Changeset 4131


Ignore:
Timestamp:
21/08/08 14:31:44 (11 years ago)
Author:
cbyrom
Message:

Create new utility package with class, ConfigFileParsers? - a utility
class with parsers for XML and INI style config files. This takes
a filename, together with an optional dictionary of valid keys (to
check for invalid config inputs) + optional section list (to restrict
parsing of INI files to particular sections) and returns a
dictionary of read in properties. NB, if valid keys are specified
and not featured in the prop file, default values are set up in the
returned property dict.
Implemented use of the ConfigFileParsers? in the AttAuthority? service.
Added new testsuite (together with noseTests class to drive tests) to
exercise the new parsers in the context of the AttAuthority? section +
added test config files.

Location:
TI12-security/trunk/python
Files:
10 added
3 edited

Legend:

Unmodified
Added
Removed
  • TI12-security/trunk/python/ndg.security.common/ndg/security/common/__init__.py

    r4129 r4131  
    2626    'sessionCookie', 
    2727    'SessionMgr', 
     28    'utils', 
    2829    'wssecurity', 
    2930    'X509', 
  • TI12-security/trunk/python/ndg.security.common/ndg/security/common/wssecurity/BaseSignatureHandler.py

    r4129 r4131  
    432432        @return X.509 certificate object""" 
    433433         
    434         if cert is None or isinstance(cert, X509Cert): 
     434        if not cert or isinstance(cert, X509Cert): 
    435435            # ndg.security.common.X509.X509Cert type / None 
    436436            return cert 
     
    469469        "Set property method for X.509 cert. used to verify a signature" 
    470470        log.debug("Setting verifying cert") 
     471        print "Cert:", verifyingCert 
    471472        self._verifyingCert = self.__setCert(verifyingCert) 
    472473        # Reset file path as it may no longer apply 
     
    481482    def _setVerifyingCertFilePath(self, verifyingCertFilePath): 
    482483        "Set method for Service X.509 cert. file path property" 
    483          
    484         if isinstance(verifyingCertFilePath, basestring): 
    485             self._verifyingCert = X509CertRead(verifyingCertFilePath) 
    486              
    487         elif verifyingCertFilePath is not None: 
    488             raise AttributeError, \ 
    489             "Verifying X.509 Cert. file path must be None or a valid string" 
     484        if verifyingCertFilePath: 
     485            if isinstance(verifyingCertFilePath, basestring): 
     486                self._verifyingCert = X509CertRead(verifyingCertFilePath) 
     487            else: 
     488                raise AttributeError, "X.509 Cert file path is not a valid string" 
    490489         
    491490        self._verifyingCertFilePath = verifyingCertFilePath 
  • TI12-security/trunk/python/ndg.security.server/ndg/security/server/AttAuthority/__init__.py

    r4129 r4131  
    4040from ndg.security.common.AttCert import * 
    4141 
     42from ndg.security.common.utils.ConfigFileParsers import readProperties 
    4243 
    4344#_____________________________________________________________________________ 
     
    130131        configuration parameters.  It defaults to $NDGSEC_AA_PROPFILEPATH or 
    131132        if not set, $NDGSEC_DIR/conf/attAuthorityProperties.xml 
     133        - if the filename ends with 'xml', it is assumed to be in the xml format 
     134        - otherwise it is assumed to be a flat text 'ini' type file 
    132135        @type bReadMapConfig: boolean 
    133136        @param bReadMapConfig: by default the Map Configuration file is  
     
    147150        self.__remoteRole2LocalRole = None 
    148151 
    149  
    150         # Configuration file properties are held together in a dictionary 
    151         self.__prop = {} 
    152  
    153         # Read Attribute Authority Properties file 
    154152        self.readProperties() 
    155153 
     
    203201        # issued. 
    204202        self.__attCertLog = AttCertLog(attCertFilePath) 
    205          
     203 
     204 
     205    def readProperties(self): 
     206        ''' 
     207        Read the properties files and do some checking/converting of input values 
     208        ''' 
     209        # Configuration file properties are held together in a dictionary 
     210        self.__prop = readProperties(self.propFilePath, validKeys=AttAuthority.__validKeys) 
     211 
     212        # Ensure Certificate time parameters are converted to numeric type 
     213        self.__prop['attCertLifetime'] = float(self.__prop['attCertLifetime']) 
     214        self.__prop['attCertNotBeforeOff'] = \ 
     215                                    float(self.__prop['attCertNotBeforeOff']) 
     216 
     217        # Likewise ... 
     218        self.__prop['portNum'] = int(self.__prop['portNum']) 
     219        self.__prop['attCertFileLogCnt']=int(self.__prop['attCertFileLogCnt']) 
     220 
     221        # Check directory path 
     222        try: 
     223            dirList = os.listdir(self.__prop['attCertDir']) 
     224 
     225        except OSError, osError: 
     226            raise AttAuthorityError, \ 
     227            'Invalid directory path Attribute Certificates store "%s": %s' % \ 
     228                (self.__prop['attCertDir'], osError.strerror) 
    206229 
    207230    #_________________________________________________________________________ 
     
    613636                                    (attCert.filePath, e) 
    614637        
    615          
    616     #_________________________________________________________________________      
    617     def readProperties(self): 
    618  
    619         """Read the configuration properties for the Attribute Authority. 
    620         Nb. if parameters for the user roles interface change  
    621         loadUserRolesInterface() must be called explicitly in order for the 
    622         changes to take effect 
    623  
    624         @type propFilePath: string 
    625         @param propFilePath: file path to properties file 
    626         """ 
    627  
    628         log.debug("Calling readProperties ...") 
    629         try: 
    630             tree = ElementTree.parse(self.propFilePath) 
    631              
    632         except IOError, ioErr: 
    633             raise AttAuthorityError, \ 
    634                                 "Error parsing properties file \"%s\": %s" % \ 
    635                                 (ioErr.filename, ioErr.strerror) 
    636  
    637          
    638         aaProp = tree.getroot() 
    639         if aaProp is None: 
    640             raise AttAuthorityError, \ 
    641             "Parsing properties file \"%s\": root element is not defined" % \ 
    642             self.propFilePath 
    643  
    644  
    645         # Copy properties from file into a dictionary 
    646         self.__prop = {} 
    647         invalidKeys = [] 
    648         try: 
    649             for elem in aaProp: 
    650                 if elem.tag in AttAuthority.__validKeys: 
    651                  
    652                     # Make sure to leave password element contents unchanged 
    653                     if isinstance(AttAuthority.__validKeys[elem.tag], list): 
    654                         if len(elem) == 0 and elem.text is not None: 
    655                             # Treat as a list of space separated elements 
    656                             self.__prop[elem.tag] = elem.text.split() 
    657                         else: 
    658                             # Parse from a list of sub-elements 
    659                             self.__prop[elem.tag] = \ 
    660                                 [os.path.expandvars(subElem.text.strip()) \ 
    661                                  for subElem in elem] 
    662                              
    663                     elif 'eyPwd' not in elem.tag and elem.text:  
    664                         self.__prop[elem.tag] = \ 
    665                                         os.path.expandvars(elem.text.strip()) 
    666                     else: 
    667                         self.__prop[elem.tag] = elem.text 
    668                 else: 
    669                     invalidKeys.append(elem.tag) 
    670                  
    671         except Exception, e: 
    672             raise AttAuthorityError, \ 
    673                 "Error parsing tag \"%s\" in properties file \"%s\": %s" % \ 
    674                 (elem.tag, self.propFilePath, e) 
    675  
    676         if invalidKeys != []: 
    677             raise AttAuthorityError, "The following properties file " + \ 
    678                                      "elements are invalid: " + \ 
    679                                      ', '.join(invalidKeys) 
    680   
    681         # Ensure Certificate time parameters are converted to numeric type 
    682         self.__prop['attCertLifetime'] = float(self.__prop['attCertLifetime']) 
    683         self.__prop['attCertNotBeforeOff'] = \ 
    684                                     float(self.__prop['attCertNotBeforeOff']) 
    685  
    686         # Likewise ... 
    687         self.__prop['portNum'] = int(self.__prop['portNum']) 
    688         self.__prop['attCertFileLogCnt']=int(self.__prop['attCertFileLogCnt']) 
    689  
    690         # Check directory path 
    691         try: 
    692             dirList = os.listdir(self.__prop['attCertDir']) 
    693  
    694         except OSError, osError: 
    695             raise AttAuthorityError, \ 
    696             'Invalid directory path Attribute Certificates store "%s": %s' % \ 
    697                 (self.__prop['attCertDir'], osError.strerror) 
    698  
    699         log.info('Loaded properties from "%s"' % self.propFilePath) 
    700          
    701638         
    702639    #_________________________________________________________________________      
Note: See TracChangeset for help on using the changeset viewer.