Ignore:
Timestamp:
25/01/11 17:12:39 (9 years ago)
Author:
pjkersha
Message:

Incomplete - task 16: NDG Security 2.x.x - incl. updated Paster templates

  • fixed yadis template syntax
  • updating securedapp template.
File:
1 edited

Legend:

Unmodified
Added
Removed
  • TI12-security/trunk/NDGSecurity/python/ndg_security_server/ndg/security/server/paster_templates/template.py

    r7842 r7845  
    3333    '$' variables used for other purposes.""" 
    3434    delimiter = "%%" 
     35     
    3536     
    3637class TemplateBase(Template): 
     
    5657@type _MYPROXY_SERVER_LOCALID_XRD_ENTRY_TMPL: ndg.security.server.paster_templates.template.DoublePercentTemplate 
    5758""" 
    58 _MYPROXY_SERVER_LOCALID_XRD_ENTRY_TMPL = DoublePercentTemplate("""<XRD> 
    59         <Service priority="10"> 
     59_MYPROXY_SERVER_LOCALID_XRD_ENTRY_TMPL = DoublePercentTemplate("""<Service priority="10"> 
    6060            <Type>urn:esg:security:myproxy-service</Type> 
    6161            <URI>%%{myproxyServerURI}</URI> 
    6262            <LocalID>$user_url</LocalID> 
    6363        </Service> 
    64     </XRD> 
    6564""") 
    6665 
     
    7069@type _ATTRIBUTE_SERVICE_LOCALID_XRD_ENTRY_TMPL: ndg.security.server.paster_templates.template.DoublePercentTemplate 
    7170""" 
    72 _ATTRIBUTE_SERVICE_LOCALID_XRD_ENTRY_TMPL = DoublePercentTemplate("""<XRD> 
    73         <Service priority="20"> 
     71_ATTRIBUTE_SERVICE_LOCALID_XRD_ENTRY_TMPL = DoublePercentTemplate("""<Service priority="20"> 
    7472            <Type>urn:esg:security:attribute-service</Type> 
    7573            <Type>urn:esg:security:attribute-service</Type> 
     
    7775            <LocalID>$user_url</LocalID> 
    7876        </Service> 
    79     </XRD> 
    8077""") 
    8178 
     
    8683@type _MYPROXY_SERVER_NONLOCALID_XRD_ENTRY_TMPL: ndg.security.server.paster_templates.template.DoublePercentTemplate 
    8784""" 
    88 _MYPROXY_SERVER_NONLOCALID_XRD_ENTRY_TMPL = DoublePercentTemplate("""<XRD> 
    89         <Service priority="10"> 
     85_MYPROXY_SERVER_NONLOCALID_XRD_ENTRY_TMPL = DoublePercentTemplate("""<Service priority="10"> 
    9086            <Type>urn:esg:security:myproxy-service</Type> 
    9187            <URI>%%{myproxyServerURI}</URI> 
    9288        </Service> 
    93     </XRD> 
    9489""") 
    9590 
     
    10095@type _ATTRIBUTE_SERVICE_NONLOCALID_XRD_ENTRY_TMPL: ndg.security.server.paster_templates.template.DoublePercentTemplate 
    10196""" 
    102 _ATTRIBUTE_SERVICE_NONLOCALID_XRD_ENTRY_TMPL = DoublePercentTemplate("""<XRD> 
    103         <Service priority="20"> 
     97_ATTRIBUTE_SERVICE_NONLOCALID_XRD_ENTRY_TMPL = DoublePercentTemplate("""<Service priority="20"> 
    10498            <Type>urn:esg:security:attribute-service</Type> 
    10599            <URI>%%{attributeServiceURI}</URI> 
    106100        </Service> 
    107     </XRD> 
    108101""") 
    109102 
     
    209202            vars['portNumber'] = '' 
    210203             
    211         vars['yadisExtraXrdEntries'] = '' 
    212         vars['serveryadisExtraXrdEntries'] = '' 
     204        vars['yadisExtraServiceEndpoints'] = '' 
     205        vars['serveryadisExtraServiceEndpoints'] = '' 
    213206         
    214207        attributeServiceURI = vars['baseURI'] + vars[ 
     
    218211        if vars['includeAttributeServiceInYadis']: 
    219212            # yadis.xml_tmpl entry 
    220             vars['yadisExtraXrdEntries' 
     213            vars['yadisExtraServiceEndpoints' 
    221214                 ] += _ATTRIBUTE_SERVICE_LOCALID_XRD_ENTRY_TMPL.substitute( 
    222215                        attributeServiceURI=attributeServiceURI) 
    223216 
    224217            # serveryadis.xml_tmpl entry 
    225             vars['serveryadisExtraXrdEntries' 
     218            vars['serveryadisExtraServiceEndpoints' 
    226219                 ] += _ATTRIBUTE_SERVICE_NONLOCALID_XRD_ENTRY_TMPL.substitute( 
    227220                        attributeServiceURI=attributeServiceURI) 
     
    232225        if vars['myproxyServerURI']: 
    233226            # yadis.xml_tmpl entry 
    234             vars['yadisExtraXrdEntries' 
     227            vars['yadisExtraServiceEndpoints' 
    235228                 ] += _MYPROXY_SERVER_LOCALID_XRD_ENTRY_TMPL.substitute( 
    236229                            myproxyServerURI=vars['myproxyServerURI'])         
    237230             
    238             vars['serveryadisExtraXrdEntries' 
     231            vars['serveryadisExtraServiceEndpoints' 
    239232                 ] += _MYPROXY_SERVER_NONLOCALID_XRD_ENTRY_TMPL.substitute( 
    240233                        myproxyServerURI=vars['myproxyServerURI']) 
     
    247240    """Create a template for a secured application with authentication and 
    248241    authorisation filters""" 
     242    DEFAULT_PORT = 7080 
     243    DEFAULT_AUTHN_REDIRECT_URI = 'https://localhost:7443/verify' 
     244    DEFAULT_AUTHZ_SERVICE_URI = 'https://localhost:7443/AuthorisationService' 
     245    DEFAULT_ISSUER_NAME = 'O=NDG, OU=Security, CN=localhost' 
     246    DEFAULT_ISSUER_FORMAT = Issuer.X509_SUBJECT 
    249247     
    250248    _template_dir = 'secured_application' 
     
    253251        'authentication and authorisation filters') 
    254252    vars = [ 
    255         var('hostname',  
    256             ('Virtual host name to mount services on'), 
    257             default=_hostname), 
     253        var('portNumber', 
     254            'Port number for service to listen on [applies to running with ' 
     255            'paster ONLY]', 
     256            default=DEFAULT_PORT), 
    258257 
    259258        var('authkitCookieSecret',  
     
    265264        var('beakerSessionSecret',  
    266265            'Cookie secret for keeping security session state', 
    267             default=base64.b64encode(os.urandom(32))[:32]) 
     266            default=base64.b64encode(os.urandom(32))[:32]), 
     267 
     268        var('authnRedirectURI',  
     269            ('endpoint hosting OpenID Relying Party and/or SSL authentication ' 
     270             'interface'), 
     271            default=DEFAULT_AUTHN_REDIRECT_URI), 
     272 
     273        var('authzServiceURI',  
     274            ('endpoint authorisation service which this app is secured with'), 
     275            default=DEFAULT_AUTHZ_SERVICE_URI), 
     276             
     277        var('authzDecisionQueryIssuerName',  
     278            ('ID of this service used in SAML authorisation queries'), 
     279            default=DEFAULT_ISSUER_NAME), 
     280 
     281        var('authzDecisionQueryIssuerFormat',  
     282            ('Format of authzDecisionQueryIssuerName string; if using the ' 
     283             'default, ensure that the issuerName value is a correctly ' 
     284             'formatted X.509 Subject Name'), 
     285            default=DEFAULT_ISSUER_FORMAT) 
    268286    ] 
    269287 
     
    422440 
    423441        # Set Yadis XRDS entries 
    424         vars['yadisExtraXrdEntries'] = '' 
    425         vars['serveryadisExtraXrdEntries'] = '' 
     442        vars['yadisExtraServiceEndpoints'] = '' 
     443        vars['serveryadisExtraServiceEndpoints'] = '' 
    426444         
    427445        # Attribute Service entry added if an endpoint was specified 
    428446        if vars['attributeServiceURI']: 
    429447            # yadis.xml_tmpl entry 
    430             vars['yadisExtraXrdEntries' 
     448            vars['yadisExtraServiceEndpoints' 
    431449                 ] += _ATTRIBUTE_SERVICE_LOCALID_XRD_ENTRY_TMPL.substitute( 
    432450                        attributeServiceURI=vars['attributeServiceURI']) 
    433451 
    434452            # serveryadis.xml_tmpl entry 
    435             vars['serveryadisExtraXrdEntries' 
     453            vars['serveryadisExtraServiceEndpoints' 
    436454                 ] += _ATTRIBUTE_SERVICE_NONLOCALID_XRD_ENTRY_TMPL.substitute( 
    437455                        attributeServiceURI=vars['attributeServiceURI']) 
     
    441459        if vars['myproxyServerURI']: 
    442460            # yadis.xml_tmpl entry 
    443             vars['yadisExtraXrdEntries' 
     461            vars['yadisExtraServiceEndpoints' 
    444462                 ] += _MYPROXY_SERVER_LOCALID_XRD_ENTRY_TMPL.substitute( 
    445463                            myproxyServerURI=vars['myproxyServerURI'])         
    446464             
    447             vars['serveryadisExtraXrdEntries' 
     465            vars['serveryadisExtraServiceEndpoints' 
    448466                 ] += _MYPROXY_SERVER_NONLOCALID_XRD_ENTRY_TMPL.substitute( 
    449467                        myproxyServerURI=vars['myproxyServerURI']) 
Note: See TracChangeset for help on using the changeset viewer.