ComplexType.__init__(self,None,TClist,inorder=0,**kw) 
     
    227205                    self._extAttCert = [] 
    228206                    return 
    229             Holder.__name__ = "reqAuthorisationResponse_Holder" 
     207            Holder.__name__ = "getAttCertResponse_Holder" 
    230208            self.pyclass = Holder 
    231209 
  • TI12-security/trunk/python/ndg.security.common/ndg/security/common/ca/__init__.py

    r1750 r2058  
    11"""NERC Data Grid Project 
    22 
    3 P J Kershaw 27/10/06 
     3@author P J Kershaw 27/10/06 
    44 
    5 Copyright (C) 2006 CCLRC & NERC 
     5@copyright (C) 2007 CCLRC & NERC 
    66 
    7 This software may be distributed under the terms of the Q Public License, 
    8 version 1.0 or later. 
     7@license This software may be distributed under the terms of the Q Public 
     8License, version 1.0 or later. 
    99""" 
    10 __all__ = [ 
    11     'SessionMgr_services', 
    12     'SessionMgr_services_types', 
    13     ] 
  • TI12-security/trunk/python/ndg.security.server/ndg/security/server/AttAuthority/__init__.py

    r2051 r2058  
    253253 
    254254 
    255     def setPropFilePath(self, val): 
     255    def setPropFilePath(self, val=None): 
    256256        """Set properties file from input or based on environment variable 
    257257        settings""" 
     
    529529         
    530530    #_________________________________________________________________________      
    531     def readProperties(self, propFilePath=None): 
     531    def readProperties(self): 
    532532 
    533533        """Read the configuration properties for the Attribute Authority. 
     
    539539        @keyword propFilePath: file path to properties file 
    540540        """ 
    541          
    542         self.setPropFilePath(propFilePath) 
    543541 
    544542 
  • TI12-security/trunk/python/ndg.security.server/ndg/security/server/AttAuthority/server-config.tac

    r2051 r2058  
    77NERC Data Grid Project 
    88 
    9 P J Kershaw 17/11/06 
     9@author P J Kershaw 17/11/06 
    1010 
    11 Copyright (C) 2006 CCLRC & NERC 
     11@copyright (C) 2007 CCLRC & NERC 
    1212 
    13 This software may be distributed under the terms of the Q Public License, 
    14 version 1.0 or later. 
     13@license This software may be distributed under the terms of the Q Public 
     14License, version 1.0 or later. 
    1515""" 
    1616import socket 
  • TI12-security/trunk/python/ndg.security.server/ndg/security/server/AttAuthority/start-container.sh

    r2039 r2058  
    11#! /bin/sh 
    22# 
     3# NDG Security Script to start twisted with container for Attribute Authority 
    34#  
    4 #  
     5# NERC Data Grid Project 
    56# 
    6  
     7# @author P J Kershaw 23/11/06 
     8# 
     9# @copyright (C) 2007 CCLRC & NERC 
     10# 
     11# @license This software may be distributed under the terms of the Q Public  
     12# License, version 1.0 or later. 
     13# 
     14# $Id:$ 
    715EXEC=twistd  
    816OPTIONS="--pidfile=twistd-$$.pid -noy" 
  • TI12-security/trunk/python/ndg.security.server/ndg/security/server/SessionMgr/SessionMgr_services_server.py

    r1783 r2058  
    6262        <xsd:complexType/> 
    6363      </xsd:element> 
    64  
    65           <xsd:element name=\"attCert\" type=\"xsd:string\"/> 
    66           <xsd:element name=\"trustedHost\" type=\"xsd:string\"/> 
    6764       
    6865      <xsd:simpleType name=\"attCertList\"> 
     
    7471      </xsd:simpleType> 
    7572       
    76       <xsd:element name=\"reqAuthorisation\"> 
     73      <xsd:element name=\"getAttCert\"> 
    7774        <xsd:complexType> 
    7875                  <xsd:sequence> 
     
    8784                        <xsd:element maxOccurs=\"unbounded\" minOccurs=\"0\" name=\"extAttCert\" type=\"xsd:string\"/> 
    8885                        <xsd:element maxOccurs=\"unbounded\" minOccurs=\"0\" name=\"extTrustedHost\" type=\"xsd:string\"/> 
    89  
    90 <!-- Leave out list handling for now - use maxOccurs=\"unbounded\" instead 
    91                         <xsd:element name=\"extAttCertList\" type=\"tns:attCertList\" minOccurs=\"0\" maxOccurs=\"1\"/> 
    92                         <xsd:element name=\"extTrustedHostList\" type=\"tns:trustedHostList\" minOccurs=\"0\" maxOccurs=\"1\"/> 
    93 --> 
    9486                  </xsd:sequence> 
    9587                </xsd:complexType> 
    9688      </xsd:element> 
    9789       
    98       <xsd:element name=\"reqAuthorisationResponse\"> 
     90      <xsd:element name=\"getAttCertResponse\"> 
    9991        <xsd:complexType> 
    10092              <xsd:sequence> 
     
    10294                <xsd:element maxOccurs=\"1\" minOccurs=\"1\" name=\"statusCode\" type=\"xsd:string\"/> 
    10395                        <xsd:element maxOccurs=\"unbounded\" minOccurs=\"0\" name=\"extAttCert\" type=\"xsd:string\"/> 
    104 <!-- Leave out list handling for now - use maxOccurs=\"unbounded\" instead 
    105                         <xsd:element name=\"extAttCertList\" type=\"tns:attCertList\" minOccurs=\"0\" maxOccurs=\"1\"/> 
    106 --> 
    10796              </xsd:sequence> 
    10897            </xsd:complexType> 
     
    148137  </message> 
    149138 
    150   <message name=\"reqAuthorisationInputMsg\"> 
    151     <part element=\"tns:reqAuthorisation\" name=\"parameters\"/> 
    152   </message> 
    153  
    154   <message name=\"reqAuthorisationOutputMsg\"> 
    155     <part element=\"tns:reqAuthorisationResponse\" name=\"parameters\"/> 
     139  <message name=\"getAttCertInputMsg\"> 
     140    <part element=\"tns:getAttCert\" name=\"parameters\"/> 
     141  </message> 
     142 
     143  <message name=\"getAttCertOutputMsg\"> 
     144    <part element=\"tns:getAttCertResponse\" name=\"parameters\"/> 
    156145  </message> 
    157146 
     
    180169    </operation> 
    181170 
    182     <operation name=\"reqAuthorisation\"> 
    183       <wsdl:input message=\"tns:reqAuthorisationInputMsg\"/> 
    184       <wsdl:output message=\"tns:reqAuthorisationOutputMsg\"/> 
     171    <operation name=\"getAttCert\"> 
     172      <wsdl:input message=\"tns:getAttCertInputMsg\"/> 
     173      <wsdl:output message=\"tns:getAttCertOutputMsg\"/> 
    185174    </operation> 
    186175 
     
    224213    </operation> 
    225214     
    226     <operation name=\"reqAuthorisation\"> 
    227       <soap:operation soapAction=\"reqAuthorisation\"/> 
     215    <operation name=\"getAttCert\"> 
     216      <soap:operation soapAction=\"getAttCert\"/> 
    228217      <wsdl:input> 
    229218        <soap:body use=\"literal\"/> 
     
    314303    root[(disconnectInputMsg.typecode.nspname,disconnectInputMsg.typecode.pname)] = 'soap_disconnect' 
    315304 
    316     def soap_reqAuthorisation(self, ps): 
    317         self.request = ps.Parse(reqAuthorisationInputMsg.typecode) 
     305    def soap_getAttCert(self, ps): 
     306        self.request = ps.Parse(getAttCertInputMsg.typecode) 
    318307        parameters = (self.request._proxyCert, self.request._sessID, self.request._encrSessionMgrURI, self.request._attAuthorityURI, self.request._attAuthorityCert, self.request._reqRole, self.request._mapFromTrustedHosts, self.request._rtnExtAttCertList, self.request._extAttCert, self.request._extTrustedHost) 
    319308 
    320309        # If we have an implementation object use it 
    321310        if hasattr(self,'impl'): 
    322             parameters = self.impl.reqAuthorisation(parameters[0],parameters[1],parameters[2],parameters[3],parameters[4],parameters[5],parameters[6],parameters[7],parameters[8],parameters[9]) 
    323  
    324         result = reqAuthorisationOutputMsg() 
     311            parameters = self.impl.getAttCert(parameters[0],parameters[1],parameters[2],parameters[3],parameters[4],parameters[5],parameters[6],parameters[7],parameters[8],parameters[9]) 
     312 
     313        result = getAttCertOutputMsg() 
    325314        # If we have an implementation object, copy the result  
    326315        if hasattr(self,'impl'): 
     
    331320        return self.request, result 
    332321 
    333     soapAction['reqAuthorisation'] = 'soap_reqAuthorisation' 
    334     root[(reqAuthorisationInputMsg.typecode.nspname,reqAuthorisationInputMsg.typecode.pname)] = 'soap_reqAuthorisation' 
     322    soapAction['getAttCert'] = 'soap_getAttCert' 
     323    root[(getAttCertInputMsg.typecode.nspname,getAttCertInputMsg.typecode.pname)] = 'soap_getAttCert' 
    335324 
    336325    def soap_getX509Cert(self, ps): 
  • TI12-security/trunk/python/ndg.security.server/ndg/security/server/SessionMgr/__init__.py

    r1945 r2058  
    182182    #_________________________________________________________________________ 
    183183    def createCookie(self,  
    184                      sessMgrWSDLuri, 
     184                     sessMgrURI, 
    185185                     encrKey,  
    186186                     sessID=None, 
     
    189189        """Create cookies for session ID Session Manager WSDL address 
    190190 
    191         sessMgrWSDLuri:     WSDL address for Session Mananger  
     191        sessMgrURI:     WSDL address for Session Mananger  
    192192        sessMgrPubKeyURI:   URI for public key of Session Manager 
    193193        encrKey:               encryption key used to encrypted above URIs 
     
    213213  
    214214  
    215         encrSessMgrWSDLuri = self.encrypt(sessMgrWSDLuri, encrKey) 
     215        encrSessMgrURI = self.encrypt(sessMgrURI, encrKey) 
    216216        dtExpiry = self.credWallet.proxyCert.notAfter 
    217217         
     
    220220        cookieTagsKw = {}.fromkeys(cookieTags) 
    221221        cookieTagsKw[cookieTags[0]] = sessID 
    222         cookieTagsKw[cookieTags[1]] = encrSessMgrWSDLuri 
     222        cookieTagsKw[cookieTags[1]] = encrSessMgrURI 
    223223         
    224224        sessCookie = SessionCookie(dtExpiry=dtExpiry, 
     
    238238#_____________________________________________________________________________ 
    239239class SessionMgr(dict): 
    240     """NDG authentication and session handling""" 
     240    """NDG authentication and session handling 
     241     
     242    @type __validElem: dict 
     243    @cvar __validElem: list of the valid properties file element names and 
     244    sub-elements where appropriate 
     245     
     246    @type __confDir: string 
     247    @cvar __confDir: configuration directory under $NDG_DIR - default location 
     248    for properties file  
     249     
     250    @type __propFileName: string 
     251    @cvar __propFileName: default file name for properties file under  
     252    __confDir 
     253         
     254    @type getMissingElem: lambda function 
     255    @cvar getMissingElem: find the missing elements in targ referenced in ref 
     256    """ 
    241257 
    242258    # valid configuration property keywords 
     
    246262        'certFile':       None, 
    247263        'keyFile':        None, 
    248         'keyPPhrase':     None,  
     264        'keyPwd':         None,  
    249265        'sessMgrEncrKey': None,  
    250         'sessMgrWSDLuri': None, 
     266        'sessMgrURI':    None, 
    251267        'cookieDomain':   None,  
    252268        'myProxyProp':    None,  
     
    254270    } 
    255271 
     272    __confDir = "conf" 
     273    __propFileName = "sessionMgrProperties.xml" 
     274         
     275    getMissingElem = lambda targ, ref: [e for e in targ if e not in ref] 
    256276     
    257277    #_________________________________________________________________________ 
     
    291311        self.__prop = {} 
    292312         
     313 
     314        # Set from input or use defaults based or environment variables 
     315        self.setPropFilePath(propFilePath) 
     316         
    293317         
    294318        # Set properties from file 
    295319        if propFilePath is not None: 
    296             self.readProperties(propFilePath) 
     320            self.readProperties() 
    297321 
    298322            # Call here as we can safely expect that all Credential Repository 
     
    320344        properties file settings/keywords set by setProperties/__init__ 
    321345         
    322         @param credReposPPhrase: password for CredentialRepository database 
    323             This is passed into the Credential Repository object but may not 
    324             be needed.  e.g. the custom class could pick up a password from 
    325             the properties file for it - ['credRepos']['propFilePath'] 
    326346        @type credReposPPhrase: string 
    327         @param Force: flag to force reload of Credential Repository instance 
     347        @keyword credReposPPhrase: password for CredentialRepository database 
     348        This is passed into the Credential Repository object but may not 
     349        be needed.  e.g. the custom class could pick up a password from 
     350        the properties file for it - ['credRepos']['propFilePath'] 
     351         
    328352        @type Force: boolean 
    329         @return: None 
     353        @keyword Force: flag to force reload of Credential Repository instance 
    330354        """ 
    331355         
     
    420444    def __contains__(self, key): 
    421445        return key in self.__prop 
    422              
    423  
    424     #_________________________________________________________________________ 
    425     def readProperties(self, propFilePath=None, propElem=None): 
     446 
     447 
     448    #_________________________________________________________________________ 
     449    def setPropFilePath(self, val=None): 
     450        """Set properties file from input or based on environment variable 
     451        settings""" 
     452        if not val: 
     453            if 'NDGSEC_SM_PROPFILEPATH' in os.environ: 
     454                val = os.environ['NDGSEC_SM_PROPFILEPATH'] 
     455                 
     456            elif 'NDG_DIR' in os.environ: 
     457                val = os.path.join(os.environ['NDG_DIR'],  
     458                                   self.__class__.__confDir, 
     459                                   self.__class__.__propFileName) 
     460            else: 
     461                raise AttributeError, 'Unable to set default Session ' + \ 
     462                    'Manager properties file path: neither ' + \ 
     463                    '"NDGSEC_SM_PROPFILEPATH" or "NDG_DIR" environment ' + \ 
     464                    'variables are set' 
     465                 
     466        if not isinstance(val, basestring): 
     467            raise AttributeError, "Input Properties file path " + \ 
     468                                  "must be a valid string." 
     469       
     470        self.__propFilePath = val 
     471         
     472    # Also set up as a property 
     473    propFilePath = property(fset=setPropFilePath, 
     474                            doc="Set the path to the properties file")    
     475             
     476 
     477    #_________________________________________________________________________ 
     478    def readProperties(self, propElem=None): 
    426479        """Read Session Manager properties from an XML file or cElementTree 
    427480        node 
    428481         
    429         @param propFilePath: file path for XML properties file 
    430         @type propFilePath: string 
    431         @param propElem: pass in existing ElementTree treeroot 
    432482        @type propElem: Element 
    433         @ruturn: None""" 
    434  
    435         if propFilePath is not None: 
     483        @keyword propElem: pass in existing ElementTree treeroot 
     484        """ 
     485 
     486        if not propElem: 
    436487            try: 
    437                 tree = ElementTree.parse(propFilePath) 
     488                tree = ElementTree.parse(self.__propFilePath) 
    438489                propElem = tree.getroot() 
    439490 
     
    441492                raise SessionMgrError, \ 
    442493                                "Error parsing properties file \"%s\": %s" % \ 
    443                                 (e.filename, e.strerror) 
    444                  
     494                                (e.filename, e.strerror)                
    445495            except Exception, e: 
    446496                raise SessionMgrError, \ 
     
    450500        if propElem is None: 
    451501            raise SessionMgrError, \ 
    452             "Parsing properties file \"%s\": root element is not defined" % \ 
    453             propFilePath 
     502                            "Parsing properties: root element is not defined" 
    454503 
    455504 
     
    457506         
    458507        missingElem = [] 
    459         getMissingElem = lambda targ, ref: [e for e in targ if e not in ref] 
    460508        invalidElem = [] 
    461509        try: 
     
    469517                             
    470518                    # Check for missing elements 
    471                     missingElem.extend(getMissingElem(\ 
     519                    missingElem.extend(self.__class__.getMissingElem(\ 
    472520                                           self.__validElem['credReposProp'], 
    473521                                           self.__prop['credReposProp'])) 
     
    477525                    # field as pass-phrase might contain leading or  
    478526                    # trailing white space 
    479                     if elem.text and elem.tag != 'keyPPhrase': 
     527                    if elem.text and elem.tag != 'keyPwd': 
    480528                         
    481529                        # Check for environment variables in file paths 
     
    488536        except Exception, e: 
    489537            raise SessionMgrError, \ 
    490                 "Error parsing tag \"%s\" in properties file \"%s\": %s" % \ 
    491                 (elem.tag, propFilePath, e) 
    492  
    493         missingElem.extend(getMissingElem(self.__prop, self.__validElem)) 
     538                "Error parsing tag \"%s\" in properties file: %s" % \ 
     539                (elem.tag, e) 
     540 
     541        missingElem.extend(self.__class__.getMissingElem(self.__prop,  
     542                                                         self.__validElem)) 
    494543        errMsg = '' 
    495544         
     
    501550 
    502551        if errMsg: 
    503             raise SessionMgrError, errMsg +  "for properties file \"%s\"" % \ 
    504                                                                 propFilePath 
     552            raise SessionMgrError, errMsg +  " for properties file" 
    505553         
    506554 
     
    613661            # Make a new session cookie 
    614662            sessCookie = userSess.createCookie(\ 
    615                                    self.__prop['sessMgrWSDLuri'], 
     663                                   self.__prop['sessMgrURI'], 
    616664                                   self.__prop['sessMgrEncrKey'], 
    617665                                   cookieDomain=self.__prop['cookieDomain']) 
     
    633681                # Web browser client - Return session cookie 
    634682                sessCookie = userSess.createCookie(\ 
    635                                     self.__prop['sessMgrWSDLuri'], 
     683                                    self.__prop['sessMgrURI'], 
    636684                                    self.__prop['sessMgrEncrKey'], 
    637685                                    cookieDomain=self.__prop['cookieDomain']) 
     
    678726                                   clntCertFilePath=self.__prop['certFile'], 
    679727                                   clntPriKeyFilePath=self.__prop['keyFile'], 
    680                                    clntPriKeyPwd=self.__prop['keyPPhrase'], 
     728                                   clntPriKeyPwd=self.__prop['keyPwd'], 
    681729                                   credRepos=self.__credRepos)        
    682730            except Exception, e: 
     
    823871 
    824872    #_________________________________________________________________________ 
    825     def reqAuthorisation(self, **kw): 
    826         """For a given user, request authorisation from an Attribute Authority 
    827         given by service URI.  If sucessful, an attribute certificate is 
    828         added to the user session credential wallet and also returned from  
    829         this method 
     873    def getAttCert(self, **kw): 
     874        """For a given user, request Attribute Certificate from an Attribute  
     875        Authority given by service URI.  If sucessful, an attribute  
     876        certificate is added to the user session credential wallet and also  
     877        returned from this method 
    830878 
    831879        @param **kw: 
     
    834882        # Web browser client input will include the encrypted address of the 
    835883        # Session Manager where the user's session is held. 
    836         if 'encrSessMgrWSDLuri' in kw: 
     884        if 'encrSessMgrURI' in kw: 
    837885             
    838886            # Decrypt the URI for where the user's session resides 
    839             userSessMgrURI = UserSession.decrypt(kw['encrSessMgrWSDLuri'], 
     887            userSessMgrURI = UserSession.decrypt(kw['encrSessMgrURI'], 
    840888                                                self.__prop['sessMgrEncrKey']) 
    841889                                                
    842890            # Check the address against the address of THIS Session Manager   
    843             if userSessMgrURI != self.__prop['sessMgrWSDLuri']: 
     891            if userSessMgrURI != self.__prop['sessMgrURI']: 
    844892                 
    845893                # Session is held on a remote Session  Manager 
     
    879927        delKeys = ('proxyCert', 
    880928                   'sessID', 
    881                    'encrSessMgrWSDLuri',  
     929                   'encrSessMgrURI',  
    882930                   'aaCert') 
    883931                    
     
    919967        # Attribute Authority 
    920968        try: 
    921             attCert = userSess.credWallet.reqAuthorisation(**aaKeys) 
     969            attCert = userSess.credWallet.getAttCert(**aaKeys) 
    922970             
    923971            # AuthorisationResp class formats a response message in XML and 
     
    942990        session is held 
    943991         
    944         @param **kw: same keywords which apply to reqAuthorisation call""" 
     992        @param **kw: same keywords which apply to getAttCert call""" 
    945993         
    946994        # Instantiate WS proxy for remote session manager 
     
    9591007        try: 
    9601008            # Call remote SessionMgr where users session lies 
    961             redirectAuthResp = sessClnt.reqAuthorisation(\ 
    962                                     clntPriKeyPwd=self.__prop['keyPPhrase'], 
     1009            redirectAuthResp = sessClnt.getAttCert(\ 
     1010                                    clntPriKeyPwd=self.__prop['keyPwd'], 
    9631011                                    **kw) 
    9641012           
  • TI12-security/trunk/python/ndg.security.server/ndg/security/server/SessionMgr/server-config.tac

    r1789 r2058  
    77NERC Data Grid Project 
    88 
    9 P J Kershaw 23/11/06 
     9@author P J Kershaw 23/11/06 
    1010 
    11 Copyright (C) 2006 CCLRC & NERC 
     11@copyright (C) 2007 CCLRC & NERC 
    1212 
    13 This software may be distributed under the terms of the Q Public License, 
    14 version 1.0 or later. 
     13@license This software may be distributed under the terms of the Q Public  
     14License, version 1.0 or later. 
    1515""" 
    1616import socket 
     
    3030from datetime import datetime, timedelta 
    3131 
    32 # Temporary - for testing 
    33  
    34 # Use to verify signatures from client - in practice would be different to 
    35 # certFilePath 
    36 clntCertFilePath = '../../../../../Tests/webSphereTestcert.pem' 
    37  
    38 # Private key used to sign messages and also used for SSL connection 
    39 priKeyFilePath = '../../../../../Tests/webSphereTestkey.pem' 
    40 priKeyPwd = '../../../../../Tests/tmp' 
    41  
    42 # Cert file path used for SSL connection 
    43 certFilePath = '../../../../../Tests/webSphereTestcert.pem' 
    44  
    45  
    46 WSSecurityHandler.signatureHandler = SignatureHandler(\ 
    47                                                             certFilePath=clntCertFilePath, 
    48                                                             priKeyFilePath=priKeyFilePath, 
    49                                                             priKeyPwd=priKeyPwd) 
    50  
    51 # Test stub data for connect and reqAuthorisation calls 
    52 proxyCert = open('../../../../../Tests/x509up_u500').read().strip() 
    53 attCert = open('../../../../../Tests/ac-Rz_Qnn.xml').read().strip() 
    54  
    55  
    5632class SessionMgrServiceSub(SessionMgrService, WSResource): 
    5733 
     
    6440        # Initialize Session Manager class - encapsulates inner workings  
    6541        # including session management and proxy delegation 
    66         self.__sm = SessionMgr() 
     42        self.sm = SessionMgr() 
    6743         
    6844    def soap_addUser(self, ps, **kw): 
     
    9167        return request, response 
    9268 
    93     def soap_reqAuthorisation(self, ps, **kw): 
     69    def soap_getAttCert(self, ps, **kw): 
    9470        #import pdb;pdb.set_trace() 
    95         request, response = SessionMgrService.soap_reqAuthorisation(self, ps) 
     71        request, response = SessionMgrService.soap_getAttCert(self, ps) 
    9672        response.set_element_attCert(attCert) 
    9773        response.set_element_statusCode('AcessGranted') 
     
    10480        return request, response 
    10581 
    106 # Use default https port 
    107 portNum = 5700 
    108 hostname = socket.gethostname() 
    10982 
     83# Create Service 
     84smSrv = SessionMgrServiceSub() 
     85 
     86# Initialise WS-Security signature handler passing Attribute Authority 
     87# public and private keys 
     88WSSecurityHandler.signatureHandler = SignatureHandler(\ 
     89                                            certFilePath=smSrv.sm['certFile'], 
     90                                            priKeyFilePath=smSrv.sm['keyFile'], 
     91                                            priKeyPwd=smSrv.sm['keyPwd']) 
     92 
     93# Add Service to Session Manager branch 
    11094root = Resource() 
    111 root.putChild('SessionManager', SessionMgrServiceSub()) 
     95root.putChild('SessionManager', smSrv) 
    11296siteFactory = Site(root) 
    113 application = service.Application("ndgSecurityContainer") 
     97application = service.Application("SessionManagerContainer") 
    11498 
    115 # Try SSL 
     99# Use SSL connection 
    116100from twisted.internet import ssl 
    117101 
     
    121105 
    122106# Non-SSL 
     107#hostname = socket.gethostname() 
    123108#port = internet.TCPServer(portNum, siteFactory)#, interface=hostname) 
     109 
    124110port.setServiceParent(application) 
  • TI12-security/trunk/python/ndg.security.server/ndg/security/server/SessionMgr/start-container.sh

    r1743 r2058  
    11#! /bin/sh 
    2 ############################################################################ 
    3 # Automatically generated by wsdl2web.py 
    4 # See LBNLCopyright for copyright notice! 
    5 ########################################################################### 
    6  
     2# 
     3# NDG Security Script to start twisted with container for Session Manager 
     4#  
     5# NERC Data Grid Project 
     6# 
     7# @author P J Kershaw 23/11/06 
     8# 
     9# @copyright (C) 2007 CCLRC & NERC 
     10# 
     11# @license This software may be distributed under the terms of the Q Public  
     12# License, version 1.0 or later. 
     13# 
     14# $Id:$ 
    715EXEC=twistd  
    816OPTIONS=-noy 
  • TI12-security/trunk/python/ndg.security.test/ndg/security/test/AttAuthority/siteAServer.sh

    r2041 r2058  
    55# Attribute Authority client unit test - start server 
    66# 
    7 #@author P J Kershaw 29/07/05 
     7#@author P J Kershaw 24/01/07 
    88#                                                                                 
    99#@copyright (C) 2007 CCLRC & NERC 
     
    1111#@licence: This software may be distributed under the terms of the Q Public  
    1212# License, version 1.0 or later. 
     13# 
     14# $Id:$ 
    1315export NDGSEC_AA_PROPFILEPATH=${PWD}/siteAAttAuthorityProperties.xml 
    1416export NDGSEC_AA_UNITTEST_DIR=${PWD} 
  • TI12-security/trunk/python/ndg.security.test/ndg/security/test/AttAuthority/siteBServer.sh

    r2041 r2058  
    55# Attribute Authority client unit test - start server 
    66# 
    7 #@author P J Kershaw 29/07/05 
     7#@author P J Kershaw 24/01/07 
    88#                                                                                 
    99#@copyright (C) 2007 CCLRC & NERC 
     
    1111#@licence: This software may be distributed under the terms of the Q Public  
    1212# License, version 1.0 or later. 
     13# 
     14# $Id:$ 
    1315export NDGSEC_AA_PROPFILEPATH=${PWD}/siteBAttAuthorityProperties.xml 
    1416export NDGSEC_AA_UNITTEST_DIR=${PWD} 
  • TI12-security/trunk/python/ndg.security.test/ndg/security/test/SessionMgr/SessionMgrClientTest.py

    r1999 r2058  
    124124 
    125125 
    126     def test6CookieReqAuthorisation(self): 
    127         """test6CookieReqAuthorisation: make an authorisation request using 
     126    def test6CookieGetAttCert(self): 
     127        """test6CookieGetAttCert: make an authorisation request using 
    128128        a cookie as authentication credential""" 
    129129 
    130         print "\n\t" + self.test6CookieReqAuthorisation.__doc__         
     130        print "\n\t" + self.test6CookieGetAttCert.__doc__         
    131131        self.test2CookieConnect() 
    132132        attCert, statusCode, extAttCertList = self.clnt.reqAuthorisation(\ 
    133133            sessID=self.sessCookie.sessionID,  
    134             attAuthorityURI=self.cfg['test6CookieReqAuthorisation']['aauri'], 
     134            attAuthorityURI=self.cfg['test6CookieGetAttCert']['aauri'], 
    135135            encrSessionMgrURI=self.sessCookie.encrSessionMgrURI) 
    136136         
     
    140140 
    141141 
    142     def test6aCookieReqAuthorisationWithExtAttCertList(self): 
    143         """test6CookieReqAuthorisation: make an authorisation request using 
     142    def test6aCookieGetAttCertWithExtAttCertList(self): 
     143        """test6CookieGetAttCert: make an authorisation request using 
    144144        a cookie as authentication credential""" 
    145145         
    146         print "\n\t" + self.test6aCookieReqAuthorisationWithExtAttCertList.__doc__         
     146        print "\n\t" + self.test6aCookieGetAttCertWithExtAttCertList.__doc__         
    147147        self.test2CookieConnect() 
    148148         
    149149        aaURI = \ 
    150             self.cfg['test6aCookieReqAuthorisationWithExtAttCertList']['aauri'] 
     150            self.cfg['test6aCookieGetAttCertWithExtAttCertList']['aauri'] 
    151151             
    152152        attCert, statusCode, extAttCertList = self.clnt.reqAuthorisation(\ 
     
    161161 
    162162 
    163     def test7ProxyCertReqAuthorisation(self): 
    164         """test7ProxyCertReqAuthorisation: make an authorisation request using 
     163    def test7ProxyCertGetAttCert(self): 
     164        """test7ProxyCertGetAttCert: make an authorisation request using 
    165165        a proxy cert as authentication credential""" 
    166         print "\n\t" + self.test7ProxyCertReqAuthorisation.__doc__ 
     166        print "\n\t" + self.test7ProxyCertGetAttCert.__doc__ 
    167167        self.test3ProxyCertConnect() 
    168168         
     
    170170        # using the proxyCert returned from connect() 
    171171         
    172         aaURI = self.cfg['test7ProxyCertReqAuthorisation']['aauri'] 
     172        aaURI = self.cfg['test7ProxyCertGetAttCert']['aauri'] 
    173173        attCert, statusCode, extAttCertList = self.clnt.reqAuthorisation(\ 
    174174                                                 proxyCert=self.proxyCert, 
     
    198198                    "test4CookieDisconnect", 
    199199                    "test5ProxyCertDisconnect", 
    200                     "test6CookieReqAuthorisation", 
    201                     "test6aCookieReqAuthorisationWithExtAttCertList", 
    202                     "test7ProxyCertReqAuthorisation", 
     200                    "test6CookieGetAttCert", 
     201                    "test6aCookieGetAttCertWithExtAttCertList", 
     202                    "test7ProxyCertGetAttCert", 
    203203                    "test8GetX509Cert", 
    204204                  )) 
  • TI12-security/trunk/python/ndg.security.test/ndg/security/test/SessionMgr/sessionMgrClientTest.cfg

    r1999 r2058  
    77# This software may be distributed under the terms of the Q Public License, 
    88# version 1.0 or later. 
     9# 
     10# $Id:$ 
    911[setUp] 
    1012smuri = https://localhost:5700/SessionManager 
     
    4042#passphrase =  
    4143 
    42 [test6CookieReqAuthorisation] 
     44[test6CookieGetAttCert] 
    4345aaURI = https://localhost:5000/AttributeAuthority 
    4446 
    45 [test6aCookieReqAuthorisationWithExtAttCertList] 
     47[test6aCookieGetAttCertWithExtAttCertList] 
    4648aaURI = https://localhost:5000/AttributeAuthority 
    4749 
    48 [test7ProxyCertReqAuthorisation] 
     50[test7ProxyCertGetAttCert] 
    4951aaURI = https://localhost:5000/AttributeAuthority 
    5052 
  • TI12-security/trunk/python/www/html/sessionMgr.wsdl

    r1783 r2058  
    6868      </xsd:simpleType> 
    6969       
    70       <xsd:element name="reqAuthorisation"> 
     70      <xsd:element name="getAttCert"> 
    7171        <xsd:complexType> 
    7272                  <xsd:sequence> 
     
    8585      </xsd:element> 
    8686       
    87       <xsd:element name="reqAuthorisationResponse"> 
     87      <xsd:element name="getAttCertResponse"> 
    8888        <xsd:complexType> 
    8989              <xsd:sequence> 
     
    134134  </message> 
    135135 
    136   <message name="reqAuthorisationInputMsg"> 
    137     <part name="parameters" element="tns:reqAuthorisation"/> 
    138   </message> 
    139  
    140   <message name="reqAuthorisationOutputMsg"> 
    141     <part name="parameters" element="tns:reqAuthorisationResponse"/> 
     136  <message name="getAttCertInputMsg"> 
     137    <part name="parameters" element="tns:getAttCert"/> 
     138  </message> 
     139 
     140  <message name="getAttCertOutputMsg"> 
     141    <part name="parameters" element="tns:getAttCertResponse"/> 
    142142  </message> 
    143143 
     
    166166    </operation> 
    167167 
    168     <operation name="reqAuthorisation"> 
    169       <wsdl:input message="tns:reqAuthorisationInputMsg"/> 
    170       <wsdl:output message="tns:reqAuthorisationOutputMsg"/> 
     168    <operation name="getAttCert"> 
     169      <wsdl:input message="tns:getAttCertInputMsg"/> 
     170      <wsdl:output message="tns:getAttCertOutputMsg"/> 
    171171    </operation> 
    172172 
     
    212212    </operation> 
    213213     
    214     <operation name="reqAuthorisation"> 
    215       <soap:operation soapAction="reqAuthorisation"/> 
     214    <operation name="getAttCert"> 
     215      <soap:operation soapAction="getAttCert"/> 
    216216      <wsdl:input> 
    217217        <soap:body use="literal"/> 
Note: See TracChangeset for help on using the changeset viewer.