Ignore:
Timestamp:
26/07/07 16:43:00 (13 years ago)
Author:
pjkersha
Message:

ndg.security.server/ndg/security/server/conf/sessionMgrProperties.xml:

  • don't comment out hostname instead include by default

ndg.security.server/ndg/security/server/SessionMgr/init.py:

  • fixed comment typo

ndg.security.server/ndg/security/server/MyProxy.py:

to prevent setting of OpenSSL config file without the required file name and
directory path.

ndg.security.test/ndg/security/test/AttCert/attCertTest.cfg,
ndg.security.test/ndg/security/test/AttCert/AttCertTest.py:

  • fixed unit tests for AC signature verification. certFilePathList can now

be set to include CA certs. to verify the X.509 cert. used in the signature

ndg.security.test/ndg/security/test/SessionMgr/SessionMgrClientTest.py:

  • fix: extAttCertList is no longer returned in getAttCert calls to SM client.

ndg.security.test/ndg/security/test/SessionMgr/sessionMgrClientTest.cfg:

  • tests with services on glue

ndg.security.common/ndg/security/common/XMLSec.py:

  • fixed verifyEnvelopedSignature so that it is now possible to verify the

X.509 cert. in the signature against it's issuing CA cert.

ndg.security.common/ndg/security/common/SessionMgr/init.py:

  • modified getAttCert call so that extAttCertList is no longer passed back in

the returned tuple but is instead included as an attribute of the
AttributeRequestDenied? exception type.

  • updated pydoc for getAttCert method

ndg.security.common/ndg/security/common/AttAuthority/init.py:

  • typo fix - doesn't affect execution

ndg.security.common/ndg/security/common/CredWallet.py:

  • updates to getAttCert call pydoc
  • and getAttCert exception handling
Location:
TI12-security/trunk/python/ndg.security.test/ndg/security/test
Files:
4 edited

Legend:

Unmodified
Added
Removed
  • TI12-security/trunk/python/ndg.security.test/ndg/security/test/AttCert/AttCertTest.py

    r2686 r2746  
    204204        '''test12IsValid: check signature of XML document'''             
    205205        self.test11Read() 
    206         self.attCert.certFilePathList=self.cfg['test12IsValid']['certfile'] 
     206        self.attCert.certFilePathList = \ 
     207                    self.cfg['test12IsValid']['certfilepathlist'].split() 
    207208        self.attCert.isValid(raiseExcep=True) 
     209        print 'test12IsValid: passed' 
    208210         
    209211 
     
    215217         
    216218        self.attCert.certFilePathList = \ 
    217                             self.cfg['test13IsValidStressTest']['certfile'] 
     219            self.cfg['test13IsValidStressTest']['certfilepathlist'].split() 
    218220        self.attCert.signingKeyFilePath = \ 
    219221                            self.cfg['test13IsValidStressTest']['keyfile'] 
     
    237239             
    238240            # Write AC file names by index 
    239             self.attCert.filePath = "%03d.xml" % i 
     241            self.attCert.filePath = "stress-test-ac-%03d.xml" % i 
    240242             
    241243            self.attCert.applyEnvelopedSignature() 
    242244            self.attCert.write() 
    243  
    244             self.attCert.certFilePathList = \ 
    245                             self.cfg['test13IsValidStressTest']['certfile'] 
    246245 
    247246            try: 
     
    258257        self.attCert.read() 
    259258         
    260         self.attCert.certFilePathList=self.cfg['test14IsValidSignature']['certfile'] 
     259        self.attCert.certFilePathList = \ 
     260                self.cfg['test14IsValidSignature']['certfilepathlist'].split() 
    261261        self.attCert.verifyEnvelopedSignature() 
    262262         
  • TI12-security/trunk/python/ndg.security.test/ndg/security/test/AttCert/attCertTest.cfg

    r2437 r2746  
    1818filePath: ./ac.xml 
    1919 
    20 [test11Read]]]] 
     20[test11Read] 
    2121filePath: ./ac.xml 
    2222 
    2323[test12IsValid] 
    24 certFile: ./cert.pem 
     24certFilePathList: ./cacert.pem 
    2525 
    2626[test13IsValidStressTest] 
    27 certFile: ./cert.pem 
     27# First cert is added to the signature, both certs are used in the  
     28# verification 
     29certFilepathlist: ./cert.pem ./cacert.pem 
    2830keyFile: ./key.pem 
    2931#keyPwd: 
    30 nruns: 100 
     32nruns: 30 
    3133 
    3234[test14IsValidSignature] 
    33 certFile: ./cert.pem 
    34 filePath: ./badSignature.xml 
     35certFilePathList: ./cacert.pem 
     36filePath: ./ac.xml 
    3537 
    3638 
  • TI12-security/trunk/python/ndg.security.test/ndg/security/test/SessionMgr/SessionMgrClientTest.py

    r2685 r2746  
    220220        self.test2Connect() 
    221221         
    222         attCert, extAttCertList = self.clnt.getAttCert(\ 
     222        attCert = self.clnt.getAttCert(\ 
    223223            sessID=self.sessID,  
    224224            attAuthorityURI=self.cfg['test6GetAttCertUsingSessID']['aauri']) 
    225225         
    226226        print "Attribute Certificate:\n%s" % attCert   
    227         print "External Attribute Certificate List:\n%s" % extAttCertList 
    228227 
    229228 
     
    239238         
    240239        try: 
    241             attCert, extAttCertList = self.clnt.getAttCert(\ 
    242                                                     sessID=self.sessID,  
    243                                                     attAuthorityURI=aaURI, 
    244                                                     mapFromTrustedHosts=False) 
     240            attCert = self.clnt.getAttCert(sessID=self.sessID,  
     241                                           attAuthorityURI=aaURI, 
     242                                           mapFromTrustedHosts=False) 
    245243        except AttributeRequestDenied, e: 
    246244            print "SUCCESS - obtained expected result: %s" % e 
     
    259257        aaURI = self.cfg['test6bGetMappedAttCertUsingSessID']['aauri'] 
    260258         
    261         attCert, extAttCertList = self.clnt.getAttCert(sessID=self.sessID,  
    262                                                        attAuthorityURI=aaURI) 
     259        attCert=self.clnt.getAttCert(sessID=self.sessID,attAuthorityURI=aaURI) 
    263260         
    264261        print "Attribute Certificate:\n%s" % attCert   
    265         print "External Attribute Certificate List:\n%s" % extAttCertList 
    266262 
    267263 
     
    277273            self.cfg['test6cGetAttCertWithExtAttCertListUsingSessID']['aauri'] 
    278274             
    279         attCert, extAttCertList = self.clnt.getAttCert(\ 
    280                                         sessID=self.sessID,  
    281                                         attAuthorityURI=aaURI, 
    282                                         extAttCertList=['AC1', 'AC2', 'AC3']) 
     275        attCert = self.clnt.getAttCert(sessID=self.sessID,  
     276                                       attAuthorityURI=aaURI, 
     277                                       extAttCertList=['AC1', 'AC2', 'AC3']) 
    283278           
    284279        print "Attribute Certificate:\n%s" % attCert   
    285         print "External Attribute Certificate List:\n%s" % extAttCertList 
    286280 
    287281 
     
    301295         
    302296        aaURI = self.cfg['test7GetAttCertUsingProxyCert']['aauri'] 
    303         attCert, extAttCertList = self.clnt.getAttCert(attAuthorityURI=aaURI) 
     297        attCert = self.clnt.getAttCert(attAuthorityURI=aaURI) 
    304298           
    305299        print "Attribute Certificate:\n%s" % attCert   
    306         print "External Attribute Certificate List:\n%s" % extAttCertList 
    307300 
    308301 
  • TI12-security/trunk/python/ndg.security.test/ndg/security/test/SessionMgr/sessionMgrClientTest.cfg

    r2685 r2746  
    1010# $Id:$ 
    1111[setUp] 
    12 smuri = https://localhost:5700/SessionManager 
     12#smuri = https://localhost:5700/SessionManager 
     13smuri = https://glue.badc.rl.ac.uk:50000/SessionManager 
    1314 
    1415# For https connections only.  !Omit ssl* settings if using http! 
    1516# sslpeercertcn is the expected CommonName of peer cert.  Omit if it's the  
    1617# same as peer hostname.  
    17 sslpeercertcn = webSphereTest 
     18#sslpeercertcn = webSphereTest 
    1819sslcacertfilepathlist = cacert.pem 
    1920 
     
    5253  
    5354[test2Connect]          
    54 username = raphaelTest 
     55username = lawrence 
     56#username = raphaelTest 
    5557#username = gabriel 
    5658#passphrase =  
     
    7476 
    7577[test7GetAttCertUsingProxyCert] 
    76 aaURI = https://localhost:5000/AttributeAuthority 
    77  
    78  
    79  
     78#aaURI = https://localhost:5000/AttributeAuthority 
     79aaURI = http://glue.badc.rl.ac.uk/services/ndg/security/AttributeAuthority 
Note: See TracChangeset for help on using the changeset viewer.