summaryrefslogtreecommitdiffstats
path: root/base/server/cmscore/src/com/netscape/cmscore/dbs
Commit message (Collapse)AuthorAgeFilesLines
* Realms - Address comments from reviewAde Lee2016-04-201-4/+4
| | | | | | | | | | | | Review comments addressed: 1. when archiving or generating keys, realm is checked 2. when no plugin is found for a realm, access is denied. 3. rename mFoo to foo for new variables. 4. add chaining of exceptions 5. remove attributes from KeyArchivalRequest etc. when realm is null 6. Add more detail to denial in BasicGroupAuthz Part of Trac Ticket 2041
* Add realm to the key recordAde Lee2016-04-203-6/+19
| | | | Part of Trac Ticket# 2041
* Remove commented-out codeFraser Tweedale2016-03-222-18/+0
|
* Weaken PKIPrincipal to superclass in several placesFraser Tweedale2016-02-151-4/+5
| | | | | | | | | | In several places we are casting a `Principal' to `PKIPrincpal', when `GenericPrincpal' or even no cast will suffice. In upcoming external authentication support externally authenticated principals will not be instances of `PKIPrincipal', so weaken assumptions about type of the principal where possible. Part of: https://fedorahosted.org/pki/ticket/1359
* Fixed LDAP error handling in TokenService.Endi S. Dewata2016-02-051-14/+14
| | | | | | | | | | The DBSSession has been modified to attach the LDAPException to the EDBException. The TokenService will catch the EDBException and obtain the orignal LDAPException. This way the TokenService can obtain the LDAP error code and throw the proper exception the client. https://fedorahosted.org/pki/ticket/1646
* Store issuer DN in certificate recordsFraser Tweedale2015-10-212-0/+6
| | | | | | | | Lightweight CAs mean that we may wish to filter certificates based on the issuer. Update X509CertImplMapper to store the issuer DN in each certificate record, using exiting schema. Also add indices for the 'issuerName' LDAP attribute.
* One-liner fix to conditional for new SerialNumberUpdateTaskAde Lee2015-08-121-2/+2
|
* Separate range and cert status threadsAde Lee2015-08-121-4/+76
| | | | | | | | | | | | | | We currently disable the cert status maintenance thread on clone CAs because CRL processing should only be done on the master CA. Currently, the maintenance thread also performs other checks on serial number ranges and settings. By disabling the maintenance thread, we disable these checks too. To fix this, we have separated the serial number checks into a different maintenance thread, so that these tasks will occur even if the cert status thread is disabled. Bugzilla # 1251606
* Fixed cert-find performance.Endi S. Dewata2015-07-152-28/+47
| | | | | | | | The CertService.searchCerts() has been modified to use the VLV properly to retrieve just the entries in the requested page, thus reducing the response time and memory requirement. Some classes have been modified to clean up the debugging logs.
* Fixed thread leaks during shutdown.Endi S. Dewata2015-06-181-1/+1
| | | | | | | | Various codes have been modified to properly stop threads during shutdown. A new ID attribute has been added to the LDAP connection factory classes to help identify leaking threads. https://fedorahosted.org/pki/ticket/1327
* Fixed problem with TPS profile default status.Endi S. Dewata2015-04-081-1/+2
| | | | | | | | | | The base class of ProfileDatabase (i.e. CSCfgDatabase) has been modified to return the correct default value (i.e. Enabled) if the status parameter doesn't exist. The TPSProcessor has been modified to use ProfileDatabase and other TPS codes have also been changed to use constants instead of string literals to ensure consistency. https://fedorahosted.org/pki/ticket/1270
* Fixed missing port error during installation.Endi S. Dewata2015-04-071-0/+13
| | | | | | | | | The DBSubsystem has been modified to ignore the EPropertyNotDefined exception in pre-op mode and only display a notification instead of a stack trace since it's part of a normal operation. The missing port will be supplied in a later stage of installation. https://fedorahosted.org/pki/ticket/1293
* Refactored LDAPDatabase.createFilter().Endi S. Dewata2015-02-111-3/+23
| | | | | | | | | | The createFilter() method in LDAPDatabase has been changed to construct an LDAP filter based on a keyword and a set of attributes with their values. This will allow searching the database based on specific attribute values. The subclasses of LDAPDatabase have been updated accordingly. https://fedorahosted.org/pki/ticket/1164
* Ticket#1028 Phase1:TPS rewrite: provide externalReg functionalityChristina Fu2015-02-101-1/+2
|
* Added rangeUnit property to certificate profiles.Endi S. Dewata2014-12-154-10/+20
| | | | | | | | | A new optional property has been added to certificate profiles to specify the range unit. The default range unit is 'day'. The code has been modified to use the Calendar API to calculate the end of validity range based on the range unit. https://fedorahosted.org/pki/ticket/1226
* Fixed problem emptying a field in TPS UI.Endi S. Dewata2014-08-261-1/+13
| | | | | | | | | | | | Previously emptying a field in TPS UI could not be saved because the change was not saved and sent to the server. The UI framework now has been fixed to save and send the empty field to the server such that the database can be updated properly. Additional parameters have been added to the tps-token-mod command to modify all editable fields. Ticket #1085
* Fixed problem adding enabled TPS profile.Endi S. Dewata2014-05-191-5/+0
| | | | | | | | | | | The profile, profile mapping, connector, and authenticator services in TPS have been modified to allow adding enabled entries directly if the user has the proper rights. The authenticator database has been moved into the config package for consistency. Ticket #948
* Renamed TPS groups.Endi S. Dewata2014-05-121-1/+1
| | | | | | | | | | The TPS groups have been renamed for clarity and consistency: - TUS Administrators -> Administrators - TUS Agents -> TPS Agents - TUS Officers -> TPS Officers - TUS Operators -> TPS Operators Ticket #963
* Updated TPS search filters.Endi S. Dewata2014-04-291-3/+3
| | | | | | | The token, certificate, and activity database have been updated to search against some predetermined attributes. Ticket #920
* Refactored TPS profiles.Endi S. Dewata2014-03-291-0/+1
| | | | | | | | | | The TPS profile has been modified to use PATCH for update operation as required by Backbone. The ProfileData class has been modified to accept null properties to indicate that the properties are not being updated. The ProfileModel class has been modified to use JSON data type for enable and disable operations. Ticket #654
* Added search filter for TPS resources.Endi S. Dewata2014-03-192-8/+18
| | | | | | | | | | | | | | | | | | The TPS resources have been modified to accept a basic search filter for find operation. For resources based on LDAP database, the filtering is done using LDAP filter. For other resources, the filtering is done using string comparison. For now the filter is will only be matched against entry IDs. In the future the filter may be expanded to support other entry attributes. The CLI has been updated accordingly. The total attribute in DataCollection was changed from Integer into int because the total size of the collection cannot be null. The PKIException constructors have been consolidated into a single actual constructor. The other constructors have been modified to call the actual constructor with some default values. Ticket #847
* Add methods to getKeyInfo and change key statusAde Lee2014-02-191-0/+3
|
* Fixed TPS resource statuses.Endi S. Dewata2014-01-302-0/+192
| | | | | | | | TPS resources that are stored in CS.cfg have been refactored to update their statuses properly. These resources include profiles, profile mappings, connections, and authenticators. Ticket #654
* Reorganized server packages.Endi S. Dewata2013-10-2545-0/+11277
The tomcat, cms, and cmscore packages have been moved from base/common into separate folders in base/server so that they can be built separately.
generated by cgit (git 2.34.1) at 2024-07-04 18:48:42 +0000