Reversible Anonymiser

Merge lp:~henrin10/reversible/reversible into lp:reversible

  1. reversible
  2. Merge into trunk
Proposed by Henrik Nergaard
Status: Merged
Merged at revision: 31
Proposed branch: lp:~henrin10/reversible/reversible
Merge into: lp:reversible
Diff against target: 140 lines (+42/-22)
2 files modified
anonymiser/UserAuthorisation.py (+36/-22)
anonymiser/reversible-anonymiser.sh (+6/-0)
To merge this branch: bzr merge lp:~henrin10/reversible/reversible
Reviewer Review Type Date Requested Status
Nils Ulltveit-Moe Pending
Review via email: mp+291769@code.launchpad.net

Description of the change

amqps output support

To post a comment you must log in.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
=== modified file 'anonymiser/UserAuthorisation.py'
--- anonymiser/UserAuthorisation.py 2016-01-03 20:28:12 +0000
+++ anonymiser/UserAuthorisation.py 2016-04-13 15:02:48 +0000
@@ -74,15 +74,17 @@
74 self.cache=None74 self.cache=None
75 self.producers=[] # Producer thread(s)75 self.producers=[] # Producer thread(s)
76 self.consumers=[] # Consumer thread(s)76 self.consumers=[] # Consumer thread(s)
77 self.makeRequest=XACMLCacheAuthRequest()77 self.makeRequest=XACMLCacheAuthRequest()
7878
79 def authoriseDataConsumer(self, SERVICE_ENDPOINT, user, resource, action):79 def authoriseDataConsumer(self, SERVICE_ENDPOINT, user, resource, action):
80
80 """81 """
81 Authorise a new consumer to read the XACML data stream.82 Authorise a new consumer to read the XACML data stream.
82 The initial authorisation response contains obligations that83 The initial authorisation response contains obligations that
83 are used to set up the consumer object.84 are used to set up the consumer object.
84 FIXME: This belongs in the SOAP stubs section...85 FIXME: This belongs in the SOAP stubs section...
85 """86 """
87
86 # Preferred method is passing in a parsed DOM tree.88 # Preferred method is passing in a parsed DOM tree.
87 # I use the convenience method that accepts an input string for now.89 # I use the convenience method that accepts an input string for now.
88 # FIXME later: use a validating DOM parser instead of the intermediate solution below.90 # FIXME later: use a validating DOM parser instead of the intermediate solution below.
@@ -91,7 +93,7 @@
91 request = self.makeRequest.initialRequest(user, resource, action)93 request = self.makeRequest.initialRequest(user, resource, action)
92 94
93 # Evaluate the XACML request 95 # Evaluate the XACML request
94 #self.logger.info(request)96 #self.logger.info(request)
9597
96 requestHandle=RequestCtx.getInstance(ByteArrayInputStream(request))98 requestHandle=RequestCtx.getInstance(ByteArrayInputStream(request))
97 response=self.pdp.evaluate(requestHandle)99 response=self.pdp.evaluate(requestHandle)
@@ -105,59 +107,71 @@
105 # Full logic to be added later.107 # Full logic to be added later.
106 108
107 if results[0].DECISIONS[results[0].decision] == "Permit":109 if results[0].DECISIONS[results[0].decision] == "Permit":
108 # OK - I am authorised to the PEP. Set up the caching specification for this data consumer.110 # OK - I am authorised to the PEP. Set up the caching specification for this data consumer.
109 111
110 # Do key handling before any threading starts.112 # Do key handling before any threading starts.
111 pubkey, privkey = generateRSAKeyPair("Anonymiser")113 pubkey, privkey = generateRSAKeyPair("Anonymiser")
112 114
113 115
114 # Set up the decision cache 116 # Set up the decision cache
115 self.cache=XACMLDecisionCache(self.pdp, results, user)117 self.cache=XACMLDecisionCache(self.pdp, results, user)
116 118
117 # Print the caching specification (debugging)119 # Print the caching specification (debugging)
118 #self.logger.info(str(self.cache.cacheSpecification))120 # self.logger.info(str(self.cache.cacheSpecification))
119 121
120 # Set up the output thread plugin.122 # Set up the output thread plugin.
121 se = urlparse(SERVICE_ENDPOINT)123 se = urlparse(SERVICE_ENDPOINT)
124
122 if se.scheme == "http":125 if se.scheme == "http":
123 from anonymiserlib.HTTPSOutputThread import HTTPOutputThread126 from anonymiserlib.HTTPSOutputThread import HTTPOutputThread
124 outThread = HTTPOutputThread(SERVICE_ENDPOINT)127 outThread = HTTPOutputThread(SERVICE_ENDPOINT)
128
125 elif se.scheme == "https":129 elif se.scheme == "https":
126 from anonymiserlib.HTTPSOutputThread import SSLOutputThread130 from anonymiserlib.HTTPSOutputThread import SSLOutputThread
127 outThread = SSLOutputThread(SERVICE_ENDPOINT) 131 outThread = SSLOutputThread(SERVICE_ENDPOINT)
132
128 elif se.scheme == "amqp":133 elif se.scheme == "amqp":
129 from anonymiserlib.RabbitOutputThread import RabbitOutputThread134 from anonymiserlib.RabbitOutputThread import RabbitOutputThread
130 outThread = RabbitOutputThread(SERVICE_ENDPOINT) 135 outThread = RabbitOutputThread(SERVICE_ENDPOINT)
136
131 elif se.scheme == "amqps":137 elif se.scheme == "amqps":
132 raise NotImplementedException("amqps:// protocol not yet implemented.")138 from anonymiserlib.RabbitSSLOutputThread import RabbitSSLOutputThread
139 outThread = RabbitSSLOutputThread(SERVICE_ENDPOINT)
140
133 elif se.scheme == "text":141 elif se.scheme == "text":
134 from anonymiserlib.TextOutputThread import TextOutputThread142 from anonymiserlib.TextOutputThread import TextOutputThread
135 outThread = TextOutputThread(SERVICE_ENDPOINT) 143 outThread = TextOutputThread(SERVICE_ENDPOINT)
136 144
145 else
146 raise NotImplementedException("Error [ " + se.scheme + " ]. This scheme is not implemented, or formatted wrongly")
147
137 self.producers.append(outThread)148 self.producers.append(outThread)
138 149
139 # Start the output thread.150 # Start the output thread.
140 outThread.start()151 outThread.start()
141 152
142 # Create a new data consumer, read cache spec and set up crypto keys etc.153 # Create a new data consumer, read cache spec and set up crypto keys etc.
143 adc=AnonymisedDataConsumer(self.cache, outThread, self.profileData)154 adc=AnonymisedDataConsumer(self.cache, outThread, self.profileData)
144 155
145 # Set up crypto specification.156 # Set up crypto specification.
146 adc.cryptoSpecification(pubkey, privkey, self.cache.keyMap, self.cache.pubKeyMap)157 adc.cryptoSpecification(pubkey, privkey, self.cache.keyMap, self.cache.pubKeyMap)
147 158
148 # Start the data consumer thread159 # Start the data consumer thread
149 # ====================================================#160 # ====================================================#
150 # WARNING: CONSUMER THREAD (ANONOMISER) STARTS HERE. #161 # WARNING: CONSUMER THREAD (ANONOMISER) STARTS HERE. #
151 # NO THREAD UNSAFE CODE #162 # NO THREAD UNSAFE CODE #
152 # BELOW THIS LINE... OR CODE WILL BREAK... #163 # BELOW THIS LINE... OR CODE WILL BREAK... #
153 # ====================================================#164 # ====================================================#
154 # Add the data consumer thread to the list of active consumers165
155 self.consumers.append(adc)166 # Add the data consumer thread to the list of active consumers
167 self.consumers.append(adc)
168
156 # and start the thread.169 # and start the thread.
157 adc.start()170 adc.start()
171
158 else:172 else:
159 # Did not get access.173 # Did not get access.
160 raise AccessDeniedException("Initial authorisation: Access denied for "+user)174 raise AccessDeniedException("Initial authorisation: Access denied for " + user)
161175
162 # Return the XACML response for now.176 # Return the XACML response for now.
163 return results[0].DECISIONS[results[0].decision]177 return results[0].DECISIONS[results[0].decision]
164178
=== modified file 'anonymiser/reversible-anonymiser.sh'
--- anonymiser/reversible-anonymiser.sh 2016-01-03 13:35:06 +0000
+++ anonymiser/reversible-anonymiser.sh 2016-04-13 15:02:48 +0000
@@ -57,6 +57,12 @@
57# PRECYSE ESB server interface57# PRECYSE ESB server interface
58export CLASSPATH=$CLASSPATH:../idmefStreamServer/lib/precysePublishStreamInterface.jar58export CLASSPATH=$CLASSPATH:../idmefStreamServer/lib/precysePublishStreamInterface.jar
5959
60# JAR files for AMQPS support
61for MQJAR in ${REVERSIBLE_HOME}/../amqps/*.jar
62do
63 export CLASSPATH="$CLASSPATH:$MQJAR"
64done
65
60echo $CLASSPATH66echo $CLASSPATH
6167
62echo "Starting anonymiser, please wait..."68echo "Starting anonymiser, please wait..."

Subscribers

People subscribed via source and target branches