Change examples to bind to 127.0.0.1 by default.

Since the README already says to point a browser at localhost, it
was surprising to see the listeners bound to 0.0.0.0 by default.
Changed that and added notes in README about how to change it if
the user really wants to make a test listener accessible
externally.

Updated output messages during startup to include the bound IP,
to make this more obvious.

Added a missing EOL or two.

example/README

@@ -25,6 +25,10 @@ To run the setup do
 
 and then use your favourite webbrowser to look at "http://localhost:8087/whoami"
 
+Note, the listeners are all configured to bind to localhost (127.0.0.1) only.
+If you want to be able to connect to them externally, grep "HOST = '127.0.0.1'"
+example/*/*.py and replace 127.0.0.1 with 0.0.0.0 or a specific IP.
+
 ./all.sh stop
 
 will of course stop your IdP and SP.

example/idp2/idp.py

@@ -976,10 +976,11 @@ if __name__ == '__main__':
                             module_directory=_rot + 'modules',
                             input_encoding='utf-8', output_encoding='utf-8')
 
+    HOST = '127.0.0.1'
     PORT = 8088
 
-    SRV = make_server('', PORT, application)
+    SRV = make_server(HOST, PORT, application)
-    print "IdP listening on port: %s" % PORT
+    print "IdP listening on %s:%s" % (HOST, PORT)
     SRV.serve_forever()
 else:
     _rot = args.mako_root

example/idp2_repoze/idp.py

@@ -977,10 +977,11 @@ if __name__ == '__main__':
                             module_directory=_rot + 'modules',
                             input_encoding='utf-8', output_encoding='utf-8')
 
+    HOST = '127.0.0.1'
     PORT = 8088
 
-    SRV = make_server('', PORT, application)
+    SRV = make_server(HOST, PORT, application)
-    print "IdP listening on port: %s" % PORT
+    print "IdP listening on %s:%s" % (HOST, PORT)
     SRV.serve_forever()
 else:
     _rot = args.mako_root

example/sp-repoze/sp.py

@@ -268,6 +268,7 @@ app_with_auth = make_middleware_with_config(application, {"here": "."},
                                             log_file="repoze_who.log")
 
 # ----------------------------------------------------------------------------
+HOST = '127.0.0.1'
 PORT = 8087
 
 # allow uwsgi or gunicorn mount
@@ -291,6 +292,6 @@ if __name__ == '__main__':
     args = parser.parse_args()
 
     from wsgiref.simple_server import make_server
-    srv = make_server('', PORT, app_with_auth)
+    srv = make_server(HOST, PORT, app_with_auth)
-    print "SP listening on port: %s" % PORT
+    print "SP listening on %s:%s" % (HOST, PORT)
     srv.serve_forever()

example/sp-wsgi/service_conf.py

@@ -1,5 +1,6 @@
 from saml2.assertion import Policy
 
+HOST = '127.0.0.1'
 PORT = 8087
 HTTPS = False
 
@@ -13,4 +14,4 @@ POLICY = Policy(
 # HTTPS cert information
 SERVER_CERT = "pki/ssl.crt"
 SERVER_KEY = "pki/ssl.pem"
-CERT_CHAIN = ""
+CERT_CHAIN = ""

example/sp-wsgi/sp.py

@@ -683,6 +683,7 @@ def application(environ, start_response):
 
 # ----------------------------------------------------------------------------
 
+HOST = service_conf.HOST
 PORT = service_conf.PORT
 # ------- HTTPS -------
 # These should point to relevant files
@@ -727,13 +728,13 @@ if __name__ == '__main__':
 
     add_urls()
 
-    SRV = wsgiserver.CherryPyWSGIServer(('0.0.0.0', PORT), application)
+    SRV = wsgiserver.CherryPyWSGIServer((HOST, PORT), application)
 
     if service_conf.HTTPS:
         SRV.ssl_adapter = ssl_pyopenssl.pyOpenSSLAdapter(SERVER_CERT,
                                                          SERVER_KEY, CERT_CHAIN)
     logger.info("Server starting")
-    print "SP listening on port: %s" % PORT
+    print "SP listening on %s:%s" % (HOST, PORT)
     try:
         SRV.start()
     except KeyboardInterrupt: