Changeset 3792 for TI12-security


Ignore:
Timestamp:
17/04/08 14:10:29 (12 years ago)
Author:
pjkersha
Message:

attAuthorityProperties.xml and sessionMgrProperties.xml - fixes following update to NOCS deployment.

Location:
TI12-security/trunk/python/ndg.security.server/ndg/security/server/conf
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • TI12-security/trunk/python/ndg.security.server/ndg/security/server/conf/attAuthorityProperties.xml

    r3652 r3792  
    3838    --> 
    3939    <caCertFileList> 
    40         <caCertFile>$NDGSEC_DIR/conf/certs/cacert.pem</caCertFile> 
     40        <caCertFile>$NDGSEC_DIR/conf/certs/ca/cacert.pem</caCertFile> 
    4141    </caCertFileList> 
    4242    <!--  
  • TI12-security/trunk/python/ndg.security.server/ndg/security/server/conf/sessionMgrProperties.xml

    r3652 r3792  
    3535    --> 
    3636    <caCertFileList> 
    37         <caCertFile>$NDGSEC_DIR/conf/certs/cacert.pem</caCertFile> 
     37        <caCertFile>$NDGSEC_DIR/conf/certs/ca/cacert.pem</caCertFile> 
    3838    </caCertFileList> 
    3939    <!--  
     
    5656    <cookieDomain></cookieDomain> 
    5757    <!-- MyProxy Client properties --> 
    58         <myProxyProp> 
    59                 <!--  
    60                 Delete this element and take setting from MYPROXY_SERVER environment  
    61                 variable if required 
    62                 --> 
    63                 <hostname>localhost</hostname> 
    64                 <!--  
    65                 Delete this element to take default setting 7512 or read  
    66                 MYPROXY_SERVER_PORT setting 
    67                 --> 
    68                 <port>7512</port> 
    69                 <!-- 
    70                 Useful if hostname and certificate CN don't match correctly.  Globus  
    71                 host DN is set to "host/<fqdn>".  Delete this element and set from  
    72                 MYPROXY_SERVER_DN environment variable if prefered 
    73                 <serverDN></serverDN> 
    74                 --> 
    75                 <!-- 
    76                 Set "host/" prefix to host cert CN as is default with globus 
    77                 --> 
    78                 <serverCNprefix>host/</serverCNprefix>   
    79                 <!-- 
    80                 This directory path is used to locate the OpenSSL configuration file 
    81                  
    82                 The settings are used to set up the defaults for the Distinguished Name of 
    83                 the new proxy cert. issued  
    84                  
    85                 GLOBUS_LOCATION or GRID_SECURITY_DIR environment variables may be used 
    86                 but the settings can be independent of any Globus installation 
    87                 --> 
    88                 <openSSLConfFilePath>$NDGSEC_DIR/conf/openssl.conf</openSSLConfFilePath> 
    89                 <tmpDir>/tmp</tmpDir> 
    90                 <!--  
    91                         Limit on maximum lifetime any proxy certificate can have -  
    92                         specified when a certificate is first created by store() method 
    93                 --> 
    94                 <proxyCertMaxLifetime>43200</proxyCertMaxLifetime> <!-- in seconds --> 
    95                 <!--  
    96                         Life time of a proxy certificate when issued from the Proxy Server  
    97                         with ndg.security.server.MyProxy.getDelegation() method 
    98                 --> 
    99                 <proxyCertLifetime>43200</proxyCertLifetime> <!-- in seconds --> 
    100                 <!--  
    101                 CA certificate applied to verify peer certificate against in 
    102                 SSL connection to MyProxy server 
    103                 --> 
    104                 <caCertFile>$NDGSEC_DIR/conf/certs/cacert.pem</caCertFile> 
    105         </myProxyProp> 
    106         <!--  
    107         Properties for a Session Manager client to a Simple CA. 
    108         Not currently used and likely to be removed from a future release 
    109         --> 
    110         <simpleCACltProp> 
    111             <uri></uri> 
     58    <myProxyProp> 
     59        <!--  
     60        Delete this element and take setting from MYPROXY_SERVER environment  
     61        variable if required 
     62        --> 
     63        <hostname>localhost</hostname> 
     64        <!--  
     65        Delete this element to take default setting 7512 or read  
     66        MYPROXY_SERVER_PORT setting 
     67        --> 
     68        <port>7512</port> 
     69        <!-- 
     70        Useful if hostname and certificate CN don't match correctly.  Globus  
     71        host DN is set to "host/<fqdn>".  Delete this element and set from  
     72        MYPROXY_SERVER_DN environment variable if prefered 
     73        <serverDN></serverDN> 
     74        --> 
     75        <!-- 
     76        Set "host/" prefix to host cert CN as is default with globus 
     77        --> 
     78        <serverCNprefix>host/</serverCNprefix>     
     79        <!-- 
     80        This directory path is used to locate the OpenSSL configuration file 
     81         
     82        The settings are used to set up the defaults for the Distinguished Name of 
     83        the new proxy cert. issued  
     84         
     85        GLOBUS_LOCATION or GRID_SECURITY_DIR environment variables may be used 
     86        but the settings can be independent of any Globus installation 
     87        --> 
     88        <openSSLConfFilePath>$NDGSEC_DIR/conf/openssl.conf</openSSLConfFilePath> 
     89        <tmpDir>/tmp</tmpDir> 
     90        <!--  
     91            Limit on maximum lifetime any proxy certificate can have -  
     92            specified when a certificate is first created by store() method 
     93        --> 
     94        <proxyCertMaxLifetime>43200</proxyCertMaxLifetime> <!-- in seconds --> 
     95        <!--  
     96            Life time of a proxy certificate when issued from the Proxy Server  
     97            with ndg.security.server.MyProxy.getDelegation() method 
     98        --> 
     99        <proxyCertLifetime>43200</proxyCertLifetime> <!-- in seconds --> 
     100        <!--  
     101        CA certificate applied to verify peer certificate against in 
     102        SSL connection to MyProxy server 
     103        --> 
     104        <caCertFile>$NDGSEC_DIR/conf/certs/cacert.pem</caCertFile> 
     105    </myProxyProp> 
     106    <!--  
     107    Properties for a Session Manager client to a Simple CA. 
     108    Not currently used and likely to be removed from a future release 
     109    --> 
     110    <simpleCACltProp> 
     111        <uri></uri> 
    112112        <xmlSigKeyFile></xmlSigKeyFile> 
    113113        <xmlSigCertFile></xmlSigCertFile> 
    114114        <xmlSigCertPwd></xmlSigCertPwd> 
    115115    </simpleCACltProp> 
    116         <!-- 
    117         <simpleCASrvProp> 
    118             <certExpiryDate></certExpiryDate> 
    119             <certLifetimeDays></certLifetimeDays> 
    120             <certTmpDir></certTmpDir> 
    121             <caCertFile></caCertFile> 
    122             <signExe></signExe> 
    123             <path></path> 
    124         </simpleCASrvProp> 
    125         --> 
    126         <!-- 
    127         Settings for Credential Repository plugin 
    128         --> 
     116    <!-- 
     117    <simpleCASrvProp> 
     118        <certExpiryDate></certExpiryDate> 
     119        <certLifetimeDays></certLifetimeDays> 
     120        <certTmpDir></certTmpDir> 
     121        <caCertFile></caCertFile> 
     122        <signExe></signExe> 
     123        <path></path> 
     124    </simpleCASrvProp> 
     125    --> 
     126    <!-- 
     127    Settings for Credential Repository plugin 
     128    --> 
    129129    <credReposProp> 
    130130        <!--  
     
    132132        module is included in the current PYTHONPATH 
    133133        --> 
    134             <modFilePath></modFilePath> 
    135             <!-- 
    136             Module name - the default is an empty stub 
    137             --> 
    138             <modName>ndg.security.common.CredWallet</modName> 
    139             <!-- Name of class in module to instantiate --> 
    140             <className>NullCredRepos</className> 
    141             <!--  
    142             Optional Properties file argument to Credential 
    143             Repository class.  This is include to enable custom 
    144             settings to be defined from an external configuration file 
    145             --> 
    146             <propFile></propFile> 
     134        <modFilePath></modFilePath> 
     135        <!-- 
     136        Module name - the default is an empty stub 
     137        --> 
     138        <modName>ndg.security.common.CredWallet</modName> 
     139        <!-- Name of class in module to instantiate --> 
     140        <className>NullCredRepos</className> 
     141        <!--  
     142        Optional Properties file argument to Credential 
     143        Repository class.  This is include to enable custom 
     144        settings to be defined from an external configuration file 
     145        --> 
     146        <propFile></propFile> 
    147147    </credReposProp> 
    148148</sessMgrProp> 
Note: See TracChangeset for help on using the changeset viewer.