| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
| |
Previously the source code was located inside a pki folder.
This folder was created during svn migration and is no longer
needed. This folder has now been removed and the contents have
been moved up one level.
Ticket #131
|
|
|
|
|
|
|
|
|
|
| |
Tomcat6 has changed the changed the location of the TOMCAT_LOG, and
it should no longer point to catalina.out. This initially caused
dogtag to break because the code to chown TOMCAT_LOG to TOMCAT_USER
was removed. Added code to spec file to fix existing instances.
Also fixed error in spec file. Incorrect selinux patch was being
applied for f17.
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Initial attempt at 'http://pki.fedoraproject.org/wiki/PKI_Instance_Deployment'.
Corrected imports to work with site-packages.
Standardized log messages via encapsulation in a central file.
Updated top-level instance directory.
Streamlined parsing and enhanced logging.
Added "--dry_run" option.
Added umask and default permissions; sanitized use of '+' and '\'.
Aliased 'pkiconfig' as 'config'
Created a single master PKI dictionary from the sectional dictionaries
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Provide a Realm that provides the following:
1. Allows SSL client certificate authentation upon protected URLs.
For now we are protecting the new DRM Rest functions.
2. Allows simple PKI ACL checking like we have in the current server.
This is accomplished with the help of a simple file that maps URLs
to ACL resourceIDs and operations.
3. DRMRestClient now support SSL Client authentication to test the feature.
How to test this:
Install new KRA server, after installing build pki-core rpm.
Uncomment "PKIJNDIRealm" settings in conf/server.xml
Some customization will be needed for instance specific info. See
the sample in server.xml.
Uncomment the "Security Constraint" and "login-config" settings webapps/kra/WEB-INF/web.xml
In running DRMTest.java in eclipse do the following:
Change the arguments to support SSL Client auth such as:
-h localhost -p 10443 -w secret -d ~/archive-test -s true -c "KRA Administrator of Instance pki-kra's SjcRedhat Domain ID"
where the new flags are -s = true for SSL and -c = <client auth cert name>
Export the KRA's admin/agent client auth cert from Firefox to a pk12 file.
Import this cert into ~/archive-test by using "pk12util" utility.
Run the DRMTest.java program in eclipse and observe the results. There should be a prompt
for a client cert.
|
|
|
|
|
|
|
|
|
|
|
|
| |
'http://pki.fedoraproject.org/wiki/PKI_Instance_Deployment'."
This reverts commit b5219f534cf0b60452346b31a84b9eddd881f614.
This patch was accidently committed to origin as part of a previous push.
Conflicts:
pki/specs/pki-core.spec
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Corrected imports to work with site-packages.
Standardized log messages via encapsulation in a central file.
Corrected imports to work with site-packages.
Standardized log messages via encapsulation in a central file.
Updated top-level instance directory.
Streamlined parsing and enhanced logging.
Added "--dry_run" option.
Added umask and default permissions; sanitized use of '+' and '\'.
|
|
|
|
|
|
|
| |
The OSUtil is no longer used by the code. It has been removed from
build scripts and tools.
Ticket #90
|
|
|
|
|
|
| |
Added platform-dependent patches for SELinux component
Bugzilla Bug #739708 - Selinux fix for ephemeral ports (F16)
Bugzilla Bug #795966 - pki-selinux policy is kind of a mess (F17)
|
|
|
|
|
|
|
|
| |
The OSUtil's BtoA() and AtoB() have been replaced by Base64
codec from Apache Commons library. The codec is configured to
use 64-byte line width as defined in RFC 1421.
Ticket #90
|
|
|
|
| |
(see https://fedorahosted.org/pki/ticket/104)
|
| |
|
| |
|
|
|
|
|
| |
Added resteasy-jettison-provider to pki-setup as it is not currently delivered
by candlepin-deps.
|
|
|
|
|
|
|
| |
Integrated files into current servlet structure.
Allowed exceptions to bubble up to top level.
Move bean initialization logic into DAO objects.
Fixed "keyRequest" path to "keyrequest" in KeyRequestDAO
|
| |
|
|
|
|
|
|
|
|
| |
A new function add_junit_test() has been added to execute JUnit
tests in CMake. The function is used to execute the unit tests in
the common package.
Ticket #36
|
|
|
|
| |
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@2277 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
|
|
|
|
|
|
| |
TKS package installation . . .
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@2276 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
|
|
|
|
| |
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@2244 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
|
|
|
|
| |
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@2239 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
|
|
|
|
|
|
|
| |
SPEC FILE CHANGE: Specified '_unitdir' macro for non-'systemd' platforms.
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@2238 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
|
|
|
|
| |
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@2237 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
|
|
|
|
|
|
|
| |
Established MINIMUM package versions based upon platform
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@2199 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
|
|
|
|
|
|
| |
scripts)
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@2198 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
|
|
|
|
| |
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@2197 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
|
|
|
|
| |
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@2196 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
|
|
|
|
| |
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@2167 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
|
|
|
|
| |
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@2136 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
|
|
|
|
| |
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@2077 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
|
|
|
|
| |
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@2058 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
|
|
|
|
| |
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@2057 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
|
|
|
|
|
|
| |
process based upon records, added additional options)
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@2034 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
|
|
|
|
| |
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@2009 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
|
|
|
|
| |
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1989 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
|
|
|
|
| |
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1952 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
|
|
|
|
| |
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1946 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
|
|
|
|
|
|
| |
to changelog of this Meta package.
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1945 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
|
|
|
|
| |
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1944 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
|
|
|
|
| |
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1931 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
|
|
|
|
| |
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1928 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
|
|
|
|
| |
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1918 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
|
|
|
|
| |
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1896 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
|
|
|
|
|
|
|
|
| |
add xml-commons-resolver.jar to pkicreate
add both to pkicore.spec
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1878 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
|
|
|
|
| |
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1838 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
|
|
|
|
| |
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1827 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
|
|
|
|
| |
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1824 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
|
|
|
|
|
|
|
| |
OpenLDAP instead of the Mozldap
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1823 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
|