summaryrefslogtreecommitdiffstats
path: root/base/kra
Commit message (Collapse)AuthorAgeFilesLines
* Misc changes to get rhel 7 build to workAde Lee2012-11-211-0/+1
| | | | | | | 1. Modified cmake dependency 2. Corrected conditionals in spec file 3. Added paths for resteasy-base 4. Added paths to policy for resteasy-base
* Change cmake projects from Java to NONEAde Lee2012-11-202-2/+2
|
* Reorganized CA, KRA, OCSP, TKS templates.Endi Sukma Dewata2012-11-1256-0/+6570
| | | | | | | | | | | All remaining theme files for Tomcat subsystems which include the templates and JS files have been moved from the theme folder at <subsystem>-ui/shared/webapps/<subsystem> into the subsystem webapp folder at base/<subsystem>/shared/webapps/<subsystem>. The deployment tools have been updated to use the new location. Ticket #407
* Invalid ACL resources Fix in KRA for certServer.kra.keys resourceAbhishek Koneru2012-11-121-2/+1
| | | | Ticket 404
* Added ACLInterceptor.Endi Sukma Dewata2012-11-082-8/+11
| | | | | | | | | Previously ACL checking was done in PKIRealm by matching the URL. This code has been replaced by ACLInterceptor which will intercept RESTEasy method invocations. This allows more precise mapping of REST methods to ACL entries in acl.ldif. Ticket #287
* Updated clearpixel.gif paths.Endi Sukma Dewata2012-11-061-3/+3
|
* Removal of version numbers from jar file namesMatthew Harmsen2012-10-291-12/+2
| | | | * TRAC Ticket #350 - Dogtag 10: Remove version numbers from PKI jar files . . .
* Enabled authentication for key services.Endi Sukma Dewata2012-10-291-2/+0
| | | | | | | | The web.xml in KRA has been modified to enable the authentication for key and key request services. Some tools have been added to access the services via command-line. Ticket #376
* Restrict AJP to localhost only by defaultAde Lee2012-10-251-1/+1
| | | | Ticket 369
* Fixed KRA test.Endi Sukma Dewata2012-10-222-9/+9
| | | | | The security configuration, JAXB mappings, and test script for KRA have been updated to run properly.
* Added REST account service.Endi Sukma Dewata2012-10-224-0/+21
| | | | | | | | | A REST account service has been added to allow client to login to establish a session and to logout to destroy the session. This way multiple operations can be executed using the same session without having to re-authenticate. Ticket #357
* Provide option to install, rather than replicate schema in a cloneAde Lee2012-10-221-1/+1
|
* Reorder VLV indexing for clones to avoid errorsAde Lee2012-10-221-2/+2
|
* Using RPM version number in CMake.Endi Sukma Dewata2012-10-014-9/+4
| | | | | | | | | | | | The RPM spec files have been modified to pass the full RPM version number to CMake. The version number contains the product version number, release number, milestone, and platform. The CMake scritps will parse and use this version number to generate Java manifest files. The product version number will be used as the specification version and full version number will be used as the implementation version. Ticket #339
* https://fedorahosted.org/pki/ticket/252 - TMS - ECC Key RecoveryChristina Fu2012-09-301-5/+5
|
* TMS key recovery part of - Bug 737122 - DRM: during archiving and ↵Christina Fu2012-09-281-36/+115
| | | | recovering, wrapping unwrapping keys should be done in the token
* Added VERSION file.Endi Sukma Dewata2012-09-282-0/+11
| | | | | | | | | | | The CMake scripts have been modified to store the version number in /usr/share/pki/VERSION and in JAR manifest files. These files can be read by PKI applications to obtain the version number without having to query the RPM database. Fixed warnings in Java.cmake file. Ticket #339
* https://fedorahosted.org/pki/ticket/304Christina Fu2012-09-181-61/+174
| | | | TMS ECC infrastructure (enrollment with client-side and server-side key generation, and key archival)
* Added common ROOT webapp.Endi Sukma Dewata2012-09-121-0/+2
| | | | | | | | | | | The current ROOT webapp will redirect users coming to the root URL path to the proper path of the subsystem's webapp. Since now a single Tomcat instance may have multiple subsystems, a new ROOT webapp has been added to present the user with a menu of all available webapps from all subsystems in the instance. Ticket #89
* Added proxy realm.Endi Sukma Dewata2012-09-051-0/+31
| | | | | | | | | | | | | | | | | CMS engine is a singleton and it's used by PKI realm to authenticate users accessing the subsystem. Since a Tomcat instance may contain multiple subsystems, each having separate realm, the PKI JAR links need to be moved into WEB-INF/lib so that they will run inside separate class loaders. Tomcat also requires that the authenticator and realm classes be available in common/lib. To address this a new package pki-tomcat.jar has been added. The package contains the authenticator and a proxy realm. When the subsystems start running, they will register their own realms into the proxy realms such that the authentications will be forwarded to the appropriate subsystems. Ticket #89
* Moved REST CLI into pki-tools.Endi Sukma Dewata2012-08-291-2/+2
| | | | | | | | | | The pki-client.jar has been split and merged into pki-certsrv.jar and pki-tools.jar. The REST client classes are now packaged in com.netscape.certsrv.<component> packages. The REST CLI classes are now packaged in com.netscape.cmstools.<component> packages. The "pki" script has been moved into pki-tools RPM package. Ticket #215
* Fixed exceptions during shutdown.Endi Sukma Dewata2012-08-281-3/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | The shutdown() methods in several classes have been fixed to allow more graceful shutdown and clean restart. There are two types of object attributes that need to be handled differently. Attributes that are initialized by the constructor should not be nulled during shutdown because they won't be reinitialized during restart. If they require a cleanup (e.g. emptying collections, closing LDAP connections) it's not necessary to check for null before calling the cleanup method because they're never null. For attributes that are initialized during init(), it may not be necessary to do a cleanup or null the attribute since they might still be used by other threads and they will be reinitialized during restart so the old objects will be garbage collected. If they do need a cleanup they should be checked for null because they might still be null due to init() failure or initialization conditionals. If the attributes are initialized conditionally, the logic has been modified to ensure the attributes are either initialized or set to null. Ticket #247
* Reorganized REST common classes.Endi Sukma Dewata2012-08-154-8/+9
| | | | | | | The common classes used by REST client and services have been moved into the com.netscape.certsrv.<component> packages. Ticket #215
* Reorganized REST client classes.Endi Sukma Dewata2012-08-152-131/+2
| | | | | | | The REST client classes have been moved into the com.netscape.cms.client.<component> packages. Ticket #215
* Cleaned up REST common class names.Endi Sukma Dewata2012-08-152-10/+10
| | | | | | | The REST common classes have been renamed for better clarity and consistency. Ticket #259
* Cleaned up REST server class names.Endi Sukma Dewata2012-08-152-19/+19
| | | | | | | The REST server classes have been renamed for better clarity and consistency. Ticket #259
* Cleaned up REST client class names.Endi Sukma Dewata2012-08-152-5/+5
| | | | | | | The REST client classes have been renamed for better clarity and consistency. Ticket #259
* Updated the remaining build scripts.Endi Sukma Dewata2012-08-151-33/+39
| | | | | | | The remaining build scripts have been updated to automatically find the source codes. Ticket #62
* Moved REST services into separate URLs.Endi Sukma Dewata2012-08-034-107/+56
| | | | | | | | | | | To support different access control configurations the REST services have been separated by roles. Services that don't need authentication will be available under /rest. Services that require agent rights will be available under /rest/agent. Services that require admin rights will be available under /rest/admin. Ticket #107
* Refactored PKI JNDI realm.Endi Sukma Dewata2012-07-312-46/+3
| | | | | | | | | The PKI JNDI realm has been modified to utilize the authentication and authorization subsystems in PKI engine directly. It's no longer necessary to define the LDAP connection settings in Tomcat's configuration files. Ticket #126
* Added ClientConfig.Endi Sukma Dewata2012-07-302-8/+14
| | | | | | | | A new ClientConfig class has been added to encapsulate client configuration parameters. These parameters include server URI, certificate database, certificate nickname, and password. Ticket #107
* Patch 25 - Misc FixesAbhishek Koneru2012-07-251-3/+9
|
* Use only pluralized REST interface URLsAde Lee2012-07-243-20/+8
|
* PKI Deployment ScriptletsMatthew Harmsen2012-07-192-100/+16
| | | | | | | | | | | | | | | | | | | | * Integration of Tomcat 7 * Introduction of dependency upon tomcatjss 7.0 * Removal of http filtering configuration mechanisms * Introduction of additional slot substitution to support revised filesystem layout * Addition of 'pkiuser' uid:gid creation methods * Inclusion of per instance '*.profile' files * Introduction of configurable 'configurationRoot' parameter * Introduction of default configuration of 'log4j' mechanism (alee) * Modify web.xml to use new Application classes to bootstrap servers (alee) * Introduction of "Wrapper" logic to support Tomcat 6 --> Tomcat 7 API change (jmagne) * Added jython helper function to allow attaching a remote java debugger (e. g. - eclipse)
* Misc Fixes Remaining part of the code.Abhishek Koneru2012-07-181-1/+1
|
* Added cert revocation REST service.Endi Sukma Dewata2012-07-111-1/+1
| | | | | | | The cert revocation REST service is based on DoRevoke and DoUnrevoke servlets. It provides an interface to manage certificate revocation. Ticket #161
* Added CMSExceptionMapper class to the Application classesAde Lee2012-07-101-0/+5
|
* Add Application files to list REST resourcesAde Lee2012-07-102-1/+60
|
* Coverity CATCH_REXCEPTION and UNREAD_FIELD_CASESAbhishek Koneru2012-07-061-0/+1
|
* LeftOver Cases in Resource Leaks and NULL_RETURNSAbhishek Koneru2012-07-021-5/+10
|
* Fixes for Guarded_By_Violation issues shown in CoverityAbhishek Koneru2012-07-021-1/+1
|
* Added REST error handler.Endi Sukma Dewata2012-06-271-1/+1
| | | | | | | A new getEntity() method has been added to obtain the entity from a Response object and also map HTTP errors into exceptions. Ticket #161
* Fixes for Coverity issues of type Resource Leaks - RemainingAbhishek Koneru2012-06-251-2/+11
|
* Fixes for Coverity Issues of type Null Returns - Part 3Abhishek Koneru2012-06-201-0/+6
|
* Fixes for NULL_RETURNS Coverity Issues - Part 2Abhishek Koneru2012-06-141-2/+5
|
* Fixes for Null_Returns Cases - 1 For CommitAbhishek Koneru2012-06-051-1/+6
|
* PKI Deployment ScriptletsMatthew Harmsen2012-05-254-63/+8
| | | | | | | * Integration of Tomcat 7 * Addition of centralized 'pki-tomcatd' systemd functionality to the PKI Deployment strategy * Removal of 'pki_flavor' attribute
* Fixes for Coverity Defects of Category : ↵Abhishek Koneru2012-05-243-15/+17
| | | | FB.SBSC_USE_STRINGBUFFER_CONCATENATION --Remaining
* Fixes for Coverity Defects of Category : FB.BC_VACUOUS_INSTANCEOFAbhishek Koneru2012-05-241-8/+7
|
* Provide CA EE Restful interface and test client.Jack Magne2012-05-072-212/+3
| | | | | | | | | | | | | | | | | | Tickets #144 and #145 Providing the following: 1. Simple EE restful interface for certificates, printing, listing and searching. 2. Simple EE restful interface for certificate enrollment requests. 3. Simple EE restful interface for profiles and profile properties. 4. Simple Test client to exercise the functionality. 5. Created restful client base class inherited by CARestClient and DRMRestClient. 6. Provide simple restful implementations of new interfaces added. ToDO: Need some more refactoring to base classes for some of the new classes which are similar to classes in the DRM restful area. ToDO: Actual certificate enrollment code that will be refactored from existing ProfileSubmitServlet. Provide CA EE Restful interface and test client review fixes.
generated by cgit (git 2.34.1) at 2024-04-25 07:14:43 +0000