summaryrefslogtreecommitdiffstats
path: root/base/ocsp/src/com
Commit message (Collapse)AuthorAgeFilesLines
* Added LogCategory enumeration.Endi S. Dewata2017-06-221-1/+2
| | | | | | | | | A LogCategory enumeration has been added to replace the integer log category in the Logger class. https://pagure.io/dogtagpki/issue/2689 Change-Id: Ic92e64c3abdf859841eaf1006afc61bbf573086d
* Fixed OCSP service error handling.Endi S. Dewata2017-06-201-2/+1
| | | | | | | | | Some OCSP-related classes have been modified to detect errors and handle exceptions properly. https://pagure.io/dogtagpki/issue/2652 Change-Id: Ifd054c47d04ff106120df2d7f3705366c7de9da9
* Updated OCSP log messages.Endi S. Dewata2017-05-241-3/+7
| | | | | | | | | Some log messages in OCSP-related code have been updated for clarity. https://pagure.io/dogtagpki/issue/2652 Change-Id: Ie81b95906a0d9aef6126fb205a4bcec028731e39
* Replaced CryptoManager.getTokenByName().Endi S. Dewata2017-01-271-4/+2
| | | | | | | | | Direct invocations of CryptoManager.getTokenByName() have been replaced with CryptoUtil.getCryptoToken() and getKeyStorageToken() to ensure that internal token names are handled consistently both in normal mode and FIPS mode. https://fedorahosted.org/pki/ticket/2556
* Fixed inconsistent internal token detection.Endi S. Dewata2017-01-261-2/+1
| | | | | | | | The codes that detect internal token name have been modified to use CryptoUtil.isInternalToken() such that the comparison can be done consistently both in normal mode and FIPS mode. https://fedorahosted.org/pki/ticket/2556
* Replaced internal token full name literals.Endi S. Dewata2017-01-241-1/+1
| | | | | | | The internal token full name literals have been replaced with CryptoUtil.INTERNAL_TOKEN_FULL_NAME. https://fedorahosted.org/pki/ticket/2556
* Refactored Constants.PR_INTERNAL_TOKEN.Endi S. Dewata2017-01-211-2/+2
| | | | | | | The Constants.PR_INTERNAL_TOKEN has been replaced with CryptoUtil.INTERNAL_TOKEN_NAME since they are identical. https://fedorahosted.org/pki/ticket/2556
* Troubleshooting improvements for SigningUnit.Endi S. Dewata2016-09-201-22/+22
| | | | | | | To help troubleshooting the SigningUnit for CA and OCSP have been modified to chain the original exceptions. https://fedorahosted.org/pki/ticket/2463
* Added log messages for pre-op mode.Endi S. Dewata2016-05-131-14/+22
| | | | | | | To help troubleshooting the code has been modified to log more detailed information in pre-op mode. https://fedorahosted.org/pki/ticket/1654
* Remove unused imports from OCSP authority classesFraser Tweedale2016-03-221-1/+0
| | | | | Commit 04214b3d3405750cbbda228554c0d9f087a59170 left some vestigal imports behind; remove them.
* Move OCSP digest name lookup to CertID classFraser Tweedale2016-03-031-21/+0
| | | | | | | | | The OCSP digest name lookup is currently defined in IOCSPAuthority and implemented by OCSPAuthority, but /any/ code that deals with CertID might need to know the digest, so move the lookup there. Also refactor the lookup to use a HashMap, and add mappings for SHA2 algorithms.
* Ticket #1593 auto-shutdown - for HSM failover supportChristina Fu2015-10-011-0/+2
| | | | | | | | | | | | | | | This is an interim solution for supporting HSM failover by automatically shutting down the server when signing key becomes inaccessible. At auto-shutdown, a crumb fiile will be left in the instance directory for an external daemon to detect and restart, if necessary. Due to limitation of the watch dog (nuxwdog) at present time, the restart option currently only works if started with watch dog (nuxwdog), and it will prompt for passwords on the terminals. The restart counter is to prevent the server from going into an infinite restart loop. Administrator will have to reset autoShutdown.restart.count to 0 when max is reached. (cherry picked from commit 5a9ecad9172f76ca1b94b40aedcdd49d009aceb1)
* Removed unnecessary EBaseException constructor.Endi S. Dewata2015-01-211-8/+0
| | | | | | | | | The EBaseException(String msgFormat, String param) constructor has been removed because it's only used once and can be substituted with another constructor. All subclasses of EBaseException have been updated accordingly. https://fedorahosted.org/pki/ticket/915
* Reorganized REST service classes.Endi S. Dewata2014-02-281-76/+0
| | | | | | | | The REST service classes have been moved into org.dogtagpki.server namespace. A new upgrade script has been added to update existing instances. Ticket #114
* Added ACL for TPS authenticators.Endi S. Dewata2013-11-141-4/+4
| | | | | | | | | | New ACL has been added to allow only the administrators to access TPS authenticators. The set of interceptors in each application has been modified to preserve the order. Ticket #652
* Fixed problems finding user and group sub-resources.Endi S. Dewata2013-10-251-6/+0
| | | | | | | Due to a regression RESTEasy is unable to find some sub-resources properly. As a workaround some resources need to be merged into the parent resource. The UserCertResource and UserMembershipResource have been merged into UserResource. The GroupMemberResource has been merged into GroupResource.
* Stand-alone DRMMatthew Harmsen2013-10-151-0/+16
| | | | * TRAC Ticket #667 - provide option for ca-less drm install
* Added audit resource.Endi S. Dewata2013-10-081-0/+4
| | | | | | | A new REST service and clients have been added to manage the audit configuration in all subsystems. Ticket #652
* Added selftest resource.Endi S. Dewata2013-10-081-0/+4
| | | | | | | New REST service and clients have been added for managing selftests in all subsystems. Ticket #652
* Reorganized interceptors.Endi S. Dewata2013-08-201-2/+2
| | | | | | The ACLInterceptor and AuthMethodInterceptor interceptors only run on the server, so they have been moved from the base package into the server package.
* Plug resource leaksAde Lee2013-03-081-2/+1
|
* Added authentication method validation.Endi Sukma Dewata2013-02-191-1/+3
| | | | | | | | | | | | | | | A new mechanism has been added to specify the authentication methods that can be used to invoke the REST methods. The AuthMethodMapping annotation maps each REST method to a list of allowed authentication methods. When a client calls a REST method, the AuthMethodInterceptor will intercept the call and verify that the client uses an allowed authentication method. Most REST methods that require authentication have been configured to require client certificate authentication. Authentication using username and password will only be used to get the installation token from security domain. Ticket #477
* Added CLI to manage user membership.Endi Sukma Dewata2013-02-181-0/+2
| | | | | | | | New CLI's have been added to search, add, and remove user membership. The group member management code has been refactored into a processor to allow reuse. Ticket #190
* Added ACLInterceptor.Endi Sukma Dewata2012-11-081-0/+4
| | | | | | | | | Previously ACL checking was done in PKIRealm by matching the URL. This code has been replaced by ACLInterceptor which will intercept RESTEasy method invocations. This allows more precise mapping of REST methods to ACL entries in acl.ldif. Ticket #287
* Enabled account service for TKS and OCSP.Endi Sukma Dewata2012-10-251-0/+5
| | | | | | | The REST account service has been added to TKS and OCSP to enable authentication. Ticket #375
* Reorganized REST common classes.Endi Sukma Dewata2012-08-151-1/+1
| | | | | | | The common classes used by REST client and services have been moved into the com.netscape.certsrv.<component> packages. Ticket #215
* Cleaned up REST common class names.Endi Sukma Dewata2012-08-151-2/+2
| | | | | | | The REST common classes have been renamed for better clarity and consistency. Ticket #259
* Cleaned up REST server class names.Endi Sukma Dewata2012-08-151-12/+12
| | | | | | | The REST server classes have been renamed for better clarity and consistency. Ticket #259
* Added CMSExceptionMapper class to the Application classesAde Lee2012-07-101-0/+4
|
* Add Application files to list REST resourcesAde Lee2012-07-101-0/+41
|
* Removed unused private fields.Endi Sukma Dewata2012-04-122-3/+2
| | | | | | | Most of unused private fields have been removed because they generate warnings in Eclipse. Some are kept because it might be useful later. Ticket #139
* Removed unnecessary type casts.Endi Sukma Dewata2012-04-091-1/+1
| | | | | | Unnecessary type casts have been removed using Eclipse Quick Fix. Ticket #134
* Removed whitespaces from Java code.Endi Sukma Dewata2012-04-094-24/+24
| | | | | | | | Whitespaces in Java code have been removed with the following command: find . -not -path .git -name *.java -exec sed -i 's/[[:blank:]]\+$//' {} \; Ticket #134
* Removed unnecessary pki folder.Endi Sukma Dewata2012-03-264-0/+1129
Previously the source code was located inside a pki folder. This folder was created during svn migration and is no longer needed. This folder has now been removed and the contents have been moved up one level. Ticket #131
generated by cgit (git 2.34.1) at 2026-01-03 10:56:28 +0000