summaryrefslogtreecommitdiffstats
path: root/base/common/src/com/netscape/certsrv/profile
Commit message (Collapse)AuthorAgeFilesLines
* Fixed exception handling in CertInfoProfile.Endi S. Dewata2016-04-121-8/+9
| | | | | | | The CertInfoProfile.populate() has been modified to re-throw the exception instead of ignoring it. https://fedorahosted.org/pki/ticket/1654
* Fixed exception handling in EnrollProfile.Endi S. Dewata2016-03-241-0/+4
| | | | | | | To help troubleshooting the EnrollProfile has been modified to log the stack trace and chain the exception. https://fedorahosted.org/pki/ticket/1654
* Avoid profile race conditions by tracking entryUSNFraser Tweedale2016-01-191-0/+5
| | | | | | | | | | | | | Avoid race conditions in the LDAPProfileSubsystem by tracking the most recently known entryUSN of profiles' LDAP entries. As part of this change, add the commitProfile method to the IProfileSubsystem interface, remove commit behaviour from the enableProfile and disableProfile methods and update ProfileService and ProfileApproveServlet to commit the profile (using the commitProfile method) where needed. Part of: https://fedorahosted.org/pki/ticket/1700
* Lightweight CAs: initial supportFraser Tweedale2015-09-261-0/+5
| | | | | | | | | | | | | This commit adds initial support for "lightweight CAs" - CAs that inhabit an existing CA instance and share the request queue and certificate database of the "top-level CA". We initially support only sub-CAs under the top-level CA - either direct sub-CAs or nested. The general design will support hosting unrelated CAs but creation or import of unrelated CAs is not yet implemented. Part of: https://fedorahosted.org/pki/ticket/1213
* Fix some javadoc errors that prevent F23 buildAde Lee2015-04-244-4/+2
|
* Update pki-profile CLI commands to work with "raw" formatFraser Tweedale2015-04-072-1/+61
| | | | | | | | Update CLI commands for working with the (now LDAP-based) profiles in the same format as was used by the files, by way of the --raw option. Also add the "edit" command to interactively edit a profile.
* Add LDAPProfileSubsystem to store profiles in LDAPFraser Tweedale2015-04-072-17/+6
| | | | | | | | | | | | Add the LDAPProfileSubsystem as another IProfileSubsystem implementation that can be used instead of ProfileSubsystem (which stores profiles on the file system) to store files in LDAP so that changes can be replicated. Extract common behaviour in to new AbstractProfileSubsystem superclass. Also address the minor issue #1220.
* Removed @Consumes and @Provides.Endi S. Dewata2014-03-041-12/+0
| | | | | | | | The @Consumes and @Provides annotations have been removed from all methods (except from methods that consume forms) to allow client to use the default consumes and provides specified in the proxy. Ticket #554
* Add ability to archive without sending pkiArchiveOptions object.Ade Lee2014-02-261-0/+20
| | | | | | With this patch, you can now either send a pkiArchiveOptions object or the exploded parameters. This reduces the processing required on the client side.
* Updated REST interface for CA profiles.Endi S. Dewata2014-02-192-10/+18
| | | | | | | The REST interface for CA profiles has been modified to return Response objects to allow better handling of server responses. Ticket #554
* Replaced deprecated ClientResponse class.Endi S. Dewata2014-02-101-9/+5
| | | | | | | The ClientResponse class has been deprecated in RESTEasy 3.0, so most of the code using the class has been modified to use the Response class instead. There are a few remaining references to ClientResponse. They will be removed separately later.
* Address review commentsAde Lee2014-02-041-2/+2
| | | | | | | | | 1. Remove Link attribute from ResourceMessage, 2. Rename KeyDataInfo and KeyDataInfoCollection. 3. Move KEYGEN_ALGORITHMS 4. Fix missing space in PKIException 5. Move properties to attributes in ResourceMessage 6. Add missing code to update the request and set IRequest.RESULT
* Rename KeyRequest to ResourceMessageAde Lee2014-02-041-2/+2
| | | | | | Refactor ResourceMessage to include classname instead of Request Type. Also changed PKIException.Data to extend ResourceMessage. Modifications to the server code to get the tests working.
* Updated ACL and auth method mapping names.Endi S. Dewata2013-11-151-6/+6
| | | | | The ACL and auth method mapping names in some resources have been modified to be more consistent with those in other resources.
* Added paging on all find commands.Endi S. Dewata2013-11-143-48/+18
| | | | | | The find commands in some REST services have been modified to support paging to be consistent with others. The other find commands have been cleaned up as well.
* Modify profile resource to return correct response for create or modify opAde Lee2013-11-063-6/+35
| | | | Ticket 749
* Cleaned up CertEnrollmentRequest.Endi S. Dewata2013-10-252-18/+84
| | | | | The CertEnrollmentRequest, ProfileInput, ProfileAttribute, and Descriptor have been cleaned up to fix some bugs and minor formatting issues.
* Fix correct ACL for profile REST interfaceAde Lee2013-10-091-0/+2
|
* fix auth and authz for Profiles REST APIAde Lee2013-10-091-4/+6
| | | | Ticket 727
* Fixed CLI authentication issue.Endi S. Dewata2013-10-011-4/+0
| | | | | | | Previously the CLI authentication could fail because it's using a fixed default subsystem which may not match the command it's trying to execute. The CLI has now been modified to use the appropriate default subsystem depending on the command to be executed.
* DRM Transport Key RotationAndrew Wnuk2013-09-301-0/+7
| | | | | | | | | | | | This patch provides basic support for DRM Transport Key Rotation described in http://pki.fedoraproject.org/wiki/DRM_Transport_Key_Rotation This patch provides implementation for tickets: - 729 - CA to include transport certificate when submitting archival request to DRM - 730 - DRM to detect presence of transport certificate attribute in submitted archival request and validate transport certificate against DRM's transport key list - 731 - DRM to provide handling for alternative transport key based on detected and validated transport certificate arriving as a part of extended archival request
* Fixed dependency issue on ProfilePolicy.Endi S. Dewata2013-09-171-2/+1
| | | | | | The ProfilePolicy is in the server package but it's used by IProfile interface in the base package. The interface have been modified to use IProfilePolicy instead.
* Add audit logging to profile interfaceAde Lee2013-09-027-0/+305
| | | | | | This patch adds initial audit logging to the Profile interface. A more complete review of audit logging will probably be done for Common Criteria testing.
* Refactored client framework.Endi S. Dewata2013-08-231-8/+8
| | | | | | | | | A new Client class was added as a base for all client classes. The SubsystemClient was added as a base for all subsystem clients. It also provides methods to authenticate against the subsystem. The DRMClient has been renamed to KRAClient to match the actual subsystem name. Ticket #701
* Fixes for profile REST interface from code review.Ade Lee2013-07-313-93/+61
| | | | Simplified the inputs, outputs for ProfileData
* Fix various issues with Profile InterfaceAde Lee2013-07-312-7/+26
| | | | | 1. Fixed REST API as per review. 2. Add output for profile-show and profile-find
* Add interfaces for managing profilesAde Lee2013-07-2211-109/+587
| | | | | This adds the initial framework for viewing and managing profiles. Also adds CLI code for viewing/adding/deleting and editing profiles.
* Bug 929043 - updated serverCert.profile with SAN results in ↵Christina Fu2013-04-031-1/+6
| | | | | | SubjectAltNameExtDefault gname is empty, not added in cert ext during configuration Bug 927545 - Transport Cert signing Algorithm doesn't show ECC Signing Algorithms during DRM configuration with ECC
* Added authentication method validation.Endi Sukma Dewata2013-02-191-0/+3
| | | | | | | | | | | | | | | A new mechanism has been added to specify the authentication methods that can be used to invoke the REST methods. The AuthMethodMapping annotation maps each REST method to a list of allowed authentication methods. When a client calls a REST method, the AuthMethodInterceptor will intercept the call and verify that the client uses an allowed authentication method. Most REST methods that require authentication have been configured to require client certificate authentication. Authentication using username and password will only be used to get the installation token from security domain. Ticket #477
* Ticket 191 - Mapping HTTP Exception to their proper HTTP error codesAbhishek Koneru2013-01-041-6/+4
|
* Reorganized REST common classes.Endi Sukma Dewata2012-08-1514-0/+1074
| | | | | | | The common classes used by REST client and services have been moved into the com.netscape.certsrv.<component> packages. Ticket #215
* Removed unnecessary type casts.Endi Sukma Dewata2012-04-091-3/+2
| | | | | | Unnecessary type casts have been removed using Eclipse Quick Fix. Ticket #134
* Removed whitespaces from Java code.Endi Sukma Dewata2012-04-0915-128/+128
| | | | | | | | Whitespaces in Java code have been removed with the following command: find . -not -path .git -name *.java -exec sed -i 's/[[:blank:]]\+$//' {} \; Ticket #134
* Removed unnecessary pki folder.Endi Sukma Dewata2012-03-2617-0/+1766
Previously the source code was located inside a pki folder. This folder was created during svn migration and is no longer needed. This folder has now been removed and the contents have been moved up one level. Ticket #131
generated by cgit (git 2.34.1) at 2024-06-08 08:52:59 +0000