Changeset 6284


Ignore:
Timestamp:
11/01/10 15:37:50 (10 years ago)
Author:
pjkersha
Message:

Preparing 1.4 release.

Location:
TI12-security/trunk/NDGSecurity/python
Files:
2 added
13 edited

Legend:

Unmodified
Added
Removed
  • TI12-security/trunk/NDGSecurity/python/ndg_security/setup.py

    r6134 r6284  
    4242setup( 
    4343    name =                      'ndg_security', 
    44     version =                   '1.3.4', 
     44    version =                   '1.4', 
    4545    description =               'NERC DataGrid Security Utilities', 
    4646    long_description =          _longDescription, 
  • TI12-security/trunk/NDGSecurity/python/ndg_security_client/setup.py

    r6134 r6284  
    4444setup( 
    4545    name =                      'ndg_security_client', 
    46     version =                   '1.3.4', 
     46    version =                   '1.4', 
    4747    description =               'NERC DataGrid Security Client side interface', 
    4848    long_description =          _longDescription, 
  • TI12-security/trunk/NDGSecurity/python/ndg_security_common/setup.py

    r6134 r6284  
    6969setup( 
    7070    name =                      'ndg_security_common', 
    71     version =                   '1.3.4', 
     71    version =                   '1.4', 
    7272    description =           'NERC DataGrid Security package containing common ' 
    7373                            'utilities used by both server and client ' 
  • TI12-security/trunk/NDGSecurity/python/ndg_security_server/ndg/security/server/wsgi/authz/__init__.py

    r6271 r6284  
    755755    """       
    756756    PIP_MIDDLEWARE_CLASS = SamlPIPMiddleware 
    757      
  • TI12-security/trunk/NDGSecurity/python/ndg_security_server/ndg/security/server/wsgi/authz/result_handler/__init__.py

    r6271 r6284  
    1212__revision__ = "$Id: $" 
    1313__license__ = "BSD - see LICENSE file in top-level directory" 
    14 from ndg.security.server.wsgi.session import SessionMiddlewareBase 
     14from ndg.security.server.wsgi.session import (SessionMiddlewareBase,  
     15    SessionHandlerMiddlewareError, SessionHandlerMiddlewareConfigError) 
    1516 
    16  
     17class PEPResultHandlerMiddlewareError(SessionHandlerMiddlewareError): 
     18    """Base exception for PEP Result Handler Middleware implementations""" 
     19             
     20             
     21class PEPResultHandlerMiddlewareConfigError(SessionHandlerMiddlewareConfigError): 
     22    """Configuration errors from PEP Result Handler Middleware implementations 
     23    """ 
     24     
     25     
    1726class PEPResultHandlerMiddlewareBase(SessionMiddlewareBase): 
    1827    """Abstract Base class for Policy Enforcement Point result handler  
    19     specialisations""" 
     28    specialisations 
     29     
     30    This class can be overridden to define custom behaviour for the access 
     31    denied response e.g. include an interface to enable users to register for 
     32    the dataset from which they have been denied access.  See  
     33    AuthorizationMiddlewareBase pepResultHandler keyword. 
     34     
     35    Implementations of this class will be invoked if access is denied to a given 
     36    resource.  An instance is incorporated into the call stack by passing it in  
     37    to a MultiHandler instance.   
     38     
     39    The MultiHandler is configured in the AuthorizationMiddlewareBase  
     40    class - see ndg.security.server.wsgi.authz.  The MultiHandler is passed a  
     41    checker method which determines whether to allow access, or call this  
     42    interface.   The checker is implemented in the PEPFilter.  See  
     43    ndg.security.server.wsgi.authz 
     44     
     45    This class includes user session key and isAuthenticated property inherited  
     46    from SessionMiddlewareBase 
     47    """ 
    2048     
    2149    @SessionMiddlewareBase.initCall 
  • TI12-security/trunk/NDGSecurity/python/ndg_security_server/ndg/security/server/wsgi/authz/result_handler/basic.py

    r6271 r6284  
    2626    is incorporated into the call stack by passing it in to a MultiHandler  
    2727    instance.  The MultiHandler is configured in the AuthorizationMiddlewareBase  
    28     class below.  The MultiHandler is passed a checker method which determines 
    29     whether to allow access, or call this interface.   The checker is 
    30     implemented in the AuthorizationHandler.  See below ... 
    31      
    32     This class can be overridden to define custom behaviour for the access 
    33     denied response e.g. include an interface to enable users to register for 
    34     the dataset from which they have been denied access.  See  
    35     AuthorizationMiddlewareBase pepResultHandler keyword. 
     28    class - see ndg.security.server.wsgi.authz.  The MultiHandler is passed a  
     29    checker method which determines whether to allow access, or call this  
     30    interface.   The checker is implemented in the PEPFilter.  See  
     31    ndg.security.server.wsgi.authz 
    3632     
    3733    PEPResultHandlerMiddlewareBase (SessionMiddlewareBase) base class defines  
  • TI12-security/trunk/NDGSecurity/python/ndg_security_server/setup.py

    r6202 r6284  
    6464setup( 
    6565    name =                      'ndg_security_server', 
    66     version =                   '1.3.4', 
     66    version =                   '1.4', 
    6767    description =               'Server side components for running NERC DataGrid ' 
    6868                            'Security Services', 
  • TI12-security/trunk/NDGSecurity/python/ndg_security_test/ndg/security/test/config/attributeauthority/sitea/attributeCertificateLog

    • Property svn:ignore set to
      ac.xml.*
  • TI12-security/trunk/NDGSecurity/python/ndg_security_test/ndg/security/test/config/attributeauthority/sitea/attributeCertificateLog/ac.xml

    r6107 r6284  
     1<?xml version="1.0" encoding="utf-8"?> 
     2<attributeCertificate xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" targetNamespace="urn:ndg:security:attributeCertificate"> 
     3    <acInfo> 
     4        <version>1.0</version> 
     5        <holder>/CN=server/O=NDG Security Test/OU=WS-Security Unittest</holder> 
     6        <issuer>/CN=AttributeAuthority/O=NDG Security Test/OU=Site A</issuer> 
     7        <issuerName>Site A</issuerName> 
     8        <issuerSerialNumber>253</issuerSerialNumber>  
     9        <userId>testuser</userId> 
     10        <validity> 
     11            <notBefore>2010 01 11 14 22 41</notBefore>  
     12            <notAfter>2010 01 11 22 22 41</notAfter>  
     13        </validity> 
     14        <attributes> 
     15            <roleSet> 
     16                <role> 
     17                    <name>urn:siteA:security:authz:1.0:attr:postdoc</name> 
     18                </role> 
     19                <role> 
     20                    <name>urn:siteA:security:authz:1.0:attr:staff</name> 
     21                </role> 
     22                <role> 
     23                    <name>urn:siteA:security:authz:1.0:attr:undergrad</name> 
     24                </role> 
     25                <role> 
     26                    <name>urn:siteA:security:authz:1.0:attr:coapec</name> 
     27                </role> 
     28                <role> 
     29                    <name>urn:siteA:security:authz:1.0:attr:rapid</name> 
     30                </role> 
     31            </roleSet> 
     32        </attributes> 
     33        <provenance>original</provenance>  
     34    </acInfo> 
     35<ds:Signature><ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"><ec:InclusiveNamespaces PrefixList="ds"></ec:InclusiveNamespaces></ds:CanonicalizationMethod><ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></ds:SignatureMethod><ds:Reference URI=""><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"></ds:Transform><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"><ec:InclusiveNamespaces PrefixList="xmlns"></ec:InclusiveNamespaces></ds:Transform></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod><ds:DigestValue>ncqStnMQekAQXXUITV4pPmzQMjA=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>CQhhukNd+aiVMWnr7EvnU9pPmVSF0n8M4+giwwfOxZhyox/G4ZL/4iwQocRJPblkBMCvgoEcEgDm 
     36Qq2RXzmQsqO3Q5LZFdtBUNJBJTRnxbPgpIP2z6YzK617e5qkXftdDvWZrrzkWBen1jBN8DhuOlcQ 
     37rFt0JKBEGTO1ELjLzDY=</ds:SignatureValue><ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICBTCCAW6gAwIBAgICAP0wDQYJKoZIhvcNAQEEBQAwLzEMMAoGA1UEChMDTkRH 
     38MQ0wCwYDVQQLEwRCQURDMRAwDgYDVQQDEwdUZXN0IENBMB4XDTA4MTIxNTE2MzUy 
     39NFoXDTEzMTIxNDE2MzUyNFowSjEaMBgGA1UEChMRTkRHIFNlY3VyaXR5IFRlc3Qx 
     40DzANBgNVBAsTBlNpdGUgQTEbMBkGA1UEAxMSQXR0cmlidXRlQXV0aG9yaXR5MIGf 
     41MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCntf+hUxFKXx/KY3LXy/RYc/yqhfIL 
     42M8h95c14n/WdSqh8rK3VxkUu5gujlEgCHafI2AjNZJZqJfKG7ZucYmRcnXbCX1qP 
     43IGKa+TllbIWdsa5y/IF/Do2AoPMJnTNJ2U1IBfPQXbO5Sd49OvfTi4Cldk89872R 
     44IuzPmLIDcFydgQIDAQABoxUwEzARBglghkgBhvhCAQEEBAMCBPAwDQYJKoZIhvcN 
     45AQEEBQADgYEAWD04scBB91kWT8qXKZyN2EZ5nBFqs6REXtI+ddOaZt7VtiaHYMXA 
     46mcRW/kCw8YgS+Ull+mZpAwpWUU9kR/A5dbiIDDRbxlz4BJCeMgkO/OxU31zmvqqa 
     4723UyGXPhtaTuo8DG2uSr5XDk6GnJ5sb0WB3UgsRh7V4ryWkStImCSGY=</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature></attributeCertificate> 
  • TI12-security/trunk/NDGSecurity/python/ndg_security_test/ndg/security/test/config/attributeauthority/siteb/attributeCertificateLog

    • Property svn:ignore set to
      ac.xml
      ac.xml.1
  • TI12-security/trunk/NDGSecurity/python/ndg_security_test/ndg/security/test/unit/credentialwallet

    • Property svn:ignore set to
      NDGCredentialWalletPickle.dat
      SAMLCredentialWalletPickle.dat
  • TI12-security/trunk/NDGSecurity/python/ndg_security_test/ndg/security/test/unit/wsgi/authz/test_authz.py

    r6264 r6284  
    2121mkPath = lambda file: jnPath(os.environ['NDGSEC_COMBINED_SRVS_UNITTEST_DIR'],  
    2222                             file) 
     23from ConfigParser import SafeConfigParser 
    2324 
    2425import paste.fixture 
     
    2728from ndg.security.test.unit import BaseTestCase 
    2829from ndg.security.server.wsgi import NDGSecurityMiddlewareBase 
     30from ndg.security.server.wsgi.authz.result_handler.basic import \ 
     31    PEPResultHandlerMiddleware 
     32from ndg.security.server.wsgi.authz.result_handler.redirect import \ 
     33    HTTPRedirectPEPResultHandlerMiddleware 
    2934from ndg.security.server.wsgi.authz import (NdgPIPMiddlewareConfigError, 
    30                                             SamlPIPMiddlewareConfigError,  
    31                                             PEPResultHandlerMiddleware) 
     35                                            SamlPIPMiddlewareConfigError) 
    3236from ndg.security.common.authz.msi import Response 
    3337 
     
    97101     
    98102class NdgWSGIAuthZTestCase(BaseTestCase): 
    99  
     103    INI_FILE = 'ndg-test.ini' 
     104    THIS_DIR = os.path.dirname(os.path.abspath(__file__)) 
    100105    def __init__(self, *args, **kwargs): 
    101106        BaseTestCase.__init__(self, *args, **kwargs) 
    102107         
    103         here_dir = os.path.dirname(os.path.abspath(__file__)) 
    104         wsgiapp = loadapp('config:ndg-test.ini', relative_to=here_dir) 
     108         
     109        wsgiapp = loadapp('config:'+NdgWSGIAuthZTestCase.INI_FILE,  
     110                          relative_to=NdgWSGIAuthZTestCase.THIS_DIR) 
    105111        self.app = paste.fixture.TestApp(wsgiapp) 
    106112         
     
    257263     
    258264class SamlWSGIAuthZTestCase(BaseTestCase): 
    259  
     265    INI_FILE = 'saml-test.ini' 
     266    THIS_DIR = os.path.dirname(os.path.abspath(__file__)) 
    260267    def __init__(self, *args, **kwargs):        
    261268        BaseTestCase.__init__(self, *args, **kwargs) 
    262269 
    263         here_dir = os.path.dirname(os.path.abspath(__file__)) 
    264         wsgiapp = loadapp('config:saml-test.ini', relative_to=here_dir) 
     270         
     271        wsgiapp = loadapp('config:'+SamlWSGIAuthZTestCase.INI_FILE,  
     272                          relative_to=SamlWSGIAuthZTestCase.THIS_DIR) 
    265273        self.app = paste.fixture.TestApp(wsgiapp) 
    266274         
     
    386394 
    387395 
     396class PEPResultHandlerTestCase(BaseTestCase): 
     397    INI_FILE = 'pep-result-handler-test.ini' 
     398    THIS_DIR = os.path.dirname(os.path.abspath(__file__)) 
     399    INI_FILEPATH = jnPath(THIS_DIR, INI_FILE) 
     400     
     401    def __init__(self, *arg, **kw): 
     402        BaseTestCase.__init__(self, *arg, **kw) 
     403         
     404        here_dir = os.path.dirname(os.path.abspath(__file__)) 
     405        wsgiapp = loadapp('config:'+PEPResultHandlerTestCase.INI_FILE,  
     406                          relative_to=PEPResultHandlerTestCase.THIS_DIR) 
     407        self.app = paste.fixture.TestApp(wsgiapp) 
     408         
     409        cfg = SafeConfigParser(dict(here=PEPResultHandlerTestCase.THIS_DIR)) 
     410        cfg.read(jnPath(PEPResultHandlerTestCase.INI_FILEPATH)) 
     411        self.redirectURI = cfg.get('filter:AuthZFilter',  
     412                                   'authz.pepResultHandler.redirectURI') 
     413         
     414        self.startSiteAAttributeAuthority(withSSL=True, 
     415            port=SamlWSGIAuthZTestCase.SITEA_SSL_ATTRIBUTEAUTHORITY_PORTNUM) 
     416 
     417         
     418    def testRedirectPEPResultHandlerMiddleware(self): 
     419        # User is logged in but doesn't have the required credentials for  
     420        # access 
     421        extra_environ = { 
     422            'beaker.session.ndg.security': 
     423                BeakerSessionStub(username=PEPResultHandlerTestCase.OPENID_URI) 
     424        } 
     425         
     426        # Expecting redirect response to specified redirect URI 
     427        response = self.app.get('/test_accessDeniedToSecuredURI', 
     428                                extra_environ=extra_environ, 
     429                                status=302) 
     430        print(response) 
     431        self.assert_(response.header_dict.get('location') == self.redirectURI) 
     432         
    388433if __name__ == "__main__": 
    389434    unittest.main()         
  • TI12-security/trunk/NDGSecurity/python/ndg_security_test/setup.py

    r6202 r6284  
    2020setup( 
    2121    name =                      'ndg_security_test', 
    22     version =                   '1.3.4', 
     22    version =                   '1.4', 
    2323    description =               'NERC DataGrid Security Unit tests', 
    2424    long_description =          'Unit tests client - server side', 
Note: See TracChangeset for help on using the changeset viewer.