Changeset 5322


Ignore:
Timestamp:
20/05/09 16:28:18 (10 years ago)
Author:
pjkersha
Message:

Added capability to customise unauthorized responses for the authorisation middleware. pepResultHandler config parameter to ndg.security.server.wsgi.authz.AuthorizationMiddleware? enables a custom WSGI middleware class to be added.

Location:
TI12-security/trunk/python
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • TI12-security/trunk/python/ndg.security.common/ndg/security/common/utils/classfactory.py

    r5227 r5322  
    105105        raise  
    106106 
    107     # Check class inherits from AAproxy abstract base class 
     107    # Check class inherits from a base class 
    108108    if objectType and not issubclass(importedClass, objectType): 
    109109        raise ClassFactoryError("Specified class %s must be derived from %s" % 
  • TI12-security/trunk/python/ndg.security.server/ndg/security/server/wsgi/authz.py

    r5320 r5322  
    7878""" % msg.join('\n'*2) 
    7979 
    80             return self._setErrorResponse(code=401, msg=response) 
     80            return self._setErrorResponse(code=403, msg=response) 
    8181 
    8282 
     
    264264 
    265265from authkit.authenticate.multi import MultiHandler 
    266  
     266from ndg.security.common.utils.classfactory import importClass 
     267 
     268class AuthorizationMiddlewareError(Exception): 
     269    """Base class for AuthorizationMiddleware exceptions""" 
     270     
     271class AuthorizationMiddlewareConfigError(Exception): 
     272    """AuthorizationMiddleware configuration related exceptions""" 
     273     
    267274class AuthorizationMiddleware(NDGSecurityMiddlewareBase): 
    268275    '''Handler to call Policy Enforcement Point middleware to intercept  
     
    280287        set following an access denied decision""" 
    281288         
    282         pepFilter = PEPFilter(app,global_conf,prefix=prefix+'pep.',**app_conf) 
     289        pepFilter = PEPFilter(app, 
     290                              global_conf, 
     291                              prefix=prefix+'pep.filter.', 
     292                              **app_conf) 
    283293        pepInterceptFunc = pepFilter.multiHandlerInterceptFactory() 
    284294         
    285295        app = MultiHandler(pepFilter) 
    286                             
     296         
     297        pepResultHandlerClassName = app_conf.pop(prefix+"pep.resultHandler",  
     298                                                 None)  
     299        if pepResultHandlerClassName is None: 
     300            pepResultHandler = PEPResultHandlerMiddleware 
     301        else: 
     302            pepResultHandler = importClass(pepResultHandlerClassName) 
     303            if not isinstance(pepResultHandler, PEPResultHandlerMiddleware): 
     304                raise AuthorizationMiddlewareConfigError("Expecting " 
     305                    "PEPResultHandlerMiddleware derived class for " 
     306                    "pepResultHandler setting; got %s" % pepResultHandler) 
     307             
    287308        app.add_method(PEPFilter.id, 
    288                        PEPResultHandlerMiddleware.filter_app_factory, 
     309                       pepResultHandler.filter_app_factory, 
    289310                       global_conf, 
    290311                       prefix=prefix, 
Note: See TracChangeset for help on using the changeset viewer.