Context Navigation

← Previous Change
Next Change →

Changeset 6107 for TI12-security/trunk

Timestamp:

11/12/09 15:23:40 (11 years ago)

Author:

pjkersha

Message:

Updated OpenID RP sign-in template for CEDA look and feel.
Changes to MyProxyClient?.logon to enable externally input certificate request and key pair. This will enable the proposed HTTP based proxy interface to MyProxy?.

Location:

TI12-security/trunk/python

Files:

: 43 added
: 13 edited

Legend:

: Unmodified
: Added
: Removed

TI12-security/trunk/python/.pydevproject

-                      r6098
+                      r6107
 <pydev_property name="org.python.pydev.PYTHON_PROJECT_VERSION">python 2.6</pydev_property>
 <pydev_property name="org.python.pydev.PYTHON_PROJECT_INTERPRETER">Default</pydev_property>
+<pydev_pathproperty name="org.python.pydev.PROJECT_SOURCE_PATH">
+<path>/ndgsecurity/MyProxyClient</path>
+</pydev_pathproperty>
 </pydev_project>

TI12-security/trunk/python/MyProxyClient/myproxy/client.py

-                      r6098
+                      r6107
         # - private key
         # - rest of cert chain
+        pemKey = key.as_pem(cipher=None)
+        creds = [pemCerts[0], pemKey]
+        creds.extend(pemCerts[1:])
+        if keys is not None:
+            pemKey = keys.as_pem(cipher=None)
+            creds = [pemCerts[0], pemKey]
+            creds.extend(pemCerts[1:])
+        else:
+            creds = pemCerts
         return tuple(creds)
     def getDelegation(self, *arg, **kw):

TI12-security/trunk/python/MyProxyClient/test/myProxyClient.cfg

-                      r5048
+                      r6107
 # Delete this element and take setting from MYPROXY_SERVER environment
 # variable if required
 #hostname=localhost
+hostname=localhost
 # Delete this element to take default setting 7512 or read
 …
 proxyCertLifetime=64800
+caCertFilePath=$MYPROXYCLIENT_UNITTEST_DIR/ndg-test-ca.crt
+#caCertFilePath=$MYPROXYCLIENT_UNITTEST_DIR/ndg-test-ca.crt
+caCertFilePath=$MYPROXYCLIENT_UNITTEST_DIR/ndg-glue-ca.crt

TI12-security/trunk/python/ndg_security_common/ndg/security/common/credentialwallet.py

-                      r6064
+                      r6107
         AttributeRequestDenied, NoMatchingRoleInTrustedHosts)
     aaImportError = False
 except ImportError:
     log.warning('Loading CredentialWallet without SOAP interface imports')
+except ImportError, e:
+    log.warning('Loading CredentialWallet without SOAP interface imports: %s', e)
 # Likewise - may not want to use WS and use AttributeAuthority locally in which
 …
         AttributeAuthorityError, AttributeAuthorityAccessDenied)
     aaImportError = False
 except:
+except ImportError, e:
     log.warning('Loading CredentialWallet without Attribute Authority '
                 'interface imports')
+                'interface imports %s', e)
 if aaImportError:

TI12-security/trunk/python/ndg_security_server/ndg/security/server/wsgi/myproxy/init.py

-                      r6069
+                      r6107
 import logging
 log = logging.getLogger(__name__)
+import traceback
 import re
 import httplib
 …
                                         "with MyProxy server %r: %s" %
                                         (self.myProxyClient.hostname, e))
+            except Exception, e:
+                log.error("MyProxyClient.logon raised an unknown exception "
+                          "calling %r: %s",
+                          self.myProxyClient.hostname,
+                          traceback.format_exc())
+                raise
             start_response(status,

TI12-security/trunk/python/ndg_security_server/ndg/security/server/wsgi/openid/relyingparty/signin_interface/genshi/init.py

-                      r6069
+                      r6107
 """NDG Security OpenID Relying Party Buffet based Sign in template
+"""NDG Security OpenID Relying Party Genshi based Sign in template
 NERC DataGrid Project
 …
     """Provide Templating for OpenID Relying Party Middleware Sign in interface
     via Buffet class"""
+    DEFAULT_TEMPLATES_DIR = path.join(path.dirname(__file__), 'templates')
+    DEFAULT_STATIC_CONTENT_DIR = path.join(path.dirname(__file__), 'public')
+    SIGNIN_TEMPLATE_NAME = 'signin.html'
     propertyDefaults = {
+        'templateType': 'kid',
+        'templateRootDir': None,
+        'staticContentRootDir': './',
+        'templateRootDir': DEFAULT_TEMPLATES_DIR,
+        'staticContentRootDir': DEFAULT_STATIC_CONTENT_DIR,
         'baseURL': 'http://localhost',
         'initialOpenID': '',
         'logoutURI': '',
+        'heading': '',
         'leftLogo': None,
+        'leftAlt': None,
+        'ndgLink': 'http://ndg.nerc.ac.uk',
+        'ndgImage': None,
+        'disclaimer': 'Test deployment only',
+        'stfcLink': 'http://www.stfc.ac.uk/',
+        'stfcImage': None,
+        'leftAlt': '',
+        'leftLink': None,
+        'leftImage': None,
+        'footerText': 'Test deployment only',
+        'rightLink': None,
+        'rightImage': None,
+        'rightAlt': '',
         'helpIcon': None
+    }
-    DEFAULT_TEMPLATES_DIR = path.join(path.dirname(__file__), 'templates')
-    SIGNIN_TEMPLATE_NAME = 'signin.html'
     def __init__(self, app, global_conf, **local_conf):
 …
         object
+        @type *arg: tuple
+        @param *arg: RenderingInterface parent class arguments
+        @type **opt: dict
+        @param **opt: additional keywords to set-up Buffet rendering'''
+        @type app: callable following WSGI interface
+        @param app: next middleware application in the chain
+        @type global_conf: dict
+        @param global_conf: PasteDeploy global configuration dictionary
+        enables other global configuration parameters to be filtered out
+        @type local_conf: dict
+        @param local_conf: PasteDeploy application specific configuration
+        dictionary
+        '''
         super(GenshiSigninTemplate, self).__init__(app,
                                                    global_conf,
                                                    **local_conf)
-        if self.templateRootDir is None:
-            self.templateRootDir = GenshiSigninTemplate.DEFAULT_TEMPLATES_DIR
         self.__loader = TemplateLoader(self.templateRootDir, auto_reload=True)

TI12-security/trunk/python/ndg_security_server/ndg/security/server/wsgi/openid/relyingparty/signin_interface/genshi/public/layout/ndg2.css

-                      r5984
+                      r6107
         padding: 0;
         border: 0;
         background-color: #fff;
+        background-color: #eee;
         color:#333333;
         font-family:Verdana, Arial, Helvetica, sans-serif;
 …
 #header {
+ height: 100px;
+ background: #fff;
+ padding: 0;
+ border: solid #333333;
+ border-width: 0 0 2px 0;
+ background-repeat:no-repeat;
+ }
+    color: #8c8c8c;
+    height: 60px;
+    background: #ffffff;
+    margin-bottom: 10px;
+    padding-top: 3px;
+    padding-right: 10px;
+    padding-left: 10px;
+    clear: both;
+    margin-top:10px;
+/*    border: solid #555555;*/
+    border: solid #8c8c8c;
+    border-width: 0 0 2px 0;
+    background-repeat:no-repeat;
+}
 #logo{
 …
 .cellhead { font-size: 100%; font-weight: bold;}
-.key {background-image:url(/layout/key.gif);}
-#map {width:440px; height:220px; border: 1px solid black;}
-/* .map {width:300px;height:250px;border:0;padding:0;margin:0;overflow:hidden;}*/
-/* NumSim */
-#visMap {width: 600px; height: 300px; border: 1px solid black;}
-.Model {margin: 5px 5px 5px 20px; border: 1px solid #3c78b5; clear:both;}
-/* Advanced Search Page */
-.clear { clear: both; }
-.outer {border-left: 14px solid #FFFFFF; border-right: 500px solid #FFFFFF; }
-.inner {width: 100%; }
-.inner .hidden {display:none;background-color: #f4f4f4; border:1px solid black;}
-.float-wrap {float: left; width: 100%; margin-left: -14px; }
-#AdvContent {float: right; background-color: #fff;margin-right: -14px;  width: 100%;}
-* html #AdvContent {position: relative; }
-.contentWrap{padding: 5px;}
-.contentWrap ol, .contentWrap ul {margin: 3px 0 5px 35px;}
-.contentWrap li {padding-bottom: 2px;}
-#innerLeft {float: left;width: 1px;min-height: 250px;padding: 0;}
-* html #innerLeft {position: relative; height: 250px;}
-#innerRight {float: right; width: 490px;padding: 5px;min-height: 250px;margin-right: -500px; }
-* html #innerRight {height: 250px;position: relative;  }
-.searchHdr {font-weight:bold;color: #571F12;background-color: #fff;padding:15px 0px 10px 0px;vertical-align:text-top;}
-.SearchBox {padding:0 0 0 60px;}
-.SearchTxt {padding:0 20px 0 0;}
-.SearchStartDate {padding:0 0 0 60px;}
-.SearchEndDate {padding:0 0 0 60px;}
-.SearchSource {padding:0 0 0 60px;}
-.SearchSubmit {padding:30px 0 20px 60px;}
-.helptxt {font-size:smaller; background-color:LightGrey;}
-/* Results Page */
-#context { margin: 5px 10px 5px 10px; border:0; color:#571512;}
-#SemanticSearchBox{margin: 0px 0px 0px 0px; border:0}
-#SemanticSearchResults { margin: 5px 10px 5px 10px; border:0; color:#571512;}
-.resultsBar {text-align:right; margin: 2px 10px 2px 10px; border:0;}
-.resultsBar .hidden {display:none;}
-.resultsBar .resultsLeft {float:left}
-#resultsTab thead {background-color: #075993; color:#FFFFFF; margin: 0px 10px 0px 10px;}
-#resultsTab th {
-        background-color: #075993;
-        color:#FFFFFF;
-        padding: 3px 10px 3px 10px;
+}
-#resultsTab td {
-        color:#333333;
-        /* line-height:1.5; */
-        padding: 5px 10px 5px 10px;
+}
-/* #resultsTab tbody {vertical-align:baseline; } */
 .ndgem {font-weight:bold}
 tr.rowlo {background: #eeeeee;
 …
 /* And now the footer */
+#Footer  { color: #999999; background-color: #eeeeee; margin-bottom: 25px; padding-top: 3px; padding-right: 10px; padding-left: 10px; clear: both; border-top: 2px solid #333333; margin-top:10px; font-size:80%; border-bottom: 2px solid #333333;}
+#Footer  {
+    color: #ffffff;
+    background-color: #003153;
+    padding-top: 3px;
+    clear: both;
+    margin-top:10px;
+    font-size: smaller;
+}
+a.FooterLink:link {color:orange}
+a.FooterLink:visited {color:teal}
 /* Footer not yet checked */
 …
 /* Footer not yet checked complete */
+#openIDSignin {
+    margin-bottom: 50px;
+    padding-top: 0px;
+    padding-right: 10px;
+    padding-left: 10px;
+    clear: both;
+    margin-top:25px;
+}
+#message {
+    color: #8c8c8c;
+    font-size: smaller;
+}
+div#main {
+    background-color: #fff;
+    border: 1px solid #ccc;
+    -moz-border-radius: 10px 10px;
+    border-radius: 10px 10px;
+    margin: 20px;
+    /*padding: 10px 20px;*/
+}

TI12-security/trunk/python/ndg_security_server/ndg/security/server/wsgi/openid/relyingparty/signin_interface/genshi/templates/ndgpage.html

-                      r5984
+                      r6107
 <!-- This is a bunch of named templates for use in pages -->
 <html xmlns="http://www.w3.org/1999/xhtml" xmlns:py="http://genshi.edgewall.org/">
+    <?python from genshi import HTML ?>
     <!-- HTML Header and Document header follow -->
 …
     </head>
+    <div py:def="header()">
+        <div id="header"/>
+        <div id="logo"><img src="${c.leftLogo}" alt="${c.leftAlt}" /></div>
+    </div>
+    <div py:def="PageTabs(tabv)" id="PageTabs">
+        <div id="PageTabRow">
+            <ul>
+                <span py:for="tab in c.pageTabs">
+                    <?python
+                    linkto=True
+                    if tab[0] == tabv:
+                        status='current'
+                        linkto=False
+                    else: status='hidden'
+                    ?>
+                    <li class="$status"><span class="pagetab">
+                    </span></li>
+                 </span>
+            </ul>
+    <div py:def="header()" id="header">
+        <div py:if="c.heading" id="heading">
+            <h1>${c.heading}</h1>
         </div>
+        <div class="line"/>
+        <div class="clear"/>
+        <div py:if="c.leftLogo" id="logo">
+            <img src="${c.leftLogo}" alt="${c.leftAlt}" />
+        </div>
     </div>
     <!-- Page Footer follows -->
     <div py:def="footer(showLoginStatus=False)" id="Footer">
         <center><table><tbody>
+        <table width="100%"><tbody>
             <tr>
                 <td align="left" width="60%">
+                    <table><tbody>
+                    <tr>
+                        <td><span py:replace="linkimage(c.ndgLink,c.ndgImage,'NDG')"/></td>
+                        <td>OpenID Provider Site for <a href="http://ndg.nerc.ac.uk">NERC DataGrid</a>
+                    ${c.disclaimer}</td>
+                    </tr>
+                    </tbody></table>
+                    <table>
+                        <tbody>
+                            <tr>
+                                <td py:if="c.leftImage and c.leftLink"><span py:replace="linkimage(c.leftLink, c.leftImage, c.leftAlt)"/></td>
+                                <td py:if="c.footerText">${HTML(c.footerText)}</td>
+                            </tr>
+                        </tbody>
+                    </table>
                 </td>
+                <td width="40%" align="center">
+                    <div py:if="c.loginStatus" id="loginStatus">
+                        <!--! now we choose one of the next two (logged in or not) -->
+                        <div py:if="c.loggedIn" id="loggedIn">
+                            <table><tbody><tr><td>
+                                Logged in as ${c.session['username']}.
+                                [<a href="$c.logOutURI">Log out</a>]
+                            </td></tr></tbody></table>
+                        </div>
+                    </div>
+                </td>
+                <td align="right"><span py:replace="linkimage(c.stfcLink,c.stfcImage,'Hosted by the STFC CEDA')"/></td>
+                <td align="right" width="40%"><span py:replace="linkimage(c.rightLink, c.rightImage, c.rightAlt)"/></td>
             </tr>
         </tbody></table></center>
+        </tbody></table>
     </div>
 …
         <a href="$linkref"><image src="$imageref" alt="$alttext" title="$alttext"/></a>
     </span>
-    <!-- Help Icons -->
-    <span py:def="helpIcon(value)">
-        <span>
-            <a href="javascript:;" title="Toggle help" onclick="toggleDiv(1,'$value','shown','hidden','div'); return false;">
-            <img src="${g['helpIcon']}" alt="Toggle help" class="helpicon"/></a>
-        </span>
-    </span>
 </html>

TI12-security/trunk/python/ndg_security_server/ndg/security/server/wsgi/openid/relyingparty/signin_interface/genshi/templates/signin.html

-                      r5984
+                      r6107
  xmlns="http://www.w3.org/1999/xhtml"
  xmlns:py="http://genshi.edgewall.org/">
         <div py:def="openIDSignin()" class="openIDSignin" style="text-indent:5px">
+        <div py:def="openIDSignin()" id="openIDSignin">
                 <form action="$c.baseURL/verify" method="post">
                         <table cellspacing="0" border="0" cellpadding="5" style="align: left">
                             <tr align="left">
+                                        <td>OpenID:</td>
+                                        <td align="left">
+                                                <input type="text"
+                                                        name="openid"
+                                                        value="$c.initialOpenID"
+                                                        class='openid-identifier'
+                                                        size="48"
+                                                />
+                                        </td>
+                                        <td align="right">
+                                                <input type="submit" name="authform" value="Go"/>
+                                        </td>
+                                        <td>
+                                                <a href="http://openid.net/what/" target="_blank"><small>What's this?</small></a>
+                                        </td>
+                                <td>OpenID:</td>
+                                <td align="left">
+                                        <input type="text"
+                                                name="openid"
+                                                value="$c.initialOpenID"
+                                                class='openid-identifier'
+                                                size="48"
+                                        />
+                                </td>
+                                <td align="right">
+                                        <input type="submit" name="authform" value="Go"/>
+                                </td>
                             </tr>
+                            <tr>
+                                <td colspan="3">
+                        <div id="message">
+                            $$message
+                        </div>
+                    </td>
+                </tr>
                   </table>
                 </form>
-                <div id="message">
-                        $$message
-                </div>
         </div>
 …
     </head>
     <body>
+        <div py:replace="header()"/>
+        <replace py:replace="openIDSignin()"/>
+        <div py:replace="footer(showLoginStatus=False)"/>
+        <div id="main">
+            <div py:replace="header()"/>
+                <replace py:replace="openIDSignin()"/>
+            <div py:replace="footer(showLoginStatus=False)"/>
+        </div>
     </body>
 </html>

TI12-security/trunk/python/ndg_security_test/ndg/security/test/integration/authz_lite/openidrelyingparty/public/layout/ndg2.css

-                      r5447
+                      r6107
 /* And now the footer */
+#Footer  { color: #999999; background-color: #eeeeee; margin-bottom: 25px; padding-top: 3px; padding-right: 10px; padding-left: 10px; clear: both; border-top: 2px solid #333333; margin-top:10px; font-size:80%; border-bottom: 2px solid #333333;}
+#Footer  {
+    color: #ffffff;
+    background-color: #003153;
+    margin-bottom: 25px;
+    padding-top: 3px;
+    padding-right: 10px;
+    padding-left: 10px;
+    clear: both;
+    margin-top:10px;
+    font-size: smaller;
+}
 /* Footer not yet checked */

TI12-security/trunk/python/ndg_security_test/ndg/security/test/integration/authz_lite/securityservices.ini

-                      r6067
+                      r6107
 openid.relyingparty.providerWhitelistFilePath =
 openid.relyingparty.signinInterfaceMiddlewareClass = ndg.security.server.wsgi.openid.relyingparty.signin_interface.genshi.GenshiSigninTemplate
 openid.relyingparty.signinInterface.staticContentRootDir = %(here)s/openidrelyingparty/public
+#openid.relyingparty.signinInterface.staticContentRootDir = %(here)s/openidrelyingparty/public
 openid.relyingparty.signinInterface.baseURL = %(openid.relyingparty.baseURL)s
 openid.relyingparty.signinInterface.initialOpenID = %(openIDProviderIDSelectURI)s
+openid.relyingparty.signinInterface.leftLogo = %(openid.relyingparty.signinInterface.baseURL)s/layout/NERC_Logo.gif
+openid.relyingparty.signinInterface.leftAlt = Natural Environment Research Council
+openid.relyingparty.signinInterface.ndgLink = http://ndg.nerc.ac.uk/
+openid.relyingparty.signinInterface.ndgImage = %(openid.relyingparty.signinInterface.baseURL)s/layout/ndg_logo_circle.gif
+openid.relyingparty.signinInterface.disclaimer = This site is for test purposes only and is under active development.
+openid.relyingparty.signinInterface.stfcLink = http://www.stfc.ac.uk/
+openid.relyingparty.signinInterface.stfcImage = %(openid.relyingparty.signinInterface.baseURL)s/layout/stfc-circle-sm.gif
+openid.relyingparty.signinInterface.heading = OpenID Sign-in
+#openid.relyingparty.signinInterface.leftLogo = %(openid.relyingparty.signinInterface.baseURL)s/layout/NERC_Logo.gif
+#openid.relyingparty.signinInterface.leftAlt = Natural Environment Research Council
+#openid.relyingparty.signinInterface.leftLink = http://ndg.nerc.ac.uk/
+#openid.relyingparty.signinInterface.leftImage = %(openid.relyingparty.signinInterface.baseURL)s/layout/ndg_logo_circle.gif
+openid.relyingparty.signinInterface.footerText = This site is for test purposes only.   <a class="FooterLink" href="http://openid.net/what/" target="_blank"><small>What is OpenID?</small></a>
+openid.relyingparty.signinInterface.rightLink = http://ceda.ac.uk/
+openid.relyingparty.signinInterface.rightImage = %(openid.relyingparty.signinInterface.baseURL)s/layout/CEDA_RightButton60.png
+openid.relyingparty.signinInterface.rightAlt = Centre for Environmental Data Archival
 openid.relyingparty.signinInterface.helpIcon = %(openid.relyingparty.signinInterface.baseURL)s/layout/icons/help.png
 …
 [formatter_generic]
 format = %(asctime)s,%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
 datefmt = %H:%M:%S
+format = %(asctime)s.%(msecs)03d %(levelname)-5.5s [%(name)s:%(lineno)s] %(message)s
+datefmt = %Y-%m-%d %H:%M:%S

TI12-security/trunk/python/ndg_security_test/ndg/security/test/unit/wsgi/myproxy/test.ini

r5843	r6107
23	23	http.auth.basic.rePathMatchList = .*
24	24	myproxy.logonFuncEnvKeyName = myProxyLogon
25		myproxy.client.hostname = localhost
	25	#myproxy.client.hostname = localhost
	26	myproxy.client.hostname = glue.badc.rl.ac.uk
	27	myproxy.client.serverDN = /O=NDG/OU=BADC/CN=glue.badc.rl.ac.uk

TI12-security/trunk/python/ndg_security_test/ndg/security/test/unit/wsgi/myproxy/test_myproxy.py

r6069	r6107
217	217	if __name__ == "__main__":
218	218	#import sys;sys.argv = ['', 'Test.testName']
	219	import unittest
219	220	unittest.main()

Note: See TracChangeset for help on using the changeset viewer.

Download in other formats: