Changeset 3001


Ignore:
Timestamp:
07/11/07 14:44:00 (13 years ago)
Author:
pjkersha
Message:

python/ndg.security.server/ndg/security/server/AttAuthority/init.py: role mapping entries are not necessary for <trusted> blocks in map config file - altered readMapConfig accordingly.

python/ndg.security.test/ndg/security/test/AttAuthority/AttAuthorityClientTest.py: fix to test8GetMappedAttCertStressTest - set signingCertChain to None in AttAuthorityClient? when not using proxy certs.

python/ndg.security.test/ndg/security/test/AttAuthority/attAuthorityClientTest.cfg: try out GetMappedAttCertStressTest? with standard certs rather than proxy certs.

python/ndg.security.test/ndg/security/test/SessionMgr/README: fixed instructions for running tests.

python/ndg.security.common/ndg/security/common/CredWallet.py: fixed typo self.debug -> log.debug.

Location:
TI12-security/trunk/python
Files:
6 edited

Legend:

Unmodified
Added
Removed

  • TI12-security/trunk/python/README

    r1701 r3001  
    1 NDG Security Post-Alpha Development Version 
     1NDG Security Beta Development Version 
    22___________________________________________ 
    33 

  • TI12-security/trunk/python/ndg.security.common/ndg/security/common/CredWallet.py

    r2961 r3001  
    734734        """ 
    735735         
    736         self.debug(\ 
     736        log.debug(\ 
    737737        'CredWallet.getAATrustedHostInfo for role "%s" and service: "%s"' % \ 
    738738                   (userRole, aaURI or aaPropFilePath)) 

  • TI12-security/trunk/python/ndg.security.server/ndg/security/server/AttAuthority/__init__.py

    r2961 r3001  
    766766        # Information about trusted hosts 
    767767        for elem in trustedElem: 
    768  
    769             roleElem = elem.findall('role') 
    770             if not roleElem: 
    771                 raise AttAuthorityError("\"role\" tag not found in \"%s\"" % \ 
    772                                         self.__prop['mapConfigFile']) 
    773  
    774768            try: 
    775769                trustedHost = elem.attrib.values()[0] 
     
    792786            for k in self.__mapConfig['trustedHosts'][trustedHost]: 
    793787                self.__mapConfig['trustedHosts'][trustedHost][k] = \ 
    794                                                         elem.findtext(k) 
    795              
    796             # Role keyword value requires special parsing before assingment 
    797             self.__mapConfig['trustedHosts'][trustedHost]['role'] = \ 
     788                                                        elem.findtext(k)    
     789 
     790            roleElem = elem.findall('role') 
     791            if roleElem: 
     792                # Role keyword value requires special parsing before  
     793                # assignment 
     794                self.__mapConfig['trustedHosts'][trustedHost]['role'] = \ 
    798795                                        [dict(i.items()) for i in roleElem] 
    799                     
     796            else: 
     797                # It's possible for trust relationships to not contain any  
     798                # role mapping.  e.g. a site's login service trusting other 
     799                # sites login requests 
     800                self.__mapConfig['trustedHosts'][trustedHost]['role'] = [] 
     801                        
    800802            self.__localRole2RemoteRole[trustedHost] = {} 
    801803            self.__remoteRole2LocalRole[trustedHost] = {} 
    802804             
    803805            for role in self.__mapConfig['trustedHosts'][trustedHost]['role']: 
    804  
    805806                try: 
    806807                    localRole = role['local'] 

  • TI12-security/trunk/python/ndg.security.test/ndg/security/test/AttAuthority/AttAuthorityClientTest.py

    r2931 r3001  
    320320            signingCertChain = \ 
    321321                        self._getCertChainFromProxyCertFile(proxyCertFilePath)        
     322        else: 
     323            signingCertChain = None 
    322324 
    323325        setSignatureHandler = \ 
     
    335337caCertFilePathList=caCertFilePathList, 
    336338tracefile=sys.stderr) 
    337  
     339        import pdb;pdb.set_trace() 
    338340        acFilePathList = \ 
    339341self.cfg['test8GetMappedAttCertStressTest']['userattcertfilepathlist'].split() 

  • TI12-security/trunk/python/ndg.security.test/ndg/security/test/AttAuthority/attAuthorityClientTest.cfg

    r2900 r3001  
    113113# ValueType for BinarySecurityToken element of WSSE header.  Specify 
    114114# 'X509PKIPathv1' for use with proxy certificates 
    115 #reqbinsectokvaltype = X509v3 
     115reqbinsectokvaltype = X509v3 
    116116#reqbinsectokvaltype = X509 
    117 reqbinsectokvaltype = X509PKIPathv1 
     117#reqbinsectokvaltype = X509PKIPathv1 
    118118 
    119119# Test with proxy certificates or with standard certs.  Comment out as  
    120120# appropriate 
    121 proxycertfilepath = ./proxy-cert.pem 
    122 #clntcertfilepath = ./aa-cert.pem 
     121#proxycertfilepath = ./proxy-cert.pem 
     122clntcertfilepath = ./aa-cert.pem 
    123123 
    124124clntprikeypwd =  

  • TI12-security/trunk/python/ndg.security.test/ndg/security/test/SessionMgr/README

    r2137 r3001  
    1 Unit tests for Certificate Authority Web Service Client 
     1Unit tests for Session Manager Web Service Client 
    22_________________________________________________ 
    33 
    4 Before running the tests start the Certificate Authority web service: 
     4Before running the tests start the Session Manager web service: 
    55 
    66$ ./server.sh 
    77 
    8 Run the unit test script caClientTest.py from a separate terminal. 
     8... and the Attribute Authority test services in ../AttAuthority: 
     9 
     10$ ./siteAServer.sh 
     11 
     12and in a separate terminal: 
     13 
     14$ ./siteBServer.sh 
     15 
     16Run the unit test script SessionMgrClientTest.py from a separate terminal. 
Note: See TracChangeset for help on using the changeset viewer.