def setup(self, request):
from calvin.Tools.csruntime import csruntime
from conftest import _config_pytest
global runtimes
global rt_attributes
global request_handler
try:
shutil.rmtree(credentials_testdir)
except Exception as err:
print "Failed to remove old testdir, err={}".format(err)
pass
try:
shutil.copytree(orig_identity_provider_path, identity_provider_path)
except Exception as err:
_log.error("Failed to create test folder structure, err={}".format(err))
print "Failed to create test folder structure, err={}".format(err)
raise
helpers.sign_files_for_security_tests(credentials_testdir)
runtimes = helpers.create_CA_and_generate_runtime_certs(domain_name, credentials_testdir, NBR_OF_RUNTIMES)
#Initiate Requesthandler with trusted CA cert
truststore_dir = certificate.get_truststore_path(type=certificate.TRUSTSTORE_TRANSPORT,
security_dir=credentials_testdir)
request_handler = RequestHandler(verify=truststore_dir)
#Let's use the admin user0 for request_handler
request_handler.set_credentials({"user": "******", "password": "******"})
rt_conf = copy.deepcopy(_conf)
rt_conf.set('security', 'security_dir', credentials_testdir)
rt_conf.set('global', 'actor_paths', [actor_store_path])
# Runtime 0: Certificate authority, authentication server, authorization server, proxy storage server.
rt0_conf = copy.deepcopy(rt_conf)
rt0_conf.set('global','storage_type','local')
rt0_conf.set("security", "security_conf", {
"comment": "Authentication server accepting external requests",
"authentication": {
"procedure": "local",
"identity_provider_path": identity_provider_path,
"accept_external_requests": True
}
})
rt0_conf.save("/tmp/calvin5000.conf")
# Other runtimes
rt_conf.set('global','storage_type','proxy')
rt_conf.set('global','storage_proxy',"calvinip://%s:5000" % ip_addr )
rt_conf.set("security", "security_conf", {
"comment": "External authentication",
"authentication": {
"procedure": "external"
}
})
for i in range(1, NBR_OF_RUNTIMES):
rt_conf.save("/tmp/calvin500{}.conf".format(i))
helpers.start_all_runtimes(runtimes, hostname, request_handler)
request.addfinalizer(self.teardown)
def setup(self, request):
from calvin.Tools.csruntime import csruntime
from conftest import _config_pytest
import fileinput
global runtimes
global request_handler
try:
shutil.rmtree(credentials_testdir)
except Exception as err:
print "Failed to remove old tesdir, err={}".format(err)
pass
try:
shutil.copytree(orig_identity_provider_path, identity_provider_path)
except Exception as err:
_log.error("Failed to copy the identity provider files, err={}".format(err))
raise
actor_store_path, application_store_path = helpers.sign_files_for_security_tests(credentials_testdir)
runtimes = helpers.create_CA_and_generate_runtime_certs(domain_name, credentials_testdir, NBR_OF_RUNTIMES)
#Initiate Requesthandler with trusted CA cert
truststore_dir = certificate.get_truststore_path(type=certificate.TRUSTSTORE_TRANSPORT,
security_dir=credentials_testdir)
request_handler = RequestHandler(verify=truststore_dir)
#Let's use the admin user0 for request_handler
request_handler.set_credentials({"user": "******", "password": "******"})
rt_conf = copy.deepcopy(_conf)
rt_conf.set('security', 'security_dir', credentials_testdir)
rt_conf.set('global', 'actor_paths', [actor_store_path])
# Runtime 0: Certificate authority, authentication server, authorization server.
rt0_conf = copy.deepcopy(rt_conf)
rt0_conf.set('global','storage_type','local')
rt0_conf.set('security','certificate_authority',{
'domain_name':domain_name,
'is_ca':True
})
rt0_conf.set("security", "security_conf", {
"comment": "Certificate Authority",
"authentication": {
"procedure": "local",
"identity_provider_path": identity_provider_path,
"accept_external_requests": True
},
"authorization": {
"procedure": "local",
"policy_storage_path": policy_storage_path,
"accept_external_requests": True
}
})
rt0_conf.save("/tmp/calvin5000.conf")
_log.info("Starting runtime 0")
# Other runtimes
rt_conf.set('global','storage_type','proxy')
rt_conf.set('global','storage_proxy',"calvinip://%s:5000" % ip_addr )
rt_conf.set('security','certificate_authority',{
'domain_name':domain_name,
'is_ca':False
})
rt_conf.set("security", "security_conf", {
"comment": "External authentication, external authorization",
"authentication": {
"procedure": "external",
"server_uuid": runtimes[0]["id"]
},
"authorization": {
"procedure": "external",
"server_uuid": runtimes[0]["id"]
}
})
for i in range(1, NBR_OF_RUNTIMES):
rt_conf.save("/tmp/calvin500{}.conf".format(i))
# # Runtime 3: external authentication (RADIUS).
# rt3_conf = copy.deepcopy(rt1_conf)
# rt3_conf.set('security','enrollment_password',enrollment_passwords[3])
# rt3_conf.save("/tmp/calvin5002.conf")
# rt3_conf.set("security", "security_conf", {
# "authentication": {
# "procedure": "radius",
# "server_ip": "localhost",
# "secret": "elxghyc5lz1_passwd"
# },
# "authorization": {
# "procedure": "external",
# "server_uuid": runtimes[0].node_id
# }
# })
# rt3_conf.save("/tmp/calvin5003.conf")
helpers.start_all_runtimes(runtimes, hostname, request_handler)
request.addfinalizer(self.teardown)
