| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
| |
The profile doc in TPS configuration file has been converted into
a man page pki-tps-profile.
Ticket #950
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There seems to be no use of the requestID parameter in both revoke
and unrevoke request. Removed requestID attribute in CertRevokeRequest
remove the class CertUnrevokeRequest.
Also made changes in RevocationProcesor to use the requestID of the
request created in it.
The setRequestID() is being called in the DoRevoke and DoUnRevoke servlets.
Removed the call and a function auditRequesterId in both the classes.
The auditRequestorId method tries to get a "requestID" stored as a INPUT field
in the reasonToRequest page. The ReasonToRevoke class which generates
this page does not set the value.
|
|
|
|
|
|
|
|
|
| |
This patch provides the framework that allows people to
1. write their own authentication plugins using the authentication
plugin framework
2. map the authenticaiton credential from client side (e.g. ESC or alike)
in both display language characters and numbers of credential parameters
to the specified authentication plugin required parameters.
|
|
|
|
|
|
|
| |
The TPS UI logout functionality has been modified to clear the
authentication credential cache on IE.
Ticket #903
|
|
|
|
|
|
| |
The RCUE files are no longer used so they have been removed.
Ticket #958
|
|
|
|
|
|
|
|
| |
The RCUE library has been replaced with a more generic PatternFly
library. The dialog boxes and the navigation bar have been updated
accordingly.
Ticket #958
|
|
|
|
|
|
| |
New CSS, font, and JS files from PatterFly have been added.
Ticket #958
|
|
|
|
|
|
|
|
| |
The font files have been moved from /pki/font to /pki/fonts to
match the RCUE/PatternFly layout. The CSS files have been updated
accordingly.
Ticket #958
|
|
|
|
|
|
|
|
|
|
| |
Some REST services that accept search keywords have been modified to
require a minimum length of 3 characters.
The DEFAULT_SIZE constant has been moved into the base PKIService
class to reduce multiple declarations.
Ticket #920
|
|
|
|
|
|
|
|
|
|
| |
The TPS groups have been renamed for clarity and consistency:
- TUS Administrators -> Administrators
- TUS Agents -> TPS Agents
- TUS Officers -> TPS Officers
- TUS Operators -> TPS Operators
Ticket #963
|
|
|
|
|
|
| |
The TPS connection database has been renamed into TPS connector.
Ticket #977
|
|
|
|
|
|
| |
The TPS connection REST service has been renamed to TPS connector.
Ticket #977
|
|
|
|
|
|
| |
The TPS connection client library has been renamed to TPS connector.
Ticket #977
|
|
|
|
|
|
| |
The TPS connection UI components have been renamed to TPS connector.
Ticket #977
|
|
|
|
|
|
| |
The TPS connection CLI has been renamed to TPS connector.
Ticket #977
|
|
|
|
|
|
|
| |
Previously the TPS UI generates an error when adding a new group
because it's trying to fetch the members of the new group which
has not been added yet. The code has been changed to detect this
particular case and avoid fetching the data.
|
|
|
|
|
|
|
|
| |
The UserService.findUserMemberships() has been modified to accept
an additional parameter to filter the groups in which the user
is a member. The CLI has been updated accordingly.
Ticket #920
|
|
|
|
|
|
|
|
| |
The GroupService.findGroupMembers() has been modified to accept an
additional parameter to filter the group members to be returned.
The CLI has been modified accordingly.
Ticket #920
|
|
|
|
|
|
|
|
|
|
| |
The UGSubsystem.listGroups() has been modified to generate an
LDAP filter from a keyword. The filter itself cannot contain
wildcards. The wildcard will be added in listGroups(). In the
future the filter will be made configurable to allow searching
different attributes.
Ticket #920
|
|
|
|
|
|
|
|
|
|
|
| |
Previously PKIException was not displayed properly in browser
because it doesn't have a writer for HTML. Now the exception mapper
will compute the message format properly, and will default to XML.
The exception mapper itself has been moved into a server package
due to class dependency. The REST application classes have been
updated accordingly.
Ticket #554
|
|
|
|
|
| |
New links to profiles and profile mappings have been added to TPS
UI home page.
|
|
|
|
|
|
|
|
|
| |
The findUsers() method in UGSubsystem has been modified to search
additional attributes in the user database. This method is only
used by the UserService, so the impact is limited to user-find
CLI command in all subsystems and TPS UI.
Ticket #920
|
|
|
|
|
|
|
|
|
|
| |
Previously the getUser() method in UGSubsystem was using findUsers()
which uses a subtree search to find users. It has been replaced with
a base search which is more accurate since the user DN is known. The
code has also been simplified to merge the two cases where the input
parameter could be a user ID or a DN.
Ticket #920
|
|
|
|
|
|
|
|
|
|
| |
Previously the ConfigurationUtils.setupDBUser() was using findUsers()
to get a list of users and then only use the first one. It has been
replaced with getUser() which will return the user directly. If the
user doesn't exist, findUsers() will throw an exception whereas the
getUser() will return null, so the try-catch block has been removed.
Ticket #920
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The following changes have been done:
1. Applet Upgrade for real token. The applet is written and an instance of applet created.
2. 95% of the format operation done. This includes proper status update progreass bar
for esc and writing the phone home url to the token. Once this operation is complete,
the token can be entered into esc and esc will be able to phone home and point to TPS
for further operations such as enrollment and pin reset when they are implemented.
3. The phoneHome xml file changed slightly to prevent esc from reading exttraneous line
feeds when phoning home.
4. The CS.cfg has been changed to correctly reflect the phone home url we want to write to
the token.
The following to be done to fully finish format, later tickets.
1.Updating the tokendb with tne newly formatted token. Future ticket.
2.Revoking tokens current certificates, if any. Future ticket.
3.Symmetric Key changeover. Future ticket.
|
|
|
|
|
| |
* PKI TRAC Ticket #585 - 'pki cert-request-review' --output creates a file
only when --action attribute is not present
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The code that configures the TPS connectors during installation
has been modified to use the ConnectionDatabase, which is also
used by the CLI/UI after the installation.
The code has also been fixed to configure the correct properties
as defined in CS.cfg. The static properties have been removed
from CS.cfg because now they will be generated dynamically by
the ConnectionDatabase.
Due to class dependency issue, the methods for configuring the TPS
connectors have been moved from ConfigurationUtils into a new
TPSInstaller class.
The URI's in ConfigurationRequest have been converted from String
into URI to simplify validation.
Ticket #890
|
|
|
|
|
|
|
| |
The token, certificate, and activity database have been updated
to search against some predetermined attributes.
Ticket #920
|
|
|
|
| |
* PKI TRAC Ticket #843 - Incorrect CLI argument parsing
|
|
|
|
|
|
|
| |
The REST interface for security domain has been modified to return
Response objects to allow better handling of server responses.
Ticket #554
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch allows the current secure channel functionality to work with
both tpsclient and esc. In order to get esc to work the following changes
were needed.
1. It turns out the server has been been forcing chunked encoding format upon the
outgoing data. Turns out that the system already knows how to do this so we were
getting double chunk size values and getting twice the amount of CRLF chars.
2. There was a minor error where I was not attempting to select the card manager
applet but the coolkey applet, which does not exist yet.
|
|
|
|
|
|
|
| |
Subsystem-specific configuration codes have been moved from the
SystemConfigService into the subsystem-specific installer.
Ticket #890
|
|
|
|
|
|
|
| |
TPS-specific database configuration code has been moved from the
SystemConfigService into TPS-specific installer.
Ticket #890
|
|
|
|
|
|
|
| |
The TPS-specific connector configuration code have been moved from
the SystemConfigService into the TPS-specific installer.
Ticket #890
|
|
|
|
|
|
|
|
|
| |
New subclasses of SystemConfigService have been added for each
subsystem to replace the base installer. Initially these classes
are blank, so they are identical to the base class. Later they will
store subsystem-specific installation code.
Ticket #890
|
|
|
|
|
|
|
| |
The TPS-specific code to finalize the configuration has been moved
into a separate method.
Ticket #890
|
|
|
|
|
|
|
| |
The OCSP-specific codes to finalize the configuration have
been moved into separate methods.
Ticket #890
|
|
|
|
|
|
|
| |
The KRA-specific code to finalize the configuration has been
moved into a separate method.
Ticket #890
|
|
|
|
|
|
|
| |
The CA-specific code to finalize the configuration has been moved
into a separate method.
Ticket #890
|
|
|
|
|
|
| |
Some methods have been renamed for clarity.
Ticket #890
|
|
|
|
|
|
|
| |
Some additional codes in SystemConfigService.configure() have been
moved into separate methods.
Ticket #890
|
|
|
|
|
|
|
|
| |
In this patch the code that processes the certificate list has
been moved into a new processCerts() method. Some variables
have been renamed and some cleanup has been done for clarity.
Ticket #890
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This series of patches will incrementally refactor the
SystemConfigService to make it more manageable, which will
help development and troubleshooting, and also to resolve
potential dependency issues on subsystem-specific installation
procedures.
This patch converts the code that handles the certificate list
to use to Collection framework and to avoid duplicate parsing.
It also contains some code cleanup.
Ticket #890
|
|
|
|
|
|
|
|
| |
The TPS connector docs in the CS.cfg have been converted into
pki-tps-connector manual page. The build scripts have been updated
accordingly.
Ticket #890, #950.
|
|
|
|
|
|
|
|
| |
Some TPS-specific installation wizard panels have been moved from
the common server package into the TPS package. The build script
has been fixed accordingly.
Ticket #890
|
|
|
|
|
|
|
|
|
|
| |
A new table has been added to the group page in TPS UI for managing
the group members.
The addGroupMember() method in group REST interface has been fixed
to accept JSON request properly.
Ticket #654
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously the user's name displayed in the top right corner of the
TPS UI was hardcoded to Administrator. It has been fixed to display
the full name of the authenticated user obtained from the server.
The login() method in the account REST service has been modified to
return the account information about the user and the roles in which
the user belongs. This information can later be used to further
customize the behavior of the UI based on the authorization data.
The PKIRealm has been modified to store the authenticated user info
in the PKI principal.
Ticket #654
|
|
|
|
|
| |
* PKI TRAC Ticket #843 - Incorrect CLI argument parsing
* PKI TRAC Ticket #918 - CLI commands does not return code '1' for the failures
|
|
|
|
|
| |
* PKI TRAC Ticket #843 - Incorrect CLI argument parsing
* PKI TRAC Ticket #918 - CLI commands does not return code '1' for the failures
|
| |
|