Ignore:
Timestamp:
24/09/08 16:25:09 (11 years ago)
Author:
pjkersha
Message:

More work on WSGI version of Attribute Authority unit tests. TODO: complete code to enable WS-Security config to be picked up from within the Paste ini file.

Location:
TI12-security/trunk/python/ndg.security.server/ndg/security/server
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • TI12-security/trunk/python/ndg.security.server/ndg/security/server/wsgi/soap.py

    r4185 r4233  
    2323         
    2424class SOAPMiddlewareError(Exception): 
    25     """Base error handling exception for this module""" 
     25    """Base error handling exception class for the SOAP WSGI middleware module 
     26    """ 
    2627     
    2728class SOAPMiddlewareReadError(SOAPMiddlewareError): 
    28     """SOAP read error""" 
    29      
     29    """SOAP Middleware read error""" 
     30 
     31class SOAPMiddlewareConfigError(SOAPMiddlewareError): 
     32    """SOAP Middleware configuration error""" 
     33 
    3034class SOAPMiddleware(object): 
    3135    '''Middleware configurable to a given ZSI SOAP binding'''   
     
    6064        log.debug("SOAPMiddleware.__call__") 
    6165                         
     66        # Derived class must implement SOAP Response via overloaded version of 
     67        # this method.  ParsedSoap object is available as a key in environ via 
     68        # the parseRequest method 
     69         
     70        return self.writeResponse(environ, start_response) 
     71 
     72     
     73    def _initCall(self, environ, start_response): 
    6274        # Apply filter for calls 
    6375        if not self.isSOAPMessage(environ): 
     
    7890            return self.app(environ, start_response) 
    7991 
    80         self.parseRequest(environ) 
    81  
    82         # Derived class must implement SOAP Response via overloaded version of 
    83         # this method.  ParsedSoap object is available as a key in environ via 
    84         # the parseRequest method 
    85          
    86         return self.writeResponse(environ, start_response) 
     92        # Parse input into a ZSI ParsedSoap object set as a key in environ 
     93        try: 
     94            self.parseRequest(environ) 
     95        except Exception, e: 
     96            sw = self.exception2SOAPFault(environ, e) 
     97            self.setSOAPWriter(environ, sw) 
     98            return self.writeResponse(environ, start_response) 
     99         
     100        self.addFilter2Environ(environ) 
     101         
     102        # Return None to __call__ to indicate that it can proceed with  
     103        # processing the input 
     104        return None 
    87105 
    88106    @classmethod 
     
    191209        environ[SOAPMiddleware.soapWriterKey] = sw 
    192210 
    193  
     211    def addFilter2Environ(self, environ): 
     212        '''Add a key to the current application in the environment so that 
     213        other middleware can reference it.  This is dependent on filterID set 
     214        in app_conf''' 
     215        filterID = self.app_conf.get('filterID') 
     216        if filterID is not None:            
     217            if filterID in environ: 
     218                raise SOAPMiddlewareConfigError("An filterID key '%s' is " 
     219                                                "already set in environ" % \ 
     220                                                filterID) 
     221            environ[filterID] = self 
     222             
     223         
    194224class SOAPBindingMiddleware(SOAPMiddleware):   
    195225    '''Apply a ZSI ServiceSOAPBinding type SOAP service''' 
     
    220250                                hasattr(self.serviceSOAPBinding, '_wsdl') 
    221251 
     252        # Check for a list of other filters to be referenced by this one 
     253        if 'referencedFilters' in self.app_conf: 
     254            # __call__ will add any filters found to the service SOAP Binding 
     255            # - check this doesn't have a name clash with the attribute to be 
     256            # added 
     257            if hasattr(self.serviceSOAPBinding, 'referencedWSGIFilters'): 
     258                raise SOAPMiddlewareConfigError("Service SOAP binding class " 
     259                                                "%r already has an attribute " 
     260                                                "'referencedWSGIFilters'" % \ 
     261                                                self.serviceSOAPBinding) 
     262            self.referencedFilterKeys = \ 
     263                                    self.app_conf['referencedFilters'].split() 
    222264 
    223265    def __call__(self, environ, start_response): 
    224         log.debug("SOAPBindingMiddleware.__call__") 
    225                  
    226         if environ.get('REQUEST_METHOD') == 'GET' and \ 
     266        log.debug("SOAPBindingMiddleware.__call__ ...") 
     267                 
     268        if self.pathMatch(environ) and self.enableWSDLQuery and \ 
     269           environ.get('REQUEST_METHOD') == 'GET' and \ 
    227270           environ.get('QUERY_STRING') == 'wsdl': 
    228             if self.enableWSDLQuery: 
    229                 wsdl = self.serviceSOAPBinding._wsdl 
    230                 start_response("200 OK", [('Content-type', 'text/xml'), 
    231                                           ('Content-length', str(len(wsdl)))]) 
    232                 return wsdl 
     271            wsdl = self.serviceSOAPBinding._wsdl 
     272            start_response("200 OK", [('Content-type', 'text/xml'), 
     273                                      ('Content-length', str(len(wsdl)))]) 
     274            return wsdl 
    233275                 
    234276                 
    235277        # Apply filter for calls 
    236         if not self.isSOAPMessage(environ) or \ 
    237            not self.pathMatch(environ) or \ 
    238            self.isSOAPFaultSet(environ): 
    239             return self.app(environ, start_response) 
    240  
     278        response = self._initCall(environ, start_response) 
     279        if response is not None: 
     280            return response 
     281         
     282         
    241283        try: 
     284            # Other filters in the middleware chain may be passed by setting 
     285            # a reference to them in the config.  This is useful if the SOAP 
     286            # binding code needs to access results from upstream middleware  
     287            # e.g. check output from signature verification filter 
     288            if hasattr(self, 'referencedFilterKeys'): 
     289                self.serviceSOAPBinding.referencedWSGIFilters = \ 
     290                                    dict([(i, environ[i]) \ 
     291                                          for i in self.referencedFilterKeys]) 
     292                     
    242293            ps = self.parseRequest(environ) 
    243294             
  • TI12-security/trunk/python/ndg.security.server/ndg/security/server/wsgi/wssecurity.py

    r4185 r4233  
    4242        super(SignatureFilter, self).__init__(app, app_conf, **kw) 
    4343         
    44         wsseCfgFilePath = self.app_conf.get('wsseCfgFilePath') 
    45         if not wsseCfgFilePath: 
    46             raise WSSecurityFilterConfigError("No configuration file set") 
     44        wsseCfgFilePath = self.app_conf.get('wsseCfgFilePath')         
     45        wsseCfgFileSection = self.app_conf.get('wsseCfgFileSection') 
     46        wsseCfg = app_conf.copy() 
     47        wsseCfg.update(kw) 
    4748         
    48         self.signatureHandler = SignatureHandler(cfg=wsseCfgFilePath) 
     49        self.signatureHandler = SignatureHandler(cfg=wsseCfgFilePath, 
     50                                            cfgFileSection=wsseCfgFileSection, 
     51                                            **wsseCfg) 
    4952            
    5053     
     
    97100        log.debug("Verifying inbound message signature...") 
    98101 
     102        # Add a reference to this filter in environ so that other middleware 
     103        # can reference it 
     104        self.addFilter2Environ(environ) 
     105         
    99106        try: 
    100107            ps = self.parseRequest(environ) 
  • TI12-security/trunk/python/ndg.security.server/ndg/security/server/zsi/attributeauthority.py

    r4138 r4233  
     1"""ZSI Server side SOAP Binding for Attribute Authority Web Service 
     2 
     3NERC Data Grid Project""" 
     4__author__ = "P J Kershaw" 
     5__date__ = "11/06/08" 
     6__copyright__ = "(C) 2008 STFC & NERC" 
     7__license__ = \ 
     8"""This software may be distributed under the terms of the Q Public  
     9License, version 1.0 or later.""" 
     10__contact__ = "P.J.Kershaw@rl.ac.uk" 
     11__revision__ = '$Id$' 
    112import os, sys 
    213import base64 
     
    1324from ndg.security.common.wssecurity.dom import SignatureHandler 
    1425from ndg.security.common.X509 import X509Cert, X509CertRead 
    15  
    16 from ndgsecurity.config.soap import SOAPMiddleware 
    1726 
    1827 
     
    5261            # Get certificate corresponding to private key that signed the 
    5362            # message - i.e. the user's proxy 
    54             holderCert = WSSecurityHandler.signatureHandler.verifyingCert 
     63            signatureFilter = \ 
     64                self.referencedWSGIFilters['wsseSignatureVerificationFilter01'] 
     65            holderCert = signatureFilter.signatureHandler.verifyingCert 
    5566        else: 
    5667            # No signature from client - they must instead provide the 
Note: See TracChangeset for help on using the changeset viewer.