pki.git/base/ca/shared, branch alee-78 Unnamed repository; edit this file 'description' to name the repository. Enabled realm authentication for certificate requests. 2012-10-22T22:12:35+00:00 Endi Sukma Dewata edewata@redhat.com 2012-08-03T14:55:53+00:00 c1f9b3999a3dc5020b08fa4106c6c3a632183de9 The realm authentication on certificate request REST services has been enabled. Since now in the CLI the authentication is done using a separate login operation, it is now possible to POST the approval data without the problem related to chunked message. Ticket #300 
The realm authentication on certificate request REST services has
been enabled. Since now in the CLI the authentication is done using
a separate login operation, it is now possible to POST the approval
data without the problem related to chunked message.

Ticket #300
Added REST account service. 2012-10-22T22:12:20+00:00 Endi Sukma Dewata edewata@redhat.com 2012-10-08T19:50:26+00:00 1723a2ecd9d4d741ecd6d292712eeaea9d19bde9 A REST account service has been added to allow client to login to establish a session and to logout to destroy the session. This way multiple operations can be executed using the same session without having to re-authenticate. Ticket #357 
A REST account service has been added to allow client to login
to establish a session and to logout to destroy the session. This
way multiple operations can be executed using the same session
without having to re-authenticate.

Ticket #357
Provide option to install, rather than replicate schema in a clone 2012-10-22T16:03:39+00:00 Ade Lee alee@redhat.com 2012-10-19T05:35:04+00:00 1c45197227a0d54b525d4b40f66aa96aeb4f2e6a 






Reorder VLV indexing for clones to avoid errors
2012-10-22T16:03:29+00:00

Ade Lee
alee@redhat.com

2012-10-18T05:20:46+00:00

40bcc2cc6e4b6f9f9bd36c56fc63f20902486188












Enabled authentication for security domain REST interface.
2012-10-18T15:06:54+00:00

Endi Sukma Dewata
edewata@redhat.com

2012-09-06T21:33:48+00:00

168d95446c3a7ae8643128a51fa86dd326e3a6a8

The REST interface for security domain has been refactored and
configured such that it requires authentication. A CLI has been
added to get an installation token.

Ticket #309





The REST interface for security domain has been refactored and
configured such that it requires authentication. A CLI has been
added to get an installation token.

Ticket #309







Using RPM version number in CMake.
2012-10-01T18:15:44+00:00

Endi Sukma Dewata
edewata@redhat.com

2012-09-30T17:21:46+00:00

f81718c563ea12240e161a807013acd2d6eb1f2e

The RPM spec files have been modified to pass the full RPM version
number to CMake. The version number contains the product version
number, release number, milestone, and platform. The CMake scritps
will parse and use this version number to generate Java manifest
files. The product version number will be used as the specification
version and full version number will be used as the implementation
version.

Ticket #339





The RPM spec files have been modified to pass the full RPM version
number to CMake. The version number contains the product version
number, release number, milestone, and platform. The CMake scritps
will parse and use this version number to generate Java manifest
files. The product version number will be used as the specification
version and full version number will be used as the implementation
version.

Ticket #339







Audit Cert Renewal
2012-09-21T00:08:50+00:00

Matthew Harmsen
mharmsen@redhat.com

2012-09-20T17:23:47+00:00

f5b8ea5b087f642a0208c228dce6f700cd7d91c1

* TRAC Ticket #333 - Increase audit cert renewal range to 2 years
* Bugzilla Bug #843979 - Increase audit cert renewal range to 2 years





* TRAC Ticket #333 - Increase audit cert renewal range to 2 years
* Bugzilla Bug #843979 - Increase audit cert renewal range to 2 years







Added common ROOT webapp.
2012-09-12T17:38:58+00:00

Endi Sukma Dewata
edewata@redhat.com

2012-08-28T19:14:54+00:00

7c622a4e5714af8f83ce30022c970cc36c2ee597

The current ROOT webapp will redirect users coming to the root
URL path to the proper path of the subsystem's webapp.

Since now a single Tomcat instance may have multiple subsystems,
a new ROOT webapp has been added to present the user with a menu
of all available webapps from all subsystems in the instance.

Ticket #89





The current ROOT webapp will redirect users coming to the root
URL path to the proper path of the subsystem's webapp.

Since now a single Tomcat instance may have multiple subsystems,
a new ROOT webapp has been added to present the user with a menu
of all available webapps from all subsystems in the instance.

Ticket #89







Added proxy realm.
2012-09-05T15:09:41+00:00

Endi Sukma Dewata
edewata@redhat.com

2012-08-21T22:38:29+00:00

8eb2eac080c2e9595b506f49f25d2c1718453bbc

CMS engine is a singleton and it's used by PKI realm to authenticate
users accessing the subsystem. Since a Tomcat instance may contain
multiple subsystems, each having separate realm, the PKI JAR links
need to be moved into WEB-INF/lib so that they will run inside
separate class loaders.

Tomcat also requires that the authenticator and realm classes be
available in common/lib. To address this a new package pki-tomcat.jar
has been added. The package contains the authenticator and a proxy
realm. When the subsystems start running, they will register their
own realms into the proxy realms such that the authentications will
be forwarded to the appropriate subsystems.

Ticket #89





CMS engine is a singleton and it's used by PKI realm to authenticate
users accessing the subsystem. Since a Tomcat instance may contain
multiple subsystems, each having separate realm, the PKI JAR links
need to be moved into WEB-INF/lib so that they will run inside
separate class loaders.

Tomcat also requires that the authenticator and realm classes be
available in common/lib. To address this a new package pki-tomcat.jar
has been added. The package contains the authenticator and a proxy
realm. When the subsystems start running, they will register their
own realms into the proxy realms such that the authentications will
be forwarded to the appropriate subsystems.

Ticket #89







Enabled SSL authenticator and PKI realm.
2012-08-03T22:07:20+00:00

Endi Sukma Dewata
edewata@redhat.com

2012-07-27T01:40:08+00:00

9ca367e9c16273af11909f4c72f9c5cf5ddb0b4d

The SSL connection has been configured with clientAuth="want" so
users can choose whether to provide a client certificate or username
and password. The authentication and authorization will be handled
by the SSL authenticator with fallback and PKI realm. New access
control rules have been added for users, groups, and certs REST
services.

Ticket #107





The SSL connection has been configured with clientAuth="want" so
users can choose whether to provide a client certificate or username
and password. The authentication and authorization will be handled
by the SSL authenticator with fallback and PKI realm. New access
control rules have been added for users, groups, and certs REST
services.

Ticket #107