pki.git/base/common, branch alee-82 Unnamed repository; edit this file 'description' to name the repository. Added ACLInterceptor. 2012-11-08T16:20:05+00:00 Endi Sukma Dewata edewata@redhat.com 2012-10-10T09:38:05+00:00 cb209df95c4dee11f2a912e20b417fa3bc41c88f Previously ACL checking was done in PKIRealm by matching the URL. This code has been replaced by ACLInterceptor which will intercept RESTEasy method invocations. This allows more precise mapping of REST methods to ACL entries in acl.ldif. Ticket #287 
Previously ACL checking was done in PKIRealm by matching the URL.
This code has been replaced by ACLInterceptor which will intercept
RESTEasy method invocations. This allows more precise mapping of
REST methods to ACL entries in acl.ldif.

Ticket #287
Updated logo_header.gif paths. 2012-11-06T20:43:52+00:00 Endi Sukma Dewata edewata@redhat.com 2012-11-02T16:00:33+00:00 f077cf4b9165f5b675dfade25b56e94f5aab7dca 






Updated favicon.ico paths.
2012-11-06T20:43:47+00:00

Endi Sukma Dewata
edewata@redhat.com

2012-11-02T15:50:17+00:00

a959d7d65f1b1ee1002fcaeea9523d096d429242












Set paths for default instance
2012-11-05T03:12:57+00:00

Ade Lee
alee@redhat.com

2012-10-26T16:36:14+00:00

db9537d210a20b90115374e5b406db6c9658bc3a

With this patch, it will be possible to install a default instance
simply by adding the passwords in the pkideployment.cfg.  This file
can then be used without additional alteration to add subsystems to the
same instance, by re-running pkispawn against the config file.

The patch makes sure that cert nicknames, database and baseDN , admin users
and client db are unique per subsystem.  An option is added to reuse the
existing server cert generated by the first subsystem and copy the
required data to all subsystems.

Ticket 379, 385





With this patch, it will be possible to install a default instance
simply by adding the passwords in the pkideployment.cfg.  This file
can then be used without additional alteration to add subsystems to the
same instance, by re-running pkispawn against the config file.

The patch makes sure that cert nicknames, database and baseDN , admin users
and client db are unique per subsystem.  An option is added to reuse the
existing server cert generated by the first subsystem and copy the
required data to all subsystems.

Ticket 379, 385







Fix for ticket 384 - Incorrect profiles path referenced
2012-10-29T20:55:36+00:00

Abhishek Koneru
akoneru@redhat.com

2012-10-25T06:19:58+00:00

1485a05654211eec7935441b468769298782df6e












Removal of version numbers from jar file names
2012-10-29T20:32:23+00:00

Matthew Harmsen
mharmsen@redhat.com

2012-10-29T20:30:42+00:00

8d77b527adf2ae4b1487ec63dd4e03835180e793

* TRAC Ticket #350 - Dogtag 10: Remove version numbers from PKI jar files . . .





* TRAC Ticket #350 - Dogtag 10: Remove version numbers from PKI jar files . . .







Enabled authentication for key services.
2012-10-29T15:38:38+00:00

Endi Sukma Dewata
edewata@redhat.com

2012-10-25T16:52:15+00:00

c1aa8b2d05cb1873990d1a3e9cf007cca240f135

The web.xml in KRA has been modified to enable the authentication
for key and key request services. Some tools have been added to
access the services via command-line.

Ticket #376





The web.xml in KRA has been modified to enable the authentication
for key and key request services. Some tools have been added to
access the services via command-line.

Ticket #376







Fixed synchronization problem in CertificateRepository.
2012-10-29T15:38:29+00:00

Endi Sukma Dewata
edewata@redhat.com

2012-09-26T02:40:04+00:00

748605a324266bb515a3d1124bc55deb3be4df71

Some synchronized methods in CertificateRepository may block
modifyCeritifcateRecord() too long, so they have been moved
into CRLIssuingPoint and CertStatusUpdateThread.

Ticket #313





Some synchronized methods in CertificateRepository may block
modifyCeritifcateRecord() too long, so they have been moved
into CRLIssuingPoint and CertStatusUpdateThread.

Ticket #313







Enabled Tomcat security manager.
2012-10-27T04:32:31+00:00

Endi Sukma Dewata
edewata@redhat.com

2012-10-02T16:40:35+00:00

5eab7fedf1c78610b5e030b9e07e93f32633e9ad

The tomcat.conf and the template deployment configuration have been
modified to enable the security manager. The operations script has
been modified to generate a new catalina.policy from the standard
Tomcat policy, the standard PKI policy and the custom policy every
time the instance is started.

The current catalina.policy has been changed to store a header for
the dynamically generated catalina.policy. A new pki.policy has been
added to store the default PKI security policy. An empty
custom.policy has been added to store policy customization.

Ticket #223





The tomcat.conf and the template deployment configuration have been
modified to enable the security manager. The operations script has
been modified to generate a new catalina.policy from the standard
Tomcat policy, the standard PKI policy and the custom policy every
time the instance is started.

The current catalina.policy has been changed to store a header for
the dynamically generated catalina.policy. A new pki.policy has been
added to store the default PKI security policy. An empty
custom.policy has been added to store policy customization.

Ticket #223







Refactored GetDomainXML servlet.
2012-10-26T21:02:00+00:00

Endi Sukma Dewata
edewata@redhat.com

2012-10-16T02:11:55+00:00

9c17ef40d7ee983e59ad009d960473611262ac40

The GetDomainXML servlet has been refactored to use the new
SecurityDomainProcessor.

Ticket #309





The GetDomainXML servlet has been refactored to use the new
SecurityDomainProcessor.

Ticket #309