Changeset 532


Ignore:
Timestamp:
19/01/06 17:51:58 (14 years ago)
Author:
pjkersha
Message:

AttAuthorityServer?.py: updated to use stub code generated by wsdl2dispatch

SessionMgrServer?.py: added debug keyword arg for sessionMgr WS class.

attAuthority.wsdl: rationalised all methods to single string i/o. to allow
encryption of messages if required and help with Java <-> Python
interoperability.

sessionMgr.wsdl: changed authorisation method name to reqAuthorisation.

Location:
security/trunk/python
Files:
4 edited

Legend:

Unmodified
Added
Removed
  • security/trunk/python/AttAuthorityServer.py

    r495 r532  
    1818import socket  
    1919 
    20 # Web service interface 
    21 from ZSI import dispatch 
    22 from NDG.attAuthority_services import * 
    23  
    2420# Command line processing 
    2521import sys 
     
    2723import getopt 
    2824 
     25# Web service interface 
     26from ZSI import dispatch 
     27from ZSI.ServiceContainer import ServiceContainer, SOAPRequestHandler 
     28 
     29# Attribute Authority Web Services stub code generated by wsdl2py and  
     30# wsdl2dispatch 
     31from NDG.attAuthority_services import * 
     32from NDG.attauthority_services_server import attAuthority 
     33 
    2934# Attribute Authority 
    3035from NDG.AttAuthority import * 
    3136 
    3237 
    33 def getTrustedHostInfo(usrRole): 
    34     """NDG Attribute Authority WS interface - return the trusted hosts for 
    35     the given input role.""" 
    36      
    37     if debug: 
    38         import pdb 
    39         pdb.set_trace() 
    40  
    41     resp = getTrustedHostInfoResponseWrapper() 
    42     resp._trustedHostInfo = [] 
    43     resp._errMsg = '' 
    44  
    45  
    46     # Prevent WS client making a call with no role provided.  This would 
    47     # normally return a list of all the trusted hosts for the AA and the 
    48     # associated roles.  Disallow this for extra security 
    49     if usrRole == '' or usrRole is None: 
    50         resp._errMsg = "No role was input" 
    51         return resp 
    52  
    53      
    54     # Request a new attribute certificate from the Attribute Authority 
    55     try: 
    56         # Output is a dictionary of roles indexed by host name 
    57         trustedHostInfo = aa.getTrustedHostInfo(str(usrRole))       
    58         if trustedHostInfo is not None: 
    59             # Serialise dictionary output 
    60             resp._trustedHostInfo = ["%s:%s:%s" % \ 
    61                                   (i[0],i[1]['wsdl'],', '.join(i[1]['role']))\ 
    62                                   for i in trustedHostInfo.items()] 
    63          
    64     except Exception, e: 
    65         resp._errMsg = str(e) 
    66      
    67     return resp 
    68  
    69  
    70  
    71  
    72 def reqAuthorisation(usrProxyCert, usrAttCert): 
    73     """NDG Attribute Authority WS interface for user authorisation.""" 
    74      
    75     if debug: 
    76         import pdb 
    77         pdb.set_trace() 
    78  
    79     resp = reqAuthorisationResponseWrapper() 
    80     resp._attCert = '' 
    81     resp._statCode = 'AccessGranted' 
    82     resp._errMsg = '' 
    83  
    84     # Passing usrAttCert as None causes an error with ZSI, use '' instead and 
    85     # convert to None for input into AttAuthority 
    86     if usrAttCert == '': 
    87         usrAttCert = None 
    88          
    89     # Request a new attribute certificate from the Attribute Authority 
    90     try: 
    91         resp._attCert = aa.authorise(usrProxyCertFileTxt=usrProxyCert, 
    92                                       extAttCertFileTxt=usrAttCert) 
    93     except AttAuthorityAccessDenied, e: 
    94         resp._statCode = 'AccessDenied' 
    95         resp._errMsg = str(e) 
    96          
    97     except Exception, e: 
    98         resp._statCode = 'AccessError' 
    99         resp._errMsg = str(e) 
    100      
    101     return resp 
    102  
    103  
     38#_____________________________________________________________________________ 
     39class SessionMgrSOAPRequestHandler(SOAPRequestHandler): 
     40     """Add a do_GET method to return the WSDL on HTTP GET requests. 
     41     Please note that the path to the wsdl file is derived from what 
     42     the HTTP invocation delivers (which is put into the self.path 
     43     attribute), so you might want to change this addressing scheme. 
     44     """ 
     45     def do_GET(self): 
     46           """Return the WSDL file. We expect to get the location from the 
     47           invocation URL ("path"). 
     48           """ 
     49           wsdlfile = os.path.join('.',  
     50                                   self.path.replace('/', "", 1) + ".wsdl") 
     51           print "> > > > > using wsdlfile", wsdlfile 
     52           wsdl = open(wsdlfile).read() 
     53           self.send_xml(wsdl) 
     54        
     55        
     56#_____________________________________________________________________________ 
     57# Copied from ZSI.ServiceContainer, extended to instantiate with a custom 
     58# request handler 
     59def AsServer(port=80, services=(), RequestHandlerClass=SOAPRequestHandler): 
     60      """port -- 
     61          services -- list of service instances 
     62       """ 
     63      address = ("127.0.0.1", port) 
     64      sc = ServiceContainer(address, RequestHandlerClass=RequestHandlerClass) 
     65      for service in services: 
     66           path = service.getPost() 
     67           sc.setNode(service, path) 
     68      sc.serve_forever() 
    10469 
    10570 
     
    12186 
    12287 
    123  
    124  
     88#_____________________________________________________________________________ 
    12589if __name__ == '__main__': 
    12690 
     
    172136    print "Attribute Authority Server listening..." 
    173137    try: 
    174         dispatch.AsServer(port=port) 
     138         AsServer(port=port,  
     139                  services=[attAuthority(aa, debug=debug)],  
     140                  RequestHandlerClass=SessionMgrSOAPRequestHandler) 
    175141 
    176142    except KeyboardInterrupt: 
  • security/trunk/python/SessionMgrServer.py

    r521 r532  
    1717# Handle socket errors from WS 
    1818import socket  
    19  
    20 # Web service interface 
    21 from ZSI import dispatch 
    22 from NDG.sessionMgr_services import * 
    2319 
    2420# Command line processing 
     
    2723import getopt 
    2824 
     25# Web service interface 
     26from ZSI import dispatch 
    2927from ZSI.ServiceContainer import ServiceContainer, SOAPRequestHandler 
    3028 
    31 # Session Manager Web Services 
     29# Session Manager Web Services stub code generated by wsdl2py and  
     30# wsdl2dispatch 
     31from NDG.sessionMgr_services import * 
    3232from NDG.sessionMgr_services_server import sessionMgr 
    3333 
     
    190190    try: 
    191191         AsServer(port=port,  
    192                   services=[sessionMgr(sm)],  
     192                  services=[sessionMgr(sm, debug=debug)],  
    193193                  RequestHandlerClass=SessionMgrSOAPRequestHandler) 
    194194 
  • security/trunk/python/attAuthority.wsdl

    r473 r532  
    1111  xmlns:xsd="http://www.w3.org/2001/XMLSchema"> 
    1212 
    13   <message name="reqAuthorisationRequest"> 
    14     <part name="usrProxyCert" type="xsd:string"/> 
    15     <part name="usrAttCert" type="xsd:string"/> 
     13  <message name="authorisationRequest"> 
     14    <part name="authorisationReq" type="xsd:string"/> 
    1615  </message> 
    1716 
    18   <message name="reqAuthorisationResponse"> 
    19     <part name="attCert" type="xsd:string"/> 
    20     <part name="statCode" type="xsd:string"/> 
    21     <part name="errMsg" type="xsd:string"/> 
     17  <message name="authorisationResponse"> 
     18    <part name="authorisationResp" type="xsd:string"/> 
    2219  </message> 
    2320 
    24   <message name="getTrustedHostInfoRequest"> 
    25     <part name="usrRole" type="xsd:string"/> 
     21  <message name="trustedHostInfoRequest"> 
     22    <part name="trustedHostInfoReq" type="xsd:string"/> 
    2623  </message> 
    2724 
    28   <message name="getTrustedHostInfoResponse"> 
    29     <part name="trustedHostInfo" type="xsd:ArrayOf_xsd_string"/> 
    30     <part name="errMsg" type="xsd:string"/> 
     25  <message name="trustedHostInfoResponse"> 
     26    <part name="trustedHostInfoResp" type="xsd:string"/> 
    3127  </message> 
    3228 
     
    3430  <portType name="attAuthority"> 
    3531    <operation name="reqAuthorisation"> 
    36       <input message="tns:reqAuthorisationRequest"/> 
    37       <output message="tns:reqAuthorisationResponse"/> 
     32      <input message="tns:authorisationRequest"/> 
     33      <output message="tns:authorisationResponse"/> 
    3834    </operation> 
    3935 
    4036    <operation name="getTrustedHostInfo"> 
    41       <input message="tns:getTrustedHostInfoRequest"/> 
    42       <output message="tns:getTrustedHostInfoResponse"/> 
     37      <input message="tns:trustedHostInfoRequest"/> 
     38      <output message="tns:trustedHostInfoResponse"/> 
    4339    </operation> 
    4440  </portType> 
  • security/trunk/python/sessionMgr.wsdl

    r529 r532  
    4747    </operation> 
    4848     
    49     <operation name="authorisation"> 
     49    <operation name="reqAuthorisation"> 
    5050      <input message="tns:authorisationRequest"/> 
    5151      <output message="tns:authorisationResponse"/> 
     
    7878      </output>  
    7979    </operation> 
    80     <operation name="authorisation"> 
    81       <soap:operation soapAction="urn:sessionMgr#authorisation"/> 
     80    <operation name="reqAuthorisation"> 
     81      <soap:operation soapAction="urn:sessionMgr#reqAuthorisation"/> 
    8282      <input> 
    8383        <soap:body encodingStyle="http://schemas.xmlsoap.org/soap/encoding/" 
Note: See TracChangeset for help on using the changeset viewer.