def setup(self, request): from calvin.Tools.csruntime import csruntime from conftest import _config_pytest global runtimes global rt_attributes global request_handler try: shutil.rmtree(credentials_testdir) except Exception as err: print "Failed to remove old testdir, err={}".format(err) pass try: shutil.copytree(orig_identity_provider_path, identity_provider_path) except Exception as err: _log.error("Failed to create test folder structure, err={}".format(err)) print "Failed to create test folder structure, err={}".format(err) raise helpers.sign_files_for_security_tests(credentials_testdir) runtimes = helpers.create_CA_and_generate_runtime_certs(domain_name, credentials_testdir, NBR_OF_RUNTIMES) #Initiate Requesthandler with trusted CA cert truststore_dir = certificate.get_truststore_path(type=certificate.TRUSTSTORE_TRANSPORT, security_dir=credentials_testdir) request_handler = RequestHandler(verify=truststore_dir) #Let's use the admin user0 for request_handler request_handler.set_credentials({"user": "******", "password": "******"}) rt_conf = copy.deepcopy(_conf) rt_conf.set('security', 'security_dir', credentials_testdir) rt_conf.set('global', 'actor_paths', [actor_store_path]) # Runtime 0: Certificate authority, authentication server, authorization server, proxy storage server. rt0_conf = copy.deepcopy(rt_conf) rt0_conf.set('global','storage_type','local') rt0_conf.set("security", "security_conf", { "comment": "Authentication server accepting external requests", "authentication": { "procedure": "local", "identity_provider_path": identity_provider_path, "accept_external_requests": True } }) rt0_conf.save("/tmp/calvin5000.conf") # Other runtimes rt_conf.set('global','storage_type','proxy') rt_conf.set('global','storage_proxy',"calvinip://%s:5000" % ip_addr ) rt_conf.set("security", "security_conf", { "comment": "External authentication", "authentication": { "procedure": "external" } }) for i in range(1, NBR_OF_RUNTIMES): rt_conf.save("/tmp/calvin500{}.conf".format(i)) helpers.start_all_runtimes(runtimes, hostname, request_handler) request.addfinalizer(self.teardown)
def setup(self, request): from calvin.Tools.csruntime import csruntime from conftest import _config_pytest import fileinput global runtimes global request_handler try: shutil.rmtree(credentials_testdir) except Exception as err: print "Failed to remove old tesdir, err={}".format(err) pass try: shutil.copytree(orig_identity_provider_path, identity_provider_path) except Exception as err: _log.error("Failed to copy the identity provider files, err={}".format(err)) raise actor_store_path, application_store_path = helpers.sign_files_for_security_tests(credentials_testdir) runtimes = helpers.create_CA_and_generate_runtime_certs(domain_name, credentials_testdir, NBR_OF_RUNTIMES) #Initiate Requesthandler with trusted CA cert truststore_dir = certificate.get_truststore_path(type=certificate.TRUSTSTORE_TRANSPORT, security_dir=credentials_testdir) request_handler = RequestHandler(verify=truststore_dir) #Let's use the admin user0 for request_handler request_handler.set_credentials({"user": "******", "password": "******"}) rt_conf = copy.deepcopy(_conf) rt_conf.set('security', 'security_dir', credentials_testdir) rt_conf.set('global', 'actor_paths', [actor_store_path]) # Runtime 0: Certificate authority, authentication server, authorization server. rt0_conf = copy.deepcopy(rt_conf) rt0_conf.set('global','storage_type','local') rt0_conf.set('security','certificate_authority',{ 'domain_name':domain_name, 'is_ca':True }) rt0_conf.set("security", "security_conf", { "comment": "Certificate Authority", "authentication": { "procedure": "local", "identity_provider_path": identity_provider_path, "accept_external_requests": True }, "authorization": { "procedure": "local", "policy_storage_path": policy_storage_path, "accept_external_requests": True } }) rt0_conf.save("/tmp/calvin5000.conf") _log.info("Starting runtime 0") # Other runtimes rt_conf.set('global','storage_type','proxy') rt_conf.set('global','storage_proxy',"calvinip://%s:5000" % ip_addr ) rt_conf.set('security','certificate_authority',{ 'domain_name':domain_name, 'is_ca':False }) rt_conf.set("security", "security_conf", { "comment": "External authentication, external authorization", "authentication": { "procedure": "external", "server_uuid": runtimes[0]["id"] }, "authorization": { "procedure": "external", "server_uuid": runtimes[0]["id"] } }) for i in range(1, NBR_OF_RUNTIMES): rt_conf.save("/tmp/calvin500{}.conf".format(i)) # # Runtime 3: external authentication (RADIUS). # rt3_conf = copy.deepcopy(rt1_conf) # rt3_conf.set('security','enrollment_password',enrollment_passwords[3]) # rt3_conf.save("/tmp/calvin5002.conf") # rt3_conf.set("security", "security_conf", { # "authentication": { # "procedure": "radius", # "server_ip": "localhost", # "secret": "elxghyc5lz1_passwd" # }, # "authorization": { # "procedure": "external", # "server_uuid": runtimes[0].node_id # } # }) # rt3_conf.save("/tmp/calvin5003.conf") helpers.start_all_runtimes(runtimes, hostname, request_handler) request.addfinalizer(self.teardown)