Changeset 3052
- Timestamp:
- 27/11/07 09:55:19 (13 years ago)
- Location:
- TI12-security/trunk
- Files:
-
- 2 added
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
TI12-security/trunk/python/ndg.security.server/ndg/security/server/conf/sessionMgrProperties.xml
r2942 r3052 1 1 <?xml version="1.0" encoding="utf-8"?> 2 2 <sessMgrProp> 3 <portNum></portNum> <!-- the port number the service is to run on --> 4 <useSSL>Yes</useSSL> <!-- leave blank to use http --> 3 <!-- the port number the service is to run on --> 4 <portNum></portNum> 5 <!-- 6 Flag for SSL - set to something to stipulate http, leave blank to use 7 http 8 --> 9 <useSSL>Yes</useSSL> 10 <!-- X.509 certificate for SSL connections --> 5 11 <sslCertFile>$NDGSEC_DIR/conf/certs/hostcert.pem</sslCertFile> 12 <!-- Private key file for SSL --> 6 13 <sslKeyFile>$NDGSEC_DIR/conf/certs/hostkey.pem</sslKeyFile> 7 14 <!-- 8 PKI settings for signature of outbound SOAP messages15 PKI settings for WS-Security signature of outbound SOAP messages 9 16 --> 10 17 <useSignatureHandler>Yes</useSignatureHandler> <!-- leave blank for no signature --> 18 <!-- X.509 certificate included in SOAP header --> 11 19 <certFile>$NDGSEC_DIR/conf/certs/sm-cert.pem</certFile> 20 <!-- corresponding private key used to sign the SOAP message --> 12 21 <keyFile>$NDGSEC_DIR/conf/certs/sm-key.pem</keyFile> 22 <!-- Password protecting private key file - leave blank if none set --> 13 23 <keyPwd></keyPwd> 24 <!-- 25 X.509 certificates included in inbound messages must validate 26 against this CA Certificate 27 --> 14 28 <caCertFile>$NDGSEC_DIR/conf/certs/cacert.pem</caCertFile> 15 29 <!-- … … 20 34 <clntCertFile></clntCertFile> 21 35 <!-- 22 Following two settings may be left blank 36 Following two settings may be left blank. These fields are likely to be 37 removed from a future version 23 38 --> 24 39 <sessMgrEncrKey></sessMgrEncrKey> … … 26 41 <!-- 27 42 Domain defaults to the server host - any more generic setting could be a 28 a security risk 43 a security risk. Leave blank to default to the fully qualified domain 44 name of the server. 29 45 --> 30 46 <cookieDomain></cookieDomain> 47 <!-- MyProxy Client properties --> 31 48 <myProxyProp> 32 49 <!-- … … 71 88 --> 72 89 <proxyCertLifetime>8</proxyCertLifetime> <!-- in hours --> 90 <!-- 91 CA certificate applied to verify peer certificate against in 92 SSL connection to MyProxy server 93 --> 73 94 <caCertFile>$NDGSEC_DIR/conf/certs/cacert.pem</caCertFile> 74 95 </myProxyProp> 96 <!-- 97 Properties for a Session Manager client to a Simple CA. 98 Not currently used and likely to be removed from a future release 99 --> 75 100 <simpleCACltProp> 76 101 <uri></uri> … … 89 114 </simpleCASrvProp> 90 115 --> 116 <!-- 117 Settings for Credential Repository plugin 118 --> 91 119 <credReposProp> 120 <!-- 121 File path to plugin module - may be left blank if 122 module is included in the current PYTHONPATH 123 --> 92 124 <modFilePath></modFilePath> 125 <!-- 126 Module name - the default is an empty stub 127 --> 93 128 <modName>ndg.security.common.CredWallet</modName> 129 <!-- Name of class in module to instantiate --> 94 130 <className>NullCredRepos</className> 131 <!-- 132 Optional Properties file argument to Credential 133 Repository class. This is include to enable custom 134 settings to be defined from an external configuration file 135 --> 95 136 <propFile></propFile> 96 137 </credReposProp>
Note: See TracChangeset
for help on using the changeset viewer.