6 files changed, 32 insertions, 2 deletions

diff --git a/freeipa.spec.in b/freeipa.spec.in
index e8e51644f..136eea0d2 100644
--- a/freeipa.spec.in
+++ b/freeipa.spec.in
@@ -415,7 +415,9 @@ mkdir -p %{buildroot}%{_sysconfdir}/httpd/conf.d/
 mkdir -p %{buildroot}%{_usr}/share/ipa/html/
 /bin/touch %{buildroot}%{_usr}/share/ipa/html/ca.crt
 /bin/touch %{buildroot}%{_usr}/share/ipa/html/configure.jar
+/bin/touch %{buildroot}%{_usr}/share/ipa/html/kerberosauth.xpi
 /bin/touch %{buildroot}%{_usr}/share/ipa/html/krb.con
+/bin/touch %{buildroot}%{_usr}/share/ipa/html/krb.js
 /bin/touch %{buildroot}%{_usr}/share/ipa/html/krb5.ini
 /bin/touch %{buildroot}%{_usr}/share/ipa/html/krbrealm.con
 /bin/touch %{buildroot}%{_usr}/share/ipa/html/preferences.html
@@ -664,7 +666,9 @@ fi
 %{_usr}/share/ipa/ipa-pki-proxy.conf
 %ghost %attr(0644,root,apache) %config(noreplace) %{_usr}/share/ipa/html/ca.crt
 %ghost %attr(0644,root,apache) %{_usr}/share/ipa/html/configure.jar
+%ghost %attr(0644,root,apache) %{_usr}/share/ipa/html/kerberosauth.xpi
 %ghost %attr(0644,root,apache) %{_usr}/share/ipa/html/krb.con
+%ghost %attr(0644,root,apache) %{_usr}/share/ipa/html/krb.js
 %ghost %attr(0644,root,apache) %{_usr}/share/ipa/html/krb5.ini
 %ghost %attr(0644,root,apache) %{_usr}/share/ipa/html/krbrealm.con
 %ghost %attr(0644,root,apache) %{_usr}/share/ipa/html/preferences.html
diff --git a/install/share/Makefile.am b/install/share/Makefile.am
index 68c98e05a..03fef9a66 100644
--- a/install/share/Makefile.am
+++ b/install/share/Makefile.am
@@ -31,8 +31,9 @@ app_DATA =				\
 	krb5.conf.template		\
 	krb5.ini.template		\
 	krb.con.template		\
+	krb.js.template			\
 	krbrealm.con.template		\
-	preferences.html.template 	\
+	preferences.html.template	\
 	smb.conf.template		\
 	smb.conf.empty			\
 	referint-conf.ldif		\
diff --git a/install/share/krb.js.template b/install/share/krb.js.template
new file mode 100644
index 000000000..e7ea05595
--- /dev/null
+++ b/install/share/krb.js.template
@@ -0,0 +1,2 @@
+var IPA_REALM = "$REALM";
+var IPA_DOMAIN = "$DOMAIN";
\ No newline at end of file
diff --git a/install/tools/ipa-replica-install b/install/tools/ipa-replica-install
index 55417b72f..c1679c723 100755
--- a/install/tools/ipa-replica-install
+++ b/install/tools/ipa-replica-install
@@ -207,6 +207,8 @@ def install_http(config, auto_redirect):
         try:
             shutil.copy(config.dir + "/preferences.html", "/usr/share/ipa/html/preferences.html")
             shutil.copy(config.dir + "/configure.jar", "/usr/share/ipa/html/configure.jar")
+            shutil.copy(config.dir + "/krb.js", "/usr/share/ipa/html/krb.js")
+            shutil.copy(config.dir + "/kerberosauth.xpi", "/usr/share/ipa/html/kerberosauth.xpi")
         except Exception, e:
             print "error copying files: " + str(e)
             sys.exit(1)
diff --git a/install/tools/ipa-replica-prepare b/install/tools/ipa-replica-prepare
index dea52ea1e..d67ed818e 100755
--- a/install/tools/ipa-replica-prepare
+++ b/install/tools/ipa-replica-prepare
@@ -225,6 +225,8 @@ def copy_files(realm_name, dir):
     try:
         shutil.copy("/usr/share/ipa/html/ca.crt", dir + "/ca.crt")
         if ipautil.file_exists("/usr/share/ipa/html/preferences.html"):
+            shutil.copy("/usr/share/ipa/html/krb.js", dir + "/krb.js")
+            shutil.copy("/usr/share/ipa/html/kerberosauth.xpi", dir + "/kerberosauth.xpi")
             shutil.copy("/usr/share/ipa/html/preferences.html", dir + "/preferences.html")
             shutil.copy("/usr/share/ipa/html/configure.jar", dir + "/configure.jar")
         if ipautil.file_exists("/var/kerberos/krb5kdc/cacert.pem"):
diff --git a/ipaserver/install/httpinstance.py b/ipaserver/install/httpinstance.py
index e1d8b6db8..afadde40b 100644
--- a/ipaserver/install/httpinstance.py
+++ b/ipaserver/install/httpinstance.py
@@ -292,13 +292,20 @@ class HTTPInstance(service.Service):
         prefs_fd.close()
         os.chmod(target_fname, 0644)
 
+        target_fname = '/usr/share/ipa/html/krb.js'
+        prefs_txt = ipautil.template_file(ipautil.SHARE_DIR + "krb.js.template", self.sub_dict)
+        prefs_fd = open(target_fname, "w")
+        prefs_fd.write(prefs_txt)
+        prefs_fd.close()
+        os.chmod(target_fname, 0644)
+
         # The signing cert is generated in __setup_ssl
         db = certs.CertDB(self.realm, subject_base=self.subject_base)
-
         pwdfile = open(db.passwd_fname)
         pwd = pwdfile.read()
         pwdfile.close()
 
+        # Setup configure.jar
         tmpdir = tempfile.mkdtemp(prefix = "tmp-")
         target_fname = '/usr/share/ipa/html/configure.jar'
         shutil.copy("/usr/share/ipa/html/preferences.html", tmpdir)
@@ -309,6 +316,18 @@ class HTTPInstance(service.Service):
         shutil.rmtree(tmpdir)
         os.chmod(target_fname, 0644)
 
+        # Setup extension
+        tmpdir = tempfile.mkdtemp(prefix = "tmp-")
+        extdir = tmpdir + "/ext"
+        target_fname = "/usr/share/ipa/html/kerberosauth.xpi"
+        shutil.copytree("/usr/share/ipa/ffextension", extdir)
+        db.run_signtool(["-k", "Signing-Cert",
+                            "-p", pwd,
+                            "-X", "-Z", target_fname,
+                            extdir])
+        shutil.rmtree(tmpdir)
+        os.chmod(target_fname, 0644)
+
     def __publish_ca_cert(self):
         ca_db = certs.CertDB(self.realm)
         ca_db.publish_ca_cert("/usr/share/ipa/html/ca.crt")