Changeset 4020 for TI12-security/trunk


Ignore:
Timestamp:
11/06/08 17:08:55 (12 years ago)
Author:
pjkersha
Message:

More work on WSGI SOAPMiddleware

  • Moved soap and wssecurity middleware modules to ndg.security.server.wsgi
  • ... and ZSI Attribute Service Binding to ndg.security.server.zsi
  • test harness - pylons ndgsecurity in Test/ now works with Paste pipeline in ini to enable dynamic config for WS-Security handlers
Location:
TI12-security/trunk/python
Files:
8 added
9 edited
1 moved

Legend:

Unmodified
Added
Removed
  • TI12-security/trunk/python/Tests/pylonsAttributeAuthority/ndgsecurity/development.ini

    r3960 r4020  
    1717port = 5010 
    1818 
    19 [app:main] 
     19[app:main1] 
    2020use = egg:ndgsecurity 
    2121full_stack = true 
     
    2323beaker.session.key = ndgsecurity 
    2424beaker.session.secret = somesecret 
     25 
     26[pipeline:main] 
     27pipeline = wsseSignatureVerificationFilter AttributeAuthorityFilter wsseSignatureFilter main1 
     28 
     29 
     30[filter:AttributeAuthorityFilter] 
     31paste.filter_app_factory = ndg.security.server.wsgi.soap:SOAPMiddleware 
     32ServiceSOAPBindingClass = ndg.security.server.zsi.attributeauthority.AttributeAuthorityWS 
     33pathInfo = /AttributeAuthority 
     34 
     35[filter:wsseSignatureVerificationFilter] 
     36paste.filter_app_factory = ndg.security.server.wsgi.wssecurity:makeSignatureVerificationFilter 
     37 
     38[filter:wsseSignatureFilter] 
     39paste.filter_app_factory = ndg.security.server.wsgi.wssecurity:makeSignatureFilter 
    2540 
    2641# If you'd like to fine-tune the individual locations of the cache data dirs 
  • TI12-security/trunk/python/Tests/pylonsAttributeAuthority/ndgsecurity/ndgsecurity/config/attributeauthority.py

    r3955 r4020  
    33import logging 
    44log = logging.getLogger(__name__) 
    5  
    65 
    76 
     
    1716from ndgsecurity.config.soap import SOAPMiddleware 
    1817 
    19 #class AttributeAuthorityMiddleware(object): 
    20 #           
    21 #    def __init__(self, app, app_conf): 
    22 #        log.debug("AttributeAuthorityMiddleware.__init__ ...") 
    23 #        self.app = SOAPMiddleware(app, app_conf,  
    24 #                                                                 ServiceSOAPBinding=AttributeAuthorityWS(), 
    25 #                                                                 pathInfo='/AttributeAuthority') 
    26 #                 
    27 #    def __call__(self, environ, start_response): 
    28 #               log.debug("AttributeAuthorityMiddleware.__call__")                               
    29 # 
    30 #               #start_response("200 OK", [('Content-type', 'text/xml')]) 
    31 #               return self.app(environ, start_response) 
    32         
    3318 
    3419class AttributeAuthorityWS(_AttAuthorityService): 
  • TI12-security/trunk/python/Tests/pylonsAttributeAuthority/ndgsecurity/ndgsecurity/config/middleware.py

    r4001 r4020  
    1515from ndgsecurity.config.attributeauthority import AttributeAuthorityWS 
    1616from ndgsecurity.config.soap import SOAPMiddleware 
    17 from ndgsecurity.config.wssecurity import SignatureVerificationMiddleware 
     17from ndgsecurity.config.wssecurity import SignatureVerificationMiddleware, \ 
     18    SignatureMiddleware 
    1819 
    1920def make_app(global_conf, full_stack=True, **app_conf): 
     
    4243     
    4344    # CUSTOM MIDDLEWARE HERE (filtered by error handling middlewares) 
    44     app = SignatureVerificationMiddleware(app, global_conf) 
    45     app = SOAPMiddleware(app, global_conf, 
    46                          ServiceSOAPBinding=AttributeAuthorityWS(), 
    47                          pathInfo='/AttributeAuthority') 
     45    #app = SignatureMiddleware(app, global_conf) 
     46#    app = SOAPMiddleware(app, global_conf, 
     47#                         ServiceSOAPBinding=AttributeAuthorityWS(), 
     48#                         pathInfo='/AttributeAuthority') 
     49    #app = SignatureVerificationMiddleware(app, global_conf) 
    4850     
    4951    if asbool(full_stack): 
  • TI12-security/trunk/python/Tests/pylonsAttributeAuthority/ndgsecurity/ndgsecurity/config/soap.py

    r4001 r4020  
    4444 
    4545        def start_response_wrapper(status, response_headers, exc_info=None): 
     46            '''Ensure text/xml content type and set content length''' 
     47            response_headers_alt=[(name,val) for name, val in response_headers\ 
     48                    if name.lower() not in ('content-type', 'content-length')] 
     49             
     50            response_headers_alt += [('content-type', 'text/xml'), 
     51                                ('content-length', "%d" % len(self.soapOut))] 
     52                             
    4653            return start_response(status,  
    47                                   [('Content-type', 'text/xml')], 
     54                                  response_headers_alt, 
    4855                                  exc_info) 
     56 
     57        if 'ZSI.parse.ParsedSoap' in environ: 
     58            ps = environ['ZSI.parse.ParsedSoap'] 
     59        else: 
     60            # TODO: allow for chunked data 
     61            soapIn = environ['wsgi.input'].read(environ['CONTENT_LENGTH']) 
     62            log.debug("SOAP Request") 
     63            log.debug("_"*80) 
     64            log.debug(soapIn) 
     65            log.debug("_"*80) 
    4966             
    50               
    51         soapIn = environ['wsgi.input'].getvalue() 
    52         log.debug("SOAP Request") 
    53         log.debug("_"*80) 
    54         log.debug(soapIn) 
    55         log.debug("_"*80) 
    56          
    57         ps = ParsedSoap(soapIn) 
     67            ps = ParsedSoap(soapIn) 
     68             
    5869        method = getattr(self.app_conf['ServiceSOAPBinding'],  
    5970                         'soap_%s' % environ['HTTP_SOAPACTION'].strip('"')) 
     
    6778        sw.serialize(resp) 
    6879         
     80        # Make SoapWriter object available to any SOAP filters that follow 
     81        environ['ZSI.writer.SoapWriter'] = sw 
    6982        self.soapOut = str(sw) 
    7083         
    7184        log.debug("SOAP Response") 
    7285        log.debug("_"*80) 
    73         log.debug(soapOut) 
     86        log.debug(self.soapOut) 
    7487        log.debug("_"*80) 
    7588#                 
     
    7992        app = self.app(environ, start_response_wrapper) 
    8093        #start_response("200 OK", [('Content-type', 'text/xml')]) 
    81         return soapOut 
     94        return [self.soapOut] 
     95 
     96 
     97def makeFilter(app, app_conf):   
     98    from ndgsecurity.config.attributeauthority import AttributeAuthorityWS 
     99     
     100    return SOAPMiddleware(app, app_conf, 
     101                          ServiceSOAPBinding=AttributeAuthorityWS(), 
     102                          pathInfo='/AttributeAuthority') 
  • TI12-security/trunk/python/Tests/pylonsAttributeAuthority/ndgsecurity/ndgsecurity/config/wssecurity.py

    r3960 r4020  
    33 
    44from ZSI.parse import ParsedSoap 
     5 
    56from ZSI.writer import SoapWriter 
    67from ndg.security.common.wsSecurity import SignatureHandler 
    78 
    89class SignatureMiddleware(object): 
     10    '''Apply WS-Security digital signature to SOAP message''' 
     11     
    912    def __init__(self, app, app_conf): 
    1013        self.app = app 
    11         pass 
     14        self.signatureHandler = SignatureHandler( 
     15                                        cfg=app_conf.get('wsseCfgFilePath')) 
    1216     
    1317    def __call__(self, environ, start_response): 
     18         
     19        log.debug('Signing outbound message ...') 
     20        app = self.app(environ, start_response) 
    1421 
    15         ps = ParsedSoap(soapIn) 
    16         self.signatureHandler.sign(ps) 
    17         return self.app(environ, start_response) 
     22        if 'ZSI.writer.SoapWriter' not in environ: 
     23            raise KeyError("Expecting 'ZSI.writer.SoapWriter' key in environ") 
     24         
     25        sw = environ['ZSI.writer.SoapWriter'] 
     26        self.signatureHandler.sign(sw) 
     27        soapOut = str(sw) 
     28         
     29        return [soapOut] 
    1830     
     31 
    1932class SignatureVerificationMiddleware(object): 
     33    '''Verify WS-Security digital signature in SOAP message''' 
     34     
    2035    def __init__(self, app, app_conf): 
    2136        log.debug("SignatureVerificationMiddleware.__init__ ...") 
     
    2540     
    2641    def __call__(self, environ, start_response): 
    27          
    28         soapIn = environ['wsgi.input'].getvalue() 
    29         log.debug("Verifying signature...") 
     42 
     43        log.debug("Verifying inbound message signature...") 
     44        
     45        # TODO: allow for chunked data 
     46        soapIn = environ['wsgi.input'].read(environ['CONTENT_LENGTH']) 
    3047         
    3148        ps = ParsedSoap(soapIn) 
    3249        self.signatureHandler.verify(ps) 
     50         
     51        # Pass on in environment as an efficiency measure for any following 
     52        # SOAP Middleware 
     53        environ['ZSI.parse.ParsedSoap'] = ps 
    3354        return self.app(environ, start_response) 
     55 
     56 
     57def makeSignatureVerificationFilter(app, global_conf): 
     58    return SignatureVerificationMiddleware(app, global_conf)  
     59 
     60def makeSignatureFilter(app, global_conf): 
     61    return SignatureMiddleware(app, global_conf) 
  • TI12-security/trunk/python/ndg.security.server/ndg/security/server/sso/sso/config/environment.py

    r3994 r4020  
    44from pylons import config 
    55 
    6 import sso.lib.app_globals as app_globals 
    7 import sso.lib.helpers 
     6import ndg.security.server.sso.sso.lib.app_globals as app_globals 
     7import ndg.security.server.sso.sso.lib.helpers 
    88from ndg.security.server.sso.sso.config.routing import make_map 
    99 
     
    2020 
    2121    # Initialize config with the basic options 
    22     config.init_app(global_conf, app_conf, package='sso', 
     22    config.init_app(global_conf, app_conf,  
     23                    package='ndg.security.server.sso.sso', 
    2324                    template_engine='kid', paths=paths) 
    2425 
    2526    config['routes.map'] = make_map() 
    2627    config['pylons.g'] = app_globals.Globals() 
    27     config['pylons.h'] = sso.lib.helpers 
     28    config['pylons.h'] = ndg.security.server.sso.sso.lib.helpers 
    2829 
    2930    # Customize templating options via this variable 
  • TI12-security/trunk/python/ndg.security.server/ndg/security/server/sso/sso/config/routing.py

    r3652 r4020  
    1818 
    1919    # CUSTOM ROUTES HERE     
     20 
     21    # Override display of public/index.html 
     22    map.connect('', controller='login', action='index') 
     23     
    2024    map.connect('getCredentials', controller='login', action='getCredentials') 
    2125 
    2226    map.connect(':controller/:action/:id') 
    2327    map.connect('*url', controller='template', action='view') 
    24  
     28     
    2529    return map 
  • TI12-security/trunk/python/ndg.security.server/ndg/security/server/sso/sso/public/index.html.bak

    r3652 r4020  
    2626<body> 
    2727 
    28 <h1>Welcome to your Pylons Web Application</h1> 
     28<h1>ahhhhWelcome to your Pylons Web Application</h1> 
    2929 
    3030<h2>Weren't expecting to see this page?</h2> 
  • TI12-security/trunk/python/ndg.security.server/setup.py

    r4001 r4020  
    3838_entryPoints = """ 
    3939    [console_scripts]  
    40     myproxy-client=ndg.security.server.MyProxy:main, 
     40    myproxy-client=ndg.security.server.MyProxy:main 
    4141    init-credrepos-db=ndg.security.server.initCredReposDb:main 
    4242 
    4343    [paste.app_factory] 
    44     main=ndg.security.server.sso.sso:make_app 
     44    main=ndg.security.server.sso.sso.config.middleware:make_app 
    4545    [paste.app_install] 
    4646    main=pylons.util:PylonsInstaller 
  • TI12-security/trunk/python/ndg.security.test/ndg/security/test/authz/pdp/testProftPDP.py

    r4001 r4020  
    5454#        userHandle['h'] = 
    5555#        userHandle['sid'] =  
     56 
    5657        self.pdp(resrcHandle, userHandle, None) 
    5758 
Note: See TracChangeset for help on using the changeset viewer.