Changeset 7827 for TI12-security


Ignore:
Timestamp:
21/01/11 17:41:30 (8 years ago)
Author:
pjkersha
Message:

Incomplete - task 16: NDG Security 2.x.x - incl. updated Paster templates

  • integrating SQLite test user db into 'Site A' test Attribute Authority
Location:
TI12-security/trunk/NDGSecurity/python
Files:
14 edited

Legend:

Unmodified
Added
Removed
  • TI12-security/trunk/NDGSecurity/python/ndg_security_server/ndg/security/server/attributeauthority.py

    r7698 r7827  
    4040from ndg.security.common.utils import TypedList 
    4141from ndg.security.common.utils.classfactory import instantiateClass 
     42from ndg.security.common.utils.factory import importModuleObject 
    4243from ndg.security.common.utils.configfileparsers import ( 
    4344    CaseSensitiveConfigParser) 
     
    910911     
    911912    SAML_ATTRIBUTE2SQLQUERY_ATTRNAME_DELIMITERS = ('.', '_') 
    912      
     913    SAML_ATTRIBUTE2SQLQUERY_ATTRVAL_PAT = re.compile('\"\W+\"') 
     914              
    913915    __slots__ = ( 
    914916        CONNECTION_STRING_OPTNAME, 
     
    973975            # found.  The first item is the attribute name and the second, the 
    974976            # corresponding SQL query to get the values corresponding to that 
    975             # name.             
    976             samlAttributeName, samlAttributeSqlQuery = value.split(None, 1) 
     977            # name.  An optional 3rd element is a callback which converts the 
     978            # retrieved SQL query result to required the attribute value type.   
     979            # This defaults to do a conversion to XS:String if not explicitly  
     980            # set        
     981            attr2sqlQueryOpts = \ 
     982                self.__class__.SAML_ATTRIBUTE2SQLQUERY_ATTRVAL_PAT.split(value) 
     983            if len(attr2sqlQueryOpts) > 2: 
     984                (samlAttributeName,  
     985                 samlAttributeSqlQuery,  
     986                 samlAttributeValueParserName) = attr2sqlQueryOpts 
     987                 
     988                # Get parser from module path provided 
     989                samlAttributeParser = importModuleObject( 
     990                                        samlAttributeValueParserName.strip('"')) 
     991            else: 
     992                # No attribute value conversion callback given - default to  
     993                # XS:String 
     994                samlAttributeName, samlAttributeSqlQuery = attr2sqlQueryOpts 
     995                samlAttributeParser = self.xsstringAttributeValueParser 
    977996             
    978997            # Items may be quoted with " quotes 
    979             self.__samlAttribute2SqlQuery[samlAttributeName.strip('"') 
    980                                           ] = samlAttributeSqlQuery.strip('"') 
     998            samlAttributeName = samlAttributeName.strip('"') 
     999             
     1000            # Set mapping of attribute name to SQL query + conversion routine 
     1001            # tuple 
     1002            self.__samlAttribute2SqlQuery[samlAttributeName 
     1003                ] = (samlAttributeSqlQuery.strip('"'), samlAttributeParser) 
    9811004        else: 
    9821005            raise AttributeError("'SQLAlchemyAttributeInterface' has no " 
    9831006                                 "attribute %r" % name) 
    9841007 
     1008    def xsstringAttributeValueParser(self, attrVal): 
     1009        """Convert string attribute value retrieved from database query into  
     1010        the respective SAML Attribute Value type 
     1011        """ 
     1012        return XSStringAttributeValue(attrVal) 
     1013     
    9851014    def setProperties(self, prefix='', **properties): 
    9861015        for name, val in properties.items(): 
     
    12551284                attribute.friendlyName = requestedAttribute.friendlyName 
    12561285 
     1286            # Call specific conversion utility to convert the retrieved field 
     1287            # to the correct SAML attribute value type 
     1288            field2SamlAttributeVal = self.samlAttribute2SqlQuery[ 
     1289                                        requestedAttribute.nameFormat](-1) 
    12571290            for val in attributeVals: 
    1258                 attribute.attributeValues.append(XSStringAttributeValue()) 
    1259                 attribute.attributeValues[-1].value = val 
     1291                attributeValue = field2SamlAttributeVal(self, val) 
     1292                attribute.attributeValues.append(attributeValue) 
     1293#                attribute.attributeValues.append(XSStringAttributeValue()) 
     1294#                attribute.attributeValues[-1].value = val 
    12601295 
    12611296            attributeStatement.attributes.append(attribute) 
     
    13341369        dbEngine = create_engine(self.connectionString) 
    13351370         
    1336         queryTmpl = self.samlAttribute2SqlQuery.get(attributeName) 
     1371        queryTmpl = self.samlAttribute2SqlQuery.get(attributeName)[0] 
    13371372        if queryTmpl is None: 
    13381373            raise AttributeInterfaceConfigError('No SQL query set for ' 
  • TI12-security/trunk/NDGSecurity/python/ndg_security_server/ndg/security/server/paster_templates/Makefile

    r7822 r7827  
    132132        cp -r ${AUTHZ_SERVICE_SRC_DIR}* ${AUTHZ_SERVICE_DEST_DIR} 
    133133        @-echo Making substitutions for template variables ... 
    134         sed -e s/'# Description:.*'/'# Description: Paster template'/ \ 
     134        sed -e s/'# Description:.*'/'# Description: Paster ini file for SAML/XACML based Authorisation Service'/ \ 
    135135        -e s/'saml\.mountPath.*'/'saml.mountPath = %%\{mountPoint\}'/ \ 
    136136        -e s/'samlIssuerName =.*'/'samlIssuerName = %%\{issuerName}'/ \ 
     
    175175        cp -r ${ATTR_SERVICE_SRC_INI_FILEPATH} ${ATTR_SERVICE_INI_FILEPATH_TMP} 
    176176        @-echo Making substitutions for template variables ... 
    177         sed -e s/'# Description:.*'/'# Description: Paster template for SAML Attribute Service'/ \ 
     177        sed -e s/'# Description:.*'/'# Description: Paster ini file for SAML Attribute Service'/ \ 
     178        -e s/'port = .*'/'port = %%\{portNumber}'/ \ 
    178179        -e s/'saml\.soapbinding\.mountPath.*'/'saml.soapbinding.mountPath = %%\{mountPoint\}'/ \ 
    179180        -e s/'saml\.soapbinding\.issuerName.*'/'saml.soapbinding.issuerName = %%\{issuerName}'/ \ 
     
    181182        -e s/'testConfigDir = \.\.\/\.\.\/\.\.\/config'// \ 
    182183        -e s/testConfigDir/here/g \ 
     184        -e s/\(os\.path\.join\(\'%\(here\)s\'/\(os.path.join\(\'%%\{outputDir}\',\ \'log\'/ \ 
    183185        ${ATTR_SERVICE_INI_FILEPATH_TMP} > ${ATTR_SERVICE_INI_TMPL_FILEPATH} 
    184186        rm -f ${ATTR_SERVICE_INI_FILEPATH_TMP} 
     
    190192        -mkdir ${ATTR_SERVICE_CA_DEST_DIR} 
    191193        cp ${CA_SRC_DIR}* ${ATTR_SERVICE_CA_DEST_DIR} 
     194        @-echo Make log directory ... 
     195        -mkdir ${ATTR_SERVICE_DEST_DIR}log 
    192196        @-echo Copying test SQLite user database ... 
    193197        cp ${USERDB_FILEPATH} ${ATTR_SERVICE_DEST_DIR} 
  • TI12-security/trunk/NDGSecurity/python/ndg_security_server/ndg/security/server/paster_templates/template.py

    r7824 r7827  
    272272    """Paster template for the SAML attribute service""" 
    273273     
     274    DEFAULT_PORT = 5000 
    274275    DEFAULT_MOUNT_POINT = '/AttributeService' 
    275276    DEFAULT_ISSUER_NAME = 'O=NDG, OU=Security, CN=localhost' 
     
    279280    summary = 'Create an NDG Security SAML Attribute Service' 
    280281    vars = [ 
     282        var('portNumber', 
     283            'Port number for service to listen on [applies to running with ' 
     284            'paster ONLY]', 
     285            default=DEFAULT_PORT), 
     286             
    281287        var('mountPoint',  
    282288            ('URI path to mount service i.e. https://myhost/<mountPoint>'), 
  • TI12-security/trunk/NDGSecurity/python/ndg_security_test/ndg/security/test/config/attributeauthority/sitea/site-a.ini

    r7777 r7827  
    1515attributeAuthorityEnvironKeyName = attribute-authority 
    1616attributeQueryInterfaceEnvironKeyName = attributeQueryInterface 
     17 
     18# This is set to a test SQLite database alter as needed 
     19dbConnectionString = sqlite:///%(here)s/../../user.db 
    1720 
    1821[server:main] 
     
    4750attributeAuthority.assertionLifetime: 28800  
    4851 
    49 # Settings for custom AttributeInterface derived class to get user roles for given  
    50 # user ID 
    51 attributeAuthority.attributeInterface.modFilePath: %(here)s 
    52 attributeAuthority.attributeInterface.className: sitea_attributeinterface.TestUserRoles 
     52# Attribute Interface - determines how a given attribute query interfaces with a 
     53# backend database or other persistent store.  The one here is an SQLAlchemy 
     54# based one.  The database connection string is the global setting - see the  
     55# DEFAULT section.  
     56attributeAuthority.attributeInterface.className: ndg.security.server.attributeauthority.SQLAlchemyAttributeInterface 
     57attributeAuthority.attributeInterface.connectionString: %(dbConnectionString)s 
     58 
     59# This does a sanity check to ensure the subject of the query is known to this 
     60# authority. 
     61attributeAuthority.attributeInterface.samlSubjectSqlQuery = select count(*) from users where openid = '${userId}' 
     62 
     63# Map the given SAML attributes identifiers to the equivalent SQL query to  
     64# retrieve them.  Any number can be set.  They should have the form, 
     65# 
     66# attributeAuthority.attributeInterface.samlAttribute2SqlQuery.<id> 
     67# 
     68# where <id> can be any unique string.  The userId string is the value passed 
     69# from the client subject NameID field 
     70attributeAuthority.attributeInterface.samlAttribute2SqlQuery.1 = "urn:esg:first:name" "select firstname from users where openid = '${userId}'" 
     71attributeAuthority.attributeInterface.samlAttribute2SqlQuery.lastName = "urn:esg:last:name" "select lastname from users where openid = '${userId}'" 
     72attributeAuthority.attributeInterface.samlAttribute2SqlQuery.emailAddress = "urn:esg:email:address" "select emailaddress from users where openid = '${userId}'" 
     73attributeAuthority.attributeInterface.samlAttribute2SqlQuery.4 = "urn:siteA:security:authz:1.0:attr" "select attributename from attributes where attributetype = 'urn:siteA:security:authz:1.0:attr' and openid = '${userId}'" 
     74attributeAuthority.attributeInterface.samlAttribute2SqlQuery.esgGroupRole =  
     75        "urn:esg:sitea:grouprole" "select attributename from attributes where attributetype = 'urn:esg:sitea:grouprole' and openid = '${userId}'" "ndg.security.test.unit.dbAttr2ESGFGroupRole" 
     76 
     77# Set the permissable requestor Distinguished Names as set in the SAML client  
     78# query issuer field.  Comment out or remove if this is not required.  Nb. 
     79# filtering of clients can be more securely applied by whitelisting at the SSL 
     80# level. 
     81attributeAuthority.attributeInterface.samlValidRequestorDNs = /O=Site A/CN=Authorisation Service,/O=Site A/CN=Attribute Authority, 
     82                                                           /O=Site B/CN=Authorisation Service,  
     83                                                           /CN=test/O=NDG/OU=BADC, 
     84                                                           /O=NDG/OU=Security/CN=localhost 
     85 
     86# Settings for a test AttributeInterface class  
     87#attributeAuthority.attributeInterface.modFilePath: %(here)s 
     88#attributeAuthority.attributeInterface.className: sitea_attributeinterface.TestUserRoles 
    5389 
    5490# SAML SOAP Binding to the Attribute Authority 
     
    108144level=NOTSET 
    109145formatter=generic 
    110 args=(os.path.join('%(here)s', 'service.log'), 'a', 10000, 2) 
     146#args=(os.path.join('%(here)s', 'service.log'), 'a', 10000, 2) 
     147args=(os.path.join('./', 'service.log'), 'a', 10000, 2) 
  • TI12-security/trunk/NDGSecurity/python/ndg_security_test/ndg/security/test/integration/full_system/securityservices.ini

    r7794 r7827  
    406406# based one.  The database connection string is the global setting - see the  
    407407# DEFAULT section.  
     408attributeAuthority.attributeInterface.className: ndg.security.server.attributeauthority.SQLAlchemyAttributeInterface 
    408409attributeAuthority.attributeInterface.connectionString: %(dbConnectionString)s 
    409 attributeAuthority.attributeInterface.className: ndg.security.server.attributeauthority.SQLAlchemyAttributeInterface 
    410410 
    411411# This does a sanity check to ensure the subject of the query is known to this 
  • TI12-security/trunk/NDGSecurity/python/ndg_security_test/ndg/security/test/integration/openid_ssl/securityservices.ini

    r7824 r7827  
    5454attributeAuthority.attributeInterface.modName: siteAUserRoles 
    5555attributeAuthority.attributeInterface.className: TestUserRoles 
    56  
    57 # Config for XML signature of Attribute Certificate 
    58 attributeAuthority.signingPriKeyFilePath: %(testConfigDir)s/attributeauthority/sitea/siteA-aa.key 
    59 attributeAuthority.signingCertFilePath: %(testConfigDir)s/attributeauthority/sitea/siteA-aa.crt 
    60 attributeAuthority.caCertFilePathList: %(testConfigDir)s/pki/ca/d573507a.0 
    6156 
    6257#______________________________________________________________________________ 
  • TI12-security/trunk/NDGSecurity/python/ndg_security_test/ndg/security/test/unit/__init__.py

    r7824 r7827  
    3333from ndg.security.common.X509 import X500DN 
    3434from ndg.security.test.unit.wsgi import PasteDeployAppServer 
     35from ndg.security.common.saml_utils.esgf import ESGFGroupRoleAttributeValue 
    3536 
    3637try: 
     
    5758                          
    5859    SITEA_ATTRIBUTEAUTHORITY_PORTNUM = 5000 
    59     SITEB_ATTRIBUTEAUTHORITY_PORTNUM = 5100 
    60      
    6160    SITEA_ATTRIBUTEAUTHORITY_URI = 'http://localhost:%s/AttributeAuthority' % \ 
    6261                                    SITEA_ATTRIBUTEAUTHORITY_PORTNUM 
    6362                                     
    64     SITEB_ATTRIBUTEAUTHORITY_URI = 'http://localhost:%s/AttributeAuthority' % \ 
    65                                     SITEB_ATTRIBUTEAUTHORITY_PORTNUM 
    66                                      
    67     SITEA_ATTRIBUTEAUTHORITY_SAML_URI = \ 
    68         'http://localhost:%s/AttributeAuthority/saml' % \ 
    69                                     SITEA_ATTRIBUTEAUTHORITY_PORTNUM 
    70                                      
    71     SITEB_ATTRIBUTEAUTHORITY_SAML_URI = \ 
    72         'http://localhost:%s/AttributeAuthority/saml' % \ 
    73                                     SITEB_ATTRIBUTEAUTHORITY_PORTNUM 
    74                                      
    7563    SITEA_SSL_ATTRIBUTEAUTHORITY_PORTNUM = 5443 
    76     SITEA_SSL_ATTRIBUTEAUTHORITY_SAML_URI = \ 
     64    SITEA_SSL_ATTRIBUTEAUTHORITY_URI = \ 
    7765        'https://localhost:%d/AttributeAuthority' % \ 
    7866                                    SITEA_SSL_ATTRIBUTEAUTHORITY_PORTNUM 
     
    8573     
    8674    _disableServiceStartup = lambda self: bool(os.environ.get( 
    87         BaseTestCase.NDGSEC_UNITTESTS_DISABLE_THREAD_SERVICES_ENVVAR)) 
     75        self.__class__.NDGSEC_UNITTESTS_DISABLE_THREAD_SERVICES_ENVVAR)) 
    8876     
    8977    disableServiceStartup = property(fget=_disableServiceStartup, 
     
    118106    ATTRIBUTE_NAMES = ( 
    119107        "urn:siteA:security:authz:1.0:attr", 
     108        "urn:siteA:security:authz:1.0:attr", 
     109        "urn:siteA:security:authz:1.0:attr", 
     110        "urn:siteA:security:authz:1.0:attr", 
     111        "urn:siteA:security:authz:1.0:attr", 
     112        "urn:siteA:security:authz:1.0:attr", 
     113        "urn:esg:sitea:grouprole", 
    120114    ) 
    121115 
     
    126120        'coapec', 
    127121        'rapid', 
    128         'admin' 
     122        'admin', 
     123        'siteagroup:default' 
    129124    ) 
    130125    N_ATTRIBUTE_VALUES = len(ATTRIBUTE_VALUES) 
     
    191186                        port=(port or  
    192187                              BaseTestCase.SITEA_ATTRIBUTEAUTHORITY_PORTNUM), 
    193                         withSSL=withSSL) 
    194          
    195     def startSiteBAttributeAuthority(self, withSSL=False, port=None): 
    196         siteBCfgFilePath = mkDataDirPath(join('attributeauthority', 
    197                                               'siteb',  
    198                                               'site-b.ini')) 
    199         self.addService(cfgFilePath=siteBCfgFilePath,  
    200                         port=(port or  
    201                               BaseTestCase.SITEB_ATTRIBUTEAUTHORITY_PORTNUM), 
    202188                        withSSL=withSSL) 
    203189         
     
    253239                                Column('id', Integer, primary_key=True), 
    254240                                Column('openid', String), 
    255                                 Column('attributename', String)) 
     241                                Column('attributename', String), 
     242                                Column('attributetype', String)) 
    256243        metadata.create_all(db) 
    257244         
     
    284271            openid = Column('openid', String(128)) 
    285272            attributename = Column('attributename', String(40)) 
    286          
    287             def __init__(self, openid, attributename): 
     273            attributetype = Column('attributetype', String(40)) 
     274         
     275            def __init__(self, openid, attributetype, attributename): 
    288276                self.openid = openid 
     277                self.attributetype = attributetype 
    289278                self.attributename = attributename 
    290279 
     
    292281        session = Session() 
    293282         
    294         attributes = [Attribute(cls.OPENID_URI, attrVal) 
    295                       for attrVal in cls.ATTRIBUTE_VALUES] 
     283        attributes = [Attribute(cls.OPENID_URI, attrType, attrVal) 
     284                      for attrType, attrVal in zip(cls.ATTRIBUTE_NAMES,  
     285                                                   cls.ATTRIBUTE_VALUES)] 
    296286        session.add_all(attributes) 
     287         
     288        attributeTypes = [Attribute(cls.OPENID_URI, attrVal) 
     289                          for attrVal in cls.ATTRIBUTE_VALUES] 
    297290            
    298291        user = User(cls.USERNAME,  
     
    308301 
    309302 
     303def dbAttr2ESGFGroupRole(sqlAlchemyAttributeInterface, attrVal): 
     304    """Utility for SQLAlchemyAttributeInterface class to convert attribute value 
     305    as stored in the SQLite Db defined here to an ESGF Group/Role Attribute 
     306    Value type 
     307    """ 
     308    groupRoleAttrValue = ESGFGroupRoleAttributeValue() 
     309     
     310    # The group/role is stored in a single field in the database with a colon 
     311    # separator 
     312    groupRoleAttrValue.value = attrVal.split(':') 
     313     
     314    return groupRoleAttrValue 
     315     
     316     
    310317def _getParentDir(depth=0, path=dirname(__file__)): 
    311318    """ 
     
    319326        path = dirname(path) 
    320327    return path 
    321  
    322  
  • TI12-security/trunk/NDGSecurity/python/ndg_security_test/ndg/security/test/unit/attributeauthorityclient/test_samlattributeauthorityclient.cfg

    r7824 r7827  
    1313[test01AttributeQuery] 
    1414uri = http://localhost:5000/AttributeAuthority/ 
    15 subject = https://openid.localhost/philip.kershaw 
     15subject = https://localhost:7443/openid/philip.kershaw 
    1616siteAttributeName = urn:siteA:security:authz:1.0:attr 
    1717 
    1818[test02AttributeQueryInvalidIssuer] 
    1919uri = http://localhost:5000/AttributeAuthority/ 
    20 subject = https://openid.localhost/philip.kershaw 
     20subject = https://localhost:7443/openid/philip.kershaw 
    2121siteAttributeName = urn:siteA:security:authz:1.0:attr 
    2222 
     
    2828[test04AttributeQueryInvalidAttrName] 
    2929uri = http://localhost:5000/AttributeAuthority/ 
    30 subject = https://openid.localhost/philip.kershaw 
     30subject = https://localhost:7443/openid/philip.kershaw 
    3131siteAttributeName = invalid-attr 
    3232prefix = saml. 
     
    3636[test05AttributeQueryWithESGFAttributeType] 
    3737uri = http://localhost:5000/AttributeAuthority/ 
    38 subject = https://openid.localhost/philip.kershaw 
     38subject = https://localhost:7443/openid/philip.kershaw 
    3939prefix = saml. 
    4040saml.serialise = ndg.saml.xml.etree:AttributeQueryElementTree.toXML 
     
    4343[test06AttributeQuerySOAPBindingInterface] 
    4444uri = http://localhost:5000/AttributeAuthority/ 
    45 subject = https://openid.localhost/philip.kershaw 
     45subject = https://localhost:7443/openid/philip.kershaw 
    4646 
    4747[test07AttributeQueryFromConfig] 
    4848uri = http://localhost:5000/AttributeAuthority/ 
    49 subject = https://openid.localhost/philip.kershaw 
     49subject = https://localhost:7443/openid/philip.kershaw 
    5050 
    5151attributeQuery.subjectIdFormat = urn:esg:openid 
     
    5757[test08AttributeQuerySslSOAPBindingInterface] 
    5858uri = https://localhost:5443/AttributeAuthority/ 
    59 subject = https://openid.localhost/philip.kershaw 
     59subject = https://localhost:7443/openid/philip.kershaw 
    6060 
    6161attributeQuery.subjectIdFormat = urn:esg:openid 
  • TI12-security/trunk/NDGSecurity/python/ndg_security_test/ndg/security/test/unit/attributeauthorityclient/test_samlattributeauthorityclient.py

    r7824 r7827  
    260260         
    261261        groupRoleAttribute = Attribute() 
    262         groupRoleAttribute.name = 'urn:esg:sitea:grouprole' 
     262        groupRoleAttribute.name = self.__class__.ATTRIBUTE_NAMES[-1] 
    263263        groupRoleAttribute.nameFormat = \ 
    264264            ESGFGroupRoleAttributeValue.TYPE_LOCAL_NAME 
  • TI12-security/trunk/NDGSecurity/python/ndg_security_test/ndg/security/test/unit/credentialwallet/test_credentialwallet.py

    r7517 r7827  
    9595    def _addCredentials(self): 
    9696        wallet = SAMLAssertionWallet()    
    97         wallet.addCredentials(self.__class__.SITEA_ATTRIBUTEAUTHORITY_SAML_URI, 
     97        wallet.addCredentials(self.__class__.SITEA_ATTRIBUTEAUTHORITY_URI, 
    9898                              [self.assertion]) 
    9999        return wallet 
     
    101101    def test01AddCredentials(self): 
    102102        wallet = self._addCredentials() 
    103         k = self.__class__.SITEA_ATTRIBUTEAUTHORITY_SAML_URI 
     103        k = self.__class__.SITEA_ATTRIBUTEAUTHORITY_URI 
    104104        self.assert_(len(wallet.retrieveCredentials(k)) == 1) 
    105105        assertions = wallet.retrieveCredentials( 
    106                             self.__class__.SITEA_ATTRIBUTEAUTHORITY_SAML_URI) 
     106                            self.__class__.SITEA_ATTRIBUTEAUTHORITY_URI) 
    107107        self.assert_(assertions) 
    108108         
     
    154154        # Replace an existing credential from a given institution with a more 
    155155        # up to date one 
    156         k = self.__class__.SITEA_ATTRIBUTEAUTHORITY_SAML_URI 
     156        k = self.__class__.SITEA_ATTRIBUTEAUTHORITY_URI 
    157157        wallet = self._addCredentials() 
    158158        self.assert_(len(wallet.retrieveCredentials(k)) == 1) 
     
    171171                               self._createAssertion()]) 
    172172        self.assert_(len(wallet.retrieveCredentials("MySite")) == 2) 
    173         k = self.__class__.SITEA_ATTRIBUTEAUTHORITY_SAML_URI 
     173        k = self.__class__.SITEA_ATTRIBUTEAUTHORITY_URI 
    174174        self.assert_(len(wallet.retrieveCredentials(k)) == 1) 
    175175 
     
    184184         
    185185        assertions = unpickledWallet.retrieveCredentials( 
    186             self.__class__.SITEA_ATTRIBUTEAUTHORITY_SAML_URI) 
     186            self.__class__.SITEA_ATTRIBUTEAUTHORITY_URI) 
    187187        self.assert_(assertions) 
    188188         
  • TI12-security/trunk/NDGSecurity/python/ndg_security_test/ndg/security/test/unit/myproxy/certificate_extapp/test_saml_attribute_assertion.py

    r7698 r7827  
    6767                                 
    6868        response = myProxyCertExtApp.attributeQuery.send( 
    69                 uri=CertExtAppTestCase.SITEA_SSL_ATTRIBUTEAUTHORITY_SAML_URI) 
     69                uri=CertExtAppTestCase.SITEA_SSL_ATTRIBUTEAUTHORITY_URI) 
    7070        print(response) 
    7171         
     
    8181 
    8282        myProxyCertExtApp.attributeAuthorityURI = \ 
    83                     CertExtAppTestCase.SITEA_SSL_ATTRIBUTEAUTHORITY_SAML_URI 
     83                    CertExtAppTestCase.SITEA_SSL_ATTRIBUTEAUTHORITY_URI 
    8484        myProxyCertExtApp.attributeQuery.issuerName = \ 
    8585                            "/CN=Authorisation Service/O=Site A" 
  • TI12-security/trunk/NDGSecurity/python/ndg_security_test/ndg/security/test/unit/paster_templates/test_paster_templates.py

    r7824 r7827  
    7070                                               ATTRIBUTE_SERVICE_CONF_DIR) 
    7171    ATTRIBUTE_SERVICE_CONF_DIR_FILES = ( 
    72         'pki', 'attribute-service.ini', 'user.db' 
     72        'pki', 'attribute-service.ini', 'user.db', 'log' 
    7373    ) 
    7474     
  • TI12-security/trunk/NDGSecurity/python/ndg_security_test/ndg/security/test/unit/wsgi/saml/attribute-interface.ini

    r7824 r7827  
    7474attributeAuthority.attributeInterface.className: TestUserRoles 
    7575 
    76 # Config for XML signature of Attribute Certificate 
    77 attributeAuthority.signingPriKeyFilePath: %(testConfigDir)s/attributeauthority/sitea/siteA-aa.key 
    78 attributeAuthority.signingCertFilePath: %(testConfigDir)s/attributeauthority/sitea/siteA-aa.crt 
    79 attributeAuthority.caCertFilePathList: %(testConfigDir)s/pki/ca/d573507a.0 
Note: See TracChangeset for help on using the changeset viewer.