Changeset 5187 for TI12-security


Ignore:
Timestamp:
08/04/09 15:55:47 (12 years ago)
Author:
pjkersha
Message:

Tested Policy with regex target URIs

Location:
TI12-security/trunk/python
Files:
4 edited

Legend:

Unmodified
Added
Removed

  • TI12-security/trunk/python/ndg.security.common/ndg/security/common/authz/msi.py

    r5186 r5187  
    8787        resource.parse(root) 
    8888        return resource 
     89     
     90    def __str__(self): 
     91        return str(self.uriPattern) 
    8992 
    9093class _AttrDict(dict): 

  • TI12-security/trunk/python/ndg.security.server/ndg/security/server/wsgi/authz/__init__.py

    r5186 r5187  
    9292        # Policy Decision Point 
    9393        policyCfg = AuthorizationHandler._filterKeywords(app_conf, 'policy.') 
     94        self.policyFilePath = policyCfg['filePath'] 
    9495        self.policy = Policy.Parse(policyCfg['filePath']) 
    9596        self.pdp = PDP(self.policy, pip) 
     
    123124                # No match - it's publicly accessible 
    124125                return False 
     126 
     127        log.debug("AuthorizationHandler found matching target(s):\n\n " 
     128                  "%s\nfrom policy file [%s] for URI=[%s]" %  
     129                  ('\n'.join(["RegEx=%s" % t for t in matchingTargets]),  
     130                   self.policyFilePath, 
     131                   resourceURI)) 
    125132         
    126133        if not self.isAuthenticated: 
     
    145152                # Skip the access forbidden middleware and call the next next 
    146153                # WSGI app 
    147                 log.debug("AuthorizationHandler access granted for policy") 
     154                log.debug("AuthorizationHandler access granted to [%s] using " 
     155                          "policy [%s]" % (resourceURI, self.policyFilePath)) 
    148156                return False 
    149157        else: 

  • TI12-security/trunk/python/ndg.security.server/ndg/security/server/wsgi/openid/provider/__init__.py

    r5168 r5187  
    10891089        # possibly via FetchRequest.getRequiredAttrs() 
    10901090        try: 
    1091             self.axResponse(ax_req, ax_resp, self.authNInterfaceCtx) 
     1091            self.axResponse(ax_req, ax_resp, self._authN) 
    10921092             
    10931093        except OpenIDProviderMissingRequiredAXAttrs, e: 

  • TI12-security/trunk/python/ndg.security.test/ndg/security/test/integration/authz/policy.xml

    r5186 r5187  
    1313    </Target> 
    1414    <Target> 
    15         <URIPattern>/test_accessDeniedToSecuredURI</URIPattern> 
     15        <URIPattern>^/test_accessDenied.*$</URIPattern> 
    1616        <Attributes> 
    1717            <Attribute>urn:siteA:security:authz:1.0:attr:forbidden</Attribute> 
Note: See TracChangeset for help on using the changeset viewer.