Changeset 3699 for TI12-security

Timestamp:

28/03/08 16:13:05 (12 years ago)

Author:

pjkersha

Message:

Separated LoginService? into server and client components sso and ssoClient respectively. Packaging needs re-organising.

• Made important fix to redirect_to - this doesn't work when called from a BaseController?.call in Pylons 0.9.6 - moved to before method instead.

Location:

TI12-security/trunk/python

Files:

• ndg.security.common/ndg/security/common/pylons (added)
• ndg.security.common/ndg/security/common/pylons/security_util.py (moved) (moved from TI12-security/trunk/python/ndg.security.server/ndg/security/server/sso/sso/lib/security_util.py)
• ndg.security.common/ndg/security/common/ssoClient (added)
• ndg.security.common/ndg/security/common/ssoClient/MANIFEST.in (added)
• ndg.security.common/ndg/security/common/ssoClient/README.txt (added)
• ndg.security.common/ndg/security/common/ssoClient/development.ini (added)
• ndg.security.common/ndg/security/common/ssoClient/docs (added)
• ndg.security.common/ndg/security/common/ssoClient/docs/index.txt (added)
• ndg.security.common/ndg/security/common/ssoClient/setup.cfg (added)
• ndg.security.common/ndg/security/common/ssoClient/setup.py (added)
• ndg.security.common/ndg/security/common/ssoClient/ssoClient.cfg (added)
• ndg.security.common/ndg/security/common/ssoClient/ssoClient.egg-info (added)
• ndg.security.common/ndg/security/common/ssoClient/ssoClient.egg-info/PKG-INFO (added)
• ndg.security.common/ndg/security/common/ssoClient/ssoClient.egg-info/SOURCES.txt (added)
• ndg.security.common/ndg/security/common/ssoClient/ssoClient.egg-info/dependency_links.txt (added)
• ndg.security.common/ndg/security/common/ssoClient/ssoClient.egg-info/entry_points.txt (added)
• ndg.security.common/ndg/security/common/ssoClient/ssoClient.egg-info/paste_deploy_config.ini_tmpl (added)
• ndg.security.common/ndg/security/common/ssoClient/ssoClient.egg-info/paster_plugins.txt (added)
• ndg.security.common/ndg/security/common/ssoClient/ssoClient.egg-info/requires.txt (added)
• ndg.security.common/ndg/security/common/ssoClient/ssoClient.egg-info/top_level.txt (added)
• ndg.security.common/ndg/security/common/ssoClient/ssoclient (added)
• ndg.security.common/ndg/security/common/ssoClient/ssoclient/__init__.py (added)
• ndg.security.common/ndg/security/common/ssoClient/ssoclient/config (added)
• ndg.security.common/ndg/security/common/ssoClient/ssoclient/config/__init__.py (added)
• ndg.security.common/ndg/security/common/ssoClient/ssoclient/config/environment.py (added)
• ndg.security.common/ndg/security/common/ssoClient/ssoclient/config/middleware.py (added)
• ndg.security.common/ndg/security/common/ssoClient/ssoclient/config/routing.py (added)
• ndg.security.common/ndg/security/common/ssoClient/ssoclient/config/ssoClientMiddleware.py (added)
• ndg.security.common/ndg/security/common/ssoClient/ssoclient/controllers (added)
• ndg.security.common/ndg/security/common/ssoClient/ssoclient/controllers/__init__.py (added)
• ndg.security.common/ndg/security/common/ssoClient/ssoclient/controllers/error.py (added)
• ndg.security.common/ndg/security/common/ssoClient/ssoclient/controllers/template.py (added)
• ndg.security.common/ndg/security/common/ssoClient/ssoclient/controllers/test1.py (added)
• ndg.security.common/ndg/security/common/ssoClient/ssoclient/lib (added)
• ndg.security.common/ndg/security/common/ssoClient/ssoclient/lib/__init__.py (added)
• ndg.security.common/ndg/security/common/ssoClient/ssoclient/lib/app_globals.py (added)
• ndg.security.common/ndg/security/common/ssoClient/ssoclient/lib/base.py (added)
• ndg.security.common/ndg/security/common/ssoClient/ssoclient/lib/helpers.py (added)
• ndg.security.common/ndg/security/common/ssoClient/ssoclient/model (added)
• ndg.security.common/ndg/security/common/ssoClient/ssoclient/model/__init__.py (added)
• ndg.security.common/ndg/security/common/ssoClient/ssoclient/public (added)
• ndg.security.common/ndg/security/common/ssoClient/ssoclient/public/index.html (added)
• ndg.security.common/ndg/security/common/ssoClient/ssoclient/templates (added)
• ndg.security.common/ndg/security/common/ssoClient/ssoclient/templates/__init__.py (added)
• ndg.security.common/ndg/security/common/ssoClient/ssoclient/tests (added)
• ndg.security.common/ndg/security/common/ssoClient/ssoclient/tests/__init__.py (added)
• ndg.security.common/ndg/security/common/ssoClient/ssoclient/tests/functional (added)
• ndg.security.common/ndg/security/common/ssoClient/ssoclient/tests/functional/__init__.py (added)
• ndg.security.common/ndg/security/common/ssoClient/ssoclient/tests/test_models.py (added)
• ndg.security.common/ndg/security/common/ssoClient/ssoclient/websetup.py (added)
• ndg.security.common/ndg/security/common/ssoClient/test.ini (added)
• ndg.security.common/ndg/security/common/wsSecurity.py (modified) (1 diff)
• ndg.security.server/ndg/security/server/sso/sso.cfg (modified) (1 diff)
• ndg.security.server/ndg/security/server/sso/sso/config/ssoMiddleware.py (modified) (1 diff)
• ndg.security.server/ndg/security/server/sso/sso/controllers/login.py (modified) (1 diff)
• ndg.security.server/ndg/security/server/sso/sso/controllers/logout.py (modified) (1 diff)
• ndg.security.server/ndg/security/server/sso/sso/lib/base.py (modified) (2 diffs)

TI12-security/trunk/python/ndg.security.common/ndg/security/common/wsSecurity.py

@@ -73 +73 @@
 
 class OASIS(_OASIS):
-    WSSE11 = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.1.xsd"
+    # wss4j 1.5.3
+    WSSE11 = "http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd"
+    # wss4j 1.5.1
+    #WSSE11 = "http://docs.oasis-open.org/wss/2005/xx/oasis-2005xx-wss-wssecurity-secext-1.1.xsd"
        
 def getElements(node, nameList):

TI12-security/trunk/python/ndg.security.server/ndg/security/server/sso/sso.cfg

@@ -8 +8 @@
 [NDG_SECURITY]
 # Server address for secure connections
-sslServer: https://localhost
-server:    http://localhost:4000
-#sslServer: https://gabriel.badc.rl.ac.uk
-#server:    http://gabriel.badc.rl.ac.uk:4000
+#sslServer: https://localhost
+#server:    http://localhost:4000
+sslServer: https://localhost/sso
+server:    http://localhost/sso
 
 # Redirect SOAP output to a file e.g. open(<somefile>, 'w')

TI12-security/trunk/python/ndg.security.server/ndg/security/server/sso/sso/config/ssoMiddleware.py

@@ -4 +4 @@
 P J Kershaw 18/03/08
 '''
-from sso.lib.security_util import SecurityConfig
+from ndg.security.common.pylons.security_util import SecurityConfig
 
 class SSOMiddleware:

TI12-security/trunk/python/ndg.security.server/ndg/security/server/sso/sso/controllers/login.py

@@ -2 +2 @@
 
 from sso.lib.base import *
-from sso.lib.security_util import setSecuritySession, SecuritySession, \
+from ndg.security.common.pylons.security_util import setSecuritySession, SecuritySession, \
     LoginServiceQuery
 from ndg.security.common.AttAuthority import AttAuthorityClient

TI12-security/trunk/python/ndg.security.server/ndg/security/server/sso/sso/controllers/logout.py

@@ -1 +1 @@
 from sso.lib.base import *
-from sso.lib.security_util import SecuritySession
+from ndg.security.common.pylons.security_util import SecuritySession
 import logging
 log = logging.getLogger(__name__)

TI12-security/trunk/python/ndg.security.server/ndg/security/server/sso/sso/lib/base.py

@@ -18 +18 @@
 from base64 import urlsafe_b64encode
 
-from sso.lib.security_util import setSecuritySession, LoginServiceQuery
+from ndg.security.common.pylons.security_util import setSecuritySession, \
+    LoginServiceQuery
 
 import logging
@@ -50 +51 @@
 
         log.debug("BaseController.__call__: c.requestURL = %s" % c.requestURL)
-        
-        if 'h' in request.params:
-            # 'h' corresponds to the setting of a session manager host i.e.
-            # the request has come from a completed login from the login 
-            # service
-            log.debug("Setting security session from URL query args ...")
-            
-            # Copy the query arguments into security session keys
-            setSecuritySession()
-            
-            session.save()
-            
-            # Re-construct the URL removing the security related arguments
-            qs = LoginServiceQuery.stripFromURI()
-
-            log.debug('Switching from https to http...')
-            cc = g.securityCfg.server+urllib.quote(environ.get('PATH_INFO',''))
-            if qs:
-                cc += "?" + qs
-                
-            log.debug('URL transport switched to http: "%s"' % cc)
-            redirect_to(cc)