diff options
author | Endi S. Dewata <edewata@redhat.com> | 2014-05-08 03:45:49 -0400 |
---|---|---|
committer | Endi S. Dewata <edewata@redhat.com> | 2014-05-12 14:38:09 -0400 |
commit | e1dc7757f9dedf41e712408196cc91902b3c5b89 (patch) | |
tree | e5abf94e1c0fc898d778f72ee6f532c43be57365 /base | |
parent | d8a575dcff3e5685728b0d00d6ab05cf2d10c069 (diff) | |
download | pki-e1dc7757f9dedf41e712408196cc91902b3c5b89.tar.gz pki-e1dc7757f9dedf41e712408196cc91902b3c5b89.tar.xz pki-e1dc7757f9dedf41e712408196cc91902b3c5b89.zip |
Renamed TPS groups.
The TPS groups have been renamed for clarity and consistency:
- TUS Administrators -> Administrators
- TUS Agents -> TPS Agents
- TUS Officers -> TPS Officers
- TUS Operators -> TPS Operators
Ticket #963
Diffstat (limited to 'base')
-rw-r--r-- | base/server/cmscore/src/com/netscape/cmscore/dbs/CSCfgDatabase.java | 2 | ||||
-rw-r--r-- | base/tps-tomcat/shared/conf/CS.cfg.in | 2 | ||||
-rw-r--r-- | base/tps-tomcat/shared/conf/acl.ldif | 20 | ||||
-rw-r--r-- | base/tps-tomcat/shared/conf/db.ldif | 24 |
4 files changed, 24 insertions, 24 deletions
diff --git a/base/server/cmscore/src/com/netscape/cmscore/dbs/CSCfgDatabase.java b/base/server/cmscore/src/com/netscape/cmscore/dbs/CSCfgDatabase.java index 51a32182c..66cbe5134 100644 --- a/base/server/cmscore/src/com/netscape/cmscore/dbs/CSCfgDatabase.java +++ b/base/server/cmscore/src/com/netscape/cmscore/dbs/CSCfgDatabase.java @@ -55,7 +55,7 @@ public class CSCfgDatabase<E extends CSCfgRecord> extends Database<E> { } PKIPrincipal pkiPrincipal = (PKIPrincipal)principal; - return pkiPrincipal.hasRole("TUS Agents"); + return pkiPrincipal.hasRole("TPS Agents"); } public String getRecordStatus(String recordID) throws EBaseException { diff --git a/base/tps-tomcat/shared/conf/CS.cfg.in b/base/tps-tomcat/shared/conf/CS.cfg.in index da41e950a..abee88f4d 100644 --- a/base/tps-tomcat/shared/conf/CS.cfg.in +++ b/base/tps-tomcat/shared/conf/CS.cfg.in @@ -1181,7 +1181,7 @@ pkicreate.unsecure_port=[PKI_UNSECURE_PORT] pkicreate.user=[PKI_USER] pkiremove.cert.subsystem.nickname=subsystemCert cert-[PKI_INSTANCE_NAME] preop.admincert.profile=caAdminCert -preop.admin.group=TUS Agents,TUS Operators,TUS Administrators,TUS Officers +preop.admin.group=TPS Agents,TPS Operators,Administrators,TPS Officers preop.admin.name=Token Processing Service Manager Administrator preop.cert.admin.defaultSigningAlgorithm=SHA256withRSA preop.cert.admin.dn=uid=admin,cn=admin diff --git a/base/tps-tomcat/shared/conf/acl.ldif b/base/tps-tomcat/shared/conf/acl.ldif index f0289e1b2..41b38137b 100644 --- a/base/tps-tomcat/shared/conf/acl.ldif +++ b/base/tps-tomcat/shared/conf/acl.ldif @@ -21,13 +21,13 @@ resourceACLS: certServer.admin.certificate:import:allow (import) user="anybody": resourceACLS: certServer.admin.request.enrollment:submit,read,execute:allow (submit) user="anybody":Anybody may submit an enrollment request resourceACLS: certServer.clone.configuration:read,modify:allow (modify,read) group="Enterprise CA Administrators" || group="Enterprise KRA Administrators" || group="Enterprise OCSP Administrators" || group="Enterprise TPS Administrators":Only Enterprise Administrators are allowed to clone the configuration. resourceACLS: certServer.tps.account:login,logout:allow (login,logout) user="anybody":Anybody can login and logout -resourceACLS: certServer.tps.authenticators:read,add,modify,approve,remove:allow (read,add,modify,approve,remove) group="TUS Administrators":Only admins can access authenticators. -resourceACLS: certServer.tps.audit:read,modify:allow (read,modify) group="TUS Administrators":Only admins can access configuration. -resourceACLS: certServer.tps.config:read,modify:allow (read,modify) group="TUS Administrators":Only admins can access configuration. -resourceACLS: certServer.tps.connectors:read,add,modify,approve,remove:allow (read,add,modify,approve,remove) group="TUS Administrators":Only admins can access connectors. -resourceACLS: certServer.tps.groups:execute:allow (execute) group="TUS Administrators":Admins may execute group operations -resourceACLS: certServer.tps.users:execute:allow (execute) group="TUS Administrators":Admins may execute user operations -resourceACLS: certServer.tps.profiles:read,add,modify,approve,remove:allow (read) group="TUS Administrators" || group="TUS Agents" ; allow (add,modify,remove) group="TUS Administrators" ; allow (approve) group="TUS Agents":Admins and agents can read, but only admins can add, modify, and remove, and only agents can approve. -resourceACLS: certServer.tps.profile-mappings:read,add,modify,approve,remove:allow (read,add,modify,approve,remove) group="TUS Administrators" :Only admins can access profile mappings. -resourceACLS: certServer.tps.selftests:read,execute:allow (read,execute) group="TUS Administrators":Only admins can access selftests. -resourceACLS: certServer.tps.tokens:read,add,modify,remove:allow (read) group="TUS Administrators" || group="TUS Agents" || group="TUS Operators"; allow (add,remove) group="TUS Administrators" ; allow (modify) group="TUS Agents":Admins, agents, operators can read tokens, but only admins can add and remove tokens, and only agents can modify tokens. +resourceACLS: certServer.tps.authenticators:read,add,modify,approve,remove:allow (read,add,modify,approve,remove) group="Administrators":Only admins can access authenticators. +resourceACLS: certServer.tps.audit:read,modify:allow (read,modify) group="Administrators":Only admins can access configuration. +resourceACLS: certServer.tps.config:read,modify:allow (read,modify) group="Administrators":Only admins can access configuration. +resourceACLS: certServer.tps.connectors:read,add,modify,approve,remove:allow (read,add,modify,approve,remove) group="Administrators":Only admins can access connectors. +resourceACLS: certServer.tps.groups:execute:allow (execute) group="Administrators":Admins may execute group operations +resourceACLS: certServer.tps.users:execute:allow (execute) group="Administrators":Admins may execute user operations +resourceACLS: certServer.tps.profiles:read,add,modify,approve,remove:allow (read) group="Administrators" || group="TPS Agents" ; allow (add,modify,remove) group="Administrators" ; allow (approve) group="TPS Agents":Admins and agents can read, but only admins can add, modify, and remove, and only agents can approve. +resourceACLS: certServer.tps.profile-mappings:read,add,modify,approve,remove:allow (read,add,modify,approve,remove) group="Administrators" :Only admins can access profile mappings. +resourceACLS: certServer.tps.selftests:read,execute:allow (read,execute) group="Administrators":Only admins can access selftests. +resourceACLS: certServer.tps.tokens:read,add,modify,remove:allow (read) group="Administrators" || group="TPS Agents" || group="TPS Operators"; allow (add,remove) group="Administrators" ; allow (modify) group="TPS Agents":Admins, agents, operators can read tokens, but only admins can add and remove tokens, and only agents can modify tokens. diff --git a/base/tps-tomcat/shared/conf/db.ldif b/base/tps-tomcat/shared/conf/db.ldif index 1dada984a..afa0c3920 100644 --- a/base/tps-tomcat/shared/conf/db.ldif +++ b/base/tps-tomcat/shared/conf/db.ldif @@ -29,26 +29,26 @@ objectclass: top objectclass: organizationalunit ou: Groups -dn: cn=TUS Agents,ou=Groups,{rootSuffix} +dn: cn=TPS Agents,ou=Groups,{rootSuffix} objectClass: top objectClass: groupOfUniqueNames -cn: TUS Agents -description: Agents for TUS +cn: TPS Agents +description: Agents for TPS -dn: cn=TUS Officers,ou=Groups,{rootSuffix} +dn: cn=TPS Officers,ou=Groups,{rootSuffix} objectClass: top objectClass: groupOfUniqueNames -cn: TUS Officers -description: Security Officers for TUS +cn: TPS Officers +description: Security Officers for TPS -dn: cn=TUS Administrators,ou=Groups,{rootSuffix} +dn: cn=Administrators,ou=Groups,{rootSuffix} objectClass: top objectClass: groupOfUniqueNames -cn: TUS Administrators -description: Administrators for TUS +cn: Administrators +description: Administrators for TPS -dn: cn=TUS Operators,ou=Groups,{rootSuffix} +dn: cn=TPS Operators,ou=Groups,{rootSuffix} objectClass: top objectClass: groupOfUniqueNames -cn: TUS Operators -description: Operators for TUS +cn: TPS Operators +description: Operators for TPS |