Ignore:
Timestamp:
09/02/07 14:55:08 (13 years ago)
Author:
pjkersha
Message:

python/ndg.security.server/setup.py:

  • comment out Twisted from install - won't do egg install
  • updated long description

python/ndg.security.server/ndg/security/server/AttAuthority/server-config.tac:

  • added verifyingCertFilePath keyword to SignatureHandler? initialisation
  • added SSL capability

python/conf/attAuthorityProperties.xml,
python/ndg.security.test/ndg/security/test/AttAuthority/siteAAttAuthorityProperties.xml,
python/ndg.security.test/ndg/security/test/AttAuthority/siteBAttAuthorityProperties.xml,
python/ndg.security.server/ndg/security/server/AttAuthority/init.py:
added element names for reading SSL settings from properties file.

python/ndg.security.server/ndg/security/server/SessionMgr/server-config.tac:
added verifyingCertFilePath keyword to SignatureHandler? initialisation

python/conf/sessionMgrProperties.xml,
python/ndg.security.test/ndg/security/test/SessionMgr/sessionMgrProperties.xml,
python/ndg.security.server/ndg/security/server/SessionMgr/init.py:
added clntCertFile properties file element name for setting certificate for
verifying incoming SOAP messages.

python/ndg.security.server/ndg/security/server/SessionMgr/Makefile:
corrected typo.

python/ndg.security.server/ndg/security/server/MyProxy.py:
Put OpenSSLConfig and OpenSSLConfigError classes into their own package
'openssl' so that they can also be used by the Certificate Authority client.

python/www/html/certificateAuthority.wsdl,
python/ndg.security.server/ndg/security/server/ca/CertificateAuthority_services_server.py,
python/ndg.security.common/ndg/security/common/ca/CertificateAuthority_services_types.py,
python/ndg.security.common/ndg/security/common/ca/CertificateAuthority_services.py: updated operations to issueCert, revokeCert and getCRL.

python/ndg.security.test/ndg/security/test/AttAuthority/attAuthorityClientTest.cfg: changed address of service to connect to.

python/ndg.security.test/ndg/security/test/SessionMgr/sessionMgrClientTest.cfg:
alternative username connection settings

python/ndg.security.common/ndg/security/common/AttAuthority/init.py:
fixed typos in error message and comments.

ython/ndg.security.common/ndg/security/common/XMLSec.py: changed call to
getAttributeNodeNS to getAttributeNode for retrieving reference element URI
attribute.

python/ndg.security.common/ndg/security/common/ca/init.py: code for
Certificate Authority client

python/ndg.security.common/ndg/security/common/wsSecurity.py:

  • tidied up imports
  • added properties for setting keywords to reference and SignedInfo? C14N
  • changed sign method so that it is truely configurable allow use of inclusive or exclusive C14N based on the keywords set for reference and SignedInfo? C14N calls.
  • swapped calls to getAttributeNodeNS with getAttributeNode where appropriate.

java/DEWS/AttAuthority/appClientModule/META-INF/ibm-webservicesclient-bnd.xmi,
java/DEWS/AttAuthority/build/classes/META-INF/ibm-webservicesclient-bnd.xmi:
updated to that request generator correctly places X.509 cert in
BinarySecurityToken? element.

java/DEWS/AttAuthority/appClientModule/Main.java,
java/DEWS/AttAuthority/appClientjava/DEWS/AttAuthority/appClientModule/META-INF/ibm-webservicesclient-bnd.xmiModule/Main.java:
include calls to getX509Cert and getAttCert methods.

java/DEWS/SessionMgr/build/classes/META-INF/ibm-webservicesclient-bnd.xmi,
java/DEWS/SessionMgr/appClientModule/META-INF/ibm-webservicesclient-bnd.xmi:
updates for testing Session MAnager client

java/DEWS/SessionMgr/appClientModule/Main.java: switched username setting.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • TI12-security/trunk/python/ndg.security.server/ndg/security/server/SessionMgr/server-config.tac

    r2108 r2136  
    11#!/usr/bin/env python 
    2 """NDG Security Attribute Authority .tac file  
     2"""NDG Security Session Manager .tac file  
    33 
    44This file enables the Session Manager web service to be  
     
    100100 
    101101# Create Service 
    102 smSrv = SessionMgrServiceSub() 
     102srv = SessionMgrServiceSub() 
    103103 
    104104# Initialise WS-Security signature handler passing Attribute Authority 
    105105# public and private keys 
    106106WSSecurityHandler.signatureHandler = SignatureHandler(\ 
    107                                                                         verifyingCertFilePath='/home/pjkersha/Development/security/python/Tests/webSphereTestcert.pem', 
    108                                     signingCertFilePath=smSrv.sm['certFile'], 
    109                                     signingPriKeyFilePath=smSrv.sm['keyFile'], 
    110                                     signingPriKeyPwd=smSrv.sm['keyPwd']) 
     107                                                                verifyingCertFilePath=srv.sm['clntCertFile'], 
     108                                    signingCertFilePath=srv.sm['certFile'], 
     109                                    signingPriKeyFilePath=srv.sm['keyFile'], 
     110                                    signingPriKeyPwd=srv.sm['keyPwd']) 
    111111 
    112112# Add Service to Session Manager branch 
    113113root = Resource() 
    114 root.putChild('SessionManager', smSrv) 
     114root.putChild('SessionManager', srv) 
    115115siteFactory = Site(root) 
    116 application = service.Application("SessionManagerContainer") 
    117116 
    118 if smSrv.sm['useSSL']: 
     117if srv.sm['useSSL']: 
    119118        # Use SSL connection 
    120119        from twisted.internet import ssl 
    121120         
    122121        # Nb. ssl.DefaultOpenSSLContextFactory requires pyOpenSSL 
    123         ctxFactory = ssl.DefaultOpenSSLContextFactory(smSrv.sm['sslKeyFile'],  
    124                                                                                                   smSrv.sm['sslCertFile']) 
    125         port = internet.SSLServer(smSrv.sm['portNum'], siteFactory, ctxFactory) 
     122        ctxFactory = ssl.DefaultOpenSSLContextFactory(srv.sm['sslKeyFile'],  
     123                                                                                                  srv.sm['sslCertFile']) 
     124        port = internet.SSLServer(srv.sm['portNum'], siteFactory, ctxFactory) 
    126125else:    
    127126        # Non-SSL 
    128         port = internet.TCPServer(smSrv.sm['portNum'], siteFactory) 
     127        port = internet.TCPServer(srv.sm['portNum'], siteFactory) 
    129128 
     129application = service.Application("SessionManagerContainer") 
    130130port.setServiceParent(application) 
Note: See TracChangeset for help on using the changeset viewer.