Changeset 3052


Ignore:
Timestamp:
27/11/07 09:55:19 (13 years ago)
Author:
pjkersha
Message:

python/ndg.security.server/ndg/security/server/conf/sessionMgrProperties.xml: include better documentation of elements

architecture/uml/ndg2-dews-security-beta.eap,
architecture/uml/ClassDiagrams/X509.gif: re-arrange classes diagrams for better display on A4

Location:
TI12-security/trunk
Files:
2 added
2 edited

Legend:

Unmodified
Added
Removed

  • TI12-security/trunk/python/ndg.security.server/ndg/security/server/conf/sessionMgrProperties.xml

    r2942 r3052  
    11<?xml version="1.0" encoding="utf-8"?> 
    22<sessMgrProp> 
    3     <portNum></portNum> <!-- the port number the service is to run on --> 
    4     <useSSL>Yes</useSSL> <!-- leave blank to use http --> 
     3    <!-- the port number the service is to run on --> 
     4    <portNum></portNum>  
     5    <!--  
     6    Flag for SSL - set to something to stipulate http, leave blank to use 
     7    http  
     8    --> 
     9    <useSSL>Yes</useSSL> 
     10    <!-- X.509 certificate for SSL connections -->  
    511    <sslCertFile>$NDGSEC_DIR/conf/certs/hostcert.pem</sslCertFile> 
     12    <!-- Private key file for SSL --> 
    613    <sslKeyFile>$NDGSEC_DIR/conf/certs/hostkey.pem</sslKeyFile> 
    714    <!-- 
    8     PKI settings for signature of outbound SOAP messages 
     15    PKI settings for WS-Security signature of outbound SOAP messages 
    916    --> 
    1017    <useSignatureHandler>Yes</useSignatureHandler> <!-- leave blank for no signature --> 
     18    <!-- X.509 certificate included in SOAP header --> 
    1119    <certFile>$NDGSEC_DIR/conf/certs/sm-cert.pem</certFile> 
     20    <!-- corresponding private key used to sign the SOAP message --> 
    1221    <keyFile>$NDGSEC_DIR/conf/certs/sm-key.pem</keyFile> 
     22    <!-- Password protecting private key file - leave blank if none set --> 
    1323    <keyPwd></keyPwd> 
     24    <!--  
     25    X.509 certificates included in inbound messages must validate 
     26    against this CA Certificate  
     27    --> 
    1428    <caCertFile>$NDGSEC_DIR/conf/certs/cacert.pem</caCertFile> 
    1529    <!--  
     
    2034    <clntCertFile></clntCertFile>  
    2135    <!-- 
    22     Following two settings may be left blank 
     36    Following two settings may be left blank.  These fields are likely to be 
     37    removed from a future version 
    2338    -->    
    2439    <sessMgrEncrKey></sessMgrEncrKey> 
     
    2641    <!--  
    2742    Domain defaults to the server host - any more generic setting could be a  
    28     a security risk 
     43    a security risk.  Leave blank to default to the fully qualified domain 
     44    name of the server. 
    2945    --> 
    3046    <cookieDomain></cookieDomain> 
     47    <!-- MyProxy Client properties --> 
    3148        <myProxyProp> 
    3249                <!--  
     
    7188                --> 
    7289                <proxyCertLifetime>8</proxyCertLifetime> <!-- in hours --> 
     90                <!--  
     91                CA certificate applied to verify peer certificate against in 
     92                SSL connection to MyProxy server 
     93                --> 
    7394                <caCertFile>$NDGSEC_DIR/conf/certs/cacert.pem</caCertFile> 
    7495        </myProxyProp> 
     96        <!--  
     97        Properties for a Session Manager client to a Simple CA. 
     98        Not currently used and likely to be removed from a future release 
     99        --> 
    75100        <simpleCACltProp> 
    76101            <uri></uri> 
     
    89114        </simpleCASrvProp> 
    90115        --> 
     116        <!-- 
     117        Settings for Credential Repository plugin 
     118        --> 
    91119    <credReposProp> 
     120        <!--  
     121        File path to plugin module - may be left blank if 
     122        module is included in the current PYTHONPATH 
     123        --> 
    92124            <modFilePath></modFilePath> 
     125            <!-- 
     126            Module name - the default is an empty stub 
     127            --> 
    93128            <modName>ndg.security.common.CredWallet</modName> 
     129            <!-- Name of class in module to instantiate --> 
    94130            <className>NullCredRepos</className> 
     131            <!--  
     132            Optional Properties file argument to Credential 
     133            Repository class.  This is include to enable custom 
     134            settings to be defined from an external configuration file 
     135            --> 
    95136            <propFile></propFile> 
    96137    </credReposProp> 
Note: See TracChangeset for help on using the changeset viewer.