pki.git - Unnamed repository; edit this file 'description' to name the repository.

	Commit message (Collapse)	Author	Age	Files	Lines
*	Replaced SHA1-based random number generators.	Endi S. Dewata	2017-05-25	1	-2/+5
\| \| \| \| \| \| \| \| \|	The SHA1-based random number generators in some classes have been replaced with the random number generator provided by JssSubsystem. https://pagure.io/dogtagpki/issue/2695 Change-Id: Id0285dbc8c940fa7afb8feccab3086030d949514
*	Moved TokenServlet into pki-tks package.	Endi S. Dewata	2017-05-23	1	-0/+3226
\| \| \| \| \| \| \| \| \| \| \| \|	The TokenServlet has been moved into pki-tks package in order to use the JssSubsystem in pki-cmscore package. Some constants in SecureChannelProtocol have been made public so they can be accessed by the TokenServlet. https://pagure.io/dogtagpki/issue/2695 Change-Id: I5542e5dcf09c3d081a131af042d833203bcc086c
*	Added audit service and CLI to all subsystems.	Endi S. Dewata	2017-04-04	1	-0/+4
\| \| \| \| \| \| \|	Previously the audit service and CLI were only available on TPS. Now they have been added to all subsystems. Change-Id: I3b472254641eb887289c5122df390c46ccd97d47
*	Removed redundant Context attributes.	Endi S. Dewata	2017-03-31	1	-9/+0
\| \| \| \| \| \| \|	All subclasses of PKIService have been modified to remove the Context attribute since they have been declared in the base class. Change-Id: Icdbe97efa2b910a579264099f817930c2cc2ed1a
*	Refactor crypto code	Ade Lee	2017-03-14	1	-15/+6
\| \| \| \| \| \|	Move some of the crypto functions in EncryptionUnit to CryptoUtil. Change-Id: Iee391392fb88a87f6af3b450b69508fd52729a62
*	Separated TPS does not automatically receive shared secret from remote TKS.	Jack Magne	2016-07-01	1	-27/+120
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Support to allow the TPS to do the following: 1. Request that the TKS creates a shared secret with the proper ID, pointing to the TPS. 2. Have the TKS securely return the shared secret back to the TPS during the end of configuration. 3. The TPS then imports the wrapped shared secret into it's own internal NSS db permanenty and. 4. Given a name that is mapped to the TPS's id string. Additional fixes: 1. The TKS was modified to actually be able to use multiple shared secrets registered by multiple TPS instances. Caveat: At this point if the same remote TPS instance is created over and over again, the TPS's user in the TKS will accumulate "userCert" attributes, making the exportation of teh shared secret not functional. At this point we need to assume that the TPS user has ONE "userCert" registered at this time.
*	Weaken PKIPrincipal to superclass in several places	Fraser Tweedale	2016-02-15	1	-2/+2
\| \| \| \| \| \| \| \| \| \|	In several places we are casting a `Principal' to `PKIPrincpal', when `GenericPrincpal' or even no cast will suffice. In upcoming external authentication support externally authenticated principals will not be instances of `PKIPrincipal', so weaken assumptions about type of the principal where possible. Part of: https://fedorahosted.org/pki/ticket/1359
*	Removed audit CLI from non-TPS subsystems.	Endi S. Dewata	2015-07-17	1	-4/+0
\| \| \| \| \| \| \| \| \| \|	Due to database upgrade issue the pki <subsystem>-audit CLI has been removed from all subsystems except TPS. The AuditModifyCLI has been modified to clarify that the --action and the --input parameters are mutually exclusive. https://fedorahosted.org/pki/ticket/1437
*	Fixed authentication data in audit log.	Endi S. Dewata	2015-05-05	1	-1/+3
\| \| \| \| \| \| \| \| \| \| \|	The REST methods may be executed by different threads even though they are invoked in the same session. A new interceptor has been added to all subsystems to make sure the SessionContext is created properly for each thread. This will fix the authentication data in the audit log. The SessionContext has also been improved to use ThreadLocal instead of a global Hashtable. https://fedorahosted.org/pki/ticket/1054
*	Added minimum search keyword length requirement.	Endi S. Dewata	2014-05-12	1	-2/+0
\| \| \| \| \| \| \| \| \| \|	Some REST services that accept search keywords have been modified to require a minimum length of 3 characters. The DEFAULT_SIZE constant has been moved into the base PKIService class to reduce multiple declarations. Ticket #920
*	Fixed message format for PKIException.	Endi S. Dewata	2014-05-07	1	-3/+2
\| \| \| \| \| \| \| \| \| \| \|	Previously PKIException was not displayed properly in browser because it doesn't have a writer for HTML. Now the exception mapper will compute the message format properly, and will default to XML. The exception mapper itself has been moved into a server package due to class dependency. The REST application classes have been updated accordingly. Ticket #554
*	Refactored SystemConfigService (part 9).	Endi S. Dewata	2014-04-25	2	-2/+33
\| \| \| \| \| \| \| \| \|	New subclasses of SystemConfigService have been added for each subsystem to replace the base installer. Initially these classes are blank, so they are identical to the base class. Later they will store subsystem-specific installation code. Ticket #890
*	Added CLI parameter to select message format.	Endi S. Dewata	2014-03-04	1	-0/+2
\| \| \| \| \| \| \| \| \| \| \|	A new CLI parameter has been added to allow the user select the REST message format. This is done by setting the default consumes and produces when creating the client proxy. For this to work the hard-coded @Consumes and @Produces annotations need to be removed from the interface definition. A new interceptor has been added to validate the message format before executing the operation. Ticket #554
*	Reorganized REST service classes.	Endi S. Dewata	2014-02-28	2	-0/+560
	The REST service classes have been moved into org.dogtagpki.server namespace. A new upgrade script has been added to update existing instances. Ticket #114