Ignore:
Timestamp:
30/01/07 08:57:43 (13 years ago)
Author:
pjkersha
Message:

python/ndg.security.server/ndg/security/server/SessionMgr/server-config.tac:

  • Added code to soap_getAttCert stub
  • updated WSSecurityHandler.signatureHandler initialisation with new keywords.

python/ndg.security.server/ndg/security/server/SessionMgr/init.py:

  • renamed redirectAuthorisationReq -> redirectAttCertReq
  • createUserSession now takes proxy cert, private key and user cert as inputs

python/www/html/sessionMgr.wsdl,
python/ndg.security.server/ndg/security/server/SessionMgr/SessionMgr_services_server.py,
python/ndg.security.common/ndg/security/common/SessionMgr/SessionMgr_services.py and
python/ndg.security.common/ndg/security/common/SessionMgr/SessionMgr_services_types.py:
Modified getAttCert and disconnect operations.

python/ndg.security.test/ndg/security/test/SessionMgr/SessionMgrClientTest.py:

  • updated call to SessionMgrClient? to use new SignatureHandler? keywords.
  • experimenting with disconnect calls - signature doesn't verify correctly at server side.
  • updated call to getAttcert in test6CookieGetAttCert

python/ndg.security.test/ndg/security/test/SessionMgr/sessionMgrClientTest.cfg: updated
AA URIs.

python/ndg.security.common/ndg/security/common/AttAuthority/init.py:
added getSignatureHandler property access method.

python/ndg.security.common/ndg/security/common/XMLSec.py: include more info about error
for when RSA pub key verify fails.

python/ndg.security.common/ndg/security/common/wsSecurity.py:

  • added InvalidSignature? type exception
  • include more info about error for when RSA pub key verify fails.

python/ndg.security.common/ndg/security/common/SessionMgr/init.py:

  • added getSignatureHandler property access method.
  • fix to disconnect keywords input check

python/ndg.security.common/ndg/security/common/CredWallet.py: major refactoring for
prospective beta release of NDG security -

  • attCertRefreshElapse - new attribute used by getAttCert to determine whether to replace

an existing AC in the cache with a fresh one. If the existing one has less than
attCertRefreshElapse time in seconds left before expiry then replace it

  • added epydoc formatting
  • explicit proxy cert, private key and user cert inputs to init. These are also

declared as properties with access methods.

  • proxy cert / private key used in SOAP message signatures.
  • use NullCredRepos? class as default Credential Repository
  • refactoring of WS calls to AA in line with new AttAuthorityClient? interface.
Location:
TI12-security/trunk/python/ndg.security.test/ndg/security/test/SessionMgr
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • TI12-security/trunk/python/ndg.security.test/ndg/security/test/SessionMgr/SessionMgrClientTest.py

    r2070 r2076  
    5252        # Omit traceFile keyword to leave out SOAP debug info 
    5353        self.clnt = SessionMgrClient(uri=self.cfg['setUp']['smuri'], 
    54                 srvCertFilePath=self.cfg['setUp']['srvcertfilepath'], 
    55                 clntCertFilePath=self.cfg['setUp']['clntcertfilepath'], 
    56                 clntPriKeyFilePath=self.cfg['setUp']['clntprikeyfilepath'], 
    57                 clntPriKeyPwd=clntPriKeyPwd, 
     54                verifyingCertFilePath=self.cfg['setUp']['srvcertfilepath'], 
     55                signingCertFilePath=self.cfg['setUp']['clntcertfilepath'], 
     56                signingPriKeyFilePath=self.cfg['setUp']['clntprikeyfilepath'], 
     57                signingPriKeyPwd=clntPriKeyPwd, 
    5858                tracefile=tracefile)  
    5959         
     
    117117        self.test2CookieConnect() 
    118118         
    119         self.clnt.disconnect(sessCookie=str(self.sessCookie)) 
     119        # Use proxy cert / private key just obtained from connect call for 
     120        # signature generation 
     121        self.clnt.signatureHandler.signingCert = self.proxyCert 
     122        self.clnt.signatureHandler.signingCertPriKey = self.proxyPriKey 
     123         
     124        self.clnt.disconnect(#userCert=self.userCert, 
     125                             #sessCookie=str(self.sessCookie) 
     126                             #sessID="A", 
     127                             #encrSessionMgrURI="B" 
     128                             ) 
     129         
    120130        print "User disconnected from Session Manager:\n%s" % self.sessCookie 
    121131             
     
    143153        print "\n\t" + self.test6CookieGetAttCert.__doc__         
    144154        self.test2CookieConnect() 
    145         attCert, statusCode, extAttCertList = self.clnt.reqAuthorisation(\ 
     155        attCert, statusCode, extAttCertList = self.clnt.getAttCert(\ 
    146156            sessID=self.sessCookie.sessionID,  
    147157            attAuthorityURI=self.cfg['test6CookieGetAttCert']['aauri'], 
     
    149159         
    150160        print "Attribute Certificate:\n%s" % attCert   
    151         print "User authorisation: %s" % statusCode 
     161        print "User access: %s" % statusCode 
    152162        print "External Attribute Certificate List:\n%s" % extAttCertList 
    153163 
  • TI12-security/trunk/python/ndg.security.test/ndg/security/test/SessionMgr/sessionMgrClientTest.cfg

    r2072 r2076  
    4444 
    4545[test6CookieGetAttCert] 
    46 aaURI = https://localhost:5000/AttributeAuthority 
     46aaURI = http://localhost:5000/AttributeAuthority 
    4747 
    4848[test6aCookieGetAttCertWithExtAttCertList] 
    49 aaURI = https://localhost:5000/AttributeAuthority 
     49aaURI = http://localhost:5000/AttributeAuthority 
    5050 
    5151[test7ProxyCertGetAttCert] 
    52 aaURI = https://localhost:5000/AttributeAuthority 
     52aaURI = http://localhost:5000/AttributeAuthority 
    5353 
    5454 
Note: See TracChangeset for help on using the changeset viewer.