Changeset 492

Timestamp:

03/10/05 11:54:26 (14 years ago)

Author:

pjkersha

Message:

Working version for setting cookie with expiry + if user already logged in,
connect them to their existing UserSession?().

Location:

security/trunk/python/Tests

Files:

• ndgData.html (modified) (1 diff)
• security.py (modified) (8 diffs)

security/trunk/python/Tests/ndgData.html

@@ -63 +63 @@
       </td>
       <td valign="top" width="127"> <a
- href="javascript:ndgDataOpenWindow('../../cgi-bin/security.cgi?authorise=1', '_blank', 'scrollbars=no, resizable=no, width=512 ,height=468')">ACSOE
+ href="javascript:ndgDataOpenWindow('../../cgi-bin/security.cgi?authorise=1', '_blank', 'scrollbars=yes, resizable=no, width=512 ,height=468')">ACSOE
 data set 1</a> <br>
       </td>

security/trunk/python/Tests/security.py

@@ -134 +134 @@
                 # Authorisation and authentication arguments were set
                 # - Call authentication first
-                sessID = self.authenticate(setCookie=False)
+                cookie = self.authenticate(setCookie=False)
 
                 # Call authorisation passing the session ID for authorise to
                 # set the cookie
-                self.authorise(sessID, extTrustedHost=extTrustedHost)
+                self.authorise(cookie, extTrustedHost=extTrustedHost)
 
             else:
@@ -356 +356 @@
                 resp = smSrv.connect(userName=self.__userName,
                                      passPhrase=self.__passPhrase,
-                                     tracefile=sys.stderr)                
+                                     rtnAsCookie=True)                
             except socket.error, e:
                 # Socket error returns tuple - reformat to just give msg
@@ -364 +364 @@
                 raise SecurityCGIError(str(resp['errMsg']))
 
-            sessID = str(resp['sessID'])
+            cookie = str(resp['cookie'])
 
             if setCookie:
-                # Make a cookie        
-                cookie = SimpleCookie()
-                cookie['Hash'] = sessID
                 
                 print \
@@ -382 +379 @@
     <p>User %s authenticated</p>
     <p>Cookie is: %s</p>
-</body>""" % (cookie.output(), self.__userName, sessID)
-
-            return sessID
+</body>""" % (cookie, self.__userName, cookie)
+
+            return cookie
         
         except Exception, e:
@@ -411 +408 @@
     #_________________________________________________________________________
     def authorise(self,
-                  sessID=None,
+                  cookie=None,
                   reqRole='nercFunded',
                   extTrustedHost='',
@@ -418 +415 @@
         access
 
-        sessID:     session ID of user session, if omitted, use cookie
+        cookie:     cookie containing session ID
         reqRole:    required role to get authorisation - default to NERC for
                     testing"""
@@ -439 +436 @@
         try:
             # Check for session ID input
-            if isinstance(sessID, basestring):
-
-                # Set cookie
-                cookie = SimpleCookie()
-                cookie['Hash'] = sessID
+            if isinstance(cookie, basestring):
                 bSetCookie = True
+
+                # Get session ID from cookie
+                sessID = SimpleCookie(cookie)['Hash'].value
                 
             else:
@@ -503 +499 @@
             # Handle access denied/granted
             if bSetCookie:
-                cookieTxt = cookie.output() + os.linesep
+                cookieTxt = cookie + os.linesep
             else:
                 cookieTxt = ''