Changeset 3792 for TI12-security

Timestamp:

17/04/08 14:10:29 (12 years ago)

Author:

pjkersha

Message:

attAuthorityProperties.xml and sessionMgrProperties.xml - fixes following update to NOCS deployment.

Location:

TI12-security/trunk/python/ndg.security.server/ndg/security/server/conf

Files:

• attAuthorityProperties.xml (modified) (1 diff)
• sessionMgrProperties.xml (modified) (3 diffs)

TI12-security/trunk/python/ndg.security.server/ndg/security/server/conf/attAuthorityProperties.xml

@@ -38 +38 @@
     -->
     <caCertFileList>
-        <caCertFile>$NDGSEC_DIR/conf/certs/cacert.pem</caCertFile>
+        <caCertFile>$NDGSEC_DIR/conf/certs/ca/cacert.pem</caCertFile>
     </caCertFileList>
     <!-- 

TI12-security/trunk/python/ndg.security.server/ndg/security/server/conf/sessionMgrProperties.xml

@@ -35 +35 @@
     -->
     <caCertFileList>
-        <caCertFile>$NDGSEC_DIR/conf/certs/cacert.pem</caCertFile>
+        <caCertFile>$NDGSEC_DIR/conf/certs/ca/cacert.pem</caCertFile>
     </caCertFileList>
     <!-- 
@@ -56 +56 @@
     <cookieDomain></cookieDomain>
     <!-- MyProxy Client properties -->
-        <myProxyProp>
-                <!-- 
-                Delete this element and take setting from MYPROXY_SERVER environment 
-                variable if required
-                -->
-                <hostname>localhost</hostname>
-                <!-- 
-                Delete this element to take default setting 7512 or read 
-                MYPROXY_SERVER_PORT setting
-                -->
-                <port>7512</port>
-                <!--
-                Useful if hostname and certificate CN don't match correctly.  Globus 
-                host DN is set to "host/<fqdn>".  Delete this element and set from 
-                MYPROXY_SERVER_DN environment variable if prefered
-                <serverDN></serverDN>
-                -->
-                <!--
-                Set "host/" prefix to host cert CN as is default with globus
-                -->
-                <serverCNprefix>host/</serverCNprefix>  
-                <!--
-                This directory path is used to locate the OpenSSL configuration file
-                
-                The settings are used to set up the defaults for the Distinguished Name of
-                the new proxy cert. issued 
-                
-                GLOBUS_LOCATION or GRID_SECURITY_DIR environment variables may be used
-                but the settings can be independent of any Globus installation
-                -->
-                <openSSLConfFilePath>$NDGSEC_DIR/conf/openssl.conf</openSSLConfFilePath>
-                <tmpDir>/tmp</tmpDir>
-                <!-- 
-                        Limit on maximum lifetime any proxy certificate can have - 
-                        specified when a certificate is first created by store() method
-                -->
-                <proxyCertMaxLifetime>43200</proxyCertMaxLifetime> <!-- in seconds -->
-                <!-- 
-                        Life time of a proxy certificate when issued from the Proxy Server 
-                        with ndg.security.server.MyProxy.getDelegation() method
-                -->
-                <proxyCertLifetime>43200</proxyCertLifetime> <!-- in seconds -->
-                <!-- 
-                CA certificate applied to verify peer certificate against in
-                SSL connection to MyProxy server
-                -->
-                <caCertFile>$NDGSEC_DIR/conf/certs/cacert.pem</caCertFile>
-        </myProxyProp>
-        <!-- 
-        Properties for a Session Manager client to a Simple CA.
-        Not currently used and likely to be removed from a future release
-        -->
-        <simpleCACltProp>
-            <uri></uri>
+    <myProxyProp>
+        <!-- 
+        Delete this element and take setting from MYPROXY_SERVER environment 
+        variable if required
+        -->
+        <hostname>localhost</hostname>
+        <!-- 
+        Delete this element to take default setting 7512 or read 
+        MYPROXY_SERVER_PORT setting
+        -->
+        <port>7512</port>
+        <!--
+        Useful if hostname and certificate CN don't match correctly.  Globus 
+        host DN is set to "host/<fqdn>".  Delete this element and set from 
+        MYPROXY_SERVER_DN environment variable if prefered
+        <serverDN></serverDN>
+        -->
+        <!--
+        Set "host/" prefix to host cert CN as is default with globus
+        -->
+        <serverCNprefix>host/</serverCNprefix>    
+        <!--
+        This directory path is used to locate the OpenSSL configuration file
+        
+        The settings are used to set up the defaults for the Distinguished Name of
+        the new proxy cert. issued 
+        
+        GLOBUS_LOCATION or GRID_SECURITY_DIR environment variables may be used
+        but the settings can be independent of any Globus installation
+        -->
+        <openSSLConfFilePath>$NDGSEC_DIR/conf/openssl.conf</openSSLConfFilePath>
+        <tmpDir>/tmp</tmpDir>
+        <!-- 
+            Limit on maximum lifetime any proxy certificate can have - 
+            specified when a certificate is first created by store() method
+        -->
+        <proxyCertMaxLifetime>43200</proxyCertMaxLifetime> <!-- in seconds -->
+        <!-- 
+            Life time of a proxy certificate when issued from the Proxy Server 
+            with ndg.security.server.MyProxy.getDelegation() method
+        -->
+        <proxyCertLifetime>43200</proxyCertLifetime> <!-- in seconds -->
+        <!-- 
+        CA certificate applied to verify peer certificate against in
+        SSL connection to MyProxy server
+        -->
+        <caCertFile>$NDGSEC_DIR/conf/certs/cacert.pem</caCertFile>
+    </myProxyProp>
+    <!-- 
+    Properties for a Session Manager client to a Simple CA.
+    Not currently used and likely to be removed from a future release
+    -->
+    <simpleCACltProp>
+        <uri></uri>
         <xmlSigKeyFile></xmlSigKeyFile>
         <xmlSigCertFile></xmlSigCertFile>
         <xmlSigCertPwd></xmlSigCertPwd>
     </simpleCACltProp>
-        <!--
-        <simpleCASrvProp>
-            <certExpiryDate></certExpiryDate>
-            <certLifetimeDays></certLifetimeDays>
-            <certTmpDir></certTmpDir>
-            <caCertFile></caCertFile>
-            <signExe></signExe>
-            <path></path>
-        </simpleCASrvProp>
-        -->
-        <!--
-        Settings for Credential Repository plugin
-        -->
+    <!--
+    <simpleCASrvProp>
+        <certExpiryDate></certExpiryDate>
+        <certLifetimeDays></certLifetimeDays>
+        <certTmpDir></certTmpDir>
+        <caCertFile></caCertFile>
+        <signExe></signExe>
+        <path></path>
+    </simpleCASrvProp>
+    -->
+    <!--
+    Settings for Credential Repository plugin
+    -->
     <credReposProp>
         <!-- 
@@ -132 +132 @@
         module is included in the current PYTHONPATH
         -->
-            <modFilePath></modFilePath>
-            <!--
-            Module name - the default is an empty stub
-            -->
-            <modName>ndg.security.common.CredWallet</modName>
-            <!-- Name of class in module to instantiate -->
-            <className>NullCredRepos</className>
-            <!-- 
-            Optional Properties file argument to Credential
-            Repository class.  This is include to enable custom
-            settings to be defined from an external configuration file
-            -->
-            <propFile></propFile>
+        <modFilePath></modFilePath>
+        <!--
+        Module name - the default is an empty stub
+        -->
+        <modName>ndg.security.common.CredWallet</modName>
+        <!-- Name of class in module to instantiate -->
+        <className>NullCredRepos</className>
+        <!-- 
+        Optional Properties file argument to Credential
+        Repository class.  This is include to enable custom
+        settings to be defined from an external configuration file
+        -->
+        <propFile></propFile>
     </credReposProp>
 </sessMgrProp>