Ignore:
Timestamp:
06/10/08 13:34:17 (12 years ago)
Author:
pjkersha
Message:

Refactoring of CredWallet? - first working unit tests for new version + fixes to Attribute Authority ZSI WSDL gen code interface.

Location:
TI12-security/trunk/python/ndg.security.test/ndg/security/test
Files:
2 added
4 edited

Legend:

Unmodified
Added
Removed
  • TI12-security/trunk/python/ndg.security.test/ndg/security/test/attAuthority/wsgi/site-a.ini

    r4254 r4285  
    9999# Certificate associated with private key used to sign a message.  The sign  
    100100# method will add this to the BinarySecurityToken element of the WSSE header.   
    101 #signingCertFilePath=$NDGSEC_AACLNT_UNITTEST_DIR/siteA-aa.crt 
    102 signingCertFilePath=$NDGSEC_AACLNT_UNITTEST_DIR/java-ca-server.crt 
     101signingCertFilePath=$NDGSEC_AACLNT_UNITTEST_DIR/siteA-aa.crt 
     102#signingCertFilePath=$NDGSEC_AACLNT_UNITTEST_DIR/java-ca-server.crt 
    103103 
    104104# PEM encoded private key file 
    105 #signingPriKeyFilePath=$NDGSEC_AACLNT_UNITTEST_DIR/siteA-aa.key 
    106 signingPriKeyFilePath=$NDGSEC_AACLNT_UNITTEST_DIR/java-ca-server.key 
     105signingPriKeyFilePath=$NDGSEC_AACLNT_UNITTEST_DIR/siteA-aa.key 
     106#signingPriKeyFilePath=$NDGSEC_AACLNT_UNITTEST_DIR/java-ca-server.key 
    107107 
    108108# Set the ValueType for the BinarySecurityToken added to the WSSE header for a 
     
    127127 
    128128# Provide a space separated list of file paths 
    129 caCertFilePathList=$NDGSEC_AACLNT_UNITTEST_DIR/ca/ndg-test-ca.crt $NDGSEC_AACLNT_UNITTEST_DIR/ca/java-ca.crt 
     129caCertFilePathList=$NDGSEC_AACLNT_UNITTEST_DIR/ca/ndg-test-ca.crt 
     130#caCertFilePathList=$NDGSEC_AACLNT_UNITTEST_DIR/ca/ndg-test-ca.crt $NDGSEC_AACLNT_UNITTEST_DIR/ca/java-ca.crt 
    130131 
    131132 
  • TI12-security/trunk/python/ndg.security.test/ndg/security/test/credwallet/credWallet.cfg

    r4279 r4285  
    1010# version 1.0 or later. 
    1111[DEFAULT] 
    12 username=ndg-user 
    13 userCreds= 
    14 caCertFilePathList= 
    15 attributeAuthorityURI= 
    16 attributeAuthority= 
    17 credentialRepository= 
    18 mapFromTrustedHosts=False 
     12userId=ndg-user 
     13userX509Cert= 
     14userPriKey= 
     15issuingX509Cert= 
     16 
     17# CA certificates for Attribute Certificate signautre validation 
     18caCertFilePathList=$NDGSEC_CREDWALLET_UNITTEST_DIR/ca/ndg-test-ca.crt 
     19 
     20# CA certificates for SSL connection peer cert. validation 
     21sslCACertFilePathList=$NDGSEC_CREDWALLET_UNITTEST_DIR/ca/ndg-test-ca.crt 
     22 
     23# See attAuthority unit tests to get this service running 
     24#attributeAuthorityURI=http://localhost:5000/AttributeAuthority 
     25attributeAuthorityURI=http://localhost:4900/AttributeAuthority 
     26 
     27# Omit Credential Repository and use default NullCredentialRepository 
     28#credentialRepository= 
     29 
     30# Allow the Get Attribute Certificate call to try to get a mapped certificate 
     31# from another organisation trusted by the target Attribute Authority 
     32mapFromTrustedHosts=True 
    1933rtnExtAttCertList=True 
     34 
     35# Refresh an Attribute Certificate, if an existing one in the wallet has only 
     36# this length of time left before it expires 
    2037attCertRefreshElapse=7200 
     38 
     39# Section in this file from which to retrieve WS-Security settings for  
     40# digital signature of SOAP messages to Attribute Authorities 
     41wssCfgSection=WS-Security 
     42 
     43[WS-Security] 
     44# 
     45# OUTBOUND MESSAGE CONFIG 
     46 
     47# Signature of an outbound message 
     48 
     49# Certificate associated with private key used to sign a message.  The sign  
     50# method will add this to the BinarySecurityToken element of the WSSE header.   
     51# binSecTokValType attribute must be set to 'X509' or 'X509v3' ValueType.   
     52signingCertFilePath=$NDGSEC_CREDWALLET_UNITTEST_DIR/clnt.crt 
     53 
     54# ... or provide file path to PEM encoded private key file 
     55signingPriKeyFilePath=$NDGSEC_CREDWALLET_UNITTEST_DIR/clnt.key 
     56 
     57# Password protecting private key.  Leave blank if there is no password. 
     58signingPriKeyPwd= 
     59 
     60# Set the ValueType for the BinarySecurityToken added to the WSSE header for a 
     61# signed message.  See __setReqBinSecTokValType method and binSecTokValType  
     62# class variable for options - it may be one of X509, X509v3, X509PKIPathv1 or  
     63# give full namespace to alternative - see  
     64# ZSI.wstools.Namespaces.OASIS.X509TOKEN 
     65# 
     66# binSecTokValType determines whether signingCert or signingCertChain  
     67# attributes will be used. 
     68reqBinSecTokValType=X509v3 
     69 
     70# Add a timestamp element to an outbound message 
     71addTimestamp=True 
     72 
     73# For WSSE 1.1 - service returns signature confirmation containing signature  
     74# value sent by client 
     75applySignatureConfirmation=True 
     76 
     77# 
     78# INBOUND MESSAGE CONFIG 
     79 
     80# Provide a space separated list of file paths 
     81caCertFilePathList=$NDGSEC_CREDWALLET_UNITTEST_DIR/ca/ndg-test-ca.crt  
  • TI12-security/trunk/python/ndg.security.test/ndg/security/test/credwallet/credWalletTest.cfg

    r4279 r4285  
    1010# $Id:$ 
    1111[setUp] 
    12 propFilePath = $NDGSEC_CREDWALLET_UNITTEST_DIR/credWallet.cfg 
     12cfgFilePath = $NDGSEC_CREDWALLET_UNITTEST_DIR/credWallet.cfg 
  • TI12-security/trunk/python/ndg.security.test/ndg/security/test/credwallet/test_credwallet.py

    r4279 r4285  
    4949                                "credWalletTest.cfg") 
    5050        self.cfg.read(configFilePath) 
    51                      
    52         self.credWallet = CredWallet() 
    53          
    54  
    55     def test1SetAccessDenied(self): 
     51         
     52 
     53    def test1ReadOnlyClassVariables(self): 
    5654         
    5755        try: 
    58             self.credWallet.accessDenied = 'yes' 
    59             self.fail("accessDenied class variable must only be set to True/" 
    60                       "False") 
     56            CredWallet.accessDenied = 'yes' 
     57            self.fail("accessDenied class variable should be read-only") 
    6158        except Exception, e: 
    62             print("PASS - accessDenied must be set to True/False") 
    63              
    64         self.credWallet.accessDenied = True 
    65         self.credWallet.accessDenied = False 
     59            print("PASS - accessDenied class variable is read-only") 
     60 
     61        try: 
     62            CredWallet.accessGranted = False 
     63            self.fail("accessGranted class variable should be read-only") 
     64        except Exception, e: 
     65            print("PASS - accessGranted class variable is read-only") 
     66             
     67        assert(not CredWallet.accessDenied) 
     68        assert(CredWallet.accessGranted) 
     69         
    6670         
    6771    def test2SetAttributes(self): 
    68         self.credWallet.userX509Cert = \ 
     72         
     73        credWallet = CredWallet() 
     74        credWallet.userX509Cert = \ 
    6975'''-----BEGIN CERTIFICATE----- 
    7076MIICazCCAdSgAwIBAgICAPcwDQYJKoZIhvcNAQEEBQAwLzEMMAoGA1UEChMDTkRH 
     
    8389-----END CERTIFICATE----- 
    8490''' 
    85         print("userCert=%s" % self.credWallet.userX509Cert) 
    86         self.credWallet.username = 'ndg-user' 
    87         print("username=%s" % self.credWallet.username) 
     91        print("userCert=%s" % credWallet.userX509Cert) 
     92        credWallet.userId = 'ndg-user' 
     93        print("userId=%s" % credWallet.userId) 
    8894         
    8995        try: 
    90             self.credWallet.blah = 'blah blah' 
     96            credWallet.blah = 'blah blah' 
    9197            self.fail("Attempting to set attribute not in __slots__ class " 
    9298                      "variable should fail") 
     
    95101                  "not in __slots__ class variable") 
    96102             
    97         self.credWallet.userCreds=None, 
    98         self.credWallet.caCertFilePathList=None, 
    99         self.credWallet.attributeAuthorityURI=None, 
    100         self.credWallet.attributeAuthority=None, 
    101         self.credWallet.credentialRepository=None, 
    102         self.credWallet.mapFromTrustedHosts=False, 
    103         self.credWallet.rtnExtAttCertList=True, 
    104         self.credWallet.attCertRefreshElapse=7200, 
    105         self.credWallet.wssSignatureHandlerKw 
    106  
    107              
    108     def test3(self): 
    109         pass 
     103        credWallet.caCertFilePathList=None 
     104        credWallet.attributeAuthorityURI='http://localhost/AttributeAuthority' 
     105             
     106        credWallet.attributeAuthority = None 
     107        credWallet.credentialRepository = None 
     108        credWallet.mapFromTrustedHosts = False 
     109        credWallet.rtnExtAttCertList = True 
     110        credWallet.attCertRefreshElapse = 7200 
     111             
     112    def test3GetAttCertWithUserId(self): 
     113                     
     114        credWallet = CredWallet(cfg=self.cfg.get('setUp', 'cfgFilePath')) 
     115        attCert = credWallet.getAttCert() 
    110116     
    111117#    def test6GetAttCertWithSessID(self): 
Note: See TracChangeset for help on using the changeset viewer.