| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
| |
In shared tomcat instances, we need to share the subsystem cert and
not create a new one for each additional subsystem added to the instance.
In addition, if the instances share the same database, then only one
pkidbuser should be created with the relevant subsystem cert and seeAlso
attribute.
Ticket 893
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
The TPS authenticators has been modified to use PATCH for update operation
as required by Backbone. The AuthenticatorData class has been modified to
accept null properties to indicate that the properties are not being
updated. The AuthenticatorModel class has been modified to use JSON data
type for enable and disable operations.
Ticket #654
|
| |
|
|
|
|
|
|
|
|
| |
The TPS connections has been modified to use PATCH for update operation
as required by Backbone. The ConnectionData class has been modified to
accept null properties to indicate that the properties are not being
updated. The ConnectionModel class has been modified to use JSON data
type for enable and disable operations.
Ticket #654
|
| |
|
|
|
|
|
|
|
|
| |
The TPS profile has been modified to use PATCH for update operation as
required by Backbone. The ProfileData class has been modified to accept
null properties to indicate that the properties are not being updated.
The ProfileModel class has been modified to use JSON data type for
enable and disable operations.
Ticket #654
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
A new page has been added to view TPS authenticator details. The properties
are displayed in a table which provides pagination and search functionality.
Currently the page is read-only. The edit functionality will be added
separately later.
Previously the AuthenticatorData had a problem with JSON mapping because it
incorrectly included a PropertyNames attribute. To fix the problem the
class has been modified to require explicit JAXB mapping by setting the
@XmlAccessorType to NONE.
Ticket #654
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
A new page has been added to view TPS connection details. The properties
are displayed in a table which provides pagination and search functionality.
Currently the page is read-only. The edit functionality will be added
separately later.
Previously the ConnectionData had a problem with JSON mapping because it
incorrectly included a PropertyNames attribute. To fix the problem the
class has been modified to require explicit JAXB mapping by setting the
@XmlAccessorType to NONE.
Ticket #654
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A new page has been added to view TPS profile details. The properties are
displayed in a table which provides pagination and search functionality.
Currently the page is read-only. The edit functionality will be added
separately later.
Previously the ProfileData had a problem with JSON mapping because it
incorrectly included a PropertyNames attribute. To fix the problem the
class has been modified to require explicit JAXB mapping by setting the
@XmlAccessorType to NONE.
New CSS classes have been added to format the details page.
Ticket #654
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
1. Method to calculate the token type.
2. Some added convenience methods to get various config params for the Format operation.
3. More progress for the format operation up until we attempt to upgrade the applet.
4. Added TPSException that holds a message and end op return code. Can be used to throw from anywhere and the return code makes it back to the client.
5. Error handling.
6. Get rid of TPSFormatProcessor class, for now.
7. More error handling.
8. Moving around some constants.
|
| |
|
|
|
| |
The KeyClient class on the java side is modified to
have a similar design as the KeyClient class on the python side.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The TPS resources have been modified to accept a basic search filter
for find operation. For resources based on LDAP database, the filtering
is done using LDAP filter. For other resources, the filtering is done
using string comparison. For now the filter is will only be matched
against entry IDs. In the future the filter may be expanded to support
other entry attributes. The CLI has been updated accordingly.
The total attribute in DataCollection was changed from Integer into int
because the total size of the collection cannot be null.
The PKIException constructors have been consolidated into a single
actual constructor. The other constructors have been modified to
call the actual constructor with some default values.
Ticket #847
|
| | |
|
| |
|
|
| |
subsystem
|
| |
|
|
|
|
|
|
|
|
|
| |
Previously if the CLI requires SSL but the security database doesn't
exist it would throw an IOException. Now it has been replaced with an
Error.
The exception handler also has been modified to generate better error
messages.
Ticket #821
|
| | |
|
| |
|
|
|
|
|
| |
1. Change the location of some more of the classes.
2. Change the file names to reflect naming convention.
3. Change leftover method names to reflect convention.
4. Resolved some script building ommissions and build dependencies.
|
| |
|
|
|
|
|
| |
1. Change the location of some of the classes.
2. Change the file names to reflect naming convention.
3. Change some of the method names to reflect convention.
4. Variable naming changes to reflect convention.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
1. Also simple framework for working with APDU command.
2. Implemented a few APDU commands in TPS_Processor class.
3. Can now attempt a format operation with TPS client.
The code can performa a few apdu's talking to the client
and return a success "EndOp" apdu to terminate the conversation.
4. APDU are being encoded/decoded properly to appease tpsclient.
More info.
1. Patch is large but most of it consists of many similar apdu and msg classes.
2. APDU and msg classes are now bare bones and may need more work. Will address when class is needed.
3. A test tpsclient script call it (format.tst) to test this out is as follows:
op=var_set name=ra_host value=localhost
op=var_set name=ra_port value=8080
op=var_set name=ra_uri value=/tps/tps
op=token_set cuid=40906145C76224192D2B msn=0120304 app_ver=6FBBC105 key_info=0101 major_ver=1 minor_ver=1
op=token_set auth_key=404142434445464748494a4b4c4d4e4f
op=token_set mac_key=404142434445464748494a4b4c4d4e4f
op=token_set kek_key=404142434445464748494a4b4c4d4e4f
op=ra_format uid=jmagne pwd=redhat new_pin=rehat num_threads=1
op=exit
4: Execute as follows:
tpsclient < format.tst
|
| |
|
|
|
|
|
|
| |
The @Consumes and @Provides annotations have been removed from all
methods (except from methods that consume forms) to allow client
to use the default consumes and provides specified in the proxy.
Ticket #554
|
| |
|
|
|
|
|
|
|
|
|
| |
A new CLI parameter has been added to allow the user select the
REST message format. This is done by setting the default consumes
and produces when creating the client proxy. For this to work the
hard-coded @Consumes and @Produces annotations need to be removed
from the interface definition. A new interceptor has been added
to validate the message format before executing the operation.
Ticket #554
|
| |
|
|
|
|
|
|
|
|
| |
When using XML for communicating with the server, the JAXBContext is not
able to unmarshall KeyArchivalRequest,KeyRecoveryRequest, SymKeyGenerationRequest objects
as it does not recognize them to be subclasses of ResourceMessage. Adding a
@XmlSeeAlso attribute to the ResourceMessage class will let the JAXBContext to know that
the subclasses are binded to the super class and unmarshalls the *Request objects.
No problems were found when using JSON to communicate with the server.
|
| |
|
|
|
|
|
|
|
|
| |
The Dogtag client library has been modified to use RESTEasy 3.0 client
library. A new upgrade script has been added to update existing servers.
The JAXB annotation in ResourceMessage has been modified to require
explicit property mapping.
Ticket #554
|
| |
|
|
|
|
| |
With this patch, you can now either send a pkiArchiveOptions object
or the exploded parameters. This reduces the processing required on
the client side.
|
| |
|
|
|
|
|
|
|
| |
1) Added error checking in python client calls.
2) Allow symmetric key generation with default params. Fix bug for
when usages is not defined.
3) Fix bug when requesting key recovery - must check if key exists.
4) Extend key gen to allow for providing trans_wrapped_session_key
5) added constants to python client for key status
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
The REST interface for key requests has been modified to return
Response objects to allow better handling of server responses.
Ticket #554
|
| |
|
|
|
|
|
|
|
| |
The REST interface for keys has been modified to return Response
objects to allow better handling of server responses. Key-related
methods in KRAClient have been moved into KeyClient. The DRMTest
has been updated accordingly.
Ticket #554
|
| |
|
|
|
|
| |
A new REST client has been added to access system certificates.
Ticket #554
|
| |
|
|
|
|
|
| |
The REST interface for CA profiles has been modified to return
Response objects to allow better handling of server responses.
Ticket #554
|
| | |
|
| |
|
|
|
|
|
| |
The REST interface for TPS tokens has been modified to return
Response objects to allow better handling of server responses.
Ticket #554
|
| |
|
|
|
|
|
| |
The REST interface for TPS profile mappings has been modified to return
Response objects to allow better handling of server responses.
Ticket #554
|
| |
|
|
|
|
|
| |
The REST interface for TPS profiles has been modified to return
Response objects to allow better handling of server responses.
Ticket #554
|
| |
|
|
|
|
|
| |
The REST interface for TPS connections has been modified to return
Response objects to allow better handling of server responses.
Ticket #554
|
| |
|
|
|
|
|
| |
The REST interface for TPS configuration has been modified to return
Response objects to allow better handling of server responses.
Ticket #554
|
| |
|
|
|
|
|
| |
The REST interface for TPS certificates has been modified to return
Response objects to allow better handling of server responses.
Ticket #554
|
| |
|
|
|
|
|
| |
The REST interface for TPS authenticators has been modified to return
Response objects to allow better handling of server responses.
Ticket #554
|
| |
|
|
|
|
|
| |
The REST interface for TPS activities has been modified to return
Response objects to allow better handling of server responses.
Ticket #554
|
| |
|
|
|
|
|
| |
The REST interface for TPS connectors has been modified to return
Response objects to allow better handling of server responses.
Ticket #554
|
| |
|
|
|
|
|
| |
The REST interface for self tests has been modified to return Response
objects to allow better handling of server responses.
Ticket #554
|
| |
|
|
|
|
|
| |
The REST interface for audit has been modified to return Response
objects to allow better handling of server responses.
Ticket #554
|
| |
|
|
|
|
|
| |
The REST interface for account has been modified to return Response
objects to allow better handling of server responses.
Ticket #554
|
| |
|
|
|
|
|
| |
The REST interface for groups has been modified to return Response
objects to allow better handling of server responses.
Ticket #554
|
| |
|
|
|
|
|
| |
The REST interface for certificate requests has been modified to return
Response objects to allow better handling of server responses.
Ticket #554
|
| |
|
|
|
|
|
| |
The REST interface for certificates has been modified to return Response
objects to allow better handling of server responses.
Ticket #554
|
| |
|
|
|
|
|
|
|
|
| |
The REST interface for users has been modified to return Response objects
to allow better handling of server responses. Other REST interfaces will
be modified in subsequent patches. Once all interfaces are updated, the
client library can be updated to use RESTEasy 3.0 API. Clients using the
client library or XML/JSON directly are not affected by these changes.
Ticket #554
|
| |
|
|
|
|
|
|
| |
Previously some methods were hard-coded to return XML responses.
The code has been removed to allow clients to request a different
format.
Ticket #554
|
| |
|
|
|
|
|
| |
The ClientResponse class has been deprecated in RESTEasy 3.0, so most
of the code using the class has been modified to use the Response class
instead. There are a few remaining references to ClientResponse. They
will be removed separately later.
|
