Changeset 7784 for TI12-security


Ignore:
Timestamp:
16/12/10 17:11:24 (9 years ago)
Author:
pjkersha
Message:

Incomplete - task 16: NDG Security 2.x.x - incl. updated Paster templates

  • Working unit test for generic services template
Location:
TI12-security/trunk/NDGSecurity/python/ndg_security_server/ndg/security/server/paster_templates
Files:
1 added
4 deleted
4 edited

Legend:

Unmodified
Added
Removed
  • TI12-security/trunk/NDGSecurity/python/ndg_security_server/ndg/security/server/paster_templates/Makefile

    r7781 r7784  
    3939SERVICE_CA_DEST_DIR = ${SERVICE_PKI_DEST_DIR}ca/ 
    4040SERVICE_SURPLUS_FILES = README __init__.* attributeinterface.* securedapp.* \ 
    41         securityservicesapp.* request-filter.xml pep_result_handler *.pyc 
    42  
     41        securityservicesapp.* request-filter.xml pep_result_handler *.pyc \ 
     42        openidprovider/associations/  openidprovider/beaker/ \ 
     43        openidprovider/README openidprovider/nonces/ openidprovider/temp/ \ 
     44        openidrelyparty/store/ openidrelyparty/__init__.* 
     45         
    4346service_tmpl: ${SERVICE_SRC_DIR} 
    4447        @-echo Preparing Generic Services template ... 
     
    6669        -e s/'testConfigDir = .*'// \ 
    6770        -e s/testConfigDir/here/g \ 
     71        -e s/'# Revision:.*'//g \ 
    6872        ${SERVICE_INI_FILEPATH_TMP} > ${SERVICE_INI_TMPL_FILEPATH} 
    6973        rm -f ${SERVICE_INI_FILEPATH_TMP} 
     
    99103        @-echo Preparing Authorisation Service template ... 
    100104        @-echo 
    101         @-echo Copying test ini file ... 
     105        @-echo Copying test ini file and other configuration files ... 
     106        mkdir ${AUTHZ_SERVICE_DEST_DIR} 
    102107        cp -r ${AUTHZ_SERVICE_SRC_DIR}* ${AUTHZ_SERVICE_DEST_DIR} 
    103108        @-echo Making substitutions for template variables ... 
  • TI12-security/trunk/NDGSecurity/python/ndg_security_server/ndg/security/server/paster_templates/services/openidrelyingparty/store

    • Property svn:ignore set to
      associations
      nonces
      temp
  • TI12-security/trunk/NDGSecurity/python/ndg_security_server/ndg/security/server/paster_templates/services/service.ini_tmpl

    r7777 r7784  
    1616# license:      BSD - see LICENSE file in top-level directory 
    1717# Contact:      Philip.Kershaw@stfc.ac.uk 
    18 # Revision:     $Id: securityservices.ini 7709 2010-11-05 16:54:17Z pjkersha $ 
     18 
    1919 
    2020# Settings global to all sections 
     
    5555 
    5656# Secret for OpenID Provider cookie 
    57 beakerSessionSecret = ${beakerSessionSecret} 
     57beakerSessionCookieSecret = ${beakerSessionCookieSecret} 
    5858 
    5959 
     
    100100paste.filter_app_factory=beaker.middleware:SessionMiddleware 
    101101beaker.session.key = openid 
    102 beaker.session.secret = %(beakerSessionSecret)s 
     102beaker.session.secret = %(beakerSessionCookieSecret)s 
    103103 
    104104# If you'd like to fine-tune the individual locations of the cache data dirs 
     
    140140# Apply verification against a list of trusted CAs.  To skip this step, comment 
    141141# out or remove this item.  e.g. set CA verification in the Apache config file. 
    142 ssl.caCertFilePathList = %(here)s/ca/d573507a.0 
     142ssl.caCertFilePathList = %(here)s/pki/ca/d573507a.0 
    143143 
    144144# Apply whitelisting of client certificate DNs.  This should never be needed in 
     
    219219authkit.openid.store.config=%(here)s/openidrelyingparty/store 
    220220authkit.openid.session.key = authkit_openid 
    221 authkit.openid.session.secret = random string 
     221authkit.openid.session.secret = ${openidRelyingPartyCookieSecret} 
    222222 
    223223# Key name for dereferencing beaker.session object held in environ 
     
    580580authz.ctx_handler.pip.attributeQuery.sslCertFilePath = %(here)s/pki/localhost.crt 
    581581authz.ctx_handler.pip.attributeQuery.sslPriKeyFilePath = %(here)s/pki/localhost.key 
    582 authz.ctx_handler.pip.attributeQuery.sslCACertDir = %(here)s/ca 
     582authz.ctx_handler.pip.attributeQuery.sslCACertDir = %(here)s/pki/ca 
    583583 
    584584#______________________________________________________________________________ 
     
    588588 
    589589[handlers] 
    590 keys = console 
     590keys = console, logfile 
    591591 
    592592[formatters] 
     
    612612datefmt = %Y-%m-%d %H:%M:%S 
    613613 
     614[handler_logfile] 
     615class = handlers.RotatingFileHandler 
     616level=NOTSET 
     617formatter=generic 
     618args=(os.path.join('%(here)s', 'log', 'service.log'), 'a', 50000, 2) 
  • TI12-security/trunk/NDGSecurity/python/ndg_security_server/ndg/security/server/paster_templates/template.py

    r7781 r7784  
    2626from ndg.saml.saml2.core import Issuer     
    2727 
     28import re 
     29from paste.script.copydir import LaxTemplate 
     30 
    2831 
    2932class ServicesTemplate(Template): 
     
    4043    ATTRIBUTE_SERVICE_DEFAULT_ISSUER_FORMAT = Issuer.X509_SUBJECT 
    4144     
    42     AUTHORISATION_SERVICE_DEFAULT_ISSUER_NAME = '/O=Site A/CN=Authorisation Service' 
     45    AUTHORISATION_SERVICE_DEFAULT_ISSUER_NAME = \ 
     46        '/O=Site A/CN=Authorisation Service' 
    4347    AUTHORISATION_SERVICE_DEFAULT_ISSUER_FORMAT = Issuer.X509_SUBJECT 
    4448    AUTHORISATION_SERVICE_DEFAULT_MOUNT_POINT = '/AuthorisationService' 
     
    97101            default=base64.b64encode(os.urandom(32))[:32])     
    98102        ] 
    99              
     103     
     104    def __init__(self, *arg, **kw): 
     105        """Extend to enable custom setting for template substitution.  This  
     106        enables the special variable in service.ini_tmpl "userIdentifier" to 
     107        be ignored 
     108        """ 
     109        self._laxTemplatePatternSave = LaxTemplate.pattern 
     110        LaxTemplate.pattern = re.compile(r""" 
     111            \$(?: 
     112              (?P<escaped>\$)             |   # Escape sequence of two delimiters 
     113              (?P<named>[_a-z][_a-z0-9]*) |   # delimiter and a Python identifier 
     114              {(?P<braced>.*?(?!userIdentifier))} |   # delimiter and a braced identifier 
     115              (?P<invalid>)                   # Other ill-formed delimiter exprs 
     116            ) 
     117            """) 
     118        super(ServicesTemplate, self).__init__(*arg, **kw) 
     119         
     120    def __del__(self): 
     121        """Restore default setting for template pattern to its original value 
     122        """ 
     123        LaxTemplate.pattern = self._laxTemplatePatternSave 
     124        super(ServicesTemplate, self).__del__() 
     125 
    100126         
    101127class SecuredAppTemplate(Template): 
Note: See TracChangeset for help on using the changeset viewer.