Changeset 5771


Ignore:
Timestamp:
28/09/09 12:03:07 (10 years ago)
Author:
pjkersha
Message:

Integrated SSL client authentication with OpenID based authentication for authz_lite integration test.

Location:
TI12-security/trunk/python
Files:
5 edited

Legend:

Unmodified
Added
Removed
  • TI12-security/trunk/python/ndg_security_common/ndg/security/common/wssecurity/signaturehandler/foursuite.py

    r5441 r5771  
    567567                                       '"%s"' % refURI) 
    568568             
    569             log.info("Verified canonicalization for element %s" % refURI[1:]) 
     569            log.debug("Verified canonicalization for element %s" % refURI[1:]) 
    570570                 
    571571        # 2) Signature Validation 
  • TI12-security/trunk/python/ndg_security_server/ndg/security/server/attributeauthority.py

    r5738 r5771  
    11711171        """Parse Map Configuration file. 
    11721172        """ 
    1173          
    11741173        log.debug("Reading map configuration file ...") 
    11751174         
  • TI12-security/trunk/python/ndg_security_server/ndg/security/server/wsgi/ssl.py

    r5770 r5771  
    386386            # Update environ so that downstream AuthenticationMiddleware can 
    387387            # set the session cookie 
    388             self.environ['REMOTE_USER'] = self.clientCert.dn['CN'] 
     388            environ['REMOTE_USER'] = self.clientCert.dn['CN'] 
     389            environ['paste.auth_tkt.set_user'](environ['REMOTE_USER']) 
    389390             
    390391            # Set-up redirect back to original request URI 
  • TI12-security/trunk/python/ndg_security_test/ndg/security/test/integration/authz_lite/attributeinterface.py

    r5447 r5771  
    2323 
    2424    def getRoles(self, userId): 
     25        # 'test' user is for SSL client based authentication where the test 
     26        # certificate DN has a Common Name = test 
    2527        if userId.endswith("/openid/PhilipKershaw"): 
    2628            return [ 
     
    3032                'urn:siteA:security:authz:1.0:attr:coapec' 
    3133            ] 
     34        elif userId == 'test': 
     35            return [ 
     36                'urn:siteA:security:authz:1.0:attr:staff',  
     37            ] 
    3238        else: 
    3339            return ['urn:siteA:security:authz:1.0:attr:guest'] 
  • TI12-security/trunk/python/ndg_security_test/ndg/security/test/integration/authz_lite/securityservices.ini

    r5770 r5771  
    5858           AttributeAuthoritySamlSoapBindingFilter 
    5959                   SessionMiddlewareFilter 
     60                   SSLCientAuthKitFilter 
    6061                   SSLClientAuthenticationFilter 
    61                    SSLCientAuthKitFilter 
    6262                   SSLCientAuthenticationRedirectFilter 
    6363                   OpenIDRelyingPartyFilter 
     
    289289# user ID 
    290290#attributeAuthority.attributeInterface.modFilePath: %(testConfigDir)s/attributeauthority/sitea 
    291 attributeAuthority.attributeInterface.modName: ndg.security.test.integration.authz.attributeinterface 
     291attributeAuthority.attributeInterface.modName: ndg.security.test.integration.authz_lite.attributeinterface 
    292292attributeAuthority.attributeInterface.className: TestUserRoles 
    293293 
Note: See TracChangeset for help on using the changeset viewer.