pki.git/base/deploy, branch ticket-472 Unnamed repository; edit this file 'description' to name the repository. Added DS info validation. 2013-02-20T03:56:29+00:00 Endi Sukma Dewata edewata@redhat.com 2013-02-20T03:29:10+00:00 6668f3b43e17869adc18ed7c1ade7ce3c4ba0d73 The installer script has been modified to validate DS info in both interactive and silent installation. Ticket #472 
The installer script has been modified to validate DS info in both
interactive and silent installation.

Ticket #472
Added authentication method validation. 2013-02-19T18:20:53+00:00 Endi Sukma Dewata edewata@redhat.com 2013-02-01T18:05:38+00:00 f49c98ca0cbfc0def8f055c2d97c031ff0f4a439 A new mechanism has been added to specify the authentication methods that can be used to invoke the REST methods. The AuthMethodMapping annotation maps each REST method to a list of allowed authentication methods. When a client calls a REST method, the AuthMethodInterceptor will intercept the call and verify that the client uses an allowed authentication method. Most REST methods that require authentication have been configured to require client certificate authentication. Authentication using username and password will only be used to get the installation token from security domain. Ticket #477 
A new mechanism has been added to specify the authentication methods that
can be used to invoke the REST methods. The AuthMethodMapping annotation
maps each REST method to a list of allowed authentication methods. When a
client calls a REST method, the AuthMethodInterceptor will intercept the
call and verify that the client uses an allowed authentication method.

Most REST methods that require authentication have been configured to
require client certificate authentication. Authentication using username
and password will only be used to get the installation token from security
domain.

Ticket #477
Change pkidestroy to get an install token and use admin interface to update 2013-02-11T16:20:56+00:00 Ade Lee alee@redhat.com 2013-02-01T19:21:25+00:00 8acab668775a85931c33e68eb79b2cf822b7c631 security domain. 
security domain.
Added interactive subsystem installation. 2013-02-04T23:48:02+00:00 Endi Sukma Dewata edewata@redhat.com 2012-12-18T19:46:41+00:00 981ebcce84770c9d48e80fc9b5ffd2bbf8fd0816 The pkispawn has been modified such that the configuration file and subsystem type are optional. The pkidestroy has been modified such that the instance name and subsystem type are optional. If any of these options are not specified they will enter an interactive mode. Ticket #380 
The pkispawn has been modified such that the configuration file
and subsystem type are optional. The pkidestroy has been modified
such that the instance name and subsystem type are optional.
If any of these options are not specified they will enter an
interactive mode.

Ticket #380
Fixed CLI 'cert-find' clientAuth FQDN hostname issue 2013-01-25T08:09:27+00:00 Matthew Harmsen mharmsen@redhat.com 2013-01-25T08:07:39+00:00 833feccb5539146a7f7288ed7eaef5aed9f26911 * TRAC Ticket #488 - Dogtag 10: Fix CLI 'cert-find' clientAuth issue 
* TRAC Ticket #488 - Dogtag 10: Fix CLI 'cert-find' clientAuth issue
Resolved Trac Ticket 367 - pkidestroy does not remove connector 2013-01-15T14:28:38+00:00 Ade Lee alee@redhat.com 2012-12-20T22:38:13+00:00 1cceecafb8050ec362a9c9568d36d52d3fe4117e * Added RESTful servlet to add/remove a KRA connector from the CA. * Modified ACL to allow KRA subsystem user to remove connector. * Modified connector code to allow the connector to be replaced without a server restart. * Added functionality to pki CLI to add/remove connector * Added code to pkidestroy to remove the connector (using both pki CLI and sslget) When the issues with pki connection are resolved, we will use that method instead. * Modified sslget to accept HTTP return codes != 200. In this case, we were returning 204 - which is perfectly legitimate. 
* Added RESTful servlet to add/remove a KRA connector from the CA.
* Modified ACL to allow KRA subsystem user to remove connector.
* Modified connector code to allow the connector to be replaced without a server restart.
* Added functionality to pki CLI to add/remove connector
* Added code to pkidestroy to remove the connector (using both pki CLI and sslget)
  When the issues with pki connection are resolved, we will use that method instead.
* Modified sslget to accept HTTP return codes != 200.  In this case, we were returning
  204 - which is perfectly legitimate.
Use tomcatjss 7.1.0 and fix weird errno=0 exception 2013-01-07T20:00:46+00:00 Matthew Harmsen mharmsen@redhat.com 2013-01-05T06:01:07+00:00 b61f31bf15e733de5881cc070feb57aa3686c92d * TRAC Ticket #469 - Dogtag 10: Fix tomcatjss issue in pki-core.spec and dogtag-pki.spec . . . * TRAC Ticket #468 - pkispawn throws exception 
* TRAC Ticket #469 - Dogtag 10: Fix tomcatjss issue in pki-core.spec and
  dogtag-pki.spec . . .
* TRAC Ticket #468 - pkispawn throws exception
TRAC Ticket #271 - Dogtag 10: Fix 'status' command in 'pkidaemon' . . . 2012-12-19T19:51:04+00:00 Matthew Harmsen mharmsen@redhat.com 2012-12-19T19:49:57+00:00 01bbfc224a228206fbe18318b2a23363fa9663cc 






fix typo in default.cfg
2012-12-19T16:53:54+00:00

Ade Lee
alee@redhat.com

2012-12-19T16:53:54+00:00

43db13a8c83fed0af15b9fb442872c05774c0569












Man page addition for parameter pki_client_admin_cert_p12
2012-12-19T05:07:30+00:00

Ade Lee
alee@redhat.com

2012-12-19T02:29:11+00:00

87af59c01bf14c4c5f9765cce7b52d17f62583ae