summaryrefslogtreecommitdiffstats
path: root/base/server
Commit message (Collapse)AuthorAgeFilesLines
...
* Fixed TPS resource statuses.Endi S. Dewata2014-01-302-0/+192
| | | | | | | | TPS resources that are stored in CS.cfg have been refactored to update their statuses properly. These resources include profiles, profile mappings, connections, and authenticators. Ticket #654
* External Registration feature merge (excluding TPS portion due to current ↵Christina Fu2014-01-237-33/+188
| | | | | | TPS-rewrite effort): http://pki.fedoraproject.org/wiki/TPS_-_New_Recovery_Option:_External_Registration_DS
* Debian: add init script functionalityAde Lee2014-01-085-38/+448
| | | | | | | | | | | | | | | The addtions in this patch will add start/stop/restart/status functionality to operations, so that Debian systems can perform these operations by calling these functions from an init script. We also introduce a parameter in the configuration scripts that can be used to determine if the system is a debian system. This parameter is used to specify a system V init script instead of a systemd script on a debian system, when the configuration scriptlets start and stop a system. Also source apparently does not work by default in debian. Used dot (.) instead.
* Debian - replace arch specificationAde Lee2014-01-081-1/+1
| | | | | | | uname -i returns "unknown" on a debian system. "arch" on the other hand works for fedora, rhel and debian. Replacing these for all packages except for the migration ones which will not be built on debian in any case.
* Cannot connect to ds when anon. access is offAbhishek Koneru2014-01-082-31/+37
| | | | | | | | | | | | | The connection to ds is checked during installation. But the current method of checking the ds connection before binding with the ds throws an Inappropriate Authentication error when Anonymous access is off. This patch uses the following method to check the connection to a DS server. 1. Initialize the connection 2. Bind with the DS. 3. Perform the ldap search. Ticket #811
* authentication pluginAndrew Wnuk2014-01-021-0/+303
| | | | | | | | This patch provides authentication plugin avoiding anonymous access. Steps to use the plugin: https://wiki.idm.lab.bos.redhat.com/export/idmwiki/New_Directory_Authentication_Plugin BZ 861467/ Trac #348.
* Added dialog for adding TPS groups.Endi S. Dewata2013-12-161-5/+8
| | | | | | | | A new dialog box has been added for adding TPS groups. A separate group ID attribute has been added to the REST service as required by Backbone. Ticket #654
* Added dialog for adding TPS users.Endi S. Dewata2013-12-162-24/+120
| | | | | | | | | A new dialog box has been added for adding TPS users. Backbone requires that a separate attribute is used to specify the user ID (instead of id) when creating new users, so a new userID field has been added to the backend service as well. Ticket #654
* Fixed table style.Endi S. Dewata2013-12-161-0/+22
| | | | | | | The column headers and the footer in all tables have been modified to use the proper style. Ticket #654
* Added edit dialog boxes.Endi S. Dewata2013-12-162-2/+201
| | | | | | | New dialog boxes have been added to provide interface for editing TPS resourcers. Ticket #654
* Using PATCH method for modify operations.Endi S. Dewata2013-12-162-1/+83
| | | | | | | | | | Some modify operations have been modified to use HTTP PATCH method since the request only contains changes to the resource, not the entire resource. To replace the entire resource, separate replace operations using HTTP PUT method will be used instead. The Backbone library is using the same convention by default. Ticket #654
* Moved web application context file.Endi S. Dewata2013-12-168-100/+180
| | | | | | | | | | | | | | The location of web application context file has been changed from <instance>/webapps/<name>/META-INF/context.xml into <instance>/conf/Catalina/localhost/<name>.xml. This will eventually allow deploying the web application directly from the shared folder. A new upgrade script has been added to move the context files in the existing instances. Ticket #499
* Added paging links.Endi S. Dewata2013-12-061-0/+94
| | | | | | | The UI tables have been modified to provide Prev and Next links to navigate through the result pages. Ticket #654
* Added RCUE sample files.Endi S. Dewata2013-12-0622-6/+572
| | | | | | New CSS, font, and image files have been added from RCUE examples. Ticket #654
* Added TPS UI skeleton.Endi S. Dewata2013-12-062-0/+85
| | | | | | | An inititial implementation of TPS UI has been added. The UI will display TPS resources as tables. Ticket #654
* Added Backbone library.Endi S. Dewata2013-12-052-0/+2857
| | | | | | | The Backbone library and its dependency (Underscore) have been added to the common web application. Ticket #654
* Updated jQuery library.Endi S. Dewata2013-12-054-11/+10262
| | | | | | | The jQuery library its internationalization plugin have been replaced with the development version. Ticket #654
* Moved cmsbundle into server folder.Endi S. Dewata2013-12-056-0/+3709
| | | | | The pki-cmsbundle.jar is distributed in pki-server package so the files have been moved into the base/server folder.
* Add migration scripts to fix registry file and ownershipAde Lee2013-11-203-8/+121
| | | | | | | | | | | | Migration scripts have been added to update the registry file for tomcat instances to use PKI_INSTANCE_NAME instead of PKI_INSTANCE_ID. File ownershipof the registry file and log files is also fixed. Also removed unused lock file logic in operations startup script. This is for migration from 10.0 -> 10.1 Ticket 805
* Replaced auth.properties with acl.properties.Endi S. Dewata2013-11-206-51/+68
| | | | | | | | | | | | | | The ACL mapping files have been renamed from auth.properties to acl.properties to match the actual content and moved into the subsystem conf folder. The authentication method mapping files have been extracted from the interceptor into actual files. The ACLInterceptor and AuthMethodInterceptors have been modified to read the default mapping first, then overwrite it with custom mapping if it exists in the subsystem folder. The UpdateAuthzProperties upgrade script has been replaced with RemoveAuthProperties that will remove the old auth.properties.
* Added ACL for TPS profile mapping.Endi S. Dewata2013-11-191-0/+1
| | | | | | | New ACL has been added to allow only the administrators to access TPS profile mappings. Ticket #652
* Fix useradd command in pkispawn to not create avcAde Lee2013-11-191-2/+4
| | | | Ticket 803
* REST interface extensionAndrew Wnuk2013-11-182-7/+128
| | | | | | This patch provides REST interface extension allowing recovery of asymmetric keys. Ticket #439.
* Updated ACL and auth method mapping names.Endi S. Dewata2013-11-151-3/+9
| | | | | The ACL and auth method mapping names in some resources have been modified to be more consistent with those in other resources.
* Added ACL for TPS selftests.Endi S. Dewata2013-11-141-0/+1
| | | | | | | New ACL has been added to allow only the administrators to access TPS selftests. Ticket #652
* Added ACL for TPS connections.Endi S. Dewata2013-11-141-0/+1
| | | | | | | New ACL has been added to allow only the administrators to access TPS connections. Ticket #652
* Added ACL for TPS configuration.Endi S. Dewata2013-11-141-0/+1
| | | | | | | New ACL has been added to allow only the administrators to access TPS configuration. Ticket #652
* Added ACL for TPS authenticators.Endi S. Dewata2013-11-141-0/+1
| | | | | | | | | | New ACL has been added to allow only the administrators to access TPS authenticators. The set of interceptors in each application has been modified to preserve the order. Ticket #652
* Added paging on all find commands.Endi S. Dewata2013-11-147-104/+194
| | | | | | The find commands in some REST services have been modified to support paging to be consistent with others. The other find commands have been cleaned up as well.
* Added more null parameter checking.Endi S. Dewata2013-11-145-1/+50
| | | | | | | Some REST methods have been modified to check for null parameters and return the proper error code. Ticket #749
* Added null parameter checking.Endi S. Dewata2013-11-102-0/+36
| | | | | | | Some REST services have been modified to throw BadRequestException on null parameters. Ticket #749
* Fixed find commands.Endi S. Dewata2013-11-085-31/+94
| | | | | | | | | | | Some of the REST services have been fixed to consistently return a DataCollection which contains the total count, the requested subset of results, and links to request other subsets of the results. The TPSConnectorFindCLI has been split into separate find and show commands. Ticket #749
* Fixed database cleanup issues.Endi S. Dewata2013-11-082-228/+207
| | | | | | | | | The configuration code has been modified not to remove the LDAP database folder since it may not have access to it. It will also not continue with the cleanup if the database is used by another subtree. Manual removal of old entries in the subtree is redundant so the code has been removed. The exception handling has been improved as well.
* Revert to allowing security managerAde Lee2013-11-071-1/+1
| | | | | | | Bug in tomcat for security manager has been resolved. Updated tomcat requirement accordingly. Ticket 774
* Fixed return code for user and group services.Endi S. Dewata2013-11-0710-207/+155
| | | | | | | | | The user and group services have been modified to return consistent HTTP return codes under various situations. The UGSubsystem has been modified to capture any LDAP exceptions and throw the proper PKIException subclass that represents the appropriate HTTP error code for the situation. Ticket #669, #749
* Added checks for CertRequest and Cert ResourcesAde Lee2013-11-072-19/+63
| | | | Ticket 749
* Fix KeyRequest and Key Resources to return correct exit codesAde Lee2013-11-062-10/+45
| | | | Also added some missing checks, and some missing options in the Key Request CLI
* Fix return values in ProfileResourceAde Lee2013-11-061-8/+49
| | | | Ticket 749
* Modify profile resource to return correct response for create or modify opAde Lee2013-11-061-6/+25
| | | | Ticket 749
* Renamed CLI commands.Endi S. Dewata2013-11-051-1/+1
| | | | | | | | | | | | | | | | | | The following commands have been renamed. The old commands will no longer work. * profile -> ca-profile * kraconnector -> ca-kraconnector The following commands have also been renamed, but the old commands will continue to work: * cert -> ca-cert * key -> kra-key The user and group commands have already been renamed to <subsytem>- user and <subsystem>-group. The old commands will continue to work and will use CA subsystem by default. Ticket #701
* Added TPS profile resource.Endi S. Dewata2013-11-042-4/+14
| | | | | | | A new REST service and clients have been added to manage the profiles in the TPS configuration file. Ticket #652
* Removed duplicate ACL classes.Endi S. Dewata2013-11-012-436/+0
| | | | | | | The ACL and ACLEntry in com.netscape.cmscore.realm are duplicates of the ones in com.netscape.certsrv.acls. They have been removed since they are no longer used. All differences have been merged into the remaining copy.
* Fixed problem running GroupMemberProcessor on non-CA.Endi S. Dewata2013-11-015-69/+98
| | | | | | | | Previously the GroupMemberProcessor class inherits from CAProcessor that can only run on CA. To fix the problem a generic Processor has been created as a super class of the CAProcessor and some of the fields and methods that are not CA-specific have been moved into the super class. The GroupMemberProcessor will now inherit directly from the super class.
* Renamed Processor to CAProcessor.Endi S. Dewata2013-11-019-21/+21
| | | | | | The Processor class depends on CertificateAuthority subsystem which only exists on CA, so the class has been renamed to CAProcessor to reflect the dependency.
* Backup upgrade tracker.Endi S. Dewata2013-10-311-0/+1
| | | | | | | | | The upgrade framework has been modified to backup the files used to track the upgrade progress. If the tracker file is also modified by the upgrade scriptlet, it will only keep the initial backup (before any modifications were made). Ticket #763
* Fixed tests dependencies.Endi S. Dewata2013-10-3123-0/+3596
| | | | | The test classes have been moved from base/common/test to base/server/test and into the cmscore package because they are dependent on server classes.
* Fixed logic for setting admin cert signing algorithmAde Lee2013-10-311-44/+79
| | | | | Should now be SHA256 by default. Bugzilla BZ 1024445
* Fixed errors during Tomcat shutdown.Endi S. Dewata2013-10-282-16/+3
| | | | | | | | | Previously the CMS.shutdown() was called multiple times during Tomcat shutdown, one by CMSStarServlet.destroy() and the other by the shutdown hook, causing some errors. The shutdown hook should only be used in a standalone application, so it has been moved into CMS.main(). Bugzilla #1018628
* Fixed error handling in DoUnrevoke servlet.Endi S. Dewata2013-10-281-2/+3
| | | | | | | The DoUnrevoke servlet has been modified to re-throw the EBaseException such that the error message can be returned properly to the client. Ticket #739
* Added access control for TPS token.Endi S. Dewata2013-10-281-11/+13
| | | | | | | The TPS token REST interface has been modified to require client certificate authentication. TPS admins, agents, and operators are allowed to view tokens, but only admins are allowed to add and remove tokens, and only agents are allowed to modify tokens.
generated by cgit (git 2.34.1) at 2025-09-30 16:18:01 +0000