def get_url_security(self, cluster_id, connection=None):
""" Returns the security configuration of HTTP URLs.
"""
with closing(self.session()) as session:
# What DB class to fetch depending on the string value of the security type.
sec_type_db_class = {
"basic_auth": HTTPBasicAuth,
"oauth": OAuth,
"tech_acc": TechnicalAccount,
"wss": WSSDefinition,
}
result = {}
q = query.http_soap_security_list(session, cluster_id, connection)
columns = Bunch()
# So ConfigDict has its data in the format it expects
for c in q.statement.columns:
columns[c.name] = None
for item in q.all():
target = "{}{}{}".format(item.soap_action, MISC.SEPARATOR, item.url_path)
result[target] = Bunch()
result[target].is_active = item.is_active
result[target].transport = item.transport
result[target].data_format = item.data_format
if item.security_id:
result[target].sec_def = Bunch()
# Will raise KeyError if the DB gets somehow misconfigured.
db_class = sec_type_db_class[item.sec_type]
sec_def = session.query(db_class).filter(db_class.id == item.security_id).one()
# Common things first
result[target].sec_def.name = sec_def.name
result[target].sec_def.password = sec_def.password
result[target].sec_def.sec_type = item.sec_type
if item.sec_type == security_def_type.tech_account:
result[target].sec_def.salt = sec_def.salt
elif item.sec_type == security_def_type.basic_auth:
result[target].sec_def.username = sec_def.username
result[target].sec_def.password = sec_def.password
result[target].sec_def.realm = sec_def.realm
elif item.sec_type == security_def_type.wss:
result[target].sec_def.username = sec_def.username
result[target].sec_def.password = sec_def.password
result[target].sec_def.password_type = sec_def.password_type
result[target].sec_def.reject_empty_nonce_creat = sec_def.reject_empty_nonce_creat
result[target].sec_def.reject_stale_tokens = sec_def.reject_stale_tokens
result[target].sec_def.reject_expiry_limit = sec_def.reject_expiry_limit
result[target].sec_def.nonce_freshness_time = sec_def.nonce_freshness_time
else:
result[target].sec_def = ZATO_NONE
return result, columns
def get_url_security(self, server):
""" Returns the security configuration of HTTP URLs.
"""
# What DB class to fetch depending on the string value of the security type.
sec_type_db_class = {
'tech_acc': TechnicalAccount,
'basic_auth': HTTPBasicAuth,
'wss_username_password': WSSDefinition
}
result = {}
sec_def_q = http_soap_security_list(self._session, server.cluster_id).all()
for item in sec_def_q:
result[item.url_path] = Bunch()
result[item.url_path].transport = item.transport
if item.security_def_type:
result[item.url_path].sec_def = Bunch()
result[item.url_path].sec_def.type = item.security_def_type
# Will raise KeyError if the DB gets somehow misconfigured.
db_class = sec_type_db_class[item.security_def_type]
sec_def = self._session.query(db_class).\
filter(db_class.security_def_id==item.security_def_id).\
one()
if item.security_def_type == 'tech_acc':
result[item.url_path].sec_def.name = sec_def.name
result[item.url_path].sec_def.password = sec_def.password
result[item.url_path].sec_def.salt = sec_def.salt
elif item.security_def_type == 'basic_auth':
result[item.url_path].sec_def.name = sec_def.name
result[item.url_path].sec_def.password = sec_def.password
result[item.url_path].sec_def.domain = sec_def.domain
elif item.security_def_type == 'wss_username_password':
result[item.url_path].sec_def.username = sec_def.username
result[item.url_path].sec_def.password = sec_def.password
result[item.url_path].sec_def.password_type = sec_def.password_type
result[item.url_path].sec_def.reject_empty_nonce_ts = sec_def.reject_empty_nonce_ts
result[item.url_path].sec_def.reject_stale_username = sec_def.reject_stale_username
result[item.url_path].sec_def.expiry_limit = sec_def.expiry_limit
result[item.url_path].sec_def.nonce_freshness = sec_def.nonce_freshness
else:
result[item.url_path].sec_def = ZATO_NONE
return result
def get_url_security(self, cluster_id, connection=None):
""" Returns the security configuration of HTTP URLs.
"""
with closing(self.session()) as session:
# What DB class to fetch depending on the string value of the security type.
sec_type_db_class = {
SEC_DEF_TYPE.APIKEY: APIKeySecurity,
SEC_DEF_TYPE.BASIC_AUTH: HTTPBasicAuth,
SEC_DEF_TYPE.OAUTH: OAuth,
SEC_DEF_TYPE.TECH_ACCOUNT: TechnicalAccount,
SEC_DEF_TYPE.WSS: WSSDefinition,
SEC_DEF_TYPE.TLS_CHANNEL_SEC: TLSChannelSecurity,
SEC_DEF_TYPE.XPATH_SEC: XPathSecurity,
}
result = {}
q = query.http_soap_security_list(session, cluster_id, connection)
columns = Bunch()
# So ConfigDict has its data in the format it expects
for c in q.statement.columns:
columns[c.name] = None
for item in q.all():
target = '{}{}{}'.format(item.soap_action, MISC.SEPARATOR,
item.url_path)
result[target] = Bunch()
result[target].is_active = item.is_active
result[target].transport = item.transport
result[target].data_format = item.data_format
if item.security_id:
result[target].sec_def = Bunch()
# Will raise KeyError if the DB gets somehow misconfigured.
db_class = sec_type_db_class[item.sec_type]
sec_def = session.query(db_class).\
filter(db_class.id==item.security_id).\
one()
# Common things first
result[target].sec_def.id = sec_def.id
result[target].sec_def.name = sec_def.name
result[target].sec_def.password = sec_def.password
result[target].sec_def.sec_type = item.sec_type
if item.sec_type == SEC_DEF_TYPE.TECH_ACCOUNT:
result[target].sec_def.salt = sec_def.salt
elif item.sec_type == SEC_DEF_TYPE.BASIC_AUTH:
result[target].sec_def.username = sec_def.username
result[target].sec_def.password = sec_def.password
result[target].sec_def.realm = sec_def.realm
elif item.sec_type == SEC_DEF_TYPE.APIKEY:
result[target].sec_def.username = '******'.format(
sec_def.username.upper().replace('-', '_'))
result[target].sec_def.password = sec_def.password
elif item.sec_type == SEC_DEF_TYPE.WSS:
result[target].sec_def.username = sec_def.username
result[target].sec_def.password = sec_def.password
result[
target].sec_def.password_type = sec_def.password_type
result[
target].sec_def.reject_empty_nonce_creat = sec_def.reject_empty_nonce_creat
result[
target].sec_def.reject_stale_tokens = sec_def.reject_stale_tokens
result[
target].sec_def.reject_expiry_limit = sec_def.reject_expiry_limit
result[
target].sec_def.nonce_freshness_time = sec_def.nonce_freshness_time
elif item.sec_type == SEC_DEF_TYPE.TLS_CHANNEL_SEC:
result[target].sec_def.value = dict(
parse_tls_channel_security_definition(
sec_def.value))
elif item.sec_type == SEC_DEF_TYPE.XPATH_SEC:
result[target].sec_def.username = sec_def.username
result[target].sec_def.password = sec_def.password
result[
target].sec_def.username_expr = sec_def.username_expr
result[
target].sec_def.password_expr = sec_def.password_expr
else:
result[target].sec_def = ZATO_NONE
return result, columns
def get_url_security(self, cluster_id, connection=None):
""" Returns the security configuration of HTTP URLs.
"""
with closing(self.session()) as session:
# What DB class to fetch depending on the string value of the security type.
sec_type_db_class = {
SEC_DEF_TYPE.APIKEY: APIKeySecurity,
SEC_DEF_TYPE.BASIC_AUTH: HTTPBasicAuth,
SEC_DEF_TYPE.OAUTH: OAuth,
SEC_DEF_TYPE.TECH_ACCOUNT: TechnicalAccount,
SEC_DEF_TYPE.WSS: WSSDefinition,
SEC_DEF_TYPE.XPATH_SEC: XPathSecurity,
}
result = {}
q = query.http_soap_security_list(session, cluster_id, connection)
columns = Bunch()
# So ConfigDict has its data in the format it expects
for c in q.statement.columns:
columns[c.name] = None
for item in q.all():
target = '{}{}{}'.format(item.soap_action, MISC.SEPARATOR, item.url_path)
result[target] = Bunch()
result[target].is_active = item.is_active
result[target].transport = item.transport
result[target].data_format = item.data_format
if item.security_id:
result[target].sec_def = Bunch()
# Will raise KeyError if the DB gets somehow misconfigured.
db_class = sec_type_db_class[item.sec_type]
sec_def = session.query(db_class).\
filter(db_class.id==item.security_id).\
one()
# Common things first
result[target].sec_def.id = sec_def.id
result[target].sec_def.name = sec_def.name
result[target].sec_def.password = sec_def.password
result[target].sec_def.sec_type = item.sec_type
if item.sec_type == SEC_DEF_TYPE.TECH_ACCOUNT:
result[target].sec_def.salt = sec_def.salt
elif item.sec_type == SEC_DEF_TYPE.BASIC_AUTH:
result[target].sec_def.username = sec_def.username
result[target].sec_def.password = sec_def.password
result[target].sec_def.realm = sec_def.realm
elif item.sec_type == SEC_DEF_TYPE.APIKEY:
result[target].sec_def.username = '******'.format(sec_def.username.upper())
result[target].sec_def.password = sec_def.password
elif item.sec_type == SEC_DEF_TYPE.WSS:
result[target].sec_def.username = sec_def.username
result[target].sec_def.password = sec_def.password
result[target].sec_def.password_type = sec_def.password_type
result[target].sec_def.reject_empty_nonce_creat = sec_def.reject_empty_nonce_creat
result[target].sec_def.reject_stale_tokens = sec_def.reject_stale_tokens
result[target].sec_def.reject_expiry_limit = sec_def.reject_expiry_limit
result[target].sec_def.nonce_freshness_time = sec_def.nonce_freshness_time
elif item.sec_type == SEC_DEF_TYPE.XPATH_SEC:
result[target].sec_def.username = sec_def.username
result[target].sec_def.password = sec_def.password
result[target].sec_def.username_expr = sec_def.username_expr
result[target].sec_def.password_expr = sec_def.password_expr
else:
result[target].sec_def = ZATO_NONE
return result, columns
def get_url_security(self, cluster_id):
""" Returns the security configuration of HTTP URLs.
"""
# What DB class to fetch depending on the string value of the security type.
sec_type_db_class = {
'tech_acc': TechnicalAccount,
'basic_auth': HTTPBasicAuth,
'wss': WSSDefinition
}
result = MultiDict()
query = http_soap_security_list(self._session, cluster_id)
columns = Bunch()
# So ConfigDict has its data in the format it expects
for c in query.statement.columns:
columns[c.name] = None
for item in query.all():
_info = Bunch()
_info[item.soap_action] = Bunch()
_info[item.soap_action].transport = item.transport
_info[item.soap_action].data_format = item.data_format
if item.security_id:
_info[item.soap_action].sec_def = Bunch()
# Will raise KeyError if the DB gets somehow misconfigured.
db_class = sec_type_db_class[item.sec_type]
sec_def = self._session.query(db_class).\
filter(db_class.id==item.security_id).\
one()
# Common things first
_info[item.soap_action].sec_def.name = sec_def.name
_info[item.soap_action].sec_def.password = sec_def.password
_info[item.soap_action].sec_def.sec_type = item.sec_type
if item.sec_type == security_def_type.tech_account:
_info[item.soap_action].sec_def.salt = sec_def.salt
elif item.sec_type == security_def_type.basic_auth:
_info[item.soap_action].sec_def.username = sec_def.username
_info[item.soap_action].sec_def.password = sec_def.password
_info[item.soap_action].sec_def.realm = sec_def.realm
elif item.sec_type == security_def_type.wss:
_info[item.soap_action].sec_def.username = sec_def.username
_info[item.soap_action].sec_def.password = sec_def.password
_info[item.soap_action].sec_def.password_type = sec_def.password_type
_info[item.soap_action].sec_def.reject_empty_nonce_creat = sec_def.reject_empty_nonce_creat
_info[item.soap_action].sec_def.reject_stale_tokens = sec_def.reject_stale_tokens
_info[item.soap_action].sec_def.reject_expiry_limit = sec_def.reject_expiry_limit
_info[item.soap_action].sec_def.nonce_freshness_time = sec_def.nonce_freshness_time
else:
_info[item.soap_action].sec_def = ZATO_NONE
result.add(item.url_path, _info)
return result, columns
def get_url_security(self, cluster_id, connection=None):
""" Returns the security configuration of HTTP URLs.
"""
# What DB class to fetch depending on the string value of the security type.
sec_type_db_class = {
'tech_acc': TechnicalAccount,
'basic_auth': HTTPBasicAuth,
'wss': WSSDefinition
}
result = MultiDict()
query = http_soap_security_list(self._session, cluster_id, connection)
columns = Bunch()
# So ConfigDict has its data in the format it expects
for c in query.statement.columns:
columns[c.name] = None
for item in query.all():
_info = Bunch()
_info[item.soap_action] = Bunch()
_info[item.soap_action].is_active = item.is_active
_info[item.soap_action].transport = item.transport
_info[item.soap_action].data_format = item.data_format
if item.security_id:
_info[item.soap_action].sec_def = Bunch()
# Will raise KeyError if the DB gets somehow misconfigured.
db_class = sec_type_db_class[item.sec_type]
sec_def = self._session.query(db_class).\
filter(db_class.id==item.security_id).\
one()
# Common things first
_info[item.soap_action].sec_def.name = sec_def.name
_info[item.soap_action].sec_def.password = sec_def.password
_info[item.soap_action].sec_def.sec_type = item.sec_type
if item.sec_type == security_def_type.tech_account:
_info[item.soap_action].sec_def.salt = sec_def.salt
elif item.sec_type == security_def_type.basic_auth:
_info[item.soap_action].sec_def.username = sec_def.username
_info[item.soap_action].sec_def.password = sec_def.password
_info[item.soap_action].sec_def.realm = sec_def.realm
elif item.sec_type == security_def_type.wss:
_info[item.soap_action].sec_def.username = sec_def.username
_info[item.soap_action].sec_def.password = sec_def.password
_info[
item.
soap_action].sec_def.password_type = sec_def.password_type
_info[
item.
soap_action].sec_def.reject_empty_nonce_creat = sec_def.reject_empty_nonce_creat
_info[
item.
soap_action].sec_def.reject_stale_tokens = sec_def.reject_stale_tokens
_info[
item.
soap_action].sec_def.reject_expiry_limit = sec_def.reject_expiry_limit
_info[
item.
soap_action].sec_def.nonce_freshness_time = sec_def.nonce_freshness_time
else:
_info[item.soap_action].sec_def = ZATO_NONE
result.add(item.url_path, _info)
return result, columns