Ignore:
Timestamp:
05/10/07 17:55:51 (13 years ago)
Author:
pjkersha
Message:

Updated Attribute Authority adding new info to the map configuration:

  • The DN of Attribute Authority cert
  • the cert DN of the Login Service https server
  • the cert DN for the https server making REQUESTS to the Login Service. This enables the latter to validate requests and prevent phishing attacks.

Also added a new WSDL operation getAllHostsInfo. This combines getHostInfo and getTrustedHostInfo simplifying code for the WAYF.

ndg.security.common/ndg/security/common/m2CryptoSSLUtility.py: HostCheck? class can now accept multiple peerCertDNs to validate against.

Location:
TI12-security/trunk/python/ndg.security.test/ndg/security/test/AttAuthority
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • TI12-security/trunk/python/ndg.security.test/ndg/security/test/AttAuthority/AttAuthorityClientTest.py

    r2909 r2931  
    129129        trustedHostInfo = self.clnt.getTrustedHostInfo() 
    130130        print "Trusted Host Info:\n %s" % trustedHostInfo 
     131         
     132 
     133    def test4aGetAllHostsInfo(self): 
     134        """test4aGetAllHostsInfo: retrieve info for all hosts""" 
     135        hostInfo = self.clnt.getAllHostsInfo() 
     136        print "All Hosts Info:\n %s" % hostInfo 
    131137 
    132138 
  • TI12-security/trunk/python/ndg.security.test/ndg/security/test/AttAuthority/siteAMapConfig.xml

    r2926 r2931  
    44        <aaURI>http://localhost:5000/AttributeAuthority</aaURI> 
    55        <loginURI>https://localhost/login</loginURI> 
     6            <aaDN>/O=NDG/OU=Site A/CN=AttributeAuthority</aaDN> 
     7            <loginServerDN>/C=UK/ST=Oxfordshire/O=STFC/OU=BADC/CN=localhost</loginServerDN> 
     8            <loginRequestServerDN>/C=UK/ST=Oxfordshire/O=STFC/OU=BADC/CN=localhost</loginRequestServerDN> 
    69    </thisHost> 
    710    <trusted name="Site C"> 
    811        <aaURI>attAuthorityURI</aaURI> 
    912        <loginURI>http://www.sitec.blah/loginPageURI</loginURI> 
     13            <aaDN/> 
     14            <loginServerDN/> 
     15            <loginRequestServerDN/> 
    1016        <role remote="StaffMember" local="staff"/> 
    1117    </trusted> 
     
    1319        <aaURI>attAuthorityURI</aaURI> 
    1420        <loginURI>loginPageURI</loginURI> 
     21            <aaDN/> 
     22            <loginServerDN/> 
     23            <loginRequestServerDN/> 
    1524        <role remote="academic" local="postgrad"/> 
    1625        <role remote="student" local="SiteDStudent"/> 
  • TI12-security/trunk/python/ndg.security.test/ndg/security/test/AttAuthority/siteBMapConfig.xml

    r2350 r2931  
    44            <aaURI>http://localhost:5100/AttributeAuthority</aaURI> 
    55            <loginURI>thisHostLoginPageURI</loginURI> 
     6            <aaDN/> 
     7            <loginServerDN/> 
     8            <loginRequestServerDN/> 
    69        </thisHost> 
    710    <trusted name="Site A"> 
    811            <aaURI>http://localhost:5000/AttributeAuthority</aaURI> 
    912            <loginURI>loginPageURI</loginURI> 
     13            <aaDN/> 
     14            <loginServerDN/> 
     15            <loginRequestServerDN/> 
    1016                <role remote="postdoc" local="researcher"/> 
    1117    </trusted> 
Note: See TracChangeset for help on using the changeset viewer.