diff options
Diffstat (limited to 'base/server/share')
52 files changed, 8709 insertions, 0 deletions
diff --git a/base/server/share/conf/catalina.policy b/base/server/share/conf/catalina.policy new file mode 100644 index 000000000..7023a10fb --- /dev/null +++ b/base/server/share/conf/catalina.policy @@ -0,0 +1,5 @@ +// ============================================================================ +// Do not edit this file. This file is automatically generated from +// the default Tomcat policy, default PKI policy and custom policy. +// ============================================================================ + diff --git a/base/server/share/conf/catalina.properties b/base/server/share/conf/catalina.properties new file mode 100644 index 000000000..003089a43 --- /dev/null +++ b/base/server/share/conf/catalina.properties @@ -0,0 +1,125 @@ +# --- BEGIN COPYRIGHT BLOCK --- +# Copyright (C) 2012 Red Hat, Inc. +# All rights reserved. +# Modifications: configuration parameters +# --- END COPYRIGHT BLOCK --- + +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# +# List of comma-separated packages that start with or equal this string +# will cause a security exception to be thrown when +# passed to checkPackageAccess unless the +# corresponding RuntimePermission ("accessClassInPackage."+package) has +# been granted. +package.access=sun.,org.apache.catalina.,org.apache.coyote.,org.apache.tomcat.,org.apache.jasper. +# +# List of comma-separated packages that start with or equal this string +# will cause a security exception to be thrown when +# passed to checkPackageDefinition unless the +# corresponding RuntimePermission ("defineClassInPackage."+package) has +# been granted. +# +# by default, no packages are restricted for definition, and none of +# the class loaders supplied with the JDK call checkPackageDefinition. +# +package.definition=sun.,java.,org.apache.catalina.,org.apache.coyote.,org.apache.tomcat.,org.apache.jasper. + +# +# +# List of comma-separated paths defining the contents of the "common" +# classloader. Prefixes should be used to define what is the repository type. +# Path may be relative to the CATALINA_HOME or CATALINA_BASE path or absolute. +# If left as blank,the JVM system loader will be used as Catalina's "common" +# loader. +# Examples: +# "foo": Add this folder as a class repository +# "foo/*.jar": Add all the JARs of the specified folder as class +# repositories +# "foo/bar.jar": Add bar.jar as a class repository +common.loader=${catalina.base}/lib,${catalina.base}/lib/*.jar,${catalina.home}/lib,${catalina.home}/lib/*.jar,[TOMCAT_INSTANCE_COMMON_LIB] + +# +# List of comma-separated paths defining the contents of the "server" +# classloader. Prefixes should be used to define what is the repository type. +# Path may be relative to the CATALINA_HOME or CATALINA_BASE path or absolute. +# If left as blank, the "common" loader will be used as Catalina's "server" +# loader. +# Examples: +# "foo": Add this folder as a class repository +# "foo/*.jar": Add all the JARs of the specified folder as class +# repositories +# "foo/bar.jar": Add bar.jar as a class repository +server.loader= + +# +# List of comma-separated paths defining the contents of the "shared" +# classloader. Prefixes should be used to define what is the repository type. +# Path may be relative to the CATALINA_BASE path or absolute. If left as blank, +# the "common" loader will be used as Catalina's "shared" loader. +# Examples: +# "foo": Add this folder as a class repository +# "foo/*.jar": Add all the JARs of the specified folder as class +# repositories +# "foo/bar.jar": Add bar.jar as a class repository +# Please note that for single jars, e.g. bar.jar, you need the URL form +# starting with file:. +shared.loader= + +# List of JAR files that should not be scanned for configuration information +# such as web fragments, TLD files etc. It must be a comma separated list of +# JAR file names. +# The JARs listed below include: +# - Tomcat Bootstrap JARs +# - Tomcat API JARs +# - Catalina JARs +# - Jasper JARs +# - Tomcat JARs +# - Common non-Tomcat JARs +# - Sun JDK JARs +# - Apple JDK JARs +tomcat.util.scan.DefaultJarScanner.jarsToSkip=\ +bootstrap.jar,commons-daemon.jar,tomcat-juli.jar,\ +annotations-api.jar,el-api.jar,jsp-api.jar,servlet-api.jar,\ +catalina.jar,catalina-ant.jar,catalina-ha.jar,catalina-tribes.jar,\ +jasper.jar,jasper-el.jar,ecj-*.jar,\ +tomcat-api.jar,tomcat-util.jar,tomcat-coyote.jar,tomcat-dbcp.jar,\ +tomcat-i18n-en.jar,tomcat-i18n-es.jar,tomcat-i18n-fr.jar,tomcat-i18n-ja.jar,\ +tomcat-juli-adapters.jar,catalina-jmx-remote.jar,catalina-ws.jar,\ +tomcat-jdbc.jar,\ +commons-beanutils*.jar,commons-codec*.jar,commons-collections*.jar,\ +commons-dbcp*.jar,commons-digester*.jar,commons-fileupload*.jar,\ +commons-httpclient*.jar,commons-io*.jar,commons-lang*.jar,commons-logging*.jar,\ +commons-math*.jar,commons-pool*.jar,\ +jstl.jar,\ +geronimo-spec-jaxrpc*.jar,wsdl4j*.jar,\ +ant.jar,ant-junit*.jar,aspectj*.jar,jmx.jar,h2*.jar,hibernate*.jar,httpclient*.jar,\ +jmx-tools.jar,jta*.jar,log4j*.jar,mail*.jar,slf4j*.jar,\ +xercesImpl.jar,xmlParserAPIs.jar,xml-apis.jar,\ +dnsns.jar,ldapsec.jar,localedata.jar,sunjce_provider.jar,sunmscapi.jar,\ +sunpkcs11.jar,jhall.jar,tools.jar,\ +sunec.jar,zipfs.jar,\ +apple_provider.jar,AppleScriptEngine.jar,CoreAudio.jar,dns_sd.jar,\ +j3daudio.jar,j3dcore.jar,j3dutils.jar,jai_core.jar,jai_codec.jar,\ +mlibwrapper_jai.jar,MRJToolkit.jar,vecmath.jar,\ +junit.jar,junit-*.jar,ant-launcher.jar + +# +# String cache configuration. +tomcat.util.buf.StringCache.byte.enabled=true +#tomcat.util.buf.StringCache.char.enabled=true +#tomcat.util.buf.StringCache.trainThreshold=500000 +#tomcat.util.buf.StringCache.cacheSize=5000 diff --git a/base/server/share/conf/context.xml b/base/server/share/conf/context.xml new file mode 100644 index 000000000..4b00dbe3c --- /dev/null +++ b/base/server/share/conf/context.xml @@ -0,0 +1,42 @@ +<?xml version='1.0' encoding='utf-8'?> +<!-- BEGIN COPYRIGHT BLOCK + Copyright (C) 2012 Red Hat, Inc. + All rights reserved. + Modifications: configuration parameters + END COPYRIGHT BLOCK +--> + +<!-- + Licensed to the Apache Software Foundation (ASF) under one or more + contributor license agreements. See the NOTICE file distributed with + this work for additional information regarding copyright ownership. + The ASF licenses this file to You under the Apache License, Version 2.0 + (the "License"); you may not use this file except in compliance with + the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +--> +<!-- The contents of this file will be loaded for each web application --> +<Context> + + <!-- Default set of monitored resources --> + <WatchedResource>WEB-INF/web.xml</WatchedResource> + + <!-- Uncomment this to disable session persistence across Tomcat restarts --> + <!-- + <Manager pathname="" /> + --> + + <!-- Uncomment this to enable Comet connection tacking (provides events + on session expiration as well as webapp lifecycle) --> + <!-- + <Valve className="org.apache.catalina.valves.CometConnectionManagerValve" /> + --> + +</Context> diff --git a/base/server/share/conf/custom.policy b/base/server/share/conf/custom.policy new file mode 100644 index 000000000..94f65a1d4 --- /dev/null +++ b/base/server/share/conf/custom.policy @@ -0,0 +1,5 @@ +// ============================================================================ +// custom.policy - Custom Security Policy Permissions for PKI +// +// Custom security policies for PKI should be stored in this file. +// ============================================================================ diff --git a/base/server/share/conf/log4j.properties b/base/server/share/conf/log4j.properties new file mode 100644 index 000000000..dd4bd9318 --- /dev/null +++ b/base/server/share/conf/log4j.properties @@ -0,0 +1,30 @@ +# --- BEGIN COPYRIGHT BLOCK --- +# Copyright (C) 2012 Red Hat, Inc. +# All rights reserved. +# Modifications: configuration parameters +# --- END COPYRIGHT BLOCK --- + +log4j.rootLogger=debug, R +log4j.appender.R=org.apache.log4j.RollingFileAppender +log4j.appender.R.File=${catalina.base}/logs/catalina.out +log4j.appender.R.MaxFileSize=10MB +log4j.appender.R.MaxBackupIndex=10 +log4j.appender.R.layout=org.apache.log4j.PatternLayout +log4j.appender.R.layout.ConversionPattern=%p %t %c - %m%n +log4j.logger.org.apache.catalina=DEBUG, R +log4j.logger.org.apache.catalina.core.ContainerBase.[Catalina].[localhost]=DEBUG, R +log4j.logger.org.apache.catalina.core=DEBUG, R +log4j.logger.org.apache.catalina.session=DEBUG, R + +#resteasy +log4j.appender.stdout=org.apache.log4j.ConsoleAppender +log4j.appender.stdout.Target=System.out +log4j.appender.stdout.layout=org.apache.log4j.PatternLayout +log4j.appender.stdout.layout.ConversionPattern=%d{ABSOLUTE} %5p (%c:%L) - %m%n +log4j.rootLogger=warn, stdout +log4j.rootCategory=debug, stdout +log4j.category.org.jboss.resteasy.core=debug +log4j.category.org.jboss.resteasy.plugins.providers=debug +log4j.category.org.jboss.resteasy.specimpl=debug +log4j.category.org.jboss.resteasy.plugins.server=debug +log4j.logger.org.jboss.resteasy.mock=debug diff --git a/base/server/share/conf/logging.properties b/base/server/share/conf/logging.properties new file mode 100644 index 000000000..dfdc0a40f --- /dev/null +++ b/base/server/share/conf/logging.properties @@ -0,0 +1,85 @@ +# --- BEGIN COPYRIGHT BLOCK --- +# Copyright (C) 2012 Red Hat, Inc. +# All rights reserved. +# Modifications: configuration parameters +# --- END COPYRIGHT BLOCK --- + +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +handlers = 1catalina.org.apache.juli.FileHandler, 2localhost.org.apache.juli.FileHandler, 3manager.org.apache.juli.FileHandler, 4host-manager.org.apache.juli.FileHandler, java.util.logging.ConsoleHandler + +.handlers = 1catalina.org.apache.juli.FileHandler, java.util.logging.ConsoleHandler + +############################################################ +# Handler specific properties. +# Describes specific configuration info for Handlers. +############################################################ + +# Change the following settings to allow for more granular debugging: +# +# * 1catalina.org.apache.juli.FileHandler.level = ALL +# * 2localhost.org.apache.juli.FileHandler.level = ALL +# +# and add the following lines to the end of this file: +# +# * org.apache.catalina.loader.level = FINEST +# * org.apache.catalina.loader.WebappClassLoader.level = FINEST +# * org.apache.catalina.loader.StandardClassLoader.level = FINEST +# * com.netscape.cms.servlet.base.level = FINEST +# * com.netscape.cms.servlet.base.CMSStartServlet.level = FINEST +# * java.net.URLClassLoader.level = FINEST +# + +1catalina.org.apache.juli.FileHandler.level = FINE +1catalina.org.apache.juli.FileHandler.directory = ${catalina.base}/logs +1catalina.org.apache.juli.FileHandler.prefix = catalina. + +2localhost.org.apache.juli.FileHandler.level = FINE +2localhost.org.apache.juli.FileHandler.directory = ${catalina.base}/logs +2localhost.org.apache.juli.FileHandler.prefix = localhost. + +3manager.org.apache.juli.FileHandler.level = FINE +3manager.org.apache.juli.FileHandler.directory = ${catalina.base}/logs +3manager.org.apache.juli.FileHandler.prefix = manager. + +4host-manager.org.apache.juli.FileHandler.level = FINE +4host-manager.org.apache.juli.FileHandler.directory = ${catalina.base}/logs +4host-manager.org.apache.juli.FileHandler.prefix = host-manager. + +java.util.logging.ConsoleHandler.level = FINE +java.util.logging.ConsoleHandler.formatter = java.util.logging.SimpleFormatter + + +############################################################ +# Facility specific properties. +# Provides extra control for each logger. +############################################################ + +org.apache.catalina.core.ContainerBase.[Catalina].[localhost].level = INFO +org.apache.catalina.core.ContainerBase.[Catalina].[localhost].handlers = 2localhost.org.apache.juli.FileHandler + +org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/manager].level = INFO +org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/manager].handlers = 3manager.org.apache.juli.FileHandler + +org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/host-manager].level = INFO +org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/host-manager].handlers = 4host-manager.org.apache.juli.FileHandler + +# For example, set the org.apache.catalina.util.LifecycleBase logger to log +# each component that extends LifecycleBase changing state: +#org.apache.catalina.util.LifecycleBase.level = FINE + +# To see debug messages in TldLocationsCache, uncomment the following line: +#org.apache.jasper.compiler.TldLocationsCache.level = FINE diff --git a/base/server/share/conf/pki.policy b/base/server/share/conf/pki.policy new file mode 100644 index 000000000..52e3d7fe1 --- /dev/null +++ b/base/server/share/conf/pki.policy @@ -0,0 +1,196 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// Copyright (C) 2012 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- + +// ============================================================================ +// pki.policy - Default Security Policy Permissions for PKI on Tomcat 7 +// +// This file contains a default set of security policies for PKI running inside +// Tomcat 7. +// ============================================================================ + +grant codeBase "file:${catalina.home}/bin/tomcat-juli.jar" { + permission java.lang.RuntimePermission "accessClassInPackage.sun.util.logging.resources"; +}; + +grant codeBase "file:${catalina.base}/bin/bootstrap.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:${catalina.base}/lib/-" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/lib/java/jss4.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/lib/java/symkey.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/lib64/java/jss4.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/lib64/java/symkey.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/share/java/commons-codec.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/share/java/apache-commons-collections.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/share/java/apache-commons-lang.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/share/java/apache-commons-logging.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/share/java/ecj.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/share/java/eclipse/-" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/share/java/glassfish-jsp.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/share/java/httpcomponents/httpclient.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/share/java/httpcomponents/httpcore.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/share/java/javassist.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/share/java/jaxb-api.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/share/java/jaxme/jaxmeapi.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/share/java/jaxp_parser_impl.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/share/java/jboss-web.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/share/java/jettison.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/share/java/ldapjdk.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/share/java/log4j.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:${RESTEASY_LIB}/jaxrs-api.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:${RESTEASY_LIB}/resteasy-atom-provider.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:${RESTEASY_LIB}/resteasy-jaxb-provider.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:${RESTEASY_LIB}/resteasy-jaxrs.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:${RESTEASY_LIB}/resteasy-jettison-provider.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/share/java/scannotation.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/share/java/servlet.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/share/java/tomcat/-" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/share/java/tomcatjss.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/share/java/tomcat-el-api.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/share/java/tomcat-servlet-api.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/share/java/velocity.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/share/java/xerces-j2.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/share/java/xml-commons-apis.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/share/java/xml-commons-resolver.jar" { + permission java.security.AllPermission; +}; + +grant codeBase "file:/usr/share/java/pki/-" { + permission java.security.AllPermission; +}; + +grant codeBase "file:${catalina.base}/webapps/pki/-" { + permission java.security.AllPermission; +}; + +grant codeBase "file:${catalina.base}/webapps/ca/-" { + permission java.security.AllPermission; +}; + +grant codeBase "file:${catalina.base}/webapps/kra/-" { + permission java.security.AllPermission; +}; + +grant codeBase "file:${catalina.base}/webapps/ocsp/-" { + permission java.security.AllPermission; +}; + +grant codeBase "file:${catalina.base}/webapps/tks/-" { + permission java.security.AllPermission; +}; + +grant codeBase "file:${catalina.base}/webapps/ROOT/-" { + permission java.security.AllPermission; +}; + diff --git a/base/server/share/conf/server.xml b/base/server/share/conf/server.xml new file mode 100644 index 000000000..93af08b19 --- /dev/null +++ b/base/server/share/conf/server.xml @@ -0,0 +1,304 @@ +<?xml version='1.0' encoding='utf-8'?> +<!-- BEGIN COPYRIGHT BLOCK + Copyright (C) 2012 Red Hat, Inc. + All rights reserved. + Modifications: configuration parameters + END COPYRIGHT BLOCK --> +<!-- + Licensed to the Apache Software Foundation (ASF) under one or more + contributor license agreements. See the NOTICE file distributed with + this work for additional information regarding copyright ownership. + The ASF licenses this file to You under the Apache License, Version 2.0 + (the "License"); you may not use this file except in compliance with + the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +--> +<!-- Note: A "Server" is not itself a "Container", so you may not + define subcomponents such as "Valves" at this level. + Documentation at /docs/config/server.html +--> + +<!-- DO NOT REMOVE - Begin PKI Status Definitions --> +<!-- CA Status Definitions --> +<!-- +Unsecure Port = http://[PKI_HOSTNAME]:[PKI_UNSECURE_PORT]/ca/ee/ca +Secure Agent Port = https://[PKI_HOSTNAME]:[PKI_AGENT_SECURE_PORT]/ca/agent/ca +Secure EE Port = https://[PKI_HOSTNAME]:[PKI_EE_SECURE_PORT]/ca/ee/ca +Secure Admin Port = https://[PKI_HOSTNAME]:[PKI_ADMIN_SECURE_PORT]/ca/services +EE Client Auth Port = https://[PKI_HOSTNAME]:[PKI_EE_SECURE_CLIENT_AUTH_PORT]/ca/eeca/ca +PKI Console Port = pkiconsole https://[PKI_HOSTNAME]:[PKI_ADMIN_SECURE_PORT]/ca +Tomcat Port = [TOMCAT_SERVER_PORT] (for shutdown) +--> +<!-- KRA Status Definitions --> +<!-- +Unsecure Port = http://[PKI_HOSTNAME]:[PKI_UNSECURE_PORT]/kra/ee/kra +Secure Agent Port = https://[PKI_HOSTNAME]:[PKI_AGENT_SECURE_PORT]/kra/agent/kra +Secure EE Port = https://[PKI_HOSTNAME]:[PKI_EE_SECURE_PORT]/kra/ee/kra +Secure Admin Port = https://[PKI_HOSTNAME]:[PKI_ADMIN_SECURE_PORT]/kra/services +PKI Console Port = pkiconsole https://[PKI_HOSTNAME]:[PKI_ADMIN_SECURE_PORT]/kra +Tomcat Port = [TOMCAT_SERVER_PORT] (for shutdown) +--> +<!-- OCSP Status Definitions --> +<!-- +Unsecure Port = http://[PKI_HOSTNAME]:[PKI_UNSECURE_PORT]/ocsp/ee/ocsp +Secure Agent Port = https://[PKI_HOSTNAME]:[PKI_AGENT_SECURE_PORT]/ocsp/agent/ocsp +Secure EE Port = https://[PKI_HOSTNAME]:[PKI_EE_SECURE_PORT]/ocsp/ee/ocsp +Secure Admin Port = https://[PKI_HOSTNAME]:[PKI_ADMIN_SECURE_PORT]/ocsp/services +PKI Console Port = pkiconsole https://[PKI_HOSTNAME]:[PKI_ADMIN_SECURE_PORT]/ocsp +Tomcat Port = [TOMCAT_SERVER_PORT] (for shutdown) +--> +<!-- TKS Status Definitions --> +<!-- +Unsecure Port = http://[PKI_HOSTNAME]:[PKI_UNSECURE_PORT]/tks/ee/tks +Secure Agent Port = https://[PKI_HOSTNAME]:[PKI_AGENT_SECURE_PORT]/tks/agent/tks +Secure EE Port = https://[PKI_HOSTNAME]:[PKI_EE_SECURE_PORT]/tks/ee/tks +Secure Admin Port = https://[PKI_HOSTNAME]:[PKI_ADMIN_SECURE_PORT]/tks/services +PKI Console Port = pkiconsole https://[PKI_HOSTNAME]:[PKI_ADMIN_SECURE_PORT]/tks +Tomcat Port = [TOMCAT_SERVER_PORT] (for shutdown) +--> +<!-- DO NOT REMOVE - End PKI Status Definitions --> + +<Server port="[TOMCAT_SERVER_PORT]" shutdown="SHUTDOWN"> + + <!--APR library loader. Documentation at /docs/apr.html --> + <!-- The following Listener class has been commented out because this --> + <!-- implementation depends upon the 'tomcatjss' JSSE module, 'JSS', --> + <!-- and 'NSS' rather than the 'tomcat-native' module! --> + <!-- Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" --> + <!--Initialize Jasper prior to webapps are loaded. Documentation at /docs/jasper-howto.html --> + <Listener className="org.apache.catalina.core.JasperListener" /> + <!-- JMX Support for the Tomcat server. Documentation at /docs/non-existent.html --> + <!-- The following class has been commented out because it --> + <!-- has been EXCLUDED from the Tomcat 7 'tomcat-lib' RPM! --> + <!-- Listener className="org.apache.catalina.mbeans.ServerLifecycleListener" --> + <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" /> + + <!-- Global JNDI resources + Documentation at /docs/jndi-resources-howto.html + --> + <GlobalNamingResources> + <!-- Editable user database that can also be used by + UserDatabaseRealm to authenticate users + --> + <Resource name="UserDatabase" auth="Container" + type="org.apache.catalina.UserDatabase" + description="User database that can be updated and saved" + factory="org.apache.catalina.users.MemoryUserDatabaseFactory" + pathname="conf/tomcat-users.xml" /> + </GlobalNamingResources> + + <!-- A "Service" is a collection of one or more "Connectors" that share + a single "Container" Note: A "Service" is not itself a "Container", + so you may not define subcomponents such as "Valves" at this level. + Documentation at /docs/config/service.html + --> + <Service name="Catalina"> + + <!--The connectors can use a shared executor, you can define one or more named thread pools--> + <!-- + <Executor name="tomcatThreadPool" namePrefix="catalina-exec-" + maxThreads="150" minSpareThreads="4"/> + --> + + + <!-- A "Connector" represents an endpoint by which requests are received + and responses are returned. Documentation at : + Java HTTP Connector: /docs/config/http.html (blocking & non-blocking) + Java AJP Connector: /docs/config/ajp.html + APR (HTTP/AJP) Connector: /docs/apr.html + Define a non-SSL HTTP/1.1 Connector on port 8080 + --> + + [PKI_UNSECURE_PORT_SERVER_COMMENT] + <Connector name="[PKI_UNSECURE_PORT_CONNECTOR_NAME]" port="[PKI_UNSECURE_PORT]" protocol="HTTP/1.1" redirectPort="[PKI_SECURE_PORT]" + maxHttpHeaderSize="8192" + acceptCount="100" maxThreads="150" minSpareThreads="25" + enableLookups="false" connectionTimeout="20000" disableUploadTimeout="true" + /> + + <!-- Define a SSL HTTP/1.1 Connector on port 8443 --> + [PKI_SECURE_PORT_SERVER_COMMENT] + <!-- DO NOT REMOVE - Begin define PKI secure port + NOTE: The following 'keys' (and their assigned values) are exclusive to + the 'tomcatjss' JSSE module: + + 'enableOCSP' + 'ocspResponderURL' + 'ocspResponderCertNickname' + 'ocspCacheSize' + 'ocspMinCacheEntryDuration' + 'ocspMaxCacheEntryDuration' + 'ocspTimeout' + 'strictCiphers' + 'clientauth' (ALL lowercase) + 'sslOptions' + 'ssl2Ciphers' + 'ssl3Ciphers' + 'tlsCiphers' + 'serverCertNickFile' + 'passwordFile' + 'passwordClass' + 'certdbDir' + + and are referenced via the value of the 'sslImplementationName' key. + NOTE: The OCSP settings take effect globally, so it should only be set once. + + In setup where SSL clientauth="true", OCSP can be turned on by + setting enableOCSP to true like the following: + enableOCSP="true" + along with changes to related settings, especially: + ocspResponderURL=<see example in connector definition below> + ocspResponderCertNickname=<see example in connector definition below> + Here are the definition to all the OCSP-related settings: + enableOCSP - turns on/off the ocsp check + ocspResponderURL - sets the url where the ocsp requests are sent + ocspResponderCertNickname - sets the nickname of the cert that is + either CA's signing certificate or the OCSP server's signing + certificate. + The CA's signing certificate should already be in the db, in + case of the same security domain. + In case of an ocsp signing certificate, one must import the cert + into the subsystem's nss db and set trust. e.g.: + certutil -d . -A -n "ocspSigningCert cert-pki-ca" -t "C,," -a -i ocspCert.b64 + ocspCacheSize - sets max cache entries + ocspMinCacheEntryDuration - sets minimum seconds to next fetch attempt + ocspMaxCacheEntryDuration - sets maximum seconds to next fetch attempt + ocspTimeout -sets OCSP timeout in seconds + --> + <Connector name="[PKI_SECURE_PORT_CONNECTOR_NAME]" port="[PKI_SECURE_PORT]" protocol="HTTP/1.1" SSLEnabled="true" sslProtocol="SSL" scheme="https" secure="true" + maxHttpHeaderSize="8192" + acceptCount="100" maxThreads="150" minSpareThreads="25" + enableLookups="false" disableUploadTimeout="true" + sslImplementationName="org.apache.tomcat.util.net.jss.JSSImplementation" + enableOCSP="false" + ocspResponderURL="http://[PKI_HOSTNAME]:9080/ca/ocsp" + ocspResponderCertNickname="ocspSigningCert cert-pki-ca" + ocspCacheSize="1000" + ocspMinCacheEntryDuration="60" + ocspMaxCacheEntryDuration="120" + ocspTimeout="10" + strictCiphers="false" + clientAuth="[PKI_AGENT_CLIENTAUTH]" + sslOptions="[TOMCAT_SSL_OPTIONS]" + ssl2Ciphers="[TOMCAT_SSL2_CIPHERS]" + ssl3Ciphers="[TOMCAT_SSL3_CIPHERS]" + tlsCiphers="[TOMCAT_TLS_CIPHERS]" + serverCertNickFile="[PKI_INSTANCE_PATH]/conf/serverCertNick.conf" + passwordFile="[PKI_INSTANCE_PATH]/conf/password.conf" + passwordClass="org.apache.tomcat.util.net.jss.PlainPasswordFile" + certdbDir="[PKI_INSTANCE_PATH]/alias" + /> + <!-- DO NOT REMOVE - End define PKI secure port --> + + <!-- Define an AJP 1.3 Connector on port [PKI_AJP_PORT] --> +[PKI_OPEN_AJP_PORT_COMMENT] + <Connector port="[PKI_AJP_PORT]" protocol="AJP/1.3" redirectPort="[PKI_AJP_REDIRECT_PORT]" address="127.0.0.1" /> +[PKI_CLOSE_AJP_PORT_COMMENT] + + + <!-- An Engine represents the entry point (within Catalina) that processes + every request. The Engine implementation for Tomcat stand alone + analyzes the HTTP headers included with the request, and passes them + on to the appropriate Host (virtual host). + Documentation at /docs/config/engine.html --> + + <!-- You should set jvmRoute to support load-balancing via AJP ie : + <Engine name="Catalina" defaultHost="localhost" jvmRoute="jvm1"> + --> + <Engine name="Catalina" defaultHost="localhost"> + + <!--For clustering, please take a look at documentation at: + /docs/cluster-howto.html (simple how to) + /docs/config/cluster.html (reference documentation) --> + <!-- + <Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster"/> + --> + + <!-- The request dumper valve dumps useful debugging information about + the request and response data received and sent by Tomcat. + Documentation at: /docs/config/valve.html --> + <!-- + <Valve className="org.apache.catalina.valves.RequestDumperValve"/> + --> + + <!-- This Realm uses the UserDatabase configured in the global JNDI + resources under the key "UserDatabase". Any edits + that are performed against this UserDatabase are immediately + available for use by the Realm. --> + + <!-- + <Realm className="org.apache.catalina.realm.UserDatabaseRealm" + resourceName="UserDatabase"/> + --> + + <!-- + <Realm className="com.netscape.cmscore.realm.PKIRealm" /> + --> + + <!-- Define the default virtual host + Note: XML Schema validation will not work with Xerces 2.2. + --> + <Host name="localhost" + appBase="[PKI_INSTANCE_PATH]/webapps" + unpackWARs="true" autoDeploy="false" + xmlValidation="false" xmlNamespaceAware="false"> + + <!-- + <Context path="/ca" + docBase="ca" + allowLinking="true"> + <Loader className="org.apache.catalina.loader.VirtualWebappLoader" + virtualClasspath="[PKI_INSTANCE_PATH]/ca/webapps/ca/WEB-INF/classes;[PKI_INSTANCE_PATH]/ca/webapps/ca/WEB-INF/lib" />" /> + <JarScanner scanAllDirectories="true" /> + </Context> + + <Context path="/kra" + docBase="kra" + allowLinking="true"> + <Loader className="org.apache.catalina.loader.VirtualWebappLoader" + virtualClasspath="[PKI_INSTANCE_PATH]/kra/webapps/kra/WEB-INF/classes;[PKI_INSTANCE_PATH]/kra/webapps/kra/WEB-INF/lib" /> + <JarScanner scanAllDirectories="true" /> + </Context> + + <Context path="/ocsp" + docBase="ocsp" + allowLinking="true"> + <Loader className="org.apache.catalina.loader.VirtualWebappLoader" + virtualClasspath="[PKI_INSTANCE_PATH]/ocsp/webapps/ocsp/WEB-INF/classes;[PKI_INSTANCE_PATH]/ocsp/webapps/ocsp/WEB-INF/lib" /> + <JarScanner scanAllDirectories="true" /> + </Context> + + <Context path="/tks" + docBase="tks" + allowLinking="true"> + <Loader className="org.apache.catalina.loader.VirtualWebappLoader" + virtualClasspath="[PKI_INSTANCE_PATH]/tks/webapps/tks/WEB-INF/classes;[PKI_INSTANCE_PATH]/tks/webapps/tks/WEB-INF/lib" /> + <JarScanner scanAllDirectories="true" /> + </Context> + --> + + <!-- SingleSignOn valve, share authentication between web applications + Documentation at: /docs/config/valve.html --> + <!-- + <Valve className="org.apache.catalina.authenticator.SingleSignOn" /> + --> + + <!-- Access log processes all example. + Documentation at: /docs/config/valve.html --> + <!-- + <Valve className="org.apache.catalina.valves.AccessLogValve" + directory="logs" prefix="localhost_access_log." suffix=".txt" + pattern="common" resolveHosts="false"/> + --> + + </Host> + </Engine> + </Service> +</Server> diff --git a/base/server/share/conf/serverCertNick.conf b/base/server/share/conf/serverCertNick.conf new file mode 100644 index 000000000..ae5153c52 --- /dev/null +++ b/base/server/share/conf/serverCertNick.conf @@ -0,0 +1 @@ +[PKI_SSL_SERVER_NICKNAME] diff --git a/base/server/share/conf/tomcat-users.xml b/base/server/share/conf/tomcat-users.xml new file mode 100644 index 000000000..f84711c0b --- /dev/null +++ b/base/server/share/conf/tomcat-users.xml @@ -0,0 +1,62 @@ +<?xml version='1.0' encoding='utf-8'?> +<!-- BEGIN COPYRIGHT BLOCK + Copyright (C) 2012 Red Hat, Inc. + All rights reserved. + Modifications: configuration parameters + END COPYRIGHT BLOCK +--> + +<!-- + Licensed to the Apache Software Foundation (ASF) under one or more + contributor license agreements. See the NOTICE file distributed with + this work for additional information regarding copyright ownership. + The ASF licenses this file to You under the Apache License, Version 2.0 + (the "License"); you may not use this file except in compliance with + the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +--> +<tomcat-users> +<!-- + NOTE: By default, no user is included in the "manager-gui" role required + to operate the "/manager/html" web application. If you wish to use this app, + you must define such a user - the username and password are arbitrary. +--> +<!-- + NOTE: The sample user and role entries below are wrapped in a comment + and thus are ignored when reading this file. Do not forget to remove + <!.. ..> that surrounds them. +--> +<!-- + <role rolename="tomcat"/> + <role rolename="role1"/> + <user username="tomcat" password="tomcat" roles="tomcat"/> + <user username="both" password="tomcat" roles="tomcat,role1"/> + <user username="role1" password="tomcat" roles="role1"/> +--> + + <role rolename="pkiuser"/> + <role rolename="tomcat"/> + <role rolename="manager"/> + <role rolename="admin"/> + + <user username="pkiuser" password="pkiuser" roles="pkiuser"/> + <user username="tomcat" password="tomcat" roles="tomcat"/> + <user username="admin" password="netscape" roles="admin,manager"/> + +<!-- <role rolename="admin"/> --> +<!-- <role rolename="admin-gui"/> --> +<!-- <role rolename="admin-script"/> --> +<!-- <role rolename="manager"/> --> +<!-- <role rolename="manager-gui"/> --> +<!-- <role rolename="manager-script"/> --> +<!-- <role rolename="manager-jmx"/> --> +<!-- <role rolename="manager-status"/> --> +<!-- <user name="admin" password="adminadmin" roles="admin,manager,admin-gui,admin-script,manager-gui,manager-script,manager-jmx,manager-status" /> --> +</tomcat-users> diff --git a/base/server/share/conf/tomcat.conf b/base/server/share/conf/tomcat.conf new file mode 100644 index 000000000..9457b0ce7 --- /dev/null +++ b/base/server/share/conf/tomcat.conf @@ -0,0 +1,66 @@ +# --- BEGIN COPYRIGHT BLOCK --- +# Copyright (C) 2012 Red Hat, Inc. +# All rights reserved. +# Modifications: configuration parameters +# --- END COPYRIGHT BLOCK --- + +# System-wide configuration file for tomcat services +# This will be sourced by tomcat and any secondary service +# Values will be overridden by service-specific configuration +# files in /etc/sysconfig +# +# Use this one to change default values for all services +# Change the service specific ones to affect only one service +# (see, for instance, /etc/sysconfig/tomcat) +# + +# Where your java installation lives +#JAVA_HOME="/usr/lib/jvm/jre" + +# Where your tomcat installation lives +CATALINA_BASE="[PKI_INSTANCE_PATH]" +#CATALINA_HOME="/usr/share/tomcat" +#JASPER_HOME="/usr/share/tomcat" +CATALINA_TMPDIR=[PKI_TMPDIR] + +# You can pass some parameters to java here if you wish to +#JAVA_OPTS="-Xminf0.1 -Xmaxf0.3" + +# Use JAVA_OPTS to set java.library.path for libtcnative.so +#JAVA_OPTS="-Djava.library.path=/usr/lib" + +# Enable the following JAVA_OPTS to run a java debugger (e. g. - 'eclipse') +#JAVA_OPTS="-Xdebug -Xrunjdwp:transport=dt_socket,address=8000,server=y,suspend=n -Djava.awt.headless=true -Xmx128M" + +# RESTEasy +JAVA_OPTS="$JAVA_OPTS -DRESTEASY_LIB=[PKI_RESTEASY_LIB]" + +# What user should run tomcat +TOMCAT_USER="[PKI_USER]" + +# You can change your tomcat locale here +#LANG="en_US" + +# Run tomcat under the Java Security Manager +SECURITY_MANAGER="[PKI_SECURITY_MANAGER]" + +# Time to wait in seconds, before killing process +#SHUTDOWN_WAIT="30" + +# Whether to annoy the user with "attempting to shut down" messages or not +#SHUTDOWN_VERBOSE="false" + +# Set the TOMCAT_PID location +CATALINA_PID="[TOMCAT_PIDFILE]" + +# Set the tomcat log file +TOMCAT_LOG="[TOMCAT_LOG_DIR]/tomcat-initd.log" + +# Connector port is 8080 for this tomcat instance +#CONNECTOR_PORT="8080" + +# If you wish to further customize your tomcat environment, +# put your own definitions here +# (i.e. LD_LIBRARY_PATH for some jdbc drivers) + +PKI_VERSION=[APPLICATION_VERSION] diff --git a/base/server/share/conf/web.xml b/base/server/share/conf/web.xml new file mode 100644 index 000000000..cc8383cbf --- /dev/null +++ b/base/server/share/conf/web.xml @@ -0,0 +1,4283 @@ +<?xml version="1.0" encoding="ISO-8859-1"?> +<!-- + Licensed to the Apache Software Foundation (ASF) under one or more + contributor license agreements. See the NOTICE file distributed with + this work for additional information regarding copyright ownership. + The ASF licenses this file to You under the Apache License, Version 2.0 + (the "License"); you may not use this file except in compliance with + the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +--> +<web-app xmlns="http://java.sun.com/xml/ns/javaee" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://java.sun.com/xml/ns/javaee + http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" + version="3.0"> + + <!-- ======================== Introduction ============================== --> + <!-- This document defines default values for *all* web applications --> + <!-- loaded into this instance of Tomcat. As each application is --> + <!-- deployed, this file is processed, followed by the --> + <!-- "/WEB-INF/web.xml" deployment descriptor from your own --> + <!-- applications. --> + <!-- --> + <!-- WARNING: Do not configure application-specific resources here! --> + <!-- They should go in the "/WEB-INF/web.xml" file in your application. --> + + + <!-- ================== Built In Servlet Definitions ==================== --> + + + <!-- The default servlet for all web applications, that serves static --> + <!-- resources. It processes all requests that are not mapped to other --> + <!-- servlets with servlet mappings (defined either here or in your own --> + <!-- web.xml file). This servlet supports the following initialization --> + <!-- parameters (default values are in square brackets): --> + <!-- --> + <!-- debug Debugging detail level for messages logged --> + <!-- by this servlet. [0] --> + <!-- --> + <!-- fileEncoding Encoding to be used to read static resources --> + <!-- [platform default] --> + <!-- --> + <!-- input Input buffer size (in bytes) when reading --> + <!-- resources to be served. [2048] --> + <!-- --> + <!-- listings Should directory listings be produced if there --> + <!-- is no welcome file in this directory? [false] --> + <!-- WARNING: Listings for directories with many --> + <!-- entries can be slow and may consume --> + <!-- significant proportions of server resources. --> + <!-- --> + <!-- output Output buffer size (in bytes) when writing --> + <!-- resources to be served. [2048] --> + <!-- --> + <!-- readonly Is this context "read only", so HTTP --> + <!-- commands like PUT and DELETE are --> + <!-- rejected? [true] --> + <!-- --> + <!-- readmeFile File to display together with the directory --> + <!-- contents. [null] --> + <!-- --> + <!-- sendfileSize If the connector used supports sendfile, this --> + <!-- represents the minimal file size in KB for --> + <!-- which sendfile will be used. Use a negative --> + <!-- value to always disable sendfile. [48] --> + <!-- --> + <!-- useAcceptRanges Should the Accept-Ranges header be included --> + <!-- in responses where appropriate? [true] --> + <!-- --> + <!-- For directory listing customization. Checks localXsltFile, then --> + <!-- globalXsltFile, then defaults to original behavior. --> + <!-- --> + <!-- localXsltFile Make directory listings an XML doc and --> + <!-- pass the result to this style sheet residing --> + <!-- in that directory. This overrides --> + <!-- contextXsltFile and globalXsltFile[null] --> + <!-- --> + <!-- contextXsltFile Make directory listings an XML doc and --> + <!-- pass the result to this style sheet which is --> + <!-- relative to the context root. This overrides --> + <!-- globalXsltFile[null] --> + <!-- --> + <!-- globalXsltFile Site wide configuration version of --> + <!-- localXsltFile This argument is expected --> + <!-- to be a physical file. [null] --> + <!-- --> + <!-- --> + + <servlet> + <servlet-name>default</servlet-name> + <servlet-class>org.apache.catalina.servlets.DefaultServlet</servlet-class> + <init-param> + <param-name>debug</param-name> + <param-value>0</param-value> + </init-param> + <init-param> + <param-name>listings</param-name> + <param-value>false</param-value> + </init-param> + <load-on-startup>1</load-on-startup> + </servlet> + + + <!-- The JSP page compiler and execution servlet, which is the mechanism --> + <!-- used by Tomcat to support JSP pages. Traditionally, this servlet --> + <!-- is mapped to the URL pattern "*.jsp". This servlet supports the --> + <!-- following initialization parameters (default values are in square --> + <!-- brackets): --> + <!-- --> + <!-- checkInterval If development is false and checkInterval is --> + <!-- greater than zero, background compilations are --> + <!-- enabled. checkInterval is the time in seconds --> + <!-- between checks to see if a JSP page (and its --> + <!-- dependent files) needs to be recompiled. [0] --> + <!-- --> + <!-- classdebuginfo Should the class file be compiled with --> + <!-- debugging information? [true] --> + <!-- --> + <!-- classpath What class path should I use while compiling --> + <!-- generated servlets? [Created dynamically --> + <!-- based on the current web application] --> + <!-- --> + <!-- compiler Which compiler Ant should use to compile JSP --> + <!-- pages. See the jasper documentation for more --> + <!-- information. --> + <!-- --> + <!-- compilerSourceVM Compiler source VM. [1.6] --> + <!-- --> + <!-- compilerTargetVM Compiler target VM. [1.6] --> + <!-- --> + <!-- development Is Jasper used in development mode? If true, --> + <!-- the frequency at which JSPs are checked for --> + <!-- modification may be specified via the --> + <!-- modificationTestInterval parameter. [true] --> + <!-- --> + <!-- displaySourceFragment --> + <!-- Should a source fragment be included in --> + <!-- exception messages? [true] --> + <!-- --> + <!-- dumpSmap Should the SMAP info for JSR45 debugging be --> + <!-- dumped to a file? [false] --> + <!-- False if suppressSmap is true --> + <!-- --> + <!-- enablePooling Determines whether tag handler pooling is --> + <!-- enabled. This is a compilation option. It will --> + <!-- not alter the behaviour of JSPs that have --> + <!-- already been compiled. [true] --> + <!-- --> + <!-- engineOptionsClass Allows specifying the Options class used to --> + <!-- configure Jasper. If not present, the default --> + <!-- EmbeddedServletOptions will be used. --> + <!-- --> + <!-- errorOnUseBeanInvalidClassAttribute --> + <!-- Should Jasper issue an error when the value of --> + <!-- the class attribute in an useBean action is --> + <!-- not a valid bean class? [true] --> + <!-- --> + <!-- fork Tell Ant to fork compiles of JSP pages so that --> + <!-- a separate JVM is used for JSP page compiles --> + <!-- from the one Tomcat is running in. [true] --> + <!-- --> + <!-- genStringAsCharArray --> + <!-- Should text strings be generated as char --> + <!-- arrays, to improve performance in some cases? --> + <!-- [false] --> + <!-- --> + <!-- ieClassId The class-id value to be sent to Internet --> + <!-- Explorer when using <jsp:plugin> tags. --> + <!-- [clsid:8AD9C840-044E-11D1-B3E9-00805F499D93] --> + <!-- --> + <!-- javaEncoding Java file encoding to use for generating java --> + <!-- source files. [UTF8] --> + <!-- --> + <!-- keepgenerated Should we keep the generated Java source code --> + <!-- for each page instead of deleting it? [true] --> + <!-- --> + <!-- mappedfile Should we generate static content with one --> + <!-- print statement per input line, to ease --> + <!-- debugging? [true] --> + <!-- --> + <!-- maxLoadedJsps The maximum number of JSPs that will be loaded --> + <!-- for a web application. If more than this --> + <!-- number of JSPs are loaded, the least recently --> + <!-- used JSPs will be unloaded so that the number --> + <!-- of JSPs loaded at any one time does not exceed --> + <!-- this limit. A value of zero or less indicates --> + <!-- no limit. [-1] --> + <!-- --> + <!-- jspIdleTimeout The amount of time in seconds a JSP can be --> + <!-- idle before it is unloaded. A value of zero --> + <!-- or less indicates never unload. [-1] --> + <!-- --> + <!-- modificationTestInterval --> + <!-- Causes a JSP (and its dependent files) to not --> + <!-- be checked for modification during the --> + <!-- specified time interval (in seconds) from the --> + <!-- last time the JSP was checked for --> + <!-- modification. A value of 0 will cause the JSP --> + <!-- to be checked on every access. --> + <!-- Used in development mode only. [4] --> + <!-- --> + <!-- recompileOnFail If a JSP compilation fails should the --> + <!-- modificationTestInterval be ignored and the --> + <!-- next access trigger a re-compilation attempt? --> + <!-- Used in development mode only and is disabled --> + <!-- by default as compilation may be expensive and --> + <!-- could lead to excessive resource usage. --> + <!-- [false] --> + <!-- --> + <!-- scratchdir What scratch directory should we use when --> + <!-- compiling JSP pages? [default work directory --> + <!-- for the current web application] --> + <!-- --> + <!-- suppressSmap Should the generation of SMAP info for JSR45 --> + <!-- debugging be suppressed? [false] --> + <!-- --> + <!-- trimSpaces Should white spaces in template text between --> + <!-- actions or directives be trimmed? [false] --> + <!-- --> + <!-- xpoweredBy Determines whether X-Powered-By response --> + <!-- header is added by generated servlet. [false] --> + + <servlet> + <servlet-name>jsp</servlet-name> + <servlet-class>org.apache.jasper.servlet.JspServlet</servlet-class> + <init-param> + <param-name>fork</param-name> + <param-value>false</param-value> + </init-param> + <init-param> + <param-name>xpoweredBy</param-name> + <param-value>false</param-value> + </init-param> + <load-on-startup>3</load-on-startup> + </servlet> + + + <!-- NOTE: An SSI Filter is also available as an alternative SSI --> + <!-- implementation. Use either the Servlet or the Filter but NOT both. --> + <!-- --> + <!-- Server Side Includes processing servlet, which processes SSI --> + <!-- directives in HTML pages consistent with similar support in web --> + <!-- servers like Apache. Traditionally, this servlet is mapped to the --> + <!-- URL pattern "*.shtml". This servlet supports the following --> + <!-- initialization parameters (default values are in square brackets): --> + <!-- --> + <!-- buffered Should output from this servlet be buffered? --> + <!-- (0=false, 1=true) [0] --> + <!-- --> + <!-- debug Debugging detail level for messages logged --> + <!-- by this servlet. [0] --> + <!-- --> + <!-- expires The number of seconds before a page with SSI --> + <!-- directives will expire. [No default] --> + <!-- --> + <!-- isVirtualWebappRelative --> + <!-- Should "virtual" paths be interpreted as --> + <!-- relative to the context root, instead of --> + <!-- the server root? (0=false, 1=true) [0] --> + <!-- --> + <!-- inputEncoding The encoding to assume for SSI resources if --> + <!-- one is not available from the resource. --> + <!-- [Platform default] --> + <!-- --> + <!-- outputEncoding The encoding to use for the page that results --> + <!-- from the SSI processing. [UTF-8] --> + <!-- --> + <!-- allowExec Is use of the exec command enabled? [false] --> + +<!-- + <servlet> + <servlet-name>ssi</servlet-name> + <servlet-class> + org.apache.catalina.ssi.SSIServlet + </servlet-class> + <init-param> + <param-name>buffered</param-name> + <param-value>1</param-value> + </init-param> + <init-param> + <param-name>debug</param-name> + <param-value>0</param-value> + </init-param> + <init-param> + <param-name>expires</param-name> + <param-value>666</param-value> + </init-param> + <init-param> + <param-name>isVirtualWebappRelative</param-name> + <param-value>0</param-value> + </init-param> + <load-on-startup>4</load-on-startup> + </servlet> +--> + + + <!-- Common Gateway Includes (CGI) processing servlet, which supports --> + <!-- execution of external applications that conform to the CGI spec --> + <!-- requirements. Typically, this servlet is mapped to the URL pattern --> + <!-- "/cgi-bin/*", which means that any CGI applications that are --> + <!-- executed must be present within the web application. This servlet --> + <!-- supports the following initialization parameters (default values --> + <!-- are in square brackets): --> + <!-- --> + <!-- cgiPathPrefix The CGI search path will start at --> + <!-- webAppRootDir + File.separator + this prefix. --> + <!-- [WEB-INF/cgi] --> + <!-- --> + <!-- debug Debugging detail level for messages logged --> + <!-- by this servlet. [0] --> + <!-- --> + <!-- executable Name of the executable used to run the --> + <!-- script. [perl] --> + <!-- --> + <!-- parameterEncoding Name of parameter encoding to be used with --> + <!-- CGI servlet. --> + <!-- [System.getProperty("file.encoding","UTF-8")] --> + <!-- --> + <!-- passShellEnvironment Should the shell environment variables (if --> + <!-- any) be passed to the CGI script? [false] --> + <!-- --> + <!-- stderrTimeout The time (in milliseconds) to wait for the --> + <!-- reading of stderr to complete before --> + <!-- terminating the CGI process. [2000] --> + +<!-- + <servlet> + <servlet-name>cgi</servlet-name> + <servlet-class>org.apache.catalina.servlets.CGIServlet</servlet-class> + <init-param> + <param-name>debug</param-name> + <param-value>0</param-value> + </init-param> + <init-param> + <param-name>cgiPathPrefix</param-name> + <param-value>WEB-INF/cgi</param-value> + </init-param> + <load-on-startup>5</load-on-startup> + </servlet> +--> + + + <!-- ================ Built In Servlet Mappings ========================= --> + + + <!-- The servlet mappings for the built in servlets defined above. Note --> + <!-- that, by default, the CGI and SSI servlets are *not* mapped. You --> + <!-- must uncomment these mappings (or add them to your application's own --> + <!-- web.xml deployment descriptor) to enable these services --> + + <!-- The mapping for the default servlet --> + <servlet-mapping> + <servlet-name>default</servlet-name> + <url-pattern>/</url-pattern> + </servlet-mapping> + + <!-- The mappings for the JSP servlet --> + <servlet-mapping> + <servlet-name>jsp</servlet-name> + <url-pattern>*.jsp</url-pattern> + <url-pattern>*.jspx</url-pattern> + </servlet-mapping> + + <!-- The mapping for the SSI servlet --> +<!-- + <servlet-mapping> + <servlet-name>ssi</servlet-name> + <url-pattern>*.shtml</url-pattern> + </servlet-mapping> +--> + + <!-- The mapping for the CGI Gateway servlet --> + +<!-- + <servlet-mapping> + <servlet-name>cgi</servlet-name> + <url-pattern>/cgi-bin/*</url-pattern> + </servlet-mapping> +--> + + + <!-- ================== Built In Filter Definitions ===================== --> + + <!-- A filter that sets character encoding that is used to decode --> + <!-- parameters in a POST request --> +<!-- + <filter> + <filter-name>setCharacterEncodingFilter</filter-name> + <filter-class>org.apache.catalina.filters.SetCharacterEncodingFilter</filter-class> + <init-param> + <param-name>encoding</param-name> + <param-value>UTF-8</param-value> + </init-param> + <async-supported>true</async-supported> + </filter> +--> + + <!-- A filter that triggers request parameters parsing and rejects the --> + <!-- request if some parameters were skipped because of parsing errors or --> + <!-- request size limitations. --> +<!-- + <filter> + <filter-name>failedRequestFilter</filter-name> + <filter-class> + org.apache.catalina.filters.FailedRequestFilter + </filter-class> + <async-supported>true</async-supported> + </filter> +--> + + + <!-- NOTE: An SSI Servlet is also available as an alternative SSI --> + <!-- implementation. Use either the Servlet or the Filter but NOT both. --> + <!-- --> + <!-- Server Side Includes processing filter, which processes SSI --> + <!-- directives in HTML pages consistent with similar support in web --> + <!-- servers like Apache. Traditionally, this filter is mapped to the --> + <!-- URL pattern "*.shtml", though it can be mapped to "*" as it will --> + <!-- selectively enable/disable SSI processing based on mime types. For --> + <!-- this to work you will need to uncomment the .shtml mime type --> + <!-- definition towards the bottom of this file. --> + <!-- The contentType init param allows you to apply SSI processing to JSP --> + <!-- pages, javascript, or any other content you wish. This filter --> + <!-- supports the following initialization parameters (default values are --> + <!-- in square brackets): --> + <!-- --> + <!-- contentType A regex pattern that must be matched before --> + <!-- SSI processing is applied. --> + <!-- [text/x-server-parsed-html(;.*)?] --> + <!-- --> + <!-- debug Debugging detail level for messages logged --> + <!-- by this servlet. [0] --> + <!-- --> + <!-- expires The number of seconds before a page with SSI --> + <!-- directives will expire. [No default] --> + <!-- --> + <!-- isVirtualWebappRelative --> + <!-- Should "virtual" paths be interpreted as --> + <!-- relative to the context root, instead of --> + <!-- the server root? (0=false, 1=true) [0] --> + <!-- --> + <!-- allowExec Is use of the exec command enabled? [false] --> + +<!-- + <filter> + <filter-name>ssi</filter-name> + <filter-class> + org.apache.catalina.ssi.SSIFilter + </filter-class> + <init-param> + <param-name>contentType</param-name> + <param-value>text/x-server-parsed-html(;.*)?</param-value> + </init-param> + <init-param> + <param-name>debug</param-name> + <param-value>0</param-value> + </init-param> + <init-param> + <param-name>expires</param-name> + <param-value>666</param-value> + </init-param> + <init-param> + <param-name>isVirtualWebappRelative</param-name> + <param-value>0</param-value> + </init-param> + </filter> +--> + + + <!-- ==================== Built In Filter Mappings ====================== --> + + <!-- The mapping for the Set Character Encoding Filter --> +<!-- + <filter-mapping> + <filter-name>setCharacterEncodingFilter</filter-name> + <url-pattern>/*</url-pattern> + </filter-mapping> +--> + + <!-- The mapping for the Failed Request Filter --> +<!-- + <filter-mapping> + <filter-name>failedRequestFilter</filter-name> + <url-pattern>/*</url-pattern> + </filter-mapping> +--> + + <!-- The mapping for the SSI Filter --> +<!-- + <filter-mapping> + <filter-name>ssi</filter-name> + <url-pattern>*.shtml</url-pattern> + </filter-mapping> +--> + + + <!-- ==================== Default Session Configuration ================= --> + <!-- You can set the default session timeout (in minutes) for all newly --> + <!-- created sessions by modifying the value below. --> + + <session-config> + <session-timeout>30</session-timeout> + </session-config> + + + <!-- ===================== Default MIME Type Mappings =================== --> + <!-- When serving static resources, Tomcat will automatically generate --> + <!-- a "Content-Type" header based on the resource's filename extension, --> + <!-- based on these mappings. Additional mappings can be added here (to --> + <!-- apply to all web applications), or in your own application's web.xml --> + <!-- deployment descriptor. --> + + <mime-mapping> + <extension>123</extension> + <mime-type>application/vnd.lotus-1-2-3</mime-type> + </mime-mapping> + <mime-mapping> + <extension>3dml</extension> + <mime-type>text/vnd.in3d.3dml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>3g2</extension> + <mime-type>video/3gpp2</mime-type> + </mime-mapping> + <mime-mapping> + <extension>3gp</extension> + <mime-type>video/3gpp</mime-type> + </mime-mapping> + <mime-mapping> + <extension>7z</extension> + <mime-type>application/x-7z-compressed</mime-type> + </mime-mapping> + <mime-mapping> + <extension>aab</extension> + <mime-type>application/x-authorware-bin</mime-type> + </mime-mapping> + <mime-mapping> + <extension>aac</extension> + <mime-type>audio/x-aac</mime-type> + </mime-mapping> + <mime-mapping> + <extension>aam</extension> + <mime-type>application/x-authorware-map</mime-type> + </mime-mapping> + <mime-mapping> + <extension>aas</extension> + <mime-type>application/x-authorware-seg</mime-type> + </mime-mapping> + <mime-mapping> + <extension>abs</extension> + <mime-type>audio/x-mpeg</mime-type> + </mime-mapping> + <mime-mapping> + <extension>abw</extension> + <mime-type>application/x-abiword</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ac</extension> + <mime-type>application/pkix-attr-cert</mime-type> + </mime-mapping> + <mime-mapping> + <extension>acc</extension> + <mime-type>application/vnd.americandynamics.acc</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ace</extension> + <mime-type>application/x-ace-compressed</mime-type> + </mime-mapping> + <mime-mapping> + <extension>acu</extension> + <mime-type>application/vnd.acucobol</mime-type> + </mime-mapping> + <mime-mapping> + <extension>acutc</extension> + <mime-type>application/vnd.acucorp</mime-type> + </mime-mapping> + <mime-mapping> + <extension>adp</extension> + <mime-type>audio/adpcm</mime-type> + </mime-mapping> + <mime-mapping> + <extension>aep</extension> + <mime-type>application/vnd.audiograph</mime-type> + </mime-mapping> + <mime-mapping> + <extension>afm</extension> + <mime-type>application/x-font-type1</mime-type> + </mime-mapping> + <mime-mapping> + <extension>afp</extension> + <mime-type>application/vnd.ibm.modcap</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ahead</extension> + <mime-type>application/vnd.ahead.space</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ai</extension> + <mime-type>application/postscript</mime-type> + </mime-mapping> + <mime-mapping> + <extension>aif</extension> + <mime-type>audio/x-aiff</mime-type> + </mime-mapping> + <mime-mapping> + <extension>aifc</extension> + <mime-type>audio/x-aiff</mime-type> + </mime-mapping> + <mime-mapping> + <extension>aiff</extension> + <mime-type>audio/x-aiff</mime-type> + </mime-mapping> + <mime-mapping> + <extension>aim</extension> + <mime-type>application/x-aim</mime-type> + </mime-mapping> + <mime-mapping> + <extension>air</extension> + <mime-type>application/vnd.adobe.air-application-installer-package+zip</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ait</extension> + <mime-type>application/vnd.dvb.ait</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ami</extension> + <mime-type>application/vnd.amiga.ami</mime-type> + </mime-mapping> + <mime-mapping> + <extension>anx</extension> + <mime-type>application/annodex</mime-type> + </mime-mapping> + <mime-mapping> + <extension>apk</extension> + <mime-type>application/vnd.android.package-archive</mime-type> + </mime-mapping> + <mime-mapping> + <extension>application</extension> + <mime-type>application/x-ms-application</mime-type> + </mime-mapping> + <mime-mapping> + <extension>apr</extension> + <mime-type>application/vnd.lotus-approach</mime-type> + </mime-mapping> + <mime-mapping> + <extension>art</extension> + <mime-type>image/x-jg</mime-type> + </mime-mapping> + <mime-mapping> + <extension>asc</extension> + <mime-type>application/pgp-signature</mime-type> + </mime-mapping> + <mime-mapping> + <extension>asf</extension> + <mime-type>video/x-ms-asf</mime-type> + </mime-mapping> + <mime-mapping> + <extension>asm</extension> + <mime-type>text/x-asm</mime-type> + </mime-mapping> + <mime-mapping> + <extension>aso</extension> + <mime-type>application/vnd.accpac.simply.aso</mime-type> + </mime-mapping> + <mime-mapping> + <extension>asx</extension> + <mime-type>video/x-ms-asf</mime-type> + </mime-mapping> + <mime-mapping> + <extension>atc</extension> + <mime-type>application/vnd.acucorp</mime-type> + </mime-mapping> + <mime-mapping> + <extension>atom</extension> + <mime-type>application/atom+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>atomcat</extension> + <mime-type>application/atomcat+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>atomsvc</extension> + <mime-type>application/atomsvc+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>atx</extension> + <mime-type>application/vnd.antix.game-component</mime-type> + </mime-mapping> + <mime-mapping> + <extension>au</extension> + <mime-type>audio/basic</mime-type> + </mime-mapping> + <mime-mapping> + <extension>avi</extension> + <mime-type>video/x-msvideo</mime-type> + </mime-mapping> + <mime-mapping> + <extension>avx</extension> + <mime-type>video/x-rad-screenplay</mime-type> + </mime-mapping> + <mime-mapping> + <extension>aw</extension> + <mime-type>application/applixware</mime-type> + </mime-mapping> + <mime-mapping> + <extension>axa</extension> + <mime-type>audio/annodex</mime-type> + </mime-mapping> + <mime-mapping> + <extension>axv</extension> + <mime-type>video/annodex</mime-type> + </mime-mapping> + <mime-mapping> + <extension>azf</extension> + <mime-type>application/vnd.airzip.filesecure.azf</mime-type> + </mime-mapping> + <mime-mapping> + <extension>azs</extension> + <mime-type>application/vnd.airzip.filesecure.azs</mime-type> + </mime-mapping> + <mime-mapping> + <extension>azw</extension> + <mime-type>application/vnd.amazon.ebook</mime-type> + </mime-mapping> + <mime-mapping> + <extension>bat</extension> + <mime-type>application/x-msdownload</mime-type> + </mime-mapping> + <mime-mapping> + <extension>bcpio</extension> + <mime-type>application/x-bcpio</mime-type> + </mime-mapping> + <mime-mapping> + <extension>bdf</extension> + <mime-type>application/x-font-bdf</mime-type> + </mime-mapping> + <mime-mapping> + <extension>bdm</extension> + <mime-type>application/vnd.syncml.dm+wbxml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>bed</extension> + <mime-type>application/vnd.realvnc.bed</mime-type> + </mime-mapping> + <mime-mapping> + <extension>bh2</extension> + <mime-type>application/vnd.fujitsu.oasysprs</mime-type> + </mime-mapping> + <mime-mapping> + <extension>bin</extension> + <mime-type>application/octet-stream</mime-type> + </mime-mapping> + <mime-mapping> + <extension>bmi</extension> + <mime-type>application/vnd.bmi</mime-type> + </mime-mapping> + <mime-mapping> + <extension>bmp</extension> + <mime-type>image/bmp</mime-type> + </mime-mapping> + <mime-mapping> + <extension>body</extension> + <mime-type>text/html</mime-type> + </mime-mapping> + <mime-mapping> + <extension>book</extension> + <mime-type>application/vnd.framemaker</mime-type> + </mime-mapping> + <mime-mapping> + <extension>box</extension> + <mime-type>application/vnd.previewsystems.box</mime-type> + </mime-mapping> + <mime-mapping> + <extension>boz</extension> + <mime-type>application/x-bzip2</mime-type> + </mime-mapping> + <mime-mapping> + <extension>bpk</extension> + <mime-type>application/octet-stream</mime-type> + </mime-mapping> + <mime-mapping> + <extension>btif</extension> + <mime-type>image/prs.btif</mime-type> + </mime-mapping> + <mime-mapping> + <extension>bz</extension> + <mime-type>application/x-bzip</mime-type> + </mime-mapping> + <mime-mapping> + <extension>bz2</extension> + <mime-type>application/x-bzip2</mime-type> + </mime-mapping> + <mime-mapping> + <extension>c</extension> + <mime-type>text/x-c</mime-type> + </mime-mapping> + <mime-mapping> + <extension>c11amc</extension> + <mime-type>application/vnd.cluetrust.cartomobile-config</mime-type> + </mime-mapping> + <mime-mapping> + <extension>c11amz</extension> + <mime-type>application/vnd.cluetrust.cartomobile-config-pkg</mime-type> + </mime-mapping> + <mime-mapping> + <extension>c4d</extension> + <mime-type>application/vnd.clonk.c4group</mime-type> + </mime-mapping> + <mime-mapping> + <extension>c4f</extension> + <mime-type>application/vnd.clonk.c4group</mime-type> + </mime-mapping> + <mime-mapping> + <extension>c4g</extension> + <mime-type>application/vnd.clonk.c4group</mime-type> + </mime-mapping> + <mime-mapping> + <extension>c4p</extension> + <mime-type>application/vnd.clonk.c4group</mime-type> + </mime-mapping> + <mime-mapping> + <extension>c4u</extension> + <mime-type>application/vnd.clonk.c4group</mime-type> + </mime-mapping> + <mime-mapping> + <extension>cab</extension> + <mime-type>application/vnd.ms-cab-compressed</mime-type> + </mime-mapping> + <mime-mapping> + <extension>cap</extension> + <mime-type>application/vnd.tcpdump.pcap</mime-type> + </mime-mapping> + <mime-mapping> + <extension>car</extension> + <mime-type>application/vnd.curl.car</mime-type> + </mime-mapping> + <mime-mapping> + <extension>cat</extension> + <mime-type>application/vnd.ms-pki.seccat</mime-type> + </mime-mapping> + <mime-mapping> + <extension>cc</extension> + <mime-type>text/x-c</mime-type> + </mime-mapping> + <mime-mapping> + <extension>cct</extension> + <mime-type>application/x-director</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ccxml</extension> + <mime-type>application/ccxml+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>cdbcmsg</extension> + <mime-type>application/vnd.contact.cmsg</mime-type> + </mime-mapping> + <mime-mapping> + <extension>cdf</extension> + <mime-type>application/x-cdf</mime-type> + </mime-mapping> + <mime-mapping> + <extension>cdkey</extension> + <mime-type>application/vnd.mediastation.cdkey</mime-type> + </mime-mapping> + <mime-mapping> + <extension>cdmia</extension> + <mime-type>application/cdmi-capability</mime-type> + </mime-mapping> + <mime-mapping> + <extension>cdmic</extension> + <mime-type>application/cdmi-container</mime-type> + </mime-mapping> + <mime-mapping> + <extension>cdmid</extension> + <mime-type>application/cdmi-domain</mime-type> + </mime-mapping> + <mime-mapping> + <extension>cdmio</extension> + <mime-type>application/cdmi-object</mime-type> + </mime-mapping> + <mime-mapping> + <extension>cdmiq</extension> + <mime-type>application/cdmi-queue</mime-type> + </mime-mapping> + <mime-mapping> + <extension>cdx</extension> + <mime-type>chemical/x-cdx</mime-type> + </mime-mapping> + <mime-mapping> + <extension>cdxml</extension> + <mime-type>application/vnd.chemdraw+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>cdy</extension> + <mime-type>application/vnd.cinderella</mime-type> + </mime-mapping> + <mime-mapping> + <extension>cer</extension> + <mime-type>application/pkix-cert</mime-type> + </mime-mapping> + <mime-mapping> + <extension>cgm</extension> + <mime-type>image/cgm</mime-type> + </mime-mapping> + <mime-mapping> + <extension>chat</extension> + <mime-type>application/x-chat</mime-type> + </mime-mapping> + <mime-mapping> + <extension>chm</extension> + <mime-type>application/vnd.ms-htmlhelp</mime-type> + </mime-mapping> + <mime-mapping> + <extension>chrt</extension> + <mime-type>application/vnd.kde.kchart</mime-type> + </mime-mapping> + <mime-mapping> + <extension>cif</extension> + <mime-type>chemical/x-cif</mime-type> + </mime-mapping> + <mime-mapping> + <extension>cii</extension> + <mime-type>application/vnd.anser-web-certificate-issue-initiation</mime-type> + </mime-mapping> + <mime-mapping> + <extension>cil</extension> + <mime-type>application/vnd.ms-artgalry</mime-type> + </mime-mapping> + <mime-mapping> + <extension>cla</extension> + <mime-type>application/vnd.claymore</mime-type> + </mime-mapping> + <mime-mapping> + <extension>class</extension> + <mime-type>application/java</mime-type> + </mime-mapping> + <mime-mapping> + <extension>clkk</extension> + <mime-type>application/vnd.crick.clicker.keyboard</mime-type> + </mime-mapping> + <mime-mapping> + <extension>clkp</extension> + <mime-type>application/vnd.crick.clicker.palette</mime-type> + </mime-mapping> + <mime-mapping> + <extension>clkt</extension> + <mime-type>application/vnd.crick.clicker.template</mime-type> + </mime-mapping> + <mime-mapping> + <extension>clkw</extension> + <mime-type>application/vnd.crick.clicker.wordbank</mime-type> + </mime-mapping> + <mime-mapping> + <extension>clkx</extension> + <mime-type>application/vnd.crick.clicker</mime-type> + </mime-mapping> + <mime-mapping> + <extension>clp</extension> + <mime-type>application/x-msclip</mime-type> + </mime-mapping> + <mime-mapping> + <extension>cmc</extension> + <mime-type>application/vnd.cosmocaller</mime-type> + </mime-mapping> + <mime-mapping> + <extension>cmdf</extension> + <mime-type>chemical/x-cmdf</mime-type> + </mime-mapping> + <mime-mapping> + <extension>cml</extension> + <mime-type>chemical/x-cml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>cmp</extension> + <mime-type>application/vnd.yellowriver-custom-menu</mime-type> + </mime-mapping> + <mime-mapping> + <extension>cmx</extension> + <mime-type>image/x-cmx</mime-type> + </mime-mapping> + <mime-mapping> + <extension>cod</extension> + <mime-type>application/vnd.rim.cod</mime-type> + </mime-mapping> + <mime-mapping> + <extension>com</extension> + <mime-type>application/x-msdownload</mime-type> + </mime-mapping> + <mime-mapping> + <extension>conf</extension> + <mime-type>text/plain</mime-type> + </mime-mapping> + <mime-mapping> + <extension>cpio</extension> + <mime-type>application/x-cpio</mime-type> + </mime-mapping> + <mime-mapping> + <extension>cpp</extension> + <mime-type>text/x-c</mime-type> + </mime-mapping> + <mime-mapping> + <extension>cpt</extension> + <mime-type>application/mac-compactpro</mime-type> + </mime-mapping> + <mime-mapping> + <extension>crd</extension> + <mime-type>application/x-mscardfile</mime-type> + </mime-mapping> + <mime-mapping> + <extension>crl</extension> + <mime-type>application/pkix-crl</mime-type> + </mime-mapping> + <mime-mapping> + <extension>crt</extension> + <mime-type>application/x-x509-ca-cert</mime-type> + </mime-mapping> + <mime-mapping> + <extension>cryptonote</extension> + <mime-type>application/vnd.rig.cryptonote</mime-type> + </mime-mapping> + <mime-mapping> + <extension>csh</extension> + <mime-type>application/x-csh</mime-type> + </mime-mapping> + <mime-mapping> + <extension>csml</extension> + <mime-type>chemical/x-csml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>csp</extension> + <mime-type>application/vnd.commonspace</mime-type> + </mime-mapping> + <mime-mapping> + <extension>css</extension> + <mime-type>text/css</mime-type> + </mime-mapping> + <mime-mapping> + <extension>cst</extension> + <mime-type>application/x-director</mime-type> + </mime-mapping> + <mime-mapping> + <extension>csv</extension> + <mime-type>text/csv</mime-type> + </mime-mapping> + <mime-mapping> + <extension>cu</extension> + <mime-type>application/cu-seeme</mime-type> + </mime-mapping> + <mime-mapping> + <extension>curl</extension> + <mime-type>text/vnd.curl</mime-type> + </mime-mapping> + <mime-mapping> + <extension>cww</extension> + <mime-type>application/prs.cww</mime-type> + </mime-mapping> + <mime-mapping> + <extension>cxt</extension> + <mime-type>application/x-director</mime-type> + </mime-mapping> + <mime-mapping> + <extension>cxx</extension> + <mime-type>text/x-c</mime-type> + </mime-mapping> + <mime-mapping> + <extension>dae</extension> + <mime-type>model/vnd.collada+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>daf</extension> + <mime-type>application/vnd.mobius.daf</mime-type> + </mime-mapping> + <mime-mapping> + <extension>dataless</extension> + <mime-type>application/vnd.fdsn.seed</mime-type> + </mime-mapping> + <mime-mapping> + <extension>davmount</extension> + <mime-type>application/davmount+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>dcr</extension> + <mime-type>application/x-director</mime-type> + </mime-mapping> + <mime-mapping> + <extension>dcurl</extension> + <mime-type>text/vnd.curl.dcurl</mime-type> + </mime-mapping> + <mime-mapping> + <extension>dd2</extension> + <mime-type>application/vnd.oma.dd2+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ddd</extension> + <mime-type>application/vnd.fujixerox.ddd</mime-type> + </mime-mapping> + <mime-mapping> + <extension>deb</extension> + <mime-type>application/x-debian-package</mime-type> + </mime-mapping> + <mime-mapping> + <extension>def</extension> + <mime-type>text/plain</mime-type> + </mime-mapping> + <mime-mapping> + <extension>deploy</extension> + <mime-type>application/octet-stream</mime-type> + </mime-mapping> + <mime-mapping> + <extension>der</extension> + <mime-type>application/x-x509-ca-cert</mime-type> + </mime-mapping> + <mime-mapping> + <extension>dfac</extension> + <mime-type>application/vnd.dreamfactory</mime-type> + </mime-mapping> + <mime-mapping> + <extension>dib</extension> + <mime-type>image/bmp</mime-type> + </mime-mapping> + <mime-mapping> + <extension>dic</extension> + <mime-type>text/x-c</mime-type> + </mime-mapping> + <mime-mapping> + <extension>dir</extension> + <mime-type>application/x-director</mime-type> + </mime-mapping> + <mime-mapping> + <extension>dis</extension> + <mime-type>application/vnd.mobius.dis</mime-type> + </mime-mapping> + <mime-mapping> + <extension>dist</extension> + <mime-type>application/octet-stream</mime-type> + </mime-mapping> + <mime-mapping> + <extension>distz</extension> + <mime-type>application/octet-stream</mime-type> + </mime-mapping> + <mime-mapping> + <extension>djv</extension> + <mime-type>image/vnd.djvu</mime-type> + </mime-mapping> + <mime-mapping> + <extension>djvu</extension> + <mime-type>image/vnd.djvu</mime-type> + </mime-mapping> + <mime-mapping> + <extension>dll</extension> + <mime-type>application/x-msdownload</mime-type> + </mime-mapping> + <mime-mapping> + <extension>dmg</extension> + <mime-type>application/octet-stream</mime-type> + </mime-mapping> + <mime-mapping> + <extension>dmp</extension> + <mime-type>application/vnd.tcpdump.pcap</mime-type> + </mime-mapping> + <mime-mapping> + <extension>dms</extension> + <mime-type>application/octet-stream</mime-type> + </mime-mapping> + <mime-mapping> + <extension>dna</extension> + <mime-type>application/vnd.dna</mime-type> + </mime-mapping> + <mime-mapping> + <extension>doc</extension> + <mime-type>application/msword</mime-type> + </mime-mapping> + <mime-mapping> + <extension>docm</extension> + <mime-type>application/vnd.ms-word.document.macroenabled.12</mime-type> + </mime-mapping> + <mime-mapping> + <extension>docx</extension> + <mime-type>application/vnd.openxmlformats-officedocument.wordprocessingml.document</mime-type> + </mime-mapping> + <mime-mapping> + <extension>dot</extension> + <mime-type>application/msword</mime-type> + </mime-mapping> + <mime-mapping> + <extension>dotm</extension> + <mime-type>application/vnd.ms-word.template.macroenabled.12</mime-type> + </mime-mapping> + <mime-mapping> + <extension>dotx</extension> + <mime-type>application/vnd.openxmlformats-officedocument.wordprocessingml.template</mime-type> + </mime-mapping> + <mime-mapping> + <extension>dp</extension> + <mime-type>application/vnd.osgi.dp</mime-type> + </mime-mapping> + <mime-mapping> + <extension>dpg</extension> + <mime-type>application/vnd.dpgraph</mime-type> + </mime-mapping> + <mime-mapping> + <extension>dra</extension> + <mime-type>audio/vnd.dra</mime-type> + </mime-mapping> + <mime-mapping> + <extension>dsc</extension> + <mime-type>text/prs.lines.tag</mime-type> + </mime-mapping> + <mime-mapping> + <extension>dssc</extension> + <mime-type>application/dssc+der</mime-type> + </mime-mapping> + <mime-mapping> + <extension>dtb</extension> + <mime-type>application/x-dtbook+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>dtd</extension> + <mime-type>application/xml-dtd</mime-type> + </mime-mapping> + <mime-mapping> + <extension>dts</extension> + <mime-type>audio/vnd.dts</mime-type> + </mime-mapping> + <mime-mapping> + <extension>dtshd</extension> + <mime-type>audio/vnd.dts.hd</mime-type> + </mime-mapping> + <mime-mapping> + <extension>dump</extension> + <mime-type>application/octet-stream</mime-type> + </mime-mapping> + <mime-mapping> + <extension>dv</extension> + <mime-type>video/x-dv</mime-type> + </mime-mapping> + <mime-mapping> + <extension>dvb</extension> + <mime-type>video/vnd.dvb.file</mime-type> + </mime-mapping> + <mime-mapping> + <extension>dvi</extension> + <mime-type>application/x-dvi</mime-type> + </mime-mapping> + <mime-mapping> + <extension>dwf</extension> + <mime-type>model/vnd.dwf</mime-type> + </mime-mapping> + <mime-mapping> + <extension>dwg</extension> + <mime-type>image/vnd.dwg</mime-type> + </mime-mapping> + <mime-mapping> + <extension>dxf</extension> + <mime-type>image/vnd.dxf</mime-type> + </mime-mapping> + <mime-mapping> + <extension>dxp</extension> + <mime-type>application/vnd.spotfire.dxp</mime-type> + </mime-mapping> + <mime-mapping> + <extension>dxr</extension> + <mime-type>application/x-director</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ecelp4800</extension> + <mime-type>audio/vnd.nuera.ecelp4800</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ecelp7470</extension> + <mime-type>audio/vnd.nuera.ecelp7470</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ecelp9600</extension> + <mime-type>audio/vnd.nuera.ecelp9600</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ecma</extension> + <mime-type>application/ecmascript</mime-type> + </mime-mapping> + <mime-mapping> + <extension>edm</extension> + <mime-type>application/vnd.novadigm.edm</mime-type> + </mime-mapping> + <mime-mapping> + <extension>edx</extension> + <mime-type>application/vnd.novadigm.edx</mime-type> + </mime-mapping> + <mime-mapping> + <extension>efif</extension> + <mime-type>application/vnd.picsel</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ei6</extension> + <mime-type>application/vnd.pg.osasli</mime-type> + </mime-mapping> + <mime-mapping> + <extension>elc</extension> + <mime-type>application/octet-stream</mime-type> + </mime-mapping> + <mime-mapping> + <extension>eml</extension> + <mime-type>message/rfc822</mime-type> + </mime-mapping> + <mime-mapping> + <extension>emma</extension> + <mime-type>application/emma+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>eol</extension> + <mime-type>audio/vnd.digital-winds</mime-type> + </mime-mapping> + <mime-mapping> + <extension>eot</extension> + <mime-type>application/vnd.ms-fontobject</mime-type> + </mime-mapping> + <mime-mapping> + <extension>eps</extension> + <mime-type>application/postscript</mime-type> + </mime-mapping> + <mime-mapping> + <extension>epub</extension> + <mime-type>application/epub+zip</mime-type> + </mime-mapping> + <mime-mapping> + <extension>es3</extension> + <mime-type>application/vnd.eszigno3+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>esf</extension> + <mime-type>application/vnd.epson.esf</mime-type> + </mime-mapping> + <mime-mapping> + <extension>et3</extension> + <mime-type>application/vnd.eszigno3+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>etx</extension> + <mime-type>text/x-setext</mime-type> + </mime-mapping> + <mime-mapping> + <extension>exe</extension> + <mime-type>application/octet-stream</mime-type> + </mime-mapping> + <mime-mapping> + <extension>exi</extension> + <mime-type>application/exi</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ext</extension> + <mime-type>application/vnd.novadigm.ext</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ez</extension> + <mime-type>application/andrew-inset</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ez2</extension> + <mime-type>application/vnd.ezpix-album</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ez3</extension> + <mime-type>application/vnd.ezpix-package</mime-type> + </mime-mapping> + <mime-mapping> + <extension>f</extension> + <mime-type>text/x-fortran</mime-type> + </mime-mapping> + <mime-mapping> + <extension>f4v</extension> + <mime-type>video/x-f4v</mime-type> + </mime-mapping> + <mime-mapping> + <extension>f77</extension> + <mime-type>text/x-fortran</mime-type> + </mime-mapping> + <mime-mapping> + <extension>f90</extension> + <mime-type>text/x-fortran</mime-type> + </mime-mapping> + <mime-mapping> + <extension>fbs</extension> + <mime-type>image/vnd.fastbidsheet</mime-type> + </mime-mapping> + <mime-mapping> + <extension>fcs</extension> + <mime-type>application/vnd.isac.fcs</mime-type> + </mime-mapping> + <mime-mapping> + <extension>fdf</extension> + <mime-type>application/vnd.fdf</mime-type> + </mime-mapping> + <mime-mapping> + <extension>fe_launch</extension> + <mime-type>application/vnd.denovo.fcselayout-link</mime-type> + </mime-mapping> + <mime-mapping> + <extension>fg5</extension> + <mime-type>application/vnd.fujitsu.oasysgp</mime-type> + </mime-mapping> + <mime-mapping> + <extension>fgd</extension> + <mime-type>application/x-director</mime-type> + </mime-mapping> + <mime-mapping> + <extension>fh</extension> + <mime-type>image/x-freehand</mime-type> + </mime-mapping> + <mime-mapping> + <extension>fh4</extension> + <mime-type>image/x-freehand</mime-type> + </mime-mapping> + <mime-mapping> + <extension>fh5</extension> + <mime-type>image/x-freehand</mime-type> + </mime-mapping> + <mime-mapping> + <extension>fh7</extension> + <mime-type>image/x-freehand</mime-type> + </mime-mapping> + <mime-mapping> + <extension>fhc</extension> + <mime-type>image/x-freehand</mime-type> + </mime-mapping> + <mime-mapping> + <extension>fig</extension> + <mime-type>application/x-xfig</mime-type> + </mime-mapping> + <mime-mapping> + <extension>flac</extension> + <mime-type>audio/flac</mime-type> + </mime-mapping> + <mime-mapping> + <extension>fli</extension> + <mime-type>video/x-fli</mime-type> + </mime-mapping> + <mime-mapping> + <extension>flo</extension> + <mime-type>application/vnd.micrografx.flo</mime-type> + </mime-mapping> + <mime-mapping> + <extension>flv</extension> + <mime-type>video/x-flv</mime-type> + </mime-mapping> + <mime-mapping> + <extension>flw</extension> + <mime-type>application/vnd.kde.kivio</mime-type> + </mime-mapping> + <mime-mapping> + <extension>flx</extension> + <mime-type>text/vnd.fmi.flexstor</mime-type> + </mime-mapping> + <mime-mapping> + <extension>fly</extension> + <mime-type>text/vnd.fly</mime-type> + </mime-mapping> + <mime-mapping> + <extension>fm</extension> + <mime-type>application/vnd.framemaker</mime-type> + </mime-mapping> + <mime-mapping> + <extension>fnc</extension> + <mime-type>application/vnd.frogans.fnc</mime-type> + </mime-mapping> + <mime-mapping> + <extension>for</extension> + <mime-type>text/x-fortran</mime-type> + </mime-mapping> + <mime-mapping> + <extension>fpx</extension> + <mime-type>image/vnd.fpx</mime-type> + </mime-mapping> + <mime-mapping> + <extension>frame</extension> + <mime-type>application/vnd.framemaker</mime-type> + </mime-mapping> + <mime-mapping> + <extension>fsc</extension> + <mime-type>application/vnd.fsc.weblaunch</mime-type> + </mime-mapping> + <mime-mapping> + <extension>fst</extension> + <mime-type>image/vnd.fst</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ftc</extension> + <mime-type>application/vnd.fluxtime.clip</mime-type> + </mime-mapping> + <mime-mapping> + <extension>fti</extension> + <mime-type>application/vnd.anser-web-funds-transfer-initiation</mime-type> + </mime-mapping> + <mime-mapping> + <extension>fvt</extension> + <mime-type>video/vnd.fvt</mime-type> + </mime-mapping> + <mime-mapping> + <extension>fxp</extension> + <mime-type>application/vnd.adobe.fxp</mime-type> + </mime-mapping> + <mime-mapping> + <extension>fxpl</extension> + <mime-type>application/vnd.adobe.fxp</mime-type> + </mime-mapping> + <mime-mapping> + <extension>fzs</extension> + <mime-type>application/vnd.fuzzysheet</mime-type> + </mime-mapping> + <mime-mapping> + <extension>g2w</extension> + <mime-type>application/vnd.geoplan</mime-type> + </mime-mapping> + <mime-mapping> + <extension>g3</extension> + <mime-type>image/g3fax</mime-type> + </mime-mapping> + <mime-mapping> + <extension>g3w</extension> + <mime-type>application/vnd.geospace</mime-type> + </mime-mapping> + <mime-mapping> + <extension>gac</extension> + <mime-type>application/vnd.groove-account</mime-type> + </mime-mapping> + <mime-mapping> + <extension>gbr</extension> + <mime-type>application/rpki-ghostbusters</mime-type> + </mime-mapping> + <mime-mapping> + <extension>gdl</extension> + <mime-type>model/vnd.gdl</mime-type> + </mime-mapping> + <mime-mapping> + <extension>geo</extension> + <mime-type>application/vnd.dynageo</mime-type> + </mime-mapping> + <mime-mapping> + <extension>gex</extension> + <mime-type>application/vnd.geometry-explorer</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ggb</extension> + <mime-type>application/vnd.geogebra.file</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ggt</extension> + <mime-type>application/vnd.geogebra.tool</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ghf</extension> + <mime-type>application/vnd.groove-help</mime-type> + </mime-mapping> + <mime-mapping> + <extension>gif</extension> + <mime-type>image/gif</mime-type> + </mime-mapping> + <mime-mapping> + <extension>gim</extension> + <mime-type>application/vnd.groove-identity-message</mime-type> + </mime-mapping> + <mime-mapping> + <extension>gmx</extension> + <mime-type>application/vnd.gmx</mime-type> + </mime-mapping> + <mime-mapping> + <extension>gnumeric</extension> + <mime-type>application/x-gnumeric</mime-type> + </mime-mapping> + <mime-mapping> + <extension>gph</extension> + <mime-type>application/vnd.flographit</mime-type> + </mime-mapping> + <mime-mapping> + <extension>gqf</extension> + <mime-type>application/vnd.grafeq</mime-type> + </mime-mapping> + <mime-mapping> + <extension>gqs</extension> + <mime-type>application/vnd.grafeq</mime-type> + </mime-mapping> + <mime-mapping> + <extension>gram</extension> + <mime-type>application/srgs</mime-type> + </mime-mapping> + <mime-mapping> + <extension>gre</extension> + <mime-type>application/vnd.geometry-explorer</mime-type> + </mime-mapping> + <mime-mapping> + <extension>grv</extension> + <mime-type>application/vnd.groove-injector</mime-type> + </mime-mapping> + <mime-mapping> + <extension>grxml</extension> + <mime-type>application/srgs+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>gsf</extension> + <mime-type>application/x-font-ghostscript</mime-type> + </mime-mapping> + <mime-mapping> + <extension>gtar</extension> + <mime-type>application/x-gtar</mime-type> + </mime-mapping> + <mime-mapping> + <extension>gtm</extension> + <mime-type>application/vnd.groove-tool-message</mime-type> + </mime-mapping> + <mime-mapping> + <extension>gtw</extension> + <mime-type>model/vnd.gtw</mime-type> + </mime-mapping> + <mime-mapping> + <extension>gv</extension> + <mime-type>text/vnd.graphviz</mime-type> + </mime-mapping> + <mime-mapping> + <extension>gxt</extension> + <mime-type>application/vnd.geonext</mime-type> + </mime-mapping> + <mime-mapping> + <extension>gz</extension> + <mime-type>application/x-gzip</mime-type> + </mime-mapping> + <mime-mapping> + <extension>h</extension> + <mime-type>text/x-c</mime-type> + </mime-mapping> + <mime-mapping> + <extension>h261</extension> + <mime-type>video/h261</mime-type> + </mime-mapping> + <mime-mapping> + <extension>h263</extension> + <mime-type>video/h263</mime-type> + </mime-mapping> + <mime-mapping> + <extension>h264</extension> + <mime-type>video/h264</mime-type> + </mime-mapping> + <mime-mapping> + <extension>hal</extension> + <mime-type>application/vnd.hal+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>hbci</extension> + <mime-type>application/vnd.hbci</mime-type> + </mime-mapping> + <mime-mapping> + <extension>hdf</extension> + <mime-type>application/x-hdf</mime-type> + </mime-mapping> + <mime-mapping> + <extension>hh</extension> + <mime-type>text/x-c</mime-type> + </mime-mapping> + <mime-mapping> + <extension>hlp</extension> + <mime-type>application/winhlp</mime-type> + </mime-mapping> + <mime-mapping> + <extension>hpgl</extension> + <mime-type>application/vnd.hp-hpgl</mime-type> + </mime-mapping> + <mime-mapping> + <extension>hpid</extension> + <mime-type>application/vnd.hp-hpid</mime-type> + </mime-mapping> + <mime-mapping> + <extension>hps</extension> + <mime-type>application/vnd.hp-hps</mime-type> + </mime-mapping> + <mime-mapping> + <extension>hqx</extension> + <mime-type>application/mac-binhex40</mime-type> + </mime-mapping> + <mime-mapping> + <extension>htc</extension> + <mime-type>text/x-component</mime-type> + </mime-mapping> + <mime-mapping> + <extension>htke</extension> + <mime-type>application/vnd.kenameaapp</mime-type> + </mime-mapping> + <mime-mapping> + <extension>htm</extension> + <mime-type>text/html</mime-type> + </mime-mapping> + <mime-mapping> + <extension>html</extension> + <mime-type>text/html</mime-type> + </mime-mapping> + <mime-mapping> + <extension>hvd</extension> + <mime-type>application/vnd.yamaha.hv-dic</mime-type> + </mime-mapping> + <mime-mapping> + <extension>hvp</extension> + <mime-type>application/vnd.yamaha.hv-voice</mime-type> + </mime-mapping> + <mime-mapping> + <extension>hvs</extension> + <mime-type>application/vnd.yamaha.hv-script</mime-type> + </mime-mapping> + <mime-mapping> + <extension>i2g</extension> + <mime-type>application/vnd.intergeo</mime-type> + </mime-mapping> + <mime-mapping> + <extension>icc</extension> + <mime-type>application/vnd.iccprofile</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ice</extension> + <mime-type>x-conference/x-cooltalk</mime-type> + </mime-mapping> + <mime-mapping> + <extension>icm</extension> + <mime-type>application/vnd.iccprofile</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ico</extension> + <mime-type>image/x-icon</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ics</extension> + <mime-type>text/calendar</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ief</extension> + <mime-type>image/ief</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ifb</extension> + <mime-type>text/calendar</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ifm</extension> + <mime-type>application/vnd.shana.informed.formdata</mime-type> + </mime-mapping> + <mime-mapping> + <extension>iges</extension> + <mime-type>model/iges</mime-type> + </mime-mapping> + <mime-mapping> + <extension>igl</extension> + <mime-type>application/vnd.igloader</mime-type> + </mime-mapping> + <mime-mapping> + <extension>igm</extension> + <mime-type>application/vnd.insors.igm</mime-type> + </mime-mapping> + <mime-mapping> + <extension>igs</extension> + <mime-type>model/iges</mime-type> + </mime-mapping> + <mime-mapping> + <extension>igx</extension> + <mime-type>application/vnd.micrografx.igx</mime-type> + </mime-mapping> + <mime-mapping> + <extension>iif</extension> + <mime-type>application/vnd.shana.informed.interchange</mime-type> + </mime-mapping> + <mime-mapping> + <extension>imp</extension> + <mime-type>application/vnd.accpac.simply.imp</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ims</extension> + <mime-type>application/vnd.ms-ims</mime-type> + </mime-mapping> + <mime-mapping> + <extension>in</extension> + <mime-type>text/plain</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ink</extension> + <mime-type>application/inkml+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>inkml</extension> + <mime-type>application/inkml+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>iota</extension> + <mime-type>application/vnd.astraea-software.iota</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ipfix</extension> + <mime-type>application/ipfix</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ipk</extension> + <mime-type>application/vnd.shana.informed.package</mime-type> + </mime-mapping> + <mime-mapping> + <extension>irm</extension> + <mime-type>application/vnd.ibm.rights-management</mime-type> + </mime-mapping> + <mime-mapping> + <extension>irp</extension> + <mime-type>application/vnd.irepository.package+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>iso</extension> + <mime-type>application/octet-stream</mime-type> + </mime-mapping> + <mime-mapping> + <extension>itp</extension> + <mime-type>application/vnd.shana.informed.formtemplate</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ivp</extension> + <mime-type>application/vnd.immervision-ivp</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ivu</extension> + <mime-type>application/vnd.immervision-ivu</mime-type> + </mime-mapping> + <mime-mapping> + <extension>jad</extension> + <mime-type>text/vnd.sun.j2me.app-descriptor</mime-type> + </mime-mapping> + <mime-mapping> + <extension>jam</extension> + <mime-type>application/vnd.jam</mime-type> + </mime-mapping> + <mime-mapping> + <extension>jar</extension> + <mime-type>application/java-archive</mime-type> + </mime-mapping> + <mime-mapping> + <extension>java</extension> + <mime-type>text/x-java-source</mime-type> + </mime-mapping> + <mime-mapping> + <extension>jisp</extension> + <mime-type>application/vnd.jisp</mime-type> + </mime-mapping> + <mime-mapping> + <extension>jlt</extension> + <mime-type>application/vnd.hp-jlyt</mime-type> + </mime-mapping> + <mime-mapping> + <extension>jnlp</extension> + <mime-type>application/x-java-jnlp-file</mime-type> + </mime-mapping> + <mime-mapping> + <extension>joda</extension> + <mime-type>application/vnd.joost.joda-archive</mime-type> + </mime-mapping> + <mime-mapping> + <extension>jpe</extension> + <mime-type>image/jpeg</mime-type> + </mime-mapping> + <mime-mapping> + <extension>jpeg</extension> + <mime-type>image/jpeg</mime-type> + </mime-mapping> + <mime-mapping> + <extension>jpg</extension> + <mime-type>image/jpeg</mime-type> + </mime-mapping> + <mime-mapping> + <extension>jpgm</extension> + <mime-type>video/jpm</mime-type> + </mime-mapping> + <mime-mapping> + <extension>jpgv</extension> + <mime-type>video/jpeg</mime-type> + </mime-mapping> + <mime-mapping> + <extension>jpm</extension> + <mime-type>video/jpm</mime-type> + </mime-mapping> + <mime-mapping> + <extension>js</extension> + <mime-type>application/javascript</mime-type> + </mime-mapping> + <mime-mapping> + <extension>jsf</extension> + <mime-type>text/plain</mime-type> + </mime-mapping> + <mime-mapping> + <extension>json</extension> + <mime-type>application/json</mime-type> + </mime-mapping> + <mime-mapping> + <extension>jspf</extension> + <mime-type>text/plain</mime-type> + </mime-mapping> + <mime-mapping> + <extension>kar</extension> + <mime-type>audio/midi</mime-type> + </mime-mapping> + <mime-mapping> + <extension>karbon</extension> + <mime-type>application/vnd.kde.karbon</mime-type> + </mime-mapping> + <mime-mapping> + <extension>kfo</extension> + <mime-type>application/vnd.kde.kformula</mime-type> + </mime-mapping> + <mime-mapping> + <extension>kia</extension> + <mime-type>application/vnd.kidspiration</mime-type> + </mime-mapping> + <mime-mapping> + <extension>kml</extension> + <mime-type>application/vnd.google-earth.kml+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>kmz</extension> + <mime-type>application/vnd.google-earth.kmz</mime-type> + </mime-mapping> + <mime-mapping> + <extension>kne</extension> + <mime-type>application/vnd.kinar</mime-type> + </mime-mapping> + <mime-mapping> + <extension>knp</extension> + <mime-type>application/vnd.kinar</mime-type> + </mime-mapping> + <mime-mapping> + <extension>kon</extension> + <mime-type>application/vnd.kde.kontour</mime-type> + </mime-mapping> + <mime-mapping> + <extension>kpr</extension> + <mime-type>application/vnd.kde.kpresenter</mime-type> + </mime-mapping> + <mime-mapping> + <extension>kpt</extension> + <mime-type>application/vnd.kde.kpresenter</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ksp</extension> + <mime-type>application/vnd.kde.kspread</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ktr</extension> + <mime-type>application/vnd.kahootz</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ktx</extension> + <mime-type>image/ktx</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ktz</extension> + <mime-type>application/vnd.kahootz</mime-type> + </mime-mapping> + <mime-mapping> + <extension>kwd</extension> + <mime-type>application/vnd.kde.kword</mime-type> + </mime-mapping> + <mime-mapping> + <extension>kwt</extension> + <mime-type>application/vnd.kde.kword</mime-type> + </mime-mapping> + <mime-mapping> + <extension>lasxml</extension> + <mime-type>application/vnd.las.las+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>latex</extension> + <mime-type>application/x-latex</mime-type> + </mime-mapping> + <mime-mapping> + <extension>lbd</extension> + <mime-type>application/vnd.llamagraphics.life-balance.desktop</mime-type> + </mime-mapping> + <mime-mapping> + <extension>lbe</extension> + <mime-type>application/vnd.llamagraphics.life-balance.exchange+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>les</extension> + <mime-type>application/vnd.hhe.lesson-player</mime-type> + </mime-mapping> + <mime-mapping> + <extension>lha</extension> + <mime-type>application/octet-stream</mime-type> + </mime-mapping> + <mime-mapping> + <extension>link66</extension> + <mime-type>application/vnd.route66.link66+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>list</extension> + <mime-type>text/plain</mime-type> + </mime-mapping> + <mime-mapping> + <extension>list3820</extension> + <mime-type>application/vnd.ibm.modcap</mime-type> + </mime-mapping> + <mime-mapping> + <extension>listafp</extension> + <mime-type>application/vnd.ibm.modcap</mime-type> + </mime-mapping> + <mime-mapping> + <extension>log</extension> + <mime-type>text/plain</mime-type> + </mime-mapping> + <mime-mapping> + <extension>lostxml</extension> + <mime-type>application/lost+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>lrf</extension> + <mime-type>application/octet-stream</mime-type> + </mime-mapping> + <mime-mapping> + <extension>lrm</extension> + <mime-type>application/vnd.ms-lrm</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ltf</extension> + <mime-type>application/vnd.frogans.ltf</mime-type> + </mime-mapping> + <mime-mapping> + <extension>lvp</extension> + <mime-type>audio/vnd.lucent.voice</mime-type> + </mime-mapping> + <mime-mapping> + <extension>lwp</extension> + <mime-type>application/vnd.lotus-wordpro</mime-type> + </mime-mapping> + <mime-mapping> + <extension>lzh</extension> + <mime-type>application/octet-stream</mime-type> + </mime-mapping> + <mime-mapping> + <extension>m13</extension> + <mime-type>application/x-msmediaview</mime-type> + </mime-mapping> + <mime-mapping> + <extension>m14</extension> + <mime-type>application/x-msmediaview</mime-type> + </mime-mapping> + <mime-mapping> + <extension>m1v</extension> + <mime-type>video/mpeg</mime-type> + </mime-mapping> + <mime-mapping> + <extension>m21</extension> + <mime-type>application/mp21</mime-type> + </mime-mapping> + <mime-mapping> + <extension>m2a</extension> + <mime-type>audio/mpeg</mime-type> + </mime-mapping> + <mime-mapping> + <extension>m2v</extension> + <mime-type>video/mpeg</mime-type> + </mime-mapping> + <mime-mapping> + <extension>m3a</extension> + <mime-type>audio/mpeg</mime-type> + </mime-mapping> + <mime-mapping> + <extension>m3u</extension> + <mime-type>audio/x-mpegurl</mime-type> + </mime-mapping> + <mime-mapping> + <extension>m3u8</extension> + <mime-type>application/vnd.apple.mpegurl</mime-type> + </mime-mapping> + <mime-mapping> + <extension>m4a</extension> + <mime-type>audio/mp4</mime-type> + </mime-mapping> + <mime-mapping> + <extension>m4b</extension> + <mime-type>audio/mp4</mime-type> + </mime-mapping> + <mime-mapping> + <extension>m4r</extension> + <mime-type>audio/mp4</mime-type> + </mime-mapping> + <mime-mapping> + <extension>m4u</extension> + <mime-type>video/vnd.mpegurl</mime-type> + </mime-mapping> + <mime-mapping> + <extension>m4v</extension> + <mime-type>video/mp4</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ma</extension> + <mime-type>application/mathematica</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mac</extension> + <mime-type>image/x-macpaint</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mads</extension> + <mime-type>application/mads+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mag</extension> + <mime-type>application/vnd.ecowin.chart</mime-type> + </mime-mapping> + <mime-mapping> + <extension>maker</extension> + <mime-type>application/vnd.framemaker</mime-type> + </mime-mapping> + <mime-mapping> + <extension>man</extension> + <mime-type>text/troff</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mathml</extension> + <mime-type>application/mathml+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mb</extension> + <mime-type>application/mathematica</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mbk</extension> + <mime-type>application/vnd.mobius.mbk</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mbox</extension> + <mime-type>application/mbox</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mc1</extension> + <mime-type>application/vnd.medcalcdata</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mcd</extension> + <mime-type>application/vnd.mcd</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mcurl</extension> + <mime-type>text/vnd.curl.mcurl</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mdb</extension> + <mime-type>application/x-msaccess</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mdi</extension> + <mime-type>image/vnd.ms-modi</mime-type> + </mime-mapping> + <mime-mapping> + <extension>me</extension> + <mime-type>text/troff</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mesh</extension> + <mime-type>model/mesh</mime-type> + </mime-mapping> + <mime-mapping> + <extension>meta4</extension> + <mime-type>application/metalink4+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mets</extension> + <mime-type>application/mets+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mfm</extension> + <mime-type>application/vnd.mfmp</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mft</extension> + <mime-type>application/rpki-manifest</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mgp</extension> + <mime-type>application/vnd.osgeo.mapguide.package</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mgz</extension> + <mime-type>application/vnd.proteus.magazine</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mid</extension> + <mime-type>audio/midi</mime-type> + </mime-mapping> + <mime-mapping> + <extension>midi</extension> + <mime-type>audio/midi</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mif</extension> + <mime-type>application/x-mif</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mime</extension> + <mime-type>message/rfc822</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mj2</extension> + <mime-type>video/mj2</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mjp2</extension> + <mime-type>video/mj2</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mlp</extension> + <mime-type>application/vnd.dolby.mlp</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mmd</extension> + <mime-type>application/vnd.chipnuts.karaoke-mmd</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mmf</extension> + <mime-type>application/vnd.smaf</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mmr</extension> + <mime-type>image/vnd.fujixerox.edmics-mmr</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mny</extension> + <mime-type>application/x-msmoney</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mobi</extension> + <mime-type>application/x-mobipocket-ebook</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mods</extension> + <mime-type>application/mods+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mov</extension> + <mime-type>video/quicktime</mime-type> + </mime-mapping> + <mime-mapping> + <extension>movie</extension> + <mime-type>video/x-sgi-movie</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mp1</extension> + <mime-type>audio/mpeg</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mp2</extension> + <mime-type>audio/mpeg</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mp21</extension> + <mime-type>application/mp21</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mp2a</extension> + <mime-type>audio/mpeg</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mp3</extension> + <mime-type>audio/mpeg</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mp4</extension> + <mime-type>video/mp4</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mp4a</extension> + <mime-type>audio/mp4</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mp4s</extension> + <mime-type>application/mp4</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mp4v</extension> + <mime-type>video/mp4</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mpa</extension> + <mime-type>audio/mpeg</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mpc</extension> + <mime-type>application/vnd.mophun.certificate</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mpe</extension> + <mime-type>video/mpeg</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mpeg</extension> + <mime-type>video/mpeg</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mpega</extension> + <mime-type>audio/x-mpeg</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mpg</extension> + <mime-type>video/mpeg</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mpg4</extension> + <mime-type>video/mp4</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mpga</extension> + <mime-type>audio/mpeg</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mpkg</extension> + <mime-type>application/vnd.apple.installer+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mpm</extension> + <mime-type>application/vnd.blueice.multipass</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mpn</extension> + <mime-type>application/vnd.mophun.application</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mpp</extension> + <mime-type>application/vnd.ms-project</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mpt</extension> + <mime-type>application/vnd.ms-project</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mpv2</extension> + <mime-type>video/mpeg2</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mpy</extension> + <mime-type>application/vnd.ibm.minipay</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mqy</extension> + <mime-type>application/vnd.mobius.mqy</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mrc</extension> + <mime-type>application/marc</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mrcx</extension> + <mime-type>application/marcxml+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ms</extension> + <mime-type>text/troff</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mscml</extension> + <mime-type>application/mediaservercontrol+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mseed</extension> + <mime-type>application/vnd.fdsn.mseed</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mseq</extension> + <mime-type>application/vnd.mseq</mime-type> + </mime-mapping> + <mime-mapping> + <extension>msf</extension> + <mime-type>application/vnd.epson.msf</mime-type> + </mime-mapping> + <mime-mapping> + <extension>msh</extension> + <mime-type>model/mesh</mime-type> + </mime-mapping> + <mime-mapping> + <extension>msi</extension> + <mime-type>application/x-msdownload</mime-type> + </mime-mapping> + <mime-mapping> + <extension>msl</extension> + <mime-type>application/vnd.mobius.msl</mime-type> + </mime-mapping> + <mime-mapping> + <extension>msty</extension> + <mime-type>application/vnd.muvee.style</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mts</extension> + <mime-type>model/vnd.mts</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mus</extension> + <mime-type>application/vnd.musician</mime-type> + </mime-mapping> + <mime-mapping> + <extension>musicxml</extension> + <mime-type>application/vnd.recordare.musicxml+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mvb</extension> + <mime-type>application/x-msmediaview</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mwf</extension> + <mime-type>application/vnd.mfer</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mxf</extension> + <mime-type>application/mxf</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mxl</extension> + <mime-type>application/vnd.recordare.musicxml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mxml</extension> + <mime-type>application/xv+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mxs</extension> + <mime-type>application/vnd.triscape.mxs</mime-type> + </mime-mapping> + <mime-mapping> + <extension>mxu</extension> + <mime-type>video/vnd.mpegurl</mime-type> + </mime-mapping> + <mime-mapping> + <extension>n-gage</extension> + <mime-type>application/vnd.nokia.n-gage.symbian.install</mime-type> + </mime-mapping> + <mime-mapping> + <extension>n3</extension> + <mime-type>text/n3</mime-type> + </mime-mapping> + <mime-mapping> + <extension>nb</extension> + <mime-type>application/mathematica</mime-type> + </mime-mapping> + <mime-mapping> + <extension>nbp</extension> + <mime-type>application/vnd.wolfram.player</mime-type> + </mime-mapping> + <mime-mapping> + <extension>nc</extension> + <mime-type>application/x-netcdf</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ncx</extension> + <mime-type>application/x-dtbncx+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ngdat</extension> + <mime-type>application/vnd.nokia.n-gage.data</mime-type> + </mime-mapping> + <mime-mapping> + <extension>nlu</extension> + <mime-type>application/vnd.neurolanguage.nlu</mime-type> + </mime-mapping> + <mime-mapping> + <extension>nml</extension> + <mime-type>application/vnd.enliven</mime-type> + </mime-mapping> + <mime-mapping> + <extension>nnd</extension> + <mime-type>application/vnd.noblenet-directory</mime-type> + </mime-mapping> + <mime-mapping> + <extension>nns</extension> + <mime-type>application/vnd.noblenet-sealer</mime-type> + </mime-mapping> + <mime-mapping> + <extension>nnw</extension> + <mime-type>application/vnd.noblenet-web</mime-type> + </mime-mapping> + <mime-mapping> + <extension>npx</extension> + <mime-type>image/vnd.net-fpx</mime-type> + </mime-mapping> + <mime-mapping> + <extension>nsf</extension> + <mime-type>application/vnd.lotus-notes</mime-type> + </mime-mapping> + <mime-mapping> + <extension>oa2</extension> + <mime-type>application/vnd.fujitsu.oasys2</mime-type> + </mime-mapping> + <mime-mapping> + <extension>oa3</extension> + <mime-type>application/vnd.fujitsu.oasys3</mime-type> + </mime-mapping> + <mime-mapping> + <extension>oas</extension> + <mime-type>application/vnd.fujitsu.oasys</mime-type> + </mime-mapping> + <mime-mapping> + <extension>obd</extension> + <mime-type>application/x-msbinder</mime-type> + </mime-mapping> + <mime-mapping> + <extension>oda</extension> + <mime-type>application/oda</mime-type> + </mime-mapping> + <mime-mapping> + <!-- OpenDocument Database --> + <extension>odb</extension> + <mime-type>application/vnd.oasis.opendocument.database</mime-type> + </mime-mapping> + <mime-mapping> + <!-- OpenDocument Chart --> + <extension>odc</extension> + <mime-type>application/vnd.oasis.opendocument.chart</mime-type> + </mime-mapping> + <mime-mapping> + <!-- OpenDocument Formula --> + <extension>odf</extension> + <mime-type>application/vnd.oasis.opendocument.formula</mime-type> + </mime-mapping> + <mime-mapping> + <extension>odft</extension> + <mime-type>application/vnd.oasis.opendocument.formula-template</mime-type> + </mime-mapping> + <mime-mapping> + <!-- OpenDocument Drawing --> + <extension>odg</extension> + <mime-type>application/vnd.oasis.opendocument.graphics</mime-type> + </mime-mapping> + <mime-mapping> + <!-- OpenDocument Image --> + <extension>odi</extension> + <mime-type>application/vnd.oasis.opendocument.image</mime-type> + </mime-mapping> + <mime-mapping> + <!-- OpenDocument Master Document --> + <extension>odm</extension> + <mime-type>application/vnd.oasis.opendocument.text-master</mime-type> + </mime-mapping> + <mime-mapping> + <!-- OpenDocument Presentation --> + <extension>odp</extension> + <mime-type>application/vnd.oasis.opendocument.presentation</mime-type> + </mime-mapping> + <mime-mapping> + <!-- OpenDocument Spreadsheet --> + <extension>ods</extension> + <mime-type>application/vnd.oasis.opendocument.spreadsheet</mime-type> + </mime-mapping> + <mime-mapping> + <!-- OpenDocument Text --> + <extension>odt</extension> + <mime-type>application/vnd.oasis.opendocument.text</mime-type> + </mime-mapping> + <mime-mapping> + <extension>oga</extension> + <mime-type>audio/ogg</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ogg</extension> + <mime-type>audio/ogg</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ogv</extension> + <mime-type>video/ogg</mime-type> + </mime-mapping> + <mime-mapping> + <!-- xiph mime types --> + <extension>ogx</extension> + <mime-type>application/ogg</mime-type> + </mime-mapping> + <mime-mapping> + <extension>onepkg</extension> + <mime-type>application/onenote</mime-type> + </mime-mapping> + <mime-mapping> + <extension>onetmp</extension> + <mime-type>application/onenote</mime-type> + </mime-mapping> + <mime-mapping> + <extension>onetoc</extension> + <mime-type>application/onenote</mime-type> + </mime-mapping> + <mime-mapping> + <extension>onetoc2</extension> + <mime-type>application/onenote</mime-type> + </mime-mapping> + <mime-mapping> + <extension>opf</extension> + <mime-type>application/oebps-package+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>oprc</extension> + <mime-type>application/vnd.palm</mime-type> + </mime-mapping> + <mime-mapping> + <extension>org</extension> + <mime-type>application/vnd.lotus-organizer</mime-type> + </mime-mapping> + <mime-mapping> + <extension>osf</extension> + <mime-type>application/vnd.yamaha.openscoreformat</mime-type> + </mime-mapping> + <mime-mapping> + <extension>osfpvg</extension> + <mime-type>application/vnd.yamaha.openscoreformat.osfpvg+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>otc</extension> + <mime-type>application/vnd.oasis.opendocument.chart-template</mime-type> + </mime-mapping> + <mime-mapping> + <extension>otf</extension> + <mime-type>application/x-font-otf</mime-type> + </mime-mapping> + <mime-mapping> + <!-- OpenDocument Drawing Template --> + <extension>otg</extension> + <mime-type>application/vnd.oasis.opendocument.graphics-template</mime-type> + </mime-mapping> + <mime-mapping> + <!-- HTML Document Template --> + <extension>oth</extension> + <mime-type>application/vnd.oasis.opendocument.text-web</mime-type> + </mime-mapping> + <mime-mapping> + <extension>oti</extension> + <mime-type>application/vnd.oasis.opendocument.image-template</mime-type> + </mime-mapping> + <mime-mapping> + <!-- OpenDocument Presentation Template --> + <extension>otp</extension> + <mime-type>application/vnd.oasis.opendocument.presentation-template</mime-type> + </mime-mapping> + <mime-mapping> + <!-- OpenDocument Spreadsheet Template --> + <extension>ots</extension> + <mime-type>application/vnd.oasis.opendocument.spreadsheet-template</mime-type> + </mime-mapping> + <mime-mapping> + <!-- OpenDocument Text Template --> + <extension>ott</extension> + <mime-type>application/vnd.oasis.opendocument.text-template</mime-type> + </mime-mapping> + <mime-mapping> + <extension>oxps</extension> + <mime-type>application/oxps</mime-type> + </mime-mapping> + <mime-mapping> + <extension>oxt</extension> + <mime-type>application/vnd.openofficeorg.extension</mime-type> + </mime-mapping> + <mime-mapping> + <extension>p</extension> + <mime-type>text/x-pascal</mime-type> + </mime-mapping> + <mime-mapping> + <extension>p10</extension> + <mime-type>application/pkcs10</mime-type> + </mime-mapping> + <mime-mapping> + <extension>p12</extension> + <mime-type>application/x-pkcs12</mime-type> + </mime-mapping> + <mime-mapping> + <extension>p7b</extension> + <mime-type>application/x-pkcs7-certificates</mime-type> + </mime-mapping> + <mime-mapping> + <extension>p7c</extension> + <mime-type>application/pkcs7-mime</mime-type> + </mime-mapping> + <mime-mapping> + <extension>p7m</extension> + <mime-type>application/pkcs7-mime</mime-type> + </mime-mapping> + <mime-mapping> + <extension>p7r</extension> + <mime-type>application/x-pkcs7-certreqresp</mime-type> + </mime-mapping> + <mime-mapping> + <extension>p7s</extension> + <mime-type>application/pkcs7-signature</mime-type> + </mime-mapping> + <mime-mapping> + <extension>p8</extension> + <mime-type>application/pkcs8</mime-type> + </mime-mapping> + <mime-mapping> + <extension>pas</extension> + <mime-type>text/x-pascal</mime-type> + </mime-mapping> + <mime-mapping> + <extension>paw</extension> + <mime-type>application/vnd.pawaafile</mime-type> + </mime-mapping> + <mime-mapping> + <extension>pbd</extension> + <mime-type>application/vnd.powerbuilder6</mime-type> + </mime-mapping> + <mime-mapping> + <extension>pbm</extension> + <mime-type>image/x-portable-bitmap</mime-type> + </mime-mapping> + <mime-mapping> + <extension>pcap</extension> + <mime-type>application/vnd.tcpdump.pcap</mime-type> + </mime-mapping> + <mime-mapping> + <extension>pcf</extension> + <mime-type>application/x-font-pcf</mime-type> + </mime-mapping> + <mime-mapping> + <extension>pcl</extension> + <mime-type>application/vnd.hp-pcl</mime-type> + </mime-mapping> + <mime-mapping> + <extension>pclxl</extension> + <mime-type>application/vnd.hp-pclxl</mime-type> + </mime-mapping> + <mime-mapping> + <extension>pct</extension> + <mime-type>image/pict</mime-type> + </mime-mapping> + <mime-mapping> + <extension>pcurl</extension> + <mime-type>application/vnd.curl.pcurl</mime-type> + </mime-mapping> + <mime-mapping> + <extension>pcx</extension> + <mime-type>image/x-pcx</mime-type> + </mime-mapping> + <mime-mapping> + <extension>pdb</extension> + <mime-type>application/vnd.palm</mime-type> + </mime-mapping> + <mime-mapping> + <extension>pdf</extension> + <mime-type>application/pdf</mime-type> + </mime-mapping> + <mime-mapping> + <extension>pfa</extension> + <mime-type>application/x-font-type1</mime-type> + </mime-mapping> + <mime-mapping> + <extension>pfb</extension> + <mime-type>application/x-font-type1</mime-type> + </mime-mapping> + <mime-mapping> + <extension>pfm</extension> + <mime-type>application/x-font-type1</mime-type> + </mime-mapping> + <mime-mapping> + <extension>pfr</extension> + <mime-type>application/font-tdpfr</mime-type> + </mime-mapping> + <mime-mapping> + <extension>pfx</extension> + <mime-type>application/x-pkcs12</mime-type> + </mime-mapping> + <mime-mapping> + <extension>pgm</extension> + <mime-type>image/x-portable-graymap</mime-type> + </mime-mapping> + <mime-mapping> + <extension>pgn</extension> + <mime-type>application/x-chess-pgn</mime-type> + </mime-mapping> + <mime-mapping> + <extension>pgp</extension> + <mime-type>application/pgp-encrypted</mime-type> + </mime-mapping> + <mime-mapping> + <extension>pic</extension> + <mime-type>image/pict</mime-type> + </mime-mapping> + <mime-mapping> + <extension>pict</extension> + <mime-type>image/pict</mime-type> + </mime-mapping> + <mime-mapping> + <extension>pkg</extension> + <mime-type>application/octet-stream</mime-type> + </mime-mapping> + <mime-mapping> + <extension>pki</extension> + <mime-type>application/pkixcmp</mime-type> + </mime-mapping> + <mime-mapping> + <extension>pkipath</extension> + <mime-type>application/pkix-pkipath</mime-type> + </mime-mapping> + <mime-mapping> + <extension>plb</extension> + <mime-type>application/vnd.3gpp.pic-bw-large</mime-type> + </mime-mapping> + <mime-mapping> + <extension>plc</extension> + <mime-type>application/vnd.mobius.plc</mime-type> + </mime-mapping> + <mime-mapping> + <extension>plf</extension> + <mime-type>application/vnd.pocketlearn</mime-type> + </mime-mapping> + <mime-mapping> + <extension>pls</extension> + <mime-type>audio/x-scpls</mime-type> + </mime-mapping> + <mime-mapping> + <extension>pml</extension> + <mime-type>application/vnd.ctc-posml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>png</extension> + <mime-type>image/png</mime-type> + </mime-mapping> + <mime-mapping> + <extension>pnm</extension> + <mime-type>image/x-portable-anymap</mime-type> + </mime-mapping> + <mime-mapping> + <extension>pnt</extension> + <mime-type>image/x-macpaint</mime-type> + </mime-mapping> + <mime-mapping> + <extension>portpkg</extension> + <mime-type>application/vnd.macports.portpkg</mime-type> + </mime-mapping> + <mime-mapping> + <extension>pot</extension> + <mime-type>application/vnd.ms-powerpoint</mime-type> + </mime-mapping> + <mime-mapping> + <extension>potm</extension> + <mime-type>application/vnd.ms-powerpoint.template.macroenabled.12</mime-type> + </mime-mapping> + <mime-mapping> + <extension>potx</extension> + <mime-type>application/vnd.openxmlformats-officedocument.presentationml.template</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ppam</extension> + <mime-type>application/vnd.ms-powerpoint.addin.macroenabled.12</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ppd</extension> + <mime-type>application/vnd.cups-ppd</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ppm</extension> + <mime-type>image/x-portable-pixmap</mime-type> + </mime-mapping> + <mime-mapping> + <extension>pps</extension> + <mime-type>application/vnd.ms-powerpoint</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ppsm</extension> + <mime-type>application/vnd.ms-powerpoint.slideshow.macroenabled.12</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ppsx</extension> + <mime-type>application/vnd.openxmlformats-officedocument.presentationml.slideshow</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ppt</extension> + <mime-type>application/vnd.ms-powerpoint</mime-type> + </mime-mapping> + <mime-mapping> + <extension>pptm</extension> + <mime-type>application/vnd.ms-powerpoint.presentation.macroenabled.12</mime-type> + </mime-mapping> + <mime-mapping> + <extension>pptx</extension> + <mime-type>application/vnd.openxmlformats-officedocument.presentationml.presentation</mime-type> + </mime-mapping> + <mime-mapping> + <extension>pqa</extension> + <mime-type>application/vnd.palm</mime-type> + </mime-mapping> + <mime-mapping> + <extension>prc</extension> + <mime-type>application/x-mobipocket-ebook</mime-type> + </mime-mapping> + <mime-mapping> + <extension>pre</extension> + <mime-type>application/vnd.lotus-freelance</mime-type> + </mime-mapping> + <mime-mapping> + <extension>prf</extension> + <mime-type>application/pics-rules</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ps</extension> + <mime-type>application/postscript</mime-type> + </mime-mapping> + <mime-mapping> + <extension>psb</extension> + <mime-type>application/vnd.3gpp.pic-bw-small</mime-type> + </mime-mapping> + <mime-mapping> + <extension>psd</extension> + <mime-type>image/vnd.adobe.photoshop</mime-type> + </mime-mapping> + <mime-mapping> + <extension>psf</extension> + <mime-type>application/x-font-linux-psf</mime-type> + </mime-mapping> + <mime-mapping> + <extension>pskcxml</extension> + <mime-type>application/pskc+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ptid</extension> + <mime-type>application/vnd.pvi.ptid1</mime-type> + </mime-mapping> + <mime-mapping> + <extension>pub</extension> + <mime-type>application/x-mspublisher</mime-type> + </mime-mapping> + <mime-mapping> + <extension>pvb</extension> + <mime-type>application/vnd.3gpp.pic-bw-var</mime-type> + </mime-mapping> + <mime-mapping> + <extension>pwn</extension> + <mime-type>application/vnd.3m.post-it-notes</mime-type> + </mime-mapping> + <mime-mapping> + <extension>pya</extension> + <mime-type>audio/vnd.ms-playready.media.pya</mime-type> + </mime-mapping> + <mime-mapping> + <extension>pyv</extension> + <mime-type>video/vnd.ms-playready.media.pyv</mime-type> + </mime-mapping> + <mime-mapping> + <extension>qam</extension> + <mime-type>application/vnd.epson.quickanime</mime-type> + </mime-mapping> + <mime-mapping> + <extension>qbo</extension> + <mime-type>application/vnd.intu.qbo</mime-type> + </mime-mapping> + <mime-mapping> + <extension>qfx</extension> + <mime-type>application/vnd.intu.qfx</mime-type> + </mime-mapping> + <mime-mapping> + <extension>qps</extension> + <mime-type>application/vnd.publishare-delta-tree</mime-type> + </mime-mapping> + <mime-mapping> + <extension>qt</extension> + <mime-type>video/quicktime</mime-type> + </mime-mapping> + <mime-mapping> + <extension>qti</extension> + <mime-type>image/x-quicktime</mime-type> + </mime-mapping> + <mime-mapping> + <extension>qtif</extension> + <mime-type>image/x-quicktime</mime-type> + </mime-mapping> + <mime-mapping> + <extension>qwd</extension> + <mime-type>application/vnd.quark.quarkxpress</mime-type> + </mime-mapping> + <mime-mapping> + <extension>qwt</extension> + <mime-type>application/vnd.quark.quarkxpress</mime-type> + </mime-mapping> + <mime-mapping> + <extension>qxb</extension> + <mime-type>application/vnd.quark.quarkxpress</mime-type> + </mime-mapping> + <mime-mapping> + <extension>qxd</extension> + <mime-type>application/vnd.quark.quarkxpress</mime-type> + </mime-mapping> + <mime-mapping> + <extension>qxl</extension> + <mime-type>application/vnd.quark.quarkxpress</mime-type> + </mime-mapping> + <mime-mapping> + <extension>qxt</extension> + <mime-type>application/vnd.quark.quarkxpress</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ra</extension> + <mime-type>audio/x-pn-realaudio</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ram</extension> + <mime-type>audio/x-pn-realaudio</mime-type> + </mime-mapping> + <mime-mapping> + <extension>rar</extension> + <mime-type>application/x-rar-compressed</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ras</extension> + <mime-type>image/x-cmu-raster</mime-type> + </mime-mapping> + <mime-mapping> + <extension>rcprofile</extension> + <mime-type>application/vnd.ipunplugged.rcprofile</mime-type> + </mime-mapping> + <mime-mapping> + <extension>rdf</extension> + <mime-type>application/rdf+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>rdz</extension> + <mime-type>application/vnd.data-vision.rdz</mime-type> + </mime-mapping> + <mime-mapping> + <extension>rep</extension> + <mime-type>application/vnd.businessobjects</mime-type> + </mime-mapping> + <mime-mapping> + <extension>res</extension> + <mime-type>application/x-dtbresource+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>rgb</extension> + <mime-type>image/x-rgb</mime-type> + </mime-mapping> + <mime-mapping> + <extension>rif</extension> + <mime-type>application/reginfo+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>rip</extension> + <mime-type>audio/vnd.rip</mime-type> + </mime-mapping> + <mime-mapping> + <extension>rl</extension> + <mime-type>application/resource-lists+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>rlc</extension> + <mime-type>image/vnd.fujixerox.edmics-rlc</mime-type> + </mime-mapping> + <mime-mapping> + <extension>rld</extension> + <mime-type>application/resource-lists-diff+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>rm</extension> + <mime-type>application/vnd.rn-realmedia</mime-type> + </mime-mapping> + <mime-mapping> + <extension>rmi</extension> + <mime-type>audio/midi</mime-type> + </mime-mapping> + <mime-mapping> + <extension>rmp</extension> + <mime-type>audio/x-pn-realaudio-plugin</mime-type> + </mime-mapping> + <mime-mapping> + <extension>rms</extension> + <mime-type>application/vnd.jcp.javame.midlet-rms</mime-type> + </mime-mapping> + <mime-mapping> + <extension>rnc</extension> + <mime-type>application/relax-ng-compact-syntax</mime-type> + </mime-mapping> + <mime-mapping> + <extension>roa</extension> + <mime-type>application/rpki-roa</mime-type> + </mime-mapping> + <mime-mapping> + <extension>roff</extension> + <mime-type>text/troff</mime-type> + </mime-mapping> + <mime-mapping> + <extension>rp9</extension> + <mime-type>application/vnd.cloanto.rp9</mime-type> + </mime-mapping> + <mime-mapping> + <extension>rpss</extension> + <mime-type>application/vnd.nokia.radio-presets</mime-type> + </mime-mapping> + <mime-mapping> + <extension>rpst</extension> + <mime-type>application/vnd.nokia.radio-preset</mime-type> + </mime-mapping> + <mime-mapping> + <extension>rq</extension> + <mime-type>application/sparql-query</mime-type> + </mime-mapping> + <mime-mapping> + <extension>rs</extension> + <mime-type>application/rls-services+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>rsd</extension> + <mime-type>application/rsd+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>rss</extension> + <mime-type>application/rss+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>rtf</extension> + <mime-type>application/rtf</mime-type> + </mime-mapping> + <mime-mapping> + <extension>rtx</extension> + <mime-type>text/richtext</mime-type> + </mime-mapping> + <mime-mapping> + <extension>s</extension> + <mime-type>text/x-asm</mime-type> + </mime-mapping> + <mime-mapping> + <extension>saf</extension> + <mime-type>application/vnd.yamaha.smaf-audio</mime-type> + </mime-mapping> + <mime-mapping> + <extension>sbml</extension> + <mime-type>application/sbml+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>sc</extension> + <mime-type>application/vnd.ibm.secure-container</mime-type> + </mime-mapping> + <mime-mapping> + <extension>scd</extension> + <mime-type>application/x-msschedule</mime-type> + </mime-mapping> + <mime-mapping> + <extension>scm</extension> + <mime-type>application/vnd.lotus-screencam</mime-type> + </mime-mapping> + <mime-mapping> + <extension>scq</extension> + <mime-type>application/scvp-cv-request</mime-type> + </mime-mapping> + <mime-mapping> + <extension>scs</extension> + <mime-type>application/scvp-cv-response</mime-type> + </mime-mapping> + <mime-mapping> + <extension>scurl</extension> + <mime-type>text/vnd.curl.scurl</mime-type> + </mime-mapping> + <mime-mapping> + <extension>sda</extension> + <mime-type>application/vnd.stardivision.draw</mime-type> + </mime-mapping> + <mime-mapping> + <extension>sdc</extension> + <mime-type>application/vnd.stardivision.calc</mime-type> + </mime-mapping> + <mime-mapping> + <extension>sdd</extension> + <mime-type>application/vnd.stardivision.impress</mime-type> + </mime-mapping> + <mime-mapping> + <extension>sdkd</extension> + <mime-type>application/vnd.solent.sdkm+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>sdkm</extension> + <mime-type>application/vnd.solent.sdkm+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>sdp</extension> + <mime-type>application/sdp</mime-type> + </mime-mapping> + <mime-mapping> + <extension>sdw</extension> + <mime-type>application/vnd.stardivision.writer</mime-type> + </mime-mapping> + <mime-mapping> + <extension>see</extension> + <mime-type>application/vnd.seemail</mime-type> + </mime-mapping> + <mime-mapping> + <extension>seed</extension> + <mime-type>application/vnd.fdsn.seed</mime-type> + </mime-mapping> + <mime-mapping> + <extension>sema</extension> + <mime-type>application/vnd.sema</mime-type> + </mime-mapping> + <mime-mapping> + <extension>semd</extension> + <mime-type>application/vnd.semd</mime-type> + </mime-mapping> + <mime-mapping> + <extension>semf</extension> + <mime-type>application/vnd.semf</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ser</extension> + <mime-type>application/java-serialized-object</mime-type> + </mime-mapping> + <mime-mapping> + <extension>setpay</extension> + <mime-type>application/set-payment-initiation</mime-type> + </mime-mapping> + <mime-mapping> + <extension>setreg</extension> + <mime-type>application/set-registration-initiation</mime-type> + </mime-mapping> + <mime-mapping> + <extension>sfd-hdstx</extension> + <mime-type>application/vnd.hydrostatix.sof-data</mime-type> + </mime-mapping> + <mime-mapping> + <extension>sfs</extension> + <mime-type>application/vnd.spotfire.sfs</mime-type> + </mime-mapping> + <mime-mapping> + <extension>sgl</extension> + <mime-type>application/vnd.stardivision.writer-global</mime-type> + </mime-mapping> + <mime-mapping> + <extension>sgm</extension> + <mime-type>text/sgml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>sgml</extension> + <mime-type>text/sgml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>sh</extension> + <mime-type>application/x-sh</mime-type> + </mime-mapping> + <mime-mapping> + <extension>shar</extension> + <mime-type>application/x-shar</mime-type> + </mime-mapping> + <mime-mapping> + <extension>shf</extension> + <mime-type>application/shf+xml</mime-type> + </mime-mapping> + <!-- + <mime-mapping> + <extension>shtml</extension> + <mime-type>text/x-server-parsed-html</mime-type> + </mime-mapping> + --> + <mime-mapping> + <extension>sig</extension> + <mime-type>application/pgp-signature</mime-type> + </mime-mapping> + <mime-mapping> + <extension>silo</extension> + <mime-type>model/mesh</mime-type> + </mime-mapping> + <mime-mapping> + <extension>sis</extension> + <mime-type>application/vnd.symbian.install</mime-type> + </mime-mapping> + <mime-mapping> + <extension>sisx</extension> + <mime-type>application/vnd.symbian.install</mime-type> + </mime-mapping> + <mime-mapping> + <extension>sit</extension> + <mime-type>application/x-stuffit</mime-type> + </mime-mapping> + <mime-mapping> + <extension>sitx</extension> + <mime-type>application/x-stuffitx</mime-type> + </mime-mapping> + <mime-mapping> + <extension>skd</extension> + <mime-type>application/vnd.koan</mime-type> + </mime-mapping> + <mime-mapping> + <extension>skm</extension> + <mime-type>application/vnd.koan</mime-type> + </mime-mapping> + <mime-mapping> + <extension>skp</extension> + <mime-type>application/vnd.koan</mime-type> + </mime-mapping> + <mime-mapping> + <extension>skt</extension> + <mime-type>application/vnd.koan</mime-type> + </mime-mapping> + <mime-mapping> + <extension>sldm</extension> + <mime-type>application/vnd.ms-powerpoint.slide.macroenabled.12</mime-type> + </mime-mapping> + <mime-mapping> + <extension>sldx</extension> + <mime-type>application/vnd.openxmlformats-officedocument.presentationml.slide</mime-type> + </mime-mapping> + <mime-mapping> + <extension>slt</extension> + <mime-type>application/vnd.epson.salt</mime-type> + </mime-mapping> + <mime-mapping> + <extension>sm</extension> + <mime-type>application/vnd.stepmania.stepchart</mime-type> + </mime-mapping> + <mime-mapping> + <extension>smf</extension> + <mime-type>application/vnd.stardivision.math</mime-type> + </mime-mapping> + <mime-mapping> + <extension>smi</extension> + <mime-type>application/smil+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>smil</extension> + <mime-type>application/smil+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>smzip</extension> + <mime-type>application/vnd.stepmania.package</mime-type> + </mime-mapping> + <mime-mapping> + <extension>snd</extension> + <mime-type>audio/basic</mime-type> + </mime-mapping> + <mime-mapping> + <extension>snf</extension> + <mime-type>application/x-font-snf</mime-type> + </mime-mapping> + <mime-mapping> + <extension>so</extension> + <mime-type>application/octet-stream</mime-type> + </mime-mapping> + <mime-mapping> + <extension>spc</extension> + <mime-type>application/x-pkcs7-certificates</mime-type> + </mime-mapping> + <mime-mapping> + <extension>spf</extension> + <mime-type>application/vnd.yamaha.smaf-phrase</mime-type> + </mime-mapping> + <mime-mapping> + <extension>spl</extension> + <mime-type>application/x-futuresplash</mime-type> + </mime-mapping> + <mime-mapping> + <extension>spot</extension> + <mime-type>text/vnd.in3d.spot</mime-type> + </mime-mapping> + <mime-mapping> + <extension>spp</extension> + <mime-type>application/scvp-vp-response</mime-type> + </mime-mapping> + <mime-mapping> + <extension>spq</extension> + <mime-type>application/scvp-vp-request</mime-type> + </mime-mapping> + <mime-mapping> + <extension>spx</extension> + <mime-type>audio/ogg</mime-type> + </mime-mapping> + <mime-mapping> + <extension>src</extension> + <mime-type>application/x-wais-source</mime-type> + </mime-mapping> + <mime-mapping> + <extension>sru</extension> + <mime-type>application/sru+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>srx</extension> + <mime-type>application/sparql-results+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>sse</extension> + <mime-type>application/vnd.kodak-descriptor</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ssf</extension> + <mime-type>application/vnd.epson.ssf</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ssml</extension> + <mime-type>application/ssml+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>st</extension> + <mime-type>application/vnd.sailingtracker.track</mime-type> + </mime-mapping> + <mime-mapping> + <extension>stc</extension> + <mime-type>application/vnd.sun.xml.calc.template</mime-type> + </mime-mapping> + <mime-mapping> + <extension>std</extension> + <mime-type>application/vnd.sun.xml.draw.template</mime-type> + </mime-mapping> + <mime-mapping> + <extension>stf</extension> + <mime-type>application/vnd.wt.stf</mime-type> + </mime-mapping> + <mime-mapping> + <extension>sti</extension> + <mime-type>application/vnd.sun.xml.impress.template</mime-type> + </mime-mapping> + <mime-mapping> + <extension>stk</extension> + <mime-type>application/hyperstudio</mime-type> + </mime-mapping> + <mime-mapping> + <extension>stl</extension> + <mime-type>application/vnd.ms-pki.stl</mime-type> + </mime-mapping> + <mime-mapping> + <extension>str</extension> + <mime-type>application/vnd.pg.format</mime-type> + </mime-mapping> + <mime-mapping> + <extension>stw</extension> + <mime-type>application/vnd.sun.xml.writer.template</mime-type> + </mime-mapping> + <mime-mapping> + <extension>sub</extension> + <mime-type>text/vnd.dvb.subtitle</mime-type> + </mime-mapping> + <mime-mapping> + <extension>sus</extension> + <mime-type>application/vnd.sus-calendar</mime-type> + </mime-mapping> + <mime-mapping> + <extension>susp</extension> + <mime-type>application/vnd.sus-calendar</mime-type> + </mime-mapping> + <mime-mapping> + <extension>sv4cpio</extension> + <mime-type>application/x-sv4cpio</mime-type> + </mime-mapping> + <mime-mapping> + <extension>sv4crc</extension> + <mime-type>application/x-sv4crc</mime-type> + </mime-mapping> + <mime-mapping> + <extension>svc</extension> + <mime-type>application/vnd.dvb.service</mime-type> + </mime-mapping> + <mime-mapping> + <extension>svd</extension> + <mime-type>application/vnd.svd</mime-type> + </mime-mapping> + <mime-mapping> + <extension>svg</extension> + <mime-type>image/svg+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>svgz</extension> + <mime-type>image/svg+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>swa</extension> + <mime-type>application/x-director</mime-type> + </mime-mapping> + <mime-mapping> + <extension>swf</extension> + <mime-type>application/x-shockwave-flash</mime-type> + </mime-mapping> + <mime-mapping> + <extension>swi</extension> + <mime-type>application/vnd.aristanetworks.swi</mime-type> + </mime-mapping> + <mime-mapping> + <extension>sxc</extension> + <mime-type>application/vnd.sun.xml.calc</mime-type> + </mime-mapping> + <mime-mapping> + <extension>sxd</extension> + <mime-type>application/vnd.sun.xml.draw</mime-type> + </mime-mapping> + <mime-mapping> + <extension>sxg</extension> + <mime-type>application/vnd.sun.xml.writer.global</mime-type> + </mime-mapping> + <mime-mapping> + <extension>sxi</extension> + <mime-type>application/vnd.sun.xml.impress</mime-type> + </mime-mapping> + <mime-mapping> + <extension>sxm</extension> + <mime-type>application/vnd.sun.xml.math</mime-type> + </mime-mapping> + <mime-mapping> + <extension>sxw</extension> + <mime-type>application/vnd.sun.xml.writer</mime-type> + </mime-mapping> + <mime-mapping> + <extension>t</extension> + <mime-type>text/troff</mime-type> + </mime-mapping> + <mime-mapping> + <extension>taglet</extension> + <mime-type>application/vnd.mynfc</mime-type> + </mime-mapping> + <mime-mapping> + <extension>tao</extension> + <mime-type>application/vnd.tao.intent-module-archive</mime-type> + </mime-mapping> + <mime-mapping> + <extension>tar</extension> + <mime-type>application/x-tar</mime-type> + </mime-mapping> + <mime-mapping> + <extension>tcap</extension> + <mime-type>application/vnd.3gpp2.tcap</mime-type> + </mime-mapping> + <mime-mapping> + <extension>tcl</extension> + <mime-type>application/x-tcl</mime-type> + </mime-mapping> + <mime-mapping> + <extension>teacher</extension> + <mime-type>application/vnd.smart.teacher</mime-type> + </mime-mapping> + <mime-mapping> + <extension>tei</extension> + <mime-type>application/tei+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>teicorpus</extension> + <mime-type>application/tei+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>tex</extension> + <mime-type>application/x-tex</mime-type> + </mime-mapping> + <mime-mapping> + <extension>texi</extension> + <mime-type>application/x-texinfo</mime-type> + </mime-mapping> + <mime-mapping> + <extension>texinfo</extension> + <mime-type>application/x-texinfo</mime-type> + </mime-mapping> + <mime-mapping> + <extension>text</extension> + <mime-type>text/plain</mime-type> + </mime-mapping> + <mime-mapping> + <extension>tfi</extension> + <mime-type>application/thraud+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>tfm</extension> + <mime-type>application/x-tex-tfm</mime-type> + </mime-mapping> + <mime-mapping> + <extension>thmx</extension> + <mime-type>application/vnd.ms-officetheme</mime-type> + </mime-mapping> + <mime-mapping> + <extension>tif</extension> + <mime-type>image/tiff</mime-type> + </mime-mapping> + <mime-mapping> + <extension>tiff</extension> + <mime-type>image/tiff</mime-type> + </mime-mapping> + <mime-mapping> + <extension>tmo</extension> + <mime-type>application/vnd.tmobile-livetv</mime-type> + </mime-mapping> + <mime-mapping> + <extension>torrent</extension> + <mime-type>application/x-bittorrent</mime-type> + </mime-mapping> + <mime-mapping> + <extension>tpl</extension> + <mime-type>application/vnd.groove-tool-template</mime-type> + </mime-mapping> + <mime-mapping> + <extension>tpt</extension> + <mime-type>application/vnd.trid.tpt</mime-type> + </mime-mapping> + <mime-mapping> + <extension>tr</extension> + <mime-type>text/troff</mime-type> + </mime-mapping> + <mime-mapping> + <extension>tra</extension> + <mime-type>application/vnd.trueapp</mime-type> + </mime-mapping> + <mime-mapping> + <extension>trm</extension> + <mime-type>application/x-msterminal</mime-type> + </mime-mapping> + <mime-mapping> + <extension>tsd</extension> + <mime-type>application/timestamped-data</mime-type> + </mime-mapping> + <mime-mapping> + <extension>tsv</extension> + <mime-type>text/tab-separated-values</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ttc</extension> + <mime-type>application/x-font-ttf</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ttf</extension> + <mime-type>application/x-font-ttf</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ttl</extension> + <mime-type>text/turtle</mime-type> + </mime-mapping> + <mime-mapping> + <extension>twd</extension> + <mime-type>application/vnd.simtech-mindmapper</mime-type> + </mime-mapping> + <mime-mapping> + <extension>twds</extension> + <mime-type>application/vnd.simtech-mindmapper</mime-type> + </mime-mapping> + <mime-mapping> + <extension>txd</extension> + <mime-type>application/vnd.genomatix.tuxedo</mime-type> + </mime-mapping> + <mime-mapping> + <extension>txf</extension> + <mime-type>application/vnd.mobius.txf</mime-type> + </mime-mapping> + <mime-mapping> + <extension>txt</extension> + <mime-type>text/plain</mime-type> + </mime-mapping> + <mime-mapping> + <extension>u32</extension> + <mime-type>application/x-authorware-bin</mime-type> + </mime-mapping> + <mime-mapping> + <extension>udeb</extension> + <mime-type>application/x-debian-package</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ufd</extension> + <mime-type>application/vnd.ufdl</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ufdl</extension> + <mime-type>application/vnd.ufdl</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ulw</extension> + <mime-type>audio/basic</mime-type> + </mime-mapping> + <mime-mapping> + <extension>umj</extension> + <mime-type>application/vnd.umajin</mime-type> + </mime-mapping> + <mime-mapping> + <extension>unityweb</extension> + <mime-type>application/vnd.unity</mime-type> + </mime-mapping> + <mime-mapping> + <extension>uoml</extension> + <mime-type>application/vnd.uoml+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>uri</extension> + <mime-type>text/uri-list</mime-type> + </mime-mapping> + <mime-mapping> + <extension>uris</extension> + <mime-type>text/uri-list</mime-type> + </mime-mapping> + <mime-mapping> + <extension>urls</extension> + <mime-type>text/uri-list</mime-type> + </mime-mapping> + <mime-mapping> + <extension>ustar</extension> + <mime-type>application/x-ustar</mime-type> + </mime-mapping> + <mime-mapping> + <extension>utz</extension> + <mime-type>application/vnd.uiq.theme</mime-type> + </mime-mapping> + <mime-mapping> + <extension>uu</extension> + <mime-type>text/x-uuencode</mime-type> + </mime-mapping> + <mime-mapping> + <extension>uva</extension> + <mime-type>audio/vnd.dece.audio</mime-type> + </mime-mapping> + <mime-mapping> + <extension>uvd</extension> + <mime-type>application/vnd.dece.data</mime-type> + </mime-mapping> + <mime-mapping> + <extension>uvf</extension> + <mime-type>application/vnd.dece.data</mime-type> + </mime-mapping> + <mime-mapping> + <extension>uvg</extension> + <mime-type>image/vnd.dece.graphic</mime-type> + </mime-mapping> + <mime-mapping> + <extension>uvh</extension> + <mime-type>video/vnd.dece.hd</mime-type> + </mime-mapping> + <mime-mapping> + <extension>uvi</extension> + <mime-type>image/vnd.dece.graphic</mime-type> + </mime-mapping> + <mime-mapping> + <extension>uvm</extension> + <mime-type>video/vnd.dece.mobile</mime-type> + </mime-mapping> + <mime-mapping> + <extension>uvp</extension> + <mime-type>video/vnd.dece.pd</mime-type> + </mime-mapping> + <mime-mapping> + <extension>uvs</extension> + <mime-type>video/vnd.dece.sd</mime-type> + </mime-mapping> + <mime-mapping> + <extension>uvt</extension> + <mime-type>application/vnd.dece.ttml+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>uvu</extension> + <mime-type>video/vnd.uvvu.mp4</mime-type> + </mime-mapping> + <mime-mapping> + <extension>uvv</extension> + <mime-type>video/vnd.dece.video</mime-type> + </mime-mapping> + <mime-mapping> + <extension>uvva</extension> + <mime-type>audio/vnd.dece.audio</mime-type> + </mime-mapping> + <mime-mapping> + <extension>uvvd</extension> + <mime-type>application/vnd.dece.data</mime-type> + </mime-mapping> + <mime-mapping> + <extension>uvvf</extension> + <mime-type>application/vnd.dece.data</mime-type> + </mime-mapping> + <mime-mapping> + <extension>uvvg</extension> + <mime-type>image/vnd.dece.graphic</mime-type> + </mime-mapping> + <mime-mapping> + <extension>uvvh</extension> + <mime-type>video/vnd.dece.hd</mime-type> + </mime-mapping> + <mime-mapping> + <extension>uvvi</extension> + <mime-type>image/vnd.dece.graphic</mime-type> + </mime-mapping> + <mime-mapping> + <extension>uvvm</extension> + <mime-type>video/vnd.dece.mobile</mime-type> + </mime-mapping> + <mime-mapping> + <extension>uvvp</extension> + <mime-type>video/vnd.dece.pd</mime-type> + </mime-mapping> + <mime-mapping> + <extension>uvvs</extension> + <mime-type>video/vnd.dece.sd</mime-type> + </mime-mapping> + <mime-mapping> + <extension>uvvt</extension> + <mime-type>application/vnd.dece.ttml+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>uvvu</extension> + <mime-type>video/vnd.uvvu.mp4</mime-type> + </mime-mapping> + <mime-mapping> + <extension>uvvv</extension> + <mime-type>video/vnd.dece.video</mime-type> + </mime-mapping> + <mime-mapping> + <extension>uvvx</extension> + <mime-type>application/vnd.dece.unspecified</mime-type> + </mime-mapping> + <mime-mapping> + <extension>uvvz</extension> + <mime-type>application/vnd.dece.zip</mime-type> + </mime-mapping> + <mime-mapping> + <extension>uvx</extension> + <mime-type>application/vnd.dece.unspecified</mime-type> + </mime-mapping> + <mime-mapping> + <extension>uvz</extension> + <mime-type>application/vnd.dece.zip</mime-type> + </mime-mapping> + <mime-mapping> + <extension>vcard</extension> + <mime-type>text/vcard</mime-type> + </mime-mapping> + <mime-mapping> + <extension>vcd</extension> + <mime-type>application/x-cdlink</mime-type> + </mime-mapping> + <mime-mapping> + <extension>vcf</extension> + <mime-type>text/x-vcard</mime-type> + </mime-mapping> + <mime-mapping> + <extension>vcg</extension> + <mime-type>application/vnd.groove-vcard</mime-type> + </mime-mapping> + <mime-mapping> + <extension>vcs</extension> + <mime-type>text/x-vcalendar</mime-type> + </mime-mapping> + <mime-mapping> + <extension>vcx</extension> + <mime-type>application/vnd.vcx</mime-type> + </mime-mapping> + <mime-mapping> + <extension>vis</extension> + <mime-type>application/vnd.visionary</mime-type> + </mime-mapping> + <mime-mapping> + <extension>viv</extension> + <mime-type>video/vnd.vivo</mime-type> + </mime-mapping> + <mime-mapping> + <extension>vor</extension> + <mime-type>application/vnd.stardivision.writer</mime-type> + </mime-mapping> + <mime-mapping> + <extension>vox</extension> + <mime-type>application/x-authorware-bin</mime-type> + </mime-mapping> + <mime-mapping> + <extension>vrml</extension> + <mime-type>model/vrml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>vsd</extension> + <mime-type>application/vnd.visio</mime-type> + </mime-mapping> + <mime-mapping> + <extension>vsf</extension> + <mime-type>application/vnd.vsf</mime-type> + </mime-mapping> + <mime-mapping> + <extension>vss</extension> + <mime-type>application/vnd.visio</mime-type> + </mime-mapping> + <mime-mapping> + <extension>vst</extension> + <mime-type>application/vnd.visio</mime-type> + </mime-mapping> + <mime-mapping> + <extension>vsw</extension> + <mime-type>application/vnd.visio</mime-type> + </mime-mapping> + <mime-mapping> + <extension>vtu</extension> + <mime-type>model/vnd.vtu</mime-type> + </mime-mapping> + <mime-mapping> + <extension>vxml</extension> + <mime-type>application/voicexml+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>w3d</extension> + <mime-type>application/x-director</mime-type> + </mime-mapping> + <mime-mapping> + <extension>wad</extension> + <mime-type>application/x-doom</mime-type> + </mime-mapping> + <mime-mapping> + <extension>wav</extension> + <mime-type>audio/x-wav</mime-type> + </mime-mapping> + <mime-mapping> + <extension>wax</extension> + <mime-type>audio/x-ms-wax</mime-type> + </mime-mapping> + <mime-mapping> + <!-- Wireless Bitmap --> + <extension>wbmp</extension> + <mime-type>image/vnd.wap.wbmp</mime-type> + </mime-mapping> + <mime-mapping> + <extension>wbs</extension> + <mime-type>application/vnd.criticaltools.wbs+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>wbxml</extension> + <mime-type>application/vnd.wap.wbxml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>wcm</extension> + <mime-type>application/vnd.ms-works</mime-type> + </mime-mapping> + <mime-mapping> + <extension>wdb</extension> + <mime-type>application/vnd.ms-works</mime-type> + </mime-mapping> + <mime-mapping> + <extension>weba</extension> + <mime-type>audio/webm</mime-type> + </mime-mapping> + <mime-mapping> + <extension>webm</extension> + <mime-type>video/webm</mime-type> + </mime-mapping> + <mime-mapping> + <extension>webp</extension> + <mime-type>image/webp</mime-type> + </mime-mapping> + <mime-mapping> + <extension>wg</extension> + <mime-type>application/vnd.pmi.widget</mime-type> + </mime-mapping> + <mime-mapping> + <extension>wgt</extension> + <mime-type>application/widget</mime-type> + </mime-mapping> + <mime-mapping> + <extension>wks</extension> + <mime-type>application/vnd.ms-works</mime-type> + </mime-mapping> + <mime-mapping> + <extension>wm</extension> + <mime-type>video/x-ms-wm</mime-type> + </mime-mapping> + <mime-mapping> + <extension>wma</extension> + <mime-type>audio/x-ms-wma</mime-type> + </mime-mapping> + <mime-mapping> + <extension>wmd</extension> + <mime-type>application/x-ms-wmd</mime-type> + </mime-mapping> + <mime-mapping> + <extension>wmf</extension> + <mime-type>application/x-msmetafile</mime-type> + </mime-mapping> + <mime-mapping> + <!-- WML Source --> + <extension>wml</extension> + <mime-type>text/vnd.wap.wml</mime-type> + </mime-mapping> + <mime-mapping> + <!-- Compiled WML --> + <extension>wmlc</extension> + <mime-type>application/vnd.wap.wmlc</mime-type> + </mime-mapping> + <mime-mapping> + <!-- WML Script Source --> + <extension>wmls</extension> + <mime-type>text/vnd.wap.wmlscript</mime-type> + </mime-mapping> + <mime-mapping> + <!-- Compiled WML Script --> + <extension>wmlsc</extension> + <mime-type>application/vnd.wap.wmlscriptc</mime-type> + </mime-mapping> + <mime-mapping> + <extension>wmv</extension> + <mime-type>video/x-ms-wmv</mime-type> + </mime-mapping> + <mime-mapping> + <extension>wmx</extension> + <mime-type>video/x-ms-wmx</mime-type> + </mime-mapping> + <mime-mapping> + <extension>wmz</extension> + <mime-type>application/x-ms-wmz</mime-type> + </mime-mapping> + <mime-mapping> + <extension>woff</extension> + <mime-type>application/x-font-woff</mime-type> + </mime-mapping> + <mime-mapping> + <extension>wpd</extension> + <mime-type>application/vnd.wordperfect</mime-type> + </mime-mapping> + <mime-mapping> + <extension>wpl</extension> + <mime-type>application/vnd.ms-wpl</mime-type> + </mime-mapping> + <mime-mapping> + <extension>wps</extension> + <mime-type>application/vnd.ms-works</mime-type> + </mime-mapping> + <mime-mapping> + <extension>wqd</extension> + <mime-type>application/vnd.wqd</mime-type> + </mime-mapping> + <mime-mapping> + <extension>wri</extension> + <mime-type>application/x-mswrite</mime-type> + </mime-mapping> + <mime-mapping> + <extension>wrl</extension> + <mime-type>model/vrml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>wsdl</extension> + <mime-type>application/wsdl+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>wspolicy</extension> + <mime-type>application/wspolicy+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>wtb</extension> + <mime-type>application/vnd.webturbo</mime-type> + </mime-mapping> + <mime-mapping> + <extension>wvx</extension> + <mime-type>video/x-ms-wvx</mime-type> + </mime-mapping> + <mime-mapping> + <extension>x32</extension> + <mime-type>application/x-authorware-bin</mime-type> + </mime-mapping> + <mime-mapping> + <extension>x3d</extension> + <mime-type>application/vnd.hzn-3d-crossword</mime-type> + </mime-mapping> + <mime-mapping> + <extension>xap</extension> + <mime-type>application/x-silverlight-app</mime-type> + </mime-mapping> + <mime-mapping> + <extension>xar</extension> + <mime-type>application/vnd.xara</mime-type> + </mime-mapping> + <mime-mapping> + <extension>xbap</extension> + <mime-type>application/x-ms-xbap</mime-type> + </mime-mapping> + <mime-mapping> + <extension>xbd</extension> + <mime-type>application/vnd.fujixerox.docuworks.binder</mime-type> + </mime-mapping> + <mime-mapping> + <extension>xbm</extension> + <mime-type>image/x-xbitmap</mime-type> + </mime-mapping> + <mime-mapping> + <extension>xdf</extension> + <mime-type>application/xcap-diff+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>xdm</extension> + <mime-type>application/vnd.syncml.dm+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>xdp</extension> + <mime-type>application/vnd.adobe.xdp+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>xdssc</extension> + <mime-type>application/dssc+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>xdw</extension> + <mime-type>application/vnd.fujixerox.docuworks</mime-type> + </mime-mapping> + <mime-mapping> + <extension>xenc</extension> + <mime-type>application/xenc+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>xer</extension> + <mime-type>application/patch-ops-error+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>xfdf</extension> + <mime-type>application/vnd.adobe.xfdf</mime-type> + </mime-mapping> + <mime-mapping> + <extension>xfdl</extension> + <mime-type>application/vnd.xfdl</mime-type> + </mime-mapping> + <mime-mapping> + <extension>xht</extension> + <mime-type>application/xhtml+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>xhtml</extension> + <mime-type>application/xhtml+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>xhvml</extension> + <mime-type>application/xv+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>xif</extension> + <mime-type>image/vnd.xiff</mime-type> + </mime-mapping> + <mime-mapping> + <extension>xla</extension> + <mime-type>application/vnd.ms-excel</mime-type> + </mime-mapping> + <mime-mapping> + <extension>xlam</extension> + <mime-type>application/vnd.ms-excel.addin.macroenabled.12</mime-type> + </mime-mapping> + <mime-mapping> + <extension>xlc</extension> + <mime-type>application/vnd.ms-excel</mime-type> + </mime-mapping> + <mime-mapping> + <extension>xlm</extension> + <mime-type>application/vnd.ms-excel</mime-type> + </mime-mapping> + <mime-mapping> + <extension>xls</extension> + <mime-type>application/vnd.ms-excel</mime-type> + </mime-mapping> + <mime-mapping> + <extension>xlsb</extension> + <mime-type>application/vnd.ms-excel.sheet.binary.macroenabled.12</mime-type> + </mime-mapping> + <mime-mapping> + <extension>xlsm</extension> + <mime-type>application/vnd.ms-excel.sheet.macroenabled.12</mime-type> + </mime-mapping> + <mime-mapping> + <extension>xlsx</extension> + <mime-type>application/vnd.openxmlformats-officedocument.spreadsheetml.sheet</mime-type> + </mime-mapping> + <mime-mapping> + <extension>xlt</extension> + <mime-type>application/vnd.ms-excel</mime-type> + </mime-mapping> + <mime-mapping> + <extension>xltm</extension> + <mime-type>application/vnd.ms-excel.template.macroenabled.12</mime-type> + </mime-mapping> + <mime-mapping> + <extension>xltx</extension> + <mime-type>application/vnd.openxmlformats-officedocument.spreadsheetml.template</mime-type> + </mime-mapping> + <mime-mapping> + <extension>xlw</extension> + <mime-type>application/vnd.ms-excel</mime-type> + </mime-mapping> + <mime-mapping> + <extension>xml</extension> + <mime-type>application/xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>xo</extension> + <mime-type>application/vnd.olpc-sugar</mime-type> + </mime-mapping> + <mime-mapping> + <extension>xop</extension> + <mime-type>application/xop+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>xpi</extension> + <mime-type>application/x-xpinstall</mime-type> + </mime-mapping> + <mime-mapping> + <extension>xpm</extension> + <mime-type>image/x-xpixmap</mime-type> + </mime-mapping> + <mime-mapping> + <extension>xpr</extension> + <mime-type>application/vnd.is-xpr</mime-type> + </mime-mapping> + <mime-mapping> + <extension>xps</extension> + <mime-type>application/vnd.ms-xpsdocument</mime-type> + </mime-mapping> + <mime-mapping> + <extension>xpw</extension> + <mime-type>application/vnd.intercon.formnet</mime-type> + </mime-mapping> + <mime-mapping> + <extension>xpx</extension> + <mime-type>application/vnd.intercon.formnet</mime-type> + </mime-mapping> + <mime-mapping> + <extension>xsl</extension> + <mime-type>application/xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>xslt</extension> + <mime-type>application/xslt+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>xsm</extension> + <mime-type>application/vnd.syncml+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>xspf</extension> + <mime-type>application/xspf+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>xul</extension> + <mime-type>application/vnd.mozilla.xul+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>xvm</extension> + <mime-type>application/xv+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>xvml</extension> + <mime-type>application/xv+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>xwd</extension> + <mime-type>image/x-xwindowdump</mime-type> + </mime-mapping> + <mime-mapping> + <extension>xyz</extension> + <mime-type>chemical/x-xyz</mime-type> + </mime-mapping> + <mime-mapping> + <extension>yang</extension> + <mime-type>application/yang</mime-type> + </mime-mapping> + <mime-mapping> + <extension>yin</extension> + <mime-type>application/yin+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>z</extension> + <mime-type>application/x-compress</mime-type> + </mime-mapping> + <mime-mapping> + <extension>Z</extension> + <mime-type>application/x-compress</mime-type> + </mime-mapping> + <mime-mapping> + <extension>zaz</extension> + <mime-type>application/vnd.zzazz.deck+xml</mime-type> + </mime-mapping> + <mime-mapping> + <extension>zip</extension> + <mime-type>application/zip</mime-type> + </mime-mapping> + <mime-mapping> + <extension>zir</extension> + <mime-type>application/vnd.zul</mime-type> + </mime-mapping> + <mime-mapping> + <extension>zirz</extension> + <mime-type>application/vnd.zul</mime-type> + </mime-mapping> + <mime-mapping> + <extension>zmm</extension> + <mime-type>application/vnd.handheld-entertainment+xml</mime-type> + </mime-mapping> + + <!-- ==================== Default Welcome File List ===================== --> + <!-- When a request URI refers to a directory, the default servlet looks --> + <!-- for a "welcome file" within that directory and, if present, to the --> + <!-- corresponding resource URI for display. --> + <!-- If no welcome files are present, the default servlet either serves a --> + <!-- directory listing (see default servlet configuration on how to --> + <!-- customize) or returns a 404 status, depending on the value of the --> + <!-- listings setting. --> + <!-- --> + <!-- If you define welcome files in your own application's web.xml --> + <!-- deployment descriptor, that list *replaces* the list configured --> + <!-- here, so be sure to include any of the default values that you wish --> + <!-- to use within your application. --> + + <welcome-file-list> + <welcome-file>index.html</welcome-file> + <welcome-file>index.htm</welcome-file> + <welcome-file>index.jsp</welcome-file> + </welcome-file-list> + +</web-app> diff --git a/base/server/share/lib/systemd/system/pki-tomcatd.target b/base/server/share/lib/systemd/system/pki-tomcatd.target new file mode 100644 index 000000000..633beae71 --- /dev/null +++ b/base/server/share/lib/systemd/system/pki-tomcatd.target @@ -0,0 +1,8 @@ +[Unit] +Description=PKI Tomcat Server +After=syslog.target network.target + +[Install] +WantedBy=multi-user.target + + diff --git a/base/server/share/lib/systemd/system/pki-tomcatd@.service b/base/server/share/lib/systemd/system/pki-tomcatd@.service new file mode 100644 index 000000000..12bcf75a0 --- /dev/null +++ b/base/server/share/lib/systemd/system/pki-tomcatd@.service @@ -0,0 +1,13 @@ +[Unit] +Description=PKI Tomcat Server %i +After=pki-tomcatd.target +BindTo=pki-tomcatd.target + +[Service] +Type=forking +ExecStart=/usr/bin/pkidaemon start tomcat %i +ExecStop=/usr/bin/pkidaemon stop tomcat %i + +[Install] +WantedBy=multi-user.target + diff --git a/base/server/share/webapps/ROOT/META-INF/context.xml b/base/server/share/webapps/ROOT/META-INF/context.xml new file mode 100644 index 000000000..ce98bfa4e --- /dev/null +++ b/base/server/share/webapps/ROOT/META-INF/context.xml @@ -0,0 +1,30 @@ +<?xml version='1.0' encoding='utf-8'?> +<!-- BEGIN COPYRIGHT BLOCK + Copyright (C) 2012 Red Hat, Inc. + All rights reserved. + Modifications: configuration parameters + END COPYRIGHT BLOCK +--> + +<!-- + Licensed to the Apache Software Foundation (ASF) under one or more + contributor license agreements. See the NOTICE file distributed with + this work for additional information regarding copyright ownership. + The ASF licenses this file to You under the Apache License, Version 2.0 + (the "License"); you may not use this file except in compliance with + the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +--> +<Context crossContext="true" allowLinking="true"> + + <Manager + secureRandomProvider="Mozilla-JSS" secureRandomAlgorithm="pkcs11prng"/> + +</Context> diff --git a/base/server/share/webapps/ROOT/WEB-INF/web.xml b/base/server/share/webapps/ROOT/WEB-INF/web.xml new file mode 100644 index 000000000..54e880610 --- /dev/null +++ b/base/server/share/webapps/ROOT/WEB-INF/web.xml @@ -0,0 +1,25 @@ +<?xml version="1.0" encoding="ISO-8859-1"?> +<!-- + Copyright 2004 The Apache Software Foundation + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +--> + +<web-app xmlns="http://java.sun.com/xml/ns/j2ee" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd" + version="2.4"> + + <display-name>PKI</display-name> + +</web-app> diff --git a/base/server/share/webapps/ROOT/index.jsp b/base/server/share/webapps/ROOT/index.jsp new file mode 100644 index 000000000..f5ef47df2 --- /dev/null +++ b/base/server/share/webapps/ROOT/index.jsp @@ -0,0 +1,240 @@ +<!-- --- BEGIN COPYRIGHT BLOCK --- + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + + Copyright (C) 2012 Red Hat, Inc. + All rights reserved. + --- END COPYRIGHT BLOCK --- --> +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> +<html> +<head> +<title>Certificate System</title> +<meta http-equiv=Content-Type content="text/html; charset=UTF-8"> +<link rel="shortcut icon" href="/pki/images/favicon.ico" /> +<link rel="stylesheet" href="/pki/css/pki-base.css" type="text/css" /> +</head> +<body bgcolor="#FFFFFF" link="#666699" vlink="#666699" alink="#333366"> + +<div id="header"> + <a href="http://pki.fedoraproject.org/" title="Visit pki.fedoraproject.org for more information about Dogtag products and services"><img src="/pki/images/logo_header.gif" alt="Dogtag" id="myLogo" /></a> + <div id="headertitle"> + <a href="/" title="Dogtag Network homepage">Dogtag<sup><font size="-2">®</font></sup> Certificate System</a> + </div> + <div id="account"> + <dl><dt><span></span></dt><dd></dd></dl> + </div> +</div> + +<div id="mainNavOuter"> +<div id="mainNav"> +<div id="mainNavInner"> + +</div><!-- end mainNavInner --> +</div><!-- end mainNav --> +</div><!-- end mainNavOuter --> + + +<div id="bar"> + +<div id="systembar"> +<div id="systembarinner"> + +<div> + - +</div> + + +</div> +</div> + +</div> + + +<center> + +<% + ServletContext caContext = getServletContext().getContext("/ca"); + String caName = caContext.getServletContextName(); + String caPath = caContext.getContextPath(); + if (!"".equals(caPath)) { +%> +<p> +<font size="+1" face="PrimaSans BT, Verdana, Arial, Helvetica, sans-serif"> +<%= caName %> +</font> +</p> + +<table border="0" cellspacing="0" cellpadding="0"> +<tr valign="TOP"> + <td> + <li><font size=4 face="PrimaSans BT, Verdana, sans-serif"> + <a href="/ca/ee/ca">End Users Services</a></font> + </td> +</tr> +<% + if (request.isSecure()) { +%> +<tr valign="TOP"> + <td> + <li><font size=4 face="PrimaSans BT, Verdana, sans-serif"> + <a href="/ca/agent/ca">Agent Services</a></font> + </td> +</tr> +<tr valign="TOP"> + <td> + <li><font size=4 face="PrimaSans BT, Verdana, sans-serif"> + <a href="/ca/services">Admin Services</a></font> + </td> +</tr> +<% + } +%> +</table> + +<br> + +<% + } + + ServletContext kraContext = getServletContext().getContext("/kra"); + String kraName = kraContext.getServletContextName(); + String kraPath = kraContext.getContextPath(); + if (!"".equals(kraPath) && request.isSecure()) { +%> +<p> +<font size="+1" face="PrimaSans BT, Verdana, Arial, Helvetica, sans-serif"> +<%= kraName %> +</font> +</p> + +<table border="0" cellspacing="0" cellpadding="0"> +<tr valign="TOP"> + <td> + <li><font size=4 face="PrimaSans BT, Verdana, sans-serif"> + <a href="/kra/agent/kra">Agent Services</a></font> + </td> +</tr> +<tr valign="TOP"> + <td> + <li><font size=4 face="PrimaSans BT, Verdana, sans-serif"> + <a href="/kra/services">Admin Services</a></font> + </td> +</tr> +</table> + +<br> + +<% + } + + ServletContext ocspContext = getServletContext().getContext("/ocsp"); + String ocspName = ocspContext.getServletContextName(); + String ocspPath = ocspContext.getContextPath(); + if (!"".equals(ocspPath) && request.isSecure()) { +%> +<p> +<font size="+1" face="PrimaSans BT, Verdana, Arial, Helvetica, sans-serif"> +<%= ocspName %> +</font> +</p> + +<table border="0" cellspacing="0" cellpadding="0"> +<tr valign="TOP"> + <td> + <li><font size=4 face="PrimaSans BT, Verdana, sans-serif"> + <a href="/ocsp/agent/ocsp">Agent Services</a></font> + </td> +</tr> +<tr valign="TOP"> + <td> + <li><font size=4 face="PrimaSans BT, Verdana, sans-serif"> + <a href="/ocsp/services">Admin Services</a></font> + </td> +</tr> +</table> + +<br> + +<% + } + + ServletContext tksContext = getServletContext().getContext("/tks"); + String tksName = tksContext.getServletContextName(); + String tksPath = tksContext.getContextPath(); + if (!"".equals(tksPath) && request.isSecure()) { +%> +<p> +<font size="+1" face="PrimaSans BT, Verdana, Arial, Helvetica, sans-serif"> +<%= tksName %> +</font> +</p> + +<table border="0" cellspacing="0" cellpadding="0"> +<tr valign="TOP"> + <td> + <li><font size=4 face="PrimaSans BT, Verdana, sans-serif"> + <a href="/tks/agent/tks">Agent Services</a></font> + </td> +</tr> +<tr valign="TOP"> + <td> + <li><font size=4 face="PrimaSans BT, Verdana, sans-serif"> + <a href="/tks/services">Admin Services</a></font> + </td> +</tr> +</table> + +<br> + +<% + } + + ServletContext tpsContext = getServletContext().getContext("/tps"); + String tpsName = tpsContext.getServletContextName(); + String tpsPath = tpsContext.getContextPath(); + if (!"".equals(tpsPath) && request.isSecure()) { +%> +<p> +<font size="+1" face="PrimaSans BT, Verdana, Arial, Helvetica, sans-serif"> +<%= tpsName %> +</font> +</p> + +<table border="0" cellspacing="0" cellpadding="0"> +<tr valign="TOP"> + <td> + <li><font size=4 face="PrimaSans BT, Verdana, sans-serif"> + <a href="/tps/agent/tps">Agent Services</a></font> + </td> +</tr> +<tr valign="TOP"> + <td> + <li><font size=4 face="PrimaSans BT, Verdana, sans-serif"> + <a href="/tps/services">Admin Services</a></font> + </td> +</tr> +</table> + +<br> + +<% + } +%> + +</center> + +<div id="footer"> +</div> + +</body> +</html> diff --git a/base/server/share/webapps/pki/META-INF/context.xml b/base/server/share/webapps/pki/META-INF/context.xml new file mode 100644 index 000000000..ce98bfa4e --- /dev/null +++ b/base/server/share/webapps/pki/META-INF/context.xml @@ -0,0 +1,30 @@ +<?xml version='1.0' encoding='utf-8'?> +<!-- BEGIN COPYRIGHT BLOCK + Copyright (C) 2012 Red Hat, Inc. + All rights reserved. + Modifications: configuration parameters + END COPYRIGHT BLOCK +--> + +<!-- + Licensed to the Apache Software Foundation (ASF) under one or more + contributor license agreements. See the NOTICE file distributed with + this work for additional information regarding copyright ownership. + The ASF licenses this file to You under the Apache License, Version 2.0 + (the "License"); you may not use this file except in compliance with + the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +--> +<Context crossContext="true" allowLinking="true"> + + <Manager + secureRandomProvider="Mozilla-JSS" secureRandomAlgorithm="pkcs11prng"/> + +</Context> diff --git a/base/server/share/webapps/pki/admin/console/config/adminauthenticatepanel.vm b/base/server/share/webapps/pki/admin/console/config/adminauthenticatepanel.vm new file mode 100644 index 000000000..b27042cfb --- /dev/null +++ b/base/server/share/webapps/pki/admin/console/config/adminauthenticatepanel.vm @@ -0,0 +1,52 @@ +<!-- --- BEGIN COPYRIGHT BLOCK --- + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + + Copyright (C) 2007 Red Hat, Inc. + All rights reserved. + --- END COPYRIGHT BLOCK --- --> + +<SCRIPT type="text/JavaScript"> +function myOnLoad() { +} + +function performPanel() { + with (document.forms[0]) { + submit(); + } +} +</SCRIPT> +<h2>Authentication</h2> +<p> +The uid and password are used to authenticate to the master subsystem. These are the administrator's credential information for the master subsystem. +#if ($systemType != "tps") +<br/> +If authentication is successful, a cloned subsystem will retrieve the configuration information from the master one. +#end +<br/> +#if ($errorString != "") +<img src="/pki/images/icon_crit_update.gif"> <font color="red">$errorString</font> +#end + <table class="details"> + <tr> + <th>Uid:</th> + + <td><input type="text" size="40" name="uid" value="$uid"/></td> + </tr> + <tr> + <th>Password:</th> + + <td><input type="password" size="40" name="__password" value="$password" autocomplete="off"/></td> + </tr> + </table> +<p> diff --git a/base/server/share/webapps/pki/admin/console/config/adminpanel.vm b/base/server/share/webapps/pki/admin/console/config/adminpanel.vm new file mode 100644 index 000000000..37d922764 --- /dev/null +++ b/base/server/share/webapps/pki/admin/console/config/adminpanel.vm @@ -0,0 +1,219 @@ +<!-- --- BEGIN COPYRIGHT BLOCK --- + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + + Copyright (C) 2007 Red Hat, Inc. + All rights reserved. + --- END COPYRIGHT BLOCK --- --> + +<SCRIPT ID=Send_OnClick type="text/JavaScript"> +function myOnLoad() { +} + +function performPanel() { + var email = document.forms[0].email.value; + var name = document.forms[0].name.value; + var o = '$securityDomain'; + if (name == '') { + alert("Name is empty"); + return; + } + if (email == '') { + alert("Email is empty"); + return; + } + var dn = "cn=" + name + ",uid=admin,e="+email+",o="+o; + document.forms[0].subject.value = dn; + var keyGenAlg = "rsa-dual-use"; + var keyParams = null; + if (document.forms[0].keytype.value == 'ecc') { + keyGenAlg = "ec-dual-use"; + keyParams = "curve=nistp256" + } + + if (navigator.appName == "Netscape" && + typeof(crypto.version) != "undefined") { + + crmfObject = crypto.generateCRMFRequest( + dn, "regToken", "authenticator", null, + "setCRMFRequest();", 2048, keyParams, keyGenAlg); + } else { + Send_OnClick(); + } +} + +function setCRMFRequest() +{ + with (document.forms[0]) { + cert_request.value = crmfObject.request; + submit(); + } +} + +</SCRIPT> +<SCRIPT type="text/VBS"> +<!-- + +Sub Send_OnClick + Dim TheForm + Dim szName + Set TheForm = Document.f + + + ' Contruct the X500 distinguished name + szName = "CN=NAME" + + ' IE doesnt like the dn containing the O component + + On Error Resume Next + Enroll.HashAlgorithm = "MD5" + Enroll.KeySpec = 1 + + Enroll.providerType = 1 + Enroll.providerName = "Microsoft Base Cryptographic Provider v1.0" + + ' adding 2 to "GenKeyFlags" will enable the 'High Security' + ' (USER_PROTECTED) mode, which means IE will pop up a dialog + ' asking what level of protection the user would like to give + ' the key - this varies from 'none' to 'confirm password + ' every time the key is used' + Enroll.GenKeyFlags = 1 ' key PKCS12-exportable + szCertReq = Enroll.createPKCS10(szName, "1.3.6.1.5.5.7.3.2") + + theError = Err.Number + On Error Goto 0 + ' + ' If the user has cancelled things the we simply ignore whatever + ' they were doing ... need to think what should be done here + ' + If (szCertReq = Empty AND theError = 0) Then + Exit Sub + End If + If (szCertReq = Empty OR theError <> 0) Then + ' + ' There was an error in the key pair generation. The error value + ' is found in the variable 'theError' which we snarfed above before + ' we did the 'On Error Goto 0' which cleared it again. + ' + sz = "The error '" & Hex(theError) & "' occurred." & chr(13) & chr(10) & "The credentials could not be generated." + result = MsgBox(sz, 0, "Credentials Enrollment") + Exit Sub + End If + + TheForm.cert_request.Value = szCertReq + TheForm.cert_request_type.Value = "pkcs10" + TheForm.subject.Value = "cn=" & TheForm.name.Value & ",uid=" & TheForm.uid.Value & ",e=" & TheForm.email.Value & ",o=" & TheForm.securitydomain.Value + + TheForm.Submit + Exit Sub + +End Sub + +--> +</SCRIPT> + +<SCRIPT type="text/VBS"> +<!-- +FindProviders + +Function FindProviders + Dim i, j + Dim providers() + i = 0 + j = 1 + Dim el + Dim temp + Dim first + Dim TheForm + Set TheForm = document.f + On Error Resume Next + first = 0 + + Do While True + temp = "" + Enroll.providerType = j + temp = Enroll.enumProviders(i,0) + If Len(temp) = 0 Then + If j < 1 Then + j = j + 1 + i = 0 + Else + Exit Do + End If + Else + set el = document.createElement("OPTION") + el.text = temp + el.value = j + If temp = "Microsoft Base Cryptographic Provider v1.0" Then + first = j + End If + TheForm.cryptprovider.add(el) + If first = 0 Then + first = 1 + TheForm.cryptprovider.selectedIndex = 0 + Else + TheForm.cryptprovider.selectedIndex = first + End If + i = i + 1 + End If + Loop +End Function + +--> +</SCRIPT> +The administrator is a privileged user who manages this subsystem. Please enter the following relevant information, and a certificate request will be automatically generated and submitted. An administrator's entry will be created in the internal database and an administrator's certificate will be imported into this browser automatically in the next panel. +<br/> +#if ($errorString != "") +<img src="/pki/images/icon_crit_update.gif"> <font color="red">$errorString</font> +#end +<br/> + <br/> + + <table class="details"> + <tr> + <th>UID:</th> + <td><input type=text name=uid value="$admin_uid"></td> + </tr> + <tr> + <th>Name:</th> + <td><input size=35 type=text name=name value="$admin_name"></td> + </tr> + <tr> + <th>Email:</th> + <td><input size=35 type=text name=email value="$admin_email"></td> + </tr> + <tr> + <th>Password:</th> + <td><input type="password" size="40" name="__pwd" value="$admin_pwd" autocomplete="off"/></td> + </tr> + <tr> + <th>Password (Again):</th> + + <td><input type="password" size="40" name="__admin_password_again" value="$admin_pwd_again" autocomplete="off"/></td> +<input type="hidden" name="cert_request" value=""/> +<input type="hidden" name="display" value=$displayStr /> +<input type="hidden" name="profileId" value="caAdminCert" /> +<input type="hidden" name="cert_request_type" value="crmf" /> +<input type="hidden" name="import" value=$import /> +<input type="hidden" name="uid" value="admin" /> +<input type="hidden" name="securitydomain" value="$securityDomain" /> +<input type="hidden" name="subject" value="cn=x" /> + </tr> + <tr> + <th>Key Type:</th> + <td><select name="keytype"><option value="rsa">RSA</option><option value="ecc">ECC</option></select></td> + </tr> + </table> + <div align="right"> + <hr /> + </div> diff --git a/base/server/share/webapps/pki/admin/console/config/agentauthenticatepanel.vm b/base/server/share/webapps/pki/admin/console/config/agentauthenticatepanel.vm new file mode 100644 index 000000000..abb7678ae --- /dev/null +++ b/base/server/share/webapps/pki/admin/console/config/agentauthenticatepanel.vm @@ -0,0 +1,48 @@ +<!-- --- BEGIN COPYRIGHT BLOCK --- + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + + Copyright (C) 2007 Red Hat, Inc. + All rights reserved. + --- END COPYRIGHT BLOCK --- --> + +<SCRIPT type="text/JavaScript"> +function myOnLoad() { +} + +function performPanel() { + with (document.forms[0]) { + submit(); + } +} +</SCRIPT> +<h2>Authentication</h2> +<br/> +The uid and password are used to authenticate to the CA from which this subsystem's certificates are issued. Enter the uid and password of the Certificate Manager Agent who will approve the certificate requests. +<br/> +#if ($errorString != "") +<img alt="" src="/pki/images/icon_crit_update.gif"> <font color="red">$errorString</font> +#end + <table class="details"> + <tr> + <th>Uid:</th> + + <td><input type="text" size="40" name="uid" value="$uid"/></td> + </tr> + <tr> + <th>Password:</th> + + <td><input type="password" size="40" name="__password" value="$password" autocomplete="off"/></td> + </tr> + </table> +<br/> diff --git a/base/server/share/webapps/pki/admin/console/config/backupkeycertpanel.vm b/base/server/share/webapps/pki/admin/console/config/backupkeycertpanel.vm new file mode 100644 index 000000000..3ec3526d1 --- /dev/null +++ b/base/server/share/webapps/pki/admin/console/config/backupkeycertpanel.vm @@ -0,0 +1,57 @@ +<!-- --- BEGIN COPYRIGHT BLOCK --- + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + + Copyright (C) 2007 Red Hat, Inc. + All rights reserved. + --- END COPYRIGHT BLOCK --- --> + +<SCRIPT type="text/JavaScript"> +function myOnLoad() { +} + +function performPanel() { + with (document.forms[0]) { + submit(); + } +} +</SCRIPT> +<h2>Export Keys and Certificates</h2> +<p> +To setup a cloned subsystem, the master subsystem's keys and certificates (with the exception of the SSL server key and certificate) as well as the CA certificate chains need to be exported, and later imported into the cloned subsystem. All of these keys and certificates are stored in a single file in the PKCS #12 format which is protected by the password specified below. This export operation is performed only when the master subsystem's keys and certificates are stored in the software token. +<p> +If these keys and certificates are stored in a hardware token, the hardware token vendor needs to be consulted for information on how to export them. +<p> +For cloning, if the keys and certificates are stored in a hardware token, clones should use the same hardware token as that of the Master. +<p> +#if ($errorString != "") +<img alt="" src="/pki/images/icon_crit_update.gif"> <font color="red">$errorString</font> +#end +<br/> +<b><input $dobackup type=radio name=choice value="backupkey"> Export subsystem keys and certificates </b> +<br/> + <table class="details"> + <tr> + <th>Password to protect the PKCS #12 file:</th> + + <td><input type="password" size="40" name="__pwd" value="$pwd" autocomplete="off" /></td> + </tr> + <tr> + <th>Password again:</th> + + <td><input type="password" size="40" name="__pwdagain" value="$pwdagain" autocomplete="off"/></td> + </tr> + </table> +<br/> +<b><input $nobackup type=radio name=choice value="nobackupkey"> Don't export subsystem keys and certificates </b> +<br/> diff --git a/base/server/share/webapps/pki/admin/console/config/certchainpanel.vm b/base/server/share/webapps/pki/admin/console/config/certchainpanel.vm new file mode 100644 index 000000000..08bcc1331 --- /dev/null +++ b/base/server/share/webapps/pki/admin/console/config/certchainpanel.vm @@ -0,0 +1,49 @@ +<!-- --- BEGIN COPYRIGHT BLOCK --- + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + + Copyright (C) 2007 Red Hat, Inc. + All rights reserved. + --- END COPYRIGHT BLOCK --- --> + +<SCRIPT type="text/JavaScript"> +function myOnLoad() { +} + +function performPanel() { + with (document.forms[0]) { + submit(); + } +} +</SCRIPT> +<b>Pretty Print of Certificates on this subsystem. +<p> +#foreach ($item in $ppcerts) +<H2>$item.getDN()</H2> +<table width=100%> +<tr bgcolor="#cccccc"> + <td width=20%><b>Certificate: $item.getNickname()</b></td> +</tr> + +<tr> + <td><textarea rows=24 cols=80 wrap="virtual" name=$item.getCertTag()>$item.getCertpp()</textarea></td> +</tr> +</table> +#end + + <br/> + + <div align="right"> + <hr /> + + </div> diff --git a/base/server/share/webapps/pki/admin/console/config/certprettyprintpanel.vm b/base/server/share/webapps/pki/admin/console/config/certprettyprintpanel.vm new file mode 100644 index 000000000..ac8da10ee --- /dev/null +++ b/base/server/share/webapps/pki/admin/console/config/certprettyprintpanel.vm @@ -0,0 +1,49 @@ +<!-- --- BEGIN COPYRIGHT BLOCK --- + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + + Copyright (C) 2007 Red Hat, Inc. + All rights reserved. + --- END COPYRIGHT BLOCK --- --> + +<SCRIPT type="text/JavaScript"> +function myOnLoad() { +} + +function performPanel() { + with (document.forms[0]) { + submit(); + } +} +</SCRIPT> +The following certificates were installed on this instance. +<p> +#foreach ($item in $ppcerts) +<H2>$item.getDN()</H2> +<table width=100%> +<tr bgcolor="#cccccc"> + <td width=20%><b>Certificate: $item.getNickname()</b></td> +</tr> + +<tr> + <td><textarea rows=24 cols=80 wrap="virtual" name=$item.getCertTag()>$item.getCertpp()</textarea></td> +</tr> +</table> +#end + + <br/> + + <div align="right"> + <hr /> + + </div> diff --git a/base/server/share/webapps/pki/admin/console/config/certrequestpanel.vm b/base/server/share/webapps/pki/admin/console/config/certrequestpanel.vm new file mode 100644 index 000000000..0502834e4 --- /dev/null +++ b/base/server/share/webapps/pki/admin/console/config/certrequestpanel.vm @@ -0,0 +1,219 @@ +<!-- --- BEGIN COPYRIGHT BLOCK --- + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + + Copyright (C) 2007 Red Hat, Inc. + All rights reserved. + --- END COPYRIGHT BLOCK --- --> + +<style type="text/css"> + +.floating { + position: absolute; + left: 250px; + top: 50px; + width: 600px; + padding: 3px; + border: solid; + border-width: 5px; + background: white; + display: none; + margin: 5px; +} +</style> +<SCRIPT type="text/JavaScript"> +function myOnLoad() { +} + +function performPanel() { + with (document.forms[0]) { + submit(); + } +} + +function showcert(element, event) +{ + var x = event.clientX; + var y = event.clientY; + + var content = element.getAttribute("content"); + var content_d = element.getAttribute("content_desc"); + + if (content == null) { return false; } + + var n = element.getAttribute("n"); + + var editableType = element.getAttribute("editableType"); + var desc; + var d; + var c; + if (editableType == "cert") + { + d = document.getElementById(n+"_editCertDiv"); + c = document.getElementById(n+"_text"); + desc = document.getElementById(n+"_desc_t"); + } else if (editableType == "certchain") { + d = document.getElementById(n+"_editCertChainDiv"); + c = document.getElementById(n+"_cc_text"); + desc = document.getElementById(n+"_cc_desc_t"); + } else { + d = document.getElementById(n+"_showCertDiv"); + c = document.getElementById(n+"_pre"); + desc = document.getElementById(n+"_desc_p"); + } + + if (desc.hasChildNodes()) + { + desc.removeChild(desc.childNodes[0]); + } + var content_desc = document.createTextNode(content_d); + desc.appendChild(content_desc); + + if (c.hasChildNodes()) + { + c.removeChild(c.childNodes[0]); + } + var content_text = document.createTextNode(content); + c.appendChild(content_text); + + d.style.left = x+30; // x-offset of floating div + assumedheight = 1000; + + var offset = 20; // extra y-offset of floating div + var bottom = y + offset + assumedheight; + if (bottom > window.innerHeight) { + offset = 0 - (2*offset) - assumedheight; + } + + d.style.top = y+ offset +document.body.scrollTop; + + // unhide the window + d.style.display ="block"; + +} + +function hide(tag) +{ + document.getElementById(tag+"_showCertDiv").style.display ="none"; + document.getElementById(tag+"_editCertDiv").style.display ="none"; + document.getElementById(tag+"_editCertChainDiv").style.display ="none"; +} + +</SCRIPT> +A certificate signing request (CSR) contains a public key and is an unsigned copy of the certificate. +<p> +If a given CSR has been successfully signed by a CA, then the certificate will be designated below by a certificate icon labeled Certificate Generated Successfully. +<p> +However, if a given CSR contains an <font color="red">action required</font> label under its certificate icon, then those requests must be <i>manually</i> submitted to a CA for certificate generation. +<p> +Press the [Apply] button after certificates and chains are pasted in. +<p> +Press the [Next] button once all certificates have been generated successfully. +<p> +#foreach ($item in $reqscerts) +<H2>$item.getDN()</H2> +<table width=100%> +<tr> + <td width=10%></td> + <td width=20%></td> + <td width=70%></td> +</tr> + +<tr> + <td> </td> +#if ($item.getCert() == "...paste certificate here...") + <td><font color=red>action required</font><br> +<img alt="" src="/pki/images/no-certificate.png"/></td> +#elseif ($item.getCert() == "...certificate be generated internally...") +<td> + <img alt="" src="/pki/images/no-certificate.png"/><br> + certificate will be generated internally + </td> +#elseif ($item.getCert() == "") + <td> +<img alt="" src="/pki/images/no-certificate.png"/><br> + No Certificate Generated. Please import.<br> + </td> +#else + <td> +<img alt="" src="/pki/images/certificate.png"/><br> + Certificate Generated Successfully + </td> +#end + +<td> + + +#if ($item.getCert() == "...paste certificate here...") +<a content="$item.getRequest()" content_desc="Copy the following Certificate Request (CSR) and paste it in the external CA enrollment page for enrollment" n="$item.getCertTag()" href="#" onclick="showcert(this,event);"> Step 1: Copy the Certificate Request (CSR) to enroll at an external CA</a><p> +<a content="" content_desc="Copy the base64-encoded PKCS #7 certificate chain into the text box below and press 'X'" n="$item.getCertTag()" editableType="certchain" href="#" onclick="showcert(this,event);"> Step 2: Import the PKCS #7 Certificate Chain (optional if the certificate already contains the chain)</a><p> +<a content="$item.getCert()" content_desc="Copy the resulting base64-encoded certificate (NOTE: PKCS #7 not accepted) into the text box below and press 'X'" n="$item.getCertTag()" editableType="cert" href="#" onclick="showcert(this,event);"> Step 3: Paste in the Base64-encoded Certificate after enrollment at an external CA (NOTE: this text box does not accept PKCS #7 certificate chains)</a><p> +#elseif ($item.getCert() == "...certificate be generated internally...") +<p> +#else +<a content="$item.getRequest()" content_desc="Certificate Request (CSR)" n="$item.getCertTag()" href="#" onclick="showcert(this,event);"> View Certificate Request (CSR)</a><p> +<a content="$item.getCert()" content_desc="Certificate in Base64 encoding" n="$item.getCertTag()" href="#" onclick="showcert(this,event);"> View Certificate in Base64-Encoding</a><p> +<a content="$item.getEscapedCertpp()" content_desc="Certificate in pretty print" n="$item.getCertTag()" href="#" onclick="showcert(this,event);"> View Certificate Pretty Print</a><p> +#end + + +</td> +</tr> +</table> + +<div id="$item.getCertTag()_showCertDiv" class="floating"> +<div align="right" onclick="hide('$item.getCertTag()');">X</div> +<table id="$item.getCertTag()_stable" width="100%"> +<tr> +<td id="$item.getCertTag()_desc_p"></td> +</tr> +<tr> +<td><pre name="$item.getCertTag()" id="$item.getCertTag()_pre">$item.getCert()</pre></td> +</tr> +</table> +</div> + +<div id="$item.getCertTag()_editCertDiv" class="floating"> +<div align="right" onclick="hide('$item.getCertTag()');">X</div> +<table id="$item.getCertTag()_etable" width="100%"> +<tr> +<td id="$item.getCertTag()_desc_t"></td> +</tr> +<tr> +<td><textarea rows=30 cols=90 name="$item.getCertTag()" id="$item.getCertTag()_text" style="font-family: monospace;">$item.getCert()</textarea></td> +</tr> +</table> +</div> + +<div id="$item.getCertTag()_editCertChainDiv" class="floating"> +<div align="right" onclick="hide('$item.getCertTag()');">X</div> +<table id="$item.getCertTag()_cc_etable" width="100%"> +<tr> +<td id="$item.getCertTag()_cc_desc_t"></td> +</tr> +<tr> +<td><textarea rows=30 cols=90 name="$item.getCertTag()_cc" id="$item.getCertTag()_cc_text" style="font-family: monospace;"></textarea></td> +</tr> +</table> +</div> + + +#end + + <p> + + + <div align="right"> + <hr /> + + </div> diff --git a/base/server/share/webapps/pki/admin/console/config/config_addhsm.vm b/base/server/share/webapps/pki/admin/console/config/config_addhsm.vm new file mode 100644 index 000000000..839cff56a --- /dev/null +++ b/base/server/share/webapps/pki/admin/console/config/config_addhsm.vm @@ -0,0 +1,96 @@ +<!-- --- BEGIN COPYRIGHT BLOCK --- + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + + Copyright (C) 2007 Red Hat, Inc. + All rights reserved. + --- END COPYRIGHT BLOCK --- --> + +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> + +<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> + <head> + + <title>Dogtag Certificate System</title> +<SCRIPT LANGUAGE="JavaScript"> + function checkClose() { + if ('$status' == "update" && '$error' == '') { + window.close(); + } + } + +</SCRIPT> + + <link rel="shortcut icon" href="/pki/images/favicon.ico" /> + <link rel="stylesheet" href="/pki/css/pki-base.css" type="text/css" /> + </head> + + + <body onLoad="checkClose();"><div id="wrap"><div id="wrap"> + +<div id="mainNavOuter"> +<div id="mainNav"> + +<div id="mainNavInner"> + + +</div><!-- end mainNavInner --> +</div><!-- end mainNav --> +</div><!-- end mainNavOuter --> + + +<!-- close bar --> + + <div id="content"> + <table width="100%" cellspacing="0"> + <tr> + <td class="page-content" width="100%"> + <h1><img src="/pki/images/icon-software.gif" /> + Security Modules</h1> +Keys will be generated and stored on security modules. A security module can be hardware-based or software-based. Hardware-based security modules are more secure. +<p> +<H2>Registering a New Security Module</H2> +<form name=configForm action="config_addhsm" method="post"> +<p> +If the desired security module is not listed, it is possible that this security module's PKCS #11 library was not registered with the system. Please register a new security module here. +<table> +<tr> + <td> +Library Path: <input type=text name="modulePath" value=""> + </td> +</tr> +<tr> + <td> +Module Name: <input type=text name="moduleName" value=""> + </td> +<tr> +</tr> +</table> +<p> +<table width=100%> +<tr bgcolor="#eeeeee"> + <td> +<input onclick="configForm.submit()" type=button name=config_addhsm_next value="Apply"> + </td> +</tr> +</table> +</form> + </td> + </tr> + </table> + + </div> <!-- close content --> + </div> <!-- close wrap --> + + </body> +</html> diff --git a/base/server/share/webapps/pki/admin/console/config/config_hsmloginpanel.vm b/base/server/share/webapps/pki/admin/console/config/config_hsmloginpanel.vm new file mode 100644 index 000000000..147425bae --- /dev/null +++ b/base/server/share/webapps/pki/admin/console/config/config_hsmloginpanel.vm @@ -0,0 +1,79 @@ +<!-- --- BEGIN COPYRIGHT BLOCK --- + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + + Copyright (C) 2007 Red Hat, Inc. + All rights reserved. + --- END COPYRIGHT BLOCK --- --> + +<SCRIPT type="text/JavaScript"> +function myOnLoad() { +} + +function performPanel() { + with (document.forms[0]) { + submit(); + } +} +</SCRIPT> + <h1> + Security Modules Login Panel</h1> +Keys will be generated and stored on security modules. A security module can be hardware-based or software-based. Hardware-based security modules are more secure. +<br/> +<H2>Security Token Login</H2> +<form name=configHSMLoginForm action="config_hsmlogin" method="post"> +<p> +The user has chosen to login to the following security module: <b>$SecToken</b> +<p> +#if ($status == "alreadyLoggedIn") + Token already logged in. +#elseif ($status == "tokenPasswordNotInitialized") + Token password not initialized. +#elseif ($status == "justLoggedIn") + Token logged in successfully. +#else +<table> +<tr> + <td> +Security Module Token Name: <b><input type=text name="uTokName" value="$SecToken"></b> + </td> +</tr> +<tr> + <td> +Security Module Token Password: <input type=password name="__uPasswd" value="" autocomplete="off"> + </td> +<tr> +</tr> +</table> +<p> +#end + +<table width=100%> +<tr bgcolor="#eeeeee"> + <td> + + </td> +</tr> +</table> + </td> + </tr> + </table> + + <p> + + <div align="right"> + <hr /> + + </div> + + diff --git a/base/server/share/webapps/pki/admin/console/config/createsubsystempanel.vm b/base/server/share/webapps/pki/admin/console/config/createsubsystempanel.vm new file mode 100644 index 000000000..8ae6f3f7b --- /dev/null +++ b/base/server/share/webapps/pki/admin/console/config/createsubsystempanel.vm @@ -0,0 +1,101 @@ +<!-- --- BEGIN COPYRIGHT BLOCK --- + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + + Copyright (C) 2007 Red Hat, Inc. + All rights reserved. + --- END COPYRIGHT BLOCK --- --> + +<SCRIPT type="text/JavaScript"> +function myOnLoad() { +} + +function performPanel() { + with (document.forms[0]) { + submit(); + } +} +</SCRIPT> +<h2>Subsystem Configuration</h2> +<p> +#if ($systemType != "tps") +This instance can be configured as either a new $systemname subsystem or a clone of an existing $systemname. If the cloning option is chosen, please provide the URL to an existing $systemname instance. +#else +This instance can be configured as a new $systemname subsystem. +#end +<br/> +#if ($errorString != "") +<img src="/pki/images/icon_crit_update.gif"> <font color="red">$errorString</font> +#end +<p> +<b><input $check_newsubsystem type=radio name=choice value="newsubsystem"> Configure this Instance as a New $systemname Subsystem </b> +<br/> + <table class="details"> + <tr> + <th>Subsystem Name: </th> + <td><input type=text size="40" name="subsystemName" value="$subsystemName"> (e.g. - $fullsystemname)</td> + </tr> + <tr> + <th>Subsystem HTTP EE URL (unsecure): </th> + <td>http://$machineName:$http_port</td> + </tr> + <tr> + <th>Subsystem HTTPS Agent URL (clientauth): </th> + <td>https://$machineName:$https_agent_port</td> + </tr> + <tr> + <th>Subsystem HTTPS EE URL (non-clientauth): </th> + <td>https://$machineName:$https_ee_port</td> + </tr> + <tr> + <th>Subsystem HTTPS Admin URL (non-clientauth): </th> + <td>https://$machineName:$https_admin_port</td> + </tr> + </table> +<p> +#if ($disableClone == "true") +<b><input $check_clonesubsystem type=radio name=choice value="clonesubsystem" disabled="disabled"> Clone an Existing $systemname Subsystem </b> +#else +<b><input $check_clonesubsystem type=radio name=choice value="clonesubsystem"> Clone an Existing $systemname Subsystem </b> +#end +<br/> + <table class="details"> + <tr> + <th>Subsystem Name: </th> +#if ($disableClone == "true") + <td><input disabled="disabled" type=text size="40" name="subsystemName" value="$subsystemName"> (e.g. - $fullsystemname Clone 1)</td> +#else + <td><input type=text size="40" name="subsystemName" value="$subsystemName"> (e.g. - $fullsystemname Clone 1)</td> +#end + </tr> + <tr> + <th>Subsystem URL: </th> +#if ($disableClone == "true") + <td><select name="urls" disabled="disabled"> +#else + <td><select name="urls"> +#end + #if ($urls.size() > 0) + #set ($x=0) + #foreach ($p in $urls) + <option value="$x">$p</option> + #set ($x=$x+1) + #end + #else + <option selected value="none">NONE</option> + #end + </select> + </td> + </tr> + </table> +<br/> diff --git a/base/server/share/webapps/pki/admin/console/config/databasepanel.vm b/base/server/share/webapps/pki/admin/console/config/databasepanel.vm new file mode 100644 index 000000000..174710110 --- /dev/null +++ b/base/server/share/webapps/pki/admin/console/config/databasepanel.vm @@ -0,0 +1,132 @@ +<!-- --- BEGIN COPYRIGHT BLOCK --- + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + + Copyright (C) 2007 Red Hat, Inc. + All rights reserved. + --- END COPYRIGHT BLOCK --- --> + +<SCRIPT type="text/JavaScript"> +function myOnLoad() { +} + +function performPanel() { + with (document.forms[0]) { + submit(); + } +} +</SCRIPT> +Please provide information to an existing Fedora Directory Server that can be used as the internal database for this instance. <a href="javascript:toggle_details();">[Details]</a> +<SCRIPT type="text/JavaScript"> +function toggle_details() +{ + d = document.getElementById('details'); + if (d.style.display == "block") { + d.style.display="none"; + } else { + d.style.display="block"; + } +} +</script> +<div id=details style="display: none;"> +<p> +Each instance needs access to a Fedora Directory Server instance to store requests and records. Each PKI instance may create its own associated internal database, or may share an existing internal database. To share an existing internal database instance, a PKI instance would only need to establish a unique distinguished name (DN) using the field entitled <b>Base DN</b> and a unique database name using the field entitled <b>Database</b>. +#if ($clone == "clone") +<p> +<p> +Replication agreements between the master and clone database instances may be customized. If no master and replication ports are provided, then replication will occur on the same ports used by the Certificate Sever instances to communicate with the directory server. If these ports are LDAPS ports, then the replication traffic will be SSL encrypted. It is still possible to require the replication traffic to be SSL encrypted on the non-SSL port by selecting TLS for Replication Security. In order for this operation to be successful though, the database instances must be SSL enabled before continuing beyond this panel. +#end +</div> +<p> +<i>Note: If the Fedora Directory Server is at a remote host, it is highly recommended that SSL should be used.</i> +<br/> +#if ($errorString != "") +<img src="/pki/images/icon_crit_update.gif"> <font color="red">$errorString</font> +#end +<br/> + + <table class="details"> + <tr> + <th>Host:</th> + <td><input type="text" size="40" name="host" value="$hostname" /></td> + </tr> + + <tr> + <th>Port:</th> + + <td><input type="text" size="40" name="port" value="$portStr" /> + <input type="CHECKBOX" NAME="secureConn">SSL + </td> + </tr> + <tr> + <th>Base DN:</th> +#if ($clone == "clone") + <td><input type="text" size="40" name="basedn" value="$basedn" readonly/></td> +#else + <td><input type="text" size="40" name="basedn" value="$basedn" /></td> +#end + </tr> + <tr> + <th>Database:</th> + + <td><input type="text" size="40" name="database" value="$database" /></td> + </tr> + <tr> + <th>Bind DN:</th> + <td><input type="text" size="40" name="binddn" value="$binddn" /></td> + </tr> + <tr> + <th>Bind Password:</th> + + <td><input type="password" size="40" name="__bindpwd" value="$bindpwd" autocomplete="off" /></td> + </tr> + </table> + <input type="hidden" name="display" value=$displayStr /> + <input type="CHECKBOX" NAME="removeData">Remove the existing data from the <b>Base DN</b> shown above.<p> + +#if ($clone == "clone") + + #set ($check_none="") + #set ($check_tls="") + #set ($check_ssl="") + #if ($replicationSecurity == "TLS") #set ($check_tls="CHECKED") + #elseif ($replicationSecurity == "SSL") #set ($check_ssl="CHECKED") + #else #set ($check_none="CHECKED") #end + + <table class="details" > + <tr><th>Replication Details</th></tr> + <tr> + <th>Master Replication Port:</th> + <td><input type="text" size="40" name="masterReplicationPort" value="$masterReplicationPort" /></td> + </tr> + + <tr> + <th>Clone Replication Port:</th> + <td><input type="text" size="40" name="cloneReplicationPort" value="$cloneReplicationPort" /></td> + </tr> + + <tr> + <th>Replication Security:</th> + <td> + <input type="radio" name="replicationSecurity" value="None" $check_none />None</input> + <input type="radio" name="replicationSecurity" value="TLS" $check_tls />TLS</input> + <input type="radio" name="replicationSecurity" value="SSL" $check_ssl />SSL</input> + </td> + </tr> + <p> +#end + + <div align="right"> + <hr /> + + </div> diff --git a/base/server/share/webapps/pki/admin/console/config/displaycertchainpanel.vm b/base/server/share/webapps/pki/admin/console/config/displaycertchainpanel.vm new file mode 100644 index 000000000..26506c12f --- /dev/null +++ b/base/server/share/webapps/pki/admin/console/config/displaycertchainpanel.vm @@ -0,0 +1,49 @@ +<!-- --- BEGIN COPYRIGHT BLOCK --- + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + + Copyright (C) 2007 Red Hat, Inc. + All rights reserved. + --- END COPYRIGHT BLOCK --- --> + +<SCRIPT type="text/JavaScript"> +function myOnLoad() { +} + +function performPanel() { + with (document.forms[0]) { + submit(); + } +} +</SCRIPT> +<h2>$panelname</h2> +<br/> +A certificate chain is a list of all certificates chained up to the root. +<br/> +If a certificate chain is displayed below, click the Next button to trust this certificate chain for this instance. +<br/> +If no certificate chain is listed below, simply click the Next button to move on to the next panel. +<p> +#if ($errorString != "") +<img alt="" src="/pki/images/icon_crit_update.gif"> <font color="red">$errorString</font> +#end +<p> + +#if ($certchain.size() > 0) +#foreach ($p in $certchain) +<pre> +$p +</pre> +<br/> +#end +#end diff --git a/base/server/share/webapps/pki/admin/console/config/donepanel.vm b/base/server/share/webapps/pki/admin/console/config/donepanel.vm new file mode 100644 index 000000000..136760171 --- /dev/null +++ b/base/server/share/webapps/pki/admin/console/config/donepanel.vm @@ -0,0 +1,74 @@ +<!-- --- BEGIN COPYRIGHT BLOCK --- + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + + Copyright (C) 2007 Red Hat, Inc. + All rights reserved. + --- END COPYRIGHT BLOCK --- --> + +<SCRIPT type="text/JavaScript"> +function myOnLoad() { +} + +function performPanel() { + with (document.forms[0]) { + submit(); + } +} +</SCRIPT> +<input type="hidden" name="host" value=$host /> +<input type="hidden" name="port" value=$port /> +<input type="hidden" name="systemType" value=$systemType /> +#if ($errorString != "") +<img alt="" src="/pki/images/icon_crit_update.gif"> <font color="red">$errorString</font> +#end +#if ($systemType.equals("tks")) +As 'root', restart the server on the command line by typing the following command: +<br> +$initCommand restart $instanceId +<br> +After performing this restart, the server should become operational. +#else +#if ($externalCA.equals("true") && $systemType.equals("kra")) +As 'root', restart the server on the command line by typing the following command: +<br> +$initCommand restart $instanceId +<br> +Startup the administration console to add the peer CA to the Trusted Manager's Group. Make sure to add the transport certificate and connector information to the peer CA. After performing this restart, the server should become operational. +#else +As 'root', restart the server on the command line by typing the following command: +<br> +$initCommand restart $instanceId +<br> +After performing this restart, the server should become operational. +<br/> +Please go to the <A href="https://$host:$port/$systemType/services"><b>services page</b></A> to access all of the available interfaces. +<br/> +#end +#end +<br/> +To create additional instances, type "/usr/bin/pkicreate" on the command line. +#if ($systemType != "tps") +<br> +To start the administration console, type "/usr/bin/pkiconsole" on the command line. +<br/> +#end +#if (($systemType == "kra") && ($info != "")) +<hr> +<br> +<b>Important warning</b> reported by Certificate Authority:<br> <b>$info</b> +<br/> +<br> +This instance of Data Recovery Manager (DRM) is not connected to any Certificate Authority (CA). Please consult the product documentation for the manual procedure of connecting a DRM to a CA. +<br/> +#end diff --git a/base/server/share/webapps/pki/admin/console/config/footer.vm b/base/server/share/webapps/pki/admin/console/config/footer.vm new file mode 100644 index 000000000..a596e45b1 --- /dev/null +++ b/base/server/share/webapps/pki/admin/console/config/footer.vm @@ -0,0 +1,19 @@ +<!-- --- BEGIN COPYRIGHT BLOCK --- + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + + Copyright (C) 2007 Red Hat, Inc. + All rights reserved. + --- END COPYRIGHT BLOCK --- --> + <div id="footer"> + </div> diff --git a/base/server/share/webapps/pki/admin/console/config/header.vm b/base/server/share/webapps/pki/admin/console/config/header.vm new file mode 100644 index 000000000..e0fe6a962 --- /dev/null +++ b/base/server/share/webapps/pki/admin/console/config/header.vm @@ -0,0 +1,25 @@ +<!-- --- BEGIN COPYRIGHT BLOCK --- + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + + Copyright (C) 2007 Red Hat, Inc. + All rights reserved. + --- END COPYRIGHT BLOCK --- --> +<div id="header"> + <a href="http://pki.fedoraproject.org" title="Visit pki.fedoraproject.org for more information about Dogtag products and services"><img src="/pki/images/logo_header.gif" alt="Dogtag" id="myLogo" /></a> + <div id="headerpaddedtitle"> + <a href="/" title="Dogtag Network homepage">Dogtag<sup><font size="-2">®</font></sup> Certificate System</a> + </div> + <div id="account"> + </div> +</div> diff --git a/base/server/share/webapps/pki/admin/console/config/hierarchypanel.vm b/base/server/share/webapps/pki/admin/console/config/hierarchypanel.vm new file mode 100644 index 000000000..e6c03a6b1 --- /dev/null +++ b/base/server/share/webapps/pki/admin/console/config/hierarchypanel.vm @@ -0,0 +1,56 @@ +<!-- --- BEGIN COPYRIGHT BLOCK --- + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + + Copyright (C) 2007 Red Hat, Inc. + All rights reserved. + --- END COPYRIGHT BLOCK --- --> + +<SCRIPT type="text/JavaScript"> +function myOnLoad() { + setURL(); +} + +function performPanel() { + with (document.forms[0]) { + submit(); + } +} +</SCRIPT> +<h2>PKI Hierarchy</h2> +<p> +This CA instance can be either a Self-Signed Root CA or a Subordinate CA. <a href="javascript:toggle_details();">[Details]</a> +<SCRIPT type="text/JavaScript"> +function toggle_details() +{ + d = document.getElementById('details'); + if (d.style.display == "block") { + d.style.display="none"; + } else { + d.style.display="block"; + } +} + +</script> + +<div id=details style="display: none;"> +<p> +The PKI hierarchy establishes the trust relationships between this CA instance and the other PKI instances within this security domain. A CA can be chained under an internal CA, or alternatively, it can be chained under a public or an external CA. +</div> + +<p> +<b><input $check_root type=radio name=choice value="root"> Make this a Self-Signed Root CA within this new PKI hierarchy. <img alt="" src="/pki/images/rootca.gif"></b> +<p> +<b><input $check_join type=radio name=choice value="join"> Make this a subordinate CA of another CA. <img alt="" src="/pki/images/sub.gif"></b> + +<p> diff --git a/base/server/share/webapps/pki/admin/console/config/importadmincertpanel.vm b/base/server/share/webapps/pki/admin/console/config/importadmincertpanel.vm new file mode 100644 index 000000000..53d445946 --- /dev/null +++ b/base/server/share/webapps/pki/admin/console/config/importadmincertpanel.vm @@ -0,0 +1,66 @@ +<!-- --- BEGIN COPYRIGHT BLOCK --- + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + + Copyright (C) 2007 Red Hat, Inc. + All rights reserved. + --- END COPYRIGHT BLOCK --- --> + +<SCRIPT ID=ImportCertificate_OnClick LANGUAGE="JavaScript"> +function myOnLoad() { +} + +function performPanel() { + with (document.forms[0]) { + submit(); + } +} +</SCRIPT> +An administrator's certificate has been created and imported into this browser. This certificate is used to access the agent interface of this subsystem. +<p> +#if ($errorString != "") +<img src="/pki/images/icon_crit_update.gif"> <font color="red">$errorString</font> +#end +<font color="red">$info</font> +<p> + <p> + + <table class="details"> + <tr> +<SCRIPT LANGUAGE="JavaScript"> +#if ($ca == 'true' && $import == 'true') +if (navigator.appName == "Netscape") { +document.writeln('<iframe scrolling=yes frameborder=0 height=0 width=0 src="https://$caHost:$caPort/ca/admin/ca/getBySerial?serialNumber=$serialNumber&importCert=true&browser=netscape"></iframe>'); +} else { +document.writeln('<iframe scrolling=yes frameborder=0 height=0 width=0 src="https://$caHost:$caPort/ca/admin/ca/getBySerial?serialNumber=$serialNumber&importCert=true&browser=ie"></iframe>'); +} +#else +#if ($import == 'true') +if (navigator.appName == "Netscape") { +document.writeln('<iframe scrolling=yes frameborder=0 height=0 width=0 src="https://$caHost:$caPort/ca/admin/ca/getBySerial?serialNumber=$serialNumber&importCert=true&browser=netscape"></iframe>'); +} else { +document.writeln('<iframe scrolling=yes frameborder=0 height=0 width=0 src="https://$caHost:$caPort/ca/admin/ca/getBySerial?serialNumber=$serialNumber&importCert=true&browser=ie"></iframe>'); +} +#end +#end +</SCRIPT> +<input type="hidden" name="serialNumber" value=$serialNumber /> +<input type="hidden" name="caHost" value=$caHost /> +<input type="hidden" name="caPort" value=$caPort /> +<input type="hidden" name="pkcs7" value=$pkcs7 /> + + </tr> + </table> + <div align="right"> + <hr /> + </div> diff --git a/base/server/share/webapps/pki/admin/console/config/importcachainpanel.vm b/base/server/share/webapps/pki/admin/console/config/importcachainpanel.vm new file mode 100755 index 000000000..c53c3af2a --- /dev/null +++ b/base/server/share/webapps/pki/admin/console/config/importcachainpanel.vm @@ -0,0 +1,65 @@ +<!-- --- BEGIN COPYRIGHT BLOCK --- + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + + Copyright (C) 2007 Red Hat, Inc. + All rights reserved. + --- END COPYRIGHT BLOCK --- --> + +<SCRIPT ID=ImportCertificate_OnClick LANGUAGE="JavaScript"> +function myOnLoad() { +} + +function performPanel() { + with (document.forms[0]) { + submit(); + } +} + +</SCRIPT> +The CA's certificate chain needs to be imported into your browser. Also, you must trust the CA. Once this is done, click Next. +<p> +#if ($errorString != "") +<img src="/pki/images/icon_crit_update.gif"> <font color="red">$errorString</font> +#end +<p> + <p> + + <table class="details"> + <tr> +<SCRIPT LANGUAGE="JavaScript"> + +function importCAChain() +{ + var importcachain = document.getElementById("importcachain"); + + if(!importcachain) + return; + + alert("You will now be asked to import and trust the Certificate Chain from the CA. Please do so."); + + importcachain.src="http://$machineName:$http_port/ca/ee/ca/getCAChain?op=download&mimeType=application/x-x509-ca-cert"; +} + +#if ($ca == 'true' && $import == 'true') +document.writeln('<iframe scrolling=yes id="importcachain" frameborder=0 height=0 width=0></iframe>'); +window.setTimeout(importCAChain,700); +#end + +</SCRIPT> + + </tr> + </table> + <div align="right"> + <hr /> + </div> diff --git a/base/server/share/webapps/pki/admin/console/config/login.vm b/base/server/share/webapps/pki/admin/console/config/login.vm new file mode 100644 index 000000000..2400bd2d3 --- /dev/null +++ b/base/server/share/webapps/pki/admin/console/config/login.vm @@ -0,0 +1,113 @@ +<!-- --- BEGIN COPYRIGHT BLOCK --- + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + + Copyright (C) 2007 Red Hat, Inc. + All rights reserved. + --- END COPYRIGHT BLOCK --- --> + +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> + +<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> + <head> + + <title>Dogtag Certificate System</title> + + <link rel="shortcut icon" href="/pki/images/favicon.ico" /> + <link rel="stylesheet" href="/pki/css/pki-base.css" type="text/css" /> + </head> + + + <body><div id="wrap"> + +#include ( "admin/console/config/header.vm" ) + +<div id="mainNavOuter"> +<div id="mainNav"> + +<div id="mainNavInner"> + +#include ( "admin/console/config/topmenu.vm" ) + +</div><!-- end mainNavInner --> +</div><!-- end mainNav --> +</div><!-- end mainNavOuter --> + + +<div id="bar"> + +<div id="systembar"> +<div id="systembarinner"> + +<div> + - +</div> + + +</div> +</div> + +</div> +<!-- close bar --> + + <div id="content"> + <table width="100%" cellspacing="0"> + <tr> + <td class="sidebar"> + + </td> + <td class="page-content" width="100%"> + <h1><img src="/pki/images/icon-software.gif" /> + Login</h1> + +A one time random pin has been generated during setup to protect unauthorized access to this configuration wizard. This pin has been stored in the "CS.cfg" configuration file as the value of the 'preop.pin' parameter. Please enter this pin to continue. + + <p> +#if ($errorString != "") +<img src="/pki/images/icon_crit_update.gif"> <font color="red">$errorString</font> +#end + <p> + <form name="f" action="login" method="post"> + + <table class="details"> + <tr> + <th>PIN:</th> + <td><input type=password name="pin"></td> + </tr> + </table> + <div align="right"> + <hr /> + </div> + </form> + +<p> +<table width=100%> +<tr bgcolor="#eeeeee"> +<td align=right> +<input type=button onclick="javascript: document.f.submit();" name=login value="Login"> +</td> +</tr> +</table> + + + </td> + </tr> + </table> + +#include ( "admin/console/config/footer.vm" ) + + </div> <!-- close content --> + </div> <!-- close wrap --> + + </body> +</html> diff --git a/base/server/share/webapps/pki/admin/console/config/modulepanel.vm b/base/server/share/webapps/pki/admin/console/config/modulepanel.vm new file mode 100644 index 000000000..f0952ecbe --- /dev/null +++ b/base/server/share/webapps/pki/admin/console/config/modulepanel.vm @@ -0,0 +1,162 @@ +<!-- --- BEGIN COPYRIGHT BLOCK --- + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + + Copyright (C) 2007 Red Hat, Inc. + All rights reserved. + --- END COPYRIGHT BLOCK --- --> + +<SCRIPT type="text/JavaScript"> +function myOnLoad() { +} + +function performPanel() { + with (document.forms[0]) { + submit(); + } +} +</SCRIPT> +Two lists of security modules are provided below. The <b>Supported Security Modules</b> list consists of both software-based and hardware-based security modules that this PKI solution supports, while the <b>Other Security Modules</b> list consists of any other security modules found by this PKI subsystem that are not recognized as one of the supported security modules. <a href="javascript:toggle_details();">[Details]</a> +<SCRIPT type="text/JavaScript"> +function toggle_details() +{ + d = document.getElementById('details'); + if (d.style.display == "block") { + d.style.display="none"; + } else { + d.style.display="block"; + } +} +</script> +<div id=details style="display: none;"> +<br/> +Key pairs for this instance will be generated and stored on a device called a security module. +<br/> +A <b><i>key pair</i></b> consists of a public key and a private key. A <b><i>private key</i></b> is a secret entity which is never exposed to the public, will generally be protected via a security module, and is commonly referred to simply as the <b><i>key</i></b>. A <b><i>public key</i></b> is open, distributable, and while it may also be stored on a security module, it is not protected by this device. A public key, once signed by a CA, is more generally referred to as a <b><i>certificate</i></b>. +<br/> +<b><i>Security modules</i></b> can be either hardware-based or software-based. Although hardware-based security modules provide more security for the secret, or private portion of this key, they must be obtained from a third-party vendor and installed prior to deployment of this PKI solution. For this particular PKI implementation, a software-based FIPS 140-1 security module has been included. +<br/> +Before any security module solution can be used, a user must first always be authenticated to this security module via a token. To support this, each security module consists of one or more <b><i>slots</i></b>. For hardware-based security modules, a slot often consists of one or more physical contact points to the device itself (e.g. - a card reader or USB receptacle), while for software-based security modules, these may be thought of as merely a functional entry point into the software. +<br/> +Finally, a <b><i>token</i></b> (often generically referred to as a <b><i>smartcard</i></b>), which contains the actual key material, interfaces with the security module via a slot. For hardware-based security modules, this may be something like a physical card containing a chip, or a USB device that can be physically inserted into a USB slot. For software-based security modules, this can be thought of as an entry in a database. In the case of both hardware-based as well as software-based security modules, a password is the most commonly used method to complete this authentication. +<br/> +Since a security module may consist of slots for one or more tokens, the user must be successfully authenticated to each token of the chosen security module before this configuration can continue. +</div> +<br/> +<H2>Supported Security Modules</H2> +<table width=100%> +<tr bgcolor="#cccccc"> + <td width=20%><b>Module/Token</b></td> + <td width=10%><b>Status</b></td> + <td width=10%><b>Default</b></td> + <td width=10%><b>Operations</b></td> +</tr> +#foreach ($module in $sms) +<tr bgcolor="#eeeeee"> + <td><img alt="" src=$module.getImagePath()><br>$module.getUserFriendlyName()</td> + <td> + #if ($module.isFound()) + Found + #else + Not Found + #end + </td> + <td></td> + <td></td> +</tr> +#foreach ($token in $module.getTokens()) +<tr> + <td>- $token.getNickName()</td> + <td> + #if ($token.isPresent() && $token.isLoggedIn()) + Logged In + #else + Not logged In + #end + </td> + <td> + #if ($token.isPresent() && $token.isLoggedIn()) + #if ($defTok == $token.getNickName()) + <input checked type=radio name="choice" value="$token.getNickName()"> + #else + <input type=radio name="choice" value="$token.getNickName()"> + #end + #end + </td> + <td> + #if ($token.isPresent() && !$token.isLoggedIn()) +<a href="wizard?p=$subpanelno&SecToken=$token.getNickName()">Login</a> + #end +</td> +</tr> +#end +#end + +</table> +<H2>Other Security Modules</H2> +<h3>The security modules listed below are modules found by the server but not recognized as one of the supported modules. If the user believes that any listed modules below should have been supported, please check the "CS.cfg" configuration file to see if there is a name mismatch and adjust this accordingly.</h3> +<table width=100%> +<tr bgcolor="#cccccc"> + <td width=20%><b>Module/Token</b></td> + <td width=10%><b>Status</b></td> + <td width=10%><b>Default</b></td> + <td width=10%><b>Operations</b></td> +</tr> +#foreach ($module in $oms) +<tr bgcolor="#eeeeee"> + <td>$module.getUserFriendlyName()</td> + <td> + #if ($module.isFound()) + Found + #else + Not Found + #end + </td> + <td></td> + <td></td> +</tr> +#foreach ($token in $module.getTokens()) +<tr> + <td>- $token.getNickName()</td> + <td> + #if ($token.isPresent() && $token.isLoggedIn()) + Logged In + #else + Not logged In + #end + </td> + <td> + #if ($defTok == $token.getNickName()) + <input checked type=radio name="choice" value="$token.getNickName()"> + #else + <input type=radio name="choice" value="$token.getNickName()"> + #end + </td> + <td> + #if ($token.isPresent() && !$token.isLoggedIn()) +<a href="wizard?p=$subpanelno&SecToken=$token.getNickName()">Login</a> + #end +</td> +</tr> +#end +#end + +</table> + + + <br/> + + <div align="right"> + <hr /> + + </div> diff --git a/base/server/share/webapps/pki/admin/console/config/namepanel.vm b/base/server/share/webapps/pki/admin/console/config/namepanel.vm new file mode 100644 index 000000000..a1fff3807 --- /dev/null +++ b/base/server/share/webapps/pki/admin/console/config/namepanel.vm @@ -0,0 +1,105 @@ +<!-- --- BEGIN COPYRIGHT BLOCK --- + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + + Copyright (C) 2007 Red Hat, Inc. + All rights reserved. + --- END COPYRIGHT BLOCK --- --> + +<SCRIPT type="text/JavaScript"> +function myOnLoad() { +} + +function performPanel() { + with (document.forms[0]) { + submit(); + } +} +</SCRIPT> +Each certificate associated with this instance needs to have a unique name within the PKI hierarchy. The following information will be used to generate these unique names. Each certificate will be stored in the security module using a unique nickname.<a href="javascript:toggle_details();">[Details]</a> +<SCRIPT type="text/JavaScript"> +function toggle_details() +{ + d = document.getElementById('details'); + if (d.style.display == "block") { + d.style.display="none"; + } else { + d.style.display="block"; + } +} +</script> + +<div id=details style="display: none;"> +<br/> +Each unique name, called the certificate's subject name, is referenced as the distinguished name (DN). A DN may be composed of multiple comma separated name=value fields. +<br/> +</div> + + <p> +#if ($errorString != "") +<img alt="" src="/pki/images/icon_crit_update.gif"> <font color="red">$errorString</font> +#end +<br/> +#foreach ($item in $certs) +<H2>$item.getUserFriendlyName()</H2> + + <table class="details"> + <tr> + <th>DN:</th> +#if ($item.isEnable()) + <td><input type="text" size="70" name="$item.getCertTag()" value="$item.getEscapedDN()"/></td> +#else + <td><input type="text" size="70" name="$item.getCertTag()" value="$item.getEscapedDN()" disabled="disabled" /></td> +#end + </tr> + <tr> + <th>Nickname:</th> +#if ($item.isEnable()) + <td><input type="text" size="70" name="$item.getCertTag()_nick" value="$item.getNickname()"/></td> +#else + <td><input type="text" size="70" name="$item.getCertTag()_nick" value="$item.getNickname()" disabled="disabled" /></td> +#end + </tr> + </table> +<br/> +#end +<br/> +<hr> +<p> +A Certificate Authority (CA) is responsible for issuing different kinds of certificates. To obtain the certificates required internally by this subsystem, the user must select a URL to a CA that has been registered in the security domain or to an "External CA". +<p> +<i>Note: An "External CA" is defined to be a CA that is not part of the 'Security Domain'. Verisign<sup>®</sup>, GeoTrust<sup>®</sup>, and Netscape<sup>®</sup> Certificate Management System (CMS) 6.x are examples of "External CAs".</i> +<br/> + <table class="details"> + <tr> + <th>URL:</th> +#if ($isRoot == "true") + <td><select name="urls" disabled="disabled"> +#else + <td><select name="urls"> +#end + #if ($urls.size() > 0) + #set ($x=0) + #foreach ($p in $urls) + <option value="$x">$p</option> + #set ($x=$x+1) + #end + #end + </select> + </td> + </tr> + </table> + + <div align="right"> + <hr /> + </div> diff --git a/base/server/share/webapps/pki/admin/console/config/restorekeycertpanel.vm b/base/server/share/webapps/pki/admin/console/config/restorekeycertpanel.vm new file mode 100644 index 000000000..ab9b06f4c --- /dev/null +++ b/base/server/share/webapps/pki/admin/console/config/restorekeycertpanel.vm @@ -0,0 +1,54 @@ +<!-- --- BEGIN COPYRIGHT BLOCK --- + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + + Copyright (C) 2007 Red Hat, Inc. + All rights reserved. + --- END COPYRIGHT BLOCK --- --> + +<SCRIPT type="text/JavaScript"> +function myOnLoad() { +} + +function performPanel() { + with (document.forms[0]) { + submit(); + } +} +</SCRIPT> +<h2>Import Keys and Certificates</h2> +<br/> +To setup a cloned subsystem, the master subsystem's keys and certificates (with the exception of the SSL server key and certificate) need to be imported. For a software token, all of these keys and certificates are stored in a single file in the PKCS #12 format which is protected by the password provided during the creation of this file. To import this PKCS #12 file, first copy the PKCS #12 file to the alias directory for the cloned subsystem. Then enter an appropriate filename and password in the form specified below. +<p> +If these keys and certificates are stored in a hardware token, the hardware token vendor needs to be consulted for information on how to import them. +<p> +For keys and certificates stored in an external software token, please refer to the Dogtag documentation for instructions. +<p> +By default, if the path is left blank, no PKCS #12 file will be imported. +<br/> +#if ($errorString != "") +<img alt="" src="/pki/images/icon_crit_update.gif"> <font color="red">$errorString</font> +#end + <table class="details"> + <tr> + <th>PKCS #12 filename:</th> + + <td><input type="text" size="40" name="path" value="$path"/></td> + </tr> + <tr> + <th>PKCS #12 Password:</th> + + <td><input type="password" size="40" name="__password" value="$password" autocomplete="off"/></td> + </tr> + </table> +<br/> diff --git a/base/server/share/webapps/pki/admin/console/config/savepkcs12panel.vm b/base/server/share/webapps/pki/admin/console/config/savepkcs12panel.vm new file mode 100644 index 000000000..ce74ecae8 --- /dev/null +++ b/base/server/share/webapps/pki/admin/console/config/savepkcs12panel.vm @@ -0,0 +1,40 @@ +<!-- --- BEGIN COPYRIGHT BLOCK --- + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + + Copyright (C) 2007 Red Hat, Inc. + All rights reserved. + --- END COPYRIGHT BLOCK --- --> + +<SCRIPT type="text/JavaScript"> +function myOnLoad() { +} + +function performPanel() { + with (document.forms[0]) { + submit(); + } +} +</SCRIPT> +<h2>Save Keys and Certificates</h2> +<br/> +This Subsystem is attempting to return the keys and certificates in a PKCS #12 format. +<p> +A popup dialog box from the browser should appear, prompting the user to save these keys and certificates to a PKCS #12 file located on the local filesystem. Follow the instructions within this dialog to save this PKCS #12 file to a safe location. +<br/> +#if ($errorString != "") +<img alt="" src="/pki/images/icon_crit_update.gif"> <font color="red">$errorString</font> +#end +<br/> +<iframe scrolling=no frameborder=0 height=0 width=0 src="/$subsystemtype/admin/console/config/savepkcs12"></iframe> +<br/> diff --git a/base/server/share/webapps/pki/admin/console/config/securitydomainloginpanel.vm b/base/server/share/webapps/pki/admin/console/config/securitydomainloginpanel.vm new file mode 100644 index 000000000..e9e0763ab --- /dev/null +++ b/base/server/share/webapps/pki/admin/console/config/securitydomainloginpanel.vm @@ -0,0 +1,109 @@ +<!-- --- BEGIN COPYRIGHT BLOCK --- + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + + Copyright (C) 2007 Red Hat, Inc. + All rights reserved. + --- END COPYRIGHT BLOCK --- --> + +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> + +<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> + <head> + + <title>Dogtag Certificate System</title> + + <link rel="shortcut icon" href="/pki/images/favicon.ico" /> + <link rel="stylesheet" href="/pki/css/pki-base.css" type="text/css" /> +<META http-equiv=Content-Type content="text/html; charset=UTF-8"> + </head> + + +<div id="wrap"> +<div id="header"> + <a href="http://pki.fedoraproject.org/" title="Visit pki.fedoraproject.org for more information about Dogtag products and services"><img src="/pki/images/logo_header.gif" alt="Dogtag" id="myLogo" /></a> + <div id="headerpaddedtitle"> + <a href="/" title="Dogtag Network homepage">Dogtag<sup><font size="-2">®</font></sup> Certificate System</a> + </div> + <div id="account"> + <dl><dt><span></span></dt><dd></dd></dl> + </div> +</div> + +<div id="mainNavOuter"> +<div id="mainNav"> + +<div id="mainNavInner"> + +</div><!-- end mainNavInner --> +</div><!-- end mainNav --> +</div><!-- end mainNavOuter --> + +<!-- close bar --> + + <div id="content"> + <table width="100%" cellspacing="0"> + <tr> + <td width="100%"> + <h1><img src="/pki/images/icon-software.gif" /> + Security Domain ($name) Login </h1> + + <form name=sdForm action="getCookie" method="post"> + <p>The Enterprise $subsystem Administrator will register this $subsystem Subsystem located at $host under this Security Domain located at $sdhost. The credential information will be provided to the Security Domain for authentication.<p> +#if ($errorString != "") +<img src="/pki/images/icon_crit_update.gif"> <font color="red">$errorString</font> +#end + <table class="details"> + <tr> + <th>Uid:</th> + + <td><input type="text" length="128" size="40" name="uid" value="$sd_uid" /></td> + </tr> + + <tr> + <th>Password:</th> + + <td><input type="password" length="64" size="40" name="pwd" value="$sd_pwd" autocomplete="off" /></td> + </tr> +<input type=hidden name=url value="$url"> + + </table> + + <div align="right"> + <hr /> + + </div> + + +<p> +<table width=100%> +<tr bgcolor="#eeeeee"> + <td> +<div align="right"> +<input onclick="sdForm.submit()" type="button" name="sd_next" value="Login"> +</div> + </td> +</tr> +</table> + + </form> + + </td> + </tr> + </table> + + </div> <!-- close content --> + </div> <!-- close wrap --> + + </body> +</html> diff --git a/base/server/share/webapps/pki/admin/console/config/securitydomainpanel.vm b/base/server/share/webapps/pki/admin/console/config/securitydomainpanel.vm new file mode 100644 index 000000000..a8ac15bf5 --- /dev/null +++ b/base/server/share/webapps/pki/admin/console/config/securitydomainpanel.vm @@ -0,0 +1,115 @@ +<!-- --- BEGIN COPYRIGHT BLOCK --- + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + + Copyright (C) 2007 Red Hat, Inc. + All rights reserved. + --- END COPYRIGHT BLOCK --- --> + +<SCRIPT type="text/JavaScript"> +function myOnLoad() { +} + +function performPanel() { + with (document.forms[0]) { + submit(); + } +} +</SCRIPT> +<h2>$panelname</h2> +<br/> +A security domain is a registry for all of the PKI services within an enterprise. Applications may use the security domain to locate other PKI services. <a href="javascript:toggle_details();">[Details]</a> +<SCRIPT type="text/JavaScript"> +function toggle_details() +{ + d = document.getElementById('details'); + if (d.style.display == "block") { + d.style.display="none"; + } else { + d.style.display="block"; + } +} +</script> + +<div id=details style="display: none;"> +<br/> +This PKI solution allows multiple security domains within an organization, but each security domain must host a Certificate Authority. +<br/> +If the user is creating a new security domain, this CA Administrator is also +the security domain Administrator. +<br/> +If this subsystem is joining an existing security domain, the user will need to provide the credential information of the security domain Administrator +requested in the next panel. +</div> +#if ($errorString != "") +<img alt="" src="/pki/images/icon_crit_update.gif"> <font color="red">$errorString</font> +#end +<br/> +#if ($cstype == "CA") +<b><input $check_newdomain type=radio name=choice value="newdomain"> Create a New Security Domain </b> +<br/> +If no security domain exists, a new one must be created for this CA. + <table class="details"> + <tr> + <th>Security Domain Name: </th> + <td><input type=text size="40" name="sdomainName" value="$sdomainName"> (e.g. - Dogtag Security Domain)</td> + </tr> + <tr> + <th>Security Domain HTTP EE URL (unsecure): </th> + <td>http://$machineName:$http_ee_port</td> + </tr> + <tr> + <th>Security Domain HTTPS Agent URL (clientauth): </th> + <td>https://$machineName:$https_agent_port</td> + </tr> + <tr> + <th>Security Domain HTTPS EE URL (non-clientauth): </th> + <td>https://$machineName:$https_ee_port</td> + </tr> + <tr> + <th>Security Domain HTTPS Admin URL (non-clientauth): </th> + <td>https://$machineName:$https_admin_port</td> + </tr> + </table> +<br/> +<b><input $check_existingdomain type=radio name=choice value="existingdomain"> Join an Existing Security Domain </b> +#else +<b><input disabled="disabled" type=radio name=choice value="newdomain"> Create a New Security Domain </b> +<br/> +If no security domain exists, a new one must be created for this CA. + <table class="details"> + <tr> + <th>Security Domain Name: </th> + <td><input disabled="disabled" type=text size="40" name="sdomainName" value="$sdomainName"> (e.g. - Dogtag Security Domain)</td> + </tr> + </table> +<br/> +<b><input checked type=radio name=choice value="existingdomain"> Join an Existing Security Domain </b> +#end +<br/> +Enter the URL to an existing security domain. +<br/> + <table class="details"> + <tr> + <th>Security Domain HTTPS Admin URL (non-clientauth): </th> + <td><input type=text size="40" name="sdomainURL" value="$sdomainURL"> (e.g. - https://example.com:9445)</td> + </tr> + </table> +<br/> +<table> +<tr> +<td valign="top"><b>NOTE: </b></td> +<td>Since a Security Domain MUST be a CA (although all CAs are NOT necessarily Security Domains), an appropriate value for this URL may be obtained by logging into the machine which hosts the desired Security Domain CA as 'root' and running the command "$initCommand status $instanceId" from the command-line.</td> +</tr> +</table> +<br/> diff --git a/base/server/share/webapps/pki/admin/console/config/sidemenu.vm b/base/server/share/webapps/pki/admin/console/config/sidemenu.vm new file mode 100644 index 000000000..09fe16870 --- /dev/null +++ b/base/server/share/webapps/pki/admin/console/config/sidemenu.vm @@ -0,0 +1,30 @@ +<!-- --- BEGIN COPYRIGHT BLOCK --- + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + + Copyright (C) 2007 Red Hat, Inc. + All rights reserved. + --- END COPYRIGHT BLOCK --- --> + +<div id="sidenav"> +<ul> + <li><a href="welcome">Welcome</a></li> + <li><a href="database">Internal Database</a></li> + <li><a href="module">Security Modules</a></li> + <li><a href="size">Key Size</a></li> + <li><a href="name">Issuer Name</a></li> + <li><a href="hierarchy">PKI Hierarchy</a></li> + <li><a href="admin">Administrator</a></li> + <li><a href="done">Finish</a></li> +</ul> +</div> diff --git a/base/server/share/webapps/pki/admin/console/config/sizepanel.vm b/base/server/share/webapps/pki/admin/console/config/sizepanel.vm new file mode 100644 index 000000000..1dee1ce6b --- /dev/null +++ b/base/server/share/webapps/pki/admin/console/config/sizepanel.vm @@ -0,0 +1,685 @@ +<!-- --- BEGIN COPYRIGHT BLOCK --- + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + + Copyright (C) 2007 Red Hat, Inc. + All rights reserved. + --- END COPYRIGHT BLOCK --- --> + +<style type="text/css"> +div#advance +{ + margin: 0px 20px 0px 20px; + display: none; +} +div#simple +{ + margin: 0px 20px 0px 20px; + display: block; +} +</style> + +<SCRIPT type="text/JavaScript"> + +var rsalist="${rsalist}"; +var ecclist="${ecclist}"; +var curvelist="${curvelist}"; +var displaycurvelist = "${displaycurvelist}"; +var rsaTags = "${rsaTags}"; +var additionalMessage = ""; +if (rsaTags.length > 0) { + additionalMessage = (rsaTags.indexOf(",") != -1)? + "<p><b>IMPORTANT:</b> <i>Currently, the Audit Log Signing, Transport, and Storage functionality <b>ONLY</b> support RSA keys. Users that require ECC keys <b>MUST</b> first select the ECC key type and then verify on the Advanced tab that RSA keys are selected for the Audit Log Signing Certificate, Transport Certificate, and Storage Certificate. All other keys can be ECC.</i>": + "<p><b>IMPORTANT:</b> <i>Currently, the Audit Log Signing functionality <b>ONLY</b> supports RSA keys. Users that require ECC keys <b>MUST</b> first select the ECC key type and then verify on the Advanced tab that an RSA key is selected for the Audit Log Signing Certificate. All other keys can be ECC.</i>"; +} + +function myOnLoad() { + var form = document.forms[0]; + var keyTypeSelect = form.elements['keytype']; + + setSigningAlgOptions(keyTypeSelect.value, "commontag"); + setAllSigningAlgOptions(keyTypeSelect.value); + + setAlgOptions(keyTypeSelect.value, "commontag"); + setAllAlgOptions(keyTypeSelect.value); +} + +function performPanel() { + with (document.forms[0]) { + submit(); + } +} + +function toggleLayer(whichLayer) +{ + if (document.getElementById) { + // this is the way the standards work + var style2 = document.getElementById(whichLayer).style; + if (style2.display == "block") { + style2.display = "none"; + } else { + style2.display = "block"; + } + } +} + +function toggleLayer1(whichLayer) +{ + if (document.getElementById) { + // this is the way the standards work + var style2 = document.getElementById(whichLayer).style; + if (style2.display == "block") { + style2.display = "none"; + } else if (style2.display == "") { + style2.display = "none"; + } else { + style2.display = "block"; + } + } +} + +function toggleOn(whichLayer) +{ + if (document.getElementById) { + var style2 = document.getElementById(whichLayer).style; + style2.display = "block"; + } +} + +function toggleOff(whichLayer) +{ + if (document.getElementById) { + var style2 = document.getElementById(whichLayer).style; + style2.display = "none"; + } +} + +function keyAlgorithmChange() +{ + var form = document.forms[0]; + var keyTypeSelect = document.forms[0].elements['keyalgorithm']; + for (var i = 0; i < form.length; i++) { + var name = form[i].name; + if (name.indexOf('_keyalgorithm') != -1) { + form.elements[name].selectedIndex = keyTypeSelect.selectedIndex; + } + } +} + +function signingAlgorithmChange() +{ + var form = document.forms[0]; + var keyTypeSelect = document.forms[0].elements['signingalgorithm']; + for (var i = 0; i < form.length; i++) { + var name = form[i].name; + if (name.indexOf('_signingalgorithm') != -1) { + form.elements[name].selectedIndex = keyTypeSelect.selectedIndex; + } + } +} + +function setAllAlgOptions(keyType) +{ + var form = document.forms[0]; + for (var i = 0; i < form.length; i++) { + var name = form[i].name; + var ind = name.indexOf('_keyalgorithm'); + if (ind != -1) { + var tag = name.substring(0,ind); + setAlgOptions(keyType, tag); + } + } +} + +function setAlgOptions(keyType, certTag) +{ + var algSelect; + var list; + if (certTag == "commontag") { + algSelect = document.forms[0].elements['keyalgorithm']; + } else { + algSelect = document.forms[0].elements[certTag + '_keyalgorithm']; + } + if (typeof(algSelect) == "undefined") { + return; + } + algSelect.options.length=0; + if (keyType == "rsa") { + list = rsalist.split(","); + } else { + list = ecclist.split(","); + } + for (i=0; i < list.length; i++) { + algSelect.options[algSelect.options.length] = new Option(list[i], list[i]); + } +} + +function setAllSigningAlgOptions(keyType) +{ + var form = document.forms[0]; + for (var i = 0; i < form.length; i++) { + var name = form[i].name; + var ind = name.indexOf('_signingalgorithm'); + if (ind != -1) { + var tag = name.substring(0,ind); + setSigningAlgOptions(keyType, tag); + } + } +} + +function setSigningAlgOptions(keyType, certTag) +{ + var algSelect; + var list; + if (certTag == "commontag") { + algSelect = document.forms[0].elements['signingalgorithm']; + } else { + algSelect = document.forms[0].elements[certTag + '_signingalgorithm']; + } + if (typeof(algSelect) == "undefined") { + return; + } + algSelect.options.length=0; + if (keyType == "rsa") { + list = rsalist.split(","); + } else { + list = ecclist.split(","); + } + for (i=0; i < list.length; i++) { + algSelect.options[algSelect.options.length] = new Option(list[i], list[i]); + } +} + +function toggleKeyCurve(keyType, certTag) +{ + if (keyType == "rsa") { + toggleOn(certTag + '_custom_display_keysize'); + toggleOff(certTag + '_custom_display_curvename'); + } else { + toggleOff(certTag + '_custom_display_keysize'); + toggleOn(certTag + '_custom_display_curvename'); + } +} + +function toggleAllKeyCurves(keyType) +{ + var form = document.forms[0]; + if (keyType == "rsa") { + toggleOn('simple_keysize'); + toggleOff('simple_curvename'); + } else { + toggleOn('simple_curvename'); + toggleOff('simple_keysize'); + } + + for (var i = 0; i < form.length; i++) { + var name = form[i].name; + var ind = name.indexOf('_keytype'); + + if (ind != -1) { + var tag = name.substring(0,ind); + if (keyType =="rsa") { + toggleOff(tag + '_custom_display_curvename'); + toggleOn(tag + '_custom_display_keysize'); + } else { + toggleOn(tag + '_custom_display_curvename'); + toggleOff(tag + '_custom_display_keysize'); + } + } + } +} + +function indexOfTag(tag) +{ + var index = rsaTags.indexOf(tag); + if (index > 0) { + if (rsaTags.charAt(index-1) != ',') { + index = -1; + } + } + return index; +} + +function keyTypeChange(certTag) +{ + var form = document.forms[0]; + var keyTypeSelect; + if (certTag == "commontag") { + keyTypeSelect = document.forms[0].elements['keytype']; + for (var i = 0; i < form.length; i++) { + var name = form[i].name; + var k = name.indexOf('_keytype'); + if (k != -1) { + var tag = name.substring(0, k); + if ((keyTypeSelect.value.indexOf('ecc') != -1) && + (indexOfTag(tag) == -1)) { + form.elements[name].selectedIndex = keyTypeSelect.selectedIndex; + setAlgOptions(keyTypeSelect.value, tag); + setSigningAlgOptions(keyTypeSelect.value, tag); + toggleKeyCurve(keyTypeSelect.value, tag); + } + } + } + } else { + keyTypeSelect = document.forms[0].elements[certTag + '_keytype']; + toggleKeyCurve(keyTypeSelect.value, certTag); + } + setAlgOptions(keyTypeSelect.value, certTag); + setSigningAlgOptions(keyTypeSelect.value, certTag); +} + +function defaultChange() +{ + var form = document.forms[0]; + var choiceSelect = document.forms[0].elements['choice']; + for (var i = 0; i < form.length; i++) { + var name = form[i].name; + if (name.indexOf('_choice') != -1) { + for (var j = 0; j < form.elements[name].length; j++) { + var c = form.elements[name]; + c[j].checked = choiceSelect[j].checked; + } + } + } +} + +function customChange() +{ + var form = document.forms[0]; + var choiceSelect = document.forms[0].elements['choice']; + for (var i = 0; i < form.length; i++) { + var name = form[i].name; + if (name.indexOf('_choice') != -1) { + for (var j = 0; j < form.elements[name].length; j++) { + var c = form.elements[name]; + c[j].checked = choiceSelect[j].checked; + } + } + } +} + +function textChange() +{ + var customSize = document.forms[0].elements['custom_size']; + var form = document.forms[0]; + for (var i = 0; i < form.length; i++) { + var name = form[i].name; + if (name.indexOf('_custom_size') != -1) { + form.elements[name].value = customSize.value; + } + } +} + +function matchCurve(curve) +{ + var list = curvelist.split(","); + for (var i=0; i < list.length; i++) { + if (list[i] == curve) return true; + } + return false; +} + +function curveChange() +{ + var customCurve = document.forms[0].elements['custom_curvename']; + var check = matchCurve(customCurve.value); + if (check == false) { + alert("The curve name " + customCurve.value + " is not in the set of allowed curves.\n" + + "To see a list of allowed curves, click on Details."); + return; + } + var form = document.forms[0]; + for (var i = 0; i < form.length; i++) { + var name = form[i].name; + if (name.indexOf('_custom_curvename') != -1) { + form.elements[name].value = customCurve.value; + } + } +} + +function displayCurveList() +{ + var list = displaycurvelist.split(","); + var linelen = 0; + for (var i=0; i < list.length -1 ; i++) { + document.write(list[i] + ","); + linelen = linelen + list[i].length; + if (linelen >= 60) { + document.write("<br/>"); + linelen=0; + } + } + document.write(list[list.length -1]); +} + +</SCRIPT> +Select the key pair type(s), associated key pair size(s) or curve name(s), and signature algorithm(s) from the pulldown menus. +<SCRIPT type="text/JavaScript"> +document.write(additionalMessage); +</SCRIPT> + <a href="javascript:toggle_details();">[Details]</a> +<SCRIPT type="text/JavaScript"> +function toggle_details() +{ + d = document.getElementById('details'); + if (d.style.display == "block") { + d.style.display="none"; + } else { + d.style.display="block"; + } +} +</script> +<div id=details style="display: none;"> +<br/> +<p> +Each certificate can have its own key pair generated with its own independent settings or common settings can be applied to all key pairs. At minimum, each key pair has to define what <i>type</i> it is by identifying a cipher family and then has to set a <i>strength</i> for that key. +</p> +<ul> +<li> +<b><i>Key Type</i></b>. Sets the cipher family to use to generate the key pair. RSA and ECC key types have slightly different strength options. +</li> +<li> +<b><i>RSA strength: Key Size</i></b>. Sets the key length for the generated pair. Longer keys are stronger, which makes them more secure. +However, longer key pair sizes also increase the time required to perform operations such as signing certificates, so long keys can affect performance. +</li> +<li> +<b><i>ECC strength: Curve Name</i></b>. Sets the curve algorithm to use, which can be any one of the curves listed below. The curves that are included in parenthesis are equivalent - and either name can be used. Note that not all curves may be supported by the token. +<br/><ul style="list-style:none"><li><i> +<SCRIPT type="text/JavaScript"> +displayCurveList(); +</SCRIPT></i></li></ul> +</li> +<li> +<b><i>Signing Algorithm</i></b>. <i>Signing certificates only.</i> Sets the signing algorithm which will be used to sign objects issued by the subsystem. This is only displayed for certificates which are used for object signing, such as the CA signing certificate or the OCSP signing certificate. +</li> +<li><b><i>Signed With</i></b>. <i>Root CAs only.</i> Sets the signing algorithm used to sign the CA signing certificate itself. +</li> +</ul> +<br/> +</div> +#if ($select == "clone") +For a cloned subsystem, only the key for an SSL server certificate is generated. +#end +<br/> +#if ($errorString != "") +<img src="/pki/images/icon_crit_update.gif"> <font color="red">$errorString</font> +#end +<br/> +<div id="simple"> +<br/> +<table width=100%> +<tr> + <td align=right><a href="javascript:toggleLayer1('simple'); toggleLayer('advance');" title="Advanced">[Advanced]</a></td> +</tr> +</table> +<br/> +<H2>Common Key Settings</H2> +<br/> +<table width=100% class="details"> + <tr> + <th width="30%">Key Type:</th> + <td><select name="keytype" onChange="keyTypeChange('commontag')"><option value="rsa">RSA</option><option value="ecc">ECC</option></select></td> + </tr> +</table> + +#if ($subsystemtype == "ca") +#if ($hselect == "root") +<table width=100% class="details"> + <tr> + <th width="30%">Signed With:</th> + <td><select name="keyalgorithm" onChange="keyAlgorithmChange()"> + </select></td> + </tr> +</table> +#end +#end + +#if ($show_signing == "true") +<table width=100% class="details"> + <tr> + <th width="30%">Signing Algorithm:</th> + <td><select name="signingalgorithm" onChange="signingAlgorithmChange()"> + </select></td> + </tr> +</table> +#end + +<div id="simple_keysize"> +<p> + + <input checked onChange="defaultChange()" type=radio name="choice" value="default"><b>Use the default key size ($default_keysize bits)</b>. + <p> + <input onChange="customChange()" type=radio name="choice" value="custom"><b>Use the following custom key size:</b> + + <p> +<table width=100% class="details"> + <tr> + <th>Key Size:</th> + <td><input onChange="textChange()" type="text" size="20" name="custom_size" value="2048" /></td> + </tr> +</table> + +</div> + +<div id="simple_curvename" style="display: none;"> +<p> + + <input checked onChange="defaultChange()" type=radio name="choice" value="default"><b>Use the default curve ($default_ecc_curvename)</b>. + <p> + <input onChange="customChange()" type=radio name="choice" value="custom"><b>Use the following curve:</b> + + <p> +<table width=100% class="details"> + <tr> + <th width=30%>Curve Name:</th> + <td><input onChange="curveChange()" type="text" size="20" name="custom_curvename" value="$default_ecc_curvename" /></td> + </tr> +</table> + +</div> + +<!-- to be used when we can do a google-style horizontal combo-box +<div id="simple_curvename" style="display: none;"> + +<table width=100% class="details"> + <tr> + <th width="30%">Curve Name:</th> + <td><select name="custom_curvename"> + #set ($x=0) + #foreach ($p in ${curvelist}) + <option value="$x">$p</option> + #set ($x=$x+1) + #end + </select></td> + </tr> +</table> +</div> +--> + +</div> +<p> + +<div id="advance" style="display: none;"> +<p> +<table width=100%> +<tr> + <td align=right><a href="javascript:toggleLayer1('simple');toggleLayer('advance');" title="Simple">[Simple]</a></td> +</tr> +</table> +#foreach ($item in $certs) +<H2>Key for $item.getUserFriendlyName()</H2> +<p> +<table width=100% class="details"> + <tr> + <th width="30%">Key Type:</th> +#if ($item.isEnable()) + <td><select name="$item.getCertTag()_keytype" onChange="keyTypeChange('$item.getCertTag()')"><option value=rsa>RSA</option><option value="ecc">ECC</option></select></td> +#else + <td><select name="$item.getCertTag()_keytype" disabled="disabled" onChange="keyTypeChange('$item.getCertTag()')"><option value=rsa>RSA</option><option value="ecc">ECC</option></select></td> +#end + </tr> +</table> + +#if ($subsystemtype == "ca") +#if ($hselect == "root") +#if ($item.getCertTag() == "signing") +<table width=100% class="details"> + <tr> + <th width="30%">Signed With:</th> + <td><select name="$item.getCertTag()_keyalgorithm"> + </select></td> + </tr> +</table> +#end +#end +#end + +#if ($item.isSigningRequired()) +<table width=100% class="details"> + <tr> + <th width="30%">Signing Algorithm:</th> + <td><select name="$item.getCertTag()_signingalgorithm"> + </select></td> + </tr> +</table> +#end + +<div id="$item.getCertTag()_custom_display_keysize"> +<br/> +#if ($item.isEnable()) + <input +#if ($item.useDefaultKey()) + checked +#end + type=radio name=$item.getCertTag()_choice value="default"><b>Use the default key size ($default_keysize bits). +#else + <input +#if ($item.useDefaultKey()) + checked +#end + type=radio name=$item.getCertTag()_choice value="default" disabled="disabled"><b>Use the default key size ($default_keysize bits). +#end + <br/> +#if ($item.isEnable()) + <input +#if (!$item.useDefaultKey()) + checked +#end + type=radio name=$item.getCertTag()_choice value="custom"><b>Use the following custom key size:</b> +#else + <input +#if (!$item.useDefaultKey()) + checked +#end + type=radio name=$item.getCertTag()_choice value="custom" disabled="disabled"><b>Use the following custom key size:</b> +#end + + <br/> +<table width=100% class="details"> + <tr> + <th>Key Size:</th> +#if ($item.isEnable()) + <td><input type="text" size="20" name=$item.getCertTag()_custom_size value=$item.getCustomKeysize() /></td> +#else + <td><input type="text" size="20" name=$item.getCertTag()_custom_size value=$item.getCustomKeysize() disabled="disabled"/></td> +#end + </tr> +</table> +</div> + +<div id="$item.getCertTag()_custom_display_curvename" style="display: none;"> +<br/> +#if ($item.isEnable()) + <input +#if ($item.useDefaultKey()) + checked +#end + type=radio name=$item.getCertTag()_choice value="default"><b>Use the default curve ($default_ecc_curvename). +#else + <input +#if ($item.useDefaultKey()) + checked +#end + type=radio name=$item.getCertTag()_choice value="default" disabled="disabled"><b>Use the default curve ($default_ecc_curvename). +#end + <br/> +#if ($item.isEnable()) + <input +#if (!$item.useDefaultKey()) + checked +#end + type=radio name=$item.getCertTag()_choice value="custom"><b>Use the following curve:</b> +#else + <input +#if (!$item.useDefaultKey()) + checked +#end + type=radio name=$item.getCertTag()_choice value="custom" disabled="disabled"><b>Use the following curve:</b> +#end + + <br/> +<table width=100% class="details"> + <tr> + <th width=30%>Curve Name:</th> +#if ($item.isEnable()) + <td><input type="text" size="20" name=$item.getCertTag()_custom_curvename value=$item.getCustomCurvename() /></td> +#else + <td><input type="text" size="20" name=$item.getCertTag()_custom_curvename value=$item.getCustomCurvename() disabled="disabled"/></td> +#end + </tr> +</table> +</div> + +<!-- to be used when we can do a google-style combo-box +<div id="$item.getCertTag()_custom_display_curvename" style="display: none;"> +<table width=100% class="details"> + <tr> + <th width="30%">Curve Name:</th> +#if ($item.isEnable()) + <td><select name=$item.getCertTag()_custom_curvename value=$item.getCustomCurvename()> + #set ($x=0) + #foreach ($p in $curvelist) + <option value="$x">$p</option> + #set ($x=$x+1) + #end + </select> + </td> +#else + <td><select name=$item.getCertTag()_custom_curvename value=$item.getCustomCurvename() disabled="disabled"> + #set ($x=0) + #foreach ($p in $curvelist) + <option value="$x">$p</option> + #set ($x=$x+1) + #end + </select> + </td> +#end + </tr> +</table> +</div> +--> + +#end +</div> +<br/> +<br/> +<br/> +#if ($firsttime == 'false') +<input type="CHECKBOX" NAME="generateKeyPair">New Keys<p> +#end +<br/> + <div align="right"> + <hr /> +<i>Note: After pressing Next, keys will be generated on the server, which will take some time to complete. Please wait for the next panel to appear.</i> + + </div> diff --git a/base/server/share/webapps/pki/admin/console/config/topmenu.vm b/base/server/share/webapps/pki/admin/console/config/topmenu.vm new file mode 100644 index 000000000..64881066f --- /dev/null +++ b/base/server/share/webapps/pki/admin/console/config/topmenu.vm @@ -0,0 +1,21 @@ +<!-- --- BEGIN COPYRIGHT BLOCK --- + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + + Copyright (C) 2007 Red Hat, Inc. + All rights reserved. + --- END COPYRIGHT BLOCK --- --> + +<ul> +<li id="mainFirst-active"><a href="wizard" class="mainFirstLink">Setup Wizard</a></li> +</ul> diff --git a/base/server/share/webapps/pki/admin/console/config/welcomepanel.vm b/base/server/share/webapps/pki/admin/console/config/welcomepanel.vm new file mode 100644 index 000000000..07b0d641f --- /dev/null +++ b/base/server/share/webapps/pki/admin/console/config/welcomepanel.vm @@ -0,0 +1,56 @@ +<!-- --- BEGIN COPYRIGHT BLOCK --- + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + + Copyright (C) 2007 Red Hat, Inc. + All rights reserved. + --- END COPYRIGHT BLOCK --- --> + +<SCRIPT type="text/JavaScript"> +function myOnLoad() { +} + +function performPanel() { + with (document.forms[0]) { + submit(); + } +} +</SCRIPT> +<H2>$panelname</H2> +The $fullsystemname configuration wizard will guide the administrator through the process of configuring a single instance of the $fullsystemname ($systemname). <a href="javascript:toggle_details();">[Details]</a> + +<SCRIPT type="text/JavaScript"> +function toggle_details() +{ + d = document.getElementById('details'); + if (d.style.display == "block") { + d.style.display="none"; + } else { + d.style.display="block"; + } +} +</script> + +<div id=details style="display: none;"> +<p> +A Public Key Infrastructure (PKI) system creates, manages, and revokes keys and certificates. +<p> +Dogtag Certificate System (DCS) $productversion + is a robust PKI system consisting of numerous subsystems including a Certificate Authority (CA), a Registration Authority (RA), a Data Recovery Manager (DRM), an Online Certificate Status Protocol (OCSP) Manager, a Token Key Service (TKS), and a Token Processing System (TPS), as well as a multi-platform smartcard middleware software client called Enterprise Security Client (ESC). +<p> +For any subsystem to be useable, a user must use this wizard to configure an instance of this subsystem. +#if ($systemType != "tps") +<p> +Additionally, this wizard may also be used to clone any existing instance to achieve scalability and high-availability. +#end +</div> diff --git a/base/server/share/webapps/pki/admin/console/config/wizard.vm b/base/server/share/webapps/pki/admin/console/config/wizard.vm new file mode 100644 index 000000000..cc868e572 --- /dev/null +++ b/base/server/share/webapps/pki/admin/console/config/wizard.vm @@ -0,0 +1,152 @@ +<!-- --- BEGIN COPYRIGHT BLOCK --- + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + + Copyright (C) 2007 Red Hat, Inc. + All rights reserved. + --- END COPYRIGHT BLOCK --- --> + +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> + +<html> + <head> + + <title>Dogtag Certificate System</title> + + <link rel="shortcut icon" href="/pki/images/favicon.ico" /> + <link rel="stylesheet" href="/pki/css/pki-base.css" type="text/css" /> + + <META http-equiv=Content-Type content="text/html; charset=UTF-8"> + + </head> + + <body onLoad="myOnLoad();"> + +<SCRIPT type="text/JavaScript"> +function process(fop) { + with (document.forms[0]) { + op.value = fop; + if (fop == 'next') { + document.getElementById('progress').style.visibility = "visible"; + performPanel(); + } else if (fop == 'apply') { + document.getElementById('progress').style.visibility = "visible"; + performPanel(); + } else { + document.getElementById('progress').style.visibility = "visible"; + submit(); + } + } +} + +</SCRIPT> + +<div id="wrap"> + +#include ( "admin/console/config/header.vm" ) + +<div id="mainNavOuter"> +<div id="mainNav"> + +<div id="mainNavInner"> + + +<ul> +<li id="mainFirst-active"><a href="wizard" class="mainFirstLink">$name</a></li> +</ul> + +</div><!-- end mainNavInner --> +</div><!-- end mainNav --> +</div><!-- end mainNavOuter --> + + +<div id="bar"> + +<div id="systembar"> +<div id="systembarinner"> + +</div> +</div> + +</div> +<!-- close bar --> + + <div id="content"> + <table width="100%" cellspacing="0"> + <tr> + <td class="sidebar"> + +<div id="sidenav"> +<ul> +#foreach ($panel in $panels) +#if (!$panel.isSubPanel()) +#if ($panel.isPanelDone()) + <li><center><font color=white size="2">$panel.getName()</font></center></li> +#else + <li><center><font color=black size="2">$panel.getName()</font></center></li> +#end +#end + +#end +</ul> +</div> + + </td> + <td class="page-content" width="100%"> + <h1><img alt="" src="/pki/images/icon-software.gif" /> + $title </h1> + +<OBJECT classid="clsid:127698E4-E730-4E5C-A2b1-21490A70C8A1" + codebase="xenroll.dll" + id=Enroll > +</OBJECT> + +<form name=f method=post action="wizard"> +<input type=hidden name=p value="$p"> + +#parse ( $panel ) + +<input type=hidden name="op" value=''> + +</form> + +<table width=100% border=0 cellspacing=0 cellpadding=0> +<tr bgcolor="#eeeeee"> +<td><img alt="" id=progress style="visibility: hidden;" src="/pki/images/bigrotation2.gif" /></td> +<td align=right> + +#if ($showApplyButton == true) +<input type=button onclick="process('apply')" name=back value="Apply"> +#end + +#if ($lastpanel == true) + +#else +<input type=button onclick="process('next')" name=back value="Next>"> +#end + +</td> +</tr> +</table> + + </td> + </tr> + </table> + +#include ( "admin/console/config/footer.vm" ) + + </div> <!-- close content --> + </div> <!-- close wrap --> + + </body> +</html> diff --git a/base/server/share/webapps/pki/admin/console/config/xml.vm b/base/server/share/webapps/pki/admin/console/config/xml.vm new file mode 100644 index 000000000..ee4bc2c97 --- /dev/null +++ b/base/server/share/webapps/pki/admin/console/config/xml.vm @@ -0,0 +1,21 @@ +<?xml version='1.0' encoding='utf-8'?> +<!-- BEGIN COPYRIGHT BLOCK + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + + Copyright (C) 2007 Red Hat, Inc. + All rights reserved. + END COPYRIGHT BLOCK --> +<response> + $xml +</response> diff --git a/base/server/share/webapps/pki/admin/console/js/misc.js b/base/server/share/webapps/pki/admin/console/js/misc.js new file mode 100644 index 000000000..d4dc336ab --- /dev/null +++ b/base/server/share/webapps/pki/admin/console/js/misc.js @@ -0,0 +1,30 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// Copyright (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- + +/** + * This function is to submit the form's parameters and to decide if the + * window should remain open. + * + * @param f The form + * @param fclose true if you want to close the window; otherwise false. + */ +function saveConfig(f, fclose) { + f.submit(); + if (fclose == true) + window.close(); +} diff --git a/base/server/share/webapps/pki/js/jquery-min.js b/base/server/share/webapps/pki/js/jquery-min.js new file mode 100644 index 000000000..83589daa7 --- /dev/null +++ b/base/server/share/webapps/pki/js/jquery-min.js @@ -0,0 +1,2 @@ +/*! jQuery v1.8.3 jquery.com | jquery.org/license */
+(function(e,t){function _(e){var t=M[e]={};return v.each(e.split(y),function(e,n){t[n]=!0}),t}function H(e,n,r){if(r===t&&e.nodeType===1){var i="data-"+n.replace(P,"-$1").toLowerCase();r=e.getAttribute(i);if(typeof r=="string"){try{r=r==="true"?!0:r==="false"?!1:r==="null"?null:+r+""===r?+r:D.test(r)?v.parseJSON(r):r}catch(s){}v.data(e,n,r)}else r=t}return r}function B(e){var t;for(t in e){if(t==="data"&&v.isEmptyObject(e[t]))continue;if(t!=="toJSON")return!1}return!0}function et(){return!1}function tt(){return!0}function ut(e){return!e||!e.parentNode||e.parentNode.nodeType===11}function at(e,t){do e=e[t];while(e&&e.nodeType!==1);return e}function ft(e,t,n){t=t||0;if(v.isFunction(t))return v.grep(e,function(e,r){var i=!!t.call(e,r,e);return i===n});if(t.nodeType)return v.grep(e,function(e,r){return e===t===n});if(typeof t=="string"){var r=v.grep(e,function(e){return e.nodeType===1});if(it.test(t))return v.filter(t,r,!n);t=v.filter(t,r)}return v.grep(e,function(e,r){return v.inArray(e,t)>=0===n})}function lt(e){var t=ct.split("|"),n=e.createDocumentFragment();if(n.createElement)while(t.length)n.createElement(t.pop());return n}function Lt(e,t){return e.getElementsByTagName(t)[0]||e.appendChild(e.ownerDocument.createElement(t))}function At(e,t){if(t.nodeType!==1||!v.hasData(e))return;var n,r,i,s=v._data(e),o=v._data(t,s),u=s.events;if(u){delete o.handle,o.events={};for(n in u)for(r=0,i=u[n].length;r<i;r++)v.event.add(t,n,u[n][r])}o.data&&(o.data=v.extend({},o.data))}function Ot(e,t){var n;if(t.nodeType!==1)return;t.clearAttributes&&t.clearAttributes(),t.mergeAttributes&&t.mergeAttributes(e),n=t.nodeName.toLowerCase(),n==="object"?(t.parentNode&&(t.outerHTML=e.outerHTML),v.support.html5Clone&&e.innerHTML&&!v.trim(t.innerHTML)&&(t.innerHTML=e.innerHTML)):n==="input"&&Et.test(e.type)?(t.defaultChecked=t.checked=e.checked,t.value!==e.value&&(t.value=e.value)):n==="option"?t.selected=e.defaultSelected:n==="input"||n==="textarea"?t.defaultValue=e.defaultValue:n==="script"&&t.text!==e.text&&(t.text=e.text),t.removeAttribute(v.expando)}function Mt(e){return typeof e.getElementsByTagName!="undefined"?e.getElementsByTagName("*"):typeof e.querySelectorAll!="undefined"?e.querySelectorAll("*"):[]}function _t(e){Et.test(e.type)&&(e.defaultChecked=e.checked)}function Qt(e,t){if(t in e)return t;var n=t.charAt(0).toUpperCase()+t.slice(1),r=t,i=Jt.length;while(i--){t=Jt[i]+n;if(t in e)return t}return r}function Gt(e,t){return e=t||e,v.css(e,"display")==="none"||!v.contains(e.ownerDocument,e)}function Yt(e,t){var n,r,i=[],s=0,o=e.length;for(;s<o;s++){n=e[s];if(!n.style)continue;i[s]=v._data(n,"olddisplay"),t?(!i[s]&&n.style.display==="none"&&(n.style.display=""),n.style.display===""&&Gt(n)&&(i[s]=v._data(n,"olddisplay",nn(n.nodeName)))):(r=Dt(n,"display"),!i[s]&&r!=="none"&&v._data(n,"olddisplay",r))}for(s=0;s<o;s++){n=e[s];if(!n.style)continue;if(!t||n.style.display==="none"||n.style.display==="")n.style.display=t?i[s]||"":"none"}return e}function Zt(e,t,n){var r=Rt.exec(t);return r?Math.max(0,r[1]-(n||0))+(r[2]||"px"):t}function en(e,t,n,r){var i=n===(r?"border":"content")?4:t==="width"?1:0,s=0;for(;i<4;i+=2)n==="margin"&&(s+=v.css(e,n+$t[i],!0)),r?(n==="content"&&(s-=parseFloat(Dt(e,"padding"+$t[i]))||0),n!=="margin"&&(s-=parseFloat(Dt(e,"border"+$t[i]+"Width"))||0)):(s+=parseFloat(Dt(e,"padding"+$t[i]))||0,n!=="padding"&&(s+=parseFloat(Dt(e,"border"+$t[i]+"Width"))||0));return s}function tn(e,t,n){var r=t==="width"?e.offsetWidth:e.offsetHeight,i=!0,s=v.support.boxSizing&&v.css(e,"boxSizing")==="border-box";if(r<=0||r==null){r=Dt(e,t);if(r<0||r==null)r=e.style[t];if(Ut.test(r))return r;i=s&&(v.support.boxSizingReliable||r===e.style[t]),r=parseFloat(r)||0}return r+en(e,t,n||(s?"border":"content"),i)+"px"}function nn(e){if(Wt[e])return Wt[e];var t=v("<"+e+">").appendTo(i.body),n=t.css("display");t.remove();if(n==="none"||n===""){Pt=i.body.appendChild(Pt||v.extend(i.createElement("iframe"),{frameBorder:0,width:0,height:0}));if(!Ht||!Pt.createElement)Ht=(Pt.contentWindow||Pt.contentDocument).document,Ht.write("<!doctype html><html><body>"),Ht.close();t=Ht.body.appendChild(Ht.createElement(e)),n=Dt(t,"display"),i.body.removeChild(Pt)}return Wt[e]=n,n}function fn(e,t,n,r){var i;if(v.isArray(t))v.each(t,function(t,i){n||sn.test(e)?r(e,i):fn(e+"["+(typeof i=="object"?t:"")+"]",i,n,r)});else if(!n&&v.type(t)==="object")for(i in t)fn(e+"["+i+"]",t[i],n,r);else r(e,t)}function Cn(e){return function(t,n){typeof t!="string"&&(n=t,t="*");var r,i,s,o=t.toLowerCase().split(y),u=0,a=o.length;if(v.isFunction(n))for(;u<a;u++)r=o[u],s=/^\+/.test(r),s&&(r=r.substr(1)||"*"),i=e[r]=e[r]||[],i[s?"unshift":"push"](n)}}function kn(e,n,r,i,s,o){s=s||n.dataTypes[0],o=o||{},o[s]=!0;var u,a=e[s],f=0,l=a?a.length:0,c=e===Sn;for(;f<l&&(c||!u);f++)u=a[f](n,r,i),typeof u=="string"&&(!c||o[u]?u=t:(n.dataTypes.unshift(u),u=kn(e,n,r,i,u,o)));return(c||!u)&&!o["*"]&&(u=kn(e,n,r,i,"*",o)),u}function Ln(e,n){var r,i,s=v.ajaxSettings.flatOptions||{};for(r in n)n[r]!==t&&((s[r]?e:i||(i={}))[r]=n[r]);i&&v.extend(!0,e,i)}function An(e,n,r){var i,s,o,u,a=e.contents,f=e.dataTypes,l=e.responseFields;for(s in l)s in r&&(n[l[s]]=r[s]);while(f[0]==="*")f.shift(),i===t&&(i=e.mimeType||n.getResponseHeader("content-type"));if(i)for(s in a)if(a[s]&&a[s].test(i)){f.unshift(s);break}if(f[0]in r)o=f[0];else{for(s in r){if(!f[0]||e.converters[s+" "+f[0]]){o=s;break}u||(u=s)}o=o||u}if(o)return o!==f[0]&&f.unshift(o),r[o]}function On(e,t){var n,r,i,s,o=e.dataTypes.slice(),u=o[0],a={},f=0;e.dataFilter&&(t=e.dataFilter(t,e.dataType));if(o[1])for(n in e.converters)a[n.toLowerCase()]=e.converters[n];for(;i=o[++f];)if(i!=="*"){if(u!=="*"&&u!==i){n=a[u+" "+i]||a["* "+i];if(!n)for(r in a){s=r.split(" ");if(s[1]===i){n=a[u+" "+s[0]]||a["* "+s[0]];if(n){n===!0?n=a[r]:a[r]!==!0&&(i=s[0],o.splice(f--,0,i));break}}}if(n!==!0)if(n&&e["throws"])t=n(t);else try{t=n(t)}catch(l){return{state:"parsererror",error:n?l:"No conversion from "+u+" to "+i}}}u=i}return{state:"success",data:t}}function Fn(){try{return new e.XMLHttpRequest}catch(t){}}function In(){try{return new e.ActiveXObject("Microsoft.XMLHTTP")}catch(t){}}function $n(){return setTimeout(function(){qn=t},0),qn=v.now()}function Jn(e,t){v.each(t,function(t,n){var r=(Vn[t]||[]).concat(Vn["*"]),i=0,s=r.length;for(;i<s;i++)if(r[i].call(e,t,n))return})}function Kn(e,t,n){var r,i=0,s=0,o=Xn.length,u=v.Deferred().always(function(){delete a.elem}),a=function(){var t=qn||$n(),n=Math.max(0,f.startTime+f.duration-t),r=n/f.duration||0,i=1-r,s=0,o=f.tweens.length;for(;s<o;s++)f.tweens[s].run(i);return u.notifyWith(e,[f,i,n]),i<1&&o?n:(u.resolveWith(e,[f]),!1)},f=u.promise({elem:e,props:v.extend({},t),opts:v.extend(!0,{specialEasing:{}},n),originalProperties:t,originalOptions:n,startTime:qn||$n(),duration:n.duration,tweens:[],createTween:function(t,n,r){var i=v.Tween(e,f.opts,t,n,f.opts.specialEasing[t]||f.opts.easing);return f.tweens.push(i),i},stop:function(t){var n=0,r=t?f.tweens.length:0;for(;n<r;n++)f.tweens[n].run(1);return t?u.resolveWith(e,[f,t]):u.rejectWith(e,[f,t]),this}}),l=f.props;Qn(l,f.opts.specialEasing);for(;i<o;i++){r=Xn[i].call(f,e,l,f.opts);if(r)return r}return Jn(f,l),v.isFunction(f.opts.start)&&f.opts.start.call(e,f),v.fx.timer(v.extend(a,{anim:f,queue:f.opts.queue,elem:e})),f.progress(f.opts.progress).done(f.opts.done,f.opts.complete).fail(f.opts.fail).always(f.opts.always)}function Qn(e,t){var n,r,i,s,o;for(n in e){r=v.camelCase(n),i=t[r],s=e[n],v.isArray(s)&&(i=s[1],s=e[n]=s[0]),n!==r&&(e[r]=s,delete e[n]),o=v.cssHooks[r];if(o&&"expand"in o){s=o.expand(s),delete e[r];for(n in s)n in e||(e[n]=s[n],t[n]=i)}else t[r]=i}}function Gn(e,t,n){var r,i,s,o,u,a,f,l,c,h=this,p=e.style,d={},m=[],g=e.nodeType&&Gt(e);n.queue||(l=v._queueHooks(e,"fx"),l.unqueued==null&&(l.unqueued=0,c=l.empty.fire,l.empty.fire=function(){l.unqueued||c()}),l.unqueued++,h.always(function(){h.always(function(){l.unqueued--,v.queue(e,"fx").length||l.empty.fire()})})),e.nodeType===1&&("height"in t||"width"in t)&&(n.overflow=[p.overflow,p.overflowX,p.overflowY],v.css(e,"display")==="inline"&&v.css(e,"float")==="none"&&(!v.support.inlineBlockNeedsLayout||nn(e.nodeName)==="inline"?p.display="inline-block":p.zoom=1)),n.overflow&&(p.overflow="hidden",v.support.shrinkWrapBlocks||h.done(function(){p.overflow=n.overflow[0],p.overflowX=n.overflow[1],p.overflowY=n.overflow[2]}));for(r in t){s=t[r];if(Un.exec(s)){delete t[r],a=a||s==="toggle";if(s===(g?"hide":"show"))continue;m.push(r)}}o=m.length;if(o){u=v._data(e,"fxshow")||v._data(e,"fxshow",{}),"hidden"in u&&(g=u.hidden),a&&(u.hidden=!g),g?v(e).show():h.done(function(){v(e).hide()}),h.done(function(){var t;v.removeData(e,"fxshow",!0);for(t in d)v.style(e,t,d[t])});for(r=0;r<o;r++)i=m[r],f=h.createTween(i,g?u[i]:0),d[i]=u[i]||v.style(e,i),i in u||(u[i]=f.start,g&&(f.end=f.start,f.start=i==="width"||i==="height"?1:0))}}function Yn(e,t,n,r,i){return new Yn.prototype.init(e,t,n,r,i)}function Zn(e,t){var n,r={height:e},i=0;t=t?1:0;for(;i<4;i+=2-t)n=$t[i],r["margin"+n]=r["padding"+n]=e;return t&&(r.opacity=r.width=e),r}function tr(e){return v.isWindow(e)?e:e.nodeType===9?e.defaultView||e.parentWindow:!1}var n,r,i=e.document,s=e.location,o=e.navigator,u=e.jQuery,a=e.$,f=Array.prototype.push,l=Array.prototype.slice,c=Array.prototype.indexOf,h=Object.prototype.toString,p=Object.prototype.hasOwnProperty,d=String.prototype.trim,v=function(e,t){return new v.fn.init(e,t,n)},m=/[\-+]?(?:\d*\.|)\d+(?:[eE][\-+]?\d+|)/.source,g=/\S/,y=/\s+/,b=/^[\s\uFEFF\xA0]+|[\s\uFEFF\xA0]+$/g,w=/^(?:[^#<]*(<[\w\W]+>)[^>]*$|#([\w\-]*)$)/,E=/^<(\w+)\s*\/?>(?:<\/\1>|)$/,S=/^[\],:{}\s]*$/,x=/(?:^|:|,)(?:\s*\[)+/g,T=/\\(?:["\\\/bfnrt]|u[\da-fA-F]{4})/g,N=/"[^"\\\r\n]*"|true|false|null|-?(?:\d\d*\.|)\d+(?:[eE][\-+]?\d+|)/g,C=/^-ms-/,k=/-([\da-z])/gi,L=function(e,t){return(t+"").toUpperCase()},A=function(){i.addEventListener?(i.removeEventListener("DOMContentLoaded",A,!1),v.ready()):i.readyState==="complete"&&(i.detachEvent("onreadystatechange",A),v.ready())},O={};v.fn=v.prototype={constructor:v,init:function(e,n,r){var s,o,u,a;if(!e)return this;if(e.nodeType)return this.context=this[0]=e,this.length=1,this;if(typeof e=="string"){e.charAt(0)==="<"&&e.charAt(e.length-1)===">"&&e.length>=3?s=[null,e,null]:s=w.exec(e);if(s&&(s[1]||!n)){if(s[1])return n=n instanceof v?n[0]:n,a=n&&n.nodeType?n.ownerDocument||n:i,e=v.parseHTML(s[1],a,!0),E.test(s[1])&&v.isPlainObject(n)&&this.attr.call(e,n,!0),v.merge(this,e);o=i.getElementById(s[2]);if(o&&o.parentNode){if(o.id!==s[2])return r.find(e);this.length=1,this[0]=o}return this.context=i,this.selector=e,this}return!n||n.jquery?(n||r).find(e):this.constructor(n).find(e)}return v.isFunction(e)?r.ready(e):(e.selector!==t&&(this.selector=e.selector,this.context=e.context),v.makeArray(e,this))},selector:"",jquery:"1.8.3",length:0,size:function(){return this.length},toArray:function(){return l.call(this)},get:function(e){return e==null?this.toArray():e<0?this[this.length+e]:this[e]},pushStack:function(e,t,n){var r=v.merge(this.constructor(),e);return r.prevObject=this,r.context=this.context,t==="find"?r.selector=this.selector+(this.selector?" ":"")+n:t&&(r.selector=this.selector+"."+t+"("+n+")"),r},each:function(e,t){return v.each(this,e,t)},ready:function(e){return v.ready.promise().done(e),this},eq:function(e){return e=+e,e===-1?this.slice(e):this.slice(e,e+1)},first:function(){return this.eq(0)},last:function(){return this.eq(-1)},slice:function(){return this.pushStack(l.apply(this,arguments),"slice",l.call(arguments).join(","))},map:function(e){return this.pushStack(v.map(this,function(t,n){return e.call(t,n,t)}))},end:function(){return this.prevObject||this.constructor(null)},push:f,sort:[].sort,splice:[].splice},v.fn.init.prototype=v.fn,v.extend=v.fn.extend=function(){var e,n,r,i,s,o,u=arguments[0]||{},a=1,f=arguments.length,l=!1;typeof u=="boolean"&&(l=u,u=arguments[1]||{},a=2),typeof u!="object"&&!v.isFunction(u)&&(u={}),f===a&&(u=this,--a);for(;a<f;a++)if((e=arguments[a])!=null)for(n in e){r=u[n],i=e[n];if(u===i)continue;l&&i&&(v.isPlainObject(i)||(s=v.isArray(i)))?(s?(s=!1,o=r&&v.isArray(r)?r:[]):o=r&&v.isPlainObject(r)?r:{},u[n]=v.extend(l,o,i)):i!==t&&(u[n]=i)}return u},v.extend({noConflict:function(t){return e.$===v&&(e.$=a),t&&e.jQuery===v&&(e.jQuery=u),v},isReady:!1,readyWait:1,holdReady:function(e){e?v.readyWait++:v.ready(!0)},ready:function(e){if(e===!0?--v.readyWait:v.isReady)return;if(!i.body)return setTimeout(v.ready,1);v.isReady=!0;if(e!==!0&&--v.readyWait>0)return;r.resolveWith(i,[v]),v.fn.trigger&&v(i).trigger("ready").off("ready")},isFunction:function(e){return v.type(e)==="function"},isArray:Array.isArray||function(e){return v.type(e)==="array"},isWindow:function(e){return e!=null&&e==e.window},isNumeric:function(e){return!isNaN(parseFloat(e))&&isFinite(e)},type:function(e){return e==null?String(e):O[h.call(e)]||"object"},isPlainObject:function(e){if(!e||v.type(e)!=="object"||e.nodeType||v.isWindow(e))return!1;try{if(e.constructor&&!p.call(e,"constructor")&&!p.call(e.constructor.prototype,"isPrototypeOf"))return!1}catch(n){return!1}var r;for(r in e);return r===t||p.call(e,r)},isEmptyObject:function(e){var t;for(t in e)return!1;return!0},error:function(e){throw new Error(e)},parseHTML:function(e,t,n){var r;return!e||typeof e!="string"?null:(typeof t=="boolean"&&(n=t,t=0),t=t||i,(r=E.exec(e))?[t.createElement(r[1])]:(r=v.buildFragment([e],t,n?null:[]),v.merge([],(r.cacheable?v.clone(r.fragment):r.fragment).childNodes)))},parseJSON:function(t){if(!t||typeof t!="string")return null;t=v.trim(t);if(e.JSON&&e.JSON.parse)return e.JSON.parse(t);if(S.test(t.replace(T,"@").replace(N,"]").replace(x,"")))return(new Function("return "+t))();v.error("Invalid JSON: "+t)},parseXML:function(n){var r,i;if(!n||typeof n!="string")return null;try{e.DOMParser?(i=new DOMParser,r=i.parseFromString(n,"text/xml")):(r=new ActiveXObject("Microsoft.XMLDOM"),r.async="false",r.loadXML(n))}catch(s){r=t}return(!r||!r.documentElement||r.getElementsByTagName("parsererror").length)&&v.error("Invalid XML: "+n),r},noop:function(){},globalEval:function(t){t&&g.test(t)&&(e.execScript||function(t){e.eval.call(e,t)})(t)},camelCase:function(e){return e.replace(C,"ms-").replace(k,L)},nodeName:function(e,t){return e.nodeName&&e.nodeName.toLowerCase()===t.toLowerCase()},each:function(e,n,r){var i,s=0,o=e.length,u=o===t||v.isFunction(e);if(r){if(u){for(i in e)if(n.apply(e[i],r)===!1)break}else for(;s<o;)if(n.apply(e[s++],r)===!1)break}else if(u){for(i in e)if(n.call(e[i],i,e[i])===!1)break}else for(;s<o;)if(n.call(e[s],s,e[s++])===!1)break;return e},trim:d&&!d.call("\ufeff\u00a0")?function(e){return e==null?"":d.call(e)}:function(e){return e==null?"":(e+"").replace(b,"")},makeArray:function(e,t){var n,r=t||[];return e!=null&&(n=v.type(e),e.length==null||n==="string"||n==="function"||n==="regexp"||v.isWindow(e)?f.call(r,e):v.merge(r,e)),r},inArray:function(e,t,n){var r;if(t){if(c)return c.call(t,e,n);r=t.length,n=n?n<0?Math.max(0,r+n):n:0;for(;n<r;n++)if(n in t&&t[n]===e)return n}return-1},merge:function(e,n){var r=n.length,i=e.length,s=0;if(typeof r=="number")for(;s<r;s++)e[i++]=n[s];else while(n[s]!==t)e[i++]=n[s++];return e.length=i,e},grep:function(e,t,n){var r,i=[],s=0,o=e.length;n=!!n;for(;s<o;s++)r=!!t(e[s],s),n!==r&&i.push(e[s]);return i},map:function(e,n,r){var i,s,o=[],u=0,a=e.length,f=e instanceof v||a!==t&&typeof a=="number"&&(a>0&&e[0]&&e[a-1]||a===0||v.isArray(e));if(f)for(;u<a;u++)i=n(e[u],u,r),i!=null&&(o[o.length]=i);else for(s in e)i=n(e[s],s,r),i!=null&&(o[o.length]=i);return o.concat.apply([],o)},guid:1,proxy:function(e,n){var r,i,s;return typeof n=="string"&&(r=e[n],n=e,e=r),v.isFunction(e)?(i=l.call(arguments,2),s=function(){return e.apply(n,i.concat(l.call(arguments)))},s.guid=e.guid=e.guid||v.guid++,s):t},access:function(e,n,r,i,s,o,u){var a,f=r==null,l=0,c=e.length;if(r&&typeof r=="object"){for(l in r)v.access(e,n,l,r[l],1,o,i);s=1}else if(i!==t){a=u===t&&v.isFunction(i),f&&(a?(a=n,n=function(e,t,n){return a.call(v(e),n)}):(n.call(e,i),n=null));if(n)for(;l<c;l++)n(e[l],r,a?i.call(e[l],l,n(e[l],r)):i,u);s=1}return s?e:f?n.call(e):c?n(e[0],r):o},now:function(){return(new Date).getTime()}}),v.ready.promise=function(t){if(!r){r=v.Deferred();if(i.readyState==="complete")setTimeout(v.ready,1);else if(i.addEventListener)i.addEventListener("DOMContentLoaded",A,!1),e.addEventListener("load",v.ready,!1);else{i.attachEvent("onreadystatechange",A),e.attachEvent("onload",v.ready);var n=!1;try{n=e.frameElement==null&&i.documentElement}catch(s){}n&&n.doScroll&&function o(){if(!v.isReady){try{n.doScroll("left")}catch(e){return setTimeout(o,50)}v.ready()}}()}}return r.promise(t)},v.each("Boolean Number String Function Array Date RegExp Object".split(" "),function(e,t){O["[object "+t+"]"]=t.toLowerCase()}),n=v(i);var M={};v.Callbacks=function(e){e=typeof e=="string"?M[e]||_(e):v.extend({},e);var n,r,i,s,o,u,a=[],f=!e.once&&[],l=function(t){n=e.memory&&t,r=!0,u=s||0,s=0,o=a.length,i=!0;for(;a&&u<o;u++)if(a[u].apply(t[0],t[1])===!1&&e.stopOnFalse){n=!1;break}i=!1,a&&(f?f.length&&l(f.shift()):n?a=[]:c.disable())},c={add:function(){if(a){var t=a.length;(function r(t){v.each(t,function(t,n){var i=v.type(n);i==="function"?(!e.unique||!c.has(n))&&a.push(n):n&&n.length&&i!=="string"&&r(n)})})(arguments),i?o=a.length:n&&(s=t,l(n))}return this},remove:function(){return a&&v.each(arguments,function(e,t){var n;while((n=v.inArray(t,a,n))>-1)a.splice(n,1),i&&(n<=o&&o--,n<=u&&u--)}),this},has:function(e){return v.inArray(e,a)>-1},empty:function(){return a=[],this},disable:function(){return a=f=n=t,this},disabled:function(){return!a},lock:function(){return f=t,n||c.disable(),this},locked:function(){return!f},fireWith:function(e,t){return t=t||[],t=[e,t.slice?t.slice():t],a&&(!r||f)&&(i?f.push(t):l(t)),this},fire:function(){return c.fireWith(this,arguments),this},fired:function(){return!!r}};return c},v.extend({Deferred:function(e){var t=[["resolve","done",v.Callbacks("once memory"),"resolved"],["reject","fail",v.Callbacks("once memory"),"rejected"],["notify","progress",v.Callbacks("memory")]],n="pending",r={state:function(){return n},always:function(){return i.done(arguments).fail(arguments),this},then:function(){var e=arguments;return v.Deferred(function(n){v.each(t,function(t,r){var s=r[0],o=e[t];i[r[1]](v.isFunction(o)?function(){var e=o.apply(this,arguments);e&&v.isFunction(e.promise)?e.promise().done(n.resolve).fail(n.reject).progress(n.notify):n[s+"With"](this===i?n:this,[e])}:n[s])}),e=null}).promise()},promise:function(e){return e!=null?v.extend(e,r):r}},i={};return r.pipe=r.then,v.each(t,function(e,s){var o=s[2],u=s[3];r[s[1]]=o.add,u&&o.add(function(){n=u},t[e^1][2].disable,t[2][2].lock),i[s[0]]=o.fire,i[s[0]+"With"]=o.fireWith}),r.promise(i),e&&e.call(i,i),i},when:function(e){var t=0,n=l.call(arguments),r=n.length,i=r!==1||e&&v.isFunction(e.promise)?r:0,s=i===1?e:v.Deferred(),o=function(e,t,n){return function(r){t[e]=this,n[e]=arguments.length>1?l.call(arguments):r,n===u?s.notifyWith(t,n):--i||s.resolveWith(t,n)}},u,a,f;if(r>1){u=new Array(r),a=new Array(r),f=new Array(r);for(;t<r;t++)n[t]&&v.isFunction(n[t].promise)?n[t].promise().done(o(t,f,n)).fail(s.reject).progress(o(t,a,u)):--i}return i||s.resolveWith(f,n),s.promise()}}),v.support=function(){var t,n,r,s,o,u,a,f,l,c,h,p=i.createElement("div");p.setAttribute("className","t"),p.innerHTML=" <link/><table></table><a href='/a'>a</a><input type='checkbox'/>",n=p.getElementsByTagName("*"),r=p.getElementsByTagName("a")[0];if(!n||!r||!n.length)return{};s=i.createElement("select"),o=s.appendChild(i.createElement("option")),u=p.getElementsByTagName("input")[0],r.style.cssText="top:1px;float:left;opacity:.5",t={leadingWhitespace:p.firstChild.nodeType===3,tbody:!p.getElementsByTagName("tbody").length,htmlSerialize:!!p.getElementsByTagName("link").length,style:/top/.test(r.getAttribute("style")),hrefNormalized:r.getAttribute("href")==="/a",opacity:/^0.5/.test(r.style.opacity),cssFloat:!!r.style.cssFloat,checkOn:u.value==="on",optSelected:o.selected,getSetAttribute:p.className!=="t",enctype:!!i.createElement("form").enctype,html5Clone:i.createElement("nav").cloneNode(!0).outerHTML!=="<:nav></:nav>",boxModel:i.compatMode==="CSS1Compat",submitBubbles:!0,changeBubbles:!0,focusinBubbles:!1,deleteExpando:!0,noCloneEvent:!0,inlineBlockNeedsLayout:!1,shrinkWrapBlocks:!1,reliableMarginRight:!0,boxSizingReliable:!0,pixelPosition:!1},u.checked=!0,t.noCloneChecked=u.cloneNode(!0).checked,s.disabled=!0,t.optDisabled=!o.disabled;try{delete p.test}catch(d){t.deleteExpando=!1}!p.addEventListener&&p.attachEvent&&p.fireEvent&&(p.attachEvent("onclick",h=function(){t.noCloneEvent=!1}),p.cloneNode(!0).fireEvent("onclick"),p.detachEvent("onclick",h)),u=i.createElement("input"),u.value="t",u.setAttribute("type","radio"),t.radioValue=u.value==="t",u.setAttribute("checked","checked"),u.setAttribute("name","t"),p.appendChild(u),a=i.createDocumentFragment(),a.appendChild(p.lastChild),t.checkClone=a.cloneNode(!0).cloneNode(!0).lastChild.checked,t.appendChecked=u.checked,a.removeChild(u),a.appendChild(p);if(p.attachEvent)for(l in{submit:!0,change:!0,focusin:!0})f="on"+l,c=f in p,c||(p.setAttribute(f,"return;"),c=typeof p[f]=="function"),t[l+"Bubbles"]=c;return v(function(){var n,r,s,o,u="padding:0;margin:0;border:0;display:block;overflow:hidden;",a=i.getElementsByTagName("body")[0];if(!a)return;n=i.createElement("div"),n.style.cssText="visibility:hidden;border:0;width:0;height:0;position:static;top:0;margin-top:1px",a.insertBefore(n,a.firstChild),r=i.createElement("div"),n.appendChild(r),r.innerHTML="<table><tr><td></td><td>t</td></tr></table>",s=r.getElementsByTagName("td"),s[0].style.cssText="padding:0;margin:0;border:0;display:none",c=s[0].offsetHeight===0,s[0].style.display="",s[1].style.display="none",t.reliableHiddenOffsets=c&&s[0].offsetHeight===0,r.innerHTML="",r.style.cssText="box-sizing:border-box;-moz-box-sizing:border-box;-webkit-box-sizing:border-box;padding:1px;border:1px;display:block;width:4px;margin-top:1%;position:absolute;top:1%;",t.boxSizing=r.offsetWidth===4,t.doesNotIncludeMarginInBodyOffset=a.offsetTop!==1,e.getComputedStyle&&(t.pixelPosition=(e.getComputedStyle(r,null)||{}).top!=="1%",t.boxSizingReliable=(e.getComputedStyle(r,null)||{width:"4px"}).width==="4px",o=i.createElement("div"),o.style.cssText=r.style.cssText=u,o.style.marginRight=o.style.width="0",r.style.width="1px",r.appendChild(o),t.reliableMarginRight=!parseFloat((e.getComputedStyle(o,null)||{}).marginRight)),typeof r.style.zoom!="undefined"&&(r.innerHTML="",r.style.cssText=u+"width:1px;padding:1px;display:inline;zoom:1",t.inlineBlockNeedsLayout=r.offsetWidth===3,r.style.display="block",r.style.overflow="visible",r.innerHTML="<div></div>",r.firstChild.style.width="5px",t.shrinkWrapBlocks=r.offsetWidth!==3,n.style.zoom=1),a.removeChild(n),n=r=s=o=null}),a.removeChild(p),n=r=s=o=u=a=p=null,t}();var D=/(?:\{[\s\S]*\}|\[[\s\S]*\])$/,P=/([A-Z])/g;v.extend({cache:{},deletedIds:[],uuid:0,expando:"jQuery"+(v.fn.jquery+Math.random()).replace(/\D/g,""),noData:{embed:!0,object:"clsid:D27CDB6E-AE6D-11cf-96B8-444553540000",applet:!0},hasData:function(e){return e=e.nodeType?v.cache[e[v.expando]]:e[v.expando],!!e&&!B(e)},data:function(e,n,r,i){if(!v.acceptData(e))return;var s,o,u=v.expando,a=typeof n=="string",f=e.nodeType,l=f?v.cache:e,c=f?e[u]:e[u]&&u;if((!c||!l[c]||!i&&!l[c].data)&&a&&r===t)return;c||(f?e[u]=c=v.deletedIds.pop()||v.guid++:c=u),l[c]||(l[c]={},f||(l[c].toJSON=v.noop));if(typeof n=="object"||typeof n=="function")i?l[c]=v.extend(l[c],n):l[c].data=v.extend(l[c].data,n);return s=l[c],i||(s.data||(s.data={}),s=s.data),r!==t&&(s[v.camelCase(n)]=r),a?(o=s[n],o==null&&(o=s[v.camelCase(n)])):o=s,o},removeData:function(e,t,n){if(!v.acceptData(e))return;var r,i,s,o=e.nodeType,u=o?v.cache:e,a=o?e[v.expando]:v.expando;if(!u[a])return;if(t){r=n?u[a]:u[a].data;if(r){v.isArray(t)||(t in r?t=[t]:(t=v.camelCase(t),t in r?t=[t]:t=t.split(" ")));for(i=0,s=t.length;i<s;i++)delete r[t[i]];if(!(n?B:v.isEmptyObject)(r))return}}if(!n){delete u[a].data;if(!B(u[a]))return}o?v.cleanData([e],!0):v.support.deleteExpando||u!=u.window?delete u[a]:u[a]=null},_data:function(e,t,n){return v.data(e,t,n,!0)},acceptData:function(e){var t=e.nodeName&&v.noData[e.nodeName.toLowerCase()];return!t||t!==!0&&e.getAttribute("classid")===t}}),v.fn.extend({data:function(e,n){var r,i,s,o,u,a=this[0],f=0,l=null;if(e===t){if(this.length){l=v.data(a);if(a.nodeType===1&&!v._data(a,"parsedAttrs")){s=a.attributes;for(u=s.length;f<u;f++)o=s[f].name,o.indexOf("data-")||(o=v.camelCase(o.substring(5)),H(a,o,l[o]));v._data(a,"parsedAttrs",!0)}}return l}return typeof e=="object"?this.each(function(){v.data(this,e)}):(r=e.split(".",2),r[1]=r[1]?"."+r[1]:"",i=r[1]+"!",v.access(this,function(n){if(n===t)return l=this.triggerHandler("getData"+i,[r[0]]),l===t&&a&&(l=v.data(a,e),l=H(a,e,l)),l===t&&r[1]?this.data(r[0]):l;r[1]=n,this.each(function(){var t=v(this);t.triggerHandler("setData"+i,r),v.data(this,e,n),t.triggerHandler("changeData"+i,r)})},null,n,arguments.length>1,null,!1))},removeData:function(e){return this.each(function(){v.removeData(this,e)})}}),v.extend({queue:function(e,t,n){var r;if(e)return t=(t||"fx")+"queue",r=v._data(e,t),n&&(!r||v.isArray(n)?r=v._data(e,t,v.makeArray(n)):r.push(n)),r||[]},dequeue:function(e,t){t=t||"fx";var n=v.queue(e,t),r=n.length,i=n.shift(),s=v._queueHooks(e,t),o=function(){v.dequeue(e,t)};i==="inprogress"&&(i=n.shift(),r--),i&&(t==="fx"&&n.unshift("inprogress"),delete s.stop,i.call(e,o,s)),!r&&s&&s.empty.fire()},_queueHooks:function(e,t){var n=t+"queueHooks";return v._data(e,n)||v._data(e,n,{empty:v.Callbacks("once memory").add(function(){v.removeData(e,t+"queue",!0),v.removeData(e,n,!0)})})}}),v.fn.extend({queue:function(e,n){var r=2;return typeof e!="string"&&(n=e,e="fx",r--),arguments.length<r?v.queue(this[0],e):n===t?this:this.each(function(){var t=v.queue(this,e,n);v._queueHooks(this,e),e==="fx"&&t[0]!=="inprogress"&&v.dequeue(this,e)})},dequeue:function(e){return this.each(function(){v.dequeue(this,e)})},delay:function(e,t){return e=v.fx?v.fx.speeds[e]||e:e,t=t||"fx",this.queue(t,function(t,n){var r=setTimeout(t,e);n.stop=function(){clearTimeout(r)}})},clearQueue:function(e){return this.queue(e||"fx",[])},promise:function(e,n){var r,i=1,s=v.Deferred(),o=this,u=this.length,a=function(){--i||s.resolveWith(o,[o])};typeof e!="string"&&(n=e,e=t),e=e||"fx";while(u--)r=v._data(o[u],e+"queueHooks"),r&&r.empty&&(i++,r.empty.add(a));return a(),s.promise(n)}});var j,F,I,q=/[\t\r\n]/g,R=/\r/g,U=/^(?:button|input)$/i,z=/^(?:button|input|object|select|textarea)$/i,W=/^a(?:rea|)$/i,X=/^(?:autofocus|autoplay|async|checked|controls|defer|disabled|hidden|loop|multiple|open|readonly|required|scoped|selected)$/i,V=v.support.getSetAttribute;v.fn.extend({attr:function(e,t){return v.access(this,v.attr,e,t,arguments.length>1)},removeAttr:function(e){return this.each(function(){v.removeAttr(this,e)})},prop:function(e,t){return v.access(this,v.prop,e,t,arguments.length>1)},removeProp:function(e){return e=v.propFix[e]||e,this.each(function(){try{this[e]=t,delete this[e]}catch(n){}})},addClass:function(e){var t,n,r,i,s,o,u;if(v.isFunction(e))return this.each(function(t){v(this).addClass(e.call(this,t,this.className))});if(e&&typeof e=="string"){t=e.split(y);for(n=0,r=this.length;n<r;n++){i=this[n];if(i.nodeType===1)if(!i.className&&t.length===1)i.className=e;else{s=" "+i.className+" ";for(o=0,u=t.length;o<u;o++)s.indexOf(" "+t[o]+" ")<0&&(s+=t[o]+" ");i.className=v.trim(s)}}}return this},removeClass:function(e){var n,r,i,s,o,u,a;if(v.isFunction(e))return this.each(function(t){v(this).removeClass(e.call(this,t,this.className))});if(e&&typeof e=="string"||e===t){n=(e||"").split(y);for(u=0,a=this.length;u<a;u++){i=this[u];if(i.nodeType===1&&i.className){r=(" "+i.className+" ").replace(q," ");for(s=0,o=n.length;s<o;s++)while(r.indexOf(" "+n[s]+" ")>=0)r=r.replace(" "+n[s]+" "," ");i.className=e?v.trim(r):""}}}return this},toggleClass:function(e,t){var n=typeof e,r=typeof t=="boolean";return v.isFunction(e)?this.each(function(n){v(this).toggleClass(e.call(this,n,this.className,t),t)}):this.each(function(){if(n==="string"){var i,s=0,o=v(this),u=t,a=e.split(y);while(i=a[s++])u=r?u:!o.hasClass(i),o[u?"addClass":"removeClass"](i)}else if(n==="undefined"||n==="boolean")this.className&&v._data(this,"__className__",this.className),this.className=this.className||e===!1?"":v._data(this,"__className__")||""})},hasClass:function(e){var t=" "+e+" ",n=0,r=this.length;for(;n<r;n++)if(this[n].nodeType===1&&(" "+this[n].className+" ").replace(q," ").indexOf(t)>=0)return!0;return!1},val:function(e){var n,r,i,s=this[0];if(!arguments.length){if(s)return n=v.valHooks[s.type]||v.valHooks[s.nodeName.toLowerCase()],n&&"get"in n&&(r=n.get(s,"value"))!==t?r:(r=s.value,typeof r=="string"?r.replace(R,""):r==null?"":r);return}return i=v.isFunction(e),this.each(function(r){var s,o=v(this);if(this.nodeType!==1)return;i?s=e.call(this,r,o.val()):s=e,s==null?s="":typeof s=="number"?s+="":v.isArray(s)&&(s=v.map(s,function(e){return e==null?"":e+""})),n=v.valHooks[this.type]||v.valHooks[this.nodeName.toLowerCase()];if(!n||!("set"in n)||n.set(this,s,"value")===t)this.value=s})}}),v.extend({valHooks:{option:{get:function(e){var t=e.attributes.value;return!t||t.specified?e.value:e.text}},select:{get:function(e){var t,n,r=e.options,i=e.selectedIndex,s=e.type==="select-one"||i<0,o=s?null:[],u=s?i+1:r.length,a=i<0?u:s?i:0;for(;a<u;a++){n=r[a];if((n.selected||a===i)&&(v.support.optDisabled?!n.disabled:n.getAttribute("disabled")===null)&&(!n.parentNode.disabled||!v.nodeName(n.parentNode,"optgroup"))){t=v(n).val();if(s)return t;o.push(t)}}return o},set:function(e,t){var n=v.makeArray(t);return v(e).find("option").each(function(){this.selected=v.inArray(v(this).val(),n)>=0}),n.length||(e.selectedIndex=-1),n}}},attrFn:{},attr:function(e,n,r,i){var s,o,u,a=e.nodeType;if(!e||a===3||a===8||a===2)return;if(i&&v.isFunction(v.fn[n]))return v(e)[n](r);if(typeof e.getAttribute=="undefined")return v.prop(e,n,r);u=a!==1||!v.isXMLDoc(e),u&&(n=n.toLowerCase(),o=v.attrHooks[n]||(X.test(n)?F:j));if(r!==t){if(r===null){v.removeAttr(e,n);return}return o&&"set"in o&&u&&(s=o.set(e,r,n))!==t?s:(e.setAttribute(n,r+""),r)}return o&&"get"in o&&u&&(s=o.get(e,n))!==null?s:(s=e.getAttribute(n),s===null?t:s)},removeAttr:function(e,t){var n,r,i,s,o=0;if(t&&e.nodeType===1){r=t.split(y);for(;o<r.length;o++)i=r[o],i&&(n=v.propFix[i]||i,s=X.test(i),s||v.attr(e,i,""),e.removeAttribute(V?i:n),s&&n in e&&(e[n]=!1))}},attrHooks:{type:{set:function(e,t){if(U.test(e.nodeName)&&e.parentNode)v.error("type property can't be changed");else if(!v.support.radioValue&&t==="radio"&&v.nodeName(e,"input")){var n=e.value;return e.setAttribute("type",t),n&&(e.value=n),t}}},value:{get:function(e,t){return j&&v.nodeName(e,"button")?j.get(e,t):t in e?e.value:null},set:function(e,t,n){if(j&&v.nodeName(e,"button"))return j.set(e,t,n);e.value=t}}},propFix:{tabindex:"tabIndex",readonly:"readOnly","for":"htmlFor","class":"className",maxlength:"maxLength",cellspacing:"cellSpacing",cellpadding:"cellPadding",rowspan:"rowSpan",colspan:"colSpan",usemap:"useMap",frameborder:"frameBorder",contenteditable:"contentEditable"},prop:function(e,n,r){var i,s,o,u=e.nodeType;if(!e||u===3||u===8||u===2)return;return o=u!==1||!v.isXMLDoc(e),o&&(n=v.propFix[n]||n,s=v.propHooks[n]),r!==t?s&&"set"in s&&(i=s.set(e,r,n))!==t?i:e[n]=r:s&&"get"in s&&(i=s.get(e,n))!==null?i:e[n]},propHooks:{tabIndex:{get:function(e){var n=e.getAttributeNode("tabindex");return n&&n.specified?parseInt(n.value,10):z.test(e.nodeName)||W.test(e.nodeName)&&e.href?0:t}}}}),F={get:function(e,n){var r,i=v.prop(e,n);return i===!0||typeof i!="boolean"&&(r=e.getAttributeNode(n))&&r.nodeValue!==!1?n.toLowerCase():t},set:function(e,t,n){var r;return t===!1?v.removeAttr(e,n):(r=v.propFix[n]||n,r in e&&(e[r]=!0),e.setAttribute(n,n.toLowerCase())),n}},V||(I={name:!0,id:!0,coords:!0},j=v.valHooks.button={get:function(e,n){var r;return r=e.getAttributeNode(n),r&&(I[n]?r.value!=="":r.specified)?r.value:t},set:function(e,t,n){var r=e.getAttributeNode(n);return r||(r=i.createAttribute(n),e.setAttributeNode(r)),r.value=t+""}},v.each(["width","height"],function(e,t){v.attrHooks[t]=v.extend(v.attrHooks[t],{set:function(e,n){if(n==="")return e.setAttribute(t,"auto"),n}})}),v.attrHooks.contenteditable={get:j.get,set:function(e,t,n){t===""&&(t="false"),j.set(e,t,n)}}),v.support.hrefNormalized||v.each(["href","src","width","height"],function(e,n){v.attrHooks[n]=v.extend(v.attrHooks[n],{get:function(e){var r=e.getAttribute(n,2);return r===null?t:r}})}),v.support.style||(v.attrHooks.style={get:function(e){return e.style.cssText.toLowerCase()||t},set:function(e,t){return e.style.cssText=t+""}}),v.support.optSelected||(v.propHooks.selected=v.extend(v.propHooks.selected,{get:function(e){var t=e.parentNode;return t&&(t.selectedIndex,t.parentNode&&t.parentNode.selectedIndex),null}})),v.support.enctype||(v.propFix.enctype="encoding"),v.support.checkOn||v.each(["radio","checkbox"],function(){v.valHooks[this]={get:function(e){return e.getAttribute("value")===null?"on":e.value}}}),v.each(["radio","checkbox"],function(){v.valHooks[this]=v.extend(v.valHooks[this],{set:function(e,t){if(v.isArray(t))return e.checked=v.inArray(v(e).val(),t)>=0}})});var $=/^(?:textarea|input|select)$/i,J=/^([^\.]*|)(?:\.(.+)|)$/,K=/(?:^|\s)hover(\.\S+|)\b/,Q=/^key/,G=/^(?:mouse|contextmenu)|click/,Y=/^(?:focusinfocus|focusoutblur)$/,Z=function(e){return v.event.special.hover?e:e.replace(K,"mouseenter$1 mouseleave$1")};v.event={add:function(e,n,r,i,s){var o,u,a,f,l,c,h,p,d,m,g;if(e.nodeType===3||e.nodeType===8||!n||!r||!(o=v._data(e)))return;r.handler&&(d=r,r=d.handler,s=d.selector),r.guid||(r.guid=v.guid++),a=o.events,a||(o.events=a={}),u=o.handle,u||(o.handle=u=function(e){return typeof v=="undefined"||!!e&&v.event.triggered===e.type?t:v.event.dispatch.apply(u.elem,arguments)},u.elem=e),n=v.trim(Z(n)).split(" ");for(f=0;f<n.length;f++){l=J.exec(n[f])||[],c=l[1],h=(l[2]||"").split(".").sort(),g=v.event.special[c]||{},c=(s?g.delegateType:g.bindType)||c,g=v.event.special[c]||{},p=v.extend({type:c,origType:l[1],data:i,handler:r,guid:r.guid,selector:s,needsContext:s&&v.expr.match.needsContext.test(s),namespace:h.join(".")},d),m=a[c];if(!m){m=a[c]=[],m.delegateCount=0;if(!g.setup||g.setup.call(e,i,h,u)===!1)e.addEventListener?e.addEventListener(c,u,!1):e.attachEvent&&e.attachEvent("on"+c,u)}g.add&&(g.add.call(e,p),p.handler.guid||(p.handler.guid=r.guid)),s?m.splice(m.delegateCount++,0,p):m.push(p),v.event.global[c]=!0}e=null},global:{},remove:function(e,t,n,r,i){var s,o,u,a,f,l,c,h,p,d,m,g=v.hasData(e)&&v._data(e);if(!g||!(h=g.events))return;t=v.trim(Z(t||"")).split(" ");for(s=0;s<t.length;s++){o=J.exec(t[s])||[],u=a=o[1],f=o[2];if(!u){for(u in h)v.event.remove(e,u+t[s],n,r,!0);continue}p=v.event.special[u]||{},u=(r?p.delegateType:p.bindType)||u,d=h[u]||[],l=d.length,f=f?new RegExp("(^|\\.)"+f.split(".").sort().join("\\.(?:.*\\.|)")+"(\\.|$)"):null;for(c=0;c<d.length;c++)m=d[c],(i||a===m.origType)&&(!n||n.guid===m.guid)&&(!f||f.test(m.namespace))&&(!r||r===m.selector||r==="**"&&m.selector)&&(d.splice(c--,1),m.selector&&d.delegateCount--,p.remove&&p.remove.call(e,m));d.length===0&&l!==d.length&&((!p.teardown||p.teardown.call(e,f,g.handle)===!1)&&v.removeEvent(e,u,g.handle),delete h[u])}v.isEmptyObject(h)&&(delete g.handle,v.removeData(e,"events",!0))},customEvent:{getData:!0,setData:!0,changeData:!0},trigger:function(n,r,s,o){if(!s||s.nodeType!==3&&s.nodeType!==8){var u,a,f,l,c,h,p,d,m,g,y=n.type||n,b=[];if(Y.test(y+v.event.triggered))return;y.indexOf("!")>=0&&(y=y.slice(0,-1),a=!0),y.indexOf(".")>=0&&(b=y.split("."),y=b.shift(),b.sort());if((!s||v.event.customEvent[y])&&!v.event.global[y])return;n=typeof n=="object"?n[v.expando]?n:new v.Event(y,n):new v.Event(y),n.type=y,n.isTrigger=!0,n.exclusive=a,n.namespace=b.join("."),n.namespace_re=n.namespace?new RegExp("(^|\\.)"+b.join("\\.(?:.*\\.|)")+"(\\.|$)"):null,h=y.indexOf(":")<0?"on"+y:"";if(!s){u=v.cache;for(f in u)u[f].events&&u[f].events[y]&&v.event.trigger(n,r,u[f].handle.elem,!0);return}n.result=t,n.target||(n.target=s),r=r!=null?v.makeArray(r):[],r.unshift(n),p=v.event.special[y]||{};if(p.trigger&&p.trigger.apply(s,r)===!1)return;m=[[s,p.bindType||y]];if(!o&&!p.noBubble&&!v.isWindow(s)){g=p.delegateType||y,l=Y.test(g+y)?s:s.parentNode;for(c=s;l;l=l.parentNode)m.push([l,g]),c=l;c===(s.ownerDocument||i)&&m.push([c.defaultView||c.parentWindow||e,g])}for(f=0;f<m.length&&!n.isPropagationStopped();f++)l=m[f][0],n.type=m[f][1],d=(v._data(l,"events")||{})[n.type]&&v._data(l,"handle"),d&&d.apply(l,r),d=h&&l[h],d&&v.acceptData(l)&&d.apply&&d.apply(l,r)===!1&&n.preventDefault();return n.type=y,!o&&!n.isDefaultPrevented()&&(!p._default||p._default.apply(s.ownerDocument,r)===!1)&&(y!=="click"||!v.nodeName(s,"a"))&&v.acceptData(s)&&h&&s[y]&&(y!=="focus"&&y!=="blur"||n.target.offsetWidth!==0)&&!v.isWindow(s)&&(c=s[h],c&&(s[h]=null),v.event.triggered=y,s[y](),v.event.triggered=t,c&&(s[h]=c)),n.result}return},dispatch:function(n){n=v.event.fix(n||e.event);var r,i,s,o,u,a,f,c,h,p,d=(v._data(this,"events")||{})[n.type]||[],m=d.delegateCount,g=l.call(arguments),y=!n.exclusive&&!n.namespace,b=v.event.special[n.type]||{},w=[];g[0]=n,n.delegateTarget=this;if(b.preDispatch&&b.preDispatch.call(this,n)===!1)return;if(m&&(!n.button||n.type!=="click"))for(s=n.target;s!=this;s=s.parentNode||this)if(s.disabled!==!0||n.type!=="click"){u={},f=[];for(r=0;r<m;r++)c=d[r],h=c.selector,u[h]===t&&(u[h]=c.needsContext?v(h,this).index(s)>=0:v.find(h,this,null,[s]).length),u[h]&&f.push(c);f.length&&w.push({elem:s,matches:f})}d.length>m&&w.push({elem:this,matches:d.slice(m)});for(r=0;r<w.length&&!n.isPropagationStopped();r++){a=w[r],n.currentTarget=a.elem;for(i=0;i<a.matches.length&&!n.isImmediatePropagationStopped();i++){c=a.matches[i];if(y||!n.namespace&&!c.namespace||n.namespace_re&&n.namespace_re.test(c.namespace))n.data=c.data,n.handleObj=c,o=((v.event.special[c.origType]||{}).handle||c.handler).apply(a.elem,g),o!==t&&(n.result=o,o===!1&&(n.preventDefault(),n.stopPropagation()))}}return b.postDispatch&&b.postDispatch.call(this,n),n.result},props:"attrChange attrName relatedNode srcElement altKey bubbles cancelable ctrlKey currentTarget eventPhase metaKey relatedTarget shiftKey target timeStamp view which".split(" "),fixHooks:{},keyHooks:{props:"char charCode key keyCode".split(" "),filter:function(e,t){return e.which==null&&(e.which=t.charCode!=null?t.charCode:t.keyCode),e}},mouseHooks:{props:"button buttons clientX clientY fromElement offsetX offsetY pageX pageY screenX screenY toElement".split(" "),filter:function(e,n){var r,s,o,u=n.button,a=n.fromElement;return e.pageX==null&&n.clientX!=null&&(r=e.target.ownerDocument||i,s=r.documentElement,o=r.body,e.pageX=n.clientX+(s&&s.scrollLeft||o&&o.scrollLeft||0)-(s&&s.clientLeft||o&&o.clientLeft||0),e.pageY=n.clientY+(s&&s.scrollTop||o&&o.scrollTop||0)-(s&&s.clientTop||o&&o.clientTop||0)),!e.relatedTarget&&a&&(e.relatedTarget=a===e.target?n.toElement:a),!e.which&&u!==t&&(e.which=u&1?1:u&2?3:u&4?2:0),e}},fix:function(e){if(e[v.expando])return e;var t,n,r=e,s=v.event.fixHooks[e.type]||{},o=s.props?this.props.concat(s.props):this.props;e=v.Event(r);for(t=o.length;t;)n=o[--t],e[n]=r[n];return e.target||(e.target=r.srcElement||i),e.target.nodeType===3&&(e.target=e.target.parentNode),e.metaKey=!!e.metaKey,s.filter?s.filter(e,r):e},special:{load:{noBubble:!0},focus:{delegateType:"focusin"},blur:{delegateType:"focusout"},beforeunload:{setup:function(e,t,n){v.isWindow(this)&&(this.onbeforeunload=n)},teardown:function(e,t){this.onbeforeunload===t&&(this.onbeforeunload=null)}}},simulate:function(e,t,n,r){var i=v.extend(new v.Event,n,{type:e,isSimulated:!0,originalEvent:{}});r?v.event.trigger(i,null,t):v.event.dispatch.call(t,i),i.isDefaultPrevented()&&n.preventDefault()}},v.event.handle=v.event.dispatch,v.removeEvent=i.removeEventListener?function(e,t,n){e.removeEventListener&&e.removeEventListener(t,n,!1)}:function(e,t,n){var r="on"+t;e.detachEvent&&(typeof e[r]=="undefined"&&(e[r]=null),e.detachEvent(r,n))},v.Event=function(e,t){if(!(this instanceof v.Event))return new v.Event(e,t);e&&e.type?(this.originalEvent=e,this.type=e.type,this.isDefaultPrevented=e.defaultPrevented||e.returnValue===!1||e.getPreventDefault&&e.getPreventDefault()?tt:et):this.type=e,t&&v.extend(this,t),this.timeStamp=e&&e.timeStamp||v.now(),this[v.expando]=!0},v.Event.prototype={preventDefault:function(){this.isDefaultPrevented=tt;var e=this.originalEvent;if(!e)return;e.preventDefault?e.preventDefault():e.returnValue=!1},stopPropagation:function(){this.isPropagationStopped=tt;var e=this.originalEvent;if(!e)return;e.stopPropagation&&e.stopPropagation(),e.cancelBubble=!0},stopImmediatePropagation:function(){this.isImmediatePropagationStopped=tt,this.stopPropagation()},isDefaultPrevented:et,isPropagationStopped:et,isImmediatePropagationStopped:et},v.each({mouseenter:"mouseover",mouseleave:"mouseout"},function(e,t){v.event.special[e]={delegateType:t,bindType:t,handle:function(e){var n,r=this,i=e.relatedTarget,s=e.handleObj,o=s.selector;if(!i||i!==r&&!v.contains(r,i))e.type=s.origType,n=s.handler.apply(this,arguments),e.type=t;return n}}}),v.support.submitBubbles||(v.event.special.submit={setup:function(){if(v.nodeName(this,"form"))return!1;v.event.add(this,"click._submit keypress._submit",function(e){var n=e.target,r=v.nodeName(n,"input")||v.nodeName(n,"button")?n.form:t;r&&!v._data(r,"_submit_attached")&&(v.event.add(r,"submit._submit",function(e){e._submit_bubble=!0}),v._data(r,"_submit_attached",!0))})},postDispatch:function(e){e._submit_bubble&&(delete e._submit_bubble,this.parentNode&&!e.isTrigger&&v.event.simulate("submit",this.parentNode,e,!0))},teardown:function(){if(v.nodeName(this,"form"))return!1;v.event.remove(this,"._submit")}}),v.support.changeBubbles||(v.event.special.change={setup:function(){if($.test(this.nodeName)){if(this.type==="checkbox"||this.type==="radio")v.event.add(this,"propertychange._change",function(e){e.originalEvent.propertyName==="checked"&&(this._just_changed=!0)}),v.event.add(this,"click._change",function(e){this._just_changed&&!e.isTrigger&&(this._just_changed=!1),v.event.simulate("change",this,e,!0)});return!1}v.event.add(this,"beforeactivate._change",function(e){var t=e.target;$.test(t.nodeName)&&!v._data(t,"_change_attached")&&(v.event.add(t,"change._change",function(e){this.parentNode&&!e.isSimulated&&!e.isTrigger&&v.event.simulate("change",this.parentNode,e,!0)}),v._data(t,"_change_attached",!0))})},handle:function(e){var t=e.target;if(this!==t||e.isSimulated||e.isTrigger||t.type!=="radio"&&t.type!=="checkbox")return e.handleObj.handler.apply(this,arguments)},teardown:function(){return v.event.remove(this,"._change"),!$.test(this.nodeName)}}),v.support.focusinBubbles||v.each({focus:"focusin",blur:"focusout"},function(e,t){var n=0,r=function(e){v.event.simulate(t,e.target,v.event.fix(e),!0)};v.event.special[t]={setup:function(){n++===0&&i.addEventListener(e,r,!0)},teardown:function(){--n===0&&i.removeEventListener(e,r,!0)}}}),v.fn.extend({on:function(e,n,r,i,s){var o,u;if(typeof e=="object"){typeof n!="string"&&(r=r||n,n=t);for(u in e)this.on(u,n,r,e[u],s);return this}r==null&&i==null?(i=n,r=n=t):i==null&&(typeof n=="string"?(i=r,r=t):(i=r,r=n,n=t));if(i===!1)i=et;else if(!i)return this;return s===1&&(o=i,i=function(e){return v().off(e),o.apply(this,arguments)},i.guid=o.guid||(o.guid=v.guid++)),this.each(function(){v.event.add(this,e,i,r,n)})},one:function(e,t,n,r){return this.on(e,t,n,r,1)},off:function(e,n,r){var i,s;if(e&&e.preventDefault&&e.handleObj)return i=e.handleObj,v(e.delegateTarget).off(i.namespace?i.origType+"."+i.namespace:i.origType,i.selector,i.handler),this;if(typeof e=="object"){for(s in e)this.off(s,n,e[s]);return this}if(n===!1||typeof n=="function")r=n,n=t;return r===!1&&(r=et),this.each(function(){v.event.remove(this,e,r,n)})},bind:function(e,t,n){return this.on(e,null,t,n)},unbind:function(e,t){return this.off(e,null,t)},live:function(e,t,n){return v(this.context).on(e,this.selector,t,n),this},die:function(e,t){return v(this.context).off(e,this.selector||"**",t),this},delegate:function(e,t,n,r){return this.on(t,e,n,r)},undelegate:function(e,t,n){return arguments.length===1?this.off(e,"**"):this.off(t,e||"**",n)},trigger:function(e,t){return this.each(function(){v.event.trigger(e,t,this)})},triggerHandler:function(e,t){if(this[0])return v.event.trigger(e,t,this[0],!0)},toggle:function(e){var t=arguments,n=e.guid||v.guid++,r=0,i=function(n){var i=(v._data(this,"lastToggle"+e.guid)||0)%r;return v._data(this,"lastToggle"+e.guid,i+1),n.preventDefault(),t[i].apply(this,arguments)||!1};i.guid=n;while(r<t.length)t[r++].guid=n;return this.click(i)},hover:function(e,t){return this.mouseenter(e).mouseleave(t||e)}}),v.each("blur focus focusin focusout load resize scroll unload click dblclick mousedown mouseup mousemove mouseover mouseout mouseenter mouseleave change select submit keydown keypress keyup error contextmenu".split(" "),function(e,t){v.fn[t]=function(e,n){return n==null&&(n=e,e=null),arguments.length>0?this.on(t,null,e,n):this.trigger(t)},Q.test(t)&&(v.event.fixHooks[t]=v.event.keyHooks),G.test(t)&&(v.event.fixHooks[t]=v.event.mouseHooks)}),function(e,t){function nt(e,t,n,r){n=n||[],t=t||g;var i,s,a,f,l=t.nodeType;if(!e||typeof e!="string")return n;if(l!==1&&l!==9)return[];a=o(t);if(!a&&!r)if(i=R.exec(e))if(f=i[1]){if(l===9){s=t.getElementById(f);if(!s||!s.parentNode)return n;if(s.id===f)return n.push(s),n}else if(t.ownerDocument&&(s=t.ownerDocument.getElementById(f))&&u(t,s)&&s.id===f)return n.push(s),n}else{if(i[2])return S.apply(n,x.call(t.getElementsByTagName(e),0)),n;if((f=i[3])&&Z&&t.getElementsByClassName)return S.apply(n,x.call(t.getElementsByClassName(f),0)),n}return vt(e.replace(j,"$1"),t,n,r,a)}function rt(e){return function(t){var n=t.nodeName.toLowerCase();return n==="input"&&t.type===e}}function it(e){return function(t){var n=t.nodeName.toLowerCase();return(n==="input"||n==="button")&&t.type===e}}function st(e){return N(function(t){return t=+t,N(function(n,r){var i,s=e([],n.length,t),o=s.length;while(o--)n[i=s[o]]&&(n[i]=!(r[i]=n[i]))})})}function ot(e,t,n){if(e===t)return n;var r=e.nextSibling;while(r){if(r===t)return-1;r=r.nextSibling}return 1}function ut(e,t){var n,r,s,o,u,a,f,l=L[d][e+" "];if(l)return t?0:l.slice(0);u=e,a=[],f=i.preFilter;while(u){if(!n||(r=F.exec(u)))r&&(u=u.slice(r[0].length)||u),a.push(s=[]);n=!1;if(r=I.exec(u))s.push(n=new m(r.shift())),u=u.slice(n.length),n.type=r[0].replace(j," ");for(o in i.filter)(r=J[o].exec(u))&&(!f[o]||(r=f[o](r)))&&(s.push(n=new m(r.shift())),u=u.slice(n.length),n.type=o,n.matches=r);if(!n)break}return t?u.length:u?nt.error(e):L(e,a).slice(0)}function at(e,t,r){var i=t.dir,s=r&&t.dir==="parentNode",o=w++;return t.first?function(t,n,r){while(t=t[i])if(s||t.nodeType===1)return e(t,n,r)}:function(t,r,u){if(!u){var a,f=b+" "+o+" ",l=f+n;while(t=t[i])if(s||t.nodeType===1){if((a=t[d])===l)return t.sizset;if(typeof a=="string"&&a.indexOf(f)===0){if(t.sizset)return t}else{t[d]=l;if(e(t,r,u))return t.sizset=!0,t;t.sizset=!1}}}else while(t=t[i])if(s||t.nodeType===1)if(e(t,r,u))return t}}function ft(e){return e.length>1?function(t,n,r){var i=e.length;while(i--)if(!e[i](t,n,r))return!1;return!0}:e[0]}function lt(e,t,n,r,i){var s,o=[],u=0,a=e.length,f=t!=null;for(;u<a;u++)if(s=e[u])if(!n||n(s,r,i))o.push(s),f&&t.push(u);return o}function ct(e,t,n,r,i,s){return r&&!r[d]&&(r=ct(r)),i&&!i[d]&&(i=ct(i,s)),N(function(s,o,u,a){var f,l,c,h=[],p=[],d=o.length,v=s||dt(t||"*",u.nodeType?[u]:u,[]),m=e&&(s||!t)?lt(v,h,e,u,a):v,g=n?i||(s?e:d||r)?[]:o:m;n&&n(m,g,u,a);if(r){f=lt(g,p),r(f,[],u,a),l=f.length;while(l--)if(c=f[l])g[p[l]]=!(m[p[l]]=c)}if(s){if(i||e){if(i){f=[],l=g.length;while(l--)(c=g[l])&&f.push(m[l]=c);i(null,g=[],f,a)}l=g.length;while(l--)(c=g[l])&&(f=i?T.call(s,c):h[l])>-1&&(s[f]=!(o[f]=c))}}else g=lt(g===o?g.splice(d,g.length):g),i?i(null,o,g,a):S.apply(o,g)})}function ht(e){var t,n,r,s=e.length,o=i.relative[e[0].type],u=o||i.relative[" "],a=o?1:0,f=at(function(e){return e===t},u,!0),l=at(function(e){return T.call(t,e)>-1},u,!0),h=[function(e,n,r){return!o&&(r||n!==c)||((t=n).nodeType?f(e,n,r):l(e,n,r))}];for(;a<s;a++)if(n=i.relative[e[a].type])h=[at(ft(h),n)];else{n=i.filter[e[a].type].apply(null,e[a].matches);if(n[d]){r=++a;for(;r<s;r++)if(i.relative[e[r].type])break;return ct(a>1&&ft(h),a>1&&e.slice(0,a-1).join("").replace(j,"$1"),n,a<r&&ht(e.slice(a,r)),r<s&&ht(e=e.slice(r)),r<s&&e.join(""))}h.push(n)}return ft(h)}function pt(e,t){var r=t.length>0,s=e.length>0,o=function(u,a,f,l,h){var p,d,v,m=[],y=0,w="0",x=u&&[],T=h!=null,N=c,C=u||s&&i.find.TAG("*",h&&a.parentNode||a),k=b+=N==null?1:Math.E;T&&(c=a!==g&&a,n=o.el);for(;(p=C[w])!=null;w++){if(s&&p){for(d=0;v=e[d];d++)if(v(p,a,f)){l.push(p);break}T&&(b=k,n=++o.el)}r&&((p=!v&&p)&&y--,u&&x.push(p))}y+=w;if(r&&w!==y){for(d=0;v=t[d];d++)v(x,m,a,f);if(u){if(y>0)while(w--)!x[w]&&!m[w]&&(m[w]=E.call(l));m=lt(m)}S.apply(l,m),T&&!u&&m.length>0&&y+t.length>1&&nt.uniqueSort(l)}return T&&(b=k,c=N),x};return o.el=0,r?N(o):o}function dt(e,t,n){var r=0,i=t.length;for(;r<i;r++)nt(e,t[r],n);return n}function vt(e,t,n,r,s){var o,u,f,l,c,h=ut(e),p=h.length;if(!r&&h.length===1){u=h[0]=h[0].slice(0);if(u.length>2&&(f=u[0]).type==="ID"&&t.nodeType===9&&!s&&i.relative[u[1].type]){t=i.find.ID(f.matches[0].replace($,""),t,s)[0];if(!t)return n;e=e.slice(u.shift().length)}for(o=J.POS.test(e)?-1:u.length-1;o>=0;o--){f=u[o];if(i.relative[l=f.type])break;if(c=i.find[l])if(r=c(f.matches[0].replace($,""),z.test(u[0].type)&&t.parentNode||t,s)){u.splice(o,1),e=r.length&&u.join("");if(!e)return S.apply(n,x.call(r,0)),n;break}}}return a(e,h)(r,t,s,n,z.test(e)),n}function mt(){}var n,r,i,s,o,u,a,f,l,c,h=!0,p="undefined",d=("sizcache"+Math.random()).replace(".",""),m=String,g=e.document,y=g.documentElement,b=0,w=0,E=[].pop,S=[].push,x=[].slice,T=[].indexOf||function(e){var t=0,n=this.length;for(;t<n;t++)if(this[t]===e)return t;return-1},N=function(e,t){return e[d]=t==null||t,e},C=function(){var e={},t=[];return N(function(n,r){return t.push(n)>i.cacheLength&&delete e[t.shift()],e[n+" "]=r},e)},k=C(),L=C(),A=C(),O="[\\x20\\t\\r\\n\\f]",M="(?:\\\\.|[-\\w]|[^\\x00-\\xa0])+",_=M.replace("w","w#"),D="([*^$|!~]?=)",P="\\["+O+"*("+M+")"+O+"*(?:"+D+O+"*(?:(['\"])((?:\\\\.|[^\\\\])*?)\\3|("+_+")|)|)"+O+"*\\]",H=":("+M+")(?:\\((?:(['\"])((?:\\\\.|[^\\\\])*?)\\2|([^()[\\]]*|(?:(?:"+P+")|[^:]|\\\\.)*|.*))\\)|)",B=":(even|odd|eq|gt|lt|nth|first|last)(?:\\("+O+"*((?:-\\d)?\\d*)"+O+"*\\)|)(?=[^-]|$)",j=new RegExp("^"+O+"+|((?:^|[^\\\\])(?:\\\\.)*)"+O+"+$","g"),F=new RegExp("^"+O+"*,"+O+"*"),I=new RegExp("^"+O+"*([\\x20\\t\\r\\n\\f>+~])"+O+"*"),q=new RegExp(H),R=/^(?:#([\w\-]+)|(\w+)|\.([\w\-]+))$/,U=/^:not/,z=/[\x20\t\r\n\f]*[+~]/,W=/:not\($/,X=/h\d/i,V=/input|select|textarea|button/i,$=/\\(?!\\)/g,J={ID:new RegExp("^#("+M+")"),CLASS:new RegExp("^\\.("+M+")"),NAME:new RegExp("^\\[name=['\"]?("+M+")['\"]?\\]"),TAG:new RegExp("^("+M.replace("w","w*")+")"),ATTR:new RegExp("^"+P),PSEUDO:new RegExp("^"+H),POS:new RegExp(B,"i"),CHILD:new RegExp("^:(only|nth|first|last)-child(?:\\("+O+"*(even|odd|(([+-]|)(\\d*)n|)"+O+"*(?:([+-]|)"+O+"*(\\d+)|))"+O+"*\\)|)","i"),needsContext:new RegExp("^"+O+"*[>+~]|"+B,"i")},K=function(e){var t=g.createElement("div");try{return e(t)}catch(n){return!1}finally{t=null}},Q=K(function(e){return e.appendChild(g.createComment("")),!e.getElementsByTagName("*").length}),G=K(function(e){return e.innerHTML="<a href='#'></a>",e.firstChild&&typeof e.firstChild.getAttribute!==p&&e.firstChild.getAttribute("href")==="#"}),Y=K(function(e){e.innerHTML="<select></select>";var t=typeof e.lastChild.getAttribute("multiple");return t!=="boolean"&&t!=="string"}),Z=K(function(e){return e.innerHTML="<div class='hidden e'></div><div class='hidden'></div>",!e.getElementsByClassName||!e.getElementsByClassName("e").length?!1:(e.lastChild.className="e",e.getElementsByClassName("e").length===2)}),et=K(function(e){e.id=d+0,e.innerHTML="<a name='"+d+"'></a><div name='"+d+"'></div>",y.insertBefore(e,y.firstChild);var t=g.getElementsByName&&g.getElementsByName(d).length===2+g.getElementsByName(d+0).length;return r=!g.getElementById(d),y.removeChild(e),t});try{x.call(y.childNodes,0)[0].nodeType}catch(tt){x=function(e){var t,n=[];for(;t=this[e];e++)n.push(t);return n}}nt.matches=function(e,t){return nt(e,null,null,t)},nt.matchesSelector=function(e,t){return nt(t,null,null,[e]).length>0},s=nt.getText=function(e){var t,n="",r=0,i=e.nodeType;if(i){if(i===1||i===9||i===11){if(typeof e.textContent=="string")return e.textContent;for(e=e.firstChild;e;e=e.nextSibling)n+=s(e)}else if(i===3||i===4)return e.nodeValue}else for(;t=e[r];r++)n+=s(t);return n},o=nt.isXML=function(e){var t=e&&(e.ownerDocument||e).documentElement;return t?t.nodeName!=="HTML":!1},u=nt.contains=y.contains?function(e,t){var n=e.nodeType===9?e.documentElement:e,r=t&&t.parentNode;return e===r||!!(r&&r.nodeType===1&&n.contains&&n.contains(r))}:y.compareDocumentPosition?function(e,t){return t&&!!(e.compareDocumentPosition(t)&16)}:function(e,t){while(t=t.parentNode)if(t===e)return!0;return!1},nt.attr=function(e,t){var n,r=o(e);return r||(t=t.toLowerCase()),(n=i.attrHandle[t])?n(e):r||Y?e.getAttribute(t):(n=e.getAttributeNode(t),n?typeof e[t]=="boolean"?e[t]?t:null:n.specified?n.value:null:null)},i=nt.selectors={cacheLength:50,createPseudo:N,match:J,attrHandle:G?{}:{href:function(e){return e.getAttribute("href",2)},type:function(e){return e.getAttribute("type")}},find:{ID:r?function(e,t,n){if(typeof t.getElementById!==p&&!n){var r=t.getElementById(e);return r&&r.parentNode?[r]:[]}}:function(e,n,r){if(typeof n.getElementById!==p&&!r){var i=n.getElementById(e);return i?i.id===e||typeof i.getAttributeNode!==p&&i.getAttributeNode("id").value===e?[i]:t:[]}},TAG:Q?function(e,t){if(typeof t.getElementsByTagName!==p)return t.getElementsByTagName(e)}:function(e,t){var n=t.getElementsByTagName(e);if(e==="*"){var r,i=[],s=0;for(;r=n[s];s++)r.nodeType===1&&i.push(r);return i}return n},NAME:et&&function(e,t){if(typeof t.getElementsByName!==p)return t.getElementsByName(name)},CLASS:Z&&function(e,t,n){if(typeof t.getElementsByClassName!==p&&!n)return t.getElementsByClassName(e)}},relative:{">":{dir:"parentNode",first:!0}," ":{dir:"parentNode"},"+":{dir:"previousSibling",first:!0},"~":{dir:"previousSibling"}},preFilter:{ATTR:function(e){return e[1]=e[1].replace($,""),e[3]=(e[4]||e[5]||"").replace($,""),e[2]==="~="&&(e[3]=" "+e[3]+" "),e.slice(0,4)},CHILD:function(e){return e[1]=e[1].toLowerCase(),e[1]==="nth"?(e[2]||nt.error(e[0]),e[3]=+(e[3]?e[4]+(e[5]||1):2*(e[2]==="even"||e[2]==="odd")),e[4]=+(e[6]+e[7]||e[2]==="odd")):e[2]&&nt.error(e[0]),e},PSEUDO:function(e){var t,n;if(J.CHILD.test(e[0]))return null;if(e[3])e[2]=e[3];else if(t=e[4])q.test(t)&&(n=ut(t,!0))&&(n=t.indexOf(")",t.length-n)-t.length)&&(t=t.slice(0,n),e[0]=e[0].slice(0,n)),e[2]=t;return e.slice(0,3)}},filter:{ID:r?function(e){return e=e.replace($,""),function(t){return t.getAttribute("id")===e}}:function(e){return e=e.replace($,""),function(t){var n=typeof t.getAttributeNode!==p&&t.getAttributeNode("id");return n&&n.value===e}},TAG:function(e){return e==="*"?function(){return!0}:(e=e.replace($,"").toLowerCase(),function(t){return t.nodeName&&t.nodeName.toLowerCase()===e})},CLASS:function(e){var t=k[d][e+" "];return t||(t=new RegExp("(^|"+O+")"+e+"("+O+"|$)"))&&k(e,function(e){return t.test(e.className||typeof e.getAttribute!==p&&e.getAttribute("class")||"")})},ATTR:function(e,t,n){return function(r,i){var s=nt.attr(r,e);return s==null?t==="!=":t?(s+="",t==="="?s===n:t==="!="?s!==n:t==="^="?n&&s.indexOf(n)===0:t==="*="?n&&s.indexOf(n)>-1:t==="$="?n&&s.substr(s.length-n.length)===n:t==="~="?(" "+s+" ").indexOf(n)>-1:t==="|="?s===n||s.substr(0,n.length+1)===n+"-":!1):!0}},CHILD:function(e,t,n,r){return e==="nth"?function(e){var t,i,s=e.parentNode;if(n===1&&r===0)return!0;if(s){i=0;for(t=s.firstChild;t;t=t.nextSibling)if(t.nodeType===1){i++;if(e===t)break}}return i-=r,i===n||i%n===0&&i/n>=0}:function(t){var n=t;switch(e){case"only":case"first":while(n=n.previousSibling)if(n.nodeType===1)return!1;if(e==="first")return!0;n=t;case"last":while(n=n.nextSibling)if(n.nodeType===1)return!1;return!0}}},PSEUDO:function(e,t){var n,r=i.pseudos[e]||i.setFilters[e.toLowerCase()]||nt.error("unsupported pseudo: "+e);return r[d]?r(t):r.length>1?(n=[e,e,"",t],i.setFilters.hasOwnProperty(e.toLowerCase())?N(function(e,n){var i,s=r(e,t),o=s.length;while(o--)i=T.call(e,s[o]),e[i]=!(n[i]=s[o])}):function(e){return r(e,0,n)}):r}},pseudos:{not:N(function(e){var t=[],n=[],r=a(e.replace(j,"$1"));return r[d]?N(function(e,t,n,i){var s,o=r(e,null,i,[]),u=e.length;while(u--)if(s=o[u])e[u]=!(t[u]=s)}):function(e,i,s){return t[0]=e,r(t,null,s,n),!n.pop()}}),has:N(function(e){return function(t){return nt(e,t).length>0}}),contains:N(function(e){return function(t){return(t.textContent||t.innerText||s(t)).indexOf(e)>-1}}),enabled:function(e){return e.disabled===!1},disabled:function(e){return e.disabled===!0},checked:function(e){var t=e.nodeName.toLowerCase();return t==="input"&&!!e.checked||t==="option"&&!!e.selected},selected:function(e){return e.parentNode&&e.parentNode.selectedIndex,e.selected===!0},parent:function(e){return!i.pseudos.empty(e)},empty:function(e){var t;e=e.firstChild;while(e){if(e.nodeName>"@"||(t=e.nodeType)===3||t===4)return!1;e=e.nextSibling}return!0},header:function(e){return X.test(e.nodeName)},text:function(e){var t,n;return e.nodeName.toLowerCase()==="input"&&(t=e.type)==="text"&&((n=e.getAttribute("type"))==null||n.toLowerCase()===t)},radio:rt("radio"),checkbox:rt("checkbox"),file:rt("file"),password:rt("password"),image:rt("image"),submit:it("submit"),reset:it("reset"),button:function(e){var t=e.nodeName.toLowerCase();return t==="input"&&e.type==="button"||t==="button"},input:function(e){return V.test(e.nodeName)},focus:function(e){var t=e.ownerDocument;return e===t.activeElement&&(!t.hasFocus||t.hasFocus())&&!!(e.type||e.href||~e.tabIndex)},active:function(e){return e===e.ownerDocument.activeElement},first:st(function(){return[0]}),last:st(function(e,t){return[t-1]}),eq:st(function(e,t,n){return[n<0?n+t:n]}),even:st(function(e,t){for(var n=0;n<t;n+=2)e.push(n);return e}),odd:st(function(e,t){for(var n=1;n<t;n+=2)e.push(n);return e}),lt:st(function(e,t,n){for(var r=n<0?n+t:n;--r>=0;)e.push(r);return e}),gt:st(function(e,t,n){for(var r=n<0?n+t:n;++r<t;)e.push(r);return e})}},f=y.compareDocumentPosition?function(e,t){return e===t?(l=!0,0):(!e.compareDocumentPosition||!t.compareDocumentPosition?e.compareDocumentPosition:e.compareDocumentPosition(t)&4)?-1:1}:function(e,t){if(e===t)return l=!0,0;if(e.sourceIndex&&t.sourceIndex)return e.sourceIndex-t.sourceIndex;var n,r,i=[],s=[],o=e.parentNode,u=t.parentNode,a=o;if(o===u)return ot(e,t);if(!o)return-1;if(!u)return 1;while(a)i.unshift(a),a=a.parentNode;a=u;while(a)s.unshift(a),a=a.parentNode;n=i.length,r=s.length;for(var f=0;f<n&&f<r;f++)if(i[f]!==s[f])return ot(i[f],s[f]);return f===n?ot(e,s[f],-1):ot(i[f],t,1)},[0,0].sort(f),h=!l,nt.uniqueSort=function(e){var t,n=[],r=1,i=0;l=h,e.sort(f);if(l){for(;t=e[r];r++)t===e[r-1]&&(i=n.push(r));while(i--)e.splice(n[i],1)}return e},nt.error=function(e){throw new Error("Syntax error, unrecognized expression: "+e)},a=nt.compile=function(e,t){var n,r=[],i=[],s=A[d][e+" "];if(!s){t||(t=ut(e)),n=t.length;while(n--)s=ht(t[n]),s[d]?r.push(s):i.push(s);s=A(e,pt(i,r))}return s},g.querySelectorAll&&function(){var e,t=vt,n=/'|\\/g,r=/\=[\x20\t\r\n\f]*([^'"\]]*)[\x20\t\r\n\f]*\]/g,i=[":focus"],s=[":active"],u=y.matchesSelector||y.mozMatchesSelector||y.webkitMatchesSelector||y.oMatchesSelector||y.msMatchesSelector;K(function(e){e.innerHTML="<select><option selected=''></option></select>",e.querySelectorAll("[selected]").length||i.push("\\["+O+"*(?:checked|disabled|ismap|multiple|readonly|selected|value)"),e.querySelectorAll(":checked").length||i.push(":checked")}),K(function(e){e.innerHTML="<p test=''></p>",e.querySelectorAll("[test^='']").length&&i.push("[*^$]="+O+"*(?:\"\"|'')"),e.innerHTML="<input type='hidden'/>",e.querySelectorAll(":enabled").length||i.push(":enabled",":disabled")}),i=new RegExp(i.join("|")),vt=function(e,r,s,o,u){if(!o&&!u&&!i.test(e)){var a,f,l=!0,c=d,h=r,p=r.nodeType===9&&e;if(r.nodeType===1&&r.nodeName.toLowerCase()!=="object"){a=ut(e),(l=r.getAttribute("id"))?c=l.replace(n,"\\$&"):r.setAttribute("id",c),c="[id='"+c+"'] ",f=a.length;while(f--)a[f]=c+a[f].join("");h=z.test(e)&&r.parentNode||r,p=a.join(",")}if(p)try{return S.apply(s,x.call(h.querySelectorAll(p),0)),s}catch(v){}finally{l||r.removeAttribute("id")}}return t(e,r,s,o,u)},u&&(K(function(t){e=u.call(t,"div");try{u.call(t,"[test!='']:sizzle"),s.push("!=",H)}catch(n){}}),s=new RegExp(s.join("|")),nt.matchesSelector=function(t,n){n=n.replace(r,"='$1']");if(!o(t)&&!s.test(n)&&!i.test(n))try{var a=u.call(t,n);if(a||e||t.document&&t.document.nodeType!==11)return a}catch(f){}return nt(n,null,null,[t]).length>0})}(),i.pseudos.nth=i.pseudos.eq,i.filters=mt.prototype=i.pseudos,i.setFilters=new mt,nt.attr=v.attr,v.find=nt,v.expr=nt.selectors,v.expr[":"]=v.expr.pseudos,v.unique=nt.uniqueSort,v.text=nt.getText,v.isXMLDoc=nt.isXML,v.contains=nt.contains}(e);var nt=/Until$/,rt=/^(?:parents|prev(?:Until|All))/,it=/^.[^:#\[\.,]*$/,st=v.expr.match.needsContext,ot={children:!0,contents:!0,next:!0,prev:!0};v.fn.extend({find:function(e){var t,n,r,i,s,o,u=this;if(typeof e!="string")return v(e).filter(function(){for(t=0,n=u.length;t<n;t++)if(v.contains(u[t],this))return!0});o=this.pushStack("","find",e);for(t=0,n=this.length;t<n;t++){r=o.length,v.find(e,this[t],o);if(t>0)for(i=r;i<o.length;i++)for(s=0;s<r;s++)if(o[s]===o[i]){o.splice(i--,1);break}}return o},has:function(e){var t,n=v(e,this),r=n.length;return this.filter(function(){for(t=0;t<r;t++)if(v.contains(this,n[t]))return!0})},not:function(e){return this.pushStack(ft(this,e,!1),"not",e)},filter:function(e){return this.pushStack(ft(this,e,!0),"filter",e)},is:function(e){return!!e&&(typeof e=="string"?st.test(e)?v(e,this.context).index(this[0])>=0:v.filter(e,this).length>0:this.filter(e).length>0)},closest:function(e,t){var n,r=0,i=this.length,s=[],o=st.test(e)||typeof e!="string"?v(e,t||this.context):0;for(;r<i;r++){n=this[r];while(n&&n.ownerDocument&&n!==t&&n.nodeType!==11){if(o?o.index(n)>-1:v.find.matchesSelector(n,e)){s.push(n);break}n=n.parentNode}}return s=s.length>1?v.unique(s):s,this.pushStack(s,"closest",e)},index:function(e){return e?typeof e=="string"?v.inArray(this[0],v(e)):v.inArray(e.jquery?e[0]:e,this):this[0]&&this[0].parentNode?this.prevAll().length:-1},add:function(e,t){var n=typeof e=="string"?v(e,t):v.makeArray(e&&e.nodeType?[e]:e),r=v.merge(this.get(),n);return this.pushStack(ut(n[0])||ut(r[0])?r:v.unique(r))},addBack:function(e){return this.add(e==null?this.prevObject:this.prevObject.filter(e))}}),v.fn.andSelf=v.fn.addBack,v.each({parent:function(e){var t=e.parentNode;return t&&t.nodeType!==11?t:null},parents:function(e){return v.dir(e,"parentNode")},parentsUntil:function(e,t,n){return v.dir(e,"parentNode",n)},next:function(e){return at(e,"nextSibling")},prev:function(e){return at(e,"previousSibling")},nextAll:function(e){return v.dir(e,"nextSibling")},prevAll:function(e){return v.dir(e,"previousSibling")},nextUntil:function(e,t,n){return v.dir(e,"nextSibling",n)},prevUntil:function(e,t,n){return v.dir(e,"previousSibling",n)},siblings:function(e){return v.sibling((e.parentNode||{}).firstChild,e)},children:function(e){return v.sibling(e.firstChild)},contents:function(e){return v.nodeName(e,"iframe")?e.contentDocument||e.contentWindow.document:v.merge([],e.childNodes)}},function(e,t){v.fn[e]=function(n,r){var i=v.map(this,t,n);return nt.test(e)||(r=n),r&&typeof r=="string"&&(i=v.filter(r,i)),i=this.length>1&&!ot[e]?v.unique(i):i,this.length>1&&rt.test(e)&&(i=i.reverse()),this.pushStack(i,e,l.call(arguments).join(","))}}),v.extend({filter:function(e,t,n){return n&&(e=":not("+e+")"),t.length===1?v.find.matchesSelector(t[0],e)?[t[0]]:[]:v.find.matches(e,t)},dir:function(e,n,r){var i=[],s=e[n];while(s&&s.nodeType!==9&&(r===t||s.nodeType!==1||!v(s).is(r)))s.nodeType===1&&i.push(s),s=s[n];return i},sibling:function(e,t){var n=[];for(;e;e=e.nextSibling)e.nodeType===1&&e!==t&&n.push(e);return n}});var ct="abbr|article|aside|audio|bdi|canvas|data|datalist|details|figcaption|figure|footer|header|hgroup|mark|meter|nav|output|progress|section|summary|time|video",ht=/ jQuery\d+="(?:null|\d+)"/g,pt=/^\s+/,dt=/<(?!area|br|col|embed|hr|img|input|link|meta|param)(([\w:]+)[^>]*)\/>/gi,vt=/<([\w:]+)/,mt=/<tbody/i,gt=/<|&#?\w+;/,yt=/<(?:script|style|link)/i,bt=/<(?:script|object|embed|option|style)/i,wt=new RegExp("<(?:"+ct+")[\\s/>]","i"),Et=/^(?:checkbox|radio)$/,St=/checked\s*(?:[^=]|=\s*.checked.)/i,xt=/\/(java|ecma)script/i,Tt=/^\s*<!(?:\[CDATA\[|\-\-)|[\]\-]{2}>\s*$/g,Nt={option:[1,"<select multiple='multiple'>","</select>"],legend:[1,"<fieldset>","</fieldset>"],thead:[1,"<table>","</table>"],tr:[2,"<table><tbody>","</tbody></table>"],td:[3,"<table><tbody><tr>","</tr></tbody></table>"],col:[2,"<table><tbody></tbody><colgroup>","</colgroup></table>"],area:[1,"<map>","</map>"],_default:[0,"",""]},Ct=lt(i),kt=Ct.appendChild(i.createElement("div"));Nt.optgroup=Nt.option,Nt.tbody=Nt.tfoot=Nt.colgroup=Nt.caption=Nt.thead,Nt.th=Nt.td,v.support.htmlSerialize||(Nt._default=[1,"X<div>","</div>"]),v.fn.extend({text:function(e){return v.access(this,function(e){return e===t?v.text(this):this.empty().append((this[0]&&this[0].ownerDocument||i).createTextNode(e))},null,e,arguments.length)},wrapAll:function(e){if(v.isFunction(e))return this.each(function(t){v(this).wrapAll(e.call(this,t))});if(this[0]){var t=v(e,this[0].ownerDocument).eq(0).clone(!0);this[0].parentNode&&t.insertBefore(this[0]),t.map(function(){var e=this;while(e.firstChild&&e.firstChild.nodeType===1)e=e.firstChild;return e}).append(this)}return this},wrapInner:function(e){return v.isFunction(e)?this.each(function(t){v(this).wrapInner(e.call(this,t))}):this.each(function(){var t=v(this),n=t.contents();n.length?n.wrapAll(e):t.append(e)})},wrap:function(e){var t=v.isFunction(e);return this.each(function(n){v(this).wrapAll(t?e.call(this,n):e)})},unwrap:function(){return this.parent().each(function(){v.nodeName(this,"body")||v(this).replaceWith(this.childNodes)}).end()},append:function(){return this.domManip(arguments,!0,function(e){(this.nodeType===1||this.nodeType===11)&&this.appendChild(e)})},prepend:function(){return this.domManip(arguments,!0,function(e){(this.nodeType===1||this.nodeType===11)&&this.insertBefore(e,this.firstChild)})},before:function(){if(!ut(this[0]))return this.domManip(arguments,!1,function(e){this.parentNode.insertBefore(e,this)});if(arguments.length){var e=v.clean(arguments);return this.pushStack(v.merge(e,this),"before",this.selector)}},after:function(){if(!ut(this[0]))return this.domManip(arguments,!1,function(e){this.parentNode.insertBefore(e,this.nextSibling)});if(arguments.length){var e=v.clean(arguments);return this.pushStack(v.merge(this,e),"after",this.selector)}},remove:function(e,t){var n,r=0;for(;(n=this[r])!=null;r++)if(!e||v.filter(e,[n]).length)!t&&n.nodeType===1&&(v.cleanData(n.getElementsByTagName("*")),v.cleanData([n])),n.parentNode&&n.parentNode.removeChild(n);return this},empty:function(){var e,t=0;for(;(e=this[t])!=null;t++){e.nodeType===1&&v.cleanData(e.getElementsByTagName("*"));while(e.firstChild)e.removeChild(e.firstChild)}return this},clone:function(e,t){return e=e==null?!1:e,t=t==null?e:t,this.map(function(){return v.clone(this,e,t)})},html:function(e){return v.access(this,function(e){var n=this[0]||{},r=0,i=this.length;if(e===t)return n.nodeType===1?n.innerHTML.replace(ht,""):t;if(typeof e=="string"&&!yt.test(e)&&(v.support.htmlSerialize||!wt.test(e))&&(v.support.leadingWhitespace||!pt.test(e))&&!Nt[(vt.exec(e)||["",""])[1].toLowerCase()]){e=e.replace(dt,"<$1></$2>");try{for(;r<i;r++)n=this[r]||{},n.nodeType===1&&(v.cleanData(n.getElementsByTagName("*")),n.innerHTML=e);n=0}catch(s){}}n&&this.empty().append(e)},null,e,arguments.length)},replaceWith:function(e){return ut(this[0])?this.length?this.pushStack(v(v.isFunction(e)?e():e),"replaceWith",e):this:v.isFunction(e)?this.each(function(t){var n=v(this),r=n.html();n.replaceWith(e.call(this,t,r))}):(typeof e!="string"&&(e=v(e).detach()),this.each(function(){var t=this.nextSibling,n=this.parentNode;v(this).remove(),t?v(t).before(e):v(n).append(e)}))},detach:function(e){return this.remove(e,!0)},domManip:function(e,n,r){e=[].concat.apply([],e);var i,s,o,u,a=0,f=e[0],l=[],c=this.length;if(!v.support.checkClone&&c>1&&typeof f=="string"&&St.test(f))return this.each(function(){v(this).domManip(e,n,r)});if(v.isFunction(f))return this.each(function(i){var s=v(this);e[0]=f.call(this,i,n?s.html():t),s.domManip(e,n,r)});if(this[0]){i=v.buildFragment(e,this,l),o=i.fragment,s=o.firstChild,o.childNodes.length===1&&(o=s);if(s){n=n&&v.nodeName(s,"tr");for(u=i.cacheable||c-1;a<c;a++)r.call(n&&v.nodeName(this[a],"table")?Lt(this[a],"tbody"):this[a],a===u?o:v.clone(o,!0,!0))}o=s=null,l.length&&v.each(l,function(e,t){t.src?v.ajax?v.ajax({url:t.src,type:"GET",dataType:"script",async:!1,global:!1,"throws":!0}):v.error("no ajax"):v.globalEval((t.text||t.textContent||t.innerHTML||"").replace(Tt,"")),t.parentNode&&t.parentNode.removeChild(t)})}return this}}),v.buildFragment=function(e,n,r){var s,o,u,a=e[0];return n=n||i,n=!n.nodeType&&n[0]||n,n=n.ownerDocument||n,e.length===1&&typeof a=="string"&&a.length<512&&n===i&&a.charAt(0)==="<"&&!bt.test(a)&&(v.support.checkClone||!St.test(a))&&(v.support.html5Clone||!wt.test(a))&&(o=!0,s=v.fragments[a],u=s!==t),s||(s=n.createDocumentFragment(),v.clean(e,n,s,r),o&&(v.fragments[a]=u&&s)),{fragment:s,cacheable:o}},v.fragments={},v.each({appendTo:"append",prependTo:"prepend",insertBefore:"before",insertAfter:"after",replaceAll:"replaceWith"},function(e,t){v.fn[e]=function(n){var r,i=0,s=[],o=v(n),u=o.length,a=this.length===1&&this[0].parentNode;if((a==null||a&&a.nodeType===11&&a.childNodes.length===1)&&u===1)return o[t](this[0]),this;for(;i<u;i++)r=(i>0?this.clone(!0):this).get(),v(o[i])[t](r),s=s.concat(r);return this.pushStack(s,e,o.selector)}}),v.extend({clone:function(e,t,n){var r,i,s,o;v.support.html5Clone||v.isXMLDoc(e)||!wt.test("<"+e.nodeName+">")?o=e.cloneNode(!0):(kt.innerHTML=e.outerHTML,kt.removeChild(o=kt.firstChild));if((!v.support.noCloneEvent||!v.support.noCloneChecked)&&(e.nodeType===1||e.nodeType===11)&&!v.isXMLDoc(e)){Ot(e,o),r=Mt(e),i=Mt(o);for(s=0;r[s];++s)i[s]&&Ot(r[s],i[s])}if(t){At(e,o);if(n){r=Mt(e),i=Mt(o);for(s=0;r[s];++s)At(r[s],i[s])}}return r=i=null,o},clean:function(e,t,n,r){var s,o,u,a,f,l,c,h,p,d,m,g,y=t===i&&Ct,b=[];if(!t||typeof t.createDocumentFragment=="undefined")t=i;for(s=0;(u=e[s])!=null;s++){typeof u=="number"&&(u+="");if(!u)continue;if(typeof u=="string")if(!gt.test(u))u=t.createTextNode(u);else{y=y||lt(t),c=t.createElement("div"),y.appendChild(c),u=u.replace(dt,"<$1></$2>"),a=(vt.exec(u)||["",""])[1].toLowerCase(),f=Nt[a]||Nt._default,l=f[0],c.innerHTML=f[1]+u+f[2];while(l--)c=c.lastChild;if(!v.support.tbody){h=mt.test(u),p=a==="table"&&!h?c.firstChild&&c.firstChild.childNodes:f[1]==="<table>"&&!h?c.childNodes:[];for(o=p.length-1;o>=0;--o)v.nodeName(p[o],"tbody")&&!p[o].childNodes.length&&p[o].parentNode.removeChild(p[o])}!v.support.leadingWhitespace&&pt.test(u)&&c.insertBefore(t.createTextNode(pt.exec(u)[0]),c.firstChild),u=c.childNodes,c.parentNode.removeChild(c)}u.nodeType?b.push(u):v.merge(b,u)}c&&(u=c=y=null);if(!v.support.appendChecked)for(s=0;(u=b[s])!=null;s++)v.nodeName(u,"input")?_t(u):typeof u.getElementsByTagName!="undefined"&&v.grep(u.getElementsByTagName("input"),_t);if(n){m=function(e){if(!e.type||xt.test(e.type))return r?r.push(e.parentNode?e.parentNode.removeChild(e):e):n.appendChild(e)};for(s=0;(u=b[s])!=null;s++)if(!v.nodeName(u,"script")||!m(u))n.appendChild(u),typeof u.getElementsByTagName!="undefined"&&(g=v.grep(v.merge([],u.getElementsByTagName("script")),m),b.splice.apply(b,[s+1,0].concat(g)),s+=g.length)}return b},cleanData:function(e,t){var n,r,i,s,o=0,u=v.expando,a=v.cache,f=v.support.deleteExpando,l=v.event.special;for(;(i=e[o])!=null;o++)if(t||v.acceptData(i)){r=i[u],n=r&&a[r];if(n){if(n.events)for(s in n.events)l[s]?v.event.remove(i,s):v.removeEvent(i,s,n.handle);a[r]&&(delete a[r],f?delete i[u]:i.removeAttribute?i.removeAttribute(u):i[u]=null,v.deletedIds.push(r))}}}}),function(){var e,t;v.uaMatch=function(e){e=e.toLowerCase();var t=/(chrome)[ \/]([\w.]+)/.exec(e)||/(webkit)[ \/]([\w.]+)/.exec(e)||/(opera)(?:.*version|)[ \/]([\w.]+)/.exec(e)||/(msie) ([\w.]+)/.exec(e)||e.indexOf("compatible")<0&&/(mozilla)(?:.*? rv:([\w.]+)|)/.exec(e)||[];return{browser:t[1]||"",version:t[2]||"0"}},e=v.uaMatch(o.userAgent),t={},e.browser&&(t[e.browser]=!0,t.version=e.version),t.chrome?t.webkit=!0:t.webkit&&(t.safari=!0),v.browser=t,v.sub=function(){function e(t,n){return new e.fn.init(t,n)}v.extend(!0,e,this),e.superclass=this,e.fn=e.prototype=this(),e.fn.constructor=e,e.sub=this.sub,e.fn.init=function(r,i){return i&&i instanceof v&&!(i instanceof e)&&(i=e(i)),v.fn.init.call(this,r,i,t)},e.fn.init.prototype=e.fn;var t=e(i);return e}}();var Dt,Pt,Ht,Bt=/alpha\([^)]*\)/i,jt=/opacity=([^)]*)/,Ft=/^(top|right|bottom|left)$/,It=/^(none|table(?!-c[ea]).+)/,qt=/^margin/,Rt=new RegExp("^("+m+")(.*)$","i"),Ut=new RegExp("^("+m+")(?!px)[a-z%]+$","i"),zt=new RegExp("^([-+])=("+m+")","i"),Wt={BODY:"block"},Xt={position:"absolute",visibility:"hidden",display:"block"},Vt={letterSpacing:0,fontWeight:400},$t=["Top","Right","Bottom","Left"],Jt=["Webkit","O","Moz","ms"],Kt=v.fn.toggle;v.fn.extend({css:function(e,n){return v.access(this,function(e,n,r){return r!==t?v.style(e,n,r):v.css(e,n)},e,n,arguments.length>1)},show:function(){return Yt(this,!0)},hide:function(){return Yt(this)},toggle:function(e,t){var n=typeof e=="boolean";return v.isFunction(e)&&v.isFunction(t)?Kt.apply(this,arguments):this.each(function(){(n?e:Gt(this))?v(this).show():v(this).hide()})}}),v.extend({cssHooks:{opacity:{get:function(e,t){if(t){var n=Dt(e,"opacity");return n===""?"1":n}}}},cssNumber:{fillOpacity:!0,fontWeight:!0,lineHeight:!0,opacity:!0,orphans:!0,widows:!0,zIndex:!0,zoom:!0},cssProps:{"float":v.support.cssFloat?"cssFloat":"styleFloat"},style:function(e,n,r,i){if(!e||e.nodeType===3||e.nodeType===8||!e.style)return;var s,o,u,a=v.camelCase(n),f=e.style;n=v.cssProps[a]||(v.cssProps[a]=Qt(f,a)),u=v.cssHooks[n]||v.cssHooks[a];if(r===t)return u&&"get"in u&&(s=u.get(e,!1,i))!==t?s:f[n];o=typeof r,o==="string"&&(s=zt.exec(r))&&(r=(s[1]+1)*s[2]+parseFloat(v.css(e,n)),o="number");if(r==null||o==="number"&&isNaN(r))return;o==="number"&&!v.cssNumber[a]&&(r+="px");if(!u||!("set"in u)||(r=u.set(e,r,i))!==t)try{f[n]=r}catch(l){}},css:function(e,n,r,i){var s,o,u,a=v.camelCase(n);return n=v.cssProps[a]||(v.cssProps[a]=Qt(e.style,a)),u=v.cssHooks[n]||v.cssHooks[a],u&&"get"in u&&(s=u.get(e,!0,i)),s===t&&(s=Dt(e,n)),s==="normal"&&n in Vt&&(s=Vt[n]),r||i!==t?(o=parseFloat(s),r||v.isNumeric(o)?o||0:s):s},swap:function(e,t,n){var r,i,s={};for(i in t)s[i]=e.style[i],e.style[i]=t[i];r=n.call(e);for(i in t)e.style[i]=s[i];return r}}),e.getComputedStyle?Dt=function(t,n){var r,i,s,o,u=e.getComputedStyle(t,null),a=t.style;return u&&(r=u.getPropertyValue(n)||u[n],r===""&&!v.contains(t.ownerDocument,t)&&(r=v.style(t,n)),Ut.test(r)&&qt.test(n)&&(i=a.width,s=a.minWidth,o=a.maxWidth,a.minWidth=a.maxWidth=a.width=r,r=u.width,a.width=i,a.minWidth=s,a.maxWidth=o)),r}:i.documentElement.currentStyle&&(Dt=function(e,t){var n,r,i=e.currentStyle&&e.currentStyle[t],s=e.style;return i==null&&s&&s[t]&&(i=s[t]),Ut.test(i)&&!Ft.test(t)&&(n=s.left,r=e.runtimeStyle&&e.runtimeStyle.left,r&&(e.runtimeStyle.left=e.currentStyle.left),s.left=t==="fontSize"?"1em":i,i=s.pixelLeft+"px",s.left=n,r&&(e.runtimeStyle.left=r)),i===""?"auto":i}),v.each(["height","width"],function(e,t){v.cssHooks[t]={get:function(e,n,r){if(n)return e.offsetWidth===0&&It.test(Dt(e,"display"))?v.swap(e,Xt,function(){return tn(e,t,r)}):tn(e,t,r)},set:function(e,n,r){return Zt(e,n,r?en(e,t,r,v.support.boxSizing&&v.css(e,"boxSizing")==="border-box"):0)}}}),v.support.opacity||(v.cssHooks.opacity={get:function(e,t){return jt.test((t&&e.currentStyle?e.currentStyle.filter:e.style.filter)||"")?.01*parseFloat(RegExp.$1)+"":t?"1":""},set:function(e,t){var n=e.style,r=e.currentStyle,i=v.isNumeric(t)?"alpha(opacity="+t*100+")":"",s=r&&r.filter||n.filter||"";n.zoom=1;if(t>=1&&v.trim(s.replace(Bt,""))===""&&n.removeAttribute){n.removeAttribute("filter");if(r&&!r.filter)return}n.filter=Bt.test(s)?s.replace(Bt,i):s+" "+i}}),v(function(){v.support.reliableMarginRight||(v.cssHooks.marginRight={get:function(e,t){return v.swap(e,{display:"inline-block"},function(){if(t)return Dt(e,"marginRight")})}}),!v.support.pixelPosition&&v.fn.position&&v.each(["top","left"],function(e,t){v.cssHooks[t]={get:function(e,n){if(n){var r=Dt(e,t);return Ut.test(r)?v(e).position()[t]+"px":r}}}})}),v.expr&&v.expr.filters&&(v.expr.filters.hidden=function(e){return e.offsetWidth===0&&e.offsetHeight===0||!v.support.reliableHiddenOffsets&&(e.style&&e.style.display||Dt(e,"display"))==="none"},v.expr.filters.visible=function(e){return!v.expr.filters.hidden(e)}),v.each({margin:"",padding:"",border:"Width"},function(e,t){v.cssHooks[e+t]={expand:function(n){var r,i=typeof n=="string"?n.split(" "):[n],s={};for(r=0;r<4;r++)s[e+$t[r]+t]=i[r]||i[r-2]||i[0];return s}},qt.test(e)||(v.cssHooks[e+t].set=Zt)});var rn=/%20/g,sn=/\[\]$/,on=/\r?\n/g,un=/^(?:color|date|datetime|datetime-local|email|hidden|month|number|password|range|search|tel|text|time|url|week)$/i,an=/^(?:select|textarea)/i;v.fn.extend({serialize:function(){return v.param(this.serializeArray())},serializeArray:function(){return this.map(function(){return this.elements?v.makeArray(this.elements):this}).filter(function(){return this.name&&!this.disabled&&(this.checked||an.test(this.nodeName)||un.test(this.type))}).map(function(e,t){var n=v(this).val();return n==null?null:v.isArray(n)?v.map(n,function(e,n){return{name:t.name,value:e.replace(on,"\r\n")}}):{name:t.name,value:n.replace(on,"\r\n")}}).get()}}),v.param=function(e,n){var r,i=[],s=function(e,t){t=v.isFunction(t)?t():t==null?"":t,i[i.length]=encodeURIComponent(e)+"="+encodeURIComponent(t)};n===t&&(n=v.ajaxSettings&&v.ajaxSettings.traditional);if(v.isArray(e)||e.jquery&&!v.isPlainObject(e))v.each(e,function(){s(this.name,this.value)});else for(r in e)fn(r,e[r],n,s);return i.join("&").replace(rn,"+")};var ln,cn,hn=/#.*$/,pn=/^(.*?):[ \t]*([^\r\n]*)\r?$/mg,dn=/^(?:about|app|app\-storage|.+\-extension|file|res|widget):$/,vn=/^(?:GET|HEAD)$/,mn=/^\/\//,gn=/\?/,yn=/<script\b[^<]*(?:(?!<\/script>)<[^<]*)*<\/script>/gi,bn=/([?&])_=[^&]*/,wn=/^([\w\+\.\-]+:)(?:\/\/([^\/?#:]*)(?::(\d+)|)|)/,En=v.fn.load,Sn={},xn={},Tn=["*/"]+["*"];try{cn=s.href}catch(Nn){cn=i.createElement("a"),cn.href="",cn=cn.href}ln=wn.exec(cn.toLowerCase())||[],v.fn.load=function(e,n,r){if(typeof e!="string"&&En)return En.apply(this,arguments);if(!this.length)return this;var i,s,o,u=this,a=e.indexOf(" ");return a>=0&&(i=e.slice(a,e.length),e=e.slice(0,a)),v.isFunction(n)?(r=n,n=t):n&&typeof n=="object"&&(s="POST"),v.ajax({url:e,type:s,dataType:"html",data:n,complete:function(e,t){r&&u.each(r,o||[e.responseText,t,e])}}).done(function(e){o=arguments,u.html(i?v("<div>").append(e.replace(yn,"")).find(i):e)}),this},v.each("ajaxStart ajaxStop ajaxComplete ajaxError ajaxSuccess ajaxSend".split(" "),function(e,t){v.fn[t]=function(e){return this.on(t,e)}}),v.each(["get","post"],function(e,n){v[n]=function(e,r,i,s){return v.isFunction(r)&&(s=s||i,i=r,r=t),v.ajax({type:n,url:e,data:r,success:i,dataType:s})}}),v.extend({getScript:function(e,n){return v.get(e,t,n,"script")},getJSON:function(e,t,n){return v.get(e,t,n,"json")},ajaxSetup:function(e,t){return t?Ln(e,v.ajaxSettings):(t=e,e=v.ajaxSettings),Ln(e,t),e},ajaxSettings:{url:cn,isLocal:dn.test(ln[1]),global:!0,type:"GET",contentType:"application/x-www-form-urlencoded; charset=UTF-8",processData:!0,async:!0,accepts:{xml:"application/xml, text/xml",html:"text/html",text:"text/plain",json:"application/json, text/javascript","*":Tn},contents:{xml:/xml/,html:/html/,json:/json/},responseFields:{xml:"responseXML",text:"responseText"},converters:{"* text":e.String,"text html":!0,"text json":v.parseJSON,"text xml":v.parseXML},flatOptions:{context:!0,url:!0}},ajaxPrefilter:Cn(Sn),ajaxTransport:Cn(xn),ajax:function(e,n){function T(e,n,s,a){var l,y,b,w,S,T=n;if(E===2)return;E=2,u&&clearTimeout(u),o=t,i=a||"",x.readyState=e>0?4:0,s&&(w=An(c,x,s));if(e>=200&&e<300||e===304)c.ifModified&&(S=x.getResponseHeader("Last-Modified"),S&&(v.lastModified[r]=S),S=x.getResponseHeader("Etag"),S&&(v.etag[r]=S)),e===304?(T="notmodified",l=!0):(l=On(c,w),T=l.state,y=l.data,b=l.error,l=!b);else{b=T;if(!T||e)T="error",e<0&&(e=0)}x.status=e,x.statusText=(n||T)+"",l?d.resolveWith(h,[y,T,x]):d.rejectWith(h,[x,T,b]),x.statusCode(g),g=t,f&&p.trigger("ajax"+(l?"Success":"Error"),[x,c,l?y:b]),m.fireWith(h,[x,T]),f&&(p.trigger("ajaxComplete",[x,c]),--v.active||v.event.trigger("ajaxStop"))}typeof e=="object"&&(n=e,e=t),n=n||{};var r,i,s,o,u,a,f,l,c=v.ajaxSetup({},n),h=c.context||c,p=h!==c&&(h.nodeType||h instanceof v)?v(h):v.event,d=v.Deferred(),m=v.Callbacks("once memory"),g=c.statusCode||{},b={},w={},E=0,S="canceled",x={readyState:0,setRequestHeader:function(e,t){if(!E){var n=e.toLowerCase();e=w[n]=w[n]||e,b[e]=t}return this},getAllResponseHeaders:function(){return E===2?i:null},getResponseHeader:function(e){var n;if(E===2){if(!s){s={};while(n=pn.exec(i))s[n[1].toLowerCase()]=n[2]}n=s[e.toLowerCase()]}return n===t?null:n},overrideMimeType:function(e){return E||(c.mimeType=e),this},abort:function(e){return e=e||S,o&&o.abort(e),T(0,e),this}};d.promise(x),x.success=x.done,x.error=x.fail,x.complete=m.add,x.statusCode=function(e){if(e){var t;if(E<2)for(t in e)g[t]=[g[t],e[t]];else t=e[x.status],x.always(t)}return this},c.url=((e||c.url)+"").replace(hn,"").replace(mn,ln[1]+"//"),c.dataTypes=v.trim(c.dataType||"*").toLowerCase().split(y),c.crossDomain==null&&(a=wn.exec(c.url.toLowerCase()),c.crossDomain=!(!a||a[1]===ln[1]&&a[2]===ln[2]&&(a[3]||(a[1]==="http:"?80:443))==(ln[3]||(ln[1]==="http:"?80:443)))),c.data&&c.processData&&typeof c.data!="string"&&(c.data=v.param(c.data,c.traditional)),kn(Sn,c,n,x);if(E===2)return x;f=c.global,c.type=c.type.toUpperCase(),c.hasContent=!vn.test(c.type),f&&v.active++===0&&v.event.trigger("ajaxStart");if(!c.hasContent){c.data&&(c.url+=(gn.test(c.url)?"&":"?")+c.data,delete c.data),r=c.url;if(c.cache===!1){var N=v.now(),C=c.url.replace(bn,"$1_="+N);c.url=C+(C===c.url?(gn.test(c.url)?"&":"?")+"_="+N:"")}}(c.data&&c.hasContent&&c.contentType!==!1||n.contentType)&&x.setRequestHeader("Content-Type",c.contentType),c.ifModified&&(r=r||c.url,v.lastModified[r]&&x.setRequestHeader("If-Modified-Since",v.lastModified[r]),v.etag[r]&&x.setRequestHeader("If-None-Match",v.etag[r])),x.setRequestHeader("Accept",c.dataTypes[0]&&c.accepts[c.dataTypes[0]]?c.accepts[c.dataTypes[0]]+(c.dataTypes[0]!=="*"?", "+Tn+"; q=0.01":""):c.accepts["*"]);for(l in c.headers)x.setRequestHeader(l,c.headers[l]);if(!c.beforeSend||c.beforeSend.call(h,x,c)!==!1&&E!==2){S="abort";for(l in{success:1,error:1,complete:1})x[l](c[l]);o=kn(xn,c,n,x);if(!o)T(-1,"No Transport");else{x.readyState=1,f&&p.trigger("ajaxSend",[x,c]),c.async&&c.timeout>0&&(u=setTimeout(function(){x.abort("timeout")},c.timeout));try{E=1,o.send(b,T)}catch(k){if(!(E<2))throw k;T(-1,k)}}return x}return x.abort()},active:0,lastModified:{},etag:{}});var Mn=[],_n=/\?/,Dn=/(=)\?(?=&|$)|\?\?/,Pn=v.now();v.ajaxSetup({jsonp:"callback",jsonpCallback:function(){var e=Mn.pop()||v.expando+"_"+Pn++;return this[e]=!0,e}}),v.ajaxPrefilter("json jsonp",function(n,r,i){var s,o,u,a=n.data,f=n.url,l=n.jsonp!==!1,c=l&&Dn.test(f),h=l&&!c&&typeof a=="string"&&!(n.contentType||"").indexOf("application/x-www-form-urlencoded")&&Dn.test(a);if(n.dataTypes[0]==="jsonp"||c||h)return s=n.jsonpCallback=v.isFunction(n.jsonpCallback)?n.jsonpCallback():n.jsonpCallback,o=e[s],c?n.url=f.replace(Dn,"$1"+s):h?n.data=a.replace(Dn,"$1"+s):l&&(n.url+=(_n.test(f)?"&":"?")+n.jsonp+"="+s),n.converters["script json"]=function(){return u||v.error(s+" was not called"),u[0]},n.dataTypes[0]="json",e[s]=function(){u=arguments},i.always(function(){e[s]=o,n[s]&&(n.jsonpCallback=r.jsonpCallback,Mn.push(s)),u&&v.isFunction(o)&&o(u[0]),u=o=t}),"script"}),v.ajaxSetup({accepts:{script:"text/javascript, application/javascript, application/ecmascript, application/x-ecmascript"},contents:{script:/javascript|ecmascript/},converters:{"text script":function(e){return v.globalEval(e),e}}}),v.ajaxPrefilter("script",function(e){e.cache===t&&(e.cache=!1),e.crossDomain&&(e.type="GET",e.global=!1)}),v.ajaxTransport("script",function(e){if(e.crossDomain){var n,r=i.head||i.getElementsByTagName("head")[0]||i.documentElement;return{send:function(s,o){n=i.createElement("script"),n.async="async",e.scriptCharset&&(n.charset=e.scriptCharset),n.src=e.url,n.onload=n.onreadystatechange=function(e,i){if(i||!n.readyState||/loaded|complete/.test(n.readyState))n.onload=n.onreadystatechange=null,r&&n.parentNode&&r.removeChild(n),n=t,i||o(200,"success")},r.insertBefore(n,r.firstChild)},abort:function(){n&&n.onload(0,1)}}}});var Hn,Bn=e.ActiveXObject?function(){for(var e in Hn)Hn[e](0,1)}:!1,jn=0;v.ajaxSettings.xhr=e.ActiveXObject?function(){return!this.isLocal&&Fn()||In()}:Fn,function(e){v.extend(v.support,{ajax:!!e,cors:!!e&&"withCredentials"in e})}(v.ajaxSettings.xhr()),v.support.ajax&&v.ajaxTransport(function(n){if(!n.crossDomain||v.support.cors){var r;return{send:function(i,s){var o,u,a=n.xhr();n.username?a.open(n.type,n.url,n.async,n.username,n.password):a.open(n.type,n.url,n.async);if(n.xhrFields)for(u in n.xhrFields)a[u]=n.xhrFields[u];n.mimeType&&a.overrideMimeType&&a.overrideMimeType(n.mimeType),!n.crossDomain&&!i["X-Requested-With"]&&(i["X-Requested-With"]="XMLHttpRequest");try{for(u in i)a.setRequestHeader(u,i[u])}catch(f){}a.send(n.hasContent&&n.data||null),r=function(e,i){var u,f,l,c,h;try{if(r&&(i||a.readyState===4)){r=t,o&&(a.onreadystatechange=v.noop,Bn&&delete Hn[o]);if(i)a.readyState!==4&&a.abort();else{u=a.status,l=a.getAllResponseHeaders(),c={},h=a.responseXML,h&&h.documentElement&&(c.xml=h);try{c.text=a.responseText}catch(p){}try{f=a.statusText}catch(p){f=""}!u&&n.isLocal&&!n.crossDomain?u=c.text?200:404:u===1223&&(u=204)}}}catch(d){i||s(-1,d)}c&&s(u,f,c,l)},n.async?a.readyState===4?setTimeout(r,0):(o=++jn,Bn&&(Hn||(Hn={},v(e).unload(Bn)),Hn[o]=r),a.onreadystatechange=r):r()},abort:function(){r&&r(0,1)}}}});var qn,Rn,Un=/^(?:toggle|show|hide)$/,zn=new RegExp("^(?:([-+])=|)("+m+")([a-z%]*)$","i"),Wn=/queueHooks$/,Xn=[Gn],Vn={"*":[function(e,t){var n,r,i=this.createTween(e,t),s=zn.exec(t),o=i.cur(),u=+o||0,a=1,f=20;if(s){n=+s[2],r=s[3]||(v.cssNumber[e]?"":"px");if(r!=="px"&&u){u=v.css(i.elem,e,!0)||n||1;do a=a||".5",u/=a,v.style(i.elem,e,u+r);while(a!==(a=i.cur()/o)&&a!==1&&--f)}i.unit=r,i.start=u,i.end=s[1]?u+(s[1]+1)*n:n}return i}]};v.Animation=v.extend(Kn,{tweener:function(e,t){v.isFunction(e)?(t=e,e=["*"]):e=e.split(" ");var n,r=0,i=e.length;for(;r<i;r++)n=e[r],Vn[n]=Vn[n]||[],Vn[n].unshift(t)},prefilter:function(e,t){t?Xn.unshift(e):Xn.push(e)}}),v.Tween=Yn,Yn.prototype={constructor:Yn,init:function(e,t,n,r,i,s){this.elem=e,this.prop=n,this.easing=i||"swing",this.options=t,this.start=this.now=this.cur(),this.end=r,this.unit=s||(v.cssNumber[n]?"":"px")},cur:function(){var e=Yn.propHooks[this.prop];return e&&e.get?e.get(this):Yn.propHooks._default.get(this)},run:function(e){var t,n=Yn.propHooks[this.prop];return this.options.duration?this.pos=t=v.easing[this.easing](e,this.options.duration*e,0,1,this.options.duration):this.pos=t=e,this.now=(this.end-this.start)*t+this.start,this.options.step&&this.options.step.call(this.elem,this.now,this),n&&n.set?n.set(this):Yn.propHooks._default.set(this),this}},Yn.prototype.init.prototype=Yn.prototype,Yn.propHooks={_default:{get:function(e){var t;return e.elem[e.prop]==null||!!e.elem.style&&e.elem.style[e.prop]!=null?(t=v.css(e.elem,e.prop,!1,""),!t||t==="auto"?0:t):e.elem[e.prop]},set:function(e){v.fx.step[e.prop]?v.fx.step[e.prop](e):e.elem.style&&(e.elem.style[v.cssProps[e.prop]]!=null||v.cssHooks[e.prop])?v.style(e.elem,e.prop,e.now+e.unit):e.elem[e.prop]=e.now}}},Yn.propHooks.scrollTop=Yn.propHooks.scrollLeft={set:function(e){e.elem.nodeType&&e.elem.parentNode&&(e.elem[e.prop]=e.now)}},v.each(["toggle","show","hide"],function(e,t){var n=v.fn[t];v.fn[t]=function(r,i,s){return r==null||typeof r=="boolean"||!e&&v.isFunction(r)&&v.isFunction(i)?n.apply(this,arguments):this.animate(Zn(t,!0),r,i,s)}}),v.fn.extend({fadeTo:function(e,t,n,r){return this.filter(Gt).css("opacity",0).show().end().animate({opacity:t},e,n,r)},animate:function(e,t,n,r){var i=v.isEmptyObject(e),s=v.speed(t,n,r),o=function(){var t=Kn(this,v.extend({},e),s);i&&t.stop(!0)};return i||s.queue===!1?this.each(o):this.queue(s.queue,o)},stop:function(e,n,r){var i=function(e){var t=e.stop;delete e.stop,t(r)};return typeof e!="string"&&(r=n,n=e,e=t),n&&e!==!1&&this.queue(e||"fx",[]),this.each(function(){var t=!0,n=e!=null&&e+"queueHooks",s=v.timers,o=v._data(this);if(n)o[n]&&o[n].stop&&i(o[n]);else for(n in o)o[n]&&o[n].stop&&Wn.test(n)&&i(o[n]);for(n=s.length;n--;)s[n].elem===this&&(e==null||s[n].queue===e)&&(s[n].anim.stop(r),t=!1,s.splice(n,1));(t||!r)&&v.dequeue(this,e)})}}),v.each({slideDown:Zn("show"),slideUp:Zn("hide"),slideToggle:Zn("toggle"),fadeIn:{opacity:"show"},fadeOut:{opacity:"hide"},fadeToggle:{opacity:"toggle"}},function(e,t){v.fn[e]=function(e,n,r){return this.animate(t,e,n,r)}}),v.speed=function(e,t,n){var r=e&&typeof e=="object"?v.extend({},e):{complete:n||!n&&t||v.isFunction(e)&&e,duration:e,easing:n&&t||t&&!v.isFunction(t)&&t};r.duration=v.fx.off?0:typeof r.duration=="number"?r.duration:r.duration in v.fx.speeds?v.fx.speeds[r.duration]:v.fx.speeds._default;if(r.queue==null||r.queue===!0)r.queue="fx";return r.old=r.complete,r.complete=function(){v.isFunction(r.old)&&r.old.call(this),r.queue&&v.dequeue(this,r.queue)},r},v.easing={linear:function(e){return e},swing:function(e){return.5-Math.cos(e*Math.PI)/2}},v.timers=[],v.fx=Yn.prototype.init,v.fx.tick=function(){var e,n=v.timers,r=0;qn=v.now();for(;r<n.length;r++)e=n[r],!e()&&n[r]===e&&n.splice(r--,1);n.length||v.fx.stop(),qn=t},v.fx.timer=function(e){e()&&v.timers.push(e)&&!Rn&&(Rn=setInterval(v.fx.tick,v.fx.interval))},v.fx.interval=13,v.fx.stop=function(){clearInterval(Rn),Rn=null},v.fx.speeds={slow:600,fast:200,_default:400},v.fx.step={},v.expr&&v.expr.filters&&(v.expr.filters.animated=function(e){return v.grep(v.timers,function(t){return e===t.elem}).length});var er=/^(?:body|html)$/i;v.fn.offset=function(e){if(arguments.length)return e===t?this:this.each(function(t){v.offset.setOffset(this,e,t)});var n,r,i,s,o,u,a,f={top:0,left:0},l=this[0],c=l&&l.ownerDocument;if(!c)return;return(r=c.body)===l?v.offset.bodyOffset(l):(n=c.documentElement,v.contains(n,l)?(typeof l.getBoundingClientRect!="undefined"&&(f=l.getBoundingClientRect()),i=tr(c),s=n.clientTop||r.clientTop||0,o=n.clientLeft||r.clientLeft||0,u=i.pageYOffset||n.scrollTop,a=i.pageXOffset||n.scrollLeft,{top:f.top+u-s,left:f.left+a-o}):f)},v.offset={bodyOffset:function(e){var t=e.offsetTop,n=e.offsetLeft;return v.support.doesNotIncludeMarginInBodyOffset&&(t+=parseFloat(v.css(e,"marginTop"))||0,n+=parseFloat(v.css(e,"marginLeft"))||0),{top:t,left:n}},setOffset:function(e,t,n){var r=v.css(e,"position");r==="static"&&(e.style.position="relative");var i=v(e),s=i.offset(),o=v.css(e,"top"),u=v.css(e,"left"),a=(r==="absolute"||r==="fixed")&&v.inArray("auto",[o,u])>-1,f={},l={},c,h;a?(l=i.position(),c=l.top,h=l.left):(c=parseFloat(o)||0,h=parseFloat(u)||0),v.isFunction(t)&&(t=t.call(e,n,s)),t.top!=null&&(f.top=t.top-s.top+c),t.left!=null&&(f.left=t.left-s.left+h),"using"in t?t.using.call(e,f):i.css(f)}},v.fn.extend({position:function(){if(!this[0])return;var e=this[0],t=this.offsetParent(),n=this.offset(),r=er.test(t[0].nodeName)?{top:0,left:0}:t.offset();return n.top-=parseFloat(v.css(e,"marginTop"))||0,n.left-=parseFloat(v.css(e,"marginLeft"))||0,r.top+=parseFloat(v.css(t[0],"borderTopWidth"))||0,r.left+=parseFloat(v.css(t[0],"borderLeftWidth"))||0,{top:n.top-r.top,left:n.left-r.left}},offsetParent:function(){return this.map(function(){var e=this.offsetParent||i.body;while(e&&!er.test(e.nodeName)&&v.css(e,"position")==="static")e=e.offsetParent;return e||i.body})}}),v.each({scrollLeft:"pageXOffset",scrollTop:"pageYOffset"},function(e,n){var r=/Y/.test(n);v.fn[e]=function(i){return v.access(this,function(e,i,s){var o=tr(e);if(s===t)return o?n in o?o[n]:o.document.documentElement[i]:e[i];o?o.scrollTo(r?v(o).scrollLeft():s,r?s:v(o).scrollTop()):e[i]=s},e,i,arguments.length,null)}}),v.each({Height:"height",Width:"width"},function(e,n){v.each({padding:"inner"+e,content:n,"":"outer"+e},function(r,i){v.fn[i]=function(i,s){var o=arguments.length&&(r||typeof i!="boolean"),u=r||(i===!0||s===!0?"margin":"border");return v.access(this,function(n,r,i){var s;return v.isWindow(n)?n.document.documentElement["client"+e]:n.nodeType===9?(s=n.documentElement,Math.max(n.body["scroll"+e],s["scroll"+e],n.body["offset"+e],s["offset"+e],s["client"+e])):i===t?v.css(n,r,i,u):v.style(n,r,i,u)},n,o?i:t,o,null)}})}),e.jQuery=e.$=v,typeof define=="function"&&define.amd&&define.amd.jQuery&&define("jquery",[],function(){return v})})(window);
\ No newline at end of file diff --git a/base/server/share/webapps/pki/js/jquery.i18n.properties-min.js b/base/server/share/webapps/pki/js/jquery.i18n.properties-min.js new file mode 100644 index 000000000..059b4906d --- /dev/null +++ b/base/server/share/webapps/pki/js/jquery.i18n.properties-min.js @@ -0,0 +1,9 @@ +(function(k){function n(c,a){k.ajax({url:c,async:!1,cache:a.cache,contentType:"text/plain;charset="+a.encoding,dataType:"text",success:function(b){r(b,a.mode)}})}function r(c,a){for(var b="",e=c.split(/\n/),d=/(\{\d+\})/g,q=/\{(\d+)\}/g,m=/(\\u.{4})/ig,f=0;f<e.length;f++)if(e[f]=e[f].replace(/^\s\s*/,"").replace(/\s\s*$/,""),e[f].length>0&&e[f].match("^#")!="#"){var g=e[f].split("=");if(g.length>0){for(var o=unescape(g[0]).replace(/^\s\s*/,"").replace(/\s\s*$/,""),h=g.length==1?"":g[1];h.match(/\\$/)== +"\\";)h=h.substring(0,h.length-1),h+=e[++f].replace(/\s\s*$/,"");for(var l=2;l<g.length;l++)h+="="+g[l];h=h.replace(/^\s\s*/,"").replace(/\s\s*$/,"");if(a=="map"||a=="both"){if(g=h.match(m))for(l=0;l<g.length;l++)h=h.replace(g[l],s(g[l]));k.i18n.map[o]=h}if(a=="vars"||a=="both")if(h=h.replace(/"/g,'\\"'),t(o),d.test(h)){for(var g=h.split(d),l=!0,j="",n=[],p=0;p<g.length;p++)if(d.test(g[p])&&(n.length==0||n.indexOf(g[p])==-1))l||(j+=","),j+=g[p].replace(q,"v$1"),n.push(g[p]),l=!1;b+=o+"=function("+ +j+"){";o='"'+h.replace(q,'"+v$1+"')+'"';b+="return "+o+";};"}else b+=o+'="'+h+'";'}}eval(b)}function t(c){if(/\./.test(c))for(var a="",c=c.split(/\./),b=0;b<c.length;b++)b>0&&(a+="."),a+=c[b],eval("typeof "+a+' == "undefined"')&&eval(a+"={};")}function s(c){var a=[],c=parseInt(c.substr(2),16);c>=0&&c<Math.pow(2,16)&&a.push(c);for(var c="",b=0;b<a.length;++b)c+=String.fromCharCode(a[b]);return c}k.i18n={};k.i18n.map={};k.i18n.properties=function(c){c=k.extend({name:"Messages",language:"",path:"",mode:"vars", +cache:!1,encoding:"UTF-8",callback:null},c);if(c.language===null||c.language=="")c.language=k.i18n.browserLang();if(c.language===null)c.language="";var a=c.name&&c.name.constructor==Array?c.name:[c.name];for(i=0;i<a.length;i++)n(c.path+a[i]+".properties",c),c.language.length>=2&&n(c.path+a[i]+"_"+c.language.substring(0,2)+".properties",c),c.language.length>=5&&n(c.path+a[i]+"_"+c.language.substring(0,5)+".properties",c);c.callback&&c.callback()};k.i18n.prop=function(c){var a=k.i18n.map[c];if(a==null)return"["+ +c+"]";var b;if(typeof a=="string"){for(b=0;(b=a.indexOf("\\",b))!=-1;)a=a[b+1]=="t"?a.substring(0,b)+"\t"+a.substring(b++ +2):a[b+1]=="r"?a.substring(0,b)+"\r"+a.substring(b++ +2):a[b+1]=="n"?a.substring(0,b)+"\n"+a.substring(b++ +2):a[b+1]=="f"?a.substring(0,b)+"\u000c"+a.substring(b++ +2):a[b+1]=="\\"?a.substring(0,b)+"\\"+a.substring(b++ +2):a.substring(0,b)+a.substring(b+1);var e=[],d,j;for(b=0;b<a.length;)if(a[b]=="'")if(b==a.length-1)a=a.substring(0,b);else if(a[b+1]=="'")a=a.substring(0,b)+ +a.substring(++b);else{for(d=b+2;(d=a.indexOf("'",d))!=-1;)if(d==a.length-1||a[d+1]!="'"){a=a.substring(0,b)+a.substring(b+1,d)+a.substring(d+1);b=d-1;break}else a=a.substring(0,d)+a.substring(++d);d==-1&&(a=a.substring(0,b)+a.substring(b+1))}else if(a[b]=="{")if(d=a.indexOf("}",b+1),d==-1)b++;else if(j=parseInt(a.substring(b+1,d)),!isNaN(j)&&j>=0){var m=a.substring(0,b);m!=""&&e.push(m);e.push(j);b=0;a=a.substring(d+1)}else b=d+1;else b++;a!=""&&e.push(a);a=e;k.i18n.map[c]=e}if(a.length==0)return""; +if(a.lengh==1&&typeof a[0]=="string")return a[0];m="";for(b=0;b<a.length;b++)m+=typeof a[b]=="string"?a[b]:a[b]+1<arguments.length?arguments[a[b]+1]:"{"+a[b]+"}";return m};k.i18n.browserLang=function(){var c=navigator.language||navigator.userLanguage,c=c.toLowerCase();c.length>3&&(c=c.substring(0,3)+c.substring(3).toUpperCase());return c};var j;if(!j)j=function(c,a,b){if(Object.prototype.toString.call(a)!=="[object RegExp]")return typeof j._nativeSplit=="undefined"?c.split(a,b):j._nativeSplit.call(c, +a,b);var e=[],d=0,k=(a.ignoreCase?"i":"")+(a.multiline?"m":"")+(a.sticky?"y":""),a=RegExp(a.source,k+"g"),m,f,g;c+="";j._compliantExecNpcg||(m=RegExp("^"+a.source+"$(?!\\s)",k));if(b===void 0||+b<0)b=Infinity;else if(b=Math.floor(+b),!b)return[];for(;f=a.exec(c);){k=f.index+f[0].length;if(k>d&&(e.push(c.slice(d,f.index)),!j._compliantExecNpcg&&f.length>1&&f[0].replace(m,function(){for(var a=1;a<arguments.length-2;a++)arguments[a]===void 0&&(f[a]=void 0)}),f.length>1&&f.index<c.length&&Array.prototype.push.apply(e, +f.slice(1)),g=f[0].length,d=k,e.length>=b))break;a.lastIndex===f.index&&a.lastIndex++}d===c.length?(g||!a.test(""))&&e.push(""):e.push(c.slice(d));return e.length>b?e.slice(0,b):e},j._compliantExecNpcg=/()??/.exec("")[1]===void 0,j._nativeSplit=String.prototype.split;String.prototype.split=function(c,a){return j(this,c,a)}})(jQuery);
\ No newline at end of file |