Ignore:
Timestamp:
18/11/08 12:34:25 (12 years ago)
Author:
pjkersha
Message:

Working Session Manager client unit tests for WSGI based Session Manager

  • removed getX509Cert operation from WSDL - no longer needed
  • fix to prefix keyword for ConfigFileParsers? ini file parsing.
Location:
TI12-security/trunk/python/ndg.security.test/ndg/security/test/sessionmanagerclient
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • TI12-security/trunk/python/ndg.security.test/ndg/security/test/sessionmanagerclient/sessionMgrClientTest.cfg

    r4406 r4437  
    2121sslCACertFilePathList = $NDGSEC_SMCLNT_UNITTEST_DIR/ca/ndg-test-ca.crt 
    2222 
    23 [test1Connect]  
     23[test01Connect]  
    2424username = testuser 
    2525passphrase = testpassword 
    2626 
    27 [test3ConnectNoCreateServerSess]          
     27[test03ConnectNoCreateServerSess]          
    2828username = testuser 
    2929passphrase = testpassword 
    3030 
    31 [test6GetAttCertWithSessID] 
     31[test06GetAttCertWithSessID] 
    3232aaURI = http://localhost:5000/AttributeAuthority 
    3333acOutFilePath = $NDGSEC_SMCLNT_UNITTEST_DIR/ac-out.xml 
    3434 
    35 [test7GetAttCertRefusedWithSessID] 
     35[test07GetAttCertRefusedWithSessID] 
    3636aaURI = http://localhost:5100/AttributeAuthority 
    3737 
    38 [test6bGetMappedAttCertWithSessID] 
     38[test08GetMappedAttCertWithSessID] 
    3939aaURI = http://localhost:5100/AttributeAuthority 
    4040 
    41 [test6cGetAttCertWithExtAttCertListWithSessID] 
     41[test09GetAttCertWithExtAttCertListWithSessID] 
    4242aaURI = http://localhost:5100/AttributeAuthority 
    4343# Use output from test6GetAttCertWithSessID! 
    4444extACFilePath = $NDGSEC_SMCLNT_UNITTEST_DIR/ac-out.xml 
    4545 
    46 [test7GetAttCertWithUserCert] 
     46[test10GetAttCertWithUserX509Cert] 
    4747aaURI = http://localhost:5000/AttributeAuthority 
    4848 
  • TI12-security/trunk/python/ndg.security.test/ndg/security/test/sessionmanagerclient/test_sessionmanagerclient.py

    r4407 r4437  
    4141    pemPat = "-----BEGIN CERTIFICATE-----[^\-]*-----END CERTIFICATE-----" 
    4242         
    43     test2Passphrase = None 
    44     test3Passphrase = None 
     43    test01Passphrase = None 
     44    test03Passphrase = None 
    4545 
    4646    def _getCertChainFromProxyCertFile(self, certChainFilePath): 
     
    101101         
    102102 
    103     def test1Connect(self): 
    104         """test1Connect: Connect as if acting as a browser client -  
     103    def test01Connect(self): 
     104        """test01Connect: Connect as if acting as a browser client -  
    105105        a session ID is returned""" 
    106106         
    107         username = self.cfg['test1Connect']['username'] 
    108          
    109         if SessionManagerClientTestCase.test2Passphrase is None: 
    110             SessionManagerClientTestCase.test2Passphrase = \ 
    111                                     self.cfg['test1Connect'].get('passphrase') 
    112          
    113         if not SessionManagerClientTestCase.test2Passphrase: 
    114             SessionManagerClientTestCase.test2Passphrase = getpass.getpass(\ 
    115                 prompt="\ntest1Connect pass-phrase for user %s: " % username) 
     107        username = self.cfg['test01Connect']['username'] 
     108         
     109        if SessionManagerClientTestCase.test01Passphrase is None: 
     110            SessionManagerClientTestCase.test01Passphrase = \ 
     111                                    self.cfg['test01Connect'].get('passphrase') 
     112         
     113        if not SessionManagerClientTestCase.test01Passphrase: 
     114            SessionManagerClientTestCase.test01Passphrase = getpass.getpass(\ 
     115                prompt="\ntest01Connect pass-phrase for user %s: " % username) 
    116116 
    117117        self.userX509Cert, self.userPriKey, self.issuingCert, self.sessID = \ 
    118             self.clnt.connect(self.cfg['test1Connect']['username'],  
    119                     passphrase=SessionManagerClientTestCase.test2Passphrase) 
     118            self.clnt.connect(self.cfg['test01Connect']['username'],  
     119                    passphrase=SessionManagerClientTestCase.test01Passphrase) 
    120120 
    121121        print("User '%s' connected to Session Manager:\n%s" % (username,  
     
    123123             
    124124             
    125     def test2GetSessionStatus(self): 
    126         """test2GetSessionStatus: check a session is alive""" 
    127         print "\n\t" + self.test2GetSessionStatus.__doc__ 
    128          
    129         self.test1Connect() 
     125    def test02GetSessionStatus(self): 
     126        """test02GetSessionStatus: check a session is alive""" 
     127        print "\n\t" + self.test02GetSessionStatus.__doc__ 
     128         
     129        self.test01Connect() 
    130130        assert self.clnt.getSessionStatus(sessID=self.sessID),"Session is dead" 
    131131                 
     
    138138 
    139139 
    140     def test3ConnectNoCreateServerSess(self): 
    141         """test3ConnectNoCreateServerSess: Connect without creating a session -  
     140    def test03ConnectNoCreateServerSess(self): 
     141        """test03ConnectNoCreateServerSess: Connect without creating a session -  
    142142        sessID should be None.  This only indicates that the username/password 
    143143        are correct.  To be of practical use the AuthNService plugin at 
     
    145145        with MyProxy plugin.""" 
    146146 
    147         username = self.cfg['test3ConnectNoCreateServerSess']['username'] 
    148          
    149         if SessionManagerClientTestCase.test3Passphrase is None: 
    150             SessionManagerClientTestCase.test3Passphrase = \ 
    151                 self.cfg['test3ConnectNoCreateServerSess'].get('passphrase') 
     147        username = self.cfg['test03ConnectNoCreateServerSess']['username'] 
     148         
     149        if SessionManagerClientTestCase.test03Passphrase is None: 
     150            SessionManagerClientTestCase.test03Passphrase = \ 
     151                self.cfg['test03ConnectNoCreateServerSess'].get('passphrase') 
    152152                 
    153         if not SessionManagerClientTestCase.test3Passphrase: 
    154             prompt="\ntest3ConnectNoCreateServerSess pass-phrase for user %s: " 
    155             SessionManagerClientTestCase.test3Passphrase = getpass.getpass(\ 
     153        if not SessionManagerClientTestCase.test03Passphrase: 
     154            prompt="\ntest03ConnectNoCreateServerSess pass-phrase for user %s: " 
     155            SessionManagerClientTestCase.test03Passphrase = getpass.getpass(\ 
    156156                                                    prompt=prompt % username) 
    157157             
    158158        userX509Cert, userPriKey,issuingCert, sessID = \ 
    159159            self.clnt.connect(username,  
    160                       passphrase=SessionManagerClientTestCase.test3Passphrase, 
     160                      passphrase=SessionManagerClientTestCase.test03Passphrase, 
    161161                      createServerSess=False) 
    162162         
     
    167167             
    168168 
    169     def test4DisconnectWithSessID(self): 
    170         """test4DisconnectWithSessID: disconnect as if acting as a browser  
     169    def test04DisconnectWithSessID(self): 
     170        """test04DisconnectWithSessID: disconnect as if acting as a browser  
    171171        client  
    172172        """ 
    173173         
    174         print "\n\t" + self.test4DisconnectWithSessID.__doc__ 
    175         self.test1Connect() 
     174        print "\n\t" + self.test04DisconnectWithSessID.__doc__ 
     175        self.test01Connect() 
    176176         
    177177        self.clnt.disconnect(sessID=self.sessID) 
     
    180180             
    181181 
    182     def test5DisconnectWithUserX509Cert(self): 
    183         """test5DisconnectWithUserX509Cert: Disconnect as a command line client  
     182    def test05DisconnectWithUserX509Cert(self): 
     183        """test05DisconnectWithUserX509Cert: Disconnect as a command line client  
    184184        """ 
    185185         
    186         print "\n\t" + self.test5DisconnectWithUserX509Cert.__doc__ 
    187         self.test1Connect() 
     186        print "\n\t" + self.test05DisconnectWithUserX509Cert.__doc__ 
     187        self.test01Connect() 
    188188         
    189189        # Use user cert / private key just obtained from connect call for 
     
    198198            self.clnt.signatureHandler.reqBinSecTokValType = 'X509v3' 
    199199            self.clnt.signatureHandler.signingPriKeyPwd = \ 
    200                 SessionManagerClientTestCase.test2Passphrase 
     200                SessionManagerClientTestCase.test01Passphrase 
    201201            self.clnt.signatureHandler.signingPriKey = self.userPriKey         
    202202            self.clnt.signatureHandler.signingCertChain = () 
     
    208208 
    209209 
    210     def test6GetAttCertWithSessID(self): 
    211         """test6GetAttCertWithSessID: make an attribute request using 
     210    def test06GetAttCertWithSessID(self): 
     211        """test06GetAttCertWithSessID: make an attribute request using 
    212212        a session ID as authentication credential""" 
    213213 
    214         print "\n\t" + self.test6GetAttCertWithSessID.__doc__ 
    215         thisSection = self.cfg['test6GetAttCertWithSessID']       
    216         self.test1Connect() 
     214        print "\n\t" + self.test06GetAttCertWithSessID.__doc__ 
     215        thisSection = self.cfg['test06GetAttCertWithSessID']       
     216        self.test01Connect() 
    217217         
    218218        attCert = self.clnt.getAttCert(sessID=self.sessID,  
     
    224224 
    225225 
    226     def test7GetAttCertRefusedWithSessID(self): 
    227         """test7GetAttCertRefusedWithSessID: make an attribute request using 
     226    def test07GetAttCertRefusedWithSessID(self): 
     227        """test07GetAttCertRefusedWithSessID: make an attribute request using 
    228228        a sessID as authentication credential requesting an AC from an 
    229229        Attribute Authority where the user is NOT registered""" 
    230230 
    231         print "\n\t" + self.test7GetAttCertRefusedWithSessID.__doc__         
    232         self.test1Connect() 
    233          
    234         aaURI = self.cfg['test7GetAttCertRefusedWithSessID']['aaURI'] 
     231        print "\n\t" + self.test07GetAttCertRefusedWithSessID.__doc__         
     232        self.test01Connect() 
     233         
     234        aaURI = self.cfg['test07GetAttCertRefusedWithSessID']['aaURI'] 
    235235         
    236236        try: 
     
    245245 
    246246 
    247     def test8GetMappedAttCertWithSessID(self): 
    248         """test8GetMappedAttCertWithSessID: make an attribute request using 
     247    def test08GetMappedAttCertWithSessID(self): 
     248        """test08GetMappedAttCertWithSessID: make an attribute request using 
    249249        a session ID as authentication credential""" 
    250250 
    251         print "\n\t" + self.test8GetMappedAttCertWithSessID.__doc__         
    252         self.test1Connect() 
    253          
    254         aaURI = self.cfg['test8GetMappedAttCertWithSessID']['aaURI'] 
     251        print "\n\t" + self.test08GetMappedAttCertWithSessID.__doc__         
     252        self.test01Connect() 
     253         
     254        aaURI = self.cfg['test08GetMappedAttCertWithSessID']['aaURI'] 
    255255         
    256256        attCert=self.clnt.getAttCert(sessID=self.sessID, attAuthorityURI=aaURI) 
     
    259259 
    260260 
    261     def test9GetAttCertWithExtAttCertListWithSessID(self): 
    262         """test9GetAttCertWithExtAttCertListWithSessID: make an attribute  
     261    def test09GetAttCertWithExtAttCertListWithSessID(self): 
     262        """test09GetAttCertWithExtAttCertListWithSessID: make an attribute  
    263263        request usinga session ID as authentication credential""" 
    264264         
    265         print "\n\t" + self.test9GetAttCertWithExtAttCertListWithSessID.__doc__         
    266         self.test1Connect() 
    267         thisSection = self.cfg['test9GetAttCertWithExtAttCertListWithSessID'] 
     265        print "\n\t"+self.test09GetAttCertWithExtAttCertListWithSessID.__doc__         
     266        self.test01Connect() 
     267        thisSection = self.cfg['test09GetAttCertWithExtAttCertListWithSessID'] 
    268268         
    269269        aaURI = thisSection['aaURI'] 
    270270         
    271         # Use output from test6GetAttCertWithSessID! 
     271        # Use output from test06GetAttCertWithSessID! 
    272272        extACFilePath = xpdVars(thisSection['extACFilePath']) 
    273273        extAttCert = open(extACFilePath).read() 
     
    284284        a user cert as authentication credential""" 
    285285        print "\n\t" + self.test10GetAttCertWithUserX509Cert.__doc__ 
    286         self.test1Connect() 
     286        self.test01Connect() 
    287287 
    288288        if self.issuingCert: 
    289289            self.clnt.signatureHandler.reqBinSecTokValType = 'X509PKIPathv1' 
     290            self.clnt.signatureHandler.signingPriKeyPwd = \ 
     291                                SessionManagerClientTestCase.test01Passphrase 
    290292            self.clnt.signatureHandler.signingPriKey = self.userPriKey         
    291293            self.clnt.signatureHandler.signingCertChain = (self.issuingCert, 
     
    294296        else: 
    295297            self.clnt.signatureHandler.reqBinSecTokValType = 'X509v3' 
     298            self.clnt.signatureHandler.signingPriKeyPwd = \ 
     299                                SessionManagerClientTestCase.test01Passphrase 
    296300            self.clnt.signatureHandler.signingPriKey = self.userPriKey         
    297301            self.clnt.signatureHandler.signingCertChain = () 
     
    305309           
    306310        print("Attribute Certificate:\n%s" % attCert)   
    307  
    308  
    309     def test11GetX509Cert(self): 
    310         "test11GetX509Cert: return the Session Manager's X.509 Cert." 
    311         cert = self.clnt.getX509Cert() 
    312                                               
    313         print("Session Manager X.509 Certificate:\n" + cert) 
    314311             
    315312             
     
    319316        map = map(SessionManagerClientTestCase, 
    320317                  ( 
    321                     "test1Connect", 
    322                     "test2GetSessionStatus", 
    323                     "test3ConnectNoCreateServerSess", 
    324                     "test4DisconnectWithSessID", 
    325                     "test5DisconnectWithUserX509Cert", 
    326                     "test6GetAttCertWithSessID", 
    327                     "test8GetMappedAttCertWithSessID", 
    328                     "test9GetAttCertWithExtAttCertListWithSessID", 
     318                    "test01Connect", 
     319                    "test02GetSessionStatus", 
     320                    "test03ConnectNoCreateServerSess", 
     321                    "test04DisconnectWithSessID", 
     322                    "test05DisconnectWithUserX509Cert", 
     323                    "test06GetAttCertWithSessID", 
     324                    "test08GetMappedAttCertWithSessID", 
     325                    "test09GetAttCertWithExtAttCertListWithSessID", 
    329326                    "test10GetAttCertWithUserX509Cert", 
    330                     "test11GetX509Cert", 
    331327                  )) 
    332328        unittest.TestSuite.__init__(self, map) 
  • TI12-security/trunk/python/ndg.security.test/ndg/security/test/sessionmanagerclient/wsgi/session-manager.ini

    r4406 r4437  
    1212 
    1313[DEFAULT] 
    14 # WS-Security settings in THIS file 
     14# WS-Security settings in THIS file to enable the Signature Handler to verify 
     15# incoming messages and sign outbound messages.   
    1516wsseCfgFilePath = %(here)s/session-manager.ini 
    1617wsseCfgFileSection = WS-Security 
     
    3637# 
    3738# CA certificates for Attribute Certificate signature validation 
    38 sessionManager.credentialWallet.caCertFilePathList=$NDGSEC_SM_UNITTEST_DIR/ca/ndg-test-ca.crt 
     39sessionManager.credentialWallet.caCertFilePathList=$NDGSEC_SMCLNT_UNITTEST_DIR/ca/ndg-test-ca.crt 
    3940 
    4041# CA certificates for SSL connection peer cert. validation - required if 
    4142# connecting to an Attribute Authority over SSL 
    42 sessionManager.credentialWallet.sslCACertFilePathList=$NDGSEC_SM_UNITTEST_DIR/ca/ndg-test-ca.crt 
     43sessionManager.credentialWallet.sslCACertFilePathList=$NDGSEC_SMCLNT_UNITTEST_DIR/ca/ndg-test-ca.crt 
    4344 
    4445# Allow Get Attribute Certificate calls to try to get a mapped certificate 
     
    5152credentialWallet.attCertRefreshElapse=7200 
    5253 
    53 # Pointer to WS-Security settings.  IN this case, they're identified by a  
    54 # prefix.   
     54# Pointer to WS-Security settings.  These WS-Security settings are for use 
     55# by user credential wallets held in user sessions hosted by the Session 
     56# Manager.  They enable individual wallets to query Attribute Authorities for 
     57# user Attribute Certificates.  Nb. the difference between these settings and 
     58# the WS-Security section for handling requests to the Session Manager. 
     59# 
     60# Settings are identified by a prefix.   
    5561sessionManager.credentialWallet.wssCfgPrefix=sessionManager.credentialWallet.wssecurity 
    5662 
     
    6470# The CA certificates of other NDG trusted sites should go here.  NB, multiple 
    6571# values should be delimited by a space 
    66 sessionManager.credentialWallet.wssecurity.caCertFilePathList: $NDGSEC_SM_UNITTEST_DIR/ca/ndg-test-ca.crt 
     72sessionManager.credentialWallet.wssecurity.caCertFilePathList: $NDGSEC_SMCLNT_UNITTEST_DIR/ca/ndg-test-ca.crt 
    6773 
    6874# Signature of an outbound message 
     
    7480 
    7581# PEM encoded cert 
    76 sessionManager.credentialWallet.wssecurity.signingCertFilePath: $NDGSEC_SM_UNITTEST_DIR/sm.crt 
     82sessionManager.credentialWallet.wssecurity.signingCertFilePath: $NDGSEC_SMCLNT_UNITTEST_DIR/sm.crt 
    7783 
    7884# ... or provide file path to PEM encoded private key file 
    79 sessionManager.credentialWallet.wssecurity.signingPriKeyFilePath: $NDGSEC_SM_UNITTEST_DIR/sm.key 
     85sessionManager.credentialWallet.wssecurity.signingPriKeyFilePath: $NDGSEC_SMCLNT_UNITTEST_DIR/sm.key 
    8086 
    8187# Set the ValueType for the BinarySecurityToken added to the WSSE header for a 
Note: See TracChangeset for help on using the changeset viewer.