summaryrefslogtreecommitdiffstats
path: root/base
Commit message (Collapse)AuthorAgeFilesLines
...
* Removed redundant GenericServlet.destroy() invocation.Endi S. Dewata2014-03-171-1/+0
| | | | | | | | The CMSStartServlet has been modified to remove the code that calls GenericServlet.destroy() because it is an empty default implementation which was intended to provide convenience for writing servlets. Ticket #896
* Fixed javadoc issues.Endi S. Dewata2014-03-141-3/+5
| | | | | | | | Due to recent changes the javadoc command was missing some packages and dependencies. This patch fixes the command to include the missing com.netscape.cms and the new org.dogtagpki packages. It's also adding the missing Tomcat extension and RESTEasy client library into the classpath.
* Added login page for TPS UI.Endi S. Dewata2014-03-1314-65/+206
| | | | | | | | | | | | The TPS UI has been modified to provide an unprotected front page. The main TPS UI has been moved into a protected area. The front page provides a login button which when clicked will ask the user to authenticate with the client certificate. If the authentication is successful, the main page will appear. There is also a logout link on the upper right corner of the main page. When clicked it will destroy both the client and server sessions. Ticket #846
* Direct deployment for TPS.Endi S. Dewata2014-03-076-35/+73
| | | | | | | | | | | | | | | | | | | The deployment tool has been modified to deploy TPS directly from the share folder. This way the TPS UI can be upgraded automatically with RPM upgrade without having to write upgrade scripts. For this to work, the TPS web application files cannot contain any slot parameters. So, the cfgPath parameter has been removed from web.xml, and the CMSStartServlet has been modified such that if the parameter is missing it would generate a default path matching the original value in web.xml. Also, the velocity.properties has been modified to use a fixed value for the file.resource.loader.path parameter pointing to the share folder. In the future other subsystems may be modified to use the same deployment mechanism. Ticket #748, #752, #499
* Cleaned up CLI command list.Endi S. Dewata2014-03-071-26/+7
| | | | | | | The CLI help message has been simplified to show the commands as a single list. Ticket #839
* Added CLI help command.Endi S. Dewata2014-03-072-0/+92
| | | | | | | | A new help command has been added to display the manual page of the specified command. If the manual page doesn't exist it will try to display the manual page of the parent command. Ticket #519
* Split pki manual page.Endi S. Dewata2014-03-077-140/+621
| | | | | | | | | The manual page for pki has been split into separate pages for each command module to simplify reading and editing. The formatting have been fixed to make it more consistent. The content of the manual pages will be further improved in future patches. Ticket #519
* trac ticket #862 - TPS rewrite: provide connector service for JAVA-based TPS ↵Christina Fu2014-03-0617-184/+702
| | | | subsystem
* Replaced CLI wrapper with Python.Endi S. Dewata2014-03-063-142/+159
| | | | | | | | The existing CLI wrapper script was written in Perl to call Java CLI. It has been replaced with a Python script that can call either the existing Java CLI or a not-yet-implemented Python CLI by specifying a --client-type parameter. This will allow testing the Python client library via CLI in the future.
* Fixed CLI exceptions.Endi S. Dewata2014-03-061-8/+12
| | | | | | | | | | | Previously if the CLI requires SSL but the security database doesn't exist it would throw an IOException. Now it has been replaced with an Error. The exception handler also has been modified to generate better error messages. Ticket #821
* Minor fix to a comment added in the previous patch.Abhishek Koneru2014-03-061-3/+2
|
* Modify return object for retrieve_key(key_id, twsk)Abhishek Koneru2014-03-062-18/+27
| | | | | | | Modify the return type of the function retrieve_key(key_id, trans_wrapped_session_key) from returining a tuple KeyData, unwrapped_key to KeyData by setting the unwrapped_key to KeyData.private_data attribute for the case where trans_wrapped_session_key is not provided by the caller.
* Change to CMakeLists.txt to fix error found with adding the new TPS classes.Jack Magne2014-03-051-1/+3
|
* Further TPS Rewrite Requested Review Changes:Jack Magne2014-03-0545-443/+437
| | | | | | | 1. Change the location of some more of the classes. 2. Change the file names to reflect naming convention. 3. Change leftover method names to reflect convention. 4. Resolved some script building ommissions and build dependencies.
* TPS Rewrite Requested Review Changes:Jack Magne2014-03-0558-903/+881
| | | | | | | 1. Change the location of some of the classes. 2. Change the file names to reflect naming convention. 3. Change some of the method names to reflect convention. 4. Variable naming changes to reflect convention.
* First cut at Java TPS Buffer class and APDU class.Jack Magne2014-03-0557-119/+4548
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | 1. Also simple framework for working with APDU command. 2. Implemented a few APDU commands in TPS_Processor class. 3. Can now attempt a format operation with TPS client. The code can performa a few apdu's talking to the client and return a success "EndOp" apdu to terminate the conversation. 4. APDU are being encoded/decoded properly to appease tpsclient. More info. 1. Patch is large but most of it consists of many similar apdu and msg classes. 2. APDU and msg classes are now bare bones and may need more work. Will address when class is needed. 3. A test tpsclient script call it (format.tst) to test this out is as follows: op=var_set name=ra_host value=localhost op=var_set name=ra_port value=8080 op=var_set name=ra_uri value=/tps/tps op=token_set cuid=40906145C76224192D2B msn=0120304 app_ver=6FBBC105 key_info=0101 major_ver=1 minor_ver=1 op=token_set auth_key=404142434445464748494a4b4c4d4e4f op=token_set mac_key=404142434445464748494a4b4c4d4e4f op=token_set kek_key=404142434445464748494a4b4c4d4e4f op=ra_format uid=jmagne pwd=redhat new_pin=rehat num_threads=1 op=exit 4: Execute as follows: tpsclient < format.tst
* Get archival working for python key clientAde Lee2014-03-053-32/+53
|
* Removed @Consumes and @Provides.Endi S. Dewata2014-03-0422-206/+0
| | | | | | | | The @Consumes and @Provides annotations have been removed from all methods (except from methods that consume forms) to allow client to use the default consumes and provides specified in the proxy. Ticket #554
* Added CLI parameter to select message format.Endi S. Dewata2014-03-0412-1/+175
| | | | | | | | | | | A new CLI parameter has been added to allow the user select the REST message format. This is done by setting the default consumes and produces when creating the client proxy. For this to work the hard-coded @Consumes and @Produces annotations need to be removed from the interface definition. A new interceptor has been added to validate the message format before executing the operation. Ticket #554
* Cannot unmarshall *Request objects to ResourceMessage object.Abhishek Koneru2014-03-031-0/+6
| | | | | | | | | | When using XML for communicating with the server, the JAXBContext is not able to unmarshall KeyArchivalRequest,KeyRecoveryRequest, SymKeyGenerationRequest objects as it does not recognize them to be subclasses of ResourceMessage. Adding a @XmlSeeAlso attribute to the ResourceMessage class will let the JAXBContext to know that the subclasses are binded to the super class and unmarshalls the *Request objects. No problems were found when using JSON to communicate with the server.
* Reorganized REST service classes.Endi S. Dewata2014-02-2862-205/+400
| | | | | | | | The REST service classes have been moved into org.dogtagpki.server namespace. A new upgrade script has been added to update existing instances. Ticket #114
* Upgraded RESTEasy client library.Endi S. Dewata2014-02-2713-107/+198
| | | | | | | | | | The Dogtag client library has been modified to use RESTEasy 3.0 client library. A new upgrade script has been added to update existing servers. The JAXB annotation in ResourceMessage has been modified to require explicit property mapping. Ticket #554
* Fixes for coments from reviewAde Lee2014-02-265-97/+139
|
* Add ability to archive without sending pkiArchiveOptions object.Ade Lee2014-02-2610-107/+337
| | | | | | With this patch, you can now either send a pkiArchiveOptions object or the exploded parameters. This reduces the processing required on the client side.
* Make generate_symmetric_key more generic.Ade Lee2014-02-263-9/+28
| | | | | | Added a method generate_session_key() which should be used when wrapping secrets for the drm. For now, this has to be a 168-bit 3DES symmetric key.
* Added error checking in python client callsAde Lee2014-02-267-34/+159
| | | | | | | | | 1) Added error checking in python client calls. 2) Allow symmetric key generation with default params. Fix bug for when usages is not defined. 3) Fix bug when requesting key recovery - must check if key exists. 4) Extend key gen to allow for providing trans_wrapped_session_key 5) added constants to python client for key status
* Moved key functions out of kraclient.pyAde Lee2014-02-264-317/+294
|
* reame client_id to client_key_idAde Lee2014-02-2621-153/+157
|
* Add getActiveKey() to the python clientAde Lee2014-02-262-1/+23
|
* Add methods to create nss certdb and import certAde Lee2014-02-264-18/+78
| | | | | Also changed arguments so that all args and returns from CryptoUtil are unencoded.
* Fix minor issues from review.Ade Lee2014-02-264-40/+32
| | | | | 1. main function in SymKeyGenerationRequest does not use correct usages 2. from_dict -> from_json() for consistency
* Add methods to getKeyInfo and change key statusAde Lee2014-02-1912-22/+206
|
* Refactored GroupMemberProcessor.Endi S. Dewata2014-02-192-7/+5
| | | | | | | | The GroupMemberProcessor.addGroupMember() has been modified such that it returns the newly created group member data. This way the GroupService can use the common method to create the response object. Ticket #554
* Updated REST interface for key requests.Endi S. Dewata2014-02-193-18/+33
| | | | | | | The REST interface for key requests has been modified to return Response objects to allow better handling of server responses. Ticket #554
* Updated REST interface for keys.Endi S. Dewata2014-02-197-212/+209
| | | | | | | | | The REST interface for keys has been modified to return Response objects to allow better handling of server responses. Key-related methods in KRAClient have been moved into KeyClient. The DRMTest has been updated accordingly. Ticket #554
* Added REST client for system certificates.Endi S. Dewata2014-02-193-13/+55
| | | | | | A new REST client has been added to access system certificates. Ticket #554
* Updated REST interface for CA profiles.Endi S. Dewata2014-02-195-46/+43
| | | | | | | The REST interface for CA profiles has been modified to return Response objects to allow better handling of server responses. Ticket #554
* Added decorator to handle exceptionsAde Lee2014-02-1911-131/+267
| | | | | | Decorator catches HttpErrorExceptions from Requests and extracts the relevant PKIException object, and rethrows it.
* Additional changes as per review.Ade Lee2014-02-199-424/+720
| | | | | | | | | | 1. Moved most methods back into the key.py module. 2. Simplified the invocation by combining the KeyClient and KeyRequestClient as just KeyClient. 3. Added additional invocations in KRAClient - with lots of docuemntation. These are hopefully more user friendly. 4. Extracted crypto operations to cryptoutil class. This class has an NSS implementation provided. 5. Addressed other issues found in review.
* Initial work on python APIAde Lee2014-02-195-15/+1096
| | | | | | | | This patch includes code for most of the python client library for the KeyResource and KeyRequestResource for the DRM. Some place holder code has been added for the CertResource, but this needs to be further refined and tested.
* Fix eclipse warnings.Ade Lee2014-02-197-69/+20
|
* Updated REST interface for TPS tokens.Endi S. Dewata2014-02-183-21/+22
| | | | | | | The REST interface for TPS tokens has been modified to return Response objects to allow better handling of server responses. Ticket #554
* Updated REST interface for TPS profile mappings.Endi S. Dewata2014-02-183-21/+22
| | | | | | | The REST interface for TPS profile mappings has been modified to return Response objects to allow better handling of server responses. Ticket #554
* Updated REST interface for TPS profiles.Endi S. Dewata2014-02-183-21/+22
| | | | | | | The REST interface for TPS profiles has been modified to return Response objects to allow better handling of server responses. Ticket #554
* Updated REST interface for TPS connections.Endi S. Dewata2014-02-183-21/+22
| | | | | | | The REST interface for TPS connections has been modified to return Response objects to allow better handling of server responses. Ticket #554
* Updated REST interface for TPS configuration.Endi S. Dewata2014-02-183-4/+7
| | | | | | | The REST interface for TPS configuration has been modified to return Response objects to allow better handling of server responses. Ticket #554
* Updated REST interface for TPS certificates.Endi S. Dewata2014-02-183-8/+18
| | | | | | | The REST interface for TPS certificates has been modified to return Response objects to allow better handling of server responses. Ticket #554
* Updated REST interface for TPS authenticators.Endi S. Dewata2014-02-183-21/+22
| | | | | | | The REST interface for TPS authenticators has been modified to return Response objects to allow better handling of server responses. Ticket #554
* Updated REST interface for TPS activities.Endi S. Dewata2014-02-183-8/+18
| | | | | | | The REST interface for TPS activities has been modified to return Response objects to allow better handling of server responses. Ticket #554
* Updated REST interface for TPS connectors.Endi S. Dewata2014-02-183-50/+86
| | | | | | | The REST interface for TPS connectors has been modified to return Response objects to allow better handling of server responses. Ticket #554
generated by cgit (git 2.34.1) at 2025-10-03 16:13:34 +0000