| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
| |
Removed unnecessary lines and changed the classpath used to build
the JUnit tests.
|
| |
|
| |
|
|
|
|
|
|
|
| |
Some REST services have been modified to throw BadRequestException
on null parameters.
Ticket #749
|
|
|
|
|
|
| |
Fixed the basic review comments for patches 74,75,76,77,78.
Tickets #657,722,723,724,725,785
|
|
|
|
|
|
|
|
| |
Added the scripts to compile the java test sources when trying
to build a beaker test rpm. This is required in a CI setup as the
source is freshly checked out and the build is automated.
Tickets 725, 785
|
|
|
|
|
|
|
|
| |
Provides the steps required to setup the tests and run the tests
in eclipse or from command line. Will be updated with details
setting up the CI test framework.
Tickets #657,722,723,724
|
|
|
|
|
|
|
|
| |
Include JUnit tests to the upstream. This will be the location
for all the new tests to come. These tests can be run on a beaker machine
as part of the QE tests or in eclipse to test an already existing test framework.
Tickets #657,722,723,724
|
|
|
|
|
|
|
|
|
|
| |
Provide a compose script for building the test rpm and
creating the job xml (by updating the job template with custom values
provided in a job xml config file). Also add a new option
--createrepo to the compose_pki_core_package script to create a repository
of the built rpms at the location specified in a config file.
Tickets #657, 722,723,724
|
|
|
|
|
|
|
| |
Opensource all the QE tests to upstream git so that the tests can be run
by setting up a local beaker server.
Ticket #657,722,723,724
|
|
|
|
|
|
|
|
|
|
|
| |
Some of the REST services have been fixed to consistently return a
DataCollection which contains the total count, the requested subset
of results, and links to request other subsets of the results.
The TPSConnectorFindCLI has been split into separate find and show
commands.
Ticket #749
|
|
|
|
|
|
|
|
|
| |
The configuration code has been modified not to remove the LDAP database
folder since it may not have access to it. It will also not continue
with the cleanup if the database is used by another subtree.
Manual removal of old entries in the subtree is redundant so the code
has been removed. The exception handling has been improved as well.
|
|
|
|
|
|
|
| |
Bug in tomcat for security manager has been resolved.
Updated tomcat requirement accordingly.
Ticket 774
|
|
|
|
|
|
|
|
|
| |
The user and group services have been modified to return consistent HTTP
return codes under various situations. The UGSubsystem has been modified
to capture any LDAP exceptions and throw the proper PKIException subclass
that represents the appropriate HTTP error code for the situation.
Ticket #669, #749
|
|
|
|
| |
Ticket 749
|
|
|
|
| |
Also added some missing checks, and some missing options in the Key Request CLI
|
|
|
|
| |
Ticket 749
|
|
|
|
| |
Ticket 749
|
|
|
|
| |
* TRAC Ticket #760 - Tpsclient Failure on F20 and TPS
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The following commands have been renamed. The old commands will
no longer work.
* profile -> ca-profile
* kraconnector -> ca-kraconnector
The following commands have also been renamed, but the old commands
will continue to work:
* cert -> ca-cert
* key -> kra-key
The user and group commands have already been renamed to <subsytem>-
user and <subsystem>-group. The old commands will continue to work
and will use CA subsystem by default.
Ticket #701
|
|
|
|
|
|
|
| |
A new REST service and clients have been added to manage the profiles
in the TPS configuration file.
Ticket #652
|
|
|
|
|
|
|
| |
The ACL and ACLEntry in com.netscape.cmscore.realm are duplicates
of the ones in com.netscape.certsrv.acls. They have been removed
since they are no longer used. All differences have been merged
into the remaining copy.
|
|
|
|
|
|
|
|
| |
The following commands have been renamed for consistency:
* client-cert-remove -> client-cert->del
* group-member-remove -> group-member-del
* user-cert-remove -> user-cert-del
* user-membership-remove -> user-membership-del
|
|
|
|
|
|
|
|
| |
Previously the GroupMemberProcessor class inherits from CAProcessor that
can only run on CA. To fix the problem a generic Processor has been
created as a super class of the CAProcessor and some of the fields and
methods that are not CA-specific have been moved into the super class.
The GroupMemberProcessor will now inherit directly from the super class.
|
|
|
|
|
|
| |
The Processor class depends on CertificateAuthority subsystem which
only exists on CA, so the class has been renamed to CAProcessor to
reflect the dependency.
|
|
|
|
|
| |
The CLI framework has been modified to support deprecating CLI
commands by adding @Deprecated to the class name.
|
|
|
|
|
|
|
|
|
| |
The upgrade framework has been modified to backup the files used
to track the upgrade progress. If the tracker file is also modified
by the upgrade scriptlet, it will only keep the initial backup
(before any modifications were made).
Ticket #763
|
|
|
|
|
|
|
|
| |
Change the --output option to --file for providing a file to store the
certificate request to be reviewed using the cert-request-review cli command.
Update the man page entry for the same.
Ticket #674
|
| |
|
|
|
|
|
| |
The test classes have been moved from base/common/test to base/server/test
and into the cmscore package because they are dependent on server classes.
|
|
|
|
|
| |
Should now be SHA256 by default.
Bugzilla BZ 1024445
|
|
|
|
|
|
|
|
|
| |
Previously the CMS.shutdown() was called multiple times during Tomcat
shutdown, one by CMSStarServlet.destroy() and the other by the shutdown
hook, causing some errors. The shutdown hook should only be used in a
standalone application, so it has been moved into CMS.main().
Bugzilla #1018628
|
|
|
|
|
|
|
| |
The DoUnrevoke servlet has been modified to re-throw the EBaseException
such that the error message can be returned properly to the client.
Ticket #739
|
|
|
|
|
|
|
| |
The TPS token REST interface has been modified to require client certificate
authentication. TPS admins, agents, and operators are allowed to view tokens,
but only admins are allowed to add and remove tokens, and only agents are
allowed to modify tokens.
|
|
|
|
|
| |
The CertEnrollmentRequest, ProfileInput, ProfileAttribute, and Descriptor
have been cleaned up to fix some bugs and minor formatting issues.
|
|
|
|
|
| |
The tomcat, cms, and cmscore packages have been moved from base/common
into separate folders in base/server so that they can be built separately.
|
|
|
|
|
|
|
| |
Due to a regression RESTEasy is unable to find some sub-resources properly.
As a workaround some resources need to be merged into the parent resource.
The UserCertResource and UserMembershipResource have been merged into
UserResource. The GroupMemberResource has been merged into GroupResource.
|
|
|
|
|
| |
The client-{action}-cert commands have been renamed into
client-cert-{action} for consistency.
|
|
|
|
|
| |
The PKIPrincipal is in cmscore package but it's needed by the REST
services in cms package so the class has been moved into cms package.
|
|
|
|
|
|
|
| |
The CertUserDBAuthentication and PasswdUserDBAuthentication are authentication
managers in cmscore package but they are needed by PKIRealm that is now in cms
package, so new interfaces have been refactored from these classes so they
can be used without causing dependency issue.
|
|
|
|
|
| |
PKIRealm has been moved from pki-cmscore into pki-cms package because
it's needed by CMSStartServlet which is in the pki-cms package.
|
|
|
|
| |
* TRAC Ticket #762 - Stand-alone DRM (cleanup tasks)
|
|
|
|
| |
* TRAC Ticket #667 - provide option for ca-less drm install
|
|
|
|
|
|
| |
This patch enables Tomcat access log for Java subsystems.
Ticket #558.
|
| |
|
| |
|
|
|
|
| |
Also moved 10.1 version upgrade scripts to 10.0.99.
|
|
|
|
| |
Ticket 727
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch allows password values in pkispawn deployment files to
contain unescaped '%' characters. Non password settings support
interpolation, so they still require escaping.
This patch has been tested with deployment file based installs as
well as interactive installs. The way it works is that we escape
the password settings internally immediately after reading the
deployment config file. The interactive installation code already
escapes password values as it receives them from the user. This
approach allows the rest of the installation code to remain as-is.
|
|
|
|
|
|
|
| |
A new REST service and clients have been added to manage the audit
configuration in all subsystems.
Ticket #652
|