Ignore:
Timestamp:
20/05/08 17:11:20 (12 years ago)
Author:
pjkersha
Message:
  • New ndg.security.common.zsi_util.httpproxy.ProxyHTTPConnection class replaces urllib2client - easier to fit into existing ZSI client framework.
  • Further OpenID integration into Single Sign On Service. User now authenticates OK but patches needed to AuthKit? + need to handle return_to URL dynamically according to page visited before WAYF call.
File:
1 edited

Legend:

Unmodified
Added
Removed
  • TI12-security/trunk/python/ndg.security.server/ndg/security/server/sso/sso/controllers/wayf.py

    r3892 r3914  
    2929        # preserve confidentiality of credentials 
    3030        if g.ndg.security.server.ssoservice.cfg.server in c.returnTo: 
    31             c.returnTo = c.returnTo.replace(g.ndg.security.server.ssoservice.cfg.server,  
    32                                             g.ndg.security.server.ssoservice.cfg.sslServer) 
     31            c.returnTo = c.returnTo.replace(\ 
     32                                g.ndg.security.server.ssoservice.cfg.server,  
     33                                g.ndg.security.server.ssoservice.cfg.sslServer) 
    3334            c.b64encReturnTo = urlsafe_b64encode(c.returnTo)         
    3435            log.debug(\ 
     
    3940    def index(self): 
    4041        ''' NDG equivalent to Shibboleth WAYF ''' 
     42         
     43        # Convenience alias 
     44        cfg = g.ndg.security.server.ssoservice.cfg 
     45         
    4146        log.debug("WayfController.index ...") 
     47        log.debug("Initialising connection to Attribute Authority [%s]" % \ 
     48                  cfg.aaURI) 
     49         
     50        try: 
     51            aaClnt = AttAuthorityClient(uri=cfg.aaURI, 
     52                                    tracefile=cfg.tracefile, 
     53                                    httpProxyHost=cfg.httpProxyHost, 
     54                                    ignoreHttpProxyEnv=cfg.ignoreHttpProxyEnv, 
     55                                    **cfg.wss) 
     56        except Exception, e: 
     57            c.xml='Error establishing security context.  Please report ' + \ 
     58                  'the error to your site administrator' 
     59            log.error("Initialising AttAuthorityClient for " + \ 
     60                      "getAllHostsInfo call: %s" % e) 
     61            return render('ndg.security.kid', 'ndg.security.error') 
     62             
     63        # Get list of login uris for trusted sites including THIS one 
     64        log.debug("Calling Attribute Authority getAllHostsInfo for wayf ...") 
    4265 
    43         aaClnt = AttAuthorityClient(\ 
    44                     uri=g.ndg.security.server.ssoservice.cfg.aaURI, 
    45                     tracefile=g.ndg.security.server.ssoservice.cfg.tracefile, 
    46                     **g.ndg.security.server.ssoservice.cfg.wss) 
    47  
    48         # Get list of login uris for trusted sites including THIS one 
    49         log.debug("Calling Attribute Authority getTrustedHostInfo and " + \ 
    50                   "getHostInfo for wayf") 
    51  
    52         hosts = aaClnt.getAllHostsInfo()     
    53         c.providers=dict([(k, v['loginURI']) for k, v in hosts.items()]) 
     66        hosts = aaClnt.getAllHostsInfo()  
     67        try: 
     68            hosts = aaClnt.getAllHostsInfo()  
     69        except Exception, e: 
     70            c.xml='Error getting a list of trusted sites for login.  ' + \ 
     71                'Please report the error to your site administrator.' 
     72            log.error("AttAuthorityClient getAllHostsInfo call: %s" % e)   
     73            return render('ndg.security.kid', 'ndg.security.error') 
     74             
     75        c.providers = dict([(k, v['loginURI']) for k, v in hosts.items()]) 
    5476         
    5577        session.save() 
Note: See TracChangeset for help on using the changeset viewer.