Ignore:
Timestamp:
31/01/07 16:28:53 (13 years ago)
Author:
pjkersha
Message:

python/ndg.security.server/ndg/security/server/AttAuthority/server-config.tac:

python/www/html/attAuthority.wsdl,
python/ndg.security.server/ndg/security/server/AttAuthority/AttAuthority_services_server.py,
python/ndg.security.common/ndg/security/common/AttAuthority/AttAuthority_services_types.py,
python/ndg.security.common/ndg/security/common/AttAuthority/AttAuthority_services.py:
Include request denied message in getAttCertResponse.

python/ndg.security.server/ndg/security/server/AttAuthority/init.py:
fix to AttAuthorityAccessDenied? doc message.

python/ndg.security.server/ndg/security/server/SessionMgr/server-config.tac:
Exlpicitly convert AttCert? in response to string type.

python/ndg.security.server/ndg/security/server/SessionMgr/init.py:

  • make explicit imports from ndg.security.common.CredWallet?
  • make X509CertParse import
  • updated exception handling for getAttCert call to CredWallet?.

python/www/html/sessionMgr.wsdl,
python/ndg.security.server/ndg/security/server/SessionMgr/SessionMgr_services_server.py,
python/ndg.security.common/ndg/security/common/SessionMgr/SessionMgr_services.py,
python/ndg.security.common/ndg/security/common/SessionMgr/SessionMgr_services_types.py:
Remove statusCode from getAttCertResponse - not needed.

python/ndg.security.test/ndg/security/test/AttAuthority/AttAuthorityClientTest.py:
minor updates to getAttCert tests.

python/ndg.security.test/ndg/security/test/MyProxy/myProxyClientTest.cfg:
fix to test1Store settings

python/ndg.security.test/ndg/security/test/MyProxy/Makefile:
makefile copies proxy obtained from MyProxy? ready for use in AttAuthority? client tests.

python/ndg.security.test/ndg/security/test/SessionMgr/SessionMgrClientTest.py:

  • add AttributeRequestDenied? import from SessionMgr?.
  • fix test4CookieDisconnect signing PKI settings
  • revised output tuple for getAttCert calls.
  • Added test6aCookieGetAttCertRefused to demonstrate attribute request denied exception
  • test3ProxyCertConnect signature verification failing at server!

python/ndg.security.test/ndg/security/test/SessionMgr/sessionMgrClientTest.cfg:
added more getAttCert test params.

python/ndg.security.common/ndg/security/common/AttAuthority/init.py:

python/ndg.security.common/ndg/security/common/wsSecurity.py:
comment out all print statements - only 'print decryptedData' affected in decrypt method
of EncryptionHandler?. This is not in use.

python/ndg.security.common/ndg/security/common/SessionMgr/init.py:

  • Added AttributeRequestDenied? exception for handling getAttCert calls.
  • msg now included in output tuple for getAttCert call.

python/ndg.security.common/ndg/security/common/AttCert.py:
Override XMLSecDoc parent class toString and str calls so that output is returned even
if the signature DOM object has not been initialised.

python/ndg.security.common/ndg/security/common/CredWallet.py:

Location:
TI12-security/trunk/python/ndg.security.test/ndg/security/test
Files:
1 added
4 edited

Legend:

Unmodified
Added
Removed
  • TI12-security/trunk/python/ndg.security.test/ndg/security/test/AttAuthority/AttAuthorityClientTest.py

    r2072 r2085  
    9090        # Make attribute certificate request 
    9191        attCert = self.clnt.getAttCert(userCert=userCertTxt) 
     92         
    9293        print "Attribute Certificate: \n\n:" + str(attCert) 
     94         
    9395        attCert.filePath = self.cfg['test5GetAttCert']['attcertfilepath'] 
    9496        attCert.write() 
     
    117119        try: 
    118120            userAttCert = AttCertRead(\ 
    119                       self.cfg['test6GetMappedAttCert']['userattcertfilepath']) 
     121                self.cfg['test6GetMappedAttCert']['userattcertfilepath']) 
    120122             
    121123        except IOError, ioErr: 
  • TI12-security/trunk/python/ndg.security.test/ndg/security/test/MyProxy/myProxyClientTest.cfg

    r2072 r2085  
    1111 
    1212[test1Store] 
    13 username: sstljakTestUser 
     13#username: sstljakTestUser 
    1414username: gabriel 
    1515passphrase: 
  • TI12-security/trunk/python/ndg.security.test/ndg/security/test/SessionMgr/SessionMgrClientTest.py

    r2079 r2085  
    1919License, version 1.0 or later. 
    2020""" 
     21reposID = "$Id:$" 
     22 
    2123import unittest 
    2224import os, sys, getpass 
    2325from ConfigParser import SafeConfigParser 
    2426 
    25 from ndg.security.common.SessionMgr import SessionMgrClient 
     27from ndg.security.common.SessionMgr import SessionMgrClient, \ 
     28    AttributeRequestDenied 
     29     
    2630from ndg.security.common.SessionCookie import SessionCookie 
    2731 
     
    104108            self.clnt.connect(self.cfg['test3ProxyCertConnect']['username'],  
    105109                              passphrase=passphrase, 
    106                               createServerSess=True, 
    107110                              getCookie=False) 
    108111        print "User '%s' connected to Session Manager:\n%s" % \ 
     
    139142         
    140143        # Use proxy to sign outbound SOAP message 
    141         self.clnt.clntCert = self.proxyCert 
    142         self.clnt.clntKey = self.proxyPriKey 
    143         self.clnt.clntPriKeyPwd = None 
     144        self.clnt.signingCert = self.proxyCert 
     145        self.clnt.signingKey = self.proxyPriKey 
     146        self.clnt.signingPriKeyPwd = None 
    144147         
    145148        self.clnt.disconnect(proxyCert=self.proxyCert) 
     
    148151 
    149152    def test6CookieGetAttCert(self): 
    150         """test6CookieGetAttCert: make an authorisation request using 
     153        """test6CookieGetAttCert: make an attribute request using 
    151154        a cookie as authentication credential""" 
    152155 
    153156        print "\n\t" + self.test6CookieGetAttCert.__doc__         
     157        self.test2CookieConnect() 
     158         
     159        attCert, extAttCertList = self.clnt.getAttCert(\ 
     160            sessID=self.sessCookie.sessionID,  
     161            encrSessionMgrURI=self.sessCookie.encrSessionMgrURI, 
     162            attAuthorityURI=self.cfg['test6CookieGetAttCert']['aauri']) 
     163         
     164        print "Attribute Certificate:\n%s" % attCert   
     165        print "External Attribute Certificate List:\n%s" % extAttCertList 
     166 
     167 
     168    def test6aCookieGetAttCertRefused(self): 
     169        """test6aCookieGetAttCertRefused: make an attribute request using 
     170        a cookie as authentication credential requesting an AC from an 
     171        Attribute Authority where the user is NOT registered""" 
     172 
     173        print "\n\t" + self.test6aCookieGetAttCertRefused.__doc__         
     174        self.test2CookieConnect() 
     175         
     176        aaURI = self.cfg['test6aCookieGetAttCertRefused']['aauri'] 
     177         
     178        try: 
     179            attCert, extAttCertList = self.clnt.getAttCert(\ 
     180                        sessID=self.sessCookie.sessionID,  
     181                        encrSessionMgrURI=self.sessCookie.encrSessionMgrURI, 
     182                        attAuthorityURI=aaURI, 
     183                        mapFromTrustedHosts=False) 
     184        except AttributeRequestDenied, e: 
     185            print "SUCCESS - obtained expected result: %s" % e 
     186            return 
     187         
     188        self.fail("Request allowed from AA where user is NOT registered!") 
     189 
     190 
     191    def test6bCookieGetMappedAttCert(self): 
     192        """test6bCookieGetMappedAttCert: make an attribute request using 
     193        a cookie as authentication credential""" 
     194 
     195        print "\n\t" + self.test6bCookieGetMappedAttCert.__doc__         
     196        self.test2CookieConnect() 
     197         
     198        attCert, extAttCertList = self.clnt.getAttCert(\ 
     199            sessID=self.sessCookie.sessionID,  
     200            encrSessionMgrURI=self.sessCookie.encrSessionMgrURI, 
     201            attAuthorityURI=self.cfg['test6bCookieGetMappedAttCert']['aauri']) 
     202         
     203        print "Attribute Certificate:\n%s" % attCert   
     204        print "External Attribute Certificate List:\n%s" % extAttCertList 
     205 
     206 
     207    def test6bCookieGetMappedAttCert(self): 
     208        """test6CookieGetAttCert: make an attribute request using 
     209        a cookie as authentication credential""" 
     210 
     211        print "\n\t" + self.test6bCookieGetMappedAttCert.__doc__         
    154212        self.test2CookieConnect() 
    155213         
     
    157215            sessID=self.sessCookie.sessionID,  
    158216            encrSessionMgrURI=self.sessCookie.encrSessionMgrURI, 
    159             attAuthorityURI=self.cfg['test6CookieGetAttCert']['aauri']) 
     217            attAuthorityURI=self.cfg['test6bCookieGetMappedAttCert']['aauri']) 
    160218         
    161219        print "Attribute Certificate:\n%s" % attCert   
     
    165223 
    166224 
    167     def test6aCookieGetAttCertWithExtAttCertList(self): 
    168         """test6CookieGetAttCert: make an authorisation request using 
    169         a cookie as authentication credential""" 
    170          
    171         print "\n\t" + self.test6aCookieGetAttCertWithExtAttCertList.__doc__         
     225    def test6cCookieGetAttCertWithExtAttCertList(self): 
     226        """test6CookieGetAttCert: make an attribute request using 
     227        a cookie as authentication credential""" 
     228         
     229        print "\n\t" + self.test6cCookieGetAttCertWithExtAttCertList.__doc__         
    172230        self.test2CookieConnect() 
    173231         
    174232        aaURI = \ 
    175             self.cfg['test6aCookieGetAttCertWithExtAttCertList']['aauri'] 
     233            self.cfg['test6cCookieGetAttCertWithExtAttCertList']['aauri'] 
    176234             
    177235        attCert, statusCode, msg, extAttCertList = self.clnt.getAttCert(\ 
     
    188246 
    189247    def test7ProxyCertGetAttCert(self): 
    190         """test7ProxyCertGetAttCert: make an authorisation request using 
     248        """test7ProxyCertGetAttCert: make an attribute request using 
    191249        a proxy cert as authentication credential""" 
    192250        print "\n\t" + self.test7ProxyCertGetAttCert.__doc__ 
     
    226284                    "test5ProxyCertDisconnect", 
    227285                    "test6CookieGetAttCert", 
    228                     "test6aCookieGetAttCertWithExtAttCertList", 
     286                    "test6bCookieGetMappedAttCert", 
     287                    "test6cCookieGetAttCertWithExtAttCertList", 
    229288                    "test7ProxyCertGetAttCert", 
    230289                    "test8GetX509Cert", 
  • TI12-security/trunk/python/ndg.security.test/ndg/security/test/SessionMgr/sessionMgrClientTest.cfg

    r2076 r2085  
    4646aaURI = http://localhost:5000/AttributeAuthority 
    4747 
    48 [test6aCookieGetAttCertWithExtAttCertList] 
    49 aaURI = http://localhost:5000/AttributeAuthority 
     48[test6aCookieGetAttCertRefused] 
     49aaURI = http://localhost:5100/AttributeAuthority 
     50 
     51[test6bCookieGetMappedAttCert] 
     52aaURI = http://localhost:5100/AttributeAuthority 
     53 
     54[test6cCookieGetAttCertWithExtAttCertList] 
     55aaURI = http://localhost:5100/AttributeAuthority 
    5056 
    5157[test7ProxyCertGetAttCert] 
Note: See TracChangeset for help on using the changeset viewer.