Changeset 7632


Ignore:
Timestamp:
19/10/10 15:21:57 (9 years ago)
Author:
pjkersha
Message:

Incomplete - task 15: NDG Security 1.5.8 Branch Release for Questionnaire

  • Committing 1.5.8 release. ZSI based SOAP functionality is disabled for Python 2.6 use but this does not affect currently used interfaces in production deployment.
Location:
TI12-security/branches/ndg-security-1.5.x
Files:
3 added
12 edited

Legend:

Unmodified
Added
Removed
  • TI12-security/branches/ndg-security-1.5.x/ndg_security/setup.py

    r7472 r7632  
    4242setup( 
    4343    name =                      'ndg_security', 
    44     version =                   '1.5.7', 
     44    version =                   '1.5.8', 
    4545    description =               'NERC DataGrid Security Utilities', 
    4646    long_description =          _longDescription, 
  • TI12-security/branches/ndg-security-1.5.x/ndg_security_client/setup.py

    r7473 r7632  
    4444setup( 
    4545    name =                      'ndg_security_client', 
    46     version =                   '1.5.7', 
     46    version =                   '1.5.8', 
    4747    description =               'NERC DataGrid Security Client side interface', 
    4848    long_description =          _longDescription, 
  • TI12-security/branches/ndg-security-1.5.x/ndg_security_common/ndg/security/common/authz/msi.py

    r7119 r7632  
    481481from ndg.security.common.AttCert import (AttCertInvalidSignature,  
    482482    AttCertNotBeforeTimeError, AttCertExpired, AttCertError) 
    483        
    484 from ndg.security.common.sessionmanager import (SessionManagerClient,  
     483     
     484_sessionmanagerImportOK = True 
     485try: 
     486    from ndg.security.common.sessionmanager import (SessionManagerClient,  
    485487    SessionNotFound, SessionCertTimeError, SessionExpired, InvalidSession,  
    486488    AttributeRequestDenied) 
     489except ImportError, e: 
     490    warnings.warn("sessionmanager module import failed NdgPIP class will be " 
     491                  "disabled: %s" % e) 
     492    _sessionmanagerImportOK = False 
    487493 
    488494from ndg.security.common.attributeauthority import (AttributeAuthorityClient,  
     
    607613        ndg.security.common.wssecurity.WSSecurityConfig 
    608614        ''' 
     615        if _sessionmanagerImportOK == False: 
     616            raise ImportError("Error with sessionmanager module import, this " 
     617                              "class is disabled") 
     618             
    609619        self.wssecurityCfg = WSSecurityConfig() 
    610620        wssePrefix = prefix + NdgPIP.wsseSectionName 
  • TI12-security/branches/ndg-security-1.5.x/ndg_security_common/ndg/security/common/credentialwallet.py

    r6672 r7632  
    6060# Authorisation - attribute certificate  
    6161from ndg.security.common.AttCert import AttCert, AttCertError 
    62 from ndg.security.common.wssecurity.signaturehandler.foursuite import \ 
     62 
     63_fourSuiteSignatureHandlerAvailable = True 
     64try: 
     65    from ndg.security.common.wssecurity.signaturehandler.foursuite import \ 
    6366                                                            SignatureHandler 
     67except ImportError, e: 
     68    warnings.warn("Four-suite based WS-Security Signature Handler not " 
     69                  "available, message is: %s" % e) 
     70    _fourSuiteSignatureHandlerAvailable = False 
    6471 
    6572# generic parser to read INI/XML properties file 
     
    6774                                                INIPropertyFileWithValidation 
    6875 
    69 from ndg.security.common.utils import TypedList 
    7076from ndg.security.common.utils.configfileparsers import (      
    7177                                                    CaseSensitiveConfigParser,) 
     
    789795        log.debug("Calling NDGCredentialWallet.__init__ ...") 
    790796 
     797        if not _fourSuiteSignatureHandlerAvailable: 
     798            raise ImportError("4Suite-XML based WS-Security Signature handler " 
     799                              "is not installed.  Install it to enable this " 
     800                              "class") 
     801             
    791802        super(NDGCredentialWallet, self).__init__() 
    792803         
  • TI12-security/branches/ndg-security-1.5.x/ndg_security_common/setup.py

    r7473 r7632  
    1111__contact__ = "Philip.Kershaw@stfc.ac.uk" 
    1212__revision__ = '$Id$' 
     13import sys 
    1314 
    1415# Bootstrap setuptools if necessary. 
     
    1819from setuptools import setup, find_packages 
    1920 
    20 import os, sys 
    21  
    2221# Packages needed for NDG Security 
    23 # Note commented out ones fail with PyPI - use explicit link instead 
    24 # TODO: subdivide these into server and client specific and comon dependencies 
    2522_pkgDependencies = [ 
    26     'PyXML', # include as a separate dependency to force correct download link 
    27     'ZSI', 
    28     '4Suite-XML', 
    2923    'M2Crypto', 
    3024    'ndg_security_saml' 
    3125    ] 
    32  
    33 # TODO: configure an option so that database support can be set for the  
    34 # Credential Repository.  MySQL package may need to be in its own option 
    35 # eventually 
    36 credentialRepositoryDbSupport = False 
    37 if credentialRepositoryDbSupport: 
    38     _pkgDependencies += [ 
    39     'SQLObject', 
    40     'MySQL-python', # TODO: fix gcc error: unrecognized option `-restrict' 
    41 ] 
    4226 
    4327# Python 2.5 includes ElementTree by default 
     
    6953setup( 
    7054    name =                      'ndg_security_common', 
    71     version =                   '1.5.7', 
     55    version =                   '1.5.8', 
    7256    description =           'NERC DataGrid Security package containing common ' 
    7357                            'utilities used by both server and client ' 
     
    8165    license =               'BSD - See LICENCE file for details', 
    8266    install_requires =          _pkgDependencies, 
     67    extras_require = {     
     68        'soap': ['PyXML', 'ZSI'], 
     69        'wssecurity': ['4Suite-XML'] 
     70    }, 
    8371    dependency_links =          ["http://ndg.nerc.ac.uk/dist"], 
    8472    packages =                  find_packages(), 
  • TI12-security/branches/ndg-security-1.5.x/ndg_security_server/ndg/security/server/wsgi/attributeauthority.py

    r7119 r7632  
    1212log = logging.getLogger(__name__) 
    1313import os 
     14import warnings 
    1415 
    1516from ndg.security.server.attributeauthority import AttributeAuthority 
    1617from ndg.security.server.wsgi import NDGSecurityMiddlewareBase 
    17 from ndg.security.server.wsgi.zsi import SOAPBindingMiddleware 
     18 
     19_soapBindingMiddlewareImportError = False 
     20try: 
     21    from ndg.security.server.wsgi.zsi import SOAPBindingMiddleware 
     22except ImportError, e: 
     23    warnings.warn("SOAPBindingMiddleware import error: %s" % e) 
     24    _soapBindingMiddlewareImportError = True 
     25 
    1826 
    1927class AttributeAuthorityMiddleware(NDGSecurityMiddlewareBase): 
     
    218226        AttributeAuthorityMiddleware 
    219227        """ 
     228        if _soapBindingMiddlewareImportError: 
     229            raise ImportError("SOAPBindingMiddleware would not import, this " 
     230                              "class is disabled.  Check warning messages.  " 
     231                              "ZSI dependency may be installed") 
     232             
    220233        # Call this base class initialiser to set-up the environ attribute 
    221234        NDGSecurityMiddlewareBase.__init__(self, app, None) 
  • TI12-security/branches/ndg-security-1.5.x/ndg_security_server/ndg/security/server/wsgi/openid/relyingparty/validation.py

    r7119 r7632  
    324324              
    325325        ctx.load_verify_locations(capath=self.caCertDirPath) 
    326         if self.certFilePath is not None and self.priKeyFilePath is not None: 
     326        if self.certFilePath and self.priKeyFilePath: 
    327327            ctx.load_cert(self.certFilePath,  
    328328                          keyfile=self.priKeyFilePath,  
  • TI12-security/branches/ndg-security-1.5.x/ndg_security_server/setup.py

    r7473 r7632  
    1414from ez_setup import use_setuptools 
    1515use_setuptools() 
    16  
    1716from setuptools import setup, find_packages 
    18  
    19 import os 
    2017 
    2118# Other packages needed by this server package 
     
    2421    'Paste', 
    2522    'AuthKit', 
    26     'MyProxyClient' 
    2723] 
    2824 
     
    6460setup( 
    6561    name =                      'ndg_security_server', 
    66     version =                   '1.5.7', 
     62    version =                   '1.5.8', 
    6763    description =               'Server side components for running NERC DataGrid ' 
    6864                            'Security Services', 
  • TI12-security/branches/ndg-security-1.5.x/ndg_security_test/ndg/security/test/config/attributeauthority/sitea/attributeCertificateLog/ac.xml

    r7476 r7632  
    99        <userId>testuser</userId> 
    1010        <validity> 
    11             <notBefore>2010 09 10 16 12 44</notBefore>  
    12             <notAfter>2010 09 11 00 12 44</notAfter>  
     11            <notBefore>2010 10 19 13 20 55</notBefore>  
     12            <notAfter>2010 10 19 21 20 55</notAfter>  
    1313        </validity> 
    1414        <attributes> 
     
    3333        <provenance>original</provenance>  
    3434    </acInfo> 
    35 <ds:Signature><ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"><ec:InclusiveNamespaces PrefixList="ds"></ec:InclusiveNamespaces></ds:CanonicalizationMethod><ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></ds:SignatureMethod><ds:Reference URI=""><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"></ds:Transform><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"><ec:InclusiveNamespaces PrefixList="xmlns"></ec:InclusiveNamespaces></ds:Transform></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod><ds:DigestValue>+cF12PSWZtxi5U6tGBDgyczbhbo=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>dbXp7OLiourx0FyguwVMK79jKD6UXGCIxd8gkM9arM6oC+j4lxaGLQfaQYT1qyRJjDuFA5emXh/6 
    36 ZbjPsdLro+QiBBV4bpbWdLCCn1V2HuBXwSF2qDmMUitha8mAXeeg9gw+E3x5nusApRdnCVqfG8Ct 
    37 pnWvESO/o46jeQO0/FE=</ds:SignatureValue><ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIIB+jCCAWOgAwIBAgIBFDANBgkqhkiG9w0BAQQFADAzMQwwCgYDVQQKEwNOREcx 
     35<ds:Signature><ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"><ec:InclusiveNamespaces PrefixList="ds"></ec:InclusiveNamespaces></ds:CanonicalizationMethod><ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></ds:SignatureMethod><ds:Reference URI=""><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"></ds:Transform><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"><ec:InclusiveNamespaces PrefixList="xmlns"></ec:InclusiveNamespaces></ds:Transform></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod><ds:DigestValue>Q9Gt6n4Ld95cXaCW2InNpvnNkmY=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>Jop1//dO80HVOEIJhJRMUMabB178236kGR6HwhcUTS9VgdW6H1i18/pDquJnwO2JC+L6Z0DFkDtk 
     36c0WJs9m3TsNg0z/Aw2EYALgbwgyspY1Ig6XWYwCybQnEO8M4slU0Tch8s5lBP4tzAyge7qvzeB1s 
     379RMrnAAA9ve0kcor0YU=</ds:SignatureValue><ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIIB+jCCAWOgAwIBAgIBFDANBgkqhkiG9w0BAQQFADAzMQwwCgYDVQQKEwNOREcx 
    3838ETAPBgNVBAsTCFNlY3VyaXR5MRAwDgYDVQQDEwdUZXN0IENBMB4XDTEwMDYyOTEw 
    3939NTQxOFoXDTExMDYyOTEwNTQxOFowPDEMMAoGA1UEChMDTkRHMQ8wDQYDVQQLEwZT 
  • TI12-security/branches/ndg-security-1.5.x/ndg_security_test/ndg/security/test/integration/authz_lite/openidrelyingparty/ssl-idp-validator.xml

    r7117 r7632  
    1212        <parameter name="configFilePath" value="$NDGSEC_INTEGRATION_TEST_DIR/authz_lite/openidrelyingparty/ssl-valid-server-names.cfg"/> 
    1313        <parameter name="caCertDirPath" value="$NDGSEC_TEST_CONFIG_DIR/ca"/> 
     14<!-- 
    1415        <parameter name="certFilePath" value="$NDGSEC_TEST_CONFIG_DIR/pki/localhost.crt"/> 
    1516        <parameter name="priKeyFilePath" value="$NDGSEC_TEST_CONFIG_DIR/pki/localhost.key"/> 
    1617        <parameter name="priKeyPwd" value=""/> 
     18--> 
    1719    </validator> 
    1820</IdPValidators> 
  • TI12-security/branches/ndg-security-1.5.x/ndg_security_test/ndg/security/test/integration/authz_lite/securityservices.ini

    r7119 r7632  
    126126 
    127127# Uncomment to restrict sign in to a whitelist of trusted OpenID Providers. 
    128 #openid.relyingparty.idpWhitelistConfigFilePath = %(here)s/openidrelyingparty/ssl-idp-validator.xml 
     128openid.relyingparty.idpWhitelistConfigFilePath = %(here)s/openidrelyingparty/ssl-idp-validator.xml 
    129129 
    130130openid.relyingparty.signinInterfaceMiddlewareClass = ndg.security.server.wsgi.openid.relyingparty.signin_interface.genshi.GenshiSigninTemplate 
  • TI12-security/branches/ndg-security-1.5.x/ndg_security_test/setup.py

    r7473 r7632  
    1515use_setuptools() 
    1616from setuptools import setup, find_packages 
    17 import os 
    1817    
    1918 
    2019setup( 
    2120    name =                      'ndg_security_test', 
    22     version =                   '1.5.7', 
     21    version =                   '1.5.8', 
    2322    description =               'NERC DataGrid Security Unit tests', 
    2423    long_description =          'Unit tests client - server side', 
Note: See TracChangeset for help on using the changeset viewer.