summaryrefslogtreecommitdiffstats
path: root/base/common/src/com/netscape/cmscore/usrgrp
Commit message (Collapse)AuthorAgeFilesLines
* Renamed escapeDN() into escapeRDNValue().Endi Sukma Dewata2012-09-271-20/+20
| | | | | | | The escapeDN() has been renamed into escapeRDNValue() for better clarity. Ticket #193
* Changes to use standard dbuserAde Lee2012-09-191-0/+48
| | | | | | | | | | | | | | | | | We create a user that can be used to connect to the database using the subsystem cert for client auth. We identified this user, using the seeAlso attribute and provided certmap rules to this effect. For this user, we used to reuse the uid = user CA-hostname-port, which is already created for inter-system communication. But this is problematic if more than one dbuser exists, as the directory server may bind as the incorrect user. In any replication topology, there must be only one dbuser using the subsystem cert. To simplify things, we create a new user specifically for this purpose (pkidbuser), and we remove the seeAlso attribute from the older dbusers. A script is needed to convert existing dogtag 9 istances to use the new user, and set the relevant acls. This will be done in a separate commit.
* Added DN and filter escaping in UGSubsystem.Endi Sukma Dewata2012-09-191-26/+27
| | | | | | | The UGSubsystem has been modified to escape values used in DN or filter according to LDAP standard. Ticket #193
* Fixed exceptions during shutdown.Endi Sukma Dewata2012-08-281-1/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | The shutdown() methods in several classes have been fixed to allow more graceful shutdown and clean restart. There are two types of object attributes that need to be handled differently. Attributes that are initialized by the constructor should not be nulled during shutdown because they won't be reinitialized during restart. If they require a cleanup (e.g. emptying collections, closing LDAP connections) it's not necessary to check for null before calling the cleanup method because they're never null. For attributes that are initialized during init(), it may not be necessary to do a cleanup or null the attribute since they might still be used by other threads and they will be reinitialized during restart so the old objects will be garbage collected. If they do need a cleanup they should be checked for null because they might still be null due to init() failure or initialization conditionals. If the attributes are initialized conditionally, the logic has been modified to ensure the attributes are either initialized or set to null. Ticket #247
* Refactored PKI JNDI realm.Endi Sukma Dewata2012-07-311-0/+31
| | | | | | | | | The PKI JNDI realm has been modified to utilize the authentication and authorization subsystems in PKI engine directly. It's no longer necessary to define the LDAP connection settings in Tomcat's configuration files. Ticket #126
* SE_BAD_FIELD, MIGHT_IGNORE , STATIC_INNER_CLASSAbhishek Koneru2012-07-101-2/+3
|
* Fixed problem removing user certificate.Endi Sukma Dewata2012-06-271-45/+59
| | | | | | | | | | Generally the user LDAP entry does not contain a seeAlso attribute unless it's a special database user. The UGSubsystem.removeUserCert() would fail because it tried to remove the seeAlso attribute. Now the code has been fixed to remove the seeAlso using a separate modify operation and ignore the error if it fails due to missing attribute. Ticket #182
* Fixes for Coverity Issues of type Null Returns - Part 3Abhishek Koneru2012-06-201-10/+30
|
* Fixes for Null_Returns Cases - 1 For CommitAbhishek Koneru2012-06-051-3/+10
|
* Added group REST service.Endi Sukma Dewata2012-05-311-0/+27
| | | | | | | The group REST service is based on UsrGrpAdminServlet. It provides an interface to manage groups and group members. Ticket #160
* Patch for fixes for Review CommentsAbhishek Koneru2012-05-241-2/+1
|
* Fixes for Coverity Defects of Category : FB.SBSC_USE_STRINGBUFFER_CONCATENATIONAbhishek Koneru2012-05-241-5/+5
|
* Removed unused private fields.Endi Sukma Dewata2012-04-123-6/+4
| | | | | | | Most of unused private fields have been removed because they generate warnings in Eclipse. Some are kept because it might be useful later. Ticket #139
* Removed unnecessary type casts.Endi Sukma Dewata2012-04-092-19/+15
| | | | | | Unnecessary type casts have been removed using Eclipse Quick Fix. Ticket #134
* Removed whitespaces from Java code.Endi Sukma Dewata2012-04-095-9/+9
| | | | | | | | Whitespaces in Java code have been removed with the following command: find . -not -path .git -name *.java -exec sed -i 's/[[:blank:]]\+$//' {} \; Ticket #134
* Removed unnecessary pki folder.Endi Sukma Dewata2012-03-265-0/+2188
Previously the source code was located inside a pki folder. This folder was created during svn migration and is no longer needed. This folder has now been removed and the contents have been moved up one level. Ticket #131