Changeset 4379


Ignore:
Timestamp:
29/10/08 10:32:28 (11 years ago)
Author:
pjkersha
Message:

Renamed CredWallet? module -> credentialwallet

Location:
TI12-security/trunk/python
Files:
1 edited
1 moved

Legend:

Unmodified
Added
Removed
  • TI12-security/trunk/python/ndg.security.common/ndg/security/common/credentialwallet.py

    r4378 r4379  
    1 """NDG Credentials Wallet 
     1"""NDG Credential Wallet 
    22 
    33NERC Data Grid Project 
     
    1010License, version 1.0 or later.""" 
    1111__contact__ = "P.J.Kershaw@rl.ac.uk" 
    12 __revision__ = '$Id$' 
     12__revision__ = '$Id:credentialwallet.py 4378 2008-10-29 10:30:14Z pjkersha $' 
    1313 
    1414import logging 
    1515log = logging.getLogger(__name__) 
    1616 
    17 # Temporary store of certificates for use with CredWallet getAttCert() 
     17# Temporary store of certificates for use with CredentialWallet getAttCert() 
    1818import tempfile 
    1919 
     
    2828aaImportError = True 
    2929try: 
    30     # AttAuthority client package resides with CredWallet module in  
     30    # AttAuthority client package resides with CredentialWallet module in  
    3131    # ndg.security.common 
    3232    from ndg.security.common.attributeauthority import AttributeAuthorityClient, \ 
     
    3535    aaImportError = False 
    3636except ImportError: 
    37     log.warning('Loading CredWallet without SOAP interface imports') 
     37    log.warning('Loading CredentialWallet without SOAP interface imports') 
    3838    pass 
    3939 
     
    4545    aaImportError = False 
    4646except: 
    47     log.warning('Loading CredWallet without Attribute Authority interface ' 
     47    log.warning('Loading CredentialWallet without Attribute Authority interface ' 
    4848                'imports') 
    4949    pass 
     
    6767 
    6868 
    69 class _CredWalletException(Exception):     
    70     """Generic Exception class for CredWallet module.  Overrides Exception to  
     69class _CredentialWalletException(Exception):     
     70    """Generic Exception class for CredentialWallet module.  Overrides Exception to  
    7171    enable writing to the log""" 
    7272    def __init__(self, msg): 
     
    7575 
    7676 
    77 class CredWalletError(_CredWalletException):     
     77class CredentialWalletError(_CredentialWalletException):     
    7878    """Exception handling for NDG Credential Wallet class.  Overrides Exception 
    7979    to enable writing to the log""" 
    8080 
    8181 
    82 class CredWalletAttributeRequestDenied(CredWalletError):     
    83     """Handling exception where CredWallet is denied authorisation by an 
     82class CredentialWalletAttributeRequestDenied(CredentialWalletError):     
     83    """Handling exception where CredentialWallet is denied authorisation by an 
    8484    Attribute Authority. 
    8585   
     
    110110        self.__extAttCertList = kw.pop('extAttCertList', []) 
    111111             
    112         CredWalletError.__init__(self, *args, **kw) 
     112        CredentialWalletError.__init__(self, *args, **kw) 
    113113 
    114114    def _getTrustedHostInfo(self): 
     
    132132 
    133133           
    134 class _MetaCredWallet(type): 
    135     """Enable CredWallet to have read only class variables e.g. 
    136      
    137     print CredWallet.accessDenied  
     134class _MetaCredentialWallet(type): 
     135    """Enable CredentialWallet to have read only class variables e.g. 
     136     
     137    print CredentialWallet.accessDenied  
    138138     
    139139    ... is allowed but, 
    140140     
    141     CredWallet.accessDenied = None 
     141    CredentialWallet.accessDenied = None 
    142142     
    143143    ... raises - AttributeError: can't set attribute""" 
     
    156156 
    157157 
    158 # CredWallet is a 'new-style' class inheriting from "object" and making use 
     158# CredentialWallet is a 'new-style' class inheriting from "object" and making use 
    159159# of new Get/Set methods for hiding of attributes 
    160 class CredWallet(object): 
     160class CredentialWallet(object): 
    161161    """Volatile store of user credentials associated with a user session 
    162162     
     
    266266    """ 
    267267 
    268     __metaclass__ = _MetaCredWallet 
     268    __metaclass__ = _MetaCredentialWallet 
    269269 
    270270    propertyDefaults = dict( 
     
    329329        from 
    330330        @type cfgPrefix: basestring 
    331         @param cfgPrefix: apply a prefix to all CredWallet config params so  
     331        @param cfgPrefix: apply a prefix to all CredentialWallet config params so  
    332332        that if placed in a file with other parameters they can be  
    333333        distinguished 
     
    335335        @param cfgKw: set parameters as key value pairs.""" 
    336336 
    337         log.debug("Calling CredWallet.__init__ ...") 
     337        log.debug("Calling CredentialWallet.__init__ ...") 
    338338 
    339339        # Initialise attributes - 1st protected ones 
    340         attr = {}.fromkeys(CredWallet._protectedAttrs) 
     340        attr = {}.fromkeys(CredentialWallet._protectedAttrs) 
    341341         
    342342        # ... then properties 
    343         attr.update(CredWallet.propertyDefaults) 
     343        attr.update(CredentialWallet.propertyDefaults) 
    344344        for k, v in attr.items(): 
    345345            try: 
     
    377377             
    378378            if not issubclass(self._credentialRepository,CredentialRepository): 
    379                 raise CredWalletError("Input Credential Repository instance " 
     379                raise CredentialWalletError("Input Credential Repository instance " 
    380380                                      "must be of a class derived from " 
    381381                                      "\"CredentialRepository\"") 
     
    405405            except Exception, e: 
    406406                try: 
    407                     raise CredWalletError("Error parsing Attribute Certificate" 
     407                    raise CredentialWalletError("Error parsing Attribute Certificate" 
    408408                                          " ID '%s' retrieved from the "  
    409409                                          "Credentials Repository: %s" %  
    410410                                          (cred.id, e))             
    411411                except: 
    412                     raise CredWalletError("Error parsing Attribute " 
     412                    raise CredentialWalletError("Error parsing Attribute " 
    413413                                          "Certificate retrieved from the " 
    414414                                          "Credentials Repository: %s:" % e) 
     
    431431        prop = readAndValidate(cfgFilePath, 
    432432                               cfg=self._cfg, 
    433                                validKeys=CredWallet.propertyDefaults, 
     433                               validKeys=CredentialWallet.propertyDefaults, 
    434434                               prefix=prefix, 
    435435                               sections=(section,)) 
     
    670670 
    671671        elif caCertFilePathList is not None: 
    672             raise CredWalletError("Input CA Certificate file path is not a " 
     672            raise CredentialWalletError("Input CA Certificate file path is not a " 
    673673                                  "valid string")       
    674674         
     
    706706 
    707707        elif sslCACertFilePathList is not None: 
    708             raise CredWalletError("Input CA Certificate file path is not a " 
     708            raise CredentialWalletError("Input CA Certificate file path is not a " 
    709709                                  "valid string")       
    710710         
     
    724724        @return: new Attribute Authority client instance""" 
    725725 
    726         log.debug('CredWallet._createAttributeAuthorityClnt for service: "%s"'% 
     726        log.debug('CredentialWallet._createAttributeAuthorityClnt for service: "%s"'% 
    727727                  attributeAuthorityURI) 
    728728 
     
    927927        # Check input 
    928928        if not isinstance(attCert, AttCert): 
    929             raise CredWalletError("Attribute Certificate must be an AttCert " 
     929            raise CredentialWalletError("Attribute Certificate must be an AttCert " 
    930930                                  "type object") 
    931931 
     
    935935             
    936936        except AttCertError, e: 
    937             raise CredWalletError("Adding Credential: %s" % e) 
     937            raise CredentialWalletError("Adding Credential: %s" % e) 
    938938         
    939939 
     
    981981        expired or are otherwise invalid.""" 
    982982 
    983         log.debug("CredWallet.audit ...") 
     983        log.debug("CredentialWallet.audit ...") 
    984984         
    985985        # Nb. No signature check is carried out.  To do a check, access is 
     
    10011001        removing invalid ones""" 
    10021002 
    1003         log.debug("CredWallet.updateCredentialRepository ...") 
     1003        log.debug("CredentialWallet.updateCredentialRepository ...") 
    10041004         
    10051005        if not self._credentialRepository: 
    1006             raise CredWalletError("No Credential Repository has been created " 
     1006            raise CredentialWalletError("No Credential Repository has been created " 
    10071007                                  "for this wallet") 
    10081008                             
     
    10391039        Attribute Authority""" 
    10401040       
    1041         log.debug("CredWallet._getAttCert ...") 
     1041        log.debug("CredentialWallet._getAttCert ...") 
    10421042         
    10431043        if attributeAuthorityClnt is None: 
     
    10631063                 
    10641064            except AttributeRequestDenied, e: 
    1065                 raise CredWalletAttributeRequestDenied, str(e) 
     1065                raise CredentialWalletAttributeRequestDenied, str(e) 
    10661066                             
    10671067        elif self.attributeAuthority is not None: 
     
    10821082                 
    10831083            except AttributeAuthorityAccessDenied, e: 
    1084                 raise CredWalletAttributeRequestDenied, str(e) 
     1084                raise CredentialWalletAttributeRequestDenied, str(e) 
    10851085                         
    10861086            except Exception, e: 
    1087                 raise CredWalletError("Requesting attribute certificate: %s"%e) 
     1087                raise CredentialWalletError("Requesting attribute certificate: %s"%e) 
    10881088 
    10891089        else: 
    1090             raise CredWalletError("Error requesting attribute: certificate a " 
     1090            raise CredentialWalletError("Error requesting attribute: certificate a " 
    10911091                                  "URI or Attribute Authority configuration " 
    10921092                                  "file must be specified") 
     
    10961096        # for signature check in addCredential() 
    10971097        if self._caCertFilePathList is None: 
    1098             raise CredWalletError("No CA certificate has been set") 
     1098            raise CredentialWalletError("No CA certificate has been set") 
    10991099         
    11001100        attCert.certFilePathList = self._caCertFilePathList 
     
    11301130        """ 
    11311131         
    1132         log.debug('CredWallet.getAATrustedHostInfo for role "%s" and service: ' 
     1132        log.debug('CredentialWallet.getAATrustedHostInfo for role "%s" and service: ' 
    11331133                  '"%s"' % (userRole, attributeAuthorityURI or attributeAuthority)) 
    11341134        if attributeAuthorityURI: 
     
    11611161 
    11621162        else: 
    1163             raise CredWalletError("Error requesting trusted hosts info: "  
     1163            raise CredentialWalletError("Error requesting trusted hosts info: "  
    11641164                                  "a URI or Attribute Authority "  
    11651165                                  "configuration file must be specified") 
     
    12261226        altered 
    12271227 
    1228         The list is returned via CredWalletAttributeRequestDenied exception 
     1228        The list is returned via CredentialWalletAttributeRequestDenied exception 
    12291229        If no value is set, the default value held in  
    12301230        self.mapFromTrustedHosts is used 
     
    12411241        is used. 
    12421242                                 
    1243         The list is returned via a CredWalletAttributeRequestDenied exception  
     1243        The list is returned via a CredentialWalletAttributeRequestDenied exception  
    12441244        object. 
    12451245                                 
     
    12771277        @return: Attribute Certificate retrieved from Attribute Authority""" 
    12781278         
    1279         log.debug("CredWallet.getAttCert ...") 
     1279        log.debug("CredentialWallet.getAttCert ...") 
    12801280         
    12811281        # Both these assignments are calling set property methods implicitly! 
     
    12921292            # Find out the site ID for the target AA by calling AA's host 
    12931293            # info WS method 
    1294             log.debug("CredWallet.getAttCert - check AA site ID ...") 
     1294            log.debug("CredentialWallet.getAttCert - check AA site ID ...") 
    12951295             
    12961296            try: 
     
    12981298                aaName = hostInfo.keys()[0] 
    12991299            except Exception, e: 
    1300                 raise CredWalletError("Getting host info: %s" % e) 
     1300                raise CredentialWalletError("Getting host info: %s" % e) 
    13011301             
    13021302            # Look in the wallet for an AC with the same issuer name 
     
    13331333             
    13341334            if not self.mapFromTrustedHosts: 
    1335                 raise CredWalletError("A list of trusted hosts has been "  
     1335                raise CredentialWalletError("A list of trusted hosts has been "  
    13361336                                      "input but mapping from trusted hosts " 
    13371337                                      "is set to disallowed") 
     
    13801380                    pass 
    13811381 
    1382                 raise CredWalletAttributeRequestDenied, errMsg 
     1382                raise CredentialWalletAttributeRequestDenied, errMsg 
    13831383                                                     
    13841384                 
     
    13891389                return attCert 
    13901390             
    1391             except CredWalletAttributeRequestDenied, attributeRequestDenied: 
     1391            except CredentialWalletAttributeRequestDenied, attributeRequestDenied: 
    13921392                if not self.mapFromTrustedHosts and not self.rtnExtAttCertList: 
    13931393                    # Creating a mapped certificate is not allowed - raise 
     
    14121412                                            attributeAuthority=attributeAuthority) 
    14131413                except NoMatchingRoleInTrustedHosts, e: 
    1414                     raise CredWalletAttributeRequestDenied( 
     1414                    raise CredentialWalletAttributeRequestDenied( 
    14151415                        'Can\'t get a mapped Attribute Certificate for ' 
    14161416                        'the "%s" role' % reqRole) 
    14171417                 
    14181418                except Exception, e: 
    1419                     raise CredWalletError, "Getting trusted hosts: %s" % e 
     1419                    raise CredentialWalletError, "Getting trusted hosts: %s" % e 
    14201420 
    14211421                if not trustedHostInfo: 
    1422                     raise CredWalletAttributeRequestDenied( 
     1422                    raise CredentialWalletAttributeRequestDenied( 
    14231423                        "Attribute Authority has no trusted hosts with " 
    14241424                        "which to make a mapping") 
     
    14811481                     
    14821482                if not extAttCertList:                         
    1483                     raise CredWalletAttributeRequestDenied, \ 
     1483                    raise CredentialWalletAttributeRequestDenied, \ 
    14841484                        "No certificates are available with which to " + \ 
    14851485                        "make a mapping to the Attribute Authority" 
     
    14951495                          "trusted hosts" 
    14961496                           
    1497                     raise CredWalletAttributeRequestDenied(msg, 
     1497                    raise CredentialWalletAttributeRequestDenied(msg, 
    14981498                                            extAttCertList=extAttCertList, 
    14991499                                            trustedHostInfo=trustedHostInfo)             
    15001500 
    15011501 
    1502 class CredentialRepositoryError(_CredWalletException):    
     1502class CredentialRepositoryError(_CredentialWalletException):    
    15031503    """Exception handling for NDG Credential Repository class.""" 
    15041504 
    15051505 
    15061506class CredentialRepository: 
    1507     """CredWallet's abstract interface class to a Credential Repository.  The 
     1507    """CredentialWallet's abstract interface class to a Credential Repository.  The 
    15081508    Credential Repository is abstract store of user currently valid user 
    15091509    credentials.  It enables retrieval of attribute certificates from a user's 
Note: See TracChangeset for help on using the changeset viewer.