Ignore:
Timestamp:
05/06/09 12:36:59 (11 years ago)
Author:
pjkersha
Message:
  • fix to WS-Security signature handler 4Suite implementation (ndg.security.common.wssecurity.signaturehandler.foursuite) to ensure timestamp is checked correctly
  • refactored ndg.security.common.wssecurity moving encryption handler development code into its own ndg.security.common.wssecurity.encryptionhandler package
  • Fixed copyright on some remaining files that still had NERC/CCLRC
  • further work on SSL CLient AuthN WSGI unit tests ndg.security.test.unit.wsgi.ssl
Location:
TI12-security/trunk/python/ndg.security.server/ndg/security/server
Files:
7 edited

Legend:

Unmodified
Added
Removed
  • TI12-security/trunk/python/ndg.security.server/ndg/security/server/share/Makefile

    r4752 r5357  
    66# Generate SysV init scripts from ndg-aa template 
    77# 
    8 # @copyright (C) 2007 CCLRC & NERC 
     8# @copyright (C) 2007 STFC 
    99# 
    1010# @license This software may be distributed under the terms of the Q Public  
  • TI12-security/trunk/python/ndg.security.server/ndg/security/server/wsgi/authz.py

    r5355 r5357  
    137137        policyCfg = PEPFilter._filterKeywords(local_conf, 'policy.') 
    138138        self.policyFilePath = policyCfg['filePath'] 
    139         self.policy = Policy.Parse(policyCfg['filePath']) 
     139        policy = Policy.Parse(policyCfg['filePath']) 
    140140         
    141141        # Initialise the Policy Information Point to None.  This object is 
    142142        # created and set later.  See AuthorizationMiddleware. 
    143         self.pdp = PDP(self.policy, None) 
     143        self.pdp = PDP(policy, None) 
    144144         
    145145        self.sessionKey = local_conf.get('sessionKey',  
     
    250250        path  
    251251        """ 
    252         matchingTargets = [target for target in self.policy.targets  
     252        matchingTargets = [target for target in self.pdp.policy.targets  
    253253                           if target.regEx.match(resourceURI) is not None] 
    254254        return matchingTargets 
     
    302302                 
    303303        return filteredConf 
     304 
     305    def _getPDP(self): 
     306        if self._pdp is None: 
     307            raise TypeError("PDP object has not been initialised") 
     308        return self._pdp 
     309     
     310    def _setPDP(self, pdp): 
     311        if not isinstance(pdp, (PDP, None.__class__)): 
     312            raise TypeError("Expecting %s or None type for pdp; got %r" % 
     313                            (PDP.__class__.__name__, pdp)) 
     314        self._pdp = pdp 
     315 
     316    pdp = property(fget=_getPDP, 
     317                   fset=_setPDP, 
     318                   doc="Policy Decision Point object makes access control " 
     319                       "decisions on behalf of the PEP") 
    304320 
    305321    
     
    409425        attrCert = credential.get('attCert') 
    410426        if attrCert is not None: 
    411             log.debug("PIPMiddleware._getAttributeCertificate: existing " 
    412                       "Attribute Certificate cached in Credential Wallet for " 
    413                       "user session [%s]", 
     427            log.debug("PIPMiddleware._getAttributeCertificate: retrieved " 
     428                      "existing Attribute Certificate cached in Credential " 
     429                      "Wallet for user session [%s]", 
    414430                      self.session['username']) 
    415431 
     
    474490        pepInterceptFunc = pepFilter.multiHandlerInterceptFactory() 
    475491         
     492        # Slot in the Policy Information Point in the WSGI stack at this point 
     493        # so that it can take a copy of the beaker session object from environ 
     494        # ahead of the PDP make a request to it for an Attribute Certificate 
     495        # retrieval 
    476496        pipApp = PIPMiddleware(pepFilter, 
    477497                               global_conf, 
     
    480500        pepFilter.pdp.pip = pipApp 
    481501         
    482 #        app = MultiHandler(pepFilter) 
    483502        app = MultiHandler(pipApp) 
    484503 
  • TI12-security/trunk/python/ndg.security.server/ndg/security/server/wsgi/ssl.py

    r5343 r5357  
    263263        # Check certificate Distinguished Name via  
    264264        # ClientCertVerificationInterface object 
    265         return self._clientCertVerify(x509Cert) 
    266  
     265        return self._verifyClientCert(x509Cert) 
     266 
  • TI12-security/trunk/python/ndg.security.server/ndg/security/server/zsi/attributeauthority/Makefile

    r4386 r5357  
    77# server side code 
    88# 
    9 # @copyright (C) 2007 CCLRC & NERC 
     9# @copyright (C) 2007 STFC 
    1010# 
    1111# @license This software may be distributed under the terms of the Q Public  
  • TI12-security/trunk/python/ndg.security.server/ndg/security/server/zsi/sessionmanager/Makefile

    r4386 r5357  
    77# server side code 
    88# 
    9 # @copyright (C) 2007 CCLRC & NERC 
     9# @copyright (C) 2007 STFC 
    1010# 
    1111# @license This software may be distributed under the terms of the Q Public  
  • TI12-security/trunk/python/ndg.security.server/ndg/security/server/zsi/twisted/attributeauthority/Makefile

    r4390 r5357  
    77# server side code 
    88# 
    9 # @copyright (C) 2007 CCLRC & NERC 
     9# @copyright (C) 2007 STFC 
    1010# 
    1111# @license This software may be distributed under the terms of the Q Public  
  • TI12-security/trunk/python/ndg.security.server/ndg/security/server/zsi/twisted/sessionmanager/Makefile

    r4390 r5357  
    77# server side code 
    88# 
    9 # @copyright (C) 2007 CCLRC & NERC 
     9# @copyright (C) 2007 STFC 
    1010# 
    1111# @license This software may be distributed under the terms of the Q Public  
Note: See TracChangeset for help on using the changeset viewer.