Ignore:
Timestamp:
09/02/07 14:55:08 (13 years ago)
Author:
pjkersha
Message:

python/ndg.security.server/setup.py:

  • comment out Twisted from install - won't do egg install
  • updated long description

python/ndg.security.server/ndg/security/server/AttAuthority/server-config.tac:

  • added verifyingCertFilePath keyword to SignatureHandler? initialisation
  • added SSL capability

python/conf/attAuthorityProperties.xml,
python/ndg.security.test/ndg/security/test/AttAuthority/siteAAttAuthorityProperties.xml,
python/ndg.security.test/ndg/security/test/AttAuthority/siteBAttAuthorityProperties.xml,
python/ndg.security.server/ndg/security/server/AttAuthority/init.py:
added element names for reading SSL settings from properties file.

python/ndg.security.server/ndg/security/server/SessionMgr/server-config.tac:
added verifyingCertFilePath keyword to SignatureHandler? initialisation

python/conf/sessionMgrProperties.xml,
python/ndg.security.test/ndg/security/test/SessionMgr/sessionMgrProperties.xml,
python/ndg.security.server/ndg/security/server/SessionMgr/init.py:
added clntCertFile properties file element name for setting certificate for
verifying incoming SOAP messages.

python/ndg.security.server/ndg/security/server/SessionMgr/Makefile:
corrected typo.

python/ndg.security.server/ndg/security/server/MyProxy.py:
Put OpenSSLConfig and OpenSSLConfigError classes into their own package
'openssl' so that they can also be used by the Certificate Authority client.

python/www/html/certificateAuthority.wsdl,
python/ndg.security.server/ndg/security/server/ca/CertificateAuthority_services_server.py,
python/ndg.security.common/ndg/security/common/ca/CertificateAuthority_services_types.py,
python/ndg.security.common/ndg/security/common/ca/CertificateAuthority_services.py: updated operations to issueCert, revokeCert and getCRL.

python/ndg.security.test/ndg/security/test/AttAuthority/attAuthorityClientTest.cfg: changed address of service to connect to.

python/ndg.security.test/ndg/security/test/SessionMgr/sessionMgrClientTest.cfg:
alternative username connection settings

python/ndg.security.common/ndg/security/common/AttAuthority/init.py:
fixed typos in error message and comments.

ython/ndg.security.common/ndg/security/common/XMLSec.py: changed call to
getAttributeNodeNS to getAttributeNode for retrieving reference element URI
attribute.

python/ndg.security.common/ndg/security/common/ca/init.py: code for
Certificate Authority client

python/ndg.security.common/ndg/security/common/wsSecurity.py:

  • tidied up imports
  • added properties for setting keywords to reference and SignedInfo? C14N
  • changed sign method so that it is truely configurable allow use of inclusive or exclusive C14N based on the keywords set for reference and SignedInfo? C14N calls.
  • swapped calls to getAttributeNodeNS with getAttributeNode where appropriate.

java/DEWS/AttAuthority/appClientModule/META-INF/ibm-webservicesclient-bnd.xmi,
java/DEWS/AttAuthority/build/classes/META-INF/ibm-webservicesclient-bnd.xmi:
updated to that request generator correctly places X.509 cert in
BinarySecurityToken? element.

java/DEWS/AttAuthority/appClientModule/Main.java,
java/DEWS/AttAuthority/appClientjava/DEWS/AttAuthority/appClientModule/META-INF/ibm-webservicesclient-bnd.xmiModule/Main.java:
include calls to getX509Cert and getAttCert methods.

java/DEWS/SessionMgr/build/classes/META-INF/ibm-webservicesclient-bnd.xmi,
java/DEWS/SessionMgr/appClientModule/META-INF/ibm-webservicesclient-bnd.xmi:
updates for testing Session MAnager client

java/DEWS/SessionMgr/appClientModule/Main.java: switched username setting.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • TI12-security/trunk/python/ndg.security.common/ndg/security/common/ca/CertificateAuthority_services.py

    r2131 r2136  
    11##################################################  
    2 # simpleCA_services.py  
    3 # generated by ZSI.wsdl2python  
    4 #  
    5 #  
     2# CertificateAuthority_services.py  
     3# generated by ZSI.generate.wsdl2python 
    64################################################## 
    75 
    86 
     7from CertificateAuthority_services_types import * 
    98import urlparse, types 
    10 from ZSI.TCcompound import Struct 
     9from ZSI.TCcompound import ComplexType, Struct 
    1110from ZSI import client 
    1211import ZSI 
     12from ZSI.generate.pyclass import pyclass_type 
    1313 
    14 class simpleCAServiceInterface: 
    15     def getsimpleCA(self, portAddress=None, **kw): 
    16         raise NonImplementationError, "method not implemented" 
     14# Locator 
     15class CertificateAuthorityServiceLocator: 
     16    CertificateAuthority_address = "http://localhost:5001" 
     17    def getCertificateAuthorityAddress(self): 
     18        return CertificateAuthorityServiceLocator.CertificateAuthority_address 
     19    def getCertificateAuthority(self, url=None, **kw): 
     20        return CertificateAuthorityBindingSOAP(url or CertificateAuthorityServiceLocator.CertificateAuthority_address, **kw) 
    1721 
     22# Methods 
     23class CertificateAuthorityBindingSOAP: 
     24    def __init__(self, url, **kw): 
     25        kw.setdefault("readerclass", None) 
     26        kw.setdefault("writerclass", None) 
     27        # no resource properties 
     28        self.binding = client.Binding(url=url, **kw) 
     29        # no ws-addressing 
    1830 
    19 class simpleCAServiceLocator(simpleCAServiceInterface): 
    20     simpleCA_address = "http://127.0.0.1:5000/simpleCA.wsdl" 
    21     def getsimpleCAAddress(self): 
    22         return simpleCAServiceLocator.simpleCA_address 
     31    # op: <ZSI.wstools.WSDLTools.Message instance at 0x406a3f8c> 
     32    def issueCert(self, x509CertReq): 
    2333 
    24     def getsimpleCA(self, portAddress=None, **kw): 
    25         return simpleCABindingSOAP(portAddress or simpleCAServiceLocator.simpleCA_address, **kw) 
     34        request = issueCertInputMsg() 
     35        request._x509CertReq = x509CertReq 
    2636 
     37        kw = {} 
     38        # no input wsaction 
     39        self.binding.Send(None, None, request, soapaction="issueCert", **kw) 
     40        # no output wsaction 
     41        response = self.binding.Receive(issueCertOutputMsg.typecode) 
     42        x509Cert = response._x509Cert 
     43        return x509Cert 
    2744 
    28 class simpleCABindingSOAP: 
     45    # op: <ZSI.wstools.WSDLTools.Message instance at 0x406ab2cc> 
     46    def revokeCert(self, x509Cert): 
    2947 
    30     def __init__(self, addr, **kw): 
    31         netloc = (urlparse.urlparse(addr)[1]).split(":") + [80,] 
    32         if not kw.has_key("host"): 
    33             kw["host"] = netloc[0] 
    34         if not kw.has_key("port"): 
    35             kw["port"] = int(netloc[1]) 
    36         if not kw.has_key("url"): 
    37             kw["url"] =  urlparse.urlparse(addr)[2] 
    38         self.binding = client.Binding(**kw) 
     48        request = revokeCertInputMsg() 
     49        request._x509Cert = x509Cert 
    3950 
     51        kw = {} 
     52        # no input wsaction 
     53        self.binding.Send(None, None, request, soapaction="revokeCert", **kw) 
     54        # no output wsaction 
     55        response = self.binding.Receive(revokeCertOutputMsg.typecode) 
     56        return  
    4057 
    41     def reqCert(self, request): 
    42         """ 
    43         @param: request to reqCertRequest:: 
    44           _usrCertReq: str 
     58    # op: <ZSI.wstools.WSDLTools.Message instance at 0x406ab7ec> 
     59    def getCRL(self): 
    4560 
    46         @return: response from reqCertResponse:: 
    47           _errMsg: str 
    48           _usrCert: str 
    49         """ 
     61        request = getCRLInputMsg() 
    5062 
    51         if not isinstance(request, reqCertRequest) and\ 
    52             not issubclass(reqCertRequest, request.__class__): 
    53             raise TypeError, "%s incorrect request type" %(request.__class__) 
    5463        kw = {} 
    55         response = self.binding.Send(None, None, request, soapaction="urn:simpleCA#reqCert", **kw) 
    56         response = self.binding.Receive(reqCertResponseWrapper()) 
    57         if not isinstance(response, reqCertResponse) and\ 
    58             not issubclass(reqCertResponse, response.__class__): 
    59             raise TypeError, "%s incorrect response type" %(response.__class__) 
    60         return response 
     64        # no input wsaction 
     65        self.binding.Send(None, None, request, soapaction="getCRL", **kw) 
     66        # no output wsaction 
     67        response = self.binding.Receive(getCRLOutputMsg.typecode) 
     68        crl = response._crl 
     69        return crl 
    6170 
     71issueCertInputMsg = ns0.issueCert_Dec().pyclass 
    6272 
     73issueCertOutputMsg = ns0.issueCertResponse_Dec().pyclass 
    6374 
    64 class reqCertRequest (ZSI.TCcompound.Struct):  
    65     def __init__(self, name=None, ns=None): 
    66         self._usrCertReq = None 
     75revokeCertInputMsg = ns0.revokeCert_Dec().pyclass 
    6776 
    68         oname = None 
    69         if name: 
    70             oname = name 
    71             if ns: 
    72                 oname += ' xmlns="%s"' % ns 
    73             ZSI.TC.Struct.__init__(self, reqCertRequest, [ZSI.TC.String(pname="usrCertReq",aname="_usrCertReq",optional=1),], pname=name, aname="_%s" % name, oname=oname ) 
     77revokeCertOutputMsg = ns0.revokeCertResponse_Dec().pyclass 
    7478 
    75 class reqCertRequestWrapper(reqCertRequest): 
    76     """wrapper for rpc:encoded message""" 
     79getCRLInputMsg = ns0.getCRL_Dec().pyclass 
    7780 
    78     typecode = reqCertRequest(name='reqCert', ns='urn:simpleCA') 
    79     def __init__( self, name=None, ns=None, **kw ): 
    80         reqCertRequest.__init__( self, name='reqCert', ns='urn:simpleCA' ) 
    81  
    82 class reqCertResponse (ZSI.TCcompound.Struct):  
    83     def __init__(self, name=None, ns=None): 
    84         self._usrCert = None 
    85         self._errMsg = None 
    86  
    87         oname = None 
    88         if name: 
    89             oname = name 
    90             if ns: 
    91                 oname += ' xmlns="%s"' % ns 
    92             ZSI.TC.Struct.__init__(self, reqCertResponse, [ZSI.TC.String(pname="usrCert",aname="_usrCert",optional=1),ZSI.TC.String(pname="errMsg",aname="_errMsg",optional=1),], pname=name, aname="_%s" % name, oname=oname ) 
    93  
    94 class reqCertResponseWrapper(reqCertResponse): 
    95     """wrapper for rpc:encoded message""" 
    96  
    97     typecode = reqCertResponse(name='reqCertResponse', ns='urn:simpleCA') 
    98     def __init__( self, name=None, ns=None, **kw ): 
    99         reqCertResponse.__init__( self, name='reqCertResponse', ns='urn:simpleCA' ) 
     81getCRLOutputMsg = ns0.getCRLResponse_Dec().pyclass 
Note: See TracChangeset for help on using the changeset viewer.