{ "info": { "author": "Richard Wilkinson", "author_email": "UNKNOWN", "bugtrack_url": null, "classifiers": [], "description": "=====================\nTHREDDS Security Test\n=====================\n\nDescription\n===========\nThis is a set of tools for testing the security configuration of THREDDS data servers. There are\nthree tools:\n\nthredds_test_url_access::\n - Determines whether access is available to a single resource specified by URL. An option is\n provided to download the resource.\n\nthredds_test_catalog_access::\n - Determines whether access is available to the resources listed in a catalog specified by URL.\n Optionally, it will recurse through catalog references. Numbers of resources to which access is\n allowed and/or denied can be specified and a check is made that these match the results.\n\n Each service listed in the catalog as applicable to a dataset is tried. For services that have\n multiple extensions used to access different types of data or metadata, each extension is tried\n (by default, this following extensions are tried for OPENDAP services: .html, .dds, .das, .asc,\n .ascii and .dods).\n\n If there is more than one service or service/extension combination available for accessing a\n dataset, and access is found to be possible by some of these but not others, the security\n configuration will be reported as inconsistent.\n\nthredds_test_file_access::\n - Determines whether access is available to a set of resources specified by URL listed in a file.\n This is intended to be used to check that files that exist in the THREDDS content directories,\n but which are not listed in catalogs, are not accessible.\n\nPrerequisites\n=============\nThis has been developed and tested for Python 2.6 compiled with HTTPS support. Earlier Python\nversions do not handle HTTPS proxies.\n\nInstallation\n============\nInstallation can be performed using easy_install, e.g.::\n easy_install thredds_security_test-0.1.0-py2.6.egg\n\nRunning\n=======\nEach tool has a -h or --help option, which shows the usage and options. Common options are::\n\n -h, --help Show help message and exit.\n -k FILE, --private-key=FILE\n Private key file - defaults to $HOME/.esg/credentials.pem\n -c FILE, --certificate=FILE\n Certificate file - defaults to $HOME/.esg/credentials.pem\n -d, --debug Print debug information - this may be useful in solving problems with HTTP\n or HTTPS access to a server.\n -q, --quiet Produce minimal output.\n\nSpecific arguments and options::\n\n thredds_test_url_access [options] url\n url The URL of the resource the accessibility of which is to be tested\n -f FILE, --fetch=FILE\n Specifies a file into which to fetch the resource contents if accessible.\n\n thredds_test_catalog_access [options] catalog_url\n catalog_url The URL of the catalog to test\n -l, --list-only Only list datasets in the catalog(s) without checking access.\n -r, --recurse Recurse into referenced catalogs. References of the following types are\n followed:\n o Service with service type 'Catalog' or 'Resolver\n o Catalog references contained within a catalog\n -a NUMBER, --expect-allowed=NUMBER\n Number of datasets for which access is expected to be allowed. After the\n access checks are made, this number is compared with the number found; if\n they are not the same an error message printed and the tool returns status\n value 1.\n -x NUMBER, --expect-denied=NUMBER\n Number of datasets for which access is expected to be denied. After the\n access checks are made, this number is compared with the number found; if\n they are not the same an error message printed and the tool returns status\n value 1.\n -e SERVICE_EXTENSIONS, --service-extensions=SERVICE_EXTENSIONS\n A list of service types and and for each a list of extensions to be tried.\n The format is as in the following:\n OPENDAP:.html,.dds;OtherSvc:.dat,.asc\n Defaults to: OPENDAP:.html,.dds,.das,.asc,.ascii,.dods\n -p PUBLIC_SERVICE_EXTENSIONS, --public-service-extensions=PUBLIC_SERVICE_EXTENSIONS\n Service types and extensions for which public access\n is expected, e.g., OPENDAP:.html,.dds\n Defaults to: OPENDAP:.html\n This option is used to prevent access to a dataset being classed as\n inconsistent if, e.g., the .html resource is publicly accessible but other\n resources are not accessible using the account used for testing.\n -f FORBIDDEN_SERVICE_EXTENSIONS, --forbidden-service-extensions=FORBIDDEN_SERVICE_EXTENSIONS\n Service types and extensions for which no access is\n expected, e.g., OPENDAP:.asc\n This is of use, e.g., if a security configuration allows access to the .asc\n resources but not the equivalent .ascii resources.\n\n thredds_test_file_access [options] list_file_path\n list_file_path Path of a file containing a list of URLs, of which the accessibility of each\n is to be tested\n -a NUMBER, --expect-allowed=NUMBER\n Number of datasets for which access is expected to be allowed. After the\n access checks are made, this number is compared with the number found; if\n they are not the same an error message printed and the tool returns status\n value 1.\n -x NUMBER, --expect-denied=NUMBER\n Number of datasets for which access is expected to be denied. After the\n access checks are made, this number is compared with the number found; if\n they are not the same an error message printed and the tool returns status\n value 1.\n\nReturn statuses::\n thredds_test_url_access\n 0 - if the resource is accessible\n 1 -if the resource is not accessible\n\n thredds_test_catalog_access\n 1 - if the expect-allowed and/or expect-denied options were specified and the result did not match\n the option value.\n 2 - if the user interrupted test\n 0 - otherwise\n\n thredds_test_file_access\n 1 - if the expect-allowed and/or expect-denied options were specified and the result did not match\n the option value.\n 2 - if the user interrupted test\n 0 - otherwise\n\nScripted Testing\n================\nIn addition to the command line tools described above, Python test scripts may also be written. The\ntests should call any of the functions::\n thredds_security_test.lib.catalog_access.check_catalog\n thredds_security_test.lib.file_access.check_files\n thredds_security_test.lib.httpget.check_url\n\nSee thredds_security_test.test.test_access.py for an example of usage.", "description_content_type": null, "docs_url": null, "download_url": "UNKNOWN", "downloads": { "last_day": -1, "last_month": -1, "last_week": -1 }, "home_page": "UNKNOWN", "keywords": null, "license": "BSD - See LICENCE file for details", "maintainer": null, "maintainer_email": null, "name": "thredds_security_test", "package_url": "https://pypi.org/project/thredds_security_test/", "platform": "UNKNOWN", "project_url": "https://pypi.org/project/thredds_security_test/", "project_urls": { "Download": "UNKNOWN", "Homepage": "UNKNOWN" }, "release_url": "https://pypi.org/project/thredds_security_test/0.1.0/", "requires_dist": null, "requires_python": null, "summary": "THREDDS Data Server security configuration test utilities", "version": "0.1.0" }, "last_serial": 1298161, "releases": { "0.1.0": [ { "comment_text": "", "digests": { "md5": "3b6dc8f98fc5fc1de2fcd405a9974af9", "sha256": "28ed351104bc6e339bffb4c7f2163627be7913b4efad18c7c374cba1defd0004" }, "downloads": -1, "filename": "thredds_security_test-0.1.0.tar.gz", "has_sig": false, "md5_digest": "3b6dc8f98fc5fc1de2fcd405a9974af9", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 15672, "upload_time": "2011-10-10T11:25:25", "url": "https://files.pythonhosted.org/packages/db/91/050e5f2e83b031d344eaafc959a0c0dd3be38b0806e6ed5e607473361de9/thredds_security_test-0.1.0.tar.gz" } ] }, "urls": [ { "comment_text": "", "digests": { "md5": "3b6dc8f98fc5fc1de2fcd405a9974af9", "sha256": "28ed351104bc6e339bffb4c7f2163627be7913b4efad18c7c374cba1defd0004" }, "downloads": -1, "filename": "thredds_security_test-0.1.0.tar.gz", "has_sig": false, "md5_digest": "3b6dc8f98fc5fc1de2fcd405a9974af9", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 15672, "upload_time": "2011-10-10T11:25:25", "url": "https://files.pythonhosted.org/packages/db/91/050e5f2e83b031d344eaafc959a0c0dd3be38b0806e6ed5e607473361de9/thredds_security_test-0.1.0.tar.gz" } ] }