From a4682ceae6774956461edd03b2485bbacea445f4 Mon Sep 17 00:00:00 2001 From: mharmsen Date: Tue, 4 Oct 2011 01:17:41 +0000 Subject: Bugzilla Bug #688225 - (dogtagIPAv2.1) TRACKER: of the Dogtag fixes for freeIPA 2.1 git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/tags/IPA_v2_RHEL_6_2_20111003@2252 c9f7a03b-bd48-0410-a16d-cbbf54688b0b --- pki/base/ca/shared/webapps/ROOT/WEB-INF/web.xml | 29 + pki/base/ca/shared/webapps/ROOT/index.jsp | 94 + .../shared/webapps/ca/WEB-INF/velocity.properties | 8 + pki/base/ca/shared/webapps/ca/WEB-INF/web.xml | 2478 ++++++++++++++++++++ 4 files changed, 2609 insertions(+) create mode 100644 pki/base/ca/shared/webapps/ROOT/WEB-INF/web.xml create mode 100644 pki/base/ca/shared/webapps/ROOT/index.jsp create mode 100644 pki/base/ca/shared/webapps/ca/WEB-INF/velocity.properties create mode 100644 pki/base/ca/shared/webapps/ca/WEB-INF/web.xml (limited to 'pki/base/ca/shared/webapps') diff --git a/pki/base/ca/shared/webapps/ROOT/WEB-INF/web.xml b/pki/base/ca/shared/webapps/ROOT/WEB-INF/web.xml new file mode 100644 index 000000000..59245836e --- /dev/null +++ b/pki/base/ca/shared/webapps/ROOT/WEB-INF/web.xml @@ -0,0 +1,29 @@ + + + + + + Welcome to Tomcat + + Welcome to Tomcat + + + + diff --git a/pki/base/ca/shared/webapps/ROOT/index.jsp b/pki/base/ca/shared/webapps/ROOT/index.jsp new file mode 100644 index 000000000..85a4654c3 --- /dev/null +++ b/pki/base/ca/shared/webapps/ROOT/index.jsp @@ -0,0 +1,94 @@ + +<% + // establish acceptable schemes + final String HTTP_SCHEME = "http"; + final String HTTPS_SCHEME = "https"; + + // establish known ports + final int EE_HTTP_PORT = [PKI_UNSECURE_PORT]; + final int AGENT_HTTPS_PORT = [PKI_AGENT_SECURE_PORT]; + final int EE_HTTPS_PORT = [PKI_EE_SECURE_PORT]; + final int ADMIN_HTTPS_PORT = [PKI_ADMIN_SECURE_PORT]; + + // establish known paths + final String ADMIN_PATH = "/[PKI_SUBSYSTEM_TYPE]/services"; + final String AGENT_PATH = "/[PKI_SUBSYSTEM_TYPE]/agent/[PKI_SUBSYSTEM_TYPE]"; + final String EE_PATH = "/[PKI_SUBSYSTEM_TYPE]/ee/[PKI_SUBSYSTEM_TYPE]"; + final String ERROR_PATH = "/[PKI_SUBSYSTEM_TYPE]/404.html"; + + // retrieve scheme from request + String scheme = request.getScheme(); + + // retrieve client hostname on which the request was sent + String client_hostname = request.getServerName(); + + // retrieve client port number on which the request was sent + int client_port = request.getServerPort(); + + // retrieve server hostname on which the request was received + String server_hostname = request.getLocalName(); + + // retrieve server port number on which the request was received + int server_port = request.getLocalPort(); + + // uncomment the following lines to write to 'catalina.out' + //System.out.println( "scheme = '" + scheme + "'" ); + //System.out.println( "client hostname = '" + client_hostname + "'" ); + //System.out.println( "client port = '" + client_port + "'" ); + //System.out.println( "server hostname = '" + server_hostname + "'" ); + //System.out.println( "server port = '" + server_port + "'" ); + + // compose the appropriate URL + String URL = ""; + + if( scheme.equals( HTTP_SCHEME ) ) { + if( server_port == EE_HTTP_PORT ) { + URL = scheme + "://" + client_hostname + ":" + client_port + EE_PATH; + } else { + // unknown HTTP server port: should never get here + URL = scheme + "://" + client_hostname + ":" + client_port + ERROR_PATH; + + // uncomment the following line to write to 'catalina.out' + //System.out.println( "Unknown HTTP server port: '" + server_port + "'" ); + } + } else if( scheme.equals( HTTPS_SCHEME ) ) { + if( server_port == AGENT_HTTPS_PORT ) { + URL = scheme + "://" + client_hostname + ":" + client_port + AGENT_PATH; + } else if( server_port == EE_HTTPS_PORT ) { + URL = scheme + "://" + client_hostname + ":" + client_port + EE_PATH; + } else if( server_port == ADMIN_HTTPS_PORT ) { + URL = scheme + "://" + client_hostname + ":" + client_port + ADMIN_PATH; + } else { + // unknown HTTPS server port: should never get here + URL = scheme + "://" + client_hostname + ":" + client_port + ERROR_PATH; + + // uncomment the following line to write to 'catalina.out' + //System.out.println( "Unknown HTTPS server port: '" + server_port + "'" ); + } + } else { + // unacceptable scheme: should never get here + URL = scheme + "://" + client_hostname + ":" + client_port + ERROR_PATH; + + // uncomment the following line to write to 'catalina.out' + //System.out.println( "Unacceptable scheme: '" + scheme + "'" ); + } + + // respond (back to browser) with the appropriate redirected URL + response.sendRedirect( URL ); +%> diff --git a/pki/base/ca/shared/webapps/ca/WEB-INF/velocity.properties b/pki/base/ca/shared/webapps/ca/WEB-INF/velocity.properties new file mode 100644 index 000000000..2dfae4bca --- /dev/null +++ b/pki/base/ca/shared/webapps/ca/WEB-INF/velocity.properties @@ -0,0 +1,8 @@ +resource.loader = file +file.resource.loader.class = org.apache.velocity.runtime.resource.loader.FileResourceLoader +file.resource.loader.path = [PKI_INSTANCE_PATH]/[PKI_WEBAPPS_NAME]/[PKI_SUBSYSTEM_TYPE] +file.resource.loader.cache = true +file.resource.loader.modificationCheckInterval = 2 +input.encoding=UTF-8 +output.encoding=UTF-8 +runtime.log.logsystem.class=org.apache.velocity.runtime.log.NullLogSystem diff --git a/pki/base/ca/shared/webapps/ca/WEB-INF/web.xml b/pki/base/ca/shared/webapps/ca/WEB-INF/web.xml new file mode 100644 index 000000000..b3b4356e3 --- /dev/null +++ b/pki/base/ca/shared/webapps/ca/WEB-INF/web.xml @@ -0,0 +1,2478 @@ + + + + + + AgentRequestFilter + com.netscape.cms.servlet.filter.AgentRequestFilter + + https_port + [PKI_AGENT_SECURE_PORT] + +[PKI_OPEN_ENABLE_PROXY_COMMENT] + + proxy_port + [PKI_PROXY_SECURE_PORT] + +[PKI_CLOSE_ENABLE_PROXY_COMMENT] + + active + true + + + + + AdminRequestFilter + com.netscape.cms.servlet.filter.AdminRequestFilter + + https_port + [PKI_ADMIN_SECURE_PORT] + +[PKI_OPEN_ENABLE_PROXY_COMMENT] + + proxy_port + [PKI_PROXY_SECURE_PORT] + +[PKI_CLOSE_ENABLE_PROXY_COMMENT] + + active + true + + + + + EERequestFilter + com.netscape.cms.servlet.filter.EERequestFilter + + http_port + [PKI_UNSECURE_PORT] + + + https_port + [PKI_EE_SECURE_PORT] + +[PKI_OPEN_ENABLE_PROXY_COMMENT] + + proxy_port + [PKI_PROXY_SECURE_PORT] + + + proxy_http_port + [PKI_PROXY_UNSECURE_PORT] + +[PKI_CLOSE_ENABLE_PROXY_COMMENT] + + active + true + + + + + EEClientAuthRequestFilter + com.netscape.cms.servlet.filter.EEClientAuthRequestFilter + + https_port + [PKI_EE_SECURE_CLIENT_AUTH_PORT] + +[PKI_OPEN_ENABLE_PROXY_COMMENT] + + proxy_port + [PKI_PROXY_SECURE_PORT] + +[PKI_CLOSE_ENABLE_PROXY_COMMENT] + + active + true + + + + + csadmin-wizard + com.netscape.cms.servlet.wizard.WizardServlet + + properties + /WEB-INF/velocity.properties + + + name + CA Setup Wizard + + + panels + welcome=com.netscape.cms.servlet.csadmin.WelcomePanel,module=com.netscape.cms.servlet.csadmin.ModulePanel,confighsmlogin=com.netscape.cms.servlet.csadmin.ConfigHSMLoginPanel,securitydomain=com.netscape.cms.servlet.csadmin.SecurityDomainPanel,securitydomain=com.netscape.cms.servlet.csadmin.DisplayCertChainPanel,subsystem=com.netscape.cms.servlet.csadmin.CreateSubsystemPanel,clone=com.netscape.cms.servlet.csadmin.DisplayCertChainPanel,restorekeys=com.netscape.cms.servlet.csadmin.RestoreKeyCertPanel,cahierarchy=com.netscape.cms.servlet.csadmin.HierarchyPanel,database=com.netscape.cms.servlet.csadmin.DatabasePanel,size=com.netscape.cms.servlet.csadmin.SizePanel,subjectname=com.netscape.cms.servlet.csadmin.NamePanel,certrequest=com.netscape.cms.servlet.csadmin.CertRequestPanel,backupkeys=com.netscape.cms.servlet.csadmin.BackupKeyCertPanel,savepk12=com.netscape.cms.servlet.csadmin.SavePKCS12Panel,importcachain=com.netscape.cms.servlet.csadmin.ImportCAChainPanel,admin=com.netscape.cms.servlet.csadmin.AdminPanel,importadmincert=com.netscape.cms.servlet.csadmin.ImportAdminCertPanel,done=com.netscape.cms.servlet.csadmin.DonePanel + + + + + csadmin-login + com.netscape.cms.servlet.csadmin.LoginServlet + + properties + /WEB-INF/velocity.properties + + + + + services + com.netscape.cms.servlet.csadmin.MainPageServlet + GetClientCert + false + authorityId + ca + ID + services + templatePath + /services.template + + + + caacl + com.netscape.cms.servlet.admin.ACLAdminServlet + ID + caacl + AuthzMgr + BasicAclAuthz + + + + caug + com.netscape.cms.servlet.admin.UsrGrpAdminServlet + ID + caug + AuthzMgr + BasicAclAuthz + + + + caserver + com.netscape.cms.servlet.admin.CMSAdminServlet + ID + caserver + AuthzMgr + BasicAclAuthz + + + + capolicy + com.netscape.cms.servlet.admin.PolicyAdminServlet + ID + capolicy + AuthzMgr + BasicAclAuthz + authority + ca + + + + calog + com.netscape.cms.servlet.admin.LogAdminServlet + ID + calog + AuthzMgr + BasicAclAuthz + + + + caGetAdminCertBySerial + com.netscape.cms.servlet.cert.GetBySerial + GetClientCert + false + AuthzMgr + BasicAclAuthz + authority + ca + ID + caGetAdminCertBySerial + resourceID + certServer.admin.certificate + + + + caUpdateConnector + com.netscape.cms.servlet.csadmin.UpdateConnector + GetClientCert + false + authority + ca + ID + caUpdateConnector + AuthMgr + TokenAuth + AuthzMgr + BasicAclAuthz + resourceID + certServer.ca.connectorInfo + + + + caRegisterUser + com.netscape.cms.servlet.csadmin.RegisterUser + GetClientCert + false + authority + ca + ID + caRegisterUser + AuthMgr + TokenAuth + GroupName + Certificate Manager Agents + AuthzMgr + BasicAclAuthz + resourceID + certServer.ca.registerUser + + + + caRegisterRaUser + com.netscape.cms.servlet.csadmin.RegisterUser + GetClientCert + false + authority + ca + ID + caRegisterRaUser + AuthMgr + TokenAuth + GroupName + Registration Manager Agents + AuthzMgr + BasicAclAuthz + resourceID + certServer.ca.registerUser + + + + caGetDomainXML + com.netscape.cms.servlet.csadmin.GetDomainXML + GetClientCert + false + authority + ca + ID + caGetDomainXML + + + + caUpdateDomainXML + com.netscape.cms.servlet.csadmin.UpdateDomainXML + GetClientCert + true + authority + ca + ID + caUpdateDomainXML + interface + agent + AuthMgr + certUserDBAuthMgr + AuthzMgr + BasicAclAuthz + resourceID + certServer.securitydomain.domainxml + + + + caUpdateNumberRange + com.netscape.cms.servlet.csadmin.UpdateNumberRange + GetClientCert + false + authority + ca + ID + caUpdateNumberRange + interface + ee + AuthMgr + TokenAuth + AuthzMgr + BasicAclAuthz + resourceID + certServer.clone.configuration.UpdateNumberRange + + + + caUpdateOCSPConfig + com.netscape.cms.servlet.csadmin.UpdateOCSPConfig + GetClientCert + false + authority + ca + ID + caUpdateOCSPConfig + interface + ee + AuthMgr + TokenAuth + AuthzMgr + BasicAclAuthz + resourceID + certServer.admin.ocsp + + + + caDownloadPKCS12 + com.netscape.cms.servlet.csadmin.DownloadPKCS12 + GetClientCert + false + authority + ca + ID + caDownloadPKCS12 + interface + ee + AuthMgr + TokenAuth + AuthzMgr + BasicAclAuthz + resourceID + certServer.clone.configuration + + + + caGetCertChain + com.netscape.cms.servlet.csadmin.GetCertChain + GetClientCert + false + authority + ca + ID + caGetCertChain + + + + caGetCertChainAdmin + com.netscape.cms.servlet.csadmin.GetCertChain + GetClientCert + false + authority + ca + ID + caGetCertChainAdmin + + + + caGetStatus + com.netscape.cms.servlet.csadmin.GetStatus + GetClientCert + false + authority + ca + ID + caGetStatus + + + + caGetConfigEntries + com.netscape.cms.servlet.csadmin.GetConfigEntries + GetClientCert + false + authority + ca + ID + caGetConfigEntries + AuthzMgr + BasicAclAuthz + AuthMgr + TokenAuth + resourceID + certServer.clone.configuration.GetConfigEntries + + + + caca + com.netscape.cms.servlet.admin.CAAdminServlet + ID + caca + AuthzMgr + BasicAclAuthz + + + + caregistry + com.netscape.cms.servlet.admin.RegistryAdminServlet + ID + caregistry + AuthzMgr + BasicAclAuthz + authority + ca + + + + caauths + com.netscape.cms.servlet.admin.AuthAdminServlet + ID + caauths + AuthzMgr + BasicAclAuthz + + + + castart + com.netscape.cms.servlet.base.CMSStartServlet + AuthzMgr + BasicAclAuthz + cfgPath + [PKI_INSTANCE_PATH]/conf/CS.cfg + ID + castart + 1 + + + + caprofile + com.netscape.cms.servlet.admin.ProfileAdminServlet + ID + caprofile + AuthzMgr + BasicAclAuthz + authority + ca + + + + cajobsScheduler + com.netscape.cms.servlet.admin.JobsAdminServlet + ID + cajobsScheduler + AuthzMgr + BasicAclAuthz + + + + caadminEnroll + com.netscape.cms.servlet.cert.EnrollServlet + GetClientCert + false + successTemplate + /admin/ca/EnrollSuccess.template + AuthzMgr + BasicAclAuthz + authority + ca + interface + admin + ID + caadminEnroll + resourceID + certServer.admin.request.enrollment + AuthMgr + passwdUserDBAuthMgr + + + + capublisher + com.netscape.cms.servlet.admin.PublisherAdminServlet + ID + capublisher + AuthzMgr + BasicAclAuthz + authority + ca + + + + caGetOCSPInfo + com.netscape.cms.servlet.ocsp.GetOCSPInfo + GetClientCert + true + AuthzMgr + BasicAclAuthz + interface + agent + authority + ca + templatePath + /agent/ca/getOCSPInfo.template + ID + caGetOCSPInfo + resourceID + certServer.ca.ocsp + AuthMgr + certUserDBAuthMgr + + + + caUpdateDir + com.netscape.cms.servlet.cert.UpdateDir + GetClientCert + true + AuthzMgr + BasicAclAuthz + authority + ca + templatePath + /agent/ca/updateDir.template + interface + agent + ID + caUpdateDir + AuthMgr + certUserDBAuthMgr + resourceID + certServer.ca.directory + + + + caGetCertFromRequest-agent + com.netscape.cms.servlet.cert.GetCertFromRequest + GetClientCert + true + AuthzMgr + BasicAclAuthz + authority + ca + interface + agent + ID + caGetCertFromRequest + resourceID + certServer.ca.certificate + AuthMgr + certUserDBAuthMgr + importCert + true + + + + caGetBySerial-agent + com.netscape.cms.servlet.cert.GetBySerial + GetClientCert + true + successTemplate + /ca/ImportCert.template + AuthzMgr + BasicAclAuthz + authority + ca + interface + agent + ID + caGetBySerial + AuthMgr + certUserDBAuthMgr + resourceID + certServer.ca.certificate + + + + caProfileSelect-agent + com.netscape.cms.servlet.profile.ProfileSelectServlet + GetClientCert + true + AuthzMgr + BasicAclAuthz + authorityId + ca + interface + agent + ID + caProfileSelect + unauthorizedTemplate + /GenUnauthorized.template + templatePath + /agent/ca/ProfileSelect.template + AuthMgr + certUserDBAuthMgr + resourceID + certServer.ca.profile + + + + caindex + com.netscape.cms.servlet.base.IndexServlet + ID + caindex + template + index.template + GetClientCert + true + AuthMgr + certUserDBAuthMgr + interface + agent + + + + caStats + com.netscape.cms.servlet.base.GetStats + GetClientCert + true + AuthzMgr + BasicAclAuthz + authority + ca + templatePath + /agent/ca/getStats.template + ID + stats + resourceID + certServer.ca.systemstatus + AuthMgr + certUserDBAuthMgr + + + + caMonitor + com.netscape.cms.servlet.cert.Monitor + GetClientCert + true + AuthzMgr + BasicAclAuthz + authority + ca + interface + agent + templatePath + /agent/ca/monitor.template + ID + caMonitor + resourceID + certServer.ca.systemstatus + AuthMgr + certUserDBAuthMgr + + + + caReasonToRevoke + com.netscape.cms.servlet.cert.ReasonToRevoke + GetClientCert + true + AuthzMgr + BasicAclAuthz + authority + ca + templatePath + /agent/ca/reasonToRevoke.template + interface + agent + ID + caReasonToRevoke + AuthMgr + certUserDBAuthMgr + resourceID + certServer.ca.certificates + + + + caListRequests + com.netscape.cms.servlet.base.DisplayHtmlServlet + GetClientCert + true + htmlPath + /agent/ca/ListRequests.html + authority + ca + interface + agent + ID + caListRequests + unauthorizedTemplate + /agent/ca/GenUnauthorized.template + AuthMgr + certUserDBAuthMgr + + + + casearchReqs + com.netscape.cms.servlet.request.SearchReqs + GetClientCert + true + parser + CertReqParser.NODETAIL_PARSER + AuthzMgr + BasicAclAuthz + authority + ca + templatePath + /agent/ca/queryReq.template + interface + agent + ID + casearchReqs + resourceID + certServer.ca.requests + AuthMgr + certUserDBAuthMgr + timeLimits + 10 + + + + caProfileApprove + com.netscape.cms.servlet.profile.ProfileApproveServlet + GetClientCert + true + AuthzMgr + BasicAclAuthz + authorityId + ca + interface + agent + ID + caProfileApprove + unauthorizedTemplate + /agent/GenUnauthorized.template + templatePath + /agent/ca/ProfileApprove.template + AuthMgr + certUserDBAuthMgr + resourceID + certServer.ca.profile + + + + caUpdateDirectory + com.netscape.cms.servlet.base.DisplayHtmlServlet + GetClientCert + true + htmlPath + /agent/ca/UpdateDir.html + authority + ca + ID + caUpdateDirectory + unauthorizedTemplate + /agent/GenUnauthorized.template + interface + agent + AuthMgr + certUserDBAuthMgr + + + + caProfileReview + com.netscape.cms.servlet.profile.ProfileReviewServlet + GetClientCert + true + AuthzMgr + BasicAclAuthz + authorityId + ca + interface + agent + ID + caProfileReview + unauthorizedTemplate + /agent/GenUnauthorized.template + templatePath + /agent/ca/ProfileReview.template + AuthMgr + certUserDBAuthMgr + resourceID + certServer.ca.request.profile + + + + caConnector + com.netscape.cms.servlet.connector.ConnectorServlet + GetClientCert + true + AuthzMgr + BasicAclAuthz + authority + ca + ID + caConnector + RequestEncoder + com.netscape.cmscore.connector.HttpRequestEncoder + resourceID + certServer.ca.connector + interface + agent + AuthMgr + certUserDBAuthMgr + + + + caSrchCerts-agent + com.netscape.cms.servlet.cert.SrchCerts + GetClientCert + true + AuthzMgr + BasicAclAuthz + authority + ca + templatePath + /agent/ca/srchCert.template + interface + agent + ID + caSrchCerts + AuthMgr + certUserDBAuthMgr + resourceID + certServer.ca.certificates + timeLimits + 15 + + + + caheader + com.netscape.cms.servlet.base.IndexServlet + ID + caheader + GetClientCert + true + AuthMgr + certUserDBAuthMgr + template + /agent/header.template + interface + agent + + + + + caDisplayCertFromRequest-agent + com.netscape.cms.servlet.cert.GetCertFromRequest + GetClientCert + true + AuthzMgr + BasicAclAuthz + authority + ca + interface + agent + ID + caDisplayCertFromRequest + resourceID + certServer.ca.certificate + AuthMgr + certUserDBAuthMgr + importCert + false + + + + caListCerts-agent + com.netscape.cms.servlet.cert.ListCerts + GetClientCert + true + AuthzMgr + BasicAclAuthz + authority + ca + templatePath + /agent/ca/queryCert.template + interface + agent + ID + caListCerts + AuthMgr + certUserDBAuthMgr + resourceID + certServer.ca.certificates + maxResults + 1000 + + + + caqueryReq + com.netscape.cms.servlet.request.QueryReq + GetClientCert + true + parser + CertReqParser.NODETAIL_PARSER + AuthzMgr + BasicAclAuthz + authority + ca + templatePath + /agent/ca/queryReq.template + interface + agent + ID + caqueryReq + resourceID + certServer.ca.requests + AuthMgr + certUserDBAuthMgr + maxResults + 1000 + + + + caProcessReq + com.netscape.cms.servlet.request.ProcessReq + GetClientCert + true + parser + CertReqParser.DETAIL_PARSER + AuthzMgr + BasicAclAuthz + authority + ca + interface + agent + ID + caProcessReq + templatePath + /agent/ca/processReq.template + resourceID + certServer.ca.request.enrollment + AuthMgr + certUserDBAuthMgr + + + + caports + com.netscape.cms.servlet.base.PortsServlet + ID + caports + GetClientCert + false + interface + ee + + + + caSrchCert + com.netscape.cms.servlet.base.DisplayHtmlServlet + GetClientCert + true + htmlPath + /agent/ca/SrchCert.html + authority + ca + interface + agent + ID + caSrchCert + unauthorizedTemplate + /agent/GenUnauthorized.template + AuthMgr + certUserDBAuthMgr + + + + caProfileList-agent + com.netscape.cms.servlet.profile.ProfileListServlet + GetClientCert + true + AuthzMgr + BasicAclAuthz + authorityId + ca + interface + agent + ID + caProfileList + unauthorizedTemplate + /agent/GenUnauthorized.template + templatePath + /agent/ca/ProfileList.template + AuthMgr + certUserDBAuthMgr + resourceID + certServer.ca.profiles + + + + caDisplayBySerial-agent + com.netscape.cms.servlet.cert.DisplayBySerial + GetClientCert + true + AuthzMgr + BasicAclAuthz + authority + ca + templatePath + /agent/ca/displayBySerial.template + interface + agent + ID + caDisplayBySerial + AuthMgr + certUserDBAuthMgr + resourceID + certServer.ca.certificate + + + + caSrchRevokeCert + com.netscape.cms.servlet.base.DisplayHtmlServlet + GetClientCert + true + htmlPath + /agent/ca/SrchRevokeCert.html + authority + ca + interface + agent + ID + caSrchRevokeCert + unauthorizedTemplate + /agent/GenUnauthorized.template + AuthMgr + certUserDBAuthMgr + + + + caDoUnrevoke + com.netscape.cms.servlet.cert.DoUnrevoke + GetClientCert + true + AuthzMgr + BasicAclAuthz + authority + ca + templatePath + /agent/ca/unrevocationResult.template + interface + agent + ID + caDoUnrevoke + AuthMgr + certUserDBAuthMgr + resourceID + certServer.ca.certificate + + + + caDoRevoke-agent + com.netscape.cms.servlet.cert.DoRevoke + GetClientCert + true + AuthzMgr + BasicAclAuthz + authority + ca + templatePath + /agent/ca/revocationResult.template + interface + agent + ID + caDoRevoke + AuthMgr + certUserDBAuthMgr + resourceID + certServer.ca.certificates + + + + caProfileProcess + com.netscape.cms.servlet.profile.ProfileProcessServlet + GetClientCert + true + AuthzMgr + BasicAclAuthz + authorityId + ca + interface + agent + ID + caProfileProcess + unauthorizedTemplate + /GenUnauthorized.template + templatePath + /agent/ca/ProfileProcess.template + AuthMgr + certUserDBAuthMgr + resourceID + certServer.ca.request.profile + + + + caProcessCertReq + com.netscape.cms.servlet.request.ProcessCertReq + GetClientCert + true + AuthzMgr + BasicAclAuthz + authority + ca + interface + agent + ID + caProcessCertReq + resourceID + certServer.ca.request.enrollment + AuthMgr + certUserDBAuthMgr + + + + cabulkissuance + com.netscape.cms.servlet.cert.EnrollServlet + unauthorizedTemplate + /agent/ca/bulkissuance.template + rejectedTemplate + /agent/ca/bulkissuance.template + svcpendingTemplate + /agent/ca/bulkissuance.template + resourceID + certServer.ca.request.enrollment + GetClientCert + true + authority + ca + interface + agent + ID + cabulkissuance + errorTemplate + /agent/ca/bulkissuance.template + unexpectedErrorTemplate + /agent/ca/bulkissuance.template + pendingTemplate + /agent/ca/bulkissuance.template + AuthzMgr + BasicAclAuthz + successTemplate + /agent/ca/bulkissuance.template + AuthMgr + certUserDBAuthMgr + + + + caQueryBySerial + com.netscape.cms.servlet.base.DisplayHtmlServlet + GetClientCert + true + htmlPath + /agent/ca/queryBySerial.html + authority + ca + interface + agent + ID + caQueryBySerial + unauthorizedTemplate + /agent/GenUnauthorized.template + AuthMgr + certUserDBAuthMgr + + + + camasterCAUpdateCRL + com.netscape.cms.servlet.cert.UpdateCRL + GetClientCert + true + AuthzMgr + BasicAclAuthz + authority + ca + templatePath + /agent/ca/updateCRL.template + interface + agent + ID + camasterCAUpdateCRL + resourceID + certServer.ca.crl + AuthMgr + certUserDBAuthMgr + + + + camasterCADisplayCRL + com.netscape.cms.servlet.cert.DisplayCRL + GetClientCert + true + AuthzMgr + BasicAclAuthz + authority + ca + templatePath + /agent/ca/displayCRL.template + interface + agent + ID + camasterCADisplayCRL + resourceID + certServer.ca.crl + AuthMgr + certUserDBAuthMgr + + + + camasterCAGetInfo + com.netscape.cms.servlet.cert.GetInfo + GetClientCert + true + AuthzMgr + BasicAclAuthz + authority + ca + interface + agent + ID + camasterCAGetInfo + resourceID + certServer.ca.crl + AuthMgr + certUserDBAuthMgr + + + + caProfileSubmit + com.netscape.cms.servlet.profile.ProfileSubmitServlet + GetClientCert + false + AuthzMgr + BasicAclAuthz + authorityId + ca + interface + ee + ID + caProfileSubmit + templatePath + /ee/ca/ProfileSubmit.template + resourceID + certServer.ee.profile + + + + caRenewal + com.netscape.cms.servlet.cert.RenewalServlet + GetClientCert + true + successTemplate + /ca/RenewalSuccess.template + AuthzMgr + BasicAclAuthz + authority + ca + interface + ee + ID + caRenewal + resourceID + certServer.ee.certificate + AuthMgr + sslClientCertAuthMgr + + + + caGetCertFromRequest + com.netscape.cms.servlet.cert.GetCertFromRequest + GetClientCert + false + successTemplate + /ee/ca/ImportCert.template + AuthzMgr + BasicAclAuthz + authority + ca + interface + ee + ID + caGetCertFromRequest + resourceID + certServer.ee.certificate + importCert + true + + + + caGetCRL + com.netscape.cms.servlet.cert.GetCRL + GetClientCert + false + AuthzMgr + BasicAclAuthz + authority + ca + interface + ee + templatePath + /ee/ca/displayCRL.template + ID + caGetCRL + resourceID + certServer.ee.crl + + + + caGetBySerial + com.netscape.cms.servlet.cert.GetBySerial + GetClientCert + false + successTemplate + /ee/ca/ImportCert.template + importCertTemplate + /ee/ca/ImportAdminCert.template + AuthzMgr + BasicAclAuthz + authority + ca + interface + ee + ID + caGetBySerial + resourceID + certServer.ee.certificate + interface + ee + + + + caGetAdminBySerial + com.netscape.cms.servlet.cert.GetBySerial + GetClientCert + false + successTemplate + /admin/ca/ImportCert.template + importCertTemplate + /admin/ca/ImportAdminCert.template + AuthzMgr + BasicAclAuthz + authority + ca + interface + admin + ID + caGetAdminBySerial + resourceID + certServer.admin.certificate + interface + admin + + + + cacertbasedenrollment + com.netscape.cms.servlet.cert.EnrollServlet + GetClientCert + true + successTemplate + /ca/EnrollSuccess.template + AuthzMgr + BasicAclAuthz + authority + ca + interface + ee + ID + cacertbasedenrollment + resourceID + certServer.ee.request.enrollment + + + + caProfileSelect + com.netscape.cms.servlet.profile.ProfileSelectServlet + GetClientCert + false + AuthzMgr + BasicAclAuthz + authorityId + ca + interface + ee + ID + caProfileSelect + templatePath + /ee/ca/ProfileSelect.template + resourceID + certServer.ee.profile + + + + caenrollment + com.netscape.cms.servlet.cert.EnrollServlet + GetClientCert + false + successTemplate + /ca/EnrollSuccess.template + AuthzMgr + BasicAclAuthz + authority + ca + interface + ee + ID + caenrollment + resourceID + certServer.ee.request.enrollment + + + + caCheckRequest + com.netscape.cms.servlet.request.CheckRequest + GetClientCert + false + AuthzMgr + BasicAclAuthz + authority + ca + interface + ee + templatePath + /ee/ca/requestStatus.template + ID + caCheckRequest + resourceID + certServer.ee.requestStatus + + + + caOCSP + com.netscape.cms.servlet.ocsp.OCSPServlet + GetClientCert + false + AuthzMgr + BasicAclAuthz + authority + ca + interface + ee + ID + caOCSP + resourceID + certServer.ee.request.ocsp + + + + caDoRevoke1 + com.netscape.cms.servlet.cert.DoRevokeTPS + GetClientCert + true + AuthzMgr + BasicAclAuthz + authority + ca + interface + ee + templatePath + /ee/ca/revocationResult.template + ID + caDoRevoke1 + AuthMgr + certUserDBAuthMgr + resourceID + certServer.ca.certificates + + + + caSrchCerts + com.netscape.cms.servlet.cert.SrchCerts + GetClientCert + false + AuthzMgr + BasicAclAuthz + authority + ca + interface + ee + templatePath + /ee/ca/srchCert.template + ID + caSrchCerts + resourceID + certServer.ee.certificates + timeLimits + 10 + + + + caDynamicVariables + com.netscape.cms.servlet.base.DynamicVariablesServlet + ID + caDynamicVariables + GetClientCert + false + dynamicVariables + serverdate=serverdate(),subsystemname=subsystemname(),http=http(),authmgrs=authmgrs(),clacrlurl=clacrlurl() + authority + ca + interface + ee + + + + caDynamicVariables-agent + com.netscape.cms.servlet.base.DynamicVariablesServlet + ID + caDynamicVariables + GetClientCert + true + dynamicVariables + serverdate=serverdate(),subsystemname=subsystemname(),http=http(),authmgrs=authmgrs(),clacrlurl=clacrlurl() + authority + ca + interface + agent + + + + caDynamicVariables-admin + com.netscape.cms.servlet.base.DynamicVariablesServlet + ID + caDynamicVariables + GetClientCert + false + dynamicVariables + serverdate=serverdate(),subsystemname=subsystemname(),http=http(),authmgrs=authmgrs(),clacrlurl=clacrlurl() + authority + ca + interface + admin + + + + caProfileSubmitCMCSimple + com.netscape.cms.servlet.profile.ProfileSubmitCMCServlet + GetClientCert + false + cert_request_type + pkcs10 + profileId + caSimpleCMCUserCert + AuthzMgr + BasicAclAuthz + outputFormat + cmc + authorityId + ca + ID + caProfileSubmitCMCSimple + templatePath + /ee/ca/ProfileSubmit.template + resourceID + certServer.ee.profile + interface + ee + + + + caDisplayCertFromRequest + com.netscape.cms.servlet.cert.GetCertFromRequest + GetClientCert + false + successTemplate + /ee/ca/displayCertFromRequest.template + AuthzMgr + BasicAclAuthz + authority + ca + ID + caDisplayCertFromRequest + resourceID + certServer.ee.certificate + importCert + false + interface + ee + + + + caListCerts + com.netscape.cms.servlet.cert.ListCerts + GetClientCert + false + AuthzMgr + BasicAclAuthz + authority + ca + templatePath + /ee/ca/queryCert.template + ID + caListCerts + resourceID + certServer.ee.certificates + interface + ee + maxResults + 1000 + + + + caProfileSubmitSSLClient + com.netscape.cms.servlet.profile.ProfileSubmitServlet + GetClientCert + false + AuthzMgr + BasicAclAuthz + authorityId + ca + ID + caProfileSubmitSSLClient + templatePath + /ee/ca/ProfileSubmit.template + resourceID + certServer.ee.profile + interface + ee + + + + caGetCAChain + com.netscape.cms.servlet.cert.GetCAChain + GetClientCert + false + AuthzMgr + BasicAclAuthz + authority + ca + templatePath + /ee/ca/displayCaCert.template + ID + caGetCAChain + resourceID + certServer.ee.certchain + interface + ee + + + + caProfileSubmitCMCFull + com.netscape.cms.servlet.profile.ProfileSubmitCMCServlet + GetClientCert + false + cert_request_type + cmc + profileId + caFullCMCUserCert + AuthzMgr + BasicAclAuthz + authorityId + ca + ID + caProfileSubmitCMCFull + templatePath + /ee/ca/ProfileSubmit.template + resourceID + certServer.ee.profile + interface + ee + + + + caProfileList + com.netscape.cms.servlet.profile.ProfileListServlet + GetClientCert + false + AuthzMgr + BasicAclAuthz + authorityId + ca + ID + caProfileList + templatePath + /ee/ca/ProfileList.template + resourceID + certServer.ee.profiles + interface + ee + + + + caCMCRevReq + com.netscape.cms.servlet.cert.CMCRevReqServlet + GetClientCert + false + AuthzMgr + BasicAclAuthz + authority + ca + templatePath + /ee/ca/revocationResult.template + ID + caCMCRevReq + AuthMgr + CMCAuth + resourceID + certServer.ca.certificates + interface + ee + + + + caDoUnrevoke1 + com.netscape.cms.servlet.cert.DoUnrevokeTPS + GetClientCert + true + AuthzMgr + BasicAclAuthz + authority + ca + ID + caDoUnrevoke1 + AuthMgr + certUserDBAuthMgr + resourceID + certServer.ca.certificate + interface + ee + + + + caDisplayBySerial + com.netscape.cms.servlet.cert.DisplayBySerial + GetClientCert + false + AuthzMgr + BasicAclAuthz + authority + ca + templatePath + /ee/ca/displayBySerial.template + ID + caDisplayBySerial + resourceID + certServer.ee.certificate + interface + ee + + + + caRevocation + com.netscape.cms.servlet.cert.RevocationServlet + GetClientCert + true + successTemplate + /ee/ca/reasonToRevoke.template + AuthzMgr + BasicAclAuthz + authority + ca + ID + caRevocation + resourceID + certServer.ee.request.revocation + AuthMgr + sslClientCertAuthMgr + interface + ee + + + + caGetInfo + com.netscape.cms.servlet.cert.GetInfo + GetClientCert + false + AuthzMgr + BasicAclAuthz + authority + ca + ID + caGetInfo + resourceID + certServer.ee.crl + interface + ee + + + + caGetSubsystemCert + com.netscape.cms.servlet.csadmin.GetSubsystemCert + GetClientCert + false + AuthzMgr + BasicAclAuthz + authority + ca + ID + caGetSubsystemCert + resourceID + certServer.ee.certificate + interface + ee + + + + caDoRevoke + com.netscape.cms.servlet.cert.DoRevoke + GetClientCert + false + AuthzMgr + BasicAclAuthz + authority + ca + templatePath + /ee/ca/revocationResult.template + interface + ee + ID + caDoRevoke + resourceID + certServer.ee.certificates + interface + ee + + + + caSecurityDomainLogin + com.netscape.cms.servlet.csadmin.SecurityDomainLogin + properties + /WEB-INF/velocity.properties + GetClientCert + false + AuthzMgr + BasicAclAuthz + authority + ca + ID + caSecurityDomainLogin + resourceID + certServer.ee.certificates + + + + caGetCookie + com.netscape.cms.servlet.csadmin.GetCookie + properties + /WEB-INF/velocity.properties + GetClientCert + false + AuthzMgr + BasicAclAuthz + authority + ca + ID + caGetCookie + AuthMgr + passwdUserDBAuthMgr + templatePath + /admin/ca/sendCookie.template + errorTemplatePath + /admin/ca/securitydomainlogin.template + + + + caTokenAuthenticate + com.netscape.cms.servlet.csadmin.TokenAuthenticate + GetClientCert + false + authority + ca + ID + caTokenAuthenticate + interface + ee + + + + caGetTokenInfo + com.netscape.cms.servlet.csadmin.GetTokenInfo + GetClientCert + false + authority + ca + ID + caGetTokenInfo + interface + ee + + + + caProxyProfileSubmit + com.netscape.cms.servlet.base.ProxyServlet + destServlet + /ee/ca/profileSubmit + + + + caProxyBulkIssuance + com.netscape.cms.servlet.base.ProxyServlet + destServlet + /agent/ca/bulkissuance + + + + caSCEP + com.netscape.cms.servlet.cert.scep.CRSEnrollment + authority + ca + profileId + caRouterCert + + + + caRASCEP + com.netscape.cms.servlet.cert.scep.CRSEnrollment + authority + ca + profileId + caRARouterCert + + + + caProxyDoRevoke + com.netscape.cms.servlet.base.ProxyServlet + destServlet + /agent/ca/doRevoke + + +[PKI_OPEN_SEPARATE_PORTS_WEB_COMMENT] + + AgentRequestFilter + /agent/* + /ca/getCertFromRequest + /ca/getBySerial + /ca/connector + /ca/displayCertFromRequest + /doRevoke + + + + AdminRequestFilter + /admin/* + /auths + /acl + /server + /caadmin + /caprofile + /jobsScheduler + /capublisher + /log + /ug + + + + EEClientAuthRequestFilter + /eeca/* + + + + EERequestFilter + /ee/* + /renewal + /certbasedenrollment + /ocsp + /enrollment + /profileSubmit + /cgi-bin/pkiclient.exe + +[PKI_CLOSE_SEPARATE_PORTS_WEB_COMMENT] + + + caacl + /acl + + + + caug + /ug + + + + caserver + /server + + + + capolicy + /capolicy + + + + calog + /log + + + + caGetAdminCertBySerial + /ca/getAdminCertBySerial + + + + caGetConfigEntries + /admin/ca/getConfigEntries + + + + caGetDomainXML + /admin/ca/getDomainXML + + + + caUpdateDomainXML + /agent/ca/updateDomainXML + + + + caUpdateNumberRange + /ee/ca/updateNumberRange + + + + caDownloadPKCS12 + /admin/console/config/savepkcs12 + + + + caGetCertChain + /ee/ca/getCertChain + + + + caGetCertChainAdmin + /admin/ca/getCertChain + + + + caGetStatus + /admin/ca/getStatus + + + + caca + /caadmin + + + + caregistry + /registry + + + + caauths + /auths + + + + castart + /start + + + + caprofile + /caprofile + + + + caDynamicVariables + /ee/dynamicVars.js + + + + caDynamicVariables-agent + /agent/dynamicVars.js + + + + caDynamicVariables-admin + /admin/dynamicVars.js + + + + cajobsScheduler + /jobsScheduler + + + + caadminEnroll + /admin/ca/adminEnroll + + + + capublisher + /capublisher + + + + caGetOCSPInfo + /agent/ca/getOCSPInfo + + + + caUpdateDir + /agent/ca/updateDir + + + + caGetCertFromRequest-agent + /ca/getCertFromRequest + + + + caGetBySerial-agent + /ca/getBySerial + + + + caProfileSelect-agent + /agent/ca/profileSelect + + + + caindex + /index + + + + caMonitor + /agent/ca/monitor + + + + caReasonToRevoke + /agent/ca/reasonToRevoke + + + + caListRequests + /agent/ca/listRequests.html + + + + casearchReqs + /agent/ca/searchReqs + + + + caProfileApprove + /agent/ca/profileApprove + + + + caUpdateDirectory + /agent/ca/updateDir.html + + + + caProfileReview + /agent/ca/profileReview + + + + caConnector + /ca/connector + + + + caSrchCerts-agent + /agent/ca/srchCerts + + + + caheader + /agent/header + + + + caDisplayCertFromRequest-agent + /ca/displayCertFromRequest + + + + caListCerts-agent + /agent/ca/listCerts + + + + caqueryReq + /agent/ca/queryReq + + + + caProcessReq + /agent/ca/processReq + + + + caports + /ee/ca/ports + + + + caSrchCert + /agent/ca/srchCert.html + + + + caProfileList-agent + /agent/ca/profileList + + + + caDisplayBySerial-agent + /agent/ca/displayBySerial + + + + caSrchRevokeCert + /agent/ca/srchRevokeCert.html + + + + caDoUnrevoke + /agent/ca/doUnrevoke + + + + caDoRevoke-agent + /agent/ca/doRevoke + + + + caProfileProcess + /agent/ca/profileProcess + + + + caProcessCertReq + /agent/ca/processCertReq + + + + cabulkissuance + /agent/ca/bulkissuance + + + + caQueryBySerial + /agent/ca/queryBySerial.html + + + + camasterCAUpdateCRL + /agent/ca/updateCRL + + + + camasterCADisplayCRL + /agent/ca/displayCRL + + + + camasterCAGetInfo + /agent/ca/getInfo + + + + caProfileSubmit + /ee/ca/profileSubmit + + + + caRenewal + /renewal + + + + caGetCertFromRequest + /ee/ca/getCertFromRequest + + + + caGetCRL + /ee/ca/getCRL + + + + caGetBySerial + /ee/ca/getBySerial + + + + caGetAdminBySerial + /admin/ca/getBySerial + + + + cacertbasedenrollment + /certbasedenrollment + + + + caProfileSelect + /ee/ca/profileSelect + + + + caenrollment + /enrollment + + + + caCheckRequest + /ee/ca/checkRequest + + + + caOCSP + /ocsp + + + + caDoRevoke1 + /ee/subsystem/ca/doRevoke + + + + caStats + /agent/ca/getStats + + + + caSrchCerts + /ee/ca/srchCerts + + + + caProfileSubmitCMCSimple + /ee/ca/profileSubmitCMCSimple + + + + caDisplayCertFromRequest + /ee/ca/displayCertFromRequest + + + + caListCerts + /ee/ca/listCerts + + + + caProfileSubmitSSLClient + /eeca/ca/profileSubmitSSLClient + + + + caGetCertFromRequest + /eeca/ca/getCertFromRequest + + + + caProfileSubmitSSLClient + /ee/ca/profileSubmitSSLClient + + + + caGetCAChain + /ee/ca/getCAChain + + + + caProfileSubmitCMCFull + /ee/ca/profileSubmitCMCFull + + + + caProfileList + /ee/ca/profileList + + + + caCMCRevReq + /ee/ca/CMCRevReq + + + + caDoUnrevoke1 + /ee/subsystem/ca/doUnrevoke + + + + caDisplayBySerial + /ee/ca/displayBySerial + + + + caRevocation + /ee/ca/revocation + + + + caGetInfo + /ee/ca/getInfo + + + + caDoRevoke + /ee/ca/doRevoke + + + + csadmin-login + /admin/console/config/login + + + + csadmin-wizard + /admin/console/config/wizard + + + + caUpdateConnector + /admin/ca/updateConnector + + + + caRegisterUser + /admin/ca/registerUser + + + + caRegisterRaUser + /admin/ca/registerRaUser + + + + services + /services + + + + caGetSubsystemCert + /admin/ca/getSubsystemCert + + + + caSecurityDomainLogin + /admin/ca/securityDomainLogin + + + + caGetCookie + /admin/ca/getCookie + + + + caTokenAuthenticate + /ee/ca/tokenAuthenticate + + + + caGetTokenInfo + /ee/ca/getTokenInfo + + + + caUpdateOCSPConfig + /ee/ca/updateOCSPConfig + + + + caProxyProfileSubmit + /profileSubmit + + + + caProxyBulkIssuance + /agent/bulkissuance + + + + caProxyDoRevoke + /doRevoke + + + + caSCEP + /cgi-bin/pkiclient.exe + + + + caRASCEP + /ee/ca/pkiclient + + + + + + + + + + 30 + + + -- cgit