Changeset 4692 for TI12-security
- Timestamp:
- 19/12/08 16:39:57 (12 years ago)
- Location:
- TI12-security/trunk/python
- Files:
-
- 9 added
- 28 edited
Legend:
- Unmodified
- Added
- Removed
-
TI12-security/trunk/python/Tests/etreewss/client/clnt.crt
r4024 r4692 2 2 Data: 3 3 Version: 3 (0x2) 4 Serial Number: 2 43 (0xf3)4 Serial Number: 259 (0x103) 5 5 Signature Algorithm: md5WithRSAEncryption 6 6 Issuer: O=NDG, OU=BADC, CN=Test CA 7 7 Validity 8 Not Before: Dec 1 8 11:42:41 2007GMT9 Not After : Dec 1 7 11:42:41 2008GMT8 Not Before: Dec 16 15:19:45 2008 GMT 9 Not After : Dec 15 15:19:45 2013 GMT 10 10 Subject: O=NDG Security Test, OU=WS-Security Unittest, CN=client 11 11 Subject Public Key Info: … … 33 33 Exponent: 65537 (0x10001) 34 34 X509v3 extensions: 35 Netscape Cert Type: 35 Netscape Cert Type: 36 36 SSL Client, SSL Server, S/MIME, Object Signing 37 37 Signature Algorithm: md5WithRSAEncryption 38 c1:2b:11:0e:c3:fe:3e:f2:87:ee:48:e5:f1:29:9c:1f:a3:d8:39 eb:f9:3a:d4:af:75:c7:b4:39:e0:b2:83:5e:ee:71:7c:fc:28:40 73:fb:e4:62:7e:96:7b:f1:c3:b7:a4:94:b5:f7:41:a4:32:6a:41 16:4b:8c:60:36:0c:c1:79:62:51:aa:79:fa:1e:8c:a0:82:58:42 2 8:c6:cf:da:9b:79:eb:3a:f3:bf:e2:4a:8e:c2:f3:55:3f:b9:43 c6:0e:55:ea:a9:79:9e:3c:d2:d1:07:6c:81:90:2f:a9:54:ba:44 4a:7e:3c:f0:7c:86:c5:e0:b3:71:a5:48:a8:77:e3:83:b6:48:45 6d:7838 63:11:bf:8c:fe:88:3a:7d:12:1e:c1:ea:90:f6:11:33:f2:7d: 39 1d:2b:f3:22:3d:72:fb:1b:35:ed:cc:55:79:0e:98:13:41:cf: 40 44:5e:c7:88:75:08:b4:b2:2b:ad:11:0e:0b:2e:49:21:41:18: 41 6b:e9:2f:77:6d:27:4b:17:85:c8:fa:7b:91:45:97:a4:2d:f3: 42 24:4e:1e:be:c5:e5:bc:ca:fd:dc:b2:e9:e1:b1:8a:f0:c1:4f: 43 f9:c9:14:f8:c3:c2:98:66:fa:04:82:f1:8d:68:59:17:1f:f2: 44 bf:34:f7:c6:3c:85:9b:80:c6:bc:2f:66:2e:0e:f4:24:7c:d8: 45 9e:5f 46 46 -----BEGIN CERTIFICATE----- 47 MIICizCCAfSgAwIBAgICA PMwDQYJKoZIhvcNAQEEBQAwLzEMMAoGA1UEChMDTkRH48 MQ0wCwYDVQQLEwRCQURDMRAwDgYDVQQDEwdUZXN0IENBMB4XDTA 3MTIxODExNDI049 MVoXDTA4MTIxNzExNDI0MVowTDEaMBgGA1UEChMRTkRHIFNlY3VyaXR5IFRlc3Qx47 MIICizCCAfSgAwIBAgICAQMwDQYJKoZIhvcNAQEEBQAwLzEMMAoGA1UEChMDTkRH 48 MQ0wCwYDVQQLEwRCQURDMRAwDgYDVQQDEwdUZXN0IENBMB4XDTA4MTIxNjE1MTk0 49 NVoXDTEzMTIxNTE1MTk0NVowTDEaMBgGA1UEChMRTkRHIFNlY3VyaXR5IFRlc3Qx 50 50 HTAbBgNVBAsTFFdTLVNlY3VyaXR5IFVuaXR0ZXN0MQ8wDQYDVQQDEwZjbGllbnQw 51 51 ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCY7CFf5GAGGJEY38Vukj0U … … 55 55 mtvitXt9HJwdCZbPmPyxs6STvFHMZru1mY5dj1YWT8PBT5Svmpo/EEiL+TZctcXE 56 56 SRRSVxu99yRBJ0f9Nd8IPxtuyyIVX4+xfgOLrNoVQuIV5vKTCZh5RrWjpbk/0eqN 57 AgMBAAGjFTATMBEGCWCGSAGG+EIBAQQEAwIE8DANBgkqhkiG9w0BAQQFAAOBgQ DB58 KxEOw/4+8ofuSOXxKZwfo9jr+TrUr3XHtDngsoNe7nF8/Chz++RifpZ78cO3pJS1 59 90GkMmoWS4xgNgzBeWJRqnn6Hoygglgoxs/am3nrOvO/4kqOwvNVP7nGDlXqqXme 60 PNLRB2yBkC+pVLpKfjzwfIbF4LNxpUiod+ODtkhteA==57 AgMBAAGjFTATMBEGCWCGSAGG+EIBAQQEAwIE8DANBgkqhkiG9w0BAQQFAAOBgQBj 58 Eb+M/og6fRIeweqQ9hEz8n0dK/MiPXL7GzXtzFV5DpgTQc9EXseIdQi0siutEQ4L 59 LkkhQRhr6S93bSdLF4XI+nuRRZekLfMkTh6+xeW8yv3csunhsYrwwU/5yRT4w8KY 60 ZvoEgvGNaFkXH/K/NPfGPIWbgMa8L2YuDvQkfNieXw== 61 61 -----END CERTIFICATE----- -
TI12-security/trunk/python/Tests/etreewss/server/server.crt
r4024 r4692 2 2 Data: 3 3 Version: 3 (0x2) 4 Serial Number: 2 44 (0xf4)4 Serial Number: 260 (0x104) 5 5 Signature Algorithm: md5WithRSAEncryption 6 6 Issuer: O=NDG, OU=BADC, CN=Test CA 7 7 Validity 8 Not Before: Dec 1 8 13:58:09 2007GMT9 Not After : Dec 1 7 13:58:09 2008GMT8 Not Before: Dec 16 15:20:55 2008 GMT 9 Not After : Dec 15 15:20:55 2013 GMT 10 10 Subject: O=NDG Security Test, OU=WS-Security Unittest, CN=server 11 11 Subject Public Key Info: … … 33 33 Exponent: 65537 (0x10001) 34 34 X509v3 extensions: 35 Netscape Cert Type: 35 Netscape Cert Type: 36 36 SSL Client, SSL Server, S/MIME, Object Signing 37 37 Signature Algorithm: md5WithRSAEncryption 38 2b:b0:f6:d3:32:a7:61:d9:1e:07:39:8a:39:c9:7a:b4:dc:44:39 c3:50:ba:2b:67:f6:12:8a:c0:49:91:bd:f2:fb:3f:3f:a2:0e:40 21:5d:63:b6:73:90:2a:11:70:6b:d9:56:ce:29:b0:25:bb:13:41 2f:8a:9e:55:af:a0:7c:9e:73:96:81:17:09:1a:d0:30:f8:1c:42 34:34:ed:e3:7d:09:72:12:c7:37:37:8f:90:aa:79:55:6a:3a:43 28:2f:98:de:d0:06:42:3e:a2:5a:d2:f4:6f:5f:29:00:3d:b2:44 df:37:e7:17:f7:8a:a6:aa:82:e8:f9:21:47:84:9c:39:37:54:45 6d:1638 95:eb:24:bb:4e:4d:38:b8:0e:8d:0e:fa:27:61:0b:91:f7:9e: 39 a3:a7:a4:e0:d8:ba:57:3a:ee:df:54:50:80:26:19:f5:66:d7: 40 6c:83:64:eb:b3:1a:3b:dc:7a:08:49:db:3f:a1:9a:bf:03:08: 41 7f:b2:8c:28:eb:cf:79:d9:a3:f0:a4:7c:65:40:c5:fe:34:88: 42 7f:88:47:e2:4b:38:f4:d6:c6:91:69:9c:68:ca:ed:03:fc:fb: 43 83:c8:07:be:3c:33:be:24:87:aa:68:7f:38:18:e3:fc:97:ef: 44 8f:e4:6e:39:f8:3d:e2:97:91:4a:86:e8:39:52:01:b3:31:54: 45 d9:5d 46 46 -----BEGIN CERTIFICATE----- 47 MIICizCCAfSgAwIBAgICA PQwDQYJKoZIhvcNAQEEBQAwLzEMMAoGA1UEChMDTkRH48 MQ0wCwYDVQQLEwRCQURDMRAwDgYDVQQDEwdUZXN0IENBMB4XDTA 3MTIxODEzNTgw49 OVoXDTA4MTIxNzEzNTgwOVowTDEaMBgGA1UEChMRTkRHIFNlY3VyaXR5IFRlc3Qx47 MIICizCCAfSgAwIBAgICAQQwDQYJKoZIhvcNAQEEBQAwLzEMMAoGA1UEChMDTkRH 48 MQ0wCwYDVQQLEwRCQURDMRAwDgYDVQQDEwdUZXN0IENBMB4XDTA4MTIxNjE1MjA1 49 NVoXDTEzMTIxNTE1MjA1NVowTDEaMBgGA1UEChMRTkRHIFNlY3VyaXR5IFRlc3Qx 50 50 HTAbBgNVBAsTFFdTLVNlY3VyaXR5IFVuaXR0ZXN0MQ8wDQYDVQQDEwZzZXJ2ZXIw 51 51 ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKh5yGjF6lxe3OL/g1lZdq … … 55 55 FbpcpjemyU85R6h7K8Q7Wmoa841np+KRdMSnhQ6VX9PcgfcNdNEzsV+zxb7kblYq 56 56 JXUEDFWmNcJmdoWPUXwLtvdA3wwy15k+cvLVw3X4BmyTXrrK76uOjcroePMIJpHr 57 AgMBAAGjFTATMBEGCWCGSAGG+EIBAQQEAwIE8DANBgkqhkiG9w0BAQQFAAOBgQ Ar58 sPbTMqdh2R4HOYo5yXq03ETDULorZ/YSisBJkb3y+z8/og4hXWO2c5AqEXBr2VbO 59 KbAluxMvip5Vr6B8nnOWgRcJGtAw+Bw0NO3jfQlyEsc3N4+QqnlVajooL5je0AZC 60 PqJa0vRvXykAPbLfN+cX94qmqoLo+SFHhJw5N1RtFg==57 AgMBAAGjFTATMBEGCWCGSAGG+EIBAQQEAwIE8DANBgkqhkiG9w0BAQQFAAOBgQCV 58 6yS7Tk04uA6NDvonYQuR956jp6Tg2LpXOu7fVFCAJhn1Ztdsg2Trsxo73HoISds/ 59 oZq/Awh/sowo68952aPwpHxlQMX+NIh/iEfiSzj01saRaZxoyu0D/PuDyAe+PDO+ 60 JIeqaH84GOP8l++P5G45+D3il5FKhug5UgGzMVTZXQ== 61 61 -----END CERTIFICATE----- -
TI12-security/trunk/python/ndg.security.client/ndg/security/client/ndgSessionClient.py
r4680 r4692 123 123 parser.add_option("-r", 124 124 "--req-attr", 125 dest="att AuthorityURI",125 dest="attributeAuthorityURI", 126 126 help=\ 127 127 """Get a Session Manager to request authorisation from an Attribute Authority … … 358 358 # Don't exit here - req-autho may have been set too 359 359 360 if options.att AuthorityURI:360 if options.attributeAuthorityURI: 361 361 methodCall = True 362 362 … … 368 368 authResp = sessClnt.reqAuthorisation(\ 369 369 sessCookie=options.sessCookie, 370 aaWSDL=options.att AuthorityURI,370 aaWSDL=options.attributeAuthorityURI, 371 371 aaCert=options.aaCert, 372 372 mapFromTrustedHosts=options.mapFromTrustedHosts, -
TI12-security/trunk/python/ndg.security.common/ndg/security/common/authz/pdp/browse.py
r4680 r4692 406 406 try: 407 407 # Make request for attribute certificate 408 attCert = self.smClnt.getAttCert(att AuthorityURI=aaURI,408 attCert = self.smClnt.getAttCert(attributeAuthorityURI=aaURI, 409 409 sessID=self.userSessID, 410 410 reqRole=role) -
TI12-security/trunk/python/ndg.security.common/ndg/security/common/authz/pdp/proftp.py
r4680 r4692 303 303 try: 304 304 # Make request for attribute certificate 305 attCert = self.smClnt.getAttCert(att AuthorityURI=self.aaURI,305 attCert = self.smClnt.getAttCert(attributeAuthorityURI=self.aaURI, 306 306 sessID=self.userSessID) 307 307 return attCert -
TI12-security/trunk/python/ndg.security.common/ndg/security/common/sessionmanager.py
r4680 r4692 454 454 userX509Cert=None, 455 455 sessID=None, 456 att AuthorityURI=None,456 attributeAuthorityURI=None, 457 457 reqRole=None, 458 458 mapFromTrustedHosts=True, … … 483 483 userX509Cert in the case of a browser client. 484 484 485 @type att AuthorityURI: string486 @param att AuthorityURI: URI for Attribute Authority WS.485 @type attributeAuthorityURI: string 486 @param attributeAuthorityURI: URI for Attribute Authority WS. 487 487 488 488 @type reqRole: string … … 520 520 attCert, msg, extAttCertList = self.__srv.getAttCert(userX509Cert, 521 521 sessID, 522 att AuthorityURI,522 attributeAuthorityURI, 523 523 reqRole, 524 524 mapFromTrustedHosts, -
TI12-security/trunk/python/ndg.security.common/ndg/security/common/zsi/attributeauthority/AttributeAuthority_services.py
r4521 r4692 29 29 # no ws-addressing 30 30 31 # op: <ZSI.wstools.WSDLTools.Message instance at 0x84 fc98c>31 # op: <ZSI.wstools.WSDLTools.Message instance at 0x84c746c> 32 32 def getAttCert(self, userId,userX509Cert,userAttCert): 33 33 … … 46 46 return attCert,msg 47 47 48 # op: <ZSI.wstools.WSDLTools.Message instance at 0x84 fccac>48 # op: <ZSI.wstools.WSDLTools.Message instance at 0x84c778c> 49 49 def getHostInfo(self): 50 50 … … 64 64 return hostname,aaURI,aaDN,loginURI,loginServerDN,loginRequestServerDN 65 65 66 # op: <ZSI.wstools.WSDLTools.Message instance at 0x8 5037ec>66 # op: <ZSI.wstools.WSDLTools.Message instance at 0x84cf2cc> 67 67 def getTrustedHostInfo(self, role): 68 68 … … 78 78 return trustedHosts 79 79 80 # op: <ZSI.wstools.WSDLTools.Message instance at 0x8 50396c>80 # op: <ZSI.wstools.WSDLTools.Message instance at 0x84cf44c> 81 81 def getAllHostsInfo(self): 82 82 -
TI12-security/trunk/python/ndg.security.common/ndg/security/common/zsi/sessionmanager/SessionManager_services.py
r4513 r4692 29 29 # no ws-addressing 30 30 31 # op: <ZSI.wstools.WSDLTools.Message instance at 0x84 fad6c>31 # op: <ZSI.wstools.WSDLTools.Message instance at 0x84c784c> 32 32 def getSessionStatus(self, userDN,sessID): 33 33 … … 44 44 return isAlive 45 45 46 # op: <ZSI.wstools.WSDLTools.Message instance at 0x8 50208c>46 # op: <ZSI.wstools.WSDLTools.Message instance at 0x84c7b4c> 47 47 def connect(self, username,passphrase,createServerSess): 48 48 … … 63 63 return userX509Cert,userPriKey,issuingCert,sessID 64 64 65 # op: <ZSI.wstools.WSDLTools.Message instance at 0x8 502c0c>65 # op: <ZSI.wstools.WSDLTools.Message instance at 0x84cd6ec> 66 66 def disconnect(self, userX509Cert,sessID): 67 67 … … 77 77 return 78 78 79 # op: <ZSI.wstools.WSDLTools.Message instance at 0x8 502dac>80 def getAttCert(self, userX509Cert,sessID,att AuthorityURI,reqRole,mapFromTrustedHosts,rtnExtAttCertList,extAttCert,extTrustedHost):79 # op: <ZSI.wstools.WSDLTools.Message instance at 0x84cd88c> 80 def getAttCert(self, userX509Cert,sessID,attributeAuthorityURI,reqRole,mapFromTrustedHosts,rtnExtAttCertList,extAttCert,extTrustedHost): 81 81 82 82 request = getAttCertInputMsg() 83 83 request._userX509Cert = userX509Cert 84 84 request._sessID = sessID 85 request._att AuthorityURI = attAuthorityURI85 request._attributeAuthorityURI = attributeAuthorityURI 86 86 request._reqRole = reqRole 87 87 request._mapFromTrustedHosts = mapFromTrustedHosts -
TI12-security/trunk/python/ndg.security.common/ndg/security/common/zsi/sessionmanager/SessionManager_services_types.py
r4480 r4692 149 149 def __init__(self, **kw): 150 150 ns = ns0.getAttCert_Dec.schema 151 TClist = [ZSI.TC.String(pname="userX509Cert", aname="_userX509Cert", minOccurs=0, maxOccurs=1, nillable=False, typed=False, encoded=kw.get("encoded")), ZSI.TC.String(pname="sessID", aname="_sessID", minOccurs=0, maxOccurs=1, nillable=False, typed=False, encoded=kw.get("encoded")), ZSI.TC.String(pname="att AuthorityURI", aname="_attAuthorityURI", minOccurs=0, maxOccurs=1, nillable=False, typed=False, encoded=kw.get("encoded")), ZSI.TC.String(pname="reqRole", aname="_reqRole", minOccurs=0, maxOccurs=1, nillable=False, typed=False, encoded=kw.get("encoded")), ZSI.TC.Boolean(pname="mapFromTrustedHosts", aname="_mapFromTrustedHosts", minOccurs=1, maxOccurs=1, nillable=False, typed=False, encoded=kw.get("encoded")), ZSI.TC.Boolean(pname="rtnExtAttCertList", aname="_rtnExtAttCertList", minOccurs=1, maxOccurs=1, nillable=False, typed=False, encoded=kw.get("encoded")), ZSI.TC.String(pname="extAttCert", aname="_extAttCert", minOccurs=0, maxOccurs="unbounded", nillable=False, typed=False, encoded=kw.get("encoded")), ZSI.TC.String(pname="extTrustedHost", aname="_extTrustedHost", minOccurs=0, maxOccurs="unbounded", nillable=False, typed=False, encoded=kw.get("encoded"))]151 TClist = [ZSI.TC.String(pname="userX509Cert", aname="_userX509Cert", minOccurs=0, maxOccurs=1, nillable=False, typed=False, encoded=kw.get("encoded")), ZSI.TC.String(pname="sessID", aname="_sessID", minOccurs=0, maxOccurs=1, nillable=False, typed=False, encoded=kw.get("encoded")), ZSI.TC.String(pname="attributeAuthorityURI", aname="_attributeAuthorityURI", minOccurs=0, maxOccurs=1, nillable=False, typed=False, encoded=kw.get("encoded")), ZSI.TC.String(pname="reqRole", aname="_reqRole", minOccurs=0, maxOccurs=1, nillable=False, typed=False, encoded=kw.get("encoded")), ZSI.TC.Boolean(pname="mapFromTrustedHosts", aname="_mapFromTrustedHosts", minOccurs=1, maxOccurs=1, nillable=False, typed=False, encoded=kw.get("encoded")), ZSI.TC.Boolean(pname="rtnExtAttCertList", aname="_rtnExtAttCertList", minOccurs=1, maxOccurs=1, nillable=False, typed=False, encoded=kw.get("encoded")), ZSI.TC.String(pname="extAttCert", aname="_extAttCert", minOccurs=0, maxOccurs="unbounded", nillable=False, typed=False, encoded=kw.get("encoded")), ZSI.TC.String(pname="extTrustedHost", aname="_extTrustedHost", minOccurs=0, maxOccurs="unbounded", nillable=False, typed=False, encoded=kw.get("encoded"))] 152 152 kw["pname"] = ("urn:ndg:security:SessionManager","getAttCert") 153 153 kw["aname"] = "_getAttCert" … … 161 161 self._userX509Cert = None 162 162 self._sessID = None 163 self._att AuthorityURI = None163 self._attributeAuthorityURI = None 164 164 self._reqRole = None 165 165 self._mapFromTrustedHosts = None -
TI12-security/trunk/python/ndg.security.common/ndg/security/common/zsi/sessionmanager/sessionmanager.wsdl
r4480 r4692 68 68 <xsd:element name="userX509Cert" type="xsd:string" minOccurs="0" maxOccurs="1"/> 69 69 <xsd:element name="sessID" type="xsd:string" minOccurs="0" maxOccurs="1"/> 70 <xsd:element name="att AuthorityURI" type="xsd:string" minOccurs="0" maxOccurs="1"/>70 <xsd:element name="attributeAuthorityURI" type="xsd:string" minOccurs="0" maxOccurs="1"/> 71 71 <xsd:element name="reqRole" type="xsd:string" minOccurs="0" maxOccurs="1"/> 72 72 <xsd:element name="mapFromTrustedHosts" type="xsd:boolean" minOccurs="1" maxOccurs="1"/> -
TI12-security/trunk/python/ndg.security.server/ndg/security/server/paster_templates/default_deployment/services.ini_tmpl
r4688 r4692 20 20 # Attribute Authority settings 21 21 # 'name' setting MUST agree with map config file 'thisHost' name attribute 22 attributeAuthority.name: Site A22 attributeAuthority.name: ${attributeAuthorityID} 23 23 24 24 # Lifetime is measured in seconds … … 41 41 42 42 # Location of role mapping file 43 attributeAuthority.mapConfigFile: %(here)s/attributeauthority/ siteAMapConfig.xml43 attributeAuthority.mapConfigFile: %(here)s/attributeauthority/mapConfig.xml 44 44 45 45 # Settings for custom AAUserRoles derived class to get user roles for given … … 141 141 use = egg:Paste#http 142 142 host = 0.0.0.0 143 port = 5000143 port = 8000 144 144 145 145 [app:mainApp] … … 160 160 set debug = false 161 161 162 configfile = %(here)s/singleSignOnService/sso.cfg 163 #configfile = /home/pjkersha/workspace/security/python/ndg.security.server/ndg/security/server/sso/sso.cfg 162 configfile = %(here)s/sso/sso.cfg 164 163 165 164 # AuthKit Set-up … … 301 300 # Certificate associated with private key used to sign a message. The sign 302 301 # method will add this to the BinarySecurityToken element of the WSSE header. 303 wssecurity.signingCertFilePath=%(here)s/ server.crt302 wssecurity.signingCertFilePath=%(here)s/wssecurity/server.crt 304 303 305 304 # PEM encoded private key file 306 wssecurity.signingPriKeyFilePath=%(here)s/ server.key305 wssecurity.signingPriKeyFilePath=%(here)s/wssecurity/server.key 307 306 308 307 # Set the ValueType for the BinarySecurityToken added to the WSSE header for a -
TI12-security/trunk/python/ndg.security.server/ndg/security/server/paster_templates/template.py
r4688 r4692 2 2 3 3 from paste.script.templates import Template, var, _skip_variables 4 import os 4 5 import socket 5 6 _hostTuple = socket.gethostbyaddr(socket.gethostname()) … … 22 23 summary = 'NERC DataGrid Security services deployment template' 23 24 vars = vars 24 25 26 def write_files(self, command, output_dir, vars): 27 '''Extend to enable substitutions for Single Sign On Service config 28 file''' 29 if output_dir.startswith('./'): 30 outDir = output_dir.lstrip('./') 31 else: 32 outDir = output_dir 33 34 vars['ssoConfigDir'] = os.path.join(os.getcwd(), outDir, 'sso') 35 super(DefaultDeploymentTemplate, self).write_files(command, 36 output_dir, 37 vars) -
TI12-security/trunk/python/ndg.security.server/ndg/security/server/sso/certs/clnt.crt
r3652 r4692 2 2 Data: 3 3 Version: 3 (0x2) 4 Serial Number: 2 43 (0xf3)4 Serial Number: 259 (0x103) 5 5 Signature Algorithm: md5WithRSAEncryption 6 6 Issuer: O=NDG, OU=BADC, CN=Test CA 7 7 Validity 8 Not Before: Dec 1 8 11:42:41 2007GMT9 Not After : Dec 1 7 11:42:41 2008GMT8 Not Before: Dec 16 15:19:45 2008 GMT 9 Not After : Dec 15 15:19:45 2013 GMT 10 10 Subject: O=NDG Security Test, OU=WS-Security Unittest, CN=client 11 11 Subject Public Key Info: … … 33 33 Exponent: 65537 (0x10001) 34 34 X509v3 extensions: 35 Netscape Cert Type: 35 Netscape Cert Type: 36 36 SSL Client, SSL Server, S/MIME, Object Signing 37 37 Signature Algorithm: md5WithRSAEncryption 38 c1:2b:11:0e:c3:fe:3e:f2:87:ee:48:e5:f1:29:9c:1f:a3:d8:39 eb:f9:3a:d4:af:75:c7:b4:39:e0:b2:83:5e:ee:71:7c:fc:28:40 73:fb:e4:62:7e:96:7b:f1:c3:b7:a4:94:b5:f7:41:a4:32:6a:41 16:4b:8c:60:36:0c:c1:79:62:51:aa:79:fa:1e:8c:a0:82:58:42 2 8:c6:cf:da:9b:79:eb:3a:f3:bf:e2:4a:8e:c2:f3:55:3f:b9:43 c6:0e:55:ea:a9:79:9e:3c:d2:d1:07:6c:81:90:2f:a9:54:ba:44 4a:7e:3c:f0:7c:86:c5:e0:b3:71:a5:48:a8:77:e3:83:b6:48:45 6d:7838 63:11:bf:8c:fe:88:3a:7d:12:1e:c1:ea:90:f6:11:33:f2:7d: 39 1d:2b:f3:22:3d:72:fb:1b:35:ed:cc:55:79:0e:98:13:41:cf: 40 44:5e:c7:88:75:08:b4:b2:2b:ad:11:0e:0b:2e:49:21:41:18: 41 6b:e9:2f:77:6d:27:4b:17:85:c8:fa:7b:91:45:97:a4:2d:f3: 42 24:4e:1e:be:c5:e5:bc:ca:fd:dc:b2:e9:e1:b1:8a:f0:c1:4f: 43 f9:c9:14:f8:c3:c2:98:66:fa:04:82:f1:8d:68:59:17:1f:f2: 44 bf:34:f7:c6:3c:85:9b:80:c6:bc:2f:66:2e:0e:f4:24:7c:d8: 45 9e:5f 46 46 -----BEGIN CERTIFICATE----- 47 MIICizCCAfSgAwIBAgICA PMwDQYJKoZIhvcNAQEEBQAwLzEMMAoGA1UEChMDTkRH48 MQ0wCwYDVQQLEwRCQURDMRAwDgYDVQQDEwdUZXN0IENBMB4XDTA 3MTIxODExNDI049 MVoXDTA4MTIxNzExNDI0MVowTDEaMBgGA1UEChMRTkRHIFNlY3VyaXR5IFRlc3Qx47 MIICizCCAfSgAwIBAgICAQMwDQYJKoZIhvcNAQEEBQAwLzEMMAoGA1UEChMDTkRH 48 MQ0wCwYDVQQLEwRCQURDMRAwDgYDVQQDEwdUZXN0IENBMB4XDTA4MTIxNjE1MTk0 49 NVoXDTEzMTIxNTE1MTk0NVowTDEaMBgGA1UEChMRTkRHIFNlY3VyaXR5IFRlc3Qx 50 50 HTAbBgNVBAsTFFdTLVNlY3VyaXR5IFVuaXR0ZXN0MQ8wDQYDVQQDEwZjbGllbnQw 51 51 ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCY7CFf5GAGGJEY38Vukj0U … … 55 55 mtvitXt9HJwdCZbPmPyxs6STvFHMZru1mY5dj1YWT8PBT5Svmpo/EEiL+TZctcXE 56 56 SRRSVxu99yRBJ0f9Nd8IPxtuyyIVX4+xfgOLrNoVQuIV5vKTCZh5RrWjpbk/0eqN 57 AgMBAAGjFTATMBEGCWCGSAGG+EIBAQQEAwIE8DANBgkqhkiG9w0BAQQFAAOBgQ DB58 KxEOw/4+8ofuSOXxKZwfo9jr+TrUr3XHtDngsoNe7nF8/Chz++RifpZ78cO3pJS1 59 90GkMmoWS4xgNgzBeWJRqnn6Hoygglgoxs/am3nrOvO/4kqOwvNVP7nGDlXqqXme 60 PNLRB2yBkC+pVLpKfjzwfIbF4LNxpUiod+ODtkhteA==57 AgMBAAGjFTATMBEGCWCGSAGG+EIBAQQEAwIE8DANBgkqhkiG9w0BAQQFAAOBgQBj 58 Eb+M/og6fRIeweqQ9hEz8n0dK/MiPXL7GzXtzFV5DpgTQc9EXseIdQi0siutEQ4L 59 LkkhQRhr6S93bSdLF4XI+nuRRZekLfMkTh6+xeW8yv3csunhsYrwwU/5yRT4w8KY 60 ZvoEgvGNaFkXH/K/NPfGPIWbgMa8L2YuDvQkfNieXw== 61 61 -----END CERTIFICATE----- -
TI12-security/trunk/python/ndg.security.server/ndg/security/server/sso/sso.cfg
r4584 r4692 18 18 #sessionMgrURI: https://gabriel.badc.rl.ac.uk/SessionManager 19 19 sessionMgrURI: http://localhost:8000/SessionManager 20 att AuthorityURI: http://localhost:8000/AttributeAuthority20 attributeAuthorityURI: http://localhost:8000/AttributeAuthority 21 21 22 22 # WS-Security signature handler - set a config file with 'wssCfgFilePath' -
TI12-security/trunk/python/ndg.security.server/ndg/security/server/sso/sso/config/ssoServiceMiddleware.py
r4587 r4692 116 116 self.smURI = None 117 117 118 if self.cfg.has_option(defSection, 'attAuthorityURI'): 119 self.aaURI = self.cfg.get(defSection, 'attAuthorityURI') 118 if self.cfg.has_option(defSection, 'sessionManagerEnvironKey'): 119 self.smEnvironKey = self.cfg.get(defSection, 120 'sessionManagerEnvironKey') 121 else: 122 self.smEnvironKey = None 123 124 if self.cfg.has_option(defSection, 'attributeAuthorityURI'): 125 self.aaURI = self.cfg.get(defSection, 'attributeAuthorityURI') 120 126 else: 121 127 self.aaURI = None 128 129 if self.cfg.has_option(defSection, 'attributeAuthorityEnvironKey'): 130 self.aaEnvironKey = self.cfg.get(defSection, 131 'attributeAuthorityEnvironKey') 132 else: 133 self.aaEnvironKey = None 122 134 123 135 # ... for SSL connections to security web services -
TI12-security/trunk/python/ndg.security.server/ndg/security/server/sso/sso/controllers/login.py
r4680 r4692 56 56 environ=request.environ, 57 57 uri=session['ndgSec']['h'], 58 environKey=self.cfg.smEnvironKey, 59 attributeAuthorityEnvironKey=self.cfg.aaEnvironKey, 58 60 tracefile=self.cfg.tracefile, 59 61 httpProxyHost=self.cfg.httpProxyHost, … … 109 111 try: 110 112 smClnt = WSGISessionManagerClient( 111 environ=request.environ, 112 uri=self.cfg.smURI, 113 tracefile=self.cfg.tracefile, 114 httpProxyHost=self.cfg.httpProxyHost, 115 noHttpProxyList=self.cfg.noHttpProxyList, 116 **self.cfg.wss) 113 environ=request.environ, 114 uri=self.cfg.smURI, 115 environKey=self.cfg.smEnvironKey, 116 attributeAuthorityEnvironKey=self.cfg.aaEnvironKey, 117 tracefile=self.cfg.tracefile, 118 httpProxyHost=self.cfg.httpProxyHost, 119 noHttpProxyList=self.cfg.noHttpProxyList, 120 **self.cfg.wss) 117 121 118 122 username = request.params['username'] … … 221 225 environ=request.environ, 222 226 uri=self.cfg.aaURI, 227 environKey=self.cfg.aaEnvironKey, 223 228 tracefile=self.cfg.tracefile, 224 229 httpProxyHost=self.cfg.httpProxyHost, -
TI12-security/trunk/python/ndg.security.server/ndg/security/server/sso/sso/lib/openid_util.py
r4587 r4692 127 127 environ=pylons.request.environ, 128 128 uri=cfg.aaURI, 129 environKey=self.cfg.aaEnvironKey, 129 130 tracefile=cfg.tracefile, 130 131 httpProxyHost=cfg.httpProxyHost, -
TI12-security/trunk/python/ndg.security.server/ndg/security/server/wsgi/openid/provider/__init__.py
r4680 r4692 421 421 else: 422 422 opt[filtOptName] = optVal 423 else: 424 # Options not starting with prefix are ignored 425 log.debug("Skipping option \"%s\": it doesn't start with " 426 "the prefix \"%s\"", optName, prefix) 423 # else: 424 # Options not starting with prefix are ignored - omit debug 425 # it's too verbose even for debug setting :) 426 # log.debug("Skipping option \"%s\": it doesn't start with " 427 # "the prefix \"%s\"", optName, prefix) 427 428 else: 428 429 filtOptName = '_'.join(optName.split('.')) -
TI12-security/trunk/python/ndg.security.server/ndg/security/server/zsi/sessionmanager/SessionManager_services_server.py
r4480 r4692 72 72 <xsd:element maxOccurs=\"1\" minOccurs=\"0\" name=\"userX509Cert\" type=\"xsd:string\"/> 73 73 <xsd:element maxOccurs=\"1\" minOccurs=\"0\" name=\"sessID\" type=\"xsd:string\"/> 74 <xsd:element maxOccurs=\"1\" minOccurs=\"0\" name=\"att AuthorityURI\" type=\"xsd:string\"/>74 <xsd:element maxOccurs=\"1\" minOccurs=\"0\" name=\"attributeAuthorityURI\" type=\"xsd:string\"/> 75 75 <xsd:element maxOccurs=\"1\" minOccurs=\"0\" name=\"reqRole\" type=\"xsd:string\"/> 76 76 <xsd:element maxOccurs=\"1\" minOccurs=\"1\" name=\"mapFromTrustedHosts\" type=\"xsd:boolean\"/> … … 269 269 def soap_getAttCert(self, ps): 270 270 self.request = ps.Parse(getAttCertInputMsg.typecode) 271 parameters = (self.request._userX509Cert, self.request._sessID, self.request._att AuthorityURI, self.request._reqRole, self.request._mapFromTrustedHosts, self.request._rtnExtAttCertList, self.request._extAttCert, self.request._extTrustedHost)271 parameters = (self.request._userX509Cert, self.request._sessID, self.request._attributeAuthorityURI, self.request._reqRole, self.request._mapFromTrustedHosts, self.request._rtnExtAttCertList, self.request._extAttCert, self.request._extTrustedHost) 272 272 273 273 # If we have an implementation object use it -
TI12-security/trunk/python/ndg.security.server/ndg/security/server/zsi/sessionmanager/__init__.py
r4680 r4692 190 190 # If no Attribute Authority URI is set pick up local Attribute 191 191 # instance Authority 192 if request.Att AuthorityURI is None:192 if request.AttributeAuthorityURI is None: 193 193 attributeAuthorityFilter = \ 194 194 self.referencedWSGIFilters.get(self.attributeAuthorityFilterID) 195 195 196 196 try: 197 attributeAuthority 198 attributeAuthorityFilter.serviceSOAPBinding.aa197 attributeAuthority= \ 198 attributeAuthorityFilter.serviceSOAPBinding.aa 199 199 except AttributeError, e: 200 200 raise SessionManagerWSConfigError("No Attribute Authority URI " … … 210 210 userX509Cert=userX509Cert or request.UserX509Cert, 211 211 sessID=request.SessID, 212 attributeAuthorityURI=request.Att AuthorityURI,212 attributeAuthorityURI=request.AttributeAuthorityURI, 213 213 attributeAuthority=attributeAuthority, 214 214 reqRole=request.ReqRole, -
TI12-security/trunk/python/ndg.security.test/ndg/security/test/authz/pdp/browse/clnt.crt
r4035 r4692 2 2 Data: 3 3 Version: 3 (0x2) 4 Serial Number: 2 43 (0xf3)4 Serial Number: 259 (0x103) 5 5 Signature Algorithm: md5WithRSAEncryption 6 6 Issuer: O=NDG, OU=BADC, CN=Test CA 7 7 Validity 8 Not Before: Dec 1 8 11:42:41 2007GMT9 Not After : Dec 1 7 11:42:41 2008GMT8 Not Before: Dec 16 15:19:45 2008 GMT 9 Not After : Dec 15 15:19:45 2013 GMT 10 10 Subject: O=NDG Security Test, OU=WS-Security Unittest, CN=client 11 11 Subject Public Key Info: … … 33 33 Exponent: 65537 (0x10001) 34 34 X509v3 extensions: 35 Netscape Cert Type: 35 Netscape Cert Type: 36 36 SSL Client, SSL Server, S/MIME, Object Signing 37 37 Signature Algorithm: md5WithRSAEncryption 38 c1:2b:11:0e:c3:fe:3e:f2:87:ee:48:e5:f1:29:9c:1f:a3:d8:39 eb:f9:3a:d4:af:75:c7:b4:39:e0:b2:83:5e:ee:71:7c:fc:28:40 73:fb:e4:62:7e:96:7b:f1:c3:b7:a4:94:b5:f7:41:a4:32:6a:41 16:4b:8c:60:36:0c:c1:79:62:51:aa:79:fa:1e:8c:a0:82:58:42 2 8:c6:cf:da:9b:79:eb:3a:f3:bf:e2:4a:8e:c2:f3:55:3f:b9:43 c6:0e:55:ea:a9:79:9e:3c:d2:d1:07:6c:81:90:2f:a9:54:ba:44 4a:7e:3c:f0:7c:86:c5:e0:b3:71:a5:48:a8:77:e3:83:b6:48:45 6d:7838 63:11:bf:8c:fe:88:3a:7d:12:1e:c1:ea:90:f6:11:33:f2:7d: 39 1d:2b:f3:22:3d:72:fb:1b:35:ed:cc:55:79:0e:98:13:41:cf: 40 44:5e:c7:88:75:08:b4:b2:2b:ad:11:0e:0b:2e:49:21:41:18: 41 6b:e9:2f:77:6d:27:4b:17:85:c8:fa:7b:91:45:97:a4:2d:f3: 42 24:4e:1e:be:c5:e5:bc:ca:fd:dc:b2:e9:e1:b1:8a:f0:c1:4f: 43 f9:c9:14:f8:c3:c2:98:66:fa:04:82:f1:8d:68:59:17:1f:f2: 44 bf:34:f7:c6:3c:85:9b:80:c6:bc:2f:66:2e:0e:f4:24:7c:d8: 45 9e:5f 46 46 -----BEGIN CERTIFICATE----- 47 MIICizCCAfSgAwIBAgICA PMwDQYJKoZIhvcNAQEEBQAwLzEMMAoGA1UEChMDTkRH48 MQ0wCwYDVQQLEwRCQURDMRAwDgYDVQQDEwdUZXN0IENBMB4XDTA 3MTIxODExNDI049 MVoXDTA4MTIxNzExNDI0MVowTDEaMBgGA1UEChMRTkRHIFNlY3VyaXR5IFRlc3Qx47 MIICizCCAfSgAwIBAgICAQMwDQYJKoZIhvcNAQEEBQAwLzEMMAoGA1UEChMDTkRH 48 MQ0wCwYDVQQLEwRCQURDMRAwDgYDVQQDEwdUZXN0IENBMB4XDTA4MTIxNjE1MTk0 49 NVoXDTEzMTIxNTE1MTk0NVowTDEaMBgGA1UEChMRTkRHIFNlY3VyaXR5IFRlc3Qx 50 50 HTAbBgNVBAsTFFdTLVNlY3VyaXR5IFVuaXR0ZXN0MQ8wDQYDVQQDEwZjbGllbnQw 51 51 ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCY7CFf5GAGGJEY38Vukj0U … … 55 55 mtvitXt9HJwdCZbPmPyxs6STvFHMZru1mY5dj1YWT8PBT5Svmpo/EEiL+TZctcXE 56 56 SRRSVxu99yRBJ0f9Nd8IPxtuyyIVX4+xfgOLrNoVQuIV5vKTCZh5RrWjpbk/0eqN 57 AgMBAAGjFTATMBEGCWCGSAGG+EIBAQQEAwIE8DANBgkqhkiG9w0BAQQFAAOBgQ DB58 KxEOw/4+8ofuSOXxKZwfo9jr+TrUr3XHtDngsoNe7nF8/Chz++RifpZ78cO3pJS1 59 90GkMmoWS4xgNgzBeWJRqnn6Hoygglgoxs/am3nrOvO/4kqOwvNVP7nGDlXqqXme 60 PNLRB2yBkC+pVLpKfjzwfIbF4LNxpUiod+ODtkhteA==57 AgMBAAGjFTATMBEGCWCGSAGG+EIBAQQEAwIE8DANBgkqhkiG9w0BAQQFAAOBgQBj 58 Eb+M/og6fRIeweqQ9hEz8n0dK/MiPXL7GzXtzFV5DpgTQc9EXseIdQi0siutEQ4L 59 LkkhQRhr6S93bSdLF4XI+nuRRZekLfMkTh6+xeW8yv3csunhsYrwwU/5yRT4w8KY 60 ZvoEgvGNaFkXH/K/NPfGPIWbgMa8L2YuDvQkfNieXw== 61 61 -----END CERTIFICATE----- -
TI12-security/trunk/python/ndg.security.test/ndg/security/test/combinedservices/singleSignOnService/certs/clnt.crt
r4587 r4692 2 2 Data: 3 3 Version: 3 (0x2) 4 Serial Number: 2 43 (0xf3)4 Serial Number: 259 (0x103) 5 5 Signature Algorithm: md5WithRSAEncryption 6 6 Issuer: O=NDG, OU=BADC, CN=Test CA 7 7 Validity 8 Not Before: Dec 1 8 11:42:41 2007GMT9 Not After : Dec 1 7 11:42:41 2008GMT8 Not Before: Dec 16 15:19:45 2008 GMT 9 Not After : Dec 15 15:19:45 2013 GMT 10 10 Subject: O=NDG Security Test, OU=WS-Security Unittest, CN=client 11 11 Subject Public Key Info: … … 33 33 Exponent: 65537 (0x10001) 34 34 X509v3 extensions: 35 Netscape Cert Type: 35 Netscape Cert Type: 36 36 SSL Client, SSL Server, S/MIME, Object Signing 37 37 Signature Algorithm: md5WithRSAEncryption 38 c1:2b:11:0e:c3:fe:3e:f2:87:ee:48:e5:f1:29:9c:1f:a3:d8:39 eb:f9:3a:d4:af:75:c7:b4:39:e0:b2:83:5e:ee:71:7c:fc:28:40 73:fb:e4:62:7e:96:7b:f1:c3:b7:a4:94:b5:f7:41:a4:32:6a:41 16:4b:8c:60:36:0c:c1:79:62:51:aa:79:fa:1e:8c:a0:82:58:42 2 8:c6:cf:da:9b:79:eb:3a:f3:bf:e2:4a:8e:c2:f3:55:3f:b9:43 c6:0e:55:ea:a9:79:9e:3c:d2:d1:07:6c:81:90:2f:a9:54:ba:44 4a:7e:3c:f0:7c:86:c5:e0:b3:71:a5:48:a8:77:e3:83:b6:48:45 6d:7838 63:11:bf:8c:fe:88:3a:7d:12:1e:c1:ea:90:f6:11:33:f2:7d: 39 1d:2b:f3:22:3d:72:fb:1b:35:ed:cc:55:79:0e:98:13:41:cf: 40 44:5e:c7:88:75:08:b4:b2:2b:ad:11:0e:0b:2e:49:21:41:18: 41 6b:e9:2f:77:6d:27:4b:17:85:c8:fa:7b:91:45:97:a4:2d:f3: 42 24:4e:1e:be:c5:e5:bc:ca:fd:dc:b2:e9:e1:b1:8a:f0:c1:4f: 43 f9:c9:14:f8:c3:c2:98:66:fa:04:82:f1:8d:68:59:17:1f:f2: 44 bf:34:f7:c6:3c:85:9b:80:c6:bc:2f:66:2e:0e:f4:24:7c:d8: 45 9e:5f 46 46 -----BEGIN CERTIFICATE----- 47 MIICizCCAfSgAwIBAgICA PMwDQYJKoZIhvcNAQEEBQAwLzEMMAoGA1UEChMDTkRH48 MQ0wCwYDVQQLEwRCQURDMRAwDgYDVQQDEwdUZXN0IENBMB4XDTA 3MTIxODExNDI049 MVoXDTA4MTIxNzExNDI0MVowTDEaMBgGA1UEChMRTkRHIFNlY3VyaXR5IFRlc3Qx47 MIICizCCAfSgAwIBAgICAQMwDQYJKoZIhvcNAQEEBQAwLzEMMAoGA1UEChMDTkRH 48 MQ0wCwYDVQQLEwRCQURDMRAwDgYDVQQDEwdUZXN0IENBMB4XDTA4MTIxNjE1MTk0 49 NVoXDTEzMTIxNTE1MTk0NVowTDEaMBgGA1UEChMRTkRHIFNlY3VyaXR5IFRlc3Qx 50 50 HTAbBgNVBAsTFFdTLVNlY3VyaXR5IFVuaXR0ZXN0MQ8wDQYDVQQDEwZjbGllbnQw 51 51 ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCY7CFf5GAGGJEY38Vukj0U … … 55 55 mtvitXt9HJwdCZbPmPyxs6STvFHMZru1mY5dj1YWT8PBT5Svmpo/EEiL+TZctcXE 56 56 SRRSVxu99yRBJ0f9Nd8IPxtuyyIVX4+xfgOLrNoVQuIV5vKTCZh5RrWjpbk/0eqN 57 AgMBAAGjFTATMBEGCWCGSAGG+EIBAQQEAwIE8DANBgkqhkiG9w0BAQQFAAOBgQ DB58 KxEOw/4+8ofuSOXxKZwfo9jr+TrUr3XHtDngsoNe7nF8/Chz++RifpZ78cO3pJS1 59 90GkMmoWS4xgNgzBeWJRqnn6Hoygglgoxs/am3nrOvO/4kqOwvNVP7nGDlXqqXme 60 PNLRB2yBkC+pVLpKfjzwfIbF4LNxpUiod+ODtkhteA==57 AgMBAAGjFTATMBEGCWCGSAGG+EIBAQQEAwIE8DANBgkqhkiG9w0BAQQFAAOBgQBj 58 Eb+M/og6fRIeweqQ9hEz8n0dK/MiPXL7GzXtzFV5DpgTQc9EXseIdQi0siutEQ4L 59 LkkhQRhr6S93bSdLF4XI+nuRRZekLfMkTh6+xeW8yv3csunhsYrwwU/5yRT4w8KY 60 ZvoEgvGNaFkXH/K/NPfGPIWbgMa8L2YuDvQkfNieXw== 61 61 -----END CERTIFICATE----- -
TI12-security/trunk/python/ndg.security.test/ndg/security/test/combinedservices/singleSignOnService/sso.cfg
r4587 r4692 16 16 17 17 # Service addresses 18 #sessionMgrURI: https://gabriel.badc.rl.ac.uk/SessionManager19 18 sessionMgrURI: http://localhost:8000/SessionManager 20 19 21 20 # If the Attribute Authority URI is commented out the service will try to 22 21 # connect to an Attribute Authority instance in the local WSG stack 23 #att AuthorityURI: http://localhost:8000/AttributeAuthority22 #attributeAuthorityURI: http://localhost:8000/AttributeAuthority 24 23 25 24 # WS-Security signature handler - set a config file with 'wssCfgFilePath' -
TI12-security/trunk/python/ndg.security.test/ndg/security/test/combinedservices/test_combinedservices.cfg
r4680 r4692 10 10 # $Id:$ 11 11 [setUp] 12 logLevel = ERROR 12 13 uri = http://localhost:8000/SessionManager 13 14 # alternate port for testing with tcpmon -
TI12-security/trunk/python/ndg.security.test/ndg/security/test/combinedservices/test_combinedservices.py
r4680 r4692 16 16 __revision__ = '$Id: test_sessionmanagerclient.py 4437 2008-11-18 12:34:25Z pjkersha $' 17 17 import logging 18 logging.basicConfig(level=logging.DEBUG) 18 19 19 20 20 import unittest … … 106 106 except KeyError: 107 107 sslCACertList = [] 108 108 109 # Set logging 110 try: 111 logLevel = getattr(logging, self.cfg['setUp']['logLevel']) 112 except AttributeError: 113 raise AttributeError("logLevel=%s not recognised, try one of: " 114 "CRITICAL, ERROR, WARNING, INFO, DEBUG or " 115 "NOTSET" % self.cfg['setUp']['logLevel']) 116 117 logging.basicConfig(level=logLevel) 118 109 119 # Instantiate WS proxy 110 120 self.clnt = SessionManagerClient(uri=self.cfg['setUp']['uri'], … … 236 246 237 247 attCert = self.clnt.getAttCert(sessID=self.sessID, 238 att AuthorityURI=thisSection['aaURI'])248 attributeAuthorityURI=thisSection['aaURI']) 239 249 240 250 print "Attribute Certificate:\n%s" % attCert … … 269 279 270 280 aaURI = self.cfg['test07GetAttCertWithUserX509Cert']['aaURI'] 271 attCert = self.clnt.getAttCert(att AuthorityURI=aaURI)281 attCert = self.clnt.getAttCert(attributeAuthorityURI=aaURI) 272 282 273 283 print("Attribute Certificate:\n%s" % attCert) … … 400 410 401 411 402 class CombinedServicesTestSuite(unittest.TestSuite):403 404 def __init__(self):405 map = map(CombinedServicesTestCase,406 (407 "test01Connect",408 "test02GetSessionStatus",409 "test03ConnectNoCreateServerSess",410 "test04DisconnectWithSessID",411 "test05DisconnectWithUserX509Cert",412 "test06GetAttCertWithSessID",413 "test07GetAttCertWithUserX509Cert",414 "test08GetAttCertFromLocalAttributeAuthority",415 "test09WSGILocalSessionManagerInstanceConnect",416 "test10WSGILocalSessionManagerInstanceGetSessionStatus",417 "test11WSGILocalSessionManagerInstanceDisconnect",418 "test12WSGILocalSessionManagerInstanceGetAttCert",419 "test13WSGILocalAttributeAuthorityInstanceGetHostInfo",420 "test14WSGILocalAttributeAuthorityInstanceGetTrustedHostInfo",421 "test15WSGILocalAttributeAuthorityInstanceGetAllHostsInfo"422 ))423 unittest.TestSuite.__init__(self, map)424 425 426 412 if __name__ == "__main__": 427 413 unittest.main() -
TI12-security/trunk/python/ndg.security.test/ndg/security/test/sessionmanagerclient/test_sessionmanagerclient.py
r4680 r4692 220 220 221 221 attCert = self.clnt.getAttCert(sessID=self.sessID, 222 att AuthorityURI=thisSection['aaURI'])222 attributeAuthorityURI=thisSection['aaURI']) 223 223 224 224 print "Attribute Certificate:\n%s" % attCert … … 239 239 try: 240 240 attCert = self.clnt.getAttCert(sessID=self.sessID, 241 att AuthorityURI=aaURI,241 attributeAuthorityURI=aaURI, 242 242 mapFromTrustedHosts=False) 243 243 except AttributeRequestDenied, e: … … 257 257 aaURI = self.cfg['test08GetMappedAttCertWithSessID']['aaURI'] 258 258 259 attCert=self.clnt.getAttCert(sessID=self.sessID, att AuthorityURI=aaURI)259 attCert=self.clnt.getAttCert(sessID=self.sessID, attributeAuthorityURI=aaURI) 260 260 261 261 print "Attribute Certificate:\n%s" % attCert … … 277 277 278 278 attCert = self.clnt.getAttCert(sessID=self.sessID, 279 att AuthorityURI=aaURI,279 attributeAuthorityURI=aaURI, 280 280 extAttCertList=[extAttCert]) 281 281 … … 309 309 310 310 aaURI = self.cfg['test10GetAttCertWithUserX509Cert']['aaURI'] 311 attCert = self.clnt.getAttCert(att AuthorityURI=aaURI)311 attCert = self.clnt.getAttCert(attributeAuthorityURI=aaURI) 312 312 313 313 print("Attribute Certificate:\n%s" % attCert) -
TI12-security/trunk/python/ndg.security.test/ndg/security/test/wssecurity/client/clnt.crt
r3676 r4692 2 2 Data: 3 3 Version: 3 (0x2) 4 Serial Number: 2 43 (0xf3)4 Serial Number: 259 (0x103) 5 5 Signature Algorithm: md5WithRSAEncryption 6 6 Issuer: O=NDG, OU=BADC, CN=Test CA 7 7 Validity 8 Not Before: Dec 1 8 11:42:41 2007GMT9 Not After : Dec 1 7 11:42:41 2008GMT8 Not Before: Dec 16 15:19:45 2008 GMT 9 Not After : Dec 15 15:19:45 2013 GMT 10 10 Subject: O=NDG Security Test, OU=WS-Security Unittest, CN=client 11 11 Subject Public Key Info: … … 33 33 Exponent: 65537 (0x10001) 34 34 X509v3 extensions: 35 Netscape Cert Type: 35 Netscape Cert Type: 36 36 SSL Client, SSL Server, S/MIME, Object Signing 37 37 Signature Algorithm: md5WithRSAEncryption 38 c1:2b:11:0e:c3:fe:3e:f2:87:ee:48:e5:f1:29:9c:1f:a3:d8:39 eb:f9:3a:d4:af:75:c7:b4:39:e0:b2:83:5e:ee:71:7c:fc:28:40 73:fb:e4:62:7e:96:7b:f1:c3:b7:a4:94:b5:f7:41:a4:32:6a:41 16:4b:8c:60:36:0c:c1:79:62:51:aa:79:fa:1e:8c:a0:82:58:42 2 8:c6:cf:da:9b:79:eb:3a:f3:bf:e2:4a:8e:c2:f3:55:3f:b9:43 c6:0e:55:ea:a9:79:9e:3c:d2:d1:07:6c:81:90:2f:a9:54:ba:44 4a:7e:3c:f0:7c:86:c5:e0:b3:71:a5:48:a8:77:e3:83:b6:48:45 6d:7838 63:11:bf:8c:fe:88:3a:7d:12:1e:c1:ea:90:f6:11:33:f2:7d: 39 1d:2b:f3:22:3d:72:fb:1b:35:ed:cc:55:79:0e:98:13:41:cf: 40 44:5e:c7:88:75:08:b4:b2:2b:ad:11:0e:0b:2e:49:21:41:18: 41 6b:e9:2f:77:6d:27:4b:17:85:c8:fa:7b:91:45:97:a4:2d:f3: 42 24:4e:1e:be:c5:e5:bc:ca:fd:dc:b2:e9:e1:b1:8a:f0:c1:4f: 43 f9:c9:14:f8:c3:c2:98:66:fa:04:82:f1:8d:68:59:17:1f:f2: 44 bf:34:f7:c6:3c:85:9b:80:c6:bc:2f:66:2e:0e:f4:24:7c:d8: 45 9e:5f 46 46 -----BEGIN CERTIFICATE----- 47 MIICizCCAfSgAwIBAgICA PMwDQYJKoZIhvcNAQEEBQAwLzEMMAoGA1UEChMDTkRH48 MQ0wCwYDVQQLEwRCQURDMRAwDgYDVQQDEwdUZXN0IENBMB4XDTA 3MTIxODExNDI049 MVoXDTA4MTIxNzExNDI0MVowTDEaMBgGA1UEChMRTkRHIFNlY3VyaXR5IFRlc3Qx47 MIICizCCAfSgAwIBAgICAQMwDQYJKoZIhvcNAQEEBQAwLzEMMAoGA1UEChMDTkRH 48 MQ0wCwYDVQQLEwRCQURDMRAwDgYDVQQDEwdUZXN0IENBMB4XDTA4MTIxNjE1MTk0 49 NVoXDTEzMTIxNTE1MTk0NVowTDEaMBgGA1UEChMRTkRHIFNlY3VyaXR5IFRlc3Qx 50 50 HTAbBgNVBAsTFFdTLVNlY3VyaXR5IFVuaXR0ZXN0MQ8wDQYDVQQDEwZjbGllbnQw 51 51 ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCY7CFf5GAGGJEY38Vukj0U … … 55 55 mtvitXt9HJwdCZbPmPyxs6STvFHMZru1mY5dj1YWT8PBT5Svmpo/EEiL+TZctcXE 56 56 SRRSVxu99yRBJ0f9Nd8IPxtuyyIVX4+xfgOLrNoVQuIV5vKTCZh5RrWjpbk/0eqN 57 AgMBAAGjFTATMBEGCWCGSAGG+EIBAQQEAwIE8DANBgkqhkiG9w0BAQQFAAOBgQ DB58 KxEOw/4+8ofuSOXxKZwfo9jr+TrUr3XHtDngsoNe7nF8/Chz++RifpZ78cO3pJS1 59 90GkMmoWS4xgNgzBeWJRqnn6Hoygglgoxs/am3nrOvO/4kqOwvNVP7nGDlXqqXme 60 PNLRB2yBkC+pVLpKfjzwfIbF4LNxpUiod+ODtkhteA==57 AgMBAAGjFTATMBEGCWCGSAGG+EIBAQQEAwIE8DANBgkqhkiG9w0BAQQFAAOBgQBj 58 Eb+M/og6fRIeweqQ9hEz8n0dK/MiPXL7GzXtzFV5DpgTQc9EXseIdQi0siutEQ4L 59 LkkhQRhr6S93bSdLF4XI+nuRRZekLfMkTh6+xeW8yv3csunhsYrwwU/5yRT4w8KY 60 ZvoEgvGNaFkXH/K/NPfGPIWbgMa8L2YuDvQkfNieXw== 61 61 -----END CERTIFICATE----- -
TI12-security/trunk/python/ndg.security.test/ndg/security/test/wssecurity/server/server.crt
r4238 r4692 2 2 Data: 3 3 Version: 3 (0x2) 4 Serial Number: 2 44 (0xf4)4 Serial Number: 260 (0x104) 5 5 Signature Algorithm: md5WithRSAEncryption 6 6 Issuer: O=NDG, OU=BADC, CN=Test CA 7 7 Validity 8 Not Before: Dec 1 8 13:58:09 2007GMT9 Not After : Dec 1 7 13:58:09 2008GMT8 Not Before: Dec 16 15:20:55 2008 GMT 9 Not After : Dec 15 15:20:55 2013 GMT 10 10 Subject: O=NDG Security Test, OU=WS-Security Unittest, CN=server 11 11 Subject Public Key Info: … … 33 33 Exponent: 65537 (0x10001) 34 34 X509v3 extensions: 35 Netscape Cert Type: 35 Netscape Cert Type: 36 36 SSL Client, SSL Server, S/MIME, Object Signing 37 37 Signature Algorithm: md5WithRSAEncryption 38 2b:b0:f6:d3:32:a7:61:d9:1e:07:39:8a:39:c9:7a:b4:dc:44:39 c3:50:ba:2b:67:f6:12:8a:c0:49:91:bd:f2:fb:3f:3f:a2:0e:40 21:5d:63:b6:73:90:2a:11:70:6b:d9:56:ce:29:b0:25:bb:13:41 2f:8a:9e:55:af:a0:7c:9e:73:96:81:17:09:1a:d0:30:f8:1c:42 34:34:ed:e3:7d:09:72:12:c7:37:37:8f:90:aa:79:55:6a:3a:43 28:2f:98:de:d0:06:42:3e:a2:5a:d2:f4:6f:5f:29:00:3d:b2:44 df:37:e7:17:f7:8a:a6:aa:82:e8:f9:21:47:84:9c:39:37:54:45 6d:1638 95:eb:24:bb:4e:4d:38:b8:0e:8d:0e:fa:27:61:0b:91:f7:9e: 39 a3:a7:a4:e0:d8:ba:57:3a:ee:df:54:50:80:26:19:f5:66:d7: 40 6c:83:64:eb:b3:1a:3b:dc:7a:08:49:db:3f:a1:9a:bf:03:08: 41 7f:b2:8c:28:eb:cf:79:d9:a3:f0:a4:7c:65:40:c5:fe:34:88: 42 7f:88:47:e2:4b:38:f4:d6:c6:91:69:9c:68:ca:ed:03:fc:fb: 43 83:c8:07:be:3c:33:be:24:87:aa:68:7f:38:18:e3:fc:97:ef: 44 8f:e4:6e:39:f8:3d:e2:97:91:4a:86:e8:39:52:01:b3:31:54: 45 d9:5d 46 46 -----BEGIN CERTIFICATE----- 47 MIICizCCAfSgAwIBAgICA PQwDQYJKoZIhvcNAQEEBQAwLzEMMAoGA1UEChMDTkRH48 MQ0wCwYDVQQLEwRCQURDMRAwDgYDVQQDEwdUZXN0IENBMB4XDTA 3MTIxODEzNTgw49 OVoXDTA4MTIxNzEzNTgwOVowTDEaMBgGA1UEChMRTkRHIFNlY3VyaXR5IFRlc3Qx47 MIICizCCAfSgAwIBAgICAQQwDQYJKoZIhvcNAQEEBQAwLzEMMAoGA1UEChMDTkRH 48 MQ0wCwYDVQQLEwRCQURDMRAwDgYDVQQDEwdUZXN0IENBMB4XDTA4MTIxNjE1MjA1 49 NVoXDTEzMTIxNTE1MjA1NVowTDEaMBgGA1UEChMRTkRHIFNlY3VyaXR5IFRlc3Qx 50 50 HTAbBgNVBAsTFFdTLVNlY3VyaXR5IFVuaXR0ZXN0MQ8wDQYDVQQDEwZzZXJ2ZXIw 51 51 ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKh5yGjF6lxe3OL/g1lZdq … … 55 55 FbpcpjemyU85R6h7K8Q7Wmoa841np+KRdMSnhQ6VX9PcgfcNdNEzsV+zxb7kblYq 56 56 JXUEDFWmNcJmdoWPUXwLtvdA3wwy15k+cvLVw3X4BmyTXrrK76uOjcroePMIJpHr 57 AgMBAAGjFTATMBEGCWCGSAGG+EIBAQQEAwIE8DANBgkqhkiG9w0BAQQFAAOBgQ Ar58 sPbTMqdh2R4HOYo5yXq03ETDULorZ/YSisBJkb3y+z8/og4hXWO2c5AqEXBr2VbO 59 KbAluxMvip5Vr6B8nnOWgRcJGtAw+Bw0NO3jfQlyEsc3N4+QqnlVajooL5je0AZC 60 PqJa0vRvXykAPbLfN+cX94qmqoLo+SFHhJw5N1RtFg==57 AgMBAAGjFTATMBEGCWCGSAGG+EIBAQQEAwIE8DANBgkqhkiG9w0BAQQFAAOBgQCV 58 6yS7Tk04uA6NDvonYQuR956jp6Tg2LpXOu7fVFCAJhn1Ztdsg2Trsxo73HoISds/ 59 oZq/Awh/sowo68952aPwpHxlQMX+NIh/iEfiSzj01saRaZxoyu0D/PuDyAe+PDO+ 60 JIeqaH84GOP8l++P5G45+D3il5FKhug5UgGzMVTZXQ== 61 61 -----END CERTIFICATE-----
Note: See TracChangeset
for help on using the changeset viewer.