Changeset 3139 for TI12-security


Ignore:
Timestamp:
12/12/07 16:19:42 (12 years ago)
Author:
pjkersha
Message:

Working SessionMgr? unit tests with multiple CA support for WS-Security dsig verification and AC verification.

python/ndg.security.test/ndg/security/test/sessionMgr/init.py,
python/ndg.security.test/ndg/security/test/sessionMgr/openssl.conf,
python/ndg.security.test/ndg/security/test/sessionMgr/sessionMgrTest.cfg,
python/ndg.security.test/ndg/security/test/sessionMgr/sessionMgrProperties.xml: files added for SM unit test

python/ndg.security.test/ndg/security/test/sessionMgr/test.py: renamed refs to proxy certs -> user certs.

python/ndg.security.common/ndg/security/common/CredWallet.py: fix to AttAuthorityClient? instantiation for sslCACertFilePathList setting

Location:
TI12-security/trunk/python
Files:
4 added
2 edited

Legend:

Unmodified
Added
Removed
  • TI12-security/trunk/python/ndg.security.common/ndg/security/common/CredWallet.py

    r3133 r3139  
    514514         
    515515        aaClnt = AttAuthorityClient(uri=aaURI, 
    516                                 reqBinSecTokValType=reqBinSecTokValType,  
    517                                 signingCertChain=certChain, 
    518                                 signingCert=self.__userCert, 
    519                                 signingPriKey=self.__userPriKey, 
    520                                 caCertFilePathList=self.__caCertFilePathList, 
    521                                 sslCACertFilePathList=caCertFilePathList) 
     516                            reqBinSecTokValType=reqBinSecTokValType,  
     517                            signingCertChain=certChain, 
     518                            signingCert=self.__userCert, 
     519                            signingPriKey=self.__userPriKey, 
     520                            caCertFilePathList=self.__caCertFilePathList, 
     521                            sslCACertFilePathList=self.__caCertFilePathList) 
    522522        return aaClnt 
    523523 
  • TI12-security/trunk/python/ndg.security.test/ndg/security/test/sessionMgr/test.py

    r3133 r3139  
    6262                               prompt="\ntest1Connect pass-phrase for user: ") 
    6363 
    64         proxyCert, self.proxyPriKey, self.userCert, self.sessID = \ 
     64        userCert, self.userPriKey, self.issuingCert, self.sessID = \ 
    6565            self.sm.connect(username=self.cfg.get('test1Connect', 'username'),  
    6666                            passphrase=SessionMgrTestCase.test1Passphrase) 
    67         self.proxyCert = X509CertParse(proxyCert) 
     67        self.userCert = X509CertParse(userCert) 
    6868         
    6969        print "User '%s' connected to Session Manager:\n%s" % \ 
     
    8989        print "\n\t" + self.test3ConnectNoCreateServerSess.__doc__ 
    9090         
    91         if SessionMgrTestCase.test3Passphrase is None: 
     91        if SessionMgrTestCase.test3Passphrase is None and \ 
     92           self.cfg.has_option('test3ConnectNoCreateServerSess',  
     93                               'passphrase'): 
    9294            SessionMgrTestCase.test3Passphrase = \ 
    9395                self.cfg.get('test3ConnectNoCreateServerSess', 'passphrase') 
    94                  
     96         
    9597        if not SessionMgrTestCase.test3Passphrase: 
    9698            SessionMgrTestCase.test3Passphrase = getpass.getpass(\ 
     
    98100 
    99101        username = self.cfg.get('test3ConnectNoCreateServerSess', 'username') 
    100         self.proxyCert, self.proxyPriKey, self.userCert, sessID = \ 
     102        self.userCert, self.userPriKey, self.issuingCert, sessID = \ 
    101103            self.sm.connect(username=username,  
    102104                            passphrase=SessionMgrTestCase.test3Passphrase, 
     
    108110        print "User '%s' connected to Session Manager:\n%s" % \ 
    109111                (self.cfg.get('test3ConnectNoCreateServerSess', 'username'),  
    110                  self.proxyCert) 
    111              
    112  
    113     def test4DisconnectUsingSessID(self): 
    114         """test4DisconnectUsingSessID: disconnect as if acting as a browser client  
     112                 self.userCert) 
     113             
     114 
     115    def test4DisconnectWithSessID(self): 
     116        """test4DisconnectWithSessID: disconnect as if acting as a browser client  
    115117        """ 
    116118         
    117         print "\n\t" + self.test4DisconnectUsingSessID.__doc__ 
     119        print "\n\t" + self.test4DisconnectWithSessID.__doc__ 
    118120        self.test1Connect()         
    119121        self.sm.deleteUserSession(sessID=self.sessID) 
     
    122124             
    123125 
    124     def test5DisconnectUsingProxyCert(self): 
    125         """test5DisconnectUsingProxyCert: Disconnect as a command line client  
     126    def test5DisconnectWithUserCert(self): 
     127        """test5DisconnectWithUserCert: Disconnect as a command line client  
    126128        """ 
    127129         
    128         print "\n\t" + self.test5DisconnectUsingProxyCert.__doc__ 
     130        print "\n\t" + self.test5DisconnectWithUserCert.__doc__ 
    129131        self.test1Connect() 
    130132         
    131133        # Proxy cert in signature determines ID of session to 
    132134        # delete 
    133         self.sm.deleteUserSession(proxyCert=self.proxyCert) 
    134         print "User disconnected from Session Manager:\n%s" % self.proxyCert 
    135  
    136  
    137     def test6GetAttCertUsingSessID(self): 
    138         """test6GetAttCertUsingSessID: make an attribute request using 
     135        self.sm.deleteUserSession(userCert=self.userCert) 
     136        print "User disconnected from Session Manager:\n%s" % self.userCert 
     137 
     138 
     139    def test6GetAttCertWithSessID(self): 
     140        """test6GetAttCertWithSessID: make an attribute request using 
    139141        a session ID as authentication credential""" 
    140142 
    141         print "\n\t" + self.test6GetAttCertUsingSessID.__doc__         
     143        print "\n\t" + self.test6GetAttCertWithSessID.__doc__         
    142144        self.test1Connect() 
    143145         
    144146        attCert, errMsg, extAttCertList = self.sm.getAttCert(\ 
    145147            sessID=self.sessID,  
    146             aaURI=self.cfg.get('test6GetAttCertUsingSessID', 'aauri')) 
     148            aaURI=self.cfg.get('test6GetAttCertWithSessID', 'aauri')) 
    147149        if errMsg: 
    148150            self.fail(errMsg) 
     
    150152        print "Attribute Certificate:\n%s" % attCert  
    151153        attCert.filePath = \ 
    152             self.cfg.get('test6GetAttCertUsingSessID', 'acoutfilepath')  
     154            self.cfg.get('test6GetAttCertWithSessID', 'acoutfilepath')  
    153155        attCert.write() 
    154156         
     
    156158 
    157159 
    158     def test6aGetAttCertRefusedUsingSessID(self): 
    159         """test6aGetAttCertRefusedUsingSessID: make an attribute request using 
     160    def test6aGetAttCertRefusedWithSessID(self): 
     161        """test6aGetAttCertRefusedWithSessID: make an attribute request using 
    160162        a sessID as authentication credential requesting an AC from an 
    161163        Attribute Authority where the user is NOT registered""" 
    162164 
    163         print "\n\t" + self.test6aGetAttCertRefusedUsingSessID.__doc__         
    164         self.test1Connect() 
    165          
    166         aaURI = self.cfg.get('test6aGetAttCertRefusedUsingSessID', 'aauri') 
     165        print "\n\t" + self.test6aGetAttCertRefusedWithSessID.__doc__         
     166        self.test1Connect() 
     167         
     168        aaURI = self.cfg.get('test6aGetAttCertRefusedWithSessID', 'aauri') 
    167169         
    168170        attCert, errMsg, extAttCertList = self.sm.getAttCert(sessID=self.sessID,  
     
    176178 
    177179 
    178     def test6bGetMappedAttCertUsingSessID(self): 
    179         """test6bGetMappedAttCertUsingSessID: make an attribute request using 
     180    def test6bGetMappedAttCertWithSessID(self): 
     181        """test6bGetMappedAttCertWithSessID: make an attribute request using 
    180182        a session ID as authentication credential""" 
    181183 
    182         print "\n\t" + self.test6bGetMappedAttCertUsingSessID.__doc__         
     184        print "\n\t" + self.test6bGetMappedAttCertWithSessID.__doc__         
    183185        self.test1Connect() 
    184186         
    185187        # Attribute Certificate cached in test 6 can be used to get a mapped 
    186188        # AC for this test ... 
    187         self.sm = self.test6GetAttCertUsingSessID() 
    188  
    189         aaURI = self.cfg.get('test6bGetMappedAttCertUsingSessID', 'aauri') 
     189        self.sm = self.test6GetAttCertWithSessID() 
     190 
     191        aaURI = self.cfg.get('test6bGetMappedAttCertWithSessID', 'aauri') 
    190192         
    191193        attCert, errMsg, extAttCertList=self.sm.getAttCert(sessID=self.sessID, 
     
    198200 
    199201 
    200     def test6cGetAttCertWithExtAttCertListUsingSessID(self): 
    201         """test6cGetAttCertUsingSessID: make an attribute request using 
     202    def test6cGetAttCertWithExtAttCertListWithSessID(self): 
     203        """test6cGetAttCertWithSessID: make an attribute request using 
    202204        a session ID as authentication credential""" 
    203205         
    204206        print "\n\t" + \ 
    205             self.test6cGetAttCertWithExtAttCertListUsingSessID.__doc__         
     207            self.test6cGetAttCertWithExtAttCertListWithSessID.__doc__         
    206208        self.test1Connect() 
    207209         
    208210        aaURI = \ 
    209             self.cfg.get('test6cGetAttCertWithExtAttCertListUsingSessID', 'aauri') 
    210          
    211         # Use output from test6GetAttCertUsingSessID! 
     211            self.cfg.get('test6cGetAttCertWithExtAttCertListWithSessID', 'aauri') 
     212         
     213        # Use output from test6GetAttCertWithSessID! 
    212214        extACFilePath = \ 
    213     self.cfg.get('test6cGetAttCertWithExtAttCertListUsingSessID', 'extacfilepath')    
     215    self.cfg.get('test6cGetAttCertWithExtAttCertListWithSessID', 'extacfilepath')    
    214216        extAttCert = open(extACFilePath).read() 
    215217         
     
    223225 
    224226 
    225     def test7GetAttCertUsingProxyCert(self): 
    226         """test7GetAttCertUsingProxyCert: make an attribute request using 
    227         a proxy cert as authentication credential""" 
    228         print "\n\t" + self.test7GetAttCertUsingProxyCert.__doc__ 
     227    def test7GetAttCertWithUserCert(self): 
     228        """test7GetAttCertWithUserCert: make an attribute request using 
     229        a user cert as authentication credential""" 
     230        print "\n\t" + self.test7GetAttCertWithUserCert.__doc__ 
    229231        self.test1Connect() 
    230232 
    231233        # Request an attribute certificate from an Attribute Authority  
    232         # using the proxyCert returned from connect() 
    233          
    234         aaURI = self.cfg.get('test7GetAttCertUsingProxyCert', 'aauri') 
     234        # using the userCert returned from connect() 
     235         
     236        aaURI = self.cfg.get('test7GetAttCertWithUserCert', 'aauri') 
    235237        attCert, errMsg, extAttCertList = self.sm.getAttCert(\ 
    236                                      userCert=self.proxyCert, aaURI=aaURI) 
     238                                     userCert=self.userCert, aaURI=aaURI) 
    237239        if errMsg: 
    238240            self.fail(errMsg) 
     
    250252                    "test2GetSessionStatus", 
    251253                    "test3ConnectNoCreateServerSess", 
    252                     "test4DisconnectUsingSessID", 
    253                     "test5DisconnectUsingProxyCert", 
    254                     "test6GetAttCertUsingSessID", 
    255                     "test6bGetMappedAttCertUsingSessID", 
    256                     "test6cGetAttCertWithExtAttCertListUsingSessID", 
    257                     "test7GetAttCertUsingProxyCert", 
     254                    "test4DisconnectWithSessID", 
     255                    "test5DisconnectWithUserCert", 
     256                    "test6GetAttCertWithSessID", 
     257                    "test6bGetMappedAttCertWithSessID", 
     258                    "test6cGetAttCertWithExtAttCertListWithSessID", 
     259                    "test7GetAttCertWithUserCert", 
    258260                  )) 
    259261        unittest.TestSuite.__init__(self, map) 
Note: See TracChangeset for help on using the changeset viewer.