| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
| |
The paths to RESTEasy jar files have been modified such that it can
be configured globally at build time using the spec file to support
different distributions, and at deployment time using a system-wide
configuration in /etc/pki/pki.conf.
Ticket #422, #423.
|
| |
|
|
|
|
|
|
| |
The RA and TPS theme packages are no longer necessary due to the
reorganization of the theme files. The build and deployment
scripts have been updated accordingly.
Ticket #407
|
| |
|
|
|
|
|
| |
The common templates have moved from common-ui into base/common.
The deployment tools have been updated to use the new location.
Ticket #407
|
| |
|
|
|
|
|
|
|
| |
The ESC images have been moved from tps-ui into common-ui. The
pkicreate has been updated to deploy the ESC images from common-ui
into /pki/esc. The paths in templates and CSS file have been
modified to point to the new location.
Ticket #328
|
| |
|
|
|
|
|
|
|
|
|
| |
The pkispawn and pkicreate have been updated to deploy the
combined images and CSS files from the common-ui into /pki/images
and /pki/css.
The common Velocity templates and JavaScript files still need to
be deployed from the <subsystem>-ui packages into each subsystem.
Ticket #328
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently the theme files are copied into each subsystem during
deployment creating duplicates. To reduce the problem the files
should be combined into a common folder /pki.
The process will be done over several patches. Initially this patch
will copy the images and CSS files into /pki/images and /pki/css.
Subsequent patches will update references to these files to the new
location. When it's done, the files no longer need to be copied
into each subsystem.
Ticket #328
|
| |
|
|
|
|
|
|
| |
1. Reorder http.conf to actually read worker config
2. Change functions so that the TPS would restart. Before restarts
would fail because the tus link already exists
3. Modify system verification test to return correctly when tests
are successful
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
Added required selinux versions to spec file. Also added
additional rule needed for F17
|
| |
|
|
| |
Ticket 356
|
| |
|
|
|
|
|
|
| |
The deployment and init scripts have been fixed to create and check
the link to symkey.jar if a TKS instance is added, and remove the
link if the instance is removed.
Ticket #331
|
| |
|
|
|
| |
* TRAC Ticket #301 - Need to modify init scripts to verify needed
symlinks in an instance (support non-default instance names)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
CMS engine is a singleton and it's used by PKI realm to authenticate
users accessing the subsystem. Since a Tomcat instance may contain
multiple subsystems, each having separate realm, the PKI JAR links
need to be moved into WEB-INF/lib so that they will run inside
separate class loaders.
Tomcat also requires that the authenticator and realm classes be
available in common/lib. To address this a new package pki-tomcat.jar
has been added. The package contains the authenticator and a proxy
realm. When the subsystems start running, they will register their
own realms into the proxy realms such that the authentications will
be forwarded to the appropriate subsystems.
Ticket #89
|
| |
|
|
|
|
|
|
|
|
| |
The pki-client.jar has been split and merged into pki-certsrv.jar
and pki-tools.jar. The REST client classes are now packaged in
com.netscape.certsrv.<component> packages. The REST CLI classes
are now packaged in com.netscape.cmstools.<component> packages.
The "pki" script has been moved into pki-tools RPM package.
Ticket #215
|
| |
|
|
|
|
|
|
|
| |
The pki-native-tools and pki-java-tools have been merged into
pki-tools and pki-server will depend on it. Since pki-ra and
pki-tps depends on pki-server they automatically depends on
pki-tools as well.
Ticket #295
|
| |
|
|
|
|
|
| |
* TRAC Ticket #301 - Need to modify init scripts to verify needed
symlinks in an instance
* TRAC Ticket #303 - Dogtag 10: CS.cfg parameters for Dogtag 9 instance
running under Dogtag 10 packages . . .
|
| |
|
|
|
|
| |
Added systemd scripts for RA and TPS. Modified init scripts
and configuration files to use correct directives for httpd 2.4.
TPS and RA subsystems are now installable using pkicreate
|
| |
|
|
|
|
|
| |
A new pki-client.jar has been created to package the REST client
and CLI classes.
Ticket #215
|
| |
|
|
|
|
|
| |
In the new selinux policy, pki_ca_t etc. are all replaced by
pki_tomcat_t. To allow old instances to work under dogtag 10, the
context in the run scripts needs to change.
Also added a rule needed by selinux policy.
|
| |
|
|
|
|
|
|
|
|
|
| |
The SSL connection has been configured with clientAuth="want" so
users can choose whether to provide a client certificate or username
and password. The authentication and authorization will be handled
by the SSL authenticator with fallback and PKI realm. New access
control rules have been added for users, groups, and certs REST
services.
Ticket #107
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Integration of Tomcat 7
* Introduction of dependency upon tomcatjss 7.0
* Removal of http filtering configuration mechanisms
* Introduction of additional slot substitution to
support revised filesystem layout
* Addition of 'pkiuser' uid:gid creation methods
* Inclusion of per instance '*.profile' files
* Introduction of configurable 'configurationRoot'
parameter
* Introduction of default configuration of 'log4j'
mechanism (alee)
* Modify web.xml to use new Application classes to
bootstrap servers (alee)
* Introduction of "Wrapper" logic to support
Tomcat 6 --> Tomcat 7 API change (jmagne)
* Added jython helper function to allow attaching
a remote java debugger (e. g. - eclipse)
|
| |
|
|
|
|
| |
The cert revocation CLI provides a tool to revoke and unrevoke certificates.
Ticket #161
|
| |
|
|
|
|
| |
The user CLI provides a tool to manage users and user certificates.
Ticket #160
|
| |
|
|
|
|
|
| |
The user REST service is based on UsrGrpAdminServlet. It provides an interface
to manage users and user certificates.
Ticket #160
|
| |
|
|
|
|
|
| |
* Integration of Tomcat 7
* Addition of centralized 'pki-tomcatd' systemd functionality to the
PKI Deployment strategy
* Removal of 'pki_flavor' attribute
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Installation code common to the panels and the installation servlet are extracted to a
ConfigurationUtils file. The panel code will be cleaned up to use the code in this
class in a later commit.
Contains restful client and test driver code. The test driver code should be modified
and placed in a junit/system test framework. Installation has been tested to work with
the following installations: master CA, clone CA, KRA, OCSP, TKS, subordinate CA, CA
signed by external CA (parts 1 and 2).
Ticket #155
|
| |
|
|
|
|
|
|
|
| |
Previously the code depends on the old RESTEasy libraries provided by
Candlepin package. Now the Eclipse classpath, build/setup scripts, and
the spec file have been updated to use the libraries provided by the
new RESTEasy package.
Ticket #29
|
|
|
Previously the source code was located inside a pki folder.
This folder was created during svn migration and is no longer
needed. This folder has now been removed and the contents have
been moved up one level.
Ticket #131
|
