Ignore:
Timestamp:
30/09/08 16:17:36 (12 years ago)
Author:
pjkersha
Message:

Fix to WSGI based WS-Security - make ApplySignatureFilter? WSGI reference SignatureVerificationFilter? to enable the client signature value to be copied to support WSSE 1.1 Signatue Confirmation

Location:
TI12-security/trunk/python/ndg.security.test/ndg/security/test
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • TI12-security/trunk/python/ndg.security.test/ndg/security/test/attAuthority/AttAuthorityClientTest.py

    r4246 r4254  
    115115        try: 
    116116            trustedHostInfo = self.siteAClnt.getTrustedHostInfo(_cfg['role']) 
     117            self.fail("Expecting NoMatchingRoleInTrustedHosts exception") 
     118             
    117119        except NoMatchingRoleInTrustedHosts, e: 
    118120            print 'As expected - no match for role "%s": %s' % \ 
  • TI12-security/trunk/python/ndg.security.test/ndg/security/test/attAuthority/wsgi/site-a.ini

    r4245 r4254  
    8282[filter:wsseSignatureFilter] 
    8383paste.filter_app_factory = ndg.security.server.wsgi.wssecurity:ApplySignatureFilter 
     84 
     85# Reference the verification filter in order to be able to apply signature 
     86# confirmation 
     87referencedFilters = wsseSignatureVerificationFilter01 
     88 
    8489# Last filter in chain SOAP handlers writes the response 
    8590writeResponse = True 
     
    9499# Certificate associated with private key used to sign a message.  The sign  
    95100# method will add this to the BinarySecurityToken element of the WSSE header.   
    96 signingCertFilePath=$NDGSEC_AACLNT_UNITTEST_DIR/siteA-aa.crt 
     101#signingCertFilePath=$NDGSEC_AACLNT_UNITTEST_DIR/siteA-aa.crt 
     102signingCertFilePath=$NDGSEC_AACLNT_UNITTEST_DIR/java-ca-server.crt 
    97103 
    98104# PEM encoded private key file 
    99 signingPriKeyFilePath=$NDGSEC_AACLNT_UNITTEST_DIR/siteA-aa.key 
     105#signingPriKeyFilePath=$NDGSEC_AACLNT_UNITTEST_DIR/siteA-aa.key 
     106signingPriKeyFilePath=$NDGSEC_AACLNT_UNITTEST_DIR/java-ca-server.key 
    100107 
    101108# Set the ValueType for the BinarySecurityToken added to the WSSE header for a 
     
    114121# For WSSE 1.1 - service returns signature confirmation containing signature  
    115122# value sent by client 
    116 applySignatureConfirmation=False 
     123applySignatureConfirmation=True 
    117124 
    118125# 
     
    120127 
    121128# Provide a space separated list of file paths 
    122 caCertFilePathList=$NDGSEC_AACLNT_UNITTEST_DIR/ca/ndg-test-ca.crt 
     129caCertFilePathList=$NDGSEC_AACLNT_UNITTEST_DIR/ca/ndg-test-ca.crt $NDGSEC_AACLNT_UNITTEST_DIR/ca/java-ca.crt 
     130 
    123131 
    124132# Logging configuration 
  • TI12-security/trunk/python/ndg.security.test/ndg/security/test/wsSecurity/server/echoServer.py

    r4129 r4254  
    1212from ZSI.ServiceContainer import GetSOAPContext 
    1313 
    14 from EchoService_services_server import \ 
    15     EchoService as _EchoService 
     14from EchoService_services_server import EchoService as _EchoService 
    1615 
    1716from ndg.security.common.wssecurity.dom import SignatureHandler 
     
    3130        # is set 
    3231        logging.basicConfig(level=logging.DEBUG, 
    33                         format='%(asctime)s %(filename)s:%(lineno)d %(levelname)s %(message)s') 
     32                            format='%(asctime)s %(filename)s:%(lineno)d ' 
     33                            '%(levelname)s %(message)s') 
    3434 
    3535        self.__debug = bool(os.environ.get('NDGSEC_INT_DEBUG')) 
     
    7070     
    7171    def authorize(self, auth_info, post, action): 
    72         '''Override default simply in order to display client request info''' 
     72        '''Override default simply to display client request info''' 
    7373        ctx = GetSOAPContext() 
    7474        print "-"*80 
Note: See TracChangeset for help on using the changeset viewer.