Changeset 4863


Ignore:
Timestamp:
23/01/09 21:53:34 (11 years ago)
Author:
pjkersha
Message:
  • added initialisation decorator for use with derived classes if ndg.security.server.wsgi.NDGSecurityMiddlewareBase.call
  • fixed SSO Client Middleware - client interface for using Single Sign On Service from Pylons or other app
  • Added capability to pass in args to class to be instantiated from instantiateClass factory function in classfactory module
  • Modified SSO wayf template to enable login from this page if the user is at their home site - saves an extra login step
  • Added Signin interface plugin for OpenID Relying Party middleware. The plugin is itself middleware so that it can include other middleware filters such StaticURLParser to include static content used in template.
Location:
TI12-security/trunk/python
Files:
511 added
1 deleted
22 edited

Legend:

Unmodified
Added
Removed
  • TI12-security/trunk/python/ndg.security.client/ndg/security/client/ssoclient/ssoclient/config/ssoClientMiddleware.py

    r3918 r4863  
    1414        class common: 
    1515            class sso: 
    16                 cfg = None 
     16                class cfg: 
     17                    '''Placeholder for server and sslServer attributes''' 
     18                class state: 
     19                    '''State information - return to URL should be set each  
     20                    time a new page is loaded.  In ows_server this is handled 
     21                    by setting it in ndgPage.kid a template that is extended by 
     22                    all Browse pages.''' 
     23                    returnToURL = '' 
     24                    b64encReturnToURL = '' 
    1725 
    1826class SSOMiddleware(object): 
     
    2331        self.app = app 
    2432 
    25         ndg.security.client.ssoclient.cfg = SSOClientConfig(cfg, **kw) 
     33        ndg.security.common.sso.cfg = SSOClientConfig(cfg, **kw) 
    2634        appGlobals.ndg = ndg 
    2735 
  • TI12-security/trunk/python/ndg.security.common/ndg/security/common/utils/classfactory.py

    r4855 r4863  
    2121 
    2222def instantiateClass(moduleName, className, moduleFilePath=None,  
    23                      objectType=None, classProperties={}): 
     23                     objectType=None, classArgs=(), classProperties={}): 
    2424    ''' 
    2525    Create and return an instance of the specified class 
     
    4040    ''' 
    4141 
    42     log.debug("Instantiating class, %s" % className) 
     42    log.debug("Instantiating class '%s'" % className) 
    4343     
    4444    # ensure that classproperties is a dict - NB, it may be passed in as a null 
     
    6565             
    6666            # Import module name specified in properties file 
    67             importModule = __import__(moduleName) 
     67            module = __import__(moduleName) 
    6868            components = moduleName.split('.') 
    6969            for component in components[1:]: 
    70                 importModule = getattr(importModule, component) 
     70                module = getattr(module, component) 
    7171 
    72             importClass = getattr(importModule, className) 
     72            importedClass = getattr(module, className) 
    7373        finally: 
    7474            # revert back to original sys path, if necessary 
     
    8484 
    8585    # Check class inherits from AAproxy abstract base class 
    86     if objectType and not issubclass(importClass, objectType): 
     86    if objectType and not issubclass(importedClass, objectType): 
    8787        raise ClassFactoryError("Specified class %s must be derived from %s" % 
    8888                                (className, objectType)) 
     
    9090    # Instantiate class 
    9191    try: 
    92         object = importClass(**classProperties) 
     92        if classArgs: 
     93            object = importedClass(*classArgs, **classProperties) 
     94        else: 
     95            object = importedClass(**classProperties) 
     96             
    9397        log.info('Instantiated "%s" class from module, "%s"' % (className, 
    9498                                                                moduleName)) 
     
    96100 
    97101    except Exception, e: 
    98         log.error("Instantiating class, %s: %s"%(importClass.__name__,e)) 
     102        log.error("Instantiating class, %s: %s" % (importedClass.__name__, e)) 
    99103        raise 
    100104             
  • TI12-security/trunk/python/ndg.security.server/ndg/security/server/paster_templates/default_deployment/services.ini_tmpl

    r4855 r4863  
    1212# date: 30/11/05 
    1313# Copyright: (C) 2008 STFC 
    14 # license: This software may be distributed under the terms of the Q Public  
    15 # License, version 1.0 or later. 
     14# license: BSD - see LICENSE file in top-level directory 
    1615# Contact: Philip.Kershaw@stfc.ac.uk 
    1716# Revision: $$Id$$ 
  • TI12-security/trunk/python/ndg.security.server/ndg/security/server/paster_templates/full_deployment/services.ini_tmpl

    r4855 r4863  
    1313# date: 30/11/05 
    1414# Copyright: (C) 2008 STFC 
    15 # license: This software may be distributed under the terms of the Q Public  
    16 # License, version 1.0 or later. 
     15# license: BSD - see LICENSE file in top-level directory 
    1716# Contact: Philip.Kershaw@stfc.ac.uk 
    1817# Revision: $$Id$$ 
  • TI12-security/trunk/python/ndg.security.server/ndg/security/server/paster_templates/full_deployment/sso/sso.cfg_tmpl

    r4773 r4863  
    2626tracefile: None 
    2727#tracefile: sys.stderr 
    28  
    29 # Service addresses 
    30 sessionMgrURI: http://localhost:8000/SessionManager 
    31  
    32 # If the Attribute Authority URI is commented out the service will try to  
    33 # connect to an Attribute Authority instance in the local WSG stack 
    34 #attributeAuthorityURI: http://localhost:8000/AttributeAuthority 
    3528 
    3629# WS-Security signature handler - set a config file with 'wssCfgFilePath' 
  • TI12-security/trunk/python/ndg.security.server/ndg/security/server/sso/sso/lib/openid_util.py

    r4742 r4863  
    141141 
    142142    try: 
    143         hosts = aaClnt.getAllHostsInfo()  
     143        hosts = aaClnt.getTrustedHostInfo()  
    144144    except Exception, e: 
    145145        c.xml = ('Error getting a list of trusted sites for login.  ' 
  • TI12-security/trunk/python/ndg.security.server/ndg/security/server/sso/sso/templates/ndg/security/login.kid

    r3960 r4863  
    11<html py:extends="'ndgPage.kid'" xmlns="http://www.w3.org/1999/xhtml" xmlns:py="http://purl.org/kid/ns#"> 
    2      
     2    <head> 
     3        <replace py:replace="pagehead()"/> 
     4    </head> 
     5    <body> 
     6        <div py:replace="header()"/> 
     7        <div py:replace="loginContent()"/> 
     8        <div py:replace="footer(showLoginStatus=False)"/> 
     9    </body> 
     10 
    311    <div py:def="loginForm()" class="loginForm"> 
    412        <form action="$g.ndg.security.server.sso.cfg.getCredentials" method="POST"> 
     
    816                    <td><input type="text" name="username" value=""/></td> 
    917                </tr><tr> 
    10                     <td>Pass-phrase:</td> 
     18                    <td>Password:</td> 
    1119                    <td><input type="password" name="passphrase"/></td> 
    1220                </tr><tr> 
    1321                    <td colspan="2" align="right"> 
    14                         <input type="submit" value="Login"/> 
     22                        <input type="submit" value="Login"/> 
    1523                    </td> 
    1624                </tr> 
     
    1927    </div> 
    2028     
    21     <head> 
    22     <replace py:replace="pagehead()"/> 
    23     </head> 
    24     <body> 
    25         <div py:replace="header()"/> 
    26         <div class="loginContent" style="text-indent:5px">         
    27             <h4>Login</h4> 
    28             <div py:replace="loginForm()"/> 
    29             <p>${c.xml}</p> 
    30         </div> 
    31         <div py:replace="footer(showLoginStatus=False)"/> 
    32     </body> 
    33  
     29    <div py:def="loginContent(heading='Login')" class="loginContent" style="text-indent:5px">         
     30        <h4>$heading</h4> 
     31        <div py:replace="loginForm()"/> 
     32        <p>${c.xml}</p> 
     33    </div> 
    3434</html> 
  • TI12-security/trunk/python/ndg.security.server/ndg/security/server/sso/sso/templates/ndg/security/ndgPage.kid

    r3942 r4863  
    107107            <input type="submit" value="Login"/> 
    108108        </form> 
    109     </span> 
    110      
    111      
    112      
     109    </span>     
    113110</html> 
  • TI12-security/trunk/python/ndg.security.server/ndg/security/server/sso/sso/templates/ndg/security/wayf.kid

    r4773 r4863  
    1 <html py:extends="'ndgPage.kid'" xmlns="http://www.w3.org/1999/xhtml" xmlns:py="http://purl.org/kid/ns#"> 
    2     <div py:if="len(g.ndg.security.server.sso.state.trustedIdPs) > 0" py:def="trustedSitesList()" class="trustedSitesList" style="text-indent:5px">         
    3         <h4> Where are you from? </h4> 
    4         <p> You can login in at a trusted partner site: 
    5                 <?python 
    6                 # Sort alphabetically 
    7                 providerNames = g.ndg.security.server.sso.state.trustedIdPs.keys() 
    8                 providerNames.sort() 
    9                 ?> 
    10                 <ul py:for="h in providerNames"> 
    11                     <li> <a href="${g.ndg.security.server.sso.state.trustedIdPs[h]}?r=${g.ndg.security.common.sso.state.b64encReturnToURL}">${h}</a></li> 
    12                 </ul> 
    13             </p> 
    14         <p py:if="g.ndg.security.server.sso.cfg.enableOpenID==True">Alternatively, sign in with OpenID:</p> 
     1<html py:extends="'login.kid'" xmlns="http://www.w3.org/1999/xhtml" xmlns:py="http://purl.org/kid/ns#"> 
     2        <head> 
     3                <replace py:replace="pagehead()"/> 
     4                <style py:if="g.ndg.security.server.sso.cfg.enableOpenID==True"> 
     5                        input.openid-identifier { 
     6                        background: url($g.ndg.security.server.sso.cfg.server/layout/openid-inputicon.gif) no-repeat; 
     7                        background-color: #fff; 
     8                        background-position: 0 50%; 
     9                        padding-left: 18px; 
     10                        } 
     11                </style> 
     12        </head> 
     13        <body> 
     14                <div py:replace="header()"/> 
     15                <div py:replace="loginContent(heading='Home Login')"/> 
     16                <div py:replace="trustedSiteHeading()"/> 
     17                <div py:replace="trustedSitesList()"/> 
     18                <div py:replace="openIDSignin()"/> 
     19                <div py:replace="footer(showLoginStatus=False)"/> 
     20        </body> 
     21 
     22        <div py:def="trustedSiteHeading()" class="trustedSiteHeading" style="text-indent:5px">         
     23                <h4>Trusted Site Login</h4> 
    1524        </div> 
    16     <div py:if="len(g.ndg.security.server.sso.state.trustedIdPs) == 0" py:def="trustedSitesListNotAvailable()" class="trustedSitesListNotAvailable" style="text-indent:5px">         
    17                 <h4>Where are you from?</h4> 
     25         
     26        <div py:if="len(g.ndg.security.server.sso.state.trustedIdPs) > 0" py:def="trustedSitesList()" class="trustedSitesList" style="text-indent:5px">         
     27                <p>You can also login via one of our trusted partner sites if you have an acount with one of them: 
     28                        <?python 
     29                                # Sort alphabetically 
     30                                providerNames = g.ndg.security.server.sso.state.trustedIdPs.keys() 
     31                                providerNames.sort() 
     32                        ?> 
     33                        <ul py:for="h in providerNames"> 
     34                                <li> <a href="${g.ndg.security.server.sso.state.trustedIdPs[h]}?r=${g.ndg.security.common.sso.state.b64encReturnToURL}">${h}</a></li> 
     35                        </ul> 
     36                </p> 
    1837        </div> 
     38         
    1939        <div py:if="g.ndg.security.server.sso.cfg.enableOpenID==True" py:def="openIDSignin()" class="openIDSignin" style="text-indent:5px"> 
    2040                <form action="$g.ndg.security.server.sso.cfg.server/verify" method="post"> 
    21                   <table cellspacing="0" border="0" cellpadding="5"> 
    22                     <tr> 
    23                         <td>OpenID:</td>  
    24                         <td> 
    25                                 <input type="text" name="openid" value="" class='openid-identifier'/> 
    26                         </td> 
    27                         <td align="right"> 
    28                                 <input type="submit" name="authform" value="Go"/> 
    29                         </td> 
    30                         <td> 
    31                                 <a href="http://openid.net/what/" target="_blank"><small>What's this?</small></a> 
    32                         </td> 
    33                     </tr> 
    34                   </table> 
     41                        <table cellspacing="0" border="0" cellpadding="5"> 
     42                                <tr> 
     43                                        <td>OpenID:</td>  
     44                                        <td> 
     45                                                <input type="text" name="openid" value="" class='openid-identifier'/> 
     46                                        </td> 
     47                                        <td align="right"> 
     48                                                <input type="submit" name="authform" value="Go"/> 
     49                                        </td> 
     50                                        <td> 
     51                                                <a href="http://openid.net/what/" target="_blank"><small>What's this?</small></a> 
     52                                        </td> 
     53                                </tr> 
     54                        </table> 
    3555                </form> 
    3656        </div> 
    37  
    38     <head> 
    39                 <style> 
    40                         input.openid-identifier { 
    41                            background: url($g.ndg.security.server.sso.cfg.server/layout/openid-inputicon.gif) no-repeat; 
    42                            background-color: #fff; 
    43                            background-position: 0 50%; 
    44                            padding-left: 18px; 
    45                         } 
    46                 </style> 
    47         <replace py:replace="pagehead()"/> 
    48     </head> 
    49     <body> 
    50         <div py:replace="header()"/> 
    51         <replace py:replace="trustedSitesList()"/> 
    52         <replace py:replace="trustedSitesListNotAvailable()"/> 
    53         <replace py:replace="openIDSignin()"/> 
    54         <div py:replace="footer(showLoginStatus=False)"/> 
    55     </body> 
     57         
    5658</html> 
  • TI12-security/trunk/python/ndg.security.server/ndg/security/server/wsgi/__init__.py

    r4855 r4863  
    1616    """Base class for NDG Security Middleware classes""" 
    1717    propertyDefaults = { 
    18         'mountPath': None, 
     18        'mountPath': '/', 
    1919    } 
    2020     
     
    2626        ''' 
    2727        self._app = app 
    28         self._environ = None 
     28        self._environ = {} 
    2929        self._pathInfo = None 
    3030        self._path = None 
     
    4040        # Similarly, filter keyword input                  
    4141        self.__class__._filterOpts(opt, local_conf, prefix=prefix) 
    42         
    43         # Update options from keywords - matching app_conf ones will be  
    44         # overwritten 
    45         opt.update(local_conf) 
    4642         
    4743        # Set options as object attributes 
     
    5652        self.setPathInfo() 
    5753        self.setPath() 
    58           
     54 
     55    @staticmethod 
     56    def initCall(__call__): 
     57        '''Decorator to __call__ to enable convenient attribute initialisation 
     58        ''' 
     59        def __call__wrapper(self, environ, start_response): 
     60            self._initCall(environ) 
     61            return __call__(self, environ, start_response) 
     62 
     63        return __call__wrapper 
     64 
    5965    def _setResponse(self,  
    6066                     environ,  
     
    114120     
    115121    @classmethod 
    116     def _filterOpts(cls, opt, newOpt, prefix=''): 
     122    def _filterOpts(cls, opt, newOpt, prefix='', propertyDefaults=None): 
    117123        '''Convenience utility to filter input options set in __init__ via 
    118124        app_conf or keywords 
     
    128134        defOpt class variable 
    129135        ''' 
     136        if propertyDefaults is None: 
     137            propertyDefaults = cls.propertyDefaults 
     138             
    130139        badOpt = [] 
    131140        for k,v in newOpt.items(): 
     
    134143                filtK = '_'.join(subK.split('.'))   
    135144            else: 
    136                 filtK = k 
     145                #filtK = k 
     146                continue 
    137147                     
    138             if filtK not in cls.propertyDefaults: 
     148            if filtK not in propertyDefaults: 
    139149                badOpt += [k]                 
    140150            else: 
  • TI12-security/trunk/python/ndg.security.server/ndg/security/server/wsgi/openid/provider/__init__.py

    r4855 r4863  
    2222import paste.request 
    2323from paste.util.import_string import eval_import 
    24  
    25 from authkit.authenticate import AuthKitConfigError 
    26  
    2724from openid.extensions import sreg, ax 
    2825from openid.server import server 
     
    11581155     
    11591156class RenderingInterfaceConfigError(RenderingInterfaceError): 
    1160     """Error with Authentication configuration.  Raise from __init__""" 
     1157    """Error with configuration settings.  Raise from __init__""" 
    11611158    errorMsg = "RenderingInterface configuration error"     
    11621159     
  • TI12-security/trunk/python/ndg.security.server/ndg/security/server/wsgi/openid/provider/renderinginterface/buffet/__init__.py

    r4855 r4863  
    33 
    44NERC Data Grid Project 
    5  
    65""" 
    76__author__ = "P J Kershaw" 
     
    109__contact__ = "Philip.Kershaw@stfc.ac.uk" 
    1110__revision__ = "$Id$" 
     11__license__ = "BSD - see LICENSE file in top-level directory" 
    1212import logging 
    1313log = logging.getLogger(__name__) 
     
    1919# interface 
    2020from ndg.security.server.wsgi.openid.provider import RenderingInterface, \ 
    21     AuthNInterfaceConfigError 
     21    RenderingInterfaceConfigError 
    2222 
    2323# Boiler plate to create renderer 
     
    5858                setattr(self, i, opt[i]) 
    5959        except KeyError, e: 
    60             raise AuthNInterfaceConfigError("Missing property: %s" % e)    
     60            raise RenderingInterfaceConfigError("Missing property: %s" % e)    
    6161          
    6262        self._buffet = OpenIDProviderRenderingBuffet(self.templateType,  
  • TI12-security/trunk/python/ndg.security.server/ndg/security/server/wsgi/openid/relyingparty/__init__.py

    r4855 r4863  
    1414log = logging.getLogger(__name__) 
    1515 
    16 from authkit.authenticate import AuthKitConfigError 
     16import authkit.authenticate 
     17import beaker.middleware 
     18 
    1719from ndg.security.server.wsgi import NDGSecurityMiddlewareBase 
     20from ndg.security.common.utils.classfactory import instantiateClass 
    1821 
    1922class OpenIDRelyingPartyMiddlewareError(Exception): 
     
    2528class OpenIDRelyingPartyMiddleware(NDGSecurityMiddlewareBase): 
    2629    '''Implementation of OpenID Relying Party based on AuthKit''' 
     30    propertyDefaults = { 
     31        'signinInterfaceMiddlewareClass': None 
     32    } 
     33    propertyDefaults.update(NDGSecurityMiddlewareBase.propertyDefaults) 
     34     
     35    def __init__(self, app, global_conf, prefix='openid.relyingparty.',  
     36                 **app_conf): 
     37        """Add AuthKit and Beaker middleware dependencies to WSGI stack 
     38         
     39        @type app: callable following WSGI interface signature 
     40        @param app: next middleware application in the chain       
     41        @type global_conf: dict         
     42        @param global_conf: PasteDeploy application global configuration -  
     43        must follow format of propertyDefaults class variable 
     44        @type prefix: basestring 
     45        @param prefix: prefix for OpenID Relying Party configuration items 
     46        @type app_conf: dict 
     47        @param app_conf: application specific configuration - must follow  
     48        format of propertyDefaults class variable"""     
     49                 
     50        # Check for sign in template settings 
     51        if prefix+'signinInterfaceMiddlewareClass' in app_conf: 
     52            if 'authkit.openid.template.obj' in app_conf: 
     53                log.warning("OpenID Relying Party " 
     54                            "'signinInterfaceMiddlewareClass' " 
     55                            "setting overrides 'authkit.openid.template.obj' " 
     56                            "AuthKit setting") 
     57                 
     58            moduleName, className = \ 
     59                app_conf[prefix+'signinInterfaceMiddlewareClass'].rsplit('.',1) 
     60             
     61            signinInterfacePrefix = prefix+'signinInterface.' 
     62            classProperties = {'prefix': signinInterfacePrefix} 
     63            classProperties.update(app_conf) 
     64            app = instantiateClass(moduleName, className,   
     65                                   objectType=SigninInterface,  
     66                                   classArgs=(app, global_conf), 
     67                                   classProperties=classProperties)             
     68             
     69            # Delete sign in interface middleware settings 
     70            for conf in app_conf, global_conf or {}: 
     71                for k in conf.keys(): 
     72                    if k.startswith(signinInterfacePrefix): 
     73                        del conf[k] 
     74         
     75            app_conf['authkit.openid.template.string']=app.makeTemplate() 
     76             
     77        app = authkit.authenticate.middleware(app, app_conf) 
     78        app = beaker.middleware.SessionMiddleware(app) 
     79 
     80        super(OpenIDRelyingPartyMiddleware, self).__init__(app,  
     81                                                           global_conf,  
     82                                                           prefix=prefix,  
     83                                                           **app_conf) 
     84                 
     85    def __call__(self, environ, start_response): 
     86        return self._app(environ, start_response) 
     87 
     88class SigninInterfaceError(Exception): 
     89    """Base class for SigninInterface exceptions 
     90     
     91    A standard message is raised set by the msg class variable but the actual 
     92    exception details are logged to the error log.  The use of a standard  
     93    message enables callers to use its content for user error messages. 
     94     
     95    @type msg: basestring 
     96    @cvar msg: standard message to be raised for this exception""" 
     97    userMsg = ("An internal error occurred with the page layout,  Please " 
     98               "contact your system administrator") 
     99    errorMsg = "SigninInterface error" 
     100     
     101    def __init__(self, *arg, **kw): 
     102        if len(arg) > 0: 
     103            msg = arg[0] 
     104        else: 
     105            msg = self.__class__.errorMsg 
     106             
     107        log.error(msg) 
     108        Exception.__init__(self, msg, **kw) 
     109         
     110class SigninInterfaceInitError(SigninInterfaceError): 
     111    """Error with initialisation of SigninInterface.  Raise from __init__""" 
     112    errorMsg = "SigninInterface initialisation error" 
     113     
     114class SigninInterfaceConfigError(SigninInterfaceError): 
     115    """Error with configuration settings.  Raise from __init__""" 
     116    errorMsg = "SigninInterface configuration error"     
     117 
     118class SigninInterface(NDGSecurityMiddlewareBase): 
     119    """Base class for sign in rendering.  This is implemented as WSGI  
     120    middleware to enable additional middleware to be added into the call 
     121    stack e.g. StaticFileParser to enable rendering of graphics and other 
     122    static content in the Sign In page""" 
     123     
     124    def getTemplateFunc(self): 
     125        """Return template function for AuthKit to render OpenID Relying 
     126        Party Sign in page""" 
     127        raise NotImplementedError() 
     128     
     129    def __call__(self, environ, start_response): 
     130        return self._app(self, environ, start_response) 
  • TI12-security/trunk/python/ndg.security.server/ndg/security/server/wsgi/pep/__init__.py

    r4855 r4863  
    3232        self.charset = '; charset=utf-8' 
    3333 
     34    @NDGSecurityMiddlewareBase.initCall          
    3435    def __call__(self, environ, start_response): 
    3536        log.debug("Calling PEPMiddleware.__call__ ...") 
    36         self._initCall(environ) 
    3737         
    3838        # TODO: Is a security session set? 
  • TI12-security/trunk/python/ndg.security.server/ndg/security/server/wsgi/ssl.py

    r4855 r4863  
    7070                                      "peer certificate must validate against " 
    7171                                      "one") 
    72                 
     72       
     73    @NDGSecurityMiddlewareBase.initCall          
    7374    def __call__(self, environ, start_response): 
    7475         
    7576        log.debug("Calling SSLClientAuthNMiddleware.__call__ ...") 
    76         self._initCall(environ) 
    7777         
    7878        if not self.isSSLRequest: 
  • TI12-security/trunk/python/ndg.security.test/ndg/security/test/combinedservices/serverapp.py

    r4855 r4863  
    177177    os.environ['NDGSEC_COMBINED_SRVS_UNITTEST_DIR']=abspath(dirname(__file__)) 
    178178     
    179 # To start the Site A Attribute Authority run  
    180 # $ paster serve site-a.ini or run this file as a script 
    181 # $ ./siteAServerApp.py [port #] 
     179# To start run  
     180# $ paster serve services.ini or run this file as a script 
     181# $ ./serverapp.py [port #] 
    182182if __name__ == '__main__': 
    183183    import sys 
     
    195195    from paste.deploy import loadapp 
    196196     
    197     from paste.urlparser import StaticURLParser 
    198     from paste.cascade import Cascade 
    199      
    200197    app = loadapp('config:%s' % cfgFilePath) 
    201198    serve(app, host='0.0.0.0', port=port) 
  • TI12-security/trunk/python/ndg.security.test/ndg/security/test/combinedservices/services.ini

    r4855 r4863  
    1111# date: 30/11/05 
    1212# Copyright: (C) 2009 Science and Technology Facilities Council 
    13 # license: This software may be distributed under the terms of the Q Public  
    14 # License, version 1.0 or later. 
     13# license: BSD - see LICENSE file in top-level directory 
    1514# Contact: Philip.Kershaw@stfc.ac.uk 
    1615# Revision: $Id$ 
     
    172171# Debug mode will enable the interactive debugging tool, allowing ANYONE to 
    173172# execute malicious code after an exception is raised. 
    174 set debug = false 
     173set debug = true 
    175174 
    176175configfile = %(here)s/singleSignOnService/sso.cfg 
     
    195194authkit.openid.urltouser = ndg.security.server.sso.sso.lib.openid_util:url2user 
    196195 
    197 # Chain of SOAP Middleware filters 
     196# Chain of Middleware filters 
    198197[pipeline:main] 
    199198pipeline = wsseSignatureVerificationFilter  
  • TI12-security/trunk/python/ndg.security.test/ndg/security/test/combinedservices/singleSignOnService/sso.cfg

    r4773 r4863  
    1414tracefile: None 
    1515#tracefile: sys.stderr 
    16  
    17 # Service addresses 
    18 sessionMgrURI: http://localhost:8000/SessionManager 
    19  
    20 # If the Attribute Authority URI is commented out the service will try to  
    21 # connect to an Attribute Authority instance in the local WSG stack 
    22 #attributeAuthorityURI: http://localhost:8000/AttributeAuthority 
    2316 
    2417# WS-Security signature handler - set a config file with 'wssCfgFilePath' 
     
    5043 
    5144# Flag to enable OpenID login 
    52 #enableOpenID: True 
     45enableOpenID: True 
    5346 
    5447# Service addresses - connect to a remote service or provide a key to WSGI  
  • TI12-security/trunk/python/ndg.security.test/ndg/security/test/config/attributeauthority/sitea/siteAMapConfig.xml

    r4718 r4863  
    66        <loginURI>https://localhost/login</loginURI> 
    77            <aaDN>/O=NDG/OU=Site A/CN=AttributeAuthority</aaDN> 
    8             <loginServerDN>/C=UK/ST=Oxfordshire/O=STFC/OU=BADC/CN=localhost</loginServerDN> 
     8        <loginServerDN>/C=UK/ST=Oxfordshire/O=STFC/OU=BADC/CN=localhost</loginServerDN> 
    99            <loginRequestServerDN>/C=UK/ST=Oxfordshire/O=STFC/OU=BADC/CN=localhost</loginRequestServerDN> 
    1010    </thisHost> 
  • TI12-security/trunk/python/ndg.security.test/ndg/security/test/sslclientauthnmiddleware/test.ini

    r4770 r4863  
    77# date: 11/12/08 
    88# Copyright: (C) 2009 Science and Technology Facilities Council 
    9 # license: This software may be distributed under the terms of the Q Public  
    10 # License, version 1.0 or later. 
     9# license: BSD - see LICENSE file in top-level directory 
    1110# Contact: Philip.Kershaw@stfc.ac.uk 
    1211# Revision: $Id$ 
Note: See TracChangeset for help on using the changeset viewer.