rave-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From mpie...@apache.org
Subject svn commit: r1171528 - in /incubator/rave/sandbox/science-gateways/rave-gateway-extensions: ./ src/main/java/org/apache/rave/portal/web/api/rest/ src/main/resources/ src/main/resources/org/ src/main/resources/org/globus/ src/main/resources/org/globus/g...
Date Fri, 16 Sep 2011 12:45:54 GMT
Author: mpierce
Date: Fri Sep 16 12:45:53 2011
New Revision: 1171528

URL: http://svn.apache.org/viewvc?rev=1171528&view=rev
Log:
(Rave-207) (Rave-205) Fix courtesy of Pairoj Rattadilok.  Extension now correctly loads a
community credential, decorates with Gridshib attributes, and exposes via a backward compatible
API

Added:
    incubator/rave/sandbox/science-gateways/rave-gateway-extensions/src/main/resources/
    incubator/rave/sandbox/science-gateways/rave-gateway-extensions/src/main/resources/cog.properties
    incubator/rave/sandbox/science-gateways/rave-gateway-extensions/src/main/resources/gridshib-saml-tools-config.properties
    incubator/rave/sandbox/science-gateways/rave-gateway-extensions/src/main/resources/identity-attributes.txt
    incubator/rave/sandbox/science-gateways/rave-gateway-extensions/src/main/resources/log4j.properties
    incubator/rave/sandbox/science-gateways/rave-gateway-extensions/src/main/resources/org/
    incubator/rave/sandbox/science-gateways/rave-gateway-extensions/src/main/resources/org/globus/
    incubator/rave/sandbox/science-gateways/rave-gateway-extensions/src/main/resources/org/globus/gridshib/
    incubator/rave/sandbox/science-gateways/rave-gateway-extensions/src/main/resources/org/globus/gridshib/resource/
    incubator/rave/sandbox/science-gateways/rave-gateway-extensions/src/main/resources/org/globus/gridshib/resource/gridshib-bootstrap.properties
    incubator/rave/sandbox/science-gateways/rave-gateway-extensions/src/main/resources/testcert.pem
    incubator/rave/sandbox/science-gateways/rave-gateway-extensions/src/main/resources/testkey.pem
    incubator/rave/sandbox/science-gateways/rave-gateway-extensions/src/main/resources/testkeystore.jks
  (with props)
Modified:
    incubator/rave/sandbox/science-gateways/rave-gateway-extensions/pom.xml
    incubator/rave/sandbox/science-gateways/rave-gateway-extensions/src/main/java/org/apache/rave/portal/web/api/rest/UserInfoRest.java
    incubator/rave/sandbox/science-gateways/rave-gateway-extensions/src/main/webapp/WEB-INF/applicationContext-security.xml

Modified: incubator/rave/sandbox/science-gateways/rave-gateway-extensions/pom.xml
URL: http://svn.apache.org/viewvc/incubator/rave/sandbox/science-gateways/rave-gateway-extensions/pom.xml?rev=1171528&r1=1171527&r2=1171528&view=diff
==============================================================================
--- incubator/rave/sandbox/science-gateways/rave-gateway-extensions/pom.xml (original)
+++ incubator/rave/sandbox/science-gateways/rave-gateway-extensions/pom.xml Fri Sep 16 12:45:53
2011
@@ -54,7 +54,16 @@
 	 <!-- if you want to start remote debugging session suspended
 			override on command line with -Dcargo.debug.suspend=y -->
 	 <cargo.debug.suspend>n</cargo.debug.suspend>
-	 
+
+         <main.basedir>${project.parent.basedir}</main.basedir>
+         <!-- Change this to point to the community credential -->
+         <communityCertLocation>/tmp/x509up_u501</communityCertLocation>
+
+	 <!-- Change this to the appropriate group. -->
+	 <attribute.ismember.value>group://ogce.org/ogce</attribute.ismember.value>
+
+         <!-- This must match the cargo path used. -->
+         <catalina.home>${basedir}/target/tomcat6x</catalina.home>
   </properties>
 
   <dependencies>
@@ -290,6 +299,13 @@
 		<version>20090211</version>
 	 </dependency>
 	 
+	  <!-- Callback-REST -->
+	 <dependency>
+                <groupId>com.sun.jersey</groupId>
+                <artifactId>jersey-server</artifactId>
+                <version>${jersey-server.version}</version>
+            </dependency>
+	 
 	 <!--Persistence-->
 <!--
 	 <dependency>
@@ -387,7 +403,32 @@
     
     <build>
       <defaultGoal>install</defaultGoal>
+      
       <plugins>
+
+      <plugin>
+           <groupId>org.apache.maven.plugins</groupId>
+           <artifactId>maven-war-plugin</artifactId>
+           <version>2.1.1</version>
+           <configuration>
+           <webResources>
+              <resource>
+                <directory>${basedir}/src/main/resources</directory>
+                <targetPath>WEB-INF/classes</targetPath>
+                <filtering>true</filtering>
+	         <includes>
+			<include>*.properties</include>
+		 </includes>
+              </resource>
+              <resource>
+                <directory>${basedir}/src/main/resources/org/globus/gridshib/resource</directory>
+                <targetPath>WEB-INF/classes/org/globus/gridshib/resource</targetPath>
+                <filtering>true</filtering>
+              </resource>
+            </webResources>
+            </configuration>
+        </plugin>
+
 	<plugin>
 	  <groupId>com.googlecode.mavenfilesync</groupId>
 	  <artifactId>maven-filesync-plugin</artifactId>
@@ -476,4 +517,4 @@
 	</plugin>
       </plugins>
     </build>
-  </project>
\ No newline at end of file
+  </project>

Modified: incubator/rave/sandbox/science-gateways/rave-gateway-extensions/src/main/java/org/apache/rave/portal/web/api/rest/UserInfoRest.java
URL: http://svn.apache.org/viewvc/incubator/rave/sandbox/science-gateways/rave-gateway-extensions/src/main/java/org/apache/rave/portal/web/api/rest/UserInfoRest.java?rev=1171528&r1=1171527&r2=1171528&view=diff
==============================================================================
--- incubator/rave/sandbox/science-gateways/rave-gateway-extensions/src/main/java/org/apache/rave/portal/web/api/rest/UserInfoRest.java
(original)
+++ incubator/rave/sandbox/science-gateways/rave-gateway-extensions/src/main/java/org/apache/rave/portal/web/api/rest/UserInfoRest.java
Fri Sep 16 12:45:53 2011
@@ -35,6 +35,12 @@ import org.springframework.web.bind.anno
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
 
+//Response
+//import org.springframework.web.bind.annotation.ResponseBody;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.ResponseEntity;
+
 import org.globus.gsi.GlobusCredential;
 import org.globus.gsi.gssapi.GlobusGSSCredentialImpl;
 import org.ietf.jgss.GSSCredential;
@@ -50,7 +56,7 @@ import xportlets.proxymanager.ProxyStora
 /**
  * Handler for all services exposed under the /api/rest/callbacks path.
  */
-@Controller(value="verify")
+@Controller
 @RequestMapping("/api/rest/callback/*")
 public class UserInfoRest {
     private static Logger logger = LoggerFactory.getLogger(UserInfoRest.class);
@@ -59,20 +65,49 @@ public class UserInfoRest {
     @Autowired
     public UserInfoRest(UserService userService) {
         this.userService = userService;
+	logger.info("UserInfoRest started");//debugger
     }       
 	 
-    @RequestMapping(value = "{email}", method = RequestMethod.POST)    
-    public String getUserInfo(@PathVariable String email, @RequestBody String postBody,HttpServletResponse
response) {
+    // only for debugging purpose
+    @RequestMapping(method = RequestMethod.GET)    
+    public ResponseEntity<String> getTestString() {
+       HttpHeaders responseHeaders = new HttpHeaders();
+       responseHeaders.add("Content-Type", "application/json; charset=utf-8");
+       return new ResponseEntity<String>("Request accepted!", responseHeaders, HttpStatus.CREATED);
+    }
+
+    /*@RequestMapping(value = "{email}", method = RequestMethod.POST)    
+    @ResponseBody
+    public ResponseEntity<String> getUserInfo(@PathVariable String email, @RequestBody
String postBody, HttpServletResponse response) {
 		  logger.debug("POST received for /api/rest/callback/" + email);
 		  String jsonResponse="";
 		  try {
-				jsonResponse=processRequest(email,postBody);							 
-        }
-        catch(JSONException ex) {
-				logger.error("Invalid request:"+ex.getMessage());
+		      jsonResponse=processRequest(email,postBody);							 
+                  }
+                  catch(JSONException ex) {
+                      logger.error("Invalid request:"+ex.getMessage());
 		  }
-		  return jsonResponse;
-    }    
+
+                  HttpHeaders responseHeaders = new HttpHeaders();
+                  responseHeaders.add("Content-Type", "application/json; charset=utf-8");
+                  return new ResponseEntity<String>(jsonResponse, responseHeaders,
HttpStatus.CREATED);
+    }*/  
+
+    @RequestMapping(value = "/verify", method = RequestMethod.POST)    
+    public ResponseEntity<String> verifyUserInfo(@RequestBody String postBody) {
+		  logger.debug("POST received for /api/rest/callback/verify");
+		  String jsonResponse="";
+		  try {
+		      jsonResponse=processRequest(postBody);							 
+                  }
+                  catch(JSONException ex) {
+                      logger.error("Invalid request:"+ex.getMessage());
+		  }
+
+                  HttpHeaders responseHeaders = new HttpHeaders();
+                  responseHeaders.add("Content-Type", "application/json; charset=utf-8");
+                  return new ResponseEntity<String>(jsonResponse, responseHeaders,
HttpStatus.CREATED);
+    }
     
     // TODO - when we implement security we can implement different exception
     //        handlers for different errors (unauthorized, resource not found, etc)
@@ -88,8 +123,8 @@ public class UserInfoRest {
 	  * OGCE Gadget Container, we keep "userid" in the JSON message format, but this
 	  * is the username, not userid, in Rave.
 	  */
-	 private String processRequest(String userEmail, String postBody) throws JSONException {
-		  User user=userService.getUserByEmail(userEmail);
+    private String processRequest(String postBody) throws JSONException {
+		  //User user=userService.getUserByEmail(userEmail);
 		  JSONObject resultObj = new JSONObject();
 		  
 		  //Convert the incoming post body to a JSON array.  This could include
@@ -102,11 +137,18 @@ public class UserInfoRest {
 				JSONObject obj = array.getJSONObject(i);
 				String username = obj.optString("userid");
 				String email = obj.getString("email");
+
 				JSONObject aresultObj = new JSONObject();
 				if (username != null) {
-					 aresultObj.put("userid", username);
+			            aresultObj.put("userid", username);
 				}
-				aresultObj.put("email", email);
+
+                                User user=null;
+                                if (email != null) {
+				    aresultObj.put("email", email);
+                                    user=userService.getUserByEmail(email);
+                                }
+
 				if (user != null) {
 					 aresultObj.put("valid", true);
 					 username = user.getUsername();
@@ -114,10 +156,10 @@ public class UserInfoRest {
 					 
 					 String certStr = getCertStr(username);
 					 if (certStr != null) {
-						  aresultObj.put("cert", certStr);
+				             aresultObj.put("cert", certStr);
 					 }
 					 else {
-								aresultObj.put("cert", "");
+					     aresultObj.put("cert", "");
 					 }
 				} else
 					 aresultObj.put("valid", false);
@@ -139,11 +181,9 @@ public class UserInfoRest {
 		  GSSCredential proxy = null;
 		  try {
 				proxy = ProxyManager.getDefaultProxy(username);
-				if (proxy == null) return null;
-				
+				if (proxy == null) return null; 
 				if (proxy instanceof GlobusGSSCredentialImpl) {
-					 GlobusCredential globusCred = ((GlobusGSSCredentialImpl)
-															  proxy).getGlobusCredential();
+					 GlobusCredential globusCred = ((GlobusGSSCredentialImpl)proxy).getGlobusCredential();
 					 ByteArrayOutputStream baos = new ByteArrayOutputStream();
 					 globusCred.save(baos);
 					 returnProxyStr = baos.toString("UTF-8");
@@ -161,4 +201,4 @@ public class UserInfoRest {
 		  logger.error("Couldn't set the proxy string correctly: "+returnProxyStr);
 		  return returnProxyStr;
 	 }
-}
\ No newline at end of file
+}

Added: incubator/rave/sandbox/science-gateways/rave-gateway-extensions/src/main/resources/cog.properties
URL: http://svn.apache.org/viewvc/incubator/rave/sandbox/science-gateways/rave-gateway-extensions/src/main/resources/cog.properties?rev=1171528&view=auto
==============================================================================
--- incubator/rave/sandbox/science-gateways/rave-gateway-extensions/src/main/resources/cog.properties
(added)
+++ incubator/rave/sandbox/science-gateways/rave-gateway-extensions/src/main/resources/cog.properties
Fri Sep 16 12:45:53 2011
@@ -0,0 +1,44 @@
+# An empty cog.properties file to work around a CoG bug.
+#
+# File: jglobus/etc/cog.properties.sample
+#
+# ----------------------------------------------------------------------
+# NOTE: do not use tilde ~ for specifying file paths
+# ----------------------------------------------------------------------
+
+# ----------------------------------------------------------------------
+# usercert points to the user certificate
+# defaults to: ${user.home}/.globus/usercert.pem
+# usercert=/home/globoid/.globus/usercert.pem
+
+# ----------------------------------------------------------------------
+# userkey points to the user private certificate
+# defaults to: ${user.home}/.globus/userkey.pem
+# userkey=/home/globoid/.globus/userkey.pem
+
+# ----------------------------------------------------------------------
+# proxy points to the user proxy
+# usually: /tmp/x509up_u<your uid>
+# proxy = /tmp/x509up_u999
+
+# ----------------------------------------------------------------------
+# points to the ca certificate(s). can contain multiple files that are
+# comma separated
+# cacert = /etc/grid-security/certificates/42864e48.0, /etc/grid-security/certificates/5aba75cb.0
+
+# ----------------------------------------------------------------------
+# change the IP adress to the one you get with ifconfig -a
+#
+# ip=....
+
+# ----------------------------------------------------------------------
+# dtd location for the org.computingportals.dnd
+# dtd.location=http://www-unix.globus.org/cog/public_data/rsl.dtd
+#
+
+
+# ----------------------------------------------------------------------
+
+
+
+

Added: incubator/rave/sandbox/science-gateways/rave-gateway-extensions/src/main/resources/gridshib-saml-tools-config.properties
URL: http://svn.apache.org/viewvc/incubator/rave/sandbox/science-gateways/rave-gateway-extensions/src/main/resources/gridshib-saml-tools-config.properties?rev=1171528&view=auto
==============================================================================
--- incubator/rave/sandbox/science-gateways/rave-gateway-extensions/src/main/resources/gridshib-saml-tools-config.properties
(added)
+++ incubator/rave/sandbox/science-gateways/rave-gateway-extensions/src/main/resources/gridshib-saml-tools-config.properties
Fri Sep 16 12:45:53 2011
@@ -0,0 +1,123 @@
+# GridShib SAML Tools config properties
+
+#####################################################################
+# Identity Provider entityID
+#
+# The IdP entityID is the unique identifier for the IdP
+# (which is what the SAML Assertion Issuer Tool is).
+# In the SAML world, an entityID is usually an URI.
+# It is recommended that the entityID be an URL.
+#
+# The IdP.entityID property is optional.  If omitted, the
+# SAML Assertion Issuer Tool will default to the Subject DN
+# of the issuing credential.
+#####################################################################
+
+#IdP.entityID=https://gridshib.example.org/idp
+
+#####################################################################
+# SAML NameIdentifier
+#
+# Defines the syntax of the <saml:NameIdentifier> element.
+# By default, the NameIdentifier has an unspecified format
+# (see below).  Other formats are possible, for example:
+#
+#   Format=urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName
+#   formatting.template=uid=%PRINCIPAL%,dc=example,dc=org
+#
+# In all cases, the %PRINCIPAL% placeholder is replaced with
+# the user name passed to the application on the command line.
+#
+# Note: The NameQualifier property SHOULD be omitted.
+#####################################################################
+
+NameID.Format=urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
+NameID.Format.template=%PRINCIPAL%
+#NameID.NameQualifier=https://gridshib.example.org/idp
+
+#####################################################################
+# dateTime pattern
+#
+# Constrains the syntax of the --authnInstant command-line option.
+#
+# This config property is optional.  If omitted, the pattern
+# defaults to "yyyy-MM-dd'T'HH:mm:ssZ".
+#
+# For details regarding pattern syntax, please refer to the javadoc
+# http://java.sun.com/j2se/1.5.0/docs/api/java/text/SimpleDateFormat.html
+#####################################################################
+
+#dateTime.pattern=yyyy-MM-dd'T'HH\:mm\:ssZ
+
+#####################################################################
+# SAML Attribute
+#
+# A single attribute is defined by three properties:
+#
+#   Attribute.label.Namespace=format
+#   Attribute.label.Name=name
+#   Attribute.label.Value=value
+#
+# where name and value are the Name and Value of the attribute
+# to be asserted.  The label is an arbitrary string that
+# distinguishes a triple (Namespace, Name, Value).  Any number
+# of such triples are possible, each with its own unique label.
+#
+# Multi-valued attributes are supported.  To specify multiple
+# values for an attribute, simply list a tab-separated list of
+# attribute values on the righthand side of the Value line.
+#
+# The Namespace property is optional.  If omitted, the standard
+# value
+#
+#   Attribute.label.Namespace=urn:mace:shibboleth:1.0:attributeNamespace:uri
+#
+# is used to construct the SAML Attribute.
+#####################################################################
+
+# FriendlyName="mail"
+#Attribute.mail.Namespace=urn:mace:shibboleth:1.0:attributeNamespace:uri
+#Attribute.mail.Name=urn:oid:0.9.2342.19200300.100.1.3
+#Attribute.mail.Value=trscavo@gmail.com
+
+# FriendlyName="isMemberOf"
+Attribute.isMemberOf.Namespace=urn:mace:shibboleth:1.0:attributeNamespace:uri
+Attribute.isMemberOf.Name=urn:oid:1.3.6.1.4.1.5923.1.5.1.1
+Attribute.isMemberOf.Value=${attribute.ismember.value}
+#Attribute.isMemberOf.Value=group://ogce.org/ogce
+
+# FriendlyName="countryName"
+Attribute.countryName.Namespace=urn:mace:shibboleth:1.0:attributeNamespace:uri
+Attribute.countryName.Name=urn:oid:2.5.4.6
+Attribute.countryName.Value=US
+
+#####################################################################
+# X.509 Issuing Credential
+#
+# The certificate and unencrypted private key associated
+# with the issuing credential are required (but GridShib
+# SAML Tools ships with a default credential, so the
+# properties below are optional).  The two config
+# property values are specified as system independent file
+# locations (certLocation and keyLocation).
+#
+# This tool issues SAML assertions suitable for binding to
+# X.509 certificates.  Whether or not the assertion is
+# actually bound to a certificate, an issuing credential
+# is required.
+#####################################################################
+
+# the location of a long-lived end entity credential:
+#certLocation=file:///usr/local/security/mycert.pem
+#keyLocation=file:///usr/local/security/mykey.pem
+
+# the location of a short-lived credential, such as a proxy
+# credential or GridShib CA-issued end entity credential:
+certLocation=file://${communityCertLocation}
+keyLocation=file://${communityCertLocation}
+#certLocation=file:///tmp/x509up_u501
+#keyLocation=file:///tmp/x509up_u501
+
+# the location of a short-lived credential on Windows (%TEMP%\x509up_u_*):
+#certLocation=file:/C:/Documents%20and%20Settings/tom%20scavo/Local%20Settings/Temp/x509up_u_tom%20scavo
+#keyLocation=file:/C:/Documents%20and%20Settings/tom%20scavo/Local%20Settings/Temp/x509up_u_tom%20scavo

Added: incubator/rave/sandbox/science-gateways/rave-gateway-extensions/src/main/resources/identity-attributes.txt
URL: http://svn.apache.org/viewvc/incubator/rave/sandbox/science-gateways/rave-gateway-extensions/src/main/resources/identity-attributes.txt?rev=1171528&view=auto
==============================================================================
--- incubator/rave/sandbox/science-gateways/rave-gateway-extensions/src/main/resources/identity-attributes.txt
(added)
+++ incubator/rave/sandbox/science-gateways/rave-gateway-extensions/src/main/resources/identity-attributes.txt
Fri Sep 16 12:45:53 2011
@@ -0,0 +1,17 @@
+# Identity Attributes
+#
+# By definition, the value(s) of identity attributes are 
+# globally unique identifiers for the user.
+#
+# Since this implementation is restricted to string-valued
+# attributes, the value(s) of trusted identity attributes 
+# are globally unique SAML principal names.  The latter 
+# can be used to implement simple, flat file-based 
+# whitelists or blacklists, for instance.
+
+# FriendlyName="eduPersonPrincipalName"
+urn:oid:1.3.6.1.4.1.5923.1.1.1.6
+
+# FriendlyName="mail"
+urn:mace:dir:attribute-def:mail
+urn:oid:0.9.2342.19200300.100.1.3

Added: incubator/rave/sandbox/science-gateways/rave-gateway-extensions/src/main/resources/log4j.properties
URL: http://svn.apache.org/viewvc/incubator/rave/sandbox/science-gateways/rave-gateway-extensions/src/main/resources/log4j.properties?rev=1171528&view=auto
==============================================================================
--- incubator/rave/sandbox/science-gateways/rave-gateway-extensions/src/main/resources/log4j.properties
(added)
+++ incubator/rave/sandbox/science-gateways/rave-gateway-extensions/src/main/resources/log4j.properties
Fri Sep 16 12:45:53 2011
@@ -0,0 +1,31 @@
+#Wed, 23 Mar 2011 16:03:22 -0400
+#####################################################################
+# Log config properties
+#
+# At install time, this file is copied to etc/ and
+# the log4j.appender.R.File property (below) is set
+# to the absolute path of the log file.
+#####################################################################
+
+#####################################################################
+# Default log level is INFO.
+# Change to DEBUG here or on the command line.
+log4j.rootLogger=INFO, R, A1
+
+#####################################################################
+log4j.appender.A1=org.apache.log4j.ConsoleAppender
+log4j.appender.A1.layout=org.apache.log4j.PatternLayout
+log4j.appender.A1.layout.ConversionPattern=%-4r [%t] (%F:%L) %-5p %c %x - %m%n
+
+#####################################################################
+# Modify these properties as needed.
+log4j.appender.R=org.apache.log4j.RollingFileAppender
+log4j.appender.R.File=${catalina.home}/webapps/portal/WEB-INF/saml-tools.log
+log4j.appender.R.MaxFileSize=500KB
+log4j.appender.R.MaxBackupIndex=5
+log4j.appender.R.layout=org.apache.log4j.PatternLayout
+log4j.appender.R.layout.ConversionPattern=%d [%t] %-5p (%F\:%L) - %m%n
+
+#####################################################################
+log4j.logger.org.apache.xml.security=OFF
+log4j.logger.org.apache.xml.security.Init=WARN

Added: incubator/rave/sandbox/science-gateways/rave-gateway-extensions/src/main/resources/org/globus/gridshib/resource/gridshib-bootstrap.properties
URL: http://svn.apache.org/viewvc/incubator/rave/sandbox/science-gateways/rave-gateway-extensions/src/main/resources/org/globus/gridshib/resource/gridshib-bootstrap.properties?rev=1171528&view=auto
==============================================================================
--- incubator/rave/sandbox/science-gateways/rave-gateway-extensions/src/main/resources/org/globus/gridshib/resource/gridshib-bootstrap.properties
(added)
+++ incubator/rave/sandbox/science-gateways/rave-gateway-extensions/src/main/resources/org/globus/gridshib/resource/gridshib-bootstrap.properties
Fri Sep 16 12:45:53 2011
@@ -0,0 +1,18 @@
+#Wed, 23 Mar 2011 16:03:22 -0400
+#####################################################################
+# Bootstrap properties file
+#
+# Paths may be absolute or relative to $GRIDSHIB_HOME.
+#####################################################################
+
+gridshib.logConfigPath=${catalina.home}/webapps/portal/WEB-INF/classes/log4j.properties
+gridshib.SAMLToolsConfigPath=${catalina.home}/webapps/portal/WEB-INF/classes/gridshib-saml-tools-config.properties
+gridshib.certPath=${catalina.home}/webapps/portal/WEB-INF/classes/testcert.pem
+gridshib.keyPath=${catalina.home}/webapps/portal/WEB-INF/classes/testkey.pem
+gridshib.identityAttributesPath=${catalina.home}/webapps/portal/WEB-INF/classes/identity-attributes.txt
+gridshib.cogConfigPath=${catalina.home}/webapps/portal/WEB-INF/classes/cog.properties
+
+gridshib.keyStorePath=${catalina.home}/webapps/portal/WEB-INF/classes/testkeystore.jks
+gridshib.keyStorePassword=gridshib
+gridshib.keyStoreKeyAlias=test-jks-cred
+gridshib.keyStoreKeyPassword=gridshib

Added: incubator/rave/sandbox/science-gateways/rave-gateway-extensions/src/main/resources/testcert.pem
URL: http://svn.apache.org/viewvc/incubator/rave/sandbox/science-gateways/rave-gateway-extensions/src/main/resources/testcert.pem?rev=1171528&view=auto
==============================================================================
--- incubator/rave/sandbox/science-gateways/rave-gateway-extensions/src/main/resources/testcert.pem
(added)
+++ incubator/rave/sandbox/science-gateways/rave-gateway-extensions/src/main/resources/testcert.pem
Fri Sep 16 12:45:53 2011
@@ -0,0 +1,17 @@
+-----BEGIN CERTIFICATE-----
+MIICpzCCAhCgAwIBAgIJANjYrTqEmq/nMA0GCSqGSIb3DQEBBAUAMEIxCzAJBgNV
+BAYTAlVTMRQwEgYDVQQKEwtleGFtcGxlLm9yZzEdMBsGA1UEAxMUZ3JpZHNoaWIu
+ZXhhbXBsZS5vcmcwHhcNMDgwNjExMTc1NzMzWhcNMDkwNjExMTc1NzMzWjBCMQsw
+CQYDVQQGEwJVUzEUMBIGA1UEChMLZXhhbXBsZS5vcmcxHTAbBgNVBAMTFGdyaWRz
+aGliLmV4YW1wbGUub3JnMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDK40Lv
+uXpV16u9rCqfsCuQFvs6r1EDRAQV6pSX0foq3Vk5KR21qjqs75t7ZToyPqYRpYrW
++hEVZvL1YDQoFjOep3DkgP2YHubZRMhaj+JNtaYnibyMsseixFwfYHcUlUwyp6PN
+iUpVeMuoaSccJfqPX0BKmDG/Y+BZcKo6BATkSwIDAQABo4GkMIGhMB0GA1UdDgQW
+BBTeOei02zjTBsiyzy+8ycyeShGc8DByBgNVHSMEazBpgBTeOei02zjTBsiyzy+8
+ycyeShGc8KFGpEQwQjELMAkGA1UEBhMCVVMxFDASBgNVBAoTC2V4YW1wbGUub3Jn
+MR0wGwYDVQQDExRncmlkc2hpYi5leGFtcGxlLm9yZ4IJANjYrTqEmq/nMAwGA1Ud
+EwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAyM+83SOlz+RPLXhNwS9kcT+4NZtl
+aurw46KpD+C05ZjntJlkOk3xJ5IzWlSAIN/hNIs7LU96dAZphbfIIzxn1bd3wkgW
+LfM8Db4MZrcIv6KdO4E+z6kjSqYiTPvzEGW3KgKW3D37ajHPTKPsJbyr1/yqvXf+
+beJ2MLp35pchaSQ=
+-----END CERTIFICATE-----

Added: incubator/rave/sandbox/science-gateways/rave-gateway-extensions/src/main/resources/testkey.pem
URL: http://svn.apache.org/viewvc/incubator/rave/sandbox/science-gateways/rave-gateway-extensions/src/main/resources/testkey.pem?rev=1171528&view=auto
==============================================================================
--- incubator/rave/sandbox/science-gateways/rave-gateway-extensions/src/main/resources/testkey.pem
(added)
+++ incubator/rave/sandbox/science-gateways/rave-gateway-extensions/src/main/resources/testkey.pem
Fri Sep 16 12:45:53 2011
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXQIBAAKBgQDK40LvuXpV16u9rCqfsCuQFvs6r1EDRAQV6pSX0foq3Vk5KR21
+qjqs75t7ZToyPqYRpYrW+hEVZvL1YDQoFjOep3DkgP2YHubZRMhaj+JNtaYnibyM
+sseixFwfYHcUlUwyp6PNiUpVeMuoaSccJfqPX0BKmDG/Y+BZcKo6BATkSwIDAQAB
+AoGASiJuk//3JqTO2ViunnkWAemT1Sa4eHQC9isoLq2INt94ub0/YOEZ3ZUUACvF
+7xQbRHlz2Qe49FQQ1P5ZMIikRV4JPvV5UsA7LaY3UtDka9B1V7YR2lEqARXwENDJ
+ndmH347UCR5xhxLcbrG//MhYxaePoLNV06LaakRnJXY64QkCQQD/0u3ydCjezFcf
+8IYb0jI4hGrij0xt4TOK5TeaoJhdQlBQAmWiWv/cdyntj2HFlJJUf6TmBddTPthp
+WW0WLWq/AkEAywcBfDithqj9WFlf0fa4muRPDUuAGcAxVBIpsMt07TLvESHqClWM
+nmCOtWt28FDM4PYTDtGH/rEp+sg+kAqldQJAZp+E2IgEhSvPn35rLenqP4XPIsd9
+T27RsFw3LA5UUMTzVsU/ZBvBG/2pkiS8gfgRo1f5HFUnhbtmMQywl/7sHQJBAJFY
+KZsJZEij0AKgsPU6ADx6t5EX/NPygB3khs4XSVTKAtWsBsVxKyLykxeToGk4HwPp
+hgk0vXv6zsfG9OrfhEUCQQC27prlW81uilsXLgxm/1DLlpJJ6jJzvuIz4Sk/7QJe
+k7bG9q3H9r1kAXMExM6UlsA9nWRUGw1gLXxf4QYAGBMX
+-----END RSA PRIVATE KEY-----

Added: incubator/rave/sandbox/science-gateways/rave-gateway-extensions/src/main/resources/testkeystore.jks
URL: http://svn.apache.org/viewvc/incubator/rave/sandbox/science-gateways/rave-gateway-extensions/src/main/resources/testkeystore.jks?rev=1171528&view=auto
==============================================================================
Binary file - no diff available.

Propchange: incubator/rave/sandbox/science-gateways/rave-gateway-extensions/src/main/resources/testkeystore.jks
------------------------------------------------------------------------------
    svn:mime-type = application/octet-stream

Modified: incubator/rave/sandbox/science-gateways/rave-gateway-extensions/src/main/webapp/WEB-INF/applicationContext-security.xml
URL: http://svn.apache.org/viewvc/incubator/rave/sandbox/science-gateways/rave-gateway-extensions/src/main/webapp/WEB-INF/applicationContext-security.xml?rev=1171528&r1=1171527&r2=1171528&view=diff
==============================================================================
--- incubator/rave/sandbox/science-gateways/rave-gateway-extensions/src/main/webapp/WEB-INF/applicationContext-security.xml
(original)
+++ incubator/rave/sandbox/science-gateways/rave-gateway-extensions/src/main/webapp/WEB-INF/applicationContext-security.xml
Fri Sep 16 12:45:53 2011
@@ -34,6 +34,7 @@
 	 <security:intercept-url pattern="/css/**" access="permitAll"/>
 	 <security:intercept-url pattern="/images/**" access="permitAll"/>
 	 <security:intercept-url pattern="/script/**" access="permitAll"/>
+         <security:intercept-url pattern="/app/api/rest/callback/*" access="permitAll"/>
 	 <!-- all urls must be authenticated -->
 	 <security:intercept-url pattern="/**"
 									 access="isAuthenticated()"/>



Mime
View raw message