| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
| |
The new command allows users to view the information about
kra connectors registered with the CA.
Ticket #479
|
| |
|
|
|
|
|
|
|
|
| |
Updated man page for all the new CLI commands added
for the Key and KeyRequest resources.
Also added missing code to retrieve a secret wrapped in a
user specified passphrase.
Ticket #945
|
| |
|
|
|
| |
- PKI TRAC Ticket #992 - pki cert-request-profile-find doesn't display list
of profiles by default
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch adds the ability to create a subsystem that uses
an existing subtree to create the internal basedn. This is useful
for instance, for IPA which will use the original o=ipaca as the
top level DN for a KRA, which will be situated at o=ipadrm, o=ipaca.
The patch also allows such a system to be cloned, but not to setup the
replication agreements, on the assumption that the data is already being
replicated at the top-level DN or some higher level.
The patch also contains some minor cleanups - removing unused imports and
removal of an invalid reference in the python code.
Ticket 1051
|
| |
|
|
|
|
|
|
| |
The ActivityService has been fixed to return the missing TPS activity
attributes including IP, operation, result, and message. The TPS CLI
and UI has been fixed to display the activity date in UTC format.
Ticket #1050
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There seems to be no use of the requestID parameter in both revoke
and unrevoke request. Removed requestID attribute in CertRevokeRequest
remove the class CertUnrevokeRequest.
Also made changes in RevocationProcesor to use the requestID of the
request created in it.
The setRequestID() is being called in the DoRevoke and DoUnRevoke servlets.
Removed the call and a function auditRequesterId in both the classes.
The auditRequestorId method tries to get a "requestID" stored as a INPUT field
in the reasonToRequest page. The ReasonToRevoke class which generates
this page does not set the value.
|
| |
|
|
|
|
| |
The TPS connection REST service has been renamed to TPS connector.
Ticket #977
|
| |
|
|
|
|
| |
The TPS connection client library has been renamed to TPS connector.
Ticket #977
|
| |
|
|
|
|
| |
The TPS connection CLI has been renamed to TPS connector.
Ticket #977
|
| |
|
|
|
|
|
|
| |
The UserService.findUserMemberships() has been modified to accept
an additional parameter to filter the groups in which the user
is a member. The CLI has been updated accordingly.
Ticket #920
|
| |
|
|
|
|
|
|
| |
The GroupService.findGroupMembers() has been modified to accept an
additional parameter to filter the group members to be returned.
The CLI has been modified accordingly.
Ticket #920
|
| |
|
|
|
| |
* PKI TRAC Ticket #585 - 'pki cert-request-review' --output creates a file
only when --action attribute is not present
|
| |
|
|
| |
* PKI TRAC Ticket #843 - Incorrect CLI argument parsing
|
| |
|
|
|
| |
* PKI TRAC Ticket #843 - Incorrect CLI argument parsing
* PKI TRAC Ticket #918 - CLI commands does not return code '1' for the failures
|
| | |
|
| | |
|
| |
|
|
|
| |
key-archive, key-retrieve, key-recover, key-generate,
key-request-review, key-template-show, key-template-find
|
| |
|
|
|
| |
This patch adds three new CLI commands -
KeyShowCLI, KeyRequestShowCLI, KeyModifyCLI
|
| |
|
|
|
|
|
|
|
| |
A new method has been added to TPS audit REST service to enable or
disable audit logging. The CLI and UI have been modified to provide
a way to acces this functionality. Also, new ACL entries have been
added for audit.
Ticket #955
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A new dialog has been added to change the token status. The status
can be changed by clicking the Status value in the tokens table.
Initially the status is Uninitialized. The status can be changed
according to the allowed status transitions defined in the CS.cfg.
The status and reason fields in TokenRecord is now translated into
a single status field in TokenData. This way the UI only needs to
handle a single status field.
A new field has also been added to the database for token type.
Some issues displaying and updating some token attributes have been
fixed as well.
Ticket #654
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A new page has been added to manage general TPS configuration
properties. The properties are read-only by default. In edit
mode the property name will become a link which will show a
dialog to edit the property value.
The config REST service has been updated to use PATCH for
update operation and handle possible null collection of
properties.
Fixed a bug in TableItem.reset() where the code didn't clear
the table cell properly.
Fixed a bug in ConfigDatabase.getProperties() where the code
didn't handle null property key properly.
Ticket #654
|
| |
|
|
|
|
|
|
|
|
| |
A new page has been added to the TPS UI to manage audit configuration.
The audit REST service has been modified to use PATCH like the other
services. The audit events will now have 3 possible values: mandatory,
enabled, disabled. Mandatory events cannot be edited. Optional events
can be edited in edit mode.
Ticket #654
|
| |
|
|
|
|
|
|
| |
A new profile mapping page has been added to TPS UI. The page is fully
functional like other existing pages. The REST service for profile
mappings has been updated to be more consistent with other resources.
Ticket #654
|
| |
|
|
|
|
|
|
|
|
| |
The TPS authenticators has been modified to use PATCH for update operation
as required by Backbone. The AuthenticatorData class has been modified to
accept null properties to indicate that the properties are not being
updated. The AuthenticatorModel class has been modified to use JSON data
type for enable and disable operations.
Ticket #654
|
| |
|
|
|
|
|
|
|
|
| |
The TPS connections has been modified to use PATCH for update operation
as required by Backbone. The ConnectionData class has been modified to
accept null properties to indicate that the properties are not being
updated. The ConnectionModel class has been modified to use JSON data
type for enable and disable operations.
Ticket #654
|
| |
|
|
|
|
|
|
|
|
| |
The TPS profile has been modified to use PATCH for update operation as
required by Backbone. The ProfileData class has been modified to accept
null properties to indicate that the properties are not being updated.
The ProfileModel class has been modified to use JSON data type for
enable and disable operations.
Ticket #654
|
| |
|
|
|
| |
The KeyClient class on the java side is modified to
have a similar design as the KeyClient class on the python side.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The TPS resources have been modified to accept a basic search filter
for find operation. For resources based on LDAP database, the filtering
is done using LDAP filter. For other resources, the filtering is done
using string comparison. For now the filter is will only be matched
against entry IDs. In the future the filter may be expanded to support
other entry attributes. The CLI has been updated accordingly.
The total attribute in DataCollection was changed from Integer into int
because the total size of the collection cannot be null.
The PKIException constructors have been consolidated into a single
actual constructor. The other constructors have been modified to
call the actual constructor with some default values.
Ticket #847
|
| |
|
|
|
|
|
| |
The CLI help message has been simplified to show the commands as
a single list.
Ticket #839
|
| |
|
|
|
|
|
|
| |
A new help command has been added to display the manual page of the
specified command. If the manual page doesn't exist it will try to
display the manual page of the parent command.
Ticket #519
|
| |
|
|
|
|
|
|
|
|
|
| |
A new CLI parameter has been added to allow the user select the
REST message format. This is done by setting the default consumes
and produces when creating the client proxy. For this to work the
hard-coded @Consumes and @Produces annotations need to be removed
from the interface definition. A new interceptor has been added
to validate the message format before executing the operation.
Ticket #554
|
| | |
|
| |
|
|
|
|
|
|
|
| |
The REST interface for keys has been modified to return Response
objects to allow better handling of server responses. Key-related
methods in KRAClient have been moved into KeyClient. The DRMTest
has been updated accordingly.
Ticket #554
|
| | |
|
| |
|
|
|
|
|
| |
The REST interface for certificate requests has been modified to return
Response objects to allow better handling of server responses.
Ticket #554
|
| |
|
|
|
|
| |
1. Use size/keySize consistently, instead of strength.
2. Change to using Integer instead of int in SymKeyGenerationRequest.
3. Fix error message.
|
| |
|
|
|
|
| |
Make sure these are updated so that clients can get this information
when accessing a symmetric key. Also allow a default for generation
requests (but not for archival requests).
|
| |
|
|
|
|
|
|
|
| |
1. Remove Link attribute from ResourceMessage,
2. Rename KeyDataInfo and KeyDataInfoCollection.
3. Move KEYGEN_ALGORITHMS
4. Fix missing space in PKIException
5. Move properties to attributes in ResourceMessage
6. Add missing code to update the request and set IRequest.RESULT
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
TPS resources that are stored in CS.cfg have been refactored to update
their statuses properly. These resources include profiles, profile
mappings, connections, and authenticators.
Ticket #654
|
| |
|
|
|
|
|
|
| |
A new dialog box has been added for adding TPS token. A separate
token ID attribute has been added to the REST service as required
by Backbone.
Ticket #654
|
| |
|
|
|
|
|
|
| |
A new dialog box has been added for adding TPS groups. A separate
group ID attribute has been added to the REST service as required
by Backbone.
Ticket #654
|
| |
|
|
|
|
|
|
|
| |
A new dialog box has been added for adding TPS users. Backbone requires
that a separate attribute is used to specify the user ID (instead of id)
when creating new users, so a new userID field has been added to the
backend service as well.
Ticket #654
|
| |
|
|
|
|
|
| |
New ACL has been added to allow only the administrators to access
TPS profile mappings.
Ticket #652
|
| |
|
|
|
| |
The man page for pki CLI has been updated to include the commands
for managing the client security database.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Previously client-cert-import uses a JSS method that calls NSS
function PK11_ImportDERCertForKey(). To import certificate without
key it should use PK11_ImportCert but it's only available via
certutil. So for now the client-cert-import has been modified to
call certutil until the interface is added to JSS.
The MainCLI has been modified not to call CryptoManager.initialize()
to avoid locking up the security database while importing the
certificate using certutil.
|
| |
|
|
|
|
| |
The key-find command did not return any results due to recent changes.
The method name in KeyDataInfos has been fixed such that XML mapping
would work properly.
|
| |
|
|
|
| |
A new CLI command has been added to simplify the creation of client
certificate database.
|
| |
|
|
|
|
|
|
| |
The CLI command parsing has been fixed such that it consumes all
parts of the commands. If there's unprocessed component it means
it is an invalid command.
Ticket #787
|
