| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
| |
The instructions for enabling external debugging shown during
installation is incorrect. Fix the message.
Ticket #937
|
| |
|
|
|
| |
* PKI TRAC Ticket #946 - Installation of IPA hangs up
when LANG is set to tr_TR.UTF8
|
| |
|
|
|
| |
* PKI TRAC Ticket #946 - Installation of IPA hangs up
when LANG is set to tr_TR.UTF8
|
| |
|
|
|
|
|
|
|
|
|
| |
The profile, profile mapping, connector, and authenticator services
in TPS have been modified to allow adding enabled entries directly
if the user has the proper rights.
The authenticator database has been moved into the config package
for consistency.
Ticket #948
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The RenewalProcessor was throwing NumberFormatException if the
renewal request contains an empty serial number. The code has been
modified to check for null and empty string.
If the serial number is unavailable, the code will try to get the
serial number from the client certificate. If that is unavailable
either, the code has been fixed to return a proper message.
Ticket #999
|
| |
|
|
|
|
|
| |
The profile doc in TPS configuration file has been converted into
a man page pki-tps-profile.
Ticket #950
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There seems to be no use of the requestID parameter in both revoke
and unrevoke request. Removed requestID attribute in CertRevokeRequest
remove the class CertUnrevokeRequest.
Also made changes in RevocationProcesor to use the requestID of the
request created in it.
The setRequestID() is being called in the DoRevoke and DoUnRevoke servlets.
Removed the call and a function auditRequesterId in both the classes.
The auditRequestorId method tries to get a "requestID" stored as a INPUT field
in the reasonToRequest page. The ReasonToRevoke class which generates
this page does not set the value.
|
| | |
|
| | |
|
| |
|
|
| |
use generate_new_cert function to generate cert
|
| |
|
|
| |
Remove pki-cert-cli-request-submit-ca from Makefile and runtests.sh
|
| | |
|
| |
|
|
| |
setup chrony with a timesource as set in env.sh
|
| |
|
|
| |
fix return value for negative tests
|
| |
|
|
|
|
| |
add i18n tests
add test case to hold cert which is already on hold
add test case where we hold cert using normal user
|
| |
|
|
|
|
|
| |
1.add function generate_new_cert() to generate new cert
2.add function generate_modified_cert() to create cert with specific
validity period
3. fix create_cert_request for a minor bug fix
|
| |
|
|
|
|
| |
1.add new functions to create expect data for pki cert-revoke
pki cert-release-hold pki-cert-hold
2. add new function to setup chrony with timesource
|
| |
|
|
|
|
|
|
| |
use chrony to modify system date
remove generate_cert1 generate_cert2 modify_cert functions
user generic functions from shared library
add test where cert is revoked and fail the test for lack of checking CRL(RFE bug)
add test where we revoke a already revoked cert
|
| |
|
|
|
|
|
|
|
|
|
|
| |
1. Modified script to return 1 for pki failed commands
2. For rlRun where there is no info, added messages
3. fix pki_cert_request_show-0012 where serialNumber verification was not
correct. Fixed by using rlAssertEquals to verify serialNumber displayed
and serial number stored in ldap
4. rename function name to have function names defined similar to user
automation scripts
5. add i18n tests
6. cover as much certificate profiles possible
|
| |
|
|
|
|
|
|
| |
Modified script to return 1 for pki failed commands
Modify function name to have same syntax as user automation scripts
Minor bugfixes like using of rlAssertExists instead of test -f
fix return values for negative tests
Add i18n tests
|
| |
|
|
|
|
| |
add pki-cert-hold.sh to runtest
add modified pki cert functions to runtest
add run_pki-cert-request-submit_tests to runtest
|
| |
|
|
|
| |
add pki-cert-hold.sh to Makefile
add pki-cert-cli-request-submit-ca.sh to Makefile
|
| |
|
|
|
|
|
|
|
|
|
| |
Modified script to add better description,
Fixed typos
Modified to return appropriate return values
use generic generate_new_cert function to generate functions
use chrony to manage & set time
fix return values for negative cases
add i18n tests
add test case to release revoked certs with different reason
|
| |
|
|
|
|
| |
Tests updated with latest return codes for the following CLIs:
user-add, user-find and user-show
Modified verifyErrorMsg subroutine to check for error codes.
|
| |
|
|
|
|
|
|
|
| |
This patch provides the framework that allows people to
1. write their own authentication plugins using the authentication
plugin framework
2. map the authenticaiton credential from client side (e.g. ESC or alike)
in both display language characters and numbers of credential parameters
to the specified authentication plugin required parameters.
|
| |
|
|
|
|
|
| |
The TPS UI logout functionality has been modified to clear the
authentication credential cache on IE.
Ticket #903
|
| |
|
|
|
|
| |
The RCUE files are no longer used so they have been removed.
Ticket #958
|
| |
|
|
|
|
|
|
| |
The RCUE library has been replaced with a more generic PatternFly
library. The dialog boxes and the navigation bar have been updated
accordingly.
Ticket #958
|
| |
|
|
|
|
| |
New CSS, font, and JS files from PatterFly have been added.
Ticket #958
|
| |
|
|
|
|
|
|
| |
The font files have been moved from /pki/font to /pki/fonts to
match the RCUE/PatternFly layout. The CSS files have been updated
accordingly.
Ticket #958
|
| |
|
|
|
|
|
|
|
|
| |
Some REST services that accept search keywords have been modified to
require a minimum length of 3 characters.
The DEFAULT_SIZE constant has been moved into the base PKIService
class to reduce multiple declarations.
Ticket #920
|
| |
|
|
|
|
|
|
|
|
| |
The TPS groups have been renamed for clarity and consistency:
- TUS Administrators -> Administrators
- TUS Agents -> TPS Agents
- TUS Officers -> TPS Officers
- TUS Operators -> TPS Operators
Ticket #963
|
| |
|
|
|
|
| |
The TPS connection database has been renamed into TPS connector.
Ticket #977
|
| |
|
|
|
|
| |
The TPS connection REST service has been renamed to TPS connector.
Ticket #977
|
| |
|
|
|
|
| |
The TPS connection client library has been renamed to TPS connector.
Ticket #977
|
| |
|
|
|
|
| |
The TPS connection UI components have been renamed to TPS connector.
Ticket #977
|
| |
|
|
|
|
| |
The TPS connection CLI has been renamed to TPS connector.
Ticket #977
|
| |
|
|
|
|
|
| |
Previously the TPS UI generates an error when adding a new group
because it's trying to fetch the members of the new group which
has not been added yet. The code has been changed to detect this
particular case and avoid fetching the data.
|
| |
|
|
|
|
|
|
| |
The UserService.findUserMemberships() has been modified to accept
an additional parameter to filter the groups in which the user
is a member. The CLI has been updated accordingly.
Ticket #920
|
| |
|
|
|
|
|
|
| |
The GroupService.findGroupMembers() has been modified to accept an
additional parameter to filter the group members to be returned.
The CLI has been modified accordingly.
Ticket #920
|
| |
|
|
|
|
|
|
|
|
| |
The UGSubsystem.listGroups() has been modified to generate an
LDAP filter from a keyword. The filter itself cannot contain
wildcards. The wildcard will be added in listGroups(). In the
future the filter will be made configurable to allow searching
different attributes.
Ticket #920
|
| |
|
|
|
|
|
|
|
|
|
| |
Previously PKIException was not displayed properly in browser
because it doesn't have a writer for HTML. Now the exception mapper
will compute the message format properly, and will default to XML.
The exception mapper itself has been moved into a server package
due to class dependency. The REST application classes have been
updated accordingly.
Ticket #554
|
| |
|
|
|
| |
New links to profiles and profile mappings have been added to TPS
UI home page.
|
| |
|
|
|
|
|
|
|
| |
The findUsers() method in UGSubsystem has been modified to search
additional attributes in the user database. This method is only
used by the UserService, so the impact is limited to user-find
CLI command in all subsystems and TPS UI.
Ticket #920
|
| |
|
|
|
|
|
|
|
|
| |
Previously the getUser() method in UGSubsystem was using findUsers()
which uses a subtree search to find users. It has been replaced with
a base search which is more accurate since the user DN is known. The
code has also been simplified to merge the two cases where the input
parameter could be a user ID or a DN.
Ticket #920
|
| |
|
|
|
|
|
|
|
|
| |
Previously the ConfigurationUtils.setupDBUser() was using findUsers()
to get a list of users and then only use the first one. It has been
replaced with getUser() which will return the user directly. If the
user doesn't exist, findUsers() will throw an exception whereas the
getUser() will return null, so the try-catch block has been removed.
Ticket #920
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The following changes have been done:
1. Applet Upgrade for real token. The applet is written and an instance of applet created.
2. 95% of the format operation done. This includes proper status update progreass bar
for esc and writing the phone home url to the token. Once this operation is complete,
the token can be entered into esc and esc will be able to phone home and point to TPS
for further operations such as enrollment and pin reset when they are implemented.
3. The phoneHome xml file changed slightly to prevent esc from reading exttraneous line
feeds when phoning home.
4. The CS.cfg has been changed to correctly reflect the phone home url we want to write to
the token.
The following to be done to fully finish format, later tickets.
1.Updating the tokendb with tne newly formatted token. Future ticket.
2.Revoking tokens current certificates, if any. Future ticket.
3.Symmetric Key changeover. Future ticket.
|
| |
|
|
|
| |
* PKI TRAC Ticket #585 - 'pki cert-request-review' --output creates a file
only when --action attribute is not present
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The code that configures the TPS connectors during installation
has been modified to use the ConnectionDatabase, which is also
used by the CLI/UI after the installation.
The code has also been fixed to configure the correct properties
as defined in CS.cfg. The static properties have been removed
from CS.cfg because now they will be generated dynamically by
the ConnectionDatabase.
Due to class dependency issue, the methods for configuring the TPS
connectors have been moved from ConfigurationUtils into a new
TPSInstaller class.
The URI's in ConfigurationRequest have been converted from String
into URI to simplify validation.
Ticket #890
|
| |
|
|
|
|
|
| |
The token, certificate, and activity database have been updated
to search against some predetermined attributes.
Ticket #920
|
