Ticket #1101 (new task)

Opened 9 years ago

[S] Update Paster templates for Security Installation

Reported by: pjkersha Owned by: pjkersha
Priority: desirable Milestone: CMIP5 Security
Component: security Version:
Keywords: Security, installation Cc:

Description

The paster templates in ndg.security.server.paster_templates should be updated. Templates should exist for:

  1. Security services middleware stack: an ini file deploying in a pipeline these services mounted in a WSGI script running over SSL,
    • Attribute Authority
    • Authorization Service
    • Session Middleware
    • SSL Client Authentication
    • OpenID Relying Party
    • OpenID Provider
  2. Secured Application: the middleware to front a given application that needs securing,
    • Authentication Redirect Filter - redirects unauthenticated sessions to Security middleware stack above for SSL client authentication / OpenID Relying Party sign in
    • Authorisation Filter
    • Placeholder for application to be secured
  3. Secured application with OpenID Relying Party: where the application is running on another domain to the main services 1.) where no SSL certificate is available to host an OpenID Relying Party over SSL.
    • OpenID Relying Party
    • Authorisation Filter
    • Placeholder for application to be secured
  4. OpenID Relying Party and SSL Client Authentication filters running over SSL: where an application is running on a different domain to the main services 1.) but an SSL certificate is available for the domain,
    • SSL Client Authentication
    • OpenID Relying Party
  5. (Standalone Attribute Authority)
  6. (Standalone Authorization Service)
  7. (Standalone OpenID Provider)

Other possibilities in brackets.

Note: See TracTickets for help on using tickets.