| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A new page has been added to manage general TPS configuration
properties. The properties are read-only by default. In edit
mode the property name will become a link which will show a
dialog to edit the property value.
The config REST service has been updated to use PATCH for
update operation and handle possible null collection of
properties.
Fixed a bug in TableItem.reset() where the code didn't clear
the table cell properly.
Fixed a bug in ConfigDatabase.getProperties() where the code
didn't handle null property key properly.
Ticket #654
|
| |
|
|
|
|
|
|
|
|
| |
A new page has been added to the TPS UI to manage audit configuration.
The audit REST service has been modified to use PATCH like the other
services. The audit events will now have 3 possible values: mandatory,
enabled, disabled. Mandatory events cannot be edited. Optional events
can be edited in edit mode.
Ticket #654
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A new tps.js has been added to store TPS-specific classes including
PropertiesTable and EntryWithPropertiesPage.
The Navigation has been refactored to simplify page registration.
The render() method now has to be called separately after instance
creation.
The Table has been refactored to improve reusability. The code that
handles a generic array of entry objects has been moved from the
PropertiesTable into the Table class. The code that handles a
Collection of Models has been moved into ModelTable. The Table now
supports entry sorting and attribute mapping. The Table also
supports view and edit modes. In view mode the Table will be
read-only. In edit mode the action buttons will appear.
The EntryPage has been refactored to handle a generic set of fields.
The editable fields can be specified in a list. The code related to
enable/disable buttons and properties table has been moved to
EntryWithPropertiesPage.
Some unused classes have been removed. Incorrect colum names in
the HTML templates have been fixed.
Ticket #654
|
| |
|
|
|
|
|
|
|
|
| |
The Users and Groups menu items in TPS UI are now grouped under a
new Accounts dropdown menu. The Profiles and Profile Mappings have
been moved into Configurations. The Authenticators and Connections
have been renames to Authentication Sources and Subsystem
Connections.
Ticket #654
|
| |
|
|
|
|
|
|
| |
A new profile mapping page has been added to TPS UI. The page is fully
functional like other existing pages. The REST service for profile
mappings has been updated to be more consistent with other resources.
Ticket #654
|
| |
|
|
|
|
|
|
| |
The pagination controls have been fixed to resemble the UXD design.
The page jump control is now located between the first/previous
buttons and the next/last buttons.
Ticket #848
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The add button in the list page for TPS profiles, connections, and
authenticators has been modified to show a blank form to add a new
entry. Once the entry is added, it will go back to the list page.
The DetailsPage has been renamed into EntryPage and modified to
support an add mode. In add mode the fields are editable. A new
AddEntryPage was added to change the behavior when closing the
page to return to the list page.
The Page container now has to be specified in the constructor. The
load() method is no longer taking any parameter. The open() has
been added to simplify loading page template and content.
The default length of the list page has been changed to 15
entries.
Fixed some bugs in ConnectionModel, AuthenticatorModel,
ConnectionDatabase, and in the HTML template.
Ticket #654
|
| |
|
|
|
|
|
| |
The links in the top level page have been fixed to point to the
front page of the new TPS UI.
Ticket #654
|
| |
|
|
|
|
|
|
|
|
| |
In shared tomcat instances, we need to share the subsystem cert and
not create a new one for each additional subsystem added to the instance.
In addition, if the instances share the same database, then only one
pkidbuser should be created with the relevant subsystem cert and seeAlso
attribute.
Ticket 893
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A new DetailsPage has been added to view and edit TPS resources
including profiles, connections, and authenticators. Initially, in
view mode the page is read-only. User can view properties but they
are non-editable. To enter the edit mode the user needs to click
the Edit link. In this mode the properties become editable. To save
the all changes the user must click the Save button, and it will go
back to view mode. The page also provides links to enable or disable
the resource. The add functionality will be added separately later.
New HTML templates and the CSS code have been modified to better
control the formatting. Some unused code has been removed as well.
Ticket #654
|
| |
|
|
|
|
|
|
|
|
| |
The TPS authenticators has been modified to use PATCH for update operation
as required by Backbone. The AuthenticatorData class has been modified to
accept null properties to indicate that the properties are not being
updated. The AuthenticatorModel class has been modified to use JSON data
type for enable and disable operations.
Ticket #654
|
| |
|
|
|
|
|
|
|
|
| |
The TPS connections has been modified to use PATCH for update operation
as required by Backbone. The ConnectionData class has been modified to
accept null properties to indicate that the properties are not being
updated. The ConnectionModel class has been modified to use JSON data
type for enable and disable operations.
Ticket #654
|
| |
|
|
|
|
|
|
|
|
| |
The TPS profile has been modified to use PATCH for update operation as
required by Backbone. The ProfileData class has been modified to accept
null properties to indicate that the properties are not being updated.
The ProfileModel class has been modified to use JSON data type for
enable and disable operations.
Ticket #654
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
New buttons and dialogs have been added to add and remove properties
in TPS profiles, connections, and authenticators. Currently the code
will only change the properties in memory. The save functionality
will be added separately later.
Previously the Dialog class would only work with Models. The class
has been refactored such that it will work with any storage mechanism.
New CSS code was added to fix the dialog formatting.
Ticket #654
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
A new page has been added to view TPS authenticator details. The properties
are displayed in a table which provides pagination and search functionality.
Currently the page is read-only. The edit functionality will be added
separately later.
Previously the AuthenticatorData had a problem with JSON mapping because it
incorrectly included a PropertyNames attribute. To fix the problem the
class has been modified to require explicit JAXB mapping by setting the
@XmlAccessorType to NONE.
Ticket #654
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
A new page has been added to view TPS connection details. The properties
are displayed in a table which provides pagination and search functionality.
Currently the page is read-only. The edit functionality will be added
separately later.
Previously the ConnectionData had a problem with JSON mapping because it
incorrectly included a PropertyNames attribute. To fix the problem the
class has been modified to require explicit JAXB mapping by setting the
@XmlAccessorType to NONE.
Ticket #654
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A new page has been added to view TPS profile details. The properties are
displayed in a table which provides pagination and search functionality.
Currently the page is read-only. The edit functionality will be added
separately later.
Previously the ProfileData had a problem with JSON mapping because it
incorrectly included a PropertyNames attribute. To fix the problem the
class has been modified to require explicit JAXB mapping by setting the
@XmlAccessorType to NONE.
New CSS classes have been added to format the details page.
Ticket #654
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The current UI table assumes that the entries will be stored in a
Collection object. Some tables might need different storage mechanisms,
so the Table and TableItem classes have been refactored to allow sub-
classes to override some of the operations. The Table initial render()
method now will have to be called explicitly after object creation.
The load() method in the Navigation class has been modified to pass the
container element to the page being loaded.
Ticket #654
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently when a table is refreshed the rows are deleted and recreated,
which makes the UI appear slow. The process has been changed such that
all rows are created initially, then when the refresh happens, it will
simply overwrite the content of the rows and clear the unused ones.
The Table class has been refactored such that operations such as add,
remove, and open can be overriden by the subclass. It also has been
modified to clear the checkboxes on refresh. The ID columns have been
standardized to use "id" attribute name.
The HTML templates have been modified to use a new CSS class for better
control over formatting and to include a default page number.
Ticet #848
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The TPS UI has been modified to provide buttons to go to the first
page, previous page, next page, and last page. The UI will also show
the total entries, the current page number, and the total number of
pages. Users can jump to a specific page by entering the page number.
The CSS has been modified to allow better control of UI components.
The UI table now has a default size of 5. It's no longer necessary
to specify the size in each table.
Ticket #848
|
| |
|
|
|
|
|
|
|
|
| |
The tables in TPS UI has been modified to handle search filters. When
the user presses enter in the search field, the UI will perform a search
operation using the filter specified in the field. The table will be
updated with the new results. If the filter is empty it will show all
entries.
Ticket #847
|
| | |
|
| |
|
|
|
| |
* Dogtag TRAC Ticket #816 - pki-tomcat cannot be started after installation of
ipa replica with ca
|
| |
|
|
|
|
|
|
|
|
|
| |
1. Method to calculate the token type.
2. Some added convenience methods to get various config params for the Format operation.
3. More progress for the format operation up until we attempt to upgrade the applet.
4. Added TPSException that holds a message and end op return code. Can be used to throw from anywhere and the return code makes it back to the client.
5. Error handling.
6. Get rid of TPSFormatProcessor class, for now.
7. More error handling.
8. Moving around some constants.
|
| |
|
|
|
| |
The KeyClient class on the java side is modified to
have a similar design as the KeyClient class on the python side.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The TPS resources have been modified to accept a basic search filter
for find operation. For resources based on LDAP database, the filtering
is done using LDAP filter. For other resources, the filtering is done
using string comparison. For now the filter is will only be matched
against entry IDs. In the future the filter may be expanded to support
other entry attributes. The CLI has been updated accordingly.
The total attribute in DataCollection was changed from Integer into int
because the total size of the collection cannot be null.
The PKIException constructors have been consolidated into a single
actual constructor. The other constructors have been modified to
call the actual constructor with some default values.
Ticket #847
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* PKI TRAC Ticket #869 - f19 ipa-server-install fails at step 6/22 of
cert sys install - systemctl start pki-tomcatd.target fails
* Cleaned up Pylint errors on Python Systemd class
- Changed Systemd from old-style class to new-style class
- Added Docstrings to all Systemd methods and functions
- R:3078, 4: Method could be a function (no-self-use):
NOTE: Although pylint reports that daemon_reload() could be
declared as a function rather than a method, removal of
the 'self' argument resulted in a compilation error.
|
| |
|
|
| |
* PKI TRAC Ticket #868 - REST API get certs links missing segment
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The Table class has been modified to handle the remove button.
When the button is clicked, it will get the list of items selected
for deletion. If there is nothing selected it will not do anything.
If there are some items selected, it will display the list in a
dialog box and ask the user to confirm the deletion. If the operation
is confirmed, the items will be deleted one by one. The table will
be refreshed after the process is done.
In some pages the buttons have been updated to reflect the
availability of the add/remove operations for the corresponding
REST resources.
Ticket #654
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously the CMSStartServlet always requires a cfgPath parameter
pointing to the CS.cfg location. By default the parameter points to
<instance>/conf/<subsystem>/CS.cfg unless it's manually changed by
the admin after installation.
Recently the servlet has been modified such that if the parameter
is not specified it will generate the default path automatically.
So it is no longer necessary to keep the cfgPath parameter in the
web.xml templates because it will point to the same location.
This patch removes the cfgPath parameters from all web.xml templates.
This way newly created subsystems will not have this parameter, which
will help direct deployment in the future. An upgrade script has been
added to remove the parameter from existing instances if it points to
the default location. If the parameter points to a different location
that means the subsystem has been customized so it will not be changed.
Ticket #748, #499
|
| |
|
|
|
|
|
|
| |
The CMSStartServlet has been modified to remove the code that calls
GenericServlet.destroy() because it is an empty default implementation
which was intended to provide convenience for writing servlets.
Ticket #896
|
| |
|
|
|
|
|
|
| |
Due to recent changes the javadoc command was missing some packages
and dependencies. This patch fixes the command to include the
missing com.netscape.cms and the new org.dogtagpki packages. It's
also adding the missing Tomcat extension and RESTEasy client library
into the classpath.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The TPS UI has been modified to provide an unprotected front page.
The main TPS UI has been moved into a protected area. The front
page provides a login button which when clicked will ask the user
to authenticate with the client certificate. If the authentication
is successful, the main page will appear. There is also a logout
link on the upper right corner of the main page. When clicked it
will destroy both the client and server sessions.
Ticket #846
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The deployment tool has been modified to deploy TPS directly from the
share folder. This way the TPS UI can be upgraded automatically with
RPM upgrade without having to write upgrade scripts.
For this to work, the TPS web application files cannot contain any slot
parameters. So, the cfgPath parameter has been removed from web.xml,
and the CMSStartServlet has been modified such that if the parameter is
missing it would generate a default path matching the original value in
web.xml. Also, the velocity.properties has been modified to use a fixed
value for the file.resource.loader.path parameter pointing to the share
folder.
In the future other subsystems may be modified to use the same
deployment mechanism.
Ticket #748, #752, #499
|
| |
|
|
|
|
|
| |
The CLI help message has been simplified to show the commands as
a single list.
Ticket #839
|
| |
|
|
|
|
|
|
| |
A new help command has been added to display the manual page of the
specified command. If the manual page doesn't exist it will try to
display the manual page of the parent command.
Ticket #519
|
| |
|
|
|
|
|
|
|
| |
The manual page for pki has been split into separate pages for each
command module to simplify reading and editing. The formatting have
been fixed to make it more consistent. The content of the manual
pages will be further improved in future patches.
Ticket #519
|
| |
|
|
| |
subsystem
|
| |
|
|
|
|
|
|
| |
The existing CLI wrapper script was written in Perl to call Java CLI.
It has been replaced with a Python script that can call either the
existing Java CLI or a not-yet-implemented Python CLI by specifying
a --client-type parameter. This will allow testing the Python client
library via CLI in the future.
|
| |
|
|
|
|
|
|
|
|
|
| |
Previously if the CLI requires SSL but the security database doesn't
exist it would throw an IOException. Now it has been replaced with an
Error.
The exception handler also has been modified to generate better error
messages.
Ticket #821
|
| | |
|
| |
|
|
|
|
|
| |
Modify the return type of the function retrieve_key(key_id,
trans_wrapped_session_key) from returining a tuple KeyData, unwrapped_key
to KeyData by setting the unwrapped_key to KeyData.private_data attribute
for the case where trans_wrapped_session_key is not provided by the caller.
|
| | |
|
| |
|
|
|
|
|
| |
1. Change the location of some more of the classes.
2. Change the file names to reflect naming convention.
3. Change leftover method names to reflect convention.
4. Resolved some script building ommissions and build dependencies.
|
| |
|
|
|
|
|
| |
1. Change the location of some of the classes.
2. Change the file names to reflect naming convention.
3. Change some of the method names to reflect convention.
4. Variable naming changes to reflect convention.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
1. Also simple framework for working with APDU command.
2. Implemented a few APDU commands in TPS_Processor class.
3. Can now attempt a format operation with TPS client.
The code can performa a few apdu's talking to the client
and return a success "EndOp" apdu to terminate the conversation.
4. APDU are being encoded/decoded properly to appease tpsclient.
More info.
1. Patch is large but most of it consists of many similar apdu and msg classes.
2. APDU and msg classes are now bare bones and may need more work. Will address when class is needed.
3. A test tpsclient script call it (format.tst) to test this out is as follows:
op=var_set name=ra_host value=localhost
op=var_set name=ra_port value=8080
op=var_set name=ra_uri value=/tps/tps
op=token_set cuid=40906145C76224192D2B msn=0120304 app_ver=6FBBC105 key_info=0101 major_ver=1 minor_ver=1
op=token_set auth_key=404142434445464748494a4b4c4d4e4f
op=token_set mac_key=404142434445464748494a4b4c4d4e4f
op=token_set kek_key=404142434445464748494a4b4c4d4e4f
op=ra_format uid=jmagne pwd=redhat new_pin=rehat num_threads=1
op=exit
4: Execute as follows:
tpsclient < format.tst
|
| | |
|
