pki.git/base/common/shared/conf/context.xml, branch alee-76 Unnamed repository; edit this file 'description' to name the repository. Added proxy realm. 2012-09-05T15:09:41+00:00 Endi Sukma Dewata edewata@redhat.com 2012-08-21T22:38:29+00:00 8eb2eac080c2e9595b506f49f25d2c1718453bbc CMS engine is a singleton and it's used by PKI realm to authenticate users accessing the subsystem. Since a Tomcat instance may contain multiple subsystems, each having separate realm, the PKI JAR links need to be moved into WEB-INF/lib so that they will run inside separate class loaders. Tomcat also requires that the authenticator and realm classes be available in common/lib. To address this a new package pki-tomcat.jar has been added. The package contains the authenticator and a proxy realm. When the subsystems start running, they will register their own realms into the proxy realms such that the authentications will be forwarded to the appropriate subsystems. Ticket #89 
CMS engine is a singleton and it's used by PKI realm to authenticate
users accessing the subsystem. Since a Tomcat instance may contain
multiple subsystems, each having separate realm, the PKI JAR links
need to be moved into WEB-INF/lib so that they will run inside
separate class loaders.

Tomcat also requires that the authenticator and realm classes be
available in common/lib. To address this a new package pki-tomcat.jar
has been added. The package contains the authenticator and a proxy
realm. When the subsystems start running, they will register their
own realms into the proxy realms such that the authentications will
be forwarded to the appropriate subsystems.

Ticket #89
Enabled SSL authenticator and PKI realm. 2012-08-03T22:07:20+00:00 Endi Sukma Dewata edewata@redhat.com 2012-07-27T01:40:08+00:00 9ca367e9c16273af11909f4c72f9c5cf5ddb0b4d The SSL connection has been configured with clientAuth="want" so users can choose whether to provide a client certificate or username and password. The authentication and authorization will be handled by the SSL authenticator with fallback and PKI realm. New access control rules have been added for users, groups, and certs REST services. Ticket #107 
The SSL connection has been configured with clientAuth="want" so
users can choose whether to provide a client certificate or username
and password. The authentication and authorization will be handled
by the SSL authenticator with fallback and PKI realm. New access
control rules have been added for users, groups, and certs REST
services.

Ticket #107
PKI Deployment Scriptlets 2012-05-25T21:59:48+00:00 Matthew Harmsen mharmsen@redhat.com 2012-05-24T01:59:06+00:00 4a263b8db27208413acd0f038ea67629d5ee27bb * Integration of Tomcat 7 * Addition of centralized 'pki-tomcatd' systemd functionality to the PKI Deployment strategy * Removal of 'pki_flavor' attribute 
* Integration of Tomcat 7
* Addition of centralized 'pki-tomcatd' systemd functionality to the
  PKI Deployment strategy
* Removal of 'pki_flavor' attribute