Changeset 3901 for TI05-delivery


Ignore:
Timestamp:
15/05/08 10:35:33 (11 years ago)
Author:
pjkersha
Message:

Working version with Gatekeeper code moved into it's own package in ndg.security.

All security code now decoupled from ows_server - Single Sign On and Gatekeeper.

ows_server/ndgDiscovery.config: moved Gatekeeper settings into its own NDG_SECURITY.gatekeeper section

ows_server/ows_server/config/ndgMiddleware.py:

  • now initialises PEP class (Policy Enforcement Point aka Gatekeeper) from ndg.security.common.authz.pep and adds as a g var attr.



Index: ows_server/ows_server/controllers/logout.py: remove old commented out code

ows_server/ows_server/controllers/retrieve.py:

ows_server/ows_server/lib/ndgInterface.py: replaced old ndgInterface gatekeeper code with PEP class.

ows_server/ows_server/lib/security_util.py: moved out of ows_server into ndg.security.common

ows_server/ows_server/lib/base.py: tidied up imports

ows_server/ows_server/templates/stubB.kid: code to comment out the CSML entries caused an error for render(). Re-instated commented out section.

Location:
TI05-delivery/ows_framework/trunk/ows_server
Files:
1 deleted
7 edited

Legend:

Unmodified
Added
Removed
  • TI05-delivery/ows_framework/trunk/ows_server/ndgDiscovery.config

    r3893 r3901  
    184184sslCACertFilePathList: certs/ndg-test-ca.crt 
    185185 
    186 # Gatekeeper Attribute Certificate check 
    187 # Issuer - should match with the issuer element of the users Attribute 
    188 # Certificate submitted in order to gain access 
    189 #acIssuer: /CN=AttributeAuthority/O=NDG/OU=BADC 
    190 acIssuer: /CN=Junk/O=NDG/OU=Gabriel 
    191  
    192 # verification of X.509 cert back to CA.  Currently only the CA of this site 
    193 # is needed because only mapped Attribute Certificates may be accepted. 
    194 acCACertFilePathList: certs/ndg-test-ca.crt 
    195  
    196186 
    197187# WS-Security signature handler - set a config file with 'wssCfgFilePath' 
     
    233223applySignatureConfirmation=False 
    234224 
     225# 
     226# Gatekeeper settings 
     227# 
     228[NDG_SECURITY.gatekeeper] 
     229# 
     230# Policy Enforcement Point calls a Policy Decision Point interface: 
     231 
     232# File path to Python module containing the PDP class - leave blank if the  
     233# module is in PYTHONPATH env var 
     234pdpModFilePath:  
     235 
     236# Name of PDP Python module 
     237pdpModName: ndg.security.common.authz.pdp.browse 
     238 
     239# Name of PDP class used 
     240pdpClassName: BrowsePDP 
     241 
     242# File Path to configuration file used by PDP class (environment variables 
     243# can be used in this path e.g. $PDP_CONFIG_DIR/pdp.cfg.  Omit this parameter 
     244# to make the PEP read the PDP settings from THIS config file 
     245#pdpCfgFilePath: 
     246 
     247# Read PDP params from THIS section 
     248pdpCfgSection: NDG_SECURITY.gatekeeper 
     249 
     250# 
     251# Settings for Policy Decision Point called by the PEP  
     252 
     253# Address of Attribute Authority for Data Provider 
     254aaURI: 
     255 
     256# CA certificates used to verify peer certs from Session Manager SSL  
     257# connections - space delimited list 
     258sslCACertFilePathList: 
     259 
     260# Set to file object to dump SOAP message output for debugging 
     261tracefile: 
     262 
     263# CA certificates used to verify the signature of user Attribute Certificates 
     264# - space delimited list but note that currently only the CA of this site 
     265# is needed because only mapped Attribute Certificates may be accepted. 
     266acCACertFilePathList: certs/ndg-test-ca.crt 
     267 
     268# X.509 Distinguished Name for Attribute Certificate issuer - should match with 
     269# the issuer element of the users Attribute Certificate submitted in order to  
     270# gain access 
     271acIssuer: /CN=AttributeAuthority/O=NDG Security Test/OU=Site A 
     272#acIssuer: /CN=AttributeAuthority/O=NDG/OU=BADC 
     273 
     274# WS-Security signature handler - set a config file with 'wssCfgFilePath' 
     275# or omit and put the relevant content directly in here under the section name 
     276# specified by 'wssCfgSection' below 
     277#wssCfgFilePath: wssecurity.cfg 
     278 
     279# Config file section for WS-Security settings - Nb. the gatekeeper shares the 
     280# same settings as the Single Sign On Service. 
     281wssCfgSection: NDG_SECURITY.wssecurity 
    235282 
    236283[RELATED] 
  • TI05-delivery/ows_framework/trunk/ows_server/ows_server/config/ndgMiddleware.py

    r3893 r3901  
    111111            self.globals.logout=g.ndg.security.server.ssoservice.cfg.logoutURI 
    112112            self.globals.getCredentials=g.ndg.security.server.ssoservice.cfg.getCredentials 
    113            
    114         #self.globals.securityCfg = SecurityConfig(cf) 
     113 
     114        # Policy Enforcement Point initialisation 
     115        if securityEnabled: 
     116            try: 
     117                from ndg.security.common.authz.pep import PEP 
     118            except ImportError, e: 
     119                # If standalone flag is not present security must be enabled 
     120                raise NDGConfigError('%s: expecting standalone config ' % \ 
     121                        __name__ +  
     122                        'flag set to False for Policy Enforcement Point ' + \ 
     123                        'import: %s' % e) 
     124             
     125            self.globals.pep = PEP(cfg=cf.config,  
     126                                   cfgSection='NDG_SECURITY.gatekeeper') 
     127             
    115128        self.config=cf 
    116129         
  • TI05-delivery/ows_framework/trunk/ows_server/ows_server/controllers/logout.py

    r3893 r3901  
    44 
    55try: 
    6     from ndg.security.server.sso.sso.controllers.logout import LogoutController as\ 
    7         _LogoutController 
     6    from ndg.security.server.sso.sso.controllers.logout \ 
     7        import LogoutController as _LogoutController 
    88         
    99    class LogoutController(_LogoutController): 
     
    2424            log.info("Single Sign On Service is disabled setting 404 error...") 
    2525            abort(404) 
    26  
    27 #from ows_server.lib.security_util import SecuritySession 
    28 #import logging 
    29 #log = logging.getLogger(__name__) 
    30 # 
    31 #from paste.request import parse_querystring 
    32 #import sys # include in case tracefile is set to sys.stderr  
    33 #import base64 # decode the return to address 
    34 #from urlparse import urlsplit, urlunsplit 
    35 # 
    36 #from ndg.security.common.SessionMgr import SessionMgrClient 
    37 # 
    38 # 
    39 #class LogoutController(BaseController): 
    40 #    '''Provides the pylons controller for logging out and killing the cookies 
    41 #    ''' 
    42 #     
    43 #    def __before__(self): 
    44 #        """Get return to URL""" 
    45 #        c.returnTo = request.params.get('r', '') 
    46 #         
    47 #        # Check return to address - getCredentials should NOT be returned to 
    48 #        # with its query args intact 
    49 #        b64decReturnTo = base64.urlsafe_b64decode(c.returnTo) 
    50 #        scheme, netloc, pathInfo, query, frag = urlsplit(b64decReturnTo) 
    51 #        if 'getCredentials' in pathInfo: 
    52 #            # Swap to discovery and remove sensitive creds query args 
    53 #            # 
    54 #            # TODO: re-write to be more robust and modular.  Nb.  
    55 #            # BaseController.__call__ should filter out 'getCredentials' 
    56 #            # calls from c.requestURL so this code should never need to be  
    57 #            # executed. 
    58 #            filteredReturnTo = urlunsplit((scheme,netloc,'/discovery','','')) 
    59 #            c.returnTo = base64.urlsafe_b64encode(filteredReturnTo) 
    60 # 
    61 #     
    62 #    def index(self): 
    63 #        ''' Ok, you really want to logout here ''' 
    64 # 
    65 #        if 'ndgSec' not in session: 
    66 #            # There's no handle to a security session 
    67 #            log.error("logout called but no 'ndgSec' key in session object") 
    68 #            return self.__redirect() 
    69 #         
    70 #        # Fixed URI to be equal to the session's security settings 'h' param! 
    71 #        # This contains the location of the Session Manager where the users 
    72 #        # session is held. 
    73 #        # 
    74 #        # Removed sslPeerCertCN setting here - the session manager could at  
    75 #        # any of a number of different trusted sites where the user logged in 
    76 #        # from.  There's no way of predicting an alternate SSL cert Common 
    77 #        # Name through the config file settings 
    78 #        # 
    79 #        # P J Kershaw 21/11/2007 
    80 #        try: 
    81 #            smClnt = SessionMgrClient(uri=session['ndgSec']['h'], 
    82 #                    sslCACertFilePathList=g.securityCfg.sslCACertFilePathList, 
    83 #                    signingCertFilePath=g.securityCfg.wssCertFilePath, 
    84 #                    signingPriKeyFilePath=g.securityCfg.wssPriKeyFilePath, 
    85 #                    signingPriKeyPwd=g.securityCfg.wssPriKeyPwd, 
    86 #                    caCertFilePathList=g.securityCfg.wssCACertFilePathList, 
    87 #                    tracefile=g.securityCfg.tracefile)        
    88 #        except Exception, e: 
    89 #            log.error("logout - creating Session Manager client: %s" % e) 
    90 #            return self.__cleanupAndRedirect()   
    91 #         
    92 #        # Disconnect from Session Manager 
    93 #        log.info('Calling Session Manager "%s" disconnect for logout...' % \ 
    94 #                 g.securityCfg.smURI) 
    95 #        try: 
    96 #            smClnt.disconnect(sessID=session['ndgSec']['sid']) 
    97 #        except Exception, e: 
    98 #            log.error("Error with Session Manager logout: %s" % e) 
    99 #            # don't exit here - instead proceed to delete session and  
    100 #            # redirect ... 
    101 # 
    102 #        return self.__cleanupAndRedirect() 
    103 # 
    104 # 
    105 #    def __cleanupAndRedirect(self): 
    106 #        """Remove security session and call _redirect""" 
    107 #        try: 
    108 #            # easy to kill our cookie 
    109 #            SecuritySession.delete() 
    110 #            if 'ndgCleared' in session: del session['ndgCleared'] 
    111 #            session.save() 
    112 #             
    113 #        except Exception, e:    
    114 #            log.error("logout - clearing security session: %s" % e) 
    115 # 
    116 #        return self.__redirect() 
    117 #     
    118 #     
    119 #    def __redirect(self): 
    120 #        """Handle redirect back to previous page""" 
    121 #        if c.returnTo: 
    122 #            # Decode the return to address 
    123 #            try: 
    124 #                b64decReturnTo = base64.urlsafe_b64decode(c.returnTo) 
    125 #            except Exception, e: 
    126 #                log.error("logout - decoding return URL: %s" % e)  
    127 #                return render('content') 
    128 #             
    129 #            # and now go back to whence we had come 
    130 #            h.redirect_to(b64decReturnTo) 
    131 #        else: 
    132 #            return render('content') 
  • TI05-delivery/ows_framework/trunk/ows_server/ows_server/controllers/retrieve.py

    r3661 r3901  
    88from ows_server.lib.ndgInterface import interface  
    99from xml.parsers.expat import ExpatError 
     10 
     11import logging 
     12log = logging.getLogger(__name__) 
     13 
    1014 
    1115class RetrieveController(BaseController): 
     
    133137        try: 
    134138            return render(r) 
     139         
     140        except ExpatError, e: 
     141            c.xml='XML content is not well formed' 
     142            c.doc=str(x) 
     143            response.status_code = 400 
     144            log.error("Retrieving [%s] - XML content: %s" % (uri, e)) 
     145            return render('error') 
     146 
    135147        except Exception, e: 
    136148            #we may be showing an xml document ... but it could go wrong if 
    137149            #we have crap content ... 
    138             if isinstance(e, ExpatError): 
    139                 c.xml='<p> XML content is not well formed </p>' 
    140                 c.doc=str(x) 
    141             else: 
    142                 c.xml='<p> Unexpected error [%s] viewing [%s] </p>'%(str(e),uri) 
    143                 c.doc='' 
     150            c.xml='Unexpected error [%s] viewing [%s]'%(str(e), uri) 
     151            c.doc='' 
    144152            response.status_code = 400 
    145153            return render('error') 
  • TI05-delivery/ows_framework/trunk/ows_server/ows_server/lib/base.py

    r3893 r3901  
    77 Base controller providing generic functionality and extended by most other controllers 
    88""" 
    9 import urllib 
    10 from urlparse import urlsplit, urlunsplit 
    11 from base64 import urlsafe_b64encode 
    129from pylons import c, g, cache, request, session, response 
    1310from pylons.controllers import WSGIController 
     
    1916import ows_server.models as model 
    2017import ows_server.lib.helpers as h 
    21 from ows_server.lib.security_util import setSecuritySession, LoginServiceQuery 
    2218from ows_common import exceptions as OWS_E 
    2319from ows_common.operations_metadata import OperationsMetadata, Operation, RequestMethod 
  • TI05-delivery/ows_framework/trunk/ows_server/ows_server/lib/ndgInterface.py

    r3833 r3901  
    1818import logging 
    1919logger = logging.getLogger('ndgInterface') 
    20 from ows_server.models.ndgSecurity import HandleSecurity 
    21  
     20#from ows_server.models.ndgSecurity import HandleSecurity 
     21from pylons import g # for handle to access control PEP interface 
     22try: 
     23    from ndg.security.common.authz.pdp import PDPError 
     24    from ndg.security.common.authz.pep import PEPError 
     25except ImportError, e: 
     26    from warnings import warn 
     27    warn(__name__ + ": access control is disabled: %s" % e, RuntimeWarning) 
     28     
     29     
    2230class CDMSEntry(object): 
    2331    """ 
     
    109117        #in the retrieve controller! 
    110118 
    111         # Fix call to ndgRetrieve so that it sets the discovery flag explicitly 
    112         # rather than defaulting to 1 
    113         #  
    114         # PJK 01/05/2008 
    115         standaloneDiscovery = \ 
    116                 request.environ['ndgConfig'].config.getboolean('DISCOVERY', 
    117                                                                'standalone') 
    118          
    119119        try: 
    120120            ndgO=ndgObject(uri) 
     
    136136                                    logger, 
    137137                                    outputSchema, 
    138                                     discovery=standaloneDiscovery) 
     138                                    discovery=g.standalone) 
    139139        else: 
    140140            try: 
     
    151151                                            logger, 
    152152                                            outputSchema, 
    153                                             discovery=standaloneDiscovery) 
     153                                            discovery=g.standalone) 
    154154                if status: self.XMLHCache[uri]=xmlh 
    155155             
     
    163163        #   exceptions, status=0, xmlh='Exception(e)' 
    164164         
    165         status,xmlh=self.__GateKeep(ndgO,xmlh) 
     165        status,xmlh=self.__gatekeep(ndgO,xmlh) 
    166166        if status: 
    167167            if cleared is None: 
     
    199199        return status,d 
    200200         
    201     def __GateKeep(self,uri,x): 
     201    def __gatekeep(self,uri,x): 
    202202        ''' This is the NDG gatekeeper ''' 
    203203        if 'ndgSec' in session: 
     
    205205        else: 
    206206            securityTokens=None 
    207          
    208         if uri.schema=='DIF': 
    209             pass # no access control 
    210         elif uri.schema =='NDG-B0': 
    211             #cred=x.find('dgSecurityCondition/simpleCondition') 
    212             #if cred: 
    213             #    return 0,'<p> Access Control: <br/>[<![CDAT[%s]]> </p>' 
    214             pass 
    215         elif uri.schema =='NDG-B1': 
    216             pass # for the moment 
    217         elif uri.schema =='NDG-A0': 
    218             if True:  # use this for turning security on and off during testing 
    219                 s=x.tree.find('{http://ndg.nerc.ac.uk/csml}AccessControlPolicy/{http://ndg.nerc.ac.uk/csml}dgSecurityCondition') 
    220                 if s is not None: 
    221                     status,message=HandleSecurity(uri,s,securityTokens) 
    222                     if not status: return 0,'<p> Access Denied for %s </p><p>%s</p>'%(uri,message) 
    223         return 1,x 
     207 
     208        if not hasattr(g, 'pep'): 
     209            if not g.standalone: 
     210                raise PEPError(\ 
     211                "Security is disabled but the standalone flag is set to False") 
     212                 
     213            log.info("__gatekeep: access control is disabled - standalone " + \ 
     214                     "config flag is set") 
     215             
     216        try: 
     217            # Arguments are: a handle to the resource and a handle to the users 
     218            # security tokens 
     219            g.pep(dict(uri=uri, doc=x), securityTokens, None) 
     220            return True, x 
     221         
     222        except PDPError, e: 
     223            # Caught a known access control condition 
     224            return False, 'Access Denied for %s %s' % (uri, e) 
    224225                 
    225226    def __getLocal(self,uri): 
  • TI05-delivery/ows_framework/trunk/ows_server/ows_server/templates/stubB.kid

    r3544 r3901  
    7979                                        else: 
    8080                                            selected=False 
    81                                     ?> 
     81                                                    ?> 
    8282                                    <td width="10%"> 
    8383                                        <span py:if="showSelect and selected"> 
    84                                           Selected 
    85                                         </span> 
    86                                         <!--span class="selectme" py:if="showSelect and not selected"> 
     84                                                                 Selected 
     85                                                            </span> 
     86                                                            <span class="selectme" py:if="showSelect and not selected"> 
    8787                                            ${XML(h.link_to_remote("Select",dict(update="PageTabs", 
    8888                                            url=h.url_for(controller="tabs", 
     
    9797                                        <a href="$g.server/view/$granule.entryID">$granule.name</a> 
    9898                                    </td> 
    99                                     <td><div py:replace="ShortCoverage(granule)"/></td> 
     99                                    <td> 
     100                                        <div py:replace="ShortCoverage(granule)"/> 
     101                                    </td> 
    100102                                </tr> 
    101                             </tbody--> 
    102                         </table> 
     103                                    </tbody> 
     104                                            </table> 
    103105                    </div> 
    104106                    <!-- of granules --> 
Note: See TracChangeset for help on using the changeset viewer.