| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
| |
1. Provides an xml file served by TPS to allow the client(esc) to configure itself to contact TPS.
2. Edewata review fixes. Return application/xml instead of text/xml, and fix how the phone home file path is calculated.
|
| |
|
|
|
|
|
| |
Some clients might not send the Accept header when invoking the
REST services. To handle this the REST services have been modified
to use the Content-type if the Accept header is missing, or use a
default message format if Content-type is not specified.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The TPS UI has been modified to use Backbone.Router to assign a
unique path for each page. This way the browser's Back button will
work properly and the page can be bookmarked.
A home page has been added for the UI. Currently it provide links
to all available pages. In the future it might be changed to
display more useful information.
A breadcrumb has been added to the top of each page to provide
links back to the home page.
Some new font files have been added from PatternFly library.
The EntryWithPropertiesPage has been renamed to ConfigEntryPage.
The Navigation class is no longer used so it has been removed.
Ticket #959
|
| |
|
|
|
|
|
|
| |
The dialog used to view activity attributes has been replaced with
a details page since it will be required for breadcrumbs. A new
HTML template has been added for this page.
Ticket #654
|
| |
|
|
|
|
|
|
| |
The dialog used to view certificate attributes has been replaced
with a details page since it will be required for breadcrumbs. A
new HTML template has been added for this page.
Ticket #654
|
| |
|
|
|
|
|
|
| |
The dialog used to view self test attributes has been replaced with
a details page since it will be required for breadcrumbs. A new HTML
template has been added for this page.
Ticket #654
|
| |
|
|
|
|
|
|
| |
The dialog used to edit group attributes has been replaced with a
details page since it will be required for breadcrumbs. A new HTML
template has been added for this page.
Ticket #654
|
| |
|
|
|
|
|
|
|
|
|
| |
The dialog used to edit user attributes has been replaced with a
details page since it will be required for breadcrumbs. A new HTML
template has been added for this page.
The renderField() in EntryPage has been renamed to loadField() for
consistency with the Dialog clas.
Ticket #654
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The dialog used to edit token attributes has been replaced with a
details page since it will be required for breadcrumbs. A new HTML
template has been added for this page.
Changing token status now can be done both in token list page and
in token details page.
The EntryPage has been modified such that it requires the editable
fields to be specified for the add mode.
To improve the appearance, the input fields in all dialogs and pages
will now appear as read-only while the data is still loading.
Ticket #654
|
| |
|
|
|
|
|
|
|
| |
A new method has been added to TPS audit REST service to enable or
disable audit logging. The CLI and UI have been modified to provide
a way to acces this functionality. Also, new ACL entries have been
added for audit.
Ticket #955
|
| |
|
|
|
|
|
| |
Previously error messages were displayed using alert(). It has been
replaced with a new ErrorDialog which can be formatted properly.
Ticket #949
|
| |
|
|
|
|
|
| |
The Settings menu item in TPS UI has been removed because the
functionality will not be added in this release.
Ticket #654
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A new dialog has been added to change the token status. The status
can be changed by clicking the Status value in the tokens table.
Initially the status is Uninitialized. The status can be changed
according to the allowed status transitions defined in the CS.cfg.
The status and reason fields in TokenRecord is now translated into
a single status field in TokenData. This way the UI only needs to
handle a single status field.
A new field has also been added to the database for token type.
Some issues displaying and updating some token attributes have been
fixed as well.
Ticket #654
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously the content of table cells was generated by JavaScript
code. Now the content can be defined in the HTML template to allow
cleaner separation from the code. Attributes of the entry being
displayed in the row can now be specified in the template using
${attribute} notation. A special attribute called "parent" can be
used to refer to the attributes of the parent object. The current
templates have been modified to utilize this feature.
The renderIDColumn() in TableItem is no longer needed so it has been
removed. An open() method is added to handle any links in the cell.
The PropertiesTableItem has been moved into tps.js.
The "attributes" property in Dialog and EntryPage has been renamed
to "entry".
Ticket #654
|
| |
|
|
|
|
|
|
|
|
|
|
| |
1. Read applet into memory to prepare to write to token.
2. With tpsclient create secure channel by implementing Initialize Update and ExternalAuthenticate messages.
3. Support for MAC and encryption for messages going on after secure channel has been created.
4. Implemented method to remove an aid file or instance from the token.
5. Added some symkey methods to allow TPS to manipulate session keys.
6. Performed some cfu feedback fixes such as changing al the names of APDU classes to have APDU in the name.
Have not tried this with real token as of yet. The tpsclient does verify of the MAC coming from the server and decrypts encrypted messages. Decrypted messages have to be correct for the MAC verification to work.
Next step will be to add the phone home servlet to the TPS and give it a try with a real token and esc.
|
| |
|
|
| |
http://pki.fedoraproject.org/wiki/TPS_Rewrite#Audit_Messages
|
| |
|
|
| |
authority functions
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A new page has been added to manage general TPS configuration
properties. The properties are read-only by default. In edit
mode the property name will become a link which will show a
dialog to edit the property value.
The config REST service has been updated to use PATCH for
update operation and handle possible null collection of
properties.
Fixed a bug in TableItem.reset() where the code didn't clear
the table cell properly.
Fixed a bug in ConfigDatabase.getProperties() where the code
didn't handle null property key properly.
Ticket #654
|
| |
|
|
|
|
|
|
|
|
| |
A new page has been added to the TPS UI to manage audit configuration.
The audit REST service has been modified to use PATCH like the other
services. The audit events will now have 3 possible values: mandatory,
enabled, disabled. Mandatory events cannot be edited. Optional events
can be edited in edit mode.
Ticket #654
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A new tps.js has been added to store TPS-specific classes including
PropertiesTable and EntryWithPropertiesPage.
The Navigation has been refactored to simplify page registration.
The render() method now has to be called separately after instance
creation.
The Table has been refactored to improve reusability. The code that
handles a generic array of entry objects has been moved from the
PropertiesTable into the Table class. The code that handles a
Collection of Models has been moved into ModelTable. The Table now
supports entry sorting and attribute mapping. The Table also
supports view and edit modes. In view mode the Table will be
read-only. In edit mode the action buttons will appear.
The EntryPage has been refactored to handle a generic set of fields.
The editable fields can be specified in a list. The code related to
enable/disable buttons and properties table has been moved to
EntryWithPropertiesPage.
Some unused classes have been removed. Incorrect colum names in
the HTML templates have been fixed.
Ticket #654
|
| |
|
|
|
|
|
|
|
|
| |
The Users and Groups menu items in TPS UI are now grouped under a
new Accounts dropdown menu. The Profiles and Profile Mappings have
been moved into Configurations. The Authenticators and Connections
have been renames to Authentication Sources and Subsystem
Connections.
Ticket #654
|
| |
|
|
|
|
|
|
| |
A new profile mapping page has been added to TPS UI. The page is fully
functional like other existing pages. The REST service for profile
mappings has been updated to be more consistent with other resources.
Ticket #654
|
| |
|
|
|
|
|
|
| |
The pagination controls have been fixed to resemble the UXD design.
The page jump control is now located between the first/previous
buttons and the next/last buttons.
Ticket #848
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The add button in the list page for TPS profiles, connections, and
authenticators has been modified to show a blank form to add a new
entry. Once the entry is added, it will go back to the list page.
The DetailsPage has been renamed into EntryPage and modified to
support an add mode. In add mode the fields are editable. A new
AddEntryPage was added to change the behavior when closing the
page to return to the list page.
The Page container now has to be specified in the constructor. The
load() method is no longer taking any parameter. The open() has
been added to simplify loading page template and content.
The default length of the list page has been changed to 15
entries.
Fixed some bugs in ConnectionModel, AuthenticatorModel,
ConnectionDatabase, and in the HTML template.
Ticket #654
|
| |
|
|
|
|
|
| |
The links in the top level page have been fixed to point to the
front page of the new TPS UI.
Ticket #654
|
| |
|
|
|
|
|
|
|
|
| |
In shared tomcat instances, we need to share the subsystem cert and
not create a new one for each additional subsystem added to the instance.
In addition, if the instances share the same database, then only one
pkidbuser should be created with the relevant subsystem cert and seeAlso
attribute.
Ticket 893
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A new DetailsPage has been added to view and edit TPS resources
including profiles, connections, and authenticators. Initially, in
view mode the page is read-only. User can view properties but they
are non-editable. To enter the edit mode the user needs to click
the Edit link. In this mode the properties become editable. To save
the all changes the user must click the Save button, and it will go
back to view mode. The page also provides links to enable or disable
the resource. The add functionality will be added separately later.
New HTML templates and the CSS code have been modified to better
control the formatting. Some unused code has been removed as well.
Ticket #654
|
| |
|
|
|
|
|
|
|
|
| |
The TPS authenticators has been modified to use PATCH for update operation
as required by Backbone. The AuthenticatorData class has been modified to
accept null properties to indicate that the properties are not being
updated. The AuthenticatorModel class has been modified to use JSON data
type for enable and disable operations.
Ticket #654
|
| |
|
|
|
|
|
|
|
|
| |
The TPS connections has been modified to use PATCH for update operation
as required by Backbone. The ConnectionData class has been modified to
accept null properties to indicate that the properties are not being
updated. The ConnectionModel class has been modified to use JSON data
type for enable and disable operations.
Ticket #654
|
| |
|
|
|
|
|
|
|
|
| |
The TPS profile has been modified to use PATCH for update operation as
required by Backbone. The ProfileData class has been modified to accept
null properties to indicate that the properties are not being updated.
The ProfileModel class has been modified to use JSON data type for
enable and disable operations.
Ticket #654
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
New buttons and dialogs have been added to add and remove properties
in TPS profiles, connections, and authenticators. Currently the code
will only change the properties in memory. The save functionality
will be added separately later.
Previously the Dialog class would only work with Models. The class
has been refactored such that it will work with any storage mechanism.
New CSS code was added to fix the dialog formatting.
Ticket #654
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
A new page has been added to view TPS authenticator details. The properties
are displayed in a table which provides pagination and search functionality.
Currently the page is read-only. The edit functionality will be added
separately later.
Previously the AuthenticatorData had a problem with JSON mapping because it
incorrectly included a PropertyNames attribute. To fix the problem the
class has been modified to require explicit JAXB mapping by setting the
@XmlAccessorType to NONE.
Ticket #654
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
A new page has been added to view TPS connection details. The properties
are displayed in a table which provides pagination and search functionality.
Currently the page is read-only. The edit functionality will be added
separately later.
Previously the ConnectionData had a problem with JSON mapping because it
incorrectly included a PropertyNames attribute. To fix the problem the
class has been modified to require explicit JAXB mapping by setting the
@XmlAccessorType to NONE.
Ticket #654
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A new page has been added to view TPS profile details. The properties are
displayed in a table which provides pagination and search functionality.
Currently the page is read-only. The edit functionality will be added
separately later.
Previously the ProfileData had a problem with JSON mapping because it
incorrectly included a PropertyNames attribute. To fix the problem the
class has been modified to require explicit JAXB mapping by setting the
@XmlAccessorType to NONE.
New CSS classes have been added to format the details page.
Ticket #654
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The current UI table assumes that the entries will be stored in a
Collection object. Some tables might need different storage mechanisms,
so the Table and TableItem classes have been refactored to allow sub-
classes to override some of the operations. The Table initial render()
method now will have to be called explicitly after object creation.
The load() method in the Navigation class has been modified to pass the
container element to the page being loaded.
Ticket #654
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently when a table is refreshed the rows are deleted and recreated,
which makes the UI appear slow. The process has been changed such that
all rows are created initially, then when the refresh happens, it will
simply overwrite the content of the rows and clear the unused ones.
The Table class has been refactored such that operations such as add,
remove, and open can be overriden by the subclass. It also has been
modified to clear the checkboxes on refresh. The ID columns have been
standardized to use "id" attribute name.
The HTML templates have been modified to use a new CSS class for better
control over formatting and to include a default page number.
Ticet #848
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The TPS UI has been modified to provide buttons to go to the first
page, previous page, next page, and last page. The UI will also show
the total entries, the current page number, and the total number of
pages. Users can jump to a specific page by entering the page number.
The CSS has been modified to allow better control of UI components.
The UI table now has a default size of 5. It's no longer necessary
to specify the size in each table.
Ticket #848
|
| |
|
|
|
|
|
|
|
|
| |
The tables in TPS UI has been modified to handle search filters. When
the user presses enter in the search field, the UI will perform a search
operation using the filter specified in the field. The table will be
updated with the new results. If the filter is empty it will show all
entries.
Ticket #847
|
| | |
|
| |
|
|
|
| |
* Dogtag TRAC Ticket #816 - pki-tomcat cannot be started after installation of
ipa replica with ca
|
| |
|
|
|
|
|
|
|
|
|
| |
1. Method to calculate the token type.
2. Some added convenience methods to get various config params for the Format operation.
3. More progress for the format operation up until we attempt to upgrade the applet.
4. Added TPSException that holds a message and end op return code. Can be used to throw from anywhere and the return code makes it back to the client.
5. Error handling.
6. Get rid of TPSFormatProcessor class, for now.
7. More error handling.
8. Moving around some constants.
|
| |
|
|
|
| |
The KeyClient class on the java side is modified to
have a similar design as the KeyClient class on the python side.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The TPS resources have been modified to accept a basic search filter
for find operation. For resources based on LDAP database, the filtering
is done using LDAP filter. For other resources, the filtering is done
using string comparison. For now the filter is will only be matched
against entry IDs. In the future the filter may be expanded to support
other entry attributes. The CLI has been updated accordingly.
The total attribute in DataCollection was changed from Integer into int
because the total size of the collection cannot be null.
The PKIException constructors have been consolidated into a single
actual constructor. The other constructors have been modified to
call the actual constructor with some default values.
Ticket #847
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* PKI TRAC Ticket #869 - f19 ipa-server-install fails at step 6/22 of
cert sys install - systemctl start pki-tomcatd.target fails
* Cleaned up Pylint errors on Python Systemd class
- Changed Systemd from old-style class to new-style class
- Added Docstrings to all Systemd methods and functions
- R:3078, 4: Method could be a function (no-self-use):
NOTE: Although pylint reports that daemon_reload() could be
declared as a function rather than a method, removal of
the 'self' argument resulted in a compilation error.
|
| |
|
|
| |
* PKI TRAC Ticket #868 - REST API get certs links missing segment
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The Table class has been modified to handle the remove button.
When the button is clicked, it will get the list of items selected
for deletion. If there is nothing selected it will not do anything.
If there are some items selected, it will display the list in a
dialog box and ask the user to confirm the deletion. If the operation
is confirmed, the items will be deleted one by one. The table will
be refreshed after the process is done.
In some pages the buttons have been updated to reflect the
availability of the add/remove operations for the corresponding
REST resources.
Ticket #654
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously the CMSStartServlet always requires a cfgPath parameter
pointing to the CS.cfg location. By default the parameter points to
<instance>/conf/<subsystem>/CS.cfg unless it's manually changed by
the admin after installation.
Recently the servlet has been modified such that if the parameter
is not specified it will generate the default path automatically.
So it is no longer necessary to keep the cfgPath parameter in the
web.xml templates because it will point to the same location.
This patch removes the cfgPath parameters from all web.xml templates.
This way newly created subsystems will not have this parameter, which
will help direct deployment in the future. An upgrade script has been
added to remove the parameter from existing instances if it points to
the default location. If the parameter points to a different location
that means the subsystem has been customized so it will not be changed.
Ticket #748, #499
|
