summaryrefslogtreecommitdiffstats
path: root/base/kra/shared/webapps
diff options
context:
space:
mode:
authorEndi Sukma Dewata <edewata@redhat.com>2012-03-24 02:27:47 -0500
committerEndi Sukma Dewata <edewata@redhat.com>2012-03-26 11:43:54 -0500
commit621d9e5c413e561293d7484b93882d985b3fe15f (patch)
tree638f3d75761c121d9a8fb50b52a12a6686c5ac5c /base/kra/shared/webapps
parent40d3643b8d91886bf210aa27f711731c81a11e49 (diff)
downloadpki-621d9e5c413e561293d7484b93882d985b3fe15f.tar.gz
pki-621d9e5c413e561293d7484b93882d985b3fe15f.tar.xz
pki-621d9e5c413e561293d7484b93882d985b3fe15f.zip
Removed unnecessary pki folder.
Previously the source code was located inside a pki folder. This folder was created during svn migration and is no longer needed. This folder has now been removed and the contents have been moved up one level. Ticket #131
Diffstat (limited to 'base/kra/shared/webapps')
-rw-r--r--base/kra/shared/webapps/ROOT/WEB-INF/web.xml29
-rw-r--r--base/kra/shared/webapps/ROOT/index.jsp98
-rw-r--r--base/kra/shared/webapps/kra/WEB-INF/auth.properties16
-rw-r--r--base/kra/shared/webapps/kra/WEB-INF/velocity.properties8
-rw-r--r--base/kra/shared/webapps/kra/WEB-INF/web.xml1115
5 files changed, 1266 insertions, 0 deletions
diff --git a/base/kra/shared/webapps/ROOT/WEB-INF/web.xml b/base/kra/shared/webapps/ROOT/WEB-INF/web.xml
new file mode 100644
index 000000000..59245836e
--- /dev/null
+++ b/base/kra/shared/webapps/ROOT/WEB-INF/web.xml
@@ -0,0 +1,29 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!--
+ Copyright 2004 The Apache Software Foundation
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+
+<web-app xmlns="http://java.sun.com/xml/ns/j2ee"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
+ version="2.4">
+
+ <display-name>Welcome to Tomcat</display-name>
+ <description>
+ Welcome to Tomcat
+ </description>
+
+</web-app>
+
diff --git a/base/kra/shared/webapps/ROOT/index.jsp b/base/kra/shared/webapps/ROOT/index.jsp
new file mode 100644
index 000000000..4b2b3c60a
--- /dev/null
+++ b/base/kra/shared/webapps/ROOT/index.jsp
@@ -0,0 +1,98 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License along
+ with this program; if not, write to the Free Software Foundation, Inc.,
+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+ Copyright (C) 2010 Red Hat, Inc.
+ All rights reserved.
+ --- END COPYRIGHT BLOCK --- -->
+<%
+ // establish acceptable schemes
+ final String HTTP_SCHEME = "http";
+ final String HTTPS_SCHEME = "https";
+
+ // establish known ports
+ final int EE_HTTP_PORT = [PKI_UNSECURE_PORT];
+ final int AGENT_HTTPS_PORT = [PKI_AGENT_SECURE_PORT];
+ final int EE_HTTPS_PORT = [PKI_EE_SECURE_PORT];
+ final int ADMIN_HTTPS_PORT = [PKI_ADMIN_SECURE_PORT];
+
+ // establish known paths
+ final String ADMIN_PATH = "/[PKI_SUBSYSTEM_TYPE]/services";
+ final String AGENT_PATH = "/[PKI_SUBSYSTEM_TYPE]/agent/[PKI_SUBSYSTEM_TYPE]";
+ final String ERROR_PATH = "/[PKI_SUBSYSTEM_TYPE]/404.html";
+
+ // retrieve scheme from request
+ String scheme = request.getScheme();
+
+ // retrieve client hostname on which the request was sent
+ String client_hostname = request.getServerName();
+
+ // retrieve client port number on which the request was sent
+ int client_port = request.getServerPort();
+
+ // retrieve server hostname on which the request was received
+ String server_hostname = request.getLocalName();
+
+ // retrieve server port number on which the request was received
+ int server_port = request.getLocalPort();
+
+ // uncomment the following lines to write to 'catalina.out'
+ //System.out.println( "scheme = '" + scheme + "'" );
+ //System.out.println( "client hostname = '" + client_hostname + "'" );
+ //System.out.println( "client port = '" + client_port + "'" );
+ //System.out.println( "server hostname = '" + server_hostname + "'" );
+ //System.out.println( "server port = '" + server_port + "'" );
+
+ // compose the appropriate URL
+ String URL = "";
+
+ if( scheme.equals( HTTP_SCHEME ) ) {
+ if( server_port == EE_HTTP_PORT ) {
+ // always redirect to secure admin 'services' port
+ scheme = HTTPS_SCHEME;
+ client_port = ADMIN_HTTPS_PORT;
+ URL = scheme + "://" + client_hostname + ":" + client_port + ADMIN_PATH;
+ } else {
+ // unknown HTTP server port: should never get here
+ URL = scheme + "://" + client_hostname + ":" + client_port + ERROR_PATH;
+
+ // uncomment the following line to write to 'catalina.out'
+ //System.out.println( "Unknown HTTP server port: '" + server_port + "'" );
+ }
+ } else if( scheme.equals( HTTPS_SCHEME ) ) {
+ if( server_port == AGENT_HTTPS_PORT ) {
+ URL = scheme + "://" + client_hostname + ":" + client_port + AGENT_PATH;
+ } else if( server_port == EE_HTTPS_PORT ) {
+ // always redirect to secure admin 'services' port
+ client_port = ADMIN_HTTPS_PORT;
+ URL = scheme + "://" + client_hostname + ":" + client_port + ADMIN_PATH;
+ } else if( server_port == ADMIN_HTTPS_PORT ) {
+ URL = scheme + "://" + client_hostname + ":" + client_port + ADMIN_PATH;
+ } else {
+ // unknown HTTPS server port: should never get here
+ URL = scheme + "://" + client_hostname + ":" + client_port + ERROR_PATH;
+
+ // uncomment the following line to write to 'catalina.out'
+ //System.out.println( "Unknown HTTPS server port: '" + server_port + "'" );
+ }
+ } else {
+ // unacceptable scheme: should never get here
+ URL = scheme + "://" + client_hostname + ":" + client_port + ERROR_PATH;
+
+ // uncomment the following line to write to 'catalina.out'
+ //System.out.println( "Unacceptable scheme: '" + scheme + "'" );
+ }
+
+ // respond (back to browser) with the appropriate redirected URL
+ response.sendRedirect( URL );
+%>
diff --git a/base/kra/shared/webapps/kra/WEB-INF/auth.properties b/base/kra/shared/webapps/kra/WEB-INF/auth.properties
new file mode 100644
index 000000000..a206aa9e4
--- /dev/null
+++ b/base/kra/shared/webapps/kra/WEB-INF/auth.properties
@@ -0,0 +1,16 @@
+# Restful API auth/authz mapping info
+#
+# Format:
+# <Rest API URL> = <ACL Resource ID>,<ACL resource operation>
+# ex: /kra/pki/key/retrieve = certServer.kra.pki.key.retrieve,execute
+
+/kra/pki/key/retrieve = certServer.kra.pki.key.retrieve,execute
+/kra/pki/keyrequests = certServer.kra.pki.keyrequests,read
+/kra/pki/keyrequest = certServer.kra.pki.keyrequest,read
+/kra/pki/keyrequest/archive = certServer.kra.pki.keyrequest.archive,execute
+/kra/pki/keyrequest/recover = certServer.kra.pki.keyrequest.recover,execute
+/kra/pki/keyrequest/approve = certServer.kra.pki.keyrequest.approve,execute
+/kra/pki/keyrequest/reject = certServer.kra.pki.keyrequest.reject,execute
+/kra/pki/keyrequest/cancel = certServer.kra.pki.keyrequest.cancel,execute
+/kra/pki/keys = certServer.kra.pki.keys,read
+/kra/pki/config/cert/transport = certServer.kra.pki.config.cert.transport,read
diff --git a/base/kra/shared/webapps/kra/WEB-INF/velocity.properties b/base/kra/shared/webapps/kra/WEB-INF/velocity.properties
new file mode 100644
index 000000000..2dfae4bca
--- /dev/null
+++ b/base/kra/shared/webapps/kra/WEB-INF/velocity.properties
@@ -0,0 +1,8 @@
+resource.loader = file
+file.resource.loader.class = org.apache.velocity.runtime.resource.loader.FileResourceLoader
+file.resource.loader.path = [PKI_INSTANCE_PATH]/[PKI_WEBAPPS_NAME]/[PKI_SUBSYSTEM_TYPE]
+file.resource.loader.cache = true
+file.resource.loader.modificationCheckInterval = 2
+input.encoding=UTF-8
+output.encoding=UTF-8
+runtime.log.logsystem.class=org.apache.velocity.runtime.log.NullLogSystem
diff --git a/base/kra/shared/webapps/kra/WEB-INF/web.xml b/base/kra/shared/webapps/kra/WEB-INF/web.xml
new file mode 100644
index 000000000..c6e9934eb
--- /dev/null
+++ b/base/kra/shared/webapps/kra/WEB-INF/web.xml
@@ -0,0 +1,1115 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!DOCTYPE web-app
+ PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "file:///usr/share/pki/setup/web-app_2_3.dtd">
+<web-app>
+
+ <filter>
+ <filter-name>AgentRequestFilter</filter-name>
+ <filter-class>com.netscape.cms.servlet.filter.AgentRequestFilter</filter-class>
+ <init-param>
+ <param-name>https_port</param-name>
+ <param-value>[PKI_AGENT_SECURE_PORT]</param-value>
+ </init-param>
+[PKI_OPEN_ENABLE_PROXY_COMMENT]
+ <init-param>
+ <param-name>proxy_port</param-name>
+ <param-value>[PKI_PROXY_SECURE_PORT]</param-value>
+ </init-param>
+[PKI_CLOSE_ENABLE_PROXY_COMMENT]
+ <init-param>
+ <param-name>active</param-name>
+ <param-value>true</param-value>
+ </init-param>
+ </filter>
+
+ <filter>
+ <filter-name>AdminRequestFilter</filter-name>
+ <filter-class>com.netscape.cms.servlet.filter.AdminRequestFilter</filter-class>
+ <init-param>
+ <param-name>https_port</param-name>
+ <param-value>[PKI_ADMIN_SECURE_PORT]</param-value>
+ </init-param>
+[PKI_OPEN_ENABLE_PROXY_COMMENT]
+ <init-param>
+ <param-name>proxy_port</param-name>
+ <param-value>[PKI_PROXY_SECURE_PORT]</param-value>
+ </init-param>
+[PKI_CLOSE_ENABLE_PROXY_COMMENT]
+ <init-param>
+ <param-name>active</param-name>
+ <param-value>true</param-value>
+ </init-param>
+ </filter>
+
+ <filter>
+ <filter-name>EERequestFilter</filter-name>
+ <filter-class>com.netscape.cms.servlet.filter.EERequestFilter</filter-class>
+ <init-param>
+ <param-name>http_port</param-name>
+ <param-value>[PKI_UNSECURE_PORT]</param-value>
+ </init-param>
+ <init-param>
+ <param-name>https_port</param-name>
+ <param-value>[PKI_EE_SECURE_PORT]</param-value>
+ </init-param>
+[PKI_OPEN_ENABLE_PROXY_COMMENT]
+ <init-param>
+ <param-name>proxy_port</param-name>
+ <param-value>[PKI_PROXY_SECURE_PORT]</param-value>
+ </init-param>
+ <init-param>
+ <param-name>proxy_http_port</param-name>
+ <param-value>[PKI_PROXY_UNSECURE_PORT]</param-value>
+ </init-param>
+[PKI_CLOSE_ENABLE_PROXY_COMMENT]
+ <init-param>
+ <param-name>active</param-name>
+ <param-value>true</param-value>
+ </init-param>
+ </filter>
+
+ <servlet>
+ <servlet-name>csadmin-wizard</servlet-name>
+ <servlet-class>com.netscape.cms.servlet.wizard.WizardServlet</servlet-class>
+ <init-param>
+ <param-name>properties</param-name>
+ <param-value>/WEB-INF/velocity.properties</param-value>
+ </init-param>
+ <init-param>
+ <param-name>name</param-name>
+ <param-value>DRM Setup Wizard</param-value>
+ </init-param>
+ <init-param>
+ <param-name>panels</param-name>
+ <param-value>welcome=com.netscape.cms.servlet.csadmin.WelcomePanel,module=com.netscape.cms.servlet.csadmin.ModulePanel,confighsmlogin=com.netscape.cms.servlet.csadmin.ConfigHSMLoginPanel,securitydomain=com.netscape.cms.servlet.csadmin.SecurityDomainPanel,securitydomain=com.netscape.cms.servlet.csadmin.DisplayCertChainPanel,subsystem=com.netscape.cms.servlet.csadmin.CreateSubsystemPanel,restorekeys=com.netscape.cms.servlet.csadmin.RestoreKeyCertPanel,databasepanel=com.netscape.cms.servlet.csadmin.DatabasePanel,sizepanel=com.netscape.cms.servlet.csadmin.SizePanel,namepanel=com.netscape.cms.servlet.csadmin.NamePanel,certrequestpanel=com.netscape.cms.servlet.csadmin.CertRequestPanel,backupkeys=com.netscape.cms.servlet.csadmin.BackupKeyCertPanel,savepk12=com.netscape.cms.servlet.csadmin.SavePKCS12Panel,adminpanel=com.netscape.cms.servlet.csadmin.AdminPanel,importadmincertpanel=com.netscape.cms.servlet.csadmin.ImportAdminCertPanel,donepanel=com.netscape.cms.servlet.csadmin.DonePanel</param-value>
+ </init-param>
+ </servlet>
+
+ <servlet>
+ <servlet-name>csadmin-login</servlet-name>
+ <servlet-class>com.netscape.cms.servlet.csadmin.LoginServlet</servlet-class>
+ <init-param>
+ <param-name>properties</param-name>
+ <param-value>/WEB-INF/velocity.properties</param-value>
+ </init-param>
+ </servlet>
+
+
+ <servlet>
+ <servlet-name> kraKRADisplayBySerialForRecovery </servlet-name>
+ <servlet-class> com.netscape.cms.servlet.key.DisplayBySerialForRecovery </servlet-class>
+ <init-param><param-name> GetClientCert </param-name>
+ <param-value> true </param-value> </init-param>
+ <init-param><param-name> AuthzMgr </param-name>
+ <param-value> BasicAclAuthz </param-value> </init-param>
+ <init-param><param-name> authority </param-name>
+ <param-value> kra </param-value> </init-param>
+ <init-param><param-name> templatePath </param-name>
+ <param-value> /agent/kra/displayBySerialForRecovery.template </param-value> </init-param>
+ <init-param><param-name> ID </param-name>
+ <param-value> kraKRADisplayBySerialForRecovery </param-value> </init-param>
+ <init-param><param-name> AuthMgr </param-name>
+ <param-value> certUserDBAuthMgr </param-value> </init-param>
+ <init-param><param-name> resourceID </param-name>
+ <param-value> certServer.kra.key </param-value> </init-param>
+ </servlet>
+
+ <servlet>
+ <servlet-name> kraGetConfigEntries </servlet-name>
+ <servlet-class> com.netscape.cms.servlet.csadmin.GetConfigEntries </servlet-class>
+ <init-param><param-name> GetClientCert </param-name>
+ <param-value> false </param-value> </init-param>
+ <init-param><param-name> authority </param-name>
+ <param-value> kra </param-value> </init-param>
+ <init-param><param-name> ID </param-name>
+ <param-value> kraGetConfigEntries </param-value> </init-param>
+ <init-param><param-name> AuthzMgr </param-name>
+ <param-value> BasicAclAuthz </param-value> </init-param>
+ <init-param><param-name> AuthMgr </param-name>
+ <param-value> TokenAuth </param-value> </init-param>
+ <init-param><param-name> resourceID </param-name>
+ <param-value> certServer.clone.configuration.GetConfigEntries </param-value> </init-param>
+ </servlet>
+
+ <servlet>
+ <servlet-name> kraKRAGrantRecovery </servlet-name>
+ <servlet-class> com.netscape.cms.servlet.key.GrantRecovery </servlet-class>
+ <init-param><param-name> GetClientCert </param-name>
+ <param-value> true </param-value> </init-param>
+ <init-param><param-name> AuthzMgr </param-name>
+ <param-value> BasicAclAuthz </param-value> </init-param>
+ <init-param><param-name> authority </param-name>
+ <param-value> kra </param-value> </init-param>
+ <init-param><param-name> templatePath </param-name>
+ <param-value> /agent/kra/grantRecovery.template</param-value> </init-param>
+ <init-param><param-name> ID </param-name>
+ <param-value> kraKRAGrantRecovery </param-value> </init-param>
+ <init-param><param-name> AuthMgr </param-name>
+ <param-value> certUserDBAuthMgr </param-value> </init-param>
+ <init-param><param-name> resourceID </param-name>
+ <param-value> certServer.kra.key </param-value> </init-param>
+ </servlet>
+
+ <servlet>
+ <servlet-name> kraKRAGrantAsyncRecovery </servlet-name>
+ <servlet-class> com.netscape.cms.servlet.key.GrantAsyncRecovery </servlet-class>
+ <init-param><param-name> GetClientCert </param-name>
+ <param-value> true </param-value> </init-param>
+ <init-param><param-name> AuthzMgr </param-name>
+ <param-value> BasicAclAuthz </param-value> </init-param>
+ <init-param><param-name> authority </param-name>
+ <param-value> kra </param-value> </init-param>
+ <init-param><param-name> templatePath </param-name>
+ <param-value> /agent/kra/grantAsyncRecovery.template</param-value> </init-param>
+ <init-param><param-name> ID </param-name>
+ <param-value> kraKRAGrantAsyncRecovery </param-value> </init-param>
+ <init-param><param-name> AuthMgr </param-name>
+ <param-value> certUserDBAuthMgr </param-value> </init-param>
+ <init-param><param-name> resourceID </param-name>
+ <param-value> certServer.kra.key </param-value> </init-param>
+ </servlet>
+
+ <servlet>
+ <servlet-name> kraports </servlet-name>
+ <servlet-class> com.netscape.cms.servlet.base.PortsServlet </servlet-class>
+ <init-param><param-name> ID </param-name>
+ <param-value> kraports </param-value> </init-param>
+ <init-param><param-name> GetClientCert </param-name>
+ <param-value> false </param-value> </init-param>
+ <init-param><param-name> interface </param-name>
+ <param-value> ee </param-value> </init-param>
+ </servlet>
+
+ <servlet>
+ <servlet-name> kraKRADisplayTransport </servlet-name>
+ <servlet-class> com.netscape.cms.servlet.key.DisplayTransport </servlet-class>
+ <init-param><param-name> GetClientCert </param-name>
+ <param-value> true </param-value> </init-param>
+ <init-param><param-name> AuthzMgr </param-name>
+ <param-value> BasicAclAuthz </param-value> </init-param>
+ <init-param><param-name> authority </param-name>
+ <param-value> kra </param-value> </init-param>
+ <init-param><param-name> ID </param-name>
+ <param-value> kraKRADisplayTransport </param-value> </init-param>
+ <init-param><param-name> AuthMgr </param-name>
+ <param-value> certUserDBAuthMgr </param-value> </init-param>
+ <init-param><param-name> resourceID </param-name>
+ <param-value> certServer.kra.certificate.transport </param-value> </init-param>
+ </servlet>
+
+ <servlet>
+ <servlet-name> kraRegisterUser </servlet-name>
+ <servlet-class> com.netscape.cms.servlet.csadmin.RegisterUser </servlet-class>
+ <init-param><param-name> GetClientCert </param-name>
+ <param-value> false </param-value> </init-param>
+ <init-param><param-name> authority </param-name>
+ <param-value> kra </param-value> </init-param>
+ <init-param><param-name> ID </param-name>
+ <param-value> kraRegisterUser </param-value> </init-param>
+ <init-param><param-name> GroupName </param-name>
+ <param-value> Data Recovery Manager Agents </param-value> </init-param>
+ <init-param><param-name> AuthMgr </param-name>
+ <param-value> TokenAuth </param-value> </init-param>
+ <init-param><param-name> AuthzMgr </param-name>
+ <param-value> BasicAclAuthz </param-value> </init-param>
+ <init-param><param-name> resourceID </param-name>
+ <param-value> certServer.kra.registerUser </param-value> </init-param>
+ </servlet>
+
+ <servlet>
+ <servlet-name> kraGetTransportCert </servlet-name>
+ <servlet-class> com.netscape.cms.servlet.csadmin.GetTransportCert </servlet-class>
+ <init-param><param-name> GetClientCert </param-name>
+ <param-value> false </param-value> </init-param>
+ <init-param><param-name> authority </param-name>
+ <param-value> kra </param-value> </init-param>
+ <init-param><param-name> ID </param-name>
+ <param-value> kraGetTransportCert </param-value> </init-param>
+ <init-param><param-name> AuthMgr </param-name>
+ <param-value> TokenAuth </param-value> </init-param>
+ <init-param><param-name> AuthzMgr </param-name>
+ <param-value> BasicAclAuthz </param-value> </init-param>
+ <init-param><param-name> resourceID </param-name>
+ <param-value> certServer.kra.getTransportCert </param-value> </init-param>
+ </servlet>
+
+ <servlet>
+ <servlet-name> kraKRARecoverBySerial </servlet-name>
+ <servlet-class> com.netscape.cms.servlet.key.RecoverBySerial </servlet-class>
+ <init-param><param-name> GetClientCert </param-name>
+ <param-value> true </param-value> </init-param>
+ <init-param><param-name> AuthzMgr </param-name>
+ <param-value> BasicAclAuthz </param-value> </init-param>
+ <init-param><param-name> authority </param-name>
+ <param-value> kra </param-value> </init-param>
+ <init-param><param-name> templatePath </param-name>
+ <param-value> /agent/kra/recoverBySerial.template</param-value> </init-param>
+ <init-param><param-name> ID </param-name>
+ <param-value> kraKRARecoverBySerial </param-value> </init-param>
+ <init-param><param-name> AuthMgr </param-name>
+ <param-value> certUserDBAuthMgr </param-value> </init-param>
+ <init-param><param-name> resourceID </param-name>
+ <param-value> certServer.kra.key </param-value> </init-param>
+ </servlet>
+
+ <servlet>
+ <servlet-name> kraDynamicVariables </servlet-name>
+ <servlet-class> com.netscape.cms.servlet.base.DynamicVariablesServlet </servlet-class>
+ <init-param><param-name> ID </param-name>
+ <param-value> kraDynamicVariables </param-value> </init-param>
+ <init-param><param-name> GetClientCert </param-name>
+ <param-value> false </param-value> </init-param>
+ <init-param><param-name> dynamicVariables </param-name>
+ <param-value> serverdate=serverdate(),subsystemname=subsystemname(),http=http(),authmgrs=authmgrs(),clacrlurl=clacrlurl() </param-value> </init-param>
+ <init-param><param-name> authority </param-name>
+ <param-value> kra </param-value> </init-param>
+ </servlet>
+
+ <servlet>
+ <servlet-name> kraheader </servlet-name>
+ <servlet-class> com.netscape.cms.servlet.base.IndexServlet </servlet-class>
+ <init-param><param-name> templatePath </param-name>
+ <param-value> /agent/header.template</param-value> </init-param>
+ <init-param><param-name> ID </param-name>
+ <param-value> kraheader </param-value> </init-param>
+ <init-param><param-name> GetClientCert </param-name>
+ <param-value> true </param-value> </init-param>
+ <init-param><param-name> AuthMgr </param-name>
+ <param-value> certUserDBAuthMgr </param-value> </init-param>
+ <init-param><param-name> template </param-name>
+ <param-value> /agent/header.template </param-value> </init-param>
+ </servlet>
+
+ <servlet>
+ <servlet-name> kraTokenKeyRecovery </servlet-name>
+ <servlet-class> com.netscape.cms.servlet.connector.TokenKeyRecoveryServlet </servlet-class>
+ <init-param><param-name> GetClientCert </param-name>
+ <param-value> true </param-value> </init-param>
+ <init-param><param-name> AuthzMgr </param-name>
+ <param-value> BasicAclAuthz </param-value> </init-param>
+ <init-param><param-name> authority </param-name>
+ <param-value> kra </param-value> </init-param>
+ <init-param><param-name> ID </param-name>
+ <param-value> kraTokenKeyRecovery </param-value> </init-param>
+ <init-param><param-name> AuthMgr </param-name>
+ <param-value> certUserDBAuthMgr </param-value> </init-param>
+ <init-param><param-name> resourceID </param-name>
+ <param-value> certServer.kra.TokenKeyRecovery </param-value> </init-param>
+ </servlet>
+
+ <servlet>
+ <servlet-name> kraSrchRecoverKey </servlet-name>
+ <servlet-class> com.netscape.cms.servlet.base.DisplayHtmlServlet </servlet-class>
+ <init-param><param-name> GetClientCert </param-name>
+ <param-value> true </param-value> </init-param>
+ <init-param><param-name> htmlPath </param-name>
+ <param-value> /agent/kra/SrchRecoverKey.html </param-value> </init-param>
+ <init-param><param-name> authority </param-name>
+ <param-value> kra </param-value> </init-param>
+ <init-param><param-name> interface </param-name>
+ <param-value> agent </param-value> </init-param>
+ <init-param><param-name> templatePath </param-name>
+ <param-value> /agent/kra/srchKeyForRecovery.template</param-value> </init-param>
+ <init-param><param-name> ID </param-name>
+ <param-value> kraSrchRecoverKey </param-value> </init-param>
+ <init-param><param-name> unauthorizedTemplate </param-name>
+ <param-value> /agent/kra/GenUnauthorized.template </param-value> </init-param>
+ <init-param><param-name> AuthMgr </param-name>
+ <param-value> certUserDBAuthMgr </param-value> </init-param>
+ </servlet>
+
+ <servlet>
+ <servlet-name> kraConnector </servlet-name>
+ <servlet-class> com.netscape.cms.servlet.connector.ConnectorServlet </servlet-class>
+ <init-param><param-name> GetClientCert </param-name>
+ <param-value> true </param-value> </init-param>
+ <init-param><param-name> AuthzMgr </param-name>
+ <param-value> BasicAclAuthz </param-value> </init-param>
+ <init-param><param-name> authority </param-name>
+ <param-value> kra </param-value> </init-param>
+ <init-param><param-name> ID </param-name>
+ <param-value> kraConnector </param-value> </init-param>
+ <init-param><param-name> RequestEncoder </param-name>
+ <param-value> com.netscape.cmscore.connector.HttpRequestEncoder </param-value> </init-param>
+ <init-param><param-name> resourceID </param-name>
+ <param-value> certServer.kra.connector </param-value> </init-param>
+ <init-param><param-name> AuthMgr </param-name>
+ <param-value> certUserDBAuthMgr </param-value> </init-param>
+ </servlet>
+
+ <servlet>
+ <servlet-name> kraSrchKey </servlet-name>
+ <servlet-class> com.netscape.cms.servlet.base.DisplayHtmlServlet </servlet-class>
+ <init-param><param-name> GetClientCert </param-name>
+ <param-value> true </param-value> </init-param>
+ <init-param><param-name> htmlPath </param-name>
+ <param-value> /agent/kra/SrchKey.html </param-value> </init-param>
+ <init-param><param-name> authority </param-name>
+ <param-value> kra </param-value> </init-param>
+ <init-param><param-name> interface </param-name>
+ <param-value> agent </param-value> </init-param>
+ <init-param><param-name> templatePath </param-name>
+ <param-value> /agent/kra/srchKey.template</param-value> </init-param>
+ <init-param><param-name> ID </param-name>
+ <param-value> kraSrchKey </param-value> </init-param>
+ <init-param><param-name> unauthorizedTemplate </param-name>
+ <param-value> /agent/kra/GenUnauthorized.template </param-value> </init-param>
+ <init-param><param-name> AuthMgr </param-name>
+ <param-value> certUserDBAuthMgr </param-value> </init-param>
+ </servlet>
+
+ <servlet>
+ <servlet-name> kraListRequests </servlet-name>
+ <servlet-class> com.netscape.cms.servlet.base.DisplayHtmlServlet </servlet-class>
+ <init-param><param-name> GetClientCert </param-name>
+ <param-value> true </param-value> </init-param>
+ <init-param><param-name> htmlPath </param-name>
+ <param-value> /agent/kra/ListRequests.html </param-value> </init-param>
+ <init-param><param-name> authority </param-name>
+ <param-value> kra </param-value> </init-param>
+ <init-param><param-name> interface </param-name>
+ <param-value> agent </param-value> </init-param>
+ <init-param><param-name> templatePath </param-name>
+ <param-value> /agent/kra/ListRequests.template</param-value> </init-param>
+ <init-param><param-name> ID </param-name>
+ <param-value> kraListRequests </param-value> </init-param>
+ <init-param><param-name> unauthorizedTemplate </param-name>
+ <param-value> /agent/kra/GenUnauthorized.template </param-value> </init-param>
+ <init-param><param-name> AuthMgr </param-name>
+ <param-value> certUserDBAuthMgr </param-value> </init-param>
+ </servlet>
+
+ <servlet>
+ <servlet-name> kraGenerateKeyPair </servlet-name>
+ <servlet-class> com.netscape.cms.servlet.connector.GenerateKeyPairServlet </servlet-class>
+ <init-param><param-name> GetClientCert </param-name>
+ <param-value> true </param-value> </init-param>
+ <init-param><param-name> AuthzMgr </param-name>
+ <param-value> BasicAclAuthz </param-value> </init-param>
+ <init-param><param-name> authority </param-name>
+ <param-value> kra </param-value> </init-param>
+ <init-param><param-name> ID </param-name>
+ <param-value> kraGenerateKeyPair </param-value> </init-param>
+ <init-param><param-name> AuthMgr </param-name>
+ <param-value> certUserDBAuthMgr </param-value> </init-param>
+ <init-param><param-name> resourceID </param-name>
+ <param-value> certServer.kra.GenerateKeyPair </param-value> </init-param>
+ </servlet>
+
+ <servlet>
+ <servlet-name> kraindex </servlet-name>
+ <servlet-class> com.netscape.cms.servlet.base.IndexServlet </servlet-class>
+ <init-param><param-name> ID </param-name>
+ <param-value> kraindex </param-value> </init-param>
+ <init-param><param-name> template </param-name>
+ <param-value> index.template </param-value> </init-param>
+ <init-param><param-name> GetClientCert </param-name>
+ <param-value> true </param-value> </init-param>
+ <init-param><param-name> AuthMgr </param-name>
+ <param-value> certUserDBAuthMgr </param-value> </init-param>
+ </servlet>
+
+ <servlet>
+ <servlet-name> kraKRAGetApprovalStatus </servlet-name>
+ <servlet-class> com.netscape.cms.servlet.key.GetApprovalStatus </servlet-class>
+ <init-param><param-name> GetClientCert </param-name>
+ <param-value> true </param-value> </init-param>
+ <init-param><param-name> AuthzMgr </param-name>
+ <param-value> BasicAclAuthz </param-value> </init-param>
+ <init-param><param-name> authority </param-name>
+ <param-value> kra </param-value> </init-param>
+ <init-param><param-name> templatePath </param-name>
+ <param-value> /agent/kra/getApprovalStatus.template</param-value> </init-param>
+ <init-param><param-name> ID </param-name>
+ <param-value> kraKRAGetApprovalStatus </param-value> </init-param>
+ <init-param><param-name> AuthMgr </param-name>
+ <param-value> certUserDBAuthMgr </param-value> </init-param>
+ <init-param><param-name> resourceID </param-name>
+ <param-value> certServer.kra.request.status </param-value> </init-param>
+ </servlet>
+
+ <servlet>
+ <servlet-name> kraKRAProcessReq </servlet-name>
+ <servlet-class> com.netscape.cms.servlet.request.ProcessReq </servlet-class>
+ <init-param><param-name> GetClientCert </param-name>
+ <param-value> true </param-value> </init-param>
+ <init-param><param-name> parser </param-name>
+ <param-value> KeyReqParser.PARSER </param-value> </init-param>
+ <init-param><param-name> AuthzMgr </param-name>
+ <param-value> BasicAclAuthz </param-value> </init-param>
+ <init-param><param-name> authority </param-name>
+ <param-value> kra </param-value> </init-param>
+ <init-param><param-name> templatePath </param-name>
+ <param-value> /agent/kra/processReq.template</param-value> </init-param>
+ <init-param><param-name> ID </param-name>
+ <param-value> kraKRAProcessReq </param-value> </init-param>
+ <init-param><param-name> resourceID </param-name>
+ <param-value> certServer.kra.request </param-value> </init-param>
+ <init-param><param-name> AuthMgr </param-name>
+ <param-value> certUserDBAuthMgr </param-value> </init-param>
+ </servlet>
+
+ <servlet>
+ <servlet-name> kraKRAExamineRecovery </servlet-name>
+ <servlet-class> com.netscape.cms.servlet.key.ExamineRecovery </servlet-class>
+ <init-param><param-name> GetClientCert </param-name>
+ <param-value> true </param-value> </init-param>
+ <init-param><param-name> AuthzMgr </param-name>
+ <param-value> BasicAclAuthz </param-value> </init-param>
+ <init-param><param-name> authority </param-name>
+ <param-value> kra </param-value> </init-param>
+ <init-param><param-name> interface </param-name>
+ <param-value> agent </param-value> </init-param>
+ <init-param><param-name> templatePath </param-name>
+ <param-value> /agent/kra/examineRecovery.template</param-value> </init-param>
+ <init-param><param-name> ID </param-name>
+ <param-value> kraKRAExamineRecovery </param-value> </init-param>
+ <init-param><param-name> AuthMgr </param-name>
+ <param-value> certUserDBAuthMgr </param-value> </init-param>
+ <init-param><param-name> resourceID </param-name>
+ <param-value> certServer.kra.key </param-value> </init-param>
+ </servlet>
+
+ <servlet>
+ <servlet-name> kraKRASrchKey </servlet-name>
+ <servlet-class> com.netscape.cms.servlet.key.SrchKey </servlet-class>
+ <init-param><param-name> GetClientCert </param-name>
+ <param-value> true </param-value> </init-param>
+ <init-param><param-name> AuthzMgr </param-name>
+ <param-value> BasicAclAuthz </param-value> </init-param>
+ <init-param><param-name> authority </param-name>
+ <param-value> kra </param-value> </init-param>
+ <init-param><param-name> templatePath </param-name>
+ <param-value> /agent/kra/srchKey.template</param-value> </init-param>
+ <init-param><param-name> ID </param-name>
+ <param-value> kraKRASrchKey </param-value> </init-param>
+ <init-param><param-name> AuthMgr </param-name>
+ <param-value> certUserDBAuthMgr </param-value> </init-param>
+ <init-param><param-name> resourceID </param-name>
+ <param-value> certServer.kra.keys </param-value> </init-param>
+ </servlet>
+
+ <servlet>
+ <servlet-name> kraKRAGetPk12 </servlet-name>
+ <servlet-class> com.netscape.cms.servlet.key.GetPk12 </servlet-class>
+ <init-param><param-name> GetClientCert </param-name>
+ <param-value> true </param-value> </init-param>
+ <init-param><param-name> AuthzMgr </param-name>
+ <param-value> BasicAclAuthz </param-value> </init-param>
+ <init-param><param-name> authority </param-name>
+ <param-value> kra </param-value> </init-param>
+ <init-param><param-name> ID </param-name>
+ <param-value> kraKRAGetPk12 </param-value> </init-param>
+ <init-param><param-name> AuthMgr </param-name>
+ <param-value> certUserDBAuthMgr </param-value> </init-param>
+ <init-param><param-name> resourceID </param-name>
+ <param-value> certServer.kra.key </param-value> </init-param>
+ </servlet>
+
+ <servlet>
+ <servlet-name> kraKRAGetAsyncPk12 </servlet-name>
+ <servlet-class> com.netscape.cms.servlet.key.GetAsyncPk12 </servlet-class>
+ <init-param><param-name> GetClientCert </param-name>
+ <param-value> true </param-value> </init-param>
+ <init-param><param-name> AuthzMgr </param-name>
+ <param-value> BasicAclAuthz </param-value> </init-param>
+ <init-param><param-name> authority </param-name>
+ <param-value> kra </param-value> </init-param>
+ <init-param><param-name> ID </param-name>
+ <param-value> kraKRAGetAsyncPk12 </param-value> </init-param>
+ <init-param><param-name> AuthMgr </param-name>
+ <param-value> certUserDBAuthMgr </param-value> </init-param>
+ <init-param><param-name> resourceID </param-name>
+ <param-value> certServer.kra.key </param-value> </init-param>
+ </servlet>
+
+ <servlet>
+ <servlet-name> kraGrantRecovery </servlet-name>
+ <servlet-class> com.netscape.cms.servlet.base.DisplayHtmlServlet </servlet-class>
+ <init-param><param-name> GetClientCert </param-name>
+ <param-value> true </param-value> </init-param>
+ <init-param><param-name> htmlPath </param-name>
+ <param-value> /agent/kra/GrantRecovery.html </param-value> </init-param>
+ <init-param><param-name> authority </param-name>
+ <param-value> kra </param-value> </init-param>
+ <init-param><param-name> interface </param-name>
+ <param-value> agent </param-value> </init-param>
+ <init-param><param-name> templatePath </param-name>
+ <param-value> /agent/kra/grantRecovery.template</param-value> </init-param>
+ <init-param><param-name> ID </param-name>
+ <param-value> kraGrantRecovery </param-value> </init-param>
+ <init-param><param-name> unauthorizedTemplate </param-name>
+ <param-value> /agent/kra/GenUnauthorized.template </param-value> </init-param>
+ <init-param><param-name> AuthMgr </param-name>
+ <param-value> certUserDBAuthMgr </param-value> </init-param>
+ </servlet>
+
+ <servlet>
+ <servlet-name> kraKRASrchKeyForRecovery </servlet-name>
+ <servlet-class> com.netscape.cms.servlet.key.SrchKeyForRecovery </servlet-class>
+ <init-param><param-name> GetClientCert </param-name>
+ <param-value> true </param-value> </init-param>
+ <init-param><param-name> AuthzMgr </param-name>
+ <param-value> BasicAclAuthz </param-value> </init-param>
+ <init-param><param-name> authority </param-name>
+ <param-value> kra </param-value> </init-param>
+ <init-param><param-name> templatePath </param-name>
+ <param-value> /agent/kra/srchKeyForRecovery.template</param-value> </init-param>
+ <init-param><param-name> ID </param-name>
+ <param-value> kraKRASrchKeyForRecovery </param-value> </init-param>
+ <init-param><param-name> AuthMgr </param-name>
+ <param-value> certUserDBAuthMgr </param-value> </init-param>
+ <init-param><param-name> resourceID </param-name>
+ <param-value> certServer.kra.keys </param-value> </init-param>
+ </servlet>
+
+ <servlet>
+ <servlet-name> krakraqueryReq </servlet-name>
+ <servlet-class> com.netscape.cms.servlet.request.QueryReq </servlet-class>
+ <init-param><param-name> GetClientCert </param-name>
+ <param-value> true </param-value> </init-param>
+ <init-param><param-name> parser </param-name>
+ <param-value> CertReqParser.NODETAIL_PARSER </param-value> </init-param>
+ <init-param><param-name> AuthzMgr </param-name>
+ <param-value> BasicAclAuthz </param-value> </init-param>
+ <init-param><param-name> authority </param-name>
+ <param-value> kra </param-value> </init-param>
+ <init-param><param-name> templatePath </param-name>
+ <param-value> /agent/kra/queryReq.template</param-value> </init-param>
+ <init-param><param-name> ID </param-name>
+ <param-value> krakraqueryReq </param-value> </init-param>
+ <init-param><param-name> resourceID </param-name>
+ <param-value> certServer.kra.requests </param-value> </init-param>
+ <init-param><param-name> AuthMgr </param-name>
+ <param-value> certUserDBAuthMgr </param-value> </init-param>
+ </servlet>
+
+ <servlet>
+ <servlet-name> kraKRADisplayBySerial </servlet-name>
+ <servlet-class> com.netscape.cms.servlet.key.DisplayBySerial </servlet-class>
+ <init-param><param-name> GetClientCert </param-name>
+ <param-value> true </param-value> </init-param>
+ <init-param><param-name> AuthzMgr </param-name>
+ <param-value> BasicAclAuthz </param-value> </init-param>
+ <init-param><param-name> authority </param-name>
+ <param-value> kra </param-value> </init-param>
+ <init-param><param-name> templatePath </param-name>
+ <param-value> /agent/kra/displayBySerial.template</param-value> </init-param>
+ <init-param><param-name> ID </param-name>
+ <param-value> kraKRADisplayBySerial </param-value> </init-param>
+ <init-param><param-name> AuthMgr </param-name>
+ <param-value> certUserDBAuthMgr </param-value> </init-param>
+ <init-param><param-name> resourceID </param-name>
+ <param-value> certServer.kra.key </param-value> </init-param>
+ </servlet>
+
+ <servlet>
+ <servlet-name> krapolicy </servlet-name>
+ <servlet-class> com.netscape.cms.servlet.admin.PolicyAdminServlet </servlet-class>
+ <init-param><param-name> ID </param-name>
+ <param-value> krapolicy </param-value> </init-param>
+ <init-param><param-name> AuthzMgr </param-name>
+ <param-value> BasicAclAuthz </param-value> </init-param>
+ <init-param><param-name> authority </param-name>
+ <param-value> kra </param-value> </init-param>
+ </servlet>
+
+<!--
+ <servlet>
+ <servlet-name> krajobsScheduler </servlet-name>
+ <servlet-class> com.netscape.cms.servlet.admin.JobsAdminServlet </servlet-class>
+ <init-param><param-name> ID </param-name>
+ <param-value> krajobsScheduler </param-value> </init-param>
+ <init-param><param-name> AuthzMgr </param-name>
+ <param-value> BasicAclAuthz </param-value> </init-param>
+ </servlet>
+-->
+
+ <servlet>
+ <servlet-name> kraauths </servlet-name>
+ <servlet-class> com.netscape.cms.servlet.admin.AuthAdminServlet </servlet-class>
+ <init-param><param-name> ID </param-name>
+ <param-value> kraauths </param-value> </init-param>
+ <init-param><param-name> AuthzMgr </param-name>
+ <param-value> BasicAclAuthz </param-value> </init-param>
+ </servlet>
+
+ <servlet>
+ <servlet-name> krastart </servlet-name>
+ <servlet-class> com.netscape.cms.servlet.base.CMSStartServlet </servlet-class>
+ <init-param><param-name> AuthzMgr </param-name>
+ <param-value> BasicAclAuthz </param-value> </init-param>
+ <init-param><param-name> cfgPath </param-name>
+ <param-value> [PKI_INSTANCE_PATH]/conf/CS.cfg </param-value> </init-param>
+ <init-param><param-name> ID </param-name>
+ <param-value> krastart </param-value> </init-param>
+ <load-on-startup> 1 </load-on-startup>
+ </servlet>
+
+ <servlet>
+ <servlet-name> kraacl </servlet-name>
+ <servlet-class> com.netscape.cms.servlet.admin.ACLAdminServlet </servlet-class>
+ <init-param><param-name> ID </param-name>
+ <param-value> kraacl </param-value> </init-param>
+ <init-param><param-name> AuthzMgr </param-name>
+ <param-value> BasicAclAuthz </param-value> </init-param>
+ </servlet>
+
+ <servlet>
+ <servlet-name> kraug </servlet-name>
+ <servlet-class> com.netscape.cms.servlet.admin.UsrGrpAdminServlet </servlet-class>
+ <init-param><param-name> ID </param-name>
+ <param-value> kraug </param-value> </init-param>
+ <init-param><param-name> AuthzMgr </param-name>
+ <param-value> BasicAclAuthz </param-value> </init-param>
+ </servlet>
+
+
+ <servlet>
+ <servlet-name> kraserver </servlet-name>
+ <servlet-class> com.netscape.cms.servlet.admin.CMSAdminServlet </servlet-class>
+ <init-param><param-name> ID </param-name>
+ <param-value> kraserver </param-value> </init-param>
+ <init-param><param-name> AuthzMgr </param-name>
+ <param-value> BasicAclAuthz </param-value> </init-param>
+ </servlet>
+
+ <servlet>
+ <servlet-name> krakra </servlet-name>
+ <servlet-class> com.netscape.cms.servlet.admin.KRAAdminServlet </servlet-class>
+ <init-param><param-name> ID </param-name>
+ <param-value> krakra </param-value> </init-param>
+ <init-param><param-name> AuthzMgr </param-name>
+ <param-value> BasicAclAuthz </param-value> </init-param>
+ </servlet>
+
+ <servlet>
+ <servlet-name> kralog </servlet-name>
+ <servlet-class> com.netscape.cms.servlet.admin.LogAdminServlet </servlet-class>
+ <init-param><param-name> ID </param-name>
+ <param-value> kralog </param-value> </init-param>
+ <init-param><param-name> AuthzMgr </param-name>
+ <param-value> BasicAclAuthz </param-value> </init-param>
+ </servlet>
+
+ <servlet>
+ <servlet-name> services </servlet-name>
+ <servlet-class> com.netscape.cms.servlet.csadmin.MainPageServlet </servlet-class>
+ <init-param><param-name> GetClientCert </param-name>
+ <param-value> false </param-value> </init-param>
+ <init-param><param-name> authorityId </param-name>
+ <param-value> kra </param-value> </init-param>
+ <init-param><param-name> ID </param-name>
+ <param-value> services </param-value> </init-param>
+ <init-param><param-name> templatePath </param-name>
+ <param-value> /services.template </param-value> </init-param>
+ </servlet>
+
+ <servlet>
+ <servlet-name> kraUpdateNumberRange </servlet-name>
+ <servlet-class> com.netscape.cms.servlet.csadmin.UpdateNumberRange </servlet-class>
+ <init-param><param-name> GetClientCert </param-name>
+ <param-value> false </param-value> </init-param>
+ <init-param><param-name> authority </param-name>
+ <param-value> kra </param-value> </init-param>
+ <init-param><param-name> ID </param-name>
+ <param-value> kraUpdateNumberRange </param-value> </init-param>
+ <init-param><param-name> interface </param-name>
+ <param-value> ee </param-value> </init-param>
+ <init-param><param-name> AuthMgr </param-name>
+ <param-value> TokenAuth </param-value> </init-param>
+ <init-param><param-name> AuthzMgr </param-name>
+ <param-value> BasicAclAuthz </param-value> </init-param>
+ <init-param><param-name> resourceID </param-name>
+ <param-value> certServer.clone.configuration.UpdateNumberRange </param-value> </init-param>
+ </servlet>
+
+ <servlet>
+ <servlet-name> kraDownloadPKCS12 </servlet-name>
+ <servlet-class> com.netscape.cms.servlet.csadmin.DownloadPKCS12 </servlet-class>
+ <init-param><param-name> GetClientCert </param-name>
+ <param-value> false </param-value> </init-param>
+ <init-param><param-name> authority </param-name>
+ <param-value> kra </param-value> </init-param>
+ <init-param><param-name> ID </param-name>
+ <param-value> kraDownloadPKCS12 </param-value> </init-param>
+ <init-param><param-name> interface </param-name>
+ <param-value> ee </param-value> </init-param>
+ <init-param><param-name> AuthMgr </param-name>
+ <param-value> TokenAuth </param-value> </init-param>
+ <init-param><param-name> AuthzMgr </param-name>
+ <param-value> BasicAclAuthz </param-value> </init-param>
+ <init-param><param-name> resourceID </param-name>
+ <param-value> certServer.clone.configuration </param-value> </init-param>
+ </servlet>
+
+ <servlet>
+ <servlet-name> kraGetTokenInfo </servlet-name>
+ <servlet-class> com.netscape.cms.servlet.csadmin.GetTokenInfo </servlet-class>
+ <init-param><param-name> GetClientCert </param-name>
+ <param-value> false </param-value> </init-param>
+ <init-param><param-name> authority </param-name>
+ <param-value> kra </param-value> </init-param>
+ <init-param><param-name> ID </param-name>
+ <param-value> kraGetTokenInfo </param-value> </init-param>
+ <init-param><param-name> interface </param-name>
+ <param-value> ee </param-value> </init-param>
+ </servlet>
+
+ <context-param>
+ <param-name>resteasy.scan</param-name>
+ <param-value>true</param-value>
+ </context-param>
+
+ <context-param>
+ <param-name>resteasy.servlet.mapping.prefix</param-name>
+ <param-value>/pki</param-value>
+ </context-param>
+
+ <context-param>
+ <param-name>resteasy.resource.method-interceptors</param-name>
+ <param-value>
+ org.jboss.resteasy.core.ResourceMethodSecurityInterceptor
+ </param-value>
+ </context-param>
+
+ <servlet>
+ <servlet-name>Resteasy</servlet-name>
+ <servlet-class>org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher</servlet-class>
+ </servlet>
+
+[PKI_OPEN_SEPARATE_PORTS_WEB_COMMENT]
+ <filter-mapping>
+ <filter-name> AgentRequestFilter </filter-name>
+ <url-pattern> /agent/* </url-pattern>
+ </filter-mapping>
+
+ <filter-mapping>
+ <filter-name> AdminRequestFilter </filter-name>
+ <url-pattern> /admin/* </url-pattern>
+ <url-pattern> /auths </url-pattern>
+ <url-pattern> /server </url-pattern>
+ <url-pattern> /log </url-pattern>
+ <url-pattern> /ug </url-pattern>
+ <url-pattern> /acl </url-pattern>
+ <url-pattern> /kra </url-pattern>
+ </filter-mapping>
+
+ <filter-mapping>
+ <filter-name> EERequestFilter </filter-name>
+ <url-pattern> /ee/* </url-pattern>
+ </filter-mapping>
+[PKI_CLOSE_SEPARATE_PORTS_WEB_COMMENT]
+
+ <servlet-mapping>
+ <servlet-name>Resteasy</servlet-name>
+ <url-pattern>/pki/*</url-pattern>
+ </servlet-mapping>
+
+ <servlet-mapping>
+ <servlet-name> kraserver </servlet-name>
+ <url-pattern> /server </url-pattern>
+ </servlet-mapping>
+
+ <servlet-mapping>
+ <servlet-name> krakra </servlet-name>
+ <url-pattern> /kra </url-pattern>
+ </servlet-mapping>
+
+ <servlet-mapping>
+ <servlet-name> kralog </servlet-name>
+ <url-pattern> /log </url-pattern>
+ </servlet-mapping>
+
+
+ <servlet-mapping>
+ <servlet-name> kraug </servlet-name>
+ <url-pattern> /ug </url-pattern>
+ </servlet-mapping>
+
+ <servlet-mapping>
+ <servlet-name> krastart </servlet-name>
+ <url-pattern> /start </url-pattern>
+ </servlet-mapping>
+
+ <servlet-mapping>
+ <servlet-name> kraacl </servlet-name>
+ <url-pattern> /acl </url-pattern>
+ </servlet-mapping>
+
+ <servlet-mapping>
+ <servlet-name> kraauths </servlet-name>
+ <url-pattern> /auths </url-pattern>
+ </servlet-mapping>
+
+<!--
+ <servlet-mapping>
+ <servlet-name> krajobsScheduler </servlet-name>
+ <url-pattern> /jobsScheduler </url-pattern>
+ </servlet-mapping>
+-->
+
+ <servlet-mapping>
+ <servlet-name> krapolicy </servlet-name>
+ <url-pattern> /krapolicy </url-pattern>
+ </servlet-mapping>
+
+ <servlet-mapping>
+ <servlet-name> kraKRADisplayBySerialForRecovery </servlet-name>
+ <url-pattern> /agent/kra/displayBySerialForRecovery </url-pattern>
+ </servlet-mapping>
+
+ <servlet-mapping>
+ <servlet-name> kraKRAGrantRecovery </servlet-name>
+ <url-pattern> /agent/kra/grantRecovery </url-pattern>
+ </servlet-mapping>
+
+ <servlet-mapping>
+ <servlet-name> kraKRAGrantAsyncRecovery </servlet-name>
+ <url-pattern> /agent/kra/grantAsyncRecovery </url-pattern>
+ </servlet-mapping>
+
+ <servlet-mapping>
+ <servlet-name> kraports </servlet-name>
+ <url-pattern> /ee/kra/ports </url-pattern>
+ </servlet-mapping>
+
+ <servlet-mapping>
+ <servlet-name> kraKRADisplayTransport </servlet-name>
+ <url-pattern> /agent/kra/displayTransportCert </url-pattern>
+ </servlet-mapping>
+
+ <servlet-mapping>
+ <servlet-name> kraKRARecoverBySerial </servlet-name>
+ <url-pattern> /agent/kra/recoverBySerial </url-pattern>
+ </servlet-mapping>
+
+ <servlet-mapping>
+ <servlet-name> kraDynamicVariables </servlet-name>
+ <url-pattern> /dynamicVars.js </url-pattern>
+ </servlet-mapping>
+
+ <servlet-mapping>
+ <servlet-name> kraheader </servlet-name>
+ <url-pattern> /agent/header </url-pattern>
+ </servlet-mapping>
+
+ <servlet-mapping>
+ <servlet-name> kraTokenKeyRecovery </servlet-name>
+ <url-pattern> /agent/kra/TokenKeyRecovery </url-pattern>
+ </servlet-mapping>
+
+ <servlet-mapping>
+ <servlet-name> kraSrchRecoverKey </servlet-name>
+ <url-pattern> /agent/kra/srchRecoverKey.html </url-pattern>
+ </servlet-mapping>
+
+ <servlet-mapping>
+ <servlet-name> kraConnector </servlet-name>
+ <url-pattern> /agent/kra/connector </url-pattern>
+ </servlet-mapping>
+
+ <servlet-mapping>
+ <servlet-name> kraSrchKey </servlet-name>
+ <url-pattern> /agent/kra/srchKey.html </url-pattern>
+ </servlet-mapping>
+
+ <servlet-mapping>
+ <servlet-name> kraListRequests </servlet-name>
+ <url-pattern> /agent/kra/listRequests.html </url-pattern>
+ </servlet-mapping>
+
+ <servlet-mapping>
+ <servlet-name> kraGenerateKeyPair </servlet-name>
+ <url-pattern> /agent/kra/GenerateKeyPair </url-pattern>
+ </servlet-mapping>
+
+ <servlet-mapping>
+ <servlet-name> kraindex </servlet-name>
+ <url-pattern> /index </url-pattern>
+ </servlet-mapping>
+
+ <servlet-mapping>
+ <servlet-name> kraKRAGetApprovalStatus </servlet-name>
+ <url-pattern> /agent/kra/getApprovalStatus </url-pattern>
+ </servlet-mapping>
+
+ <servlet-mapping>
+ <servlet-name> kraKRAProcessReq </servlet-name>
+ <url-pattern> /agent/kra/processReq </url-pattern>
+ </servlet-mapping>
+
+ <servlet-mapping>
+ <servlet-name> kraKRAExamineRecovery </servlet-name>
+ <url-pattern> /agent/kra/examineRecovery </url-pattern>
+ </servlet-mapping>
+
+ <servlet-mapping>
+ <servlet-name> kraKRASrchKey </servlet-name>
+ <url-pattern> /agent/kra/srchKey </url-pattern>
+ </servlet-mapping>
+
+ <servlet-mapping>
+ <servlet-name> kraKRAGetPk12 </servlet-name>
+ <url-pattern> /agent/kra/getPk12 </url-pattern>
+ </servlet-mapping>
+
+ <servlet-mapping>
+ <servlet-name> kraKRAGetAsyncPk12 </servlet-name>
+ <url-pattern> /agent/kra/getAsyncPk12 </url-pattern>
+ </servlet-mapping>
+
+ <servlet-mapping>
+ <servlet-name> kraGrantRecovery </servlet-name>
+ <url-pattern> /agent/kra/grantRecovery.html </url-pattern>
+ </servlet-mapping>
+
+ <servlet-mapping>
+ <servlet-name> kraKRASrchKeyForRecovery </servlet-name>
+ <url-pattern> /agent/kra/srchKeyForRecovery </url-pattern>
+ </servlet-mapping>
+
+ <servlet-mapping>
+ <servlet-name> krakraqueryReq </servlet-name>
+ <url-pattern> /agent/kra/queryReq </url-pattern>
+ </servlet-mapping>
+
+ <servlet-mapping>
+ <servlet-name> kraKRADisplayBySerial </servlet-name>
+ <url-pattern> /agent/kra/displayBySerial </url-pattern>
+ </servlet-mapping>
+
+ <servlet-mapping>
+ <servlet-name>csadmin-login</servlet-name>
+ <url-pattern>/admin/console/config/login</url-pattern>
+ </servlet-mapping>
+
+
+ <servlet-mapping>
+ <servlet-name> kraRegisterUser </servlet-name>
+ <url-pattern> /admin/kra/registerUser </url-pattern>
+ </servlet-mapping>
+
+ <servlet-mapping>
+ <servlet-name> kraGetTransportCert </servlet-name>
+ <url-pattern> /admin/kra/getTransportCert </url-pattern>
+ </servlet-mapping>
+
+ <servlet-mapping>
+ <servlet-name>csadmin-wizard</servlet-name>
+ <url-pattern>/admin/console/config/wizard</url-pattern>
+ </servlet-mapping>
+
+ <servlet-mapping>
+ <servlet-name> kraGetConfigEntries </servlet-name>
+ <url-pattern> /admin/kra/getConfigEntries </url-pattern>
+ </servlet-mapping>
+
+ <servlet-mapping>
+ <servlet-name> services </servlet-name>
+ <url-pattern> /services </url-pattern>
+ </servlet-mapping>
+
+ <servlet-mapping>
+ <servlet-name> kraUpdateNumberRange </servlet-name>
+ <url-pattern> /ee/kra/updateNumberRange </url-pattern>
+ </servlet-mapping>
+
+ <servlet-mapping>
+ <servlet-name> kraDownloadPKCS12 </servlet-name>
+ <url-pattern> /admin/console/config/savepkcs12 </url-pattern>
+ </servlet-mapping>
+
+ <servlet-mapping>
+ <servlet-name> kraGetTokenInfo </servlet-name>
+ <url-pattern> /ee/kra/getTokenInfo </url-pattern>
+ </servlet-mapping>
+
+ <!-- ==================== Default Session Configuration =============== -->
+ <!-- You can set the default session timeout (in minutes) for all newly -->
+ <!-- created sessions by modifying the value below. -->
+ <!-- -->
+ <!-- To disable session timeouts for this instance, set a value of -1. -->
+
+ <session-config>
+ <session-timeout>30</session-timeout>
+ </session-config>
+
+<!-- Default login configuration uses form-based authentication -->
+<!-- Security Constraint for agent access to the Security Data Rest Interface -->
+
+<!-- Uncomment to activate PKIJNDI realm as in conf/server.xml -->
+<!--
+<security-constraint>
+ <display-name>KRA Top Level Constraint</display-name>
+ <web-resource-collection>
+ <web-resource-name>KRA Protected Area</web-resource-name>
+ <url-pattern>/pki/*
+ </url-pattern>
+ </web-resource-collection>
+ <user-data-constraint>
+ <transport-guarantee>CONFIDENTIAL</transport-guarantee>
+ </user-data-constraint>
+ <auth-constraint>
+ <role-name>*</role-name>
+ </auth-constraint>
+</security-constraint>
+-->
+
+<!-- Security Constraint to deny certain http methods for key/retrieve -->
+<!-- Uncomment to activate PKIJNDI realm as in conf/server.xml -->
+<!--
+<security-constraint>
+<display-name>Key forbidden</display-name>
+<web-resource-collection>
+ <web-resource-name>Key forbidden</web-resource-name>
+ <url-pattern>/pki/key/retrieve</url-pattern>
+ <http-method>GET</http-method>
+ <http-method>PUT</http-method>
+ <http-method>DELETE</http-method>
+</web-resource-collection>
+<auth-constraint/>
+</security-constraint>
+-->
+
+<!-- Security Constraint to deny certain http methods for keyrequest/* -->
+<!-- Uncomment to activate PKIJNDI realm as in conf/server.xml -->
+
+<!--
+<security-constraint>
+<display-name>KeyRequest forbidden</display-name>
+<web-resource-collection>
+ <web-resource-name>KeyRequest forbidden</web-resource-name>
+ <url-pattern>/pki/keyrequest/archive</url-pattern>
+ <url-pattern>/pki/keyrequest/recover</url-pattern>
+ <url-pattern>/pki/keyrequest/approve/*</url-pattern>
+ <url-pattern>/pki/keyrequest/reject/*</url-pattern>
+ <url-pattern>/pki/keyrequest/cancel/*</url-pattern>
+ <http-method>GET</http-method>
+ <http-method>PUT</http-method>
+ <http-method>DELETE</http-method>
+</web-resource-collection>
+<auth-constraint/>
+</security-constraint>
+-->
+
+
+<!-- Customized SSL Client auth login config
+ uncomment to activate PKIJNDI realm as in conf/server.xml
+-->
+
+<!--
+
+<login-config>
+ <realm-name>PKIJNDIRealm</realm-name>
+ <auth-method>CLIENT-CERT</auth-method>
+ <realm-name>Client Cert Protected Area</realm-name>
+</login-config>
+
+<security-role>
+ <role-name>*</role-name>
+</security-role>
+
+-->
+
+</web-app>
generated by cgit (git 2.34.1) at 2024-04-25 01:23:55 +0000