Ignore:
Timestamp:
30/01/07 08:57:43 (13 years ago)
Author:
pjkersha
Message:

python/ndg.security.server/ndg/security/server/SessionMgr/server-config.tac:

  • Added code to soap_getAttCert stub
  • updated WSSecurityHandler.signatureHandler initialisation with new keywords.

python/ndg.security.server/ndg/security/server/SessionMgr/init.py:

  • renamed redirectAuthorisationReq -> redirectAttCertReq
  • createUserSession now takes proxy cert, private key and user cert as inputs

python/www/html/sessionMgr.wsdl,
python/ndg.security.server/ndg/security/server/SessionMgr/SessionMgr_services_server.py,
python/ndg.security.common/ndg/security/common/SessionMgr/SessionMgr_services.py and
python/ndg.security.common/ndg/security/common/SessionMgr/SessionMgr_services_types.py:
Modified getAttCert and disconnect operations.

python/ndg.security.test/ndg/security/test/SessionMgr/SessionMgrClientTest.py:

  • updated call to SessionMgrClient? to use new SignatureHandler? keywords.
  • experimenting with disconnect calls - signature doesn't verify correctly at server side.
  • updated call to getAttcert in test6CookieGetAttCert

python/ndg.security.test/ndg/security/test/SessionMgr/sessionMgrClientTest.cfg: updated
AA URIs.

python/ndg.security.common/ndg/security/common/AttAuthority/init.py:
added getSignatureHandler property access method.

python/ndg.security.common/ndg/security/common/XMLSec.py: include more info about error
for when RSA pub key verify fails.

python/ndg.security.common/ndg/security/common/wsSecurity.py:

  • added InvalidSignature? type exception
  • include more info about error for when RSA pub key verify fails.

python/ndg.security.common/ndg/security/common/SessionMgr/init.py:

  • added getSignatureHandler property access method.
  • fix to disconnect keywords input check

python/ndg.security.common/ndg/security/common/CredWallet.py: major refactoring for
prospective beta release of NDG security -

  • attCertRefreshElapse - new attribute used by getAttCert to determine whether to replace

an existing AC in the cache with a fresh one. If the existing one has less than
attCertRefreshElapse time in seconds left before expiry then replace it

  • added epydoc formatting
  • explicit proxy cert, private key and user cert inputs to init. These are also

declared as properties with access methods.

  • proxy cert / private key used in SOAP message signatures.
  • use NullCredRepos? class as default Credential Repository
  • refactoring of WS calls to AA in line with new AttAuthorityClient? interface.
File:
1 edited

Legend:

Unmodified
Added
Removed
  • TI12-security/trunk/python/www/html/sessionMgr.wsdl

    r2063 r2076  
    6161        <xsd:complexType/> 
    6262      </xsd:element> 
    63        
    64       <xsd:simpleType name="attCertList"> 
    65         <xsd:list itemType="tns:attCert"/> 
    66       </xsd:simpleType> 
    67  
    68       <xsd:simpleType name="trustedHostList"> 
    69                 <xsd:list itemType="tns:trustedHost"/> 
    70       </xsd:simpleType> 
    71        
     63             
    7264      <xsd:element name="getAttCert"> 
    7365        <xsd:complexType> 
     
    9284                <xsd:element name="attCert" type="xsd:string" minOccurs="0" maxOccurs="1"/> 
    9385                <xsd:element name="statusCode" type="xsd:string" minOccurs="1" maxOccurs="1"/> 
     86                <xsd:element name="msg" type="xsd:string" minOccurs="0" maxOccurs="1"/> 
    9487                        <xsd:element name="extAttCert" type="xsd:string" minOccurs="0" maxOccurs="unbounded"/> 
    9588              </xsd:sequence> 
Note: See TracChangeset for help on using the changeset viewer.