diff --git a/CASA-auth-token/server-java/Svc/linux/Makefile.am b/CASA-auth-token/server-java/Svc/linux/Makefile.am index 49b2f4ac..61f42069 100644 --- a/CASA-auth-token/server-java/Svc/linux/Makefile.am +++ b/CASA-auth-token/server-java/Svc/linux/Makefile.am @@ -37,6 +37,7 @@ EXTRA_DIST = CasaAuthtokenSvcD \ CasaIdenTokenSettingsEditor.sh \ CasaSvcSettingsEditor.sh \ CasaTomcatConnectorEditor.sh \ + CasaIaRealmsEditor.sh \ log4j.properties ROOT = ../.. @@ -60,6 +61,7 @@ IDEN_TOKEN_SETTINGS_EDITOR_MODULE_NAME = CasaIdenTokenSettingsEditor SVC_SETTINGS_EDITOR_MODULE_NAME = CasaSvcSettingsEditor AUTH_POLICY_EDITOR_MODULE_NAME = CasaAuthPolicyEditor TOMCAT_CONNECTOR_EDITOR_MODULE_NAME = CasaTomcatConnectorEditor +IAREALMS_EDITOR_MODULE_NAME = CasaIaRealmsEditor JAVAFILES = ../src/com/novell/casa/authtoksvc/ProtoDefs.java \ ../src/com/novell/casa/authtoksvc/AuthMechConfig.java \ @@ -95,7 +97,8 @@ JAVAFILES = ../src/com/novell/casa/authtoksvc/ProtoDefs.java \ ../src/com/novell/casa/authtoksvc/RealmsInfo.java \ ../src/com/novell/casa/authtoksvc/SecureTokenUtil.java \ ../src/com/novell/casa/authtoksvc/SvcSettingsEditor.java \ - ../src/com/novell/casa/authtoksvc/TomcatConnectorEditor.java + ../src/com/novell/casa/authtoksvc/TomcatConnectorEditor.java \ + ../src/com/novell/casa/authtoksvc/IaRealmsEditor.java BUILDDIR = ../build @@ -120,6 +123,8 @@ AUTH_POLICY_EDITOR_FILES = -C $(BUILDDIR)/webapp/WEB-INF/classes com/novell/casa TOMCAT_CONNECTOR_EDITOR_FILES = -C $(BUILDDIR)/webapp/WEB-INF/classes com/novell/casa/authtoksvc/TomcatConnectorEditor.class +IAREALMS_EDITOR_FILES = -C $(BUILDDIR)/webapp/WEB-INF/classes com/novell/casa/authtoksvc/IaRealmsEditor.class + WEBAPP = $(WEBAPP_NAME).$(WEBAPP_EXT) AUTH_TOKEN_SETTINGS_EDITOR = $(AUTH_TOKEN_SETTINGS_EDITOR_MODULE_NAME).$(MODULE_EXT) @@ -132,6 +137,8 @@ AUTH_POLICY_EDITOR = $(AUTH_POLICY_EDITOR_MODULE_NAME).$(MODULE_EXT) TOMCAT_CONNECTOR_EDITOR = $(TOMCAT_CONNECTOR_EDITOR_MODULE_NAME).$(MODULE_EXT) +IAREALMS_EDITOR = $(IAREALMS_EDITOR_MODULE_NAME).$(MODULE_EXT) + CLASSES = $(addprefix $(BUILDDIR)/, $(JAVAFILES:%.java=%.class)) XMLSEC_LIBS = $(XMLSEC_JARS_DIR)/xmlsec-1.4.0.jar @@ -141,7 +148,7 @@ CLASSPATH = $(XMLSEC_LIBS):$(IDENT_ABSTRACTION_DIR)/identity-abstraction.jar:$(I CUR_DIR := $(shell pwd) -all: $(BUILDDIR)/$(WEBAPP) $(BUILDDIR)/$(MODULE_NAME).$(MODULE_EXT) $(BUILDDIR)/$(AUTH_TOKEN_SETTINGS_EDITOR) $(BUILDDIR)/$(IDEN_TOKEN_SETTINGS_EDITOR) $(BUILDDIR)/$(SVC_SETTINGS_EDITOR) $(BUILDDIR)/$(AUTH_POLICY_EDITOR) $(BUILDDIR)/$(TOMCAT_CONNECTOR_EDITOR) +all: $(BUILDDIR)/$(WEBAPP) $(BUILDDIR)/$(MODULE_NAME).$(MODULE_EXT) $(BUILDDIR)/$(AUTH_TOKEN_SETTINGS_EDITOR) $(BUILDDIR)/$(IDEN_TOKEN_SETTINGS_EDITOR) $(BUILDDIR)/$(SVC_SETTINGS_EDITOR) $(BUILDDIR)/$(AUTH_POLICY_EDITOR) $(BUILDDIR)/$(TOMCAT_CONNECTOR_EDITOR) $(BUILDDIR)/$(IAREALMS_EDITOR) $(BUILDDIR)/%.class: %.java @echo [======== Compiling $@ ========] @@ -196,6 +203,11 @@ $(BUILDDIR)/$(TOMCAT_CONNECTOR_EDITOR): $(BUILDDIR) $(CLASSES) jar cvmf $(MANIFEST_DIR)/TomcatConnectorEditor.txt $(BUILDDIR)/$(TOMCAT_CONNECTOR_EDITOR) $(TOMCAT_CONNECTOR_EDITOR_FILES) cp $(BUILDDIR)/$(TOMCAT_CONNECTOR_EDITOR) $(LIBDIR)/java/ +$(BUILDDIR)/$(IAREALMS_EDITOR): $(BUILDDIR) $(CLASSES) + @echo [======== Jarring $@ ========] + jar cvmf $(MANIFEST_DIR)/IaRealmsEditor.txt $(BUILDDIR)/$(IAREALMS_EDITOR) $(IAREALMS_EDITOR_FILES) + cp $(BUILDDIR)/$(IAREALMS_EDITOR) $(LIBDIR)/java/ + $(BUILDDIR): [ -d $(BUILDDIR) ] || mkdir -p $(BUILDDIR) [ -d $(BUILDDIR)/webapp ] || mkdir -p $(BUILDDIR)/webapp diff --git a/CASA-auth-token/server-java/Svc/manifest/IaRealmsEditor.txt b/CASA-auth-token/server-java/Svc/manifest/IaRealmsEditor.txt new file mode 100644 index 00000000..3e5309fd --- /dev/null +++ b/CASA-auth-token/server-java/Svc/manifest/IaRealmsEditor.txt @@ -0,0 +1,3 @@ +Main-Class: com.novell.casa.authtoksvc.IaRealmsEditor +Class-Path: /usr/share/java/identity-abstraction/bandit-util-0.2.285.jar /usr/share/java/identity-abstraction/castor-1.0.4.jar /usr/share/java/jakarta-commons-logging-1.0.4.jar + diff --git a/CASA-auth-token/server-java/Svc/manifest/Makefile.am b/CASA-auth-token/server-java/Svc/manifest/Makefile.am index 4c3b1e52..b1f9ab87 100644 --- a/CASA-auth-token/server-java/Svc/manifest/Makefile.am +++ b/CASA-auth-token/server-java/Svc/manifest/Makefile.am @@ -30,7 +30,8 @@ EXTRA_DIST = AuthPolicyEditor.txt \ AuthTokenSettingsEditor.txt \ IdenTokenSettingsEditor.txt \ SvcSettingsEditor.txt \ - TomcatConnectorEditor.txt + TomcatConnectorEditor.txt \ + IaRealmsEditor.txt .PHONY: package package-clean package-install package-uninstall package package-clean package-install package-uninstall: diff --git a/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/AuthPolicyEditor.java b/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/AuthPolicyEditor.java index 4508b617..4ff72958 100644 --- a/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/AuthPolicyEditor.java +++ b/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/AuthPolicyEditor.java @@ -135,11 +135,11 @@ public final class AuthPolicyEditor } catch (IOException e) { - System.out.println("Error writing to file " + filePath + ", exception: " + e.toString()); + System.err.println("Error writing to file " + filePath + ", exception: " + e.toString()); } catch (SecurityException e) { - System.out.println("SecurityException writting to file " + filePath); + System.err.println("SecurityException writting to file " + filePath); } finally { @@ -281,7 +281,9 @@ public final class AuthPolicyEditor if (auth_source_node.getNodeType() == Node.ELEMENT_NODE && auth_source_node.getLocalName().equalsIgnoreCase("auth_source")) { - System.out.println("Auth_Source: "); + // IMPORTANT WARNING - Do not change the output format without changing utilities + // that depend on it such as the yast2-ats module. + System.out.println("Auth_Source:"); // We are dealing with an auth_source, display its children. Node child; @@ -293,15 +295,15 @@ public final class AuthPolicyEditor { if (child.getLocalName().equalsIgnoreCase("realm")) { - System.out.println(" Identity source: " + child.getTextContent()); + System.out.println("\tIdentity Source:" + child.getTextContent()); } else if (child.getLocalName().equalsIgnoreCase("mechanism")) { - System.out.println(" Authentication Mechanism: " + child.getTextContent()); + System.out.println("\tAuthentication Mechanism:" + child.getTextContent()); } else if (child.getLocalName().equalsIgnoreCase("mechanism_info")) { - System.out.println(" Authentication Mechanism Info: " + child.getTextContent()); + System.out.println("\tAuthentication Mechanism Info:" + child.getTextContent()); } } } @@ -345,16 +347,16 @@ public final class AuthPolicyEditor } else { - System.out.println("File " + filePath + " already exists"); + System.err.println("File " + filePath + " already exists"); } } catch (IOException e) { - System.out.println("Error creating file " + filePath + ", exception: " + e.toString()); + System.err.println("Error creating file " + filePath + ", exception: " + e.toString()); } catch (SecurityException e) { - System.out.println("SecurityException creating " + filePath); + System.err.println("SecurityException creating " + filePath); } finally { @@ -439,7 +441,7 @@ public final class AuthPolicyEditor } else { - System.out.println("Invalid entry format"); + System.err.println("Invalid entry format"); } } @@ -492,7 +494,7 @@ public final class AuthPolicyEditor } else { - System.out.println("Invalid entry format"); + System.err.println("Invalid entry format"); } } @@ -607,7 +609,7 @@ public final class AuthPolicyEditor } else { - System.out.println("Invalid entry format"); + System.err.println("Invalid entry format"); } } @@ -676,7 +678,7 @@ public final class AuthPolicyEditor // Remove current entry if it matches if (realmMatch && mechanismMatch) { - System.out.println("RemovingChild"); + System.err.println("RemovingChild"); root.removeChild(auth_source_node); // Update the file @@ -688,7 +690,7 @@ public final class AuthPolicyEditor } else { - System.out.println("Invalid entry format"); + System.err.println("Invalid entry format"); } } @@ -844,7 +846,7 @@ public final class AuthPolicyEditor { if (filePath != null && op != null) { - System.out.println("Dealing with policy file: " + filePath); + System.err.println("Dealing with policy file: " + filePath); // Proceed based on the operation requested if (op.compareTo("list") == 0) diff --git a/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/AuthTokenSettingsEditor.java b/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/AuthTokenSettingsEditor.java index ab80b211..eabc000c 100644 --- a/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/AuthTokenSettingsEditor.java +++ b/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/AuthTokenSettingsEditor.java @@ -70,7 +70,7 @@ public final class AuthTokenSettingsEditor implements IVerifySetting else if (setting.equalsIgnoreCase(AuthTokenConfig.IdentityTokenType)) result = true; else - System.out.println("Invalid setting specified"); + System.err.println("Invalid setting specified"); return result; } @@ -100,7 +100,7 @@ public final class AuthTokenSettingsEditor implements IVerifySetting } catch (NumberFormatException e) { - System.out.println("Invalid setting value specified"); + System.err.println("Invalid setting value specified"); } } else if (setting.equalsIgnoreCase(AuthTokenConfig.LifetimeShorter)) @@ -115,7 +115,7 @@ public final class AuthTokenSettingsEditor implements IVerifySetting } catch (NumberFormatException e) { - System.out.println("Invalid setting value specified"); + System.err.println("Invalid setting value specified"); } } else if (setting.equalsIgnoreCase(AuthTokenConfig.IdentityTokenType)) @@ -124,7 +124,7 @@ public final class AuthTokenSettingsEditor implements IVerifySetting validSetting = AuthTokenConfig.IdentityTokenType; } else - System.out.println("Invalid setting specified"); + System.err.println("Invalid setting specified"); return validSetting; } @@ -276,7 +276,7 @@ public final class AuthTokenSettingsEditor implements IVerifySetting { if (filePath != null && op != null) { - System.out.println("Dealing with settings file: " + filePath); + System.err.println("Dealing with settings file: " + filePath); // Proceed based on the operation requested if (op.compareTo("list") == 0) diff --git a/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/IaRealmsEditor.java b/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/IaRealmsEditor.java new file mode 100644 index 00000000..93e7d371 --- /dev/null +++ b/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/IaRealmsEditor.java @@ -0,0 +1,742 @@ +/*********************************************************************** + * + * Copyright (C) 2006 Novell, Inc. All Rights Reserved. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; version 2.1 + * of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Library Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, Novell, Inc. + * + * To contact Novell about this file by physical or electronic mail, + * you may find current contact information at www.novell.com. + * + * Author: Juan Carlos Luciani + * + ***********************************************************************/ + +package com.novell.casa.authtoksvc; + +import org.bandit.util.config.gen.*; +import org.bandit.util.config.gen.types.ConnectorTypeType; +import org.w3c.dom.Document; +import org.xml.sax.InputSource; +import org.apache.xerces.parsers.DOMParser; +import org.apache.xml.serialize.OutputFormat; +import org.apache.xml.serialize.XMLSerializer; + +import java.io.*; + +/** + * + * Class for the creation and editing of iaRealms.xml files. + * + */ +public final class IaRealmsEditor +{ + private static final String usage = + "usage: IaRealmsEditor -op [realmId [-type dirType -url ldapUrl -sr ldapSearchRootCtx ...]] -file iaRealmsFilePath\n\n" + + " where:\n" + + " -op - Corresponds to one of the following operations:\n" + + " -create - Create new iaRealms.xml file\n" + + " -list - List the realm identifiers\n" + + " -get - Get realm info, must be followed by realmId parameter\n" + + " -set - Set realm info, must be followed by realmId parameters\n" + + " -type - Directory type\n" + + " -url - LDAP Server URL\n" + + " -sr - LDAP Search Root Context\n" + + " -file - Path the iaRealms.xml file\n" + + " realmId - Identifier of realm being retrieved or set\n" + + " dirType - Directory type specifier (eDir or ActiveDirectory)\n" + + " ldapUrl - URL of LDAP Server\n" + + " ldapSearchRootCtx - LDAP Search Root Context (LDAP Notation)\n" + + " Notes: The \"type\", \"url\", and \"sr\" settings are only valid for set operations.\n" + + " The \"url\" and \"sr\" parameters can be specified multiple times.\n"; + + // iaRealms.xml file template + private static final String iaRealms = + "" + + ""; + + /** + * Gets a starting iaRealms document. + * + * @return Starting iaRealms document. + */ + private static Document getIaRealmsDoc() + { + Document doc = null; + StringReader reader = null; + + try + { + reader = new StringReader(iaRealms); + InputSource source = new InputSource(reader); + + DOMParser parser = new DOMParser(); + parser.parse(source); + doc = parser.getDocument(); + } + catch (Exception e) + { + System.err.println("Program error, exception: " + e.toString()); + } + finally + { + if (reader != null) + { + try + { + reader.close(); + } + catch (Exception e) + { + // Do nothing + } + } + } + + return doc; + } + + /** + * List the realms configured in the specified iaRealms.xml file. + * + * @param filePath Path to the iaRealms.xml file. + * @return True if the operation is successfully performed. + */ + private static boolean performListOperation(String filePath) + { + boolean opPerformed = false; + + // List the id of the realms present in the iaRealms.xml file + // + // Go through all of the configured realms + FileReader fileReader = null; + try + { + // IMPORTANT WARNING - Do not change the output format without changing utilities + // that depend on it such as the yast2-ats module. + fileReader = new FileReader(filePath); + RealmsType realmsType = Realms.unmarshal(fileReader); + for (int i = 0; i < realmsType.getRealmsTypeItemCount(); i++) + { + RealmsTypeItem realmsTypeItem = realmsType.getRealmsTypeItem(i); + org.bandit.util.config.gen.Realm realm = realmsTypeItem.getRealm(); + if (realm.getDesc().equalsIgnoreCase("Directory")) + { + // We are dealing with a directory realm, display its Id. + System.out.println(realm.getId()); + } + + // Success + opPerformed = true; + } + } + catch (Exception e) + { + System.err.println("Error: " + e.getMessage()); + } + finally + { + if (fileReader != null) + { + try + { + fileReader.close(); + } + catch (IOException e) + { + // Do nothing + } + } + } + + return opPerformed; + } + + /** + * Create iaRealms.xml file. + * + * @param filePath Path to the iaRealms.xml file. + * @return True if the operation is successfully performed. + */ + private static boolean performCreateOperation(String filePath) + { + boolean opPerformed = false; + + // Create a iaRealms.xml file + Document doc = getIaRealmsDoc(); + if (doc != null) + { + FileOutputStream out = null; + + try + { + File f = new File(filePath); + boolean createStatus = f.createNewFile(); + if (createStatus) + { + out = new FileOutputStream(f); + OutputFormat format = new OutputFormat(doc); + XMLSerializer serializer = new XMLSerializer(out, format); + serializer.serialize(doc.getDocumentElement()); + + opPerformed = true; + } + else + { + System.err.println("File " + filePath + " already exists"); + } + } + catch (IOException e) + { + System.err.println("Error creating file " + filePath + ", exception: " + e.toString()); + } + catch (SecurityException e) + { + System.err.println("SecurityException creating " + filePath); + } + finally + { + if (out != null) + { + try + { + out.flush(); + out.close(); + } + catch (IOException e) + { + // Do nothing + } + } + } + } + + return opPerformed; + } + + /** + * Get realm entry information from specified iaRealms.xml file. + * + * @param filePath Path to the iaRealms.xml file. + * @param realmId Realm identifier. + * @return True if operation is successfully performed. + */ + private static boolean performGetOperation(String filePath, String realmId) + { + boolean opPerformed = false; + + // Get realm information from iaRealms.xml file + // + // Go through all of the configured realms + FileReader fileReader = null; + try + { + fileReader = new FileReader(filePath); + RealmsType realmsType = Realms.unmarshal(fileReader); + for (int i = 0; i < realmsType.getRealmsTypeItemCount(); i++) + { + RealmsTypeItem realmsTypeItem = realmsType.getRealmsTypeItem(i); + org.bandit.util.config.gen.Realm realm = realmsTypeItem.getRealm(); + if (realm.getDesc().equalsIgnoreCase("Directory")) + { + // We are dealing with a directory realm, check if it is the one that we + // are looking for. + if (realm.getId().equals(realmId)) + { + // Extract the needed information about the realm + String dirType = null; + String[] searchRoots = null; + String[] ldapUrls = null; + RealmTypeItem[] realmTypeItems = realm.getRealmTypeItem(); + for (int ii = 0; ii < realmTypeItems.length; ii++) + { + // Find the configure Proxy User Name for the realm and any configured + // search roots. + if (realmTypeItems[ii].getConnection() == null) + { + Env env[] = realmTypeItems[ii].getEnv(); + if (env != null) + { + for (int iii = 0; iii < env.length; iii++) + { + if (env[iii].getProp().equalsIgnoreCase("com.novell.casa.authtoksvc.searchroot")) + { + // We are dealing with a search root, keep track of it. Make sure to preserve the order + // in which they are found. + if (searchRoots == null) + { + searchRoots = new String[1]; + searchRoots[0] = env[iii].getValue(); + } + else + { + String[] newSearchRoots = new String[searchRoots.length + 1]; + System.arraycopy(searchRoots, 0, newSearchRoots, 0, searchRoots.length); + newSearchRoots[searchRoots.length] = env[iii].getValue(); + searchRoots = newSearchRoots; + } + } + else if (env[iii].getProp().equalsIgnoreCase("com.novell.casa.authtoksvc.directory_type")) + { + // We are dealing with a directory type, decode it and record the result. + dirType = env[iii].getValue(); + } + } + } + } + else + { + // Obtain the LDAP Url information + LDAPConnector connector = (LDAPConnector) realmTypeItems[ii].getConnection(); + ldapUrls = new String[connector.getAddressCount()]; + for (int iii = 0; iii < ldapUrls.length; iii++) + { + ldapUrls[iii] = connector.getAddress(iii); + } + } + } + + // Display the information if successful + if (dirType != null + && ldapUrls != null) + { + // IMPORTANT WARNING - Do not change the output format without changing utilities + // that depend on it such as the yast2-ats module. + System.out.println("DirType"); + System.out.println("\t" + dirType); + if (searchRoots != null) + { + System.out.println("SearchRoots"); + for (int ii = 0; ii < searchRoots.length; ii++) + System.out.println("\t" + searchRoots[ii]); + } + System.out.println("LdapUrls"); + for (int ii = 0; ii < ldapUrls.length; ii++) + System.out.println("\t" + ldapUrls[ii]); + + // Success + opPerformed = true; + } + + // No need to look any further + break; + } + } + } + } + catch (Exception e) + { + System.err.println("Error: " + e.getMessage()); + } + finally + { + if (fileReader != null) + { + try + { + fileReader.close(); + } + catch (IOException e) + { + // Do nothing + } + } + } + + return opPerformed; + } + + /** + * Set realm entry in specified iaRealms.xml file. + * + * @param filePath Path to the iaRealms.xml file. + * @param realmId Realm identifier. + * @param dirType Directory type. + * @param ldapUrls List of LDAP URLs. + * @param searchRoots List of Search Roots (may be null). + * @return True if operation is successfully performed. + */ + private static boolean performSetOperation(String filePath, + String realmId, + String dirType, + String[] ldapUrls, + String[] searchRoots) + { + boolean opPerformed = false; + + // Set realm information in iaRealms.xml file + FileReader fileReader = null; + try + { + fileReader = new FileReader(filePath); + RealmsType realmsType = Realms.unmarshal(fileReader); + + // Start RealmsTypeItem setup + RealmsTypeItem realmsTypeItem = new RealmsTypeItem(); + org.bandit.util.config.gen.Realm realm = new org.bandit.util.config.gen.Realm(); + realm.setDesc("Directory"); + realm.setConnectorType(ConnectorTypeType.ORG_BANDIT_IA_CONNECTORS_LDAPCONNECTORINITIALCTXFACTORY); + realm.setId(realmId); + + // Set the RealmTypeItems + RealmTypeItem[] realmTypeItems = new RealmTypeItem[2]; + + RealmTypeItem envRealmTypeItem = new RealmTypeItem(); + Env[] env; + if (searchRoots != null) + env = new Env[4 + searchRoots.length]; + else + env = new Env[4]; + for (int i = 0; i < env.length; i++) + env[i] = new Env(); + + env[0].setProp("java.naming.security.authentication"); + env[0].setValue("simple"); + env[1].setProp("java.naming.referral"); + env[1].setValue("follow"); + env[2].setProp("com.novell.casa.authtoksvc.directory_type"); + env[2].setValue(dirType); + if (dirType.equals("eDir")) + { + env[3].setProp("java.naming.ldap.attribute.binary"); + env[3].setValue("guid"); + } + else + { + env[3].setProp("java.naming.ldap.attribute.binary"); + env[3].setValue("objectGUID"); + } + if (searchRoots != null) + { + for (int i = 0; i < searchRoots.length; i++) + { + env[4 + i].setProp("com.novell.casa.authtoksvc.searchroot"); + env[4 + i].setValue(searchRoots[i]); + } + } + envRealmTypeItem.setEnv(env); + realmTypeItems[0] = envRealmTypeItem; + + RealmTypeItem connRealmTypeItem = new RealmTypeItem(); + LDAPConnector connector = new LDAPConnector(); + connector.setAddress(ldapUrls); + connRealmTypeItem.setConnection(connector); + realmTypeItems[1] = connRealmTypeItem; + + // Associate the items + realm.setRealmTypeItem(realmTypeItems); + realmsTypeItem.setRealm(realm); + realmsType.addRealmsTypeItem(realmsTypeItem); + + // Write the file out + Writer fileWriter = null; + try + { + File f = new File(filePath); + fileWriter = new FileWriter(f); + realmsType.marshal(fileWriter); + + opPerformed = true; + } + catch (IOException e) + { + System.err.println("Error creating file " + filePath + ", exception: " + e.toString()); + } + catch (SecurityException e) + { + System.err.println("SecurityException creating " + filePath); + } + finally + { + if (fileWriter != null) + { + try + { + fileWriter.flush(); + fileWriter.close(); + } + catch (IOException e) + { + // Do nothing + } + } + } + } + catch (Exception e) + { + System.err.println("Error: " + e.getMessage()); + } + finally + { + if (fileReader != null) + { + try + { + fileReader.close(); + } + catch (IOException e) + { + // Do nothing + } + } + } + + return opPerformed; + } + + /** + * Applications Entry Point + * + * @param args Argument. + */ + public static void main(String[] args) + { + String op = null; + boolean opPerformed = false; + boolean argumentsError = false; + String filePath = null; + String realmId = null; + String dirType = null; + String[] searchRoots = null; + String[] ldapUrls = null; + + // Process the command line arguments + for (int i = 0; i < args.length; i++) + { + // Proceed based on the command + if (args[i].equalsIgnoreCase("-file")) + { + // The next argument should contain the filepath + if (args.length > (i + 1)) + { + filePath = args[i + 1]; + i++; + } + else + { + argumentsError = true; + break; + } + } + else if (args[i].equalsIgnoreCase("-list")) + { + // List operation requested + if (op == null) + { + op = "list"; + } + else + { + argumentsError = true; + break; + } + } + else if (args[i].equalsIgnoreCase("-create")) + { + // List operation requested + if (op == null) + { + op = "create"; + } + else + { + argumentsError = true; + break; + } + } + else if (args[i].equalsIgnoreCase("-get")) + { + // Get setting operation requested + if (op == null) + { + op = "get"; + + // The next argument should contain the realm identifier + if (args.length > (i + 1)) + { + realmId = args[i + 1]; + i++; + } + else + { + argumentsError = true; + break; + } + } + else + { + argumentsError = true; + break; + } + } + else if (args[i].equalsIgnoreCase("-set")) + { + // Set setting operation requested + if (op == null) + { + op = "set"; + + // The next argument should contain the realm identifier + if (args.length > (i + 1)) + { + realmId = args[i + 1]; + i++; + } + else + { + argumentsError = true; + break; + } + } + else + { + argumentsError = true; + break; + } + } + else if (args[i].equalsIgnoreCase("-type")) + { + // Directory type specified + // + // The next argument should contain the type + if (args.length > (i + 1)) + { + dirType = args[i + 1]; + i++; + } + else + { + argumentsError = true; + break; + } + } + else if (args[i].equalsIgnoreCase("-url")) + { + // LDAP URL specified + // + // The next argument should contain the URL + if (args.length > (i + 1)) + { + // Make sure to preserve the order in which they are found + if (ldapUrls == null) + { + ldapUrls = new String[1]; + ldapUrls[0] = args[i + 1]; + } + else + { + String[] newLdapUrls = new String[ldapUrls.length + 1]; + System.arraycopy(ldapUrls, 0, newLdapUrls, 0, ldapUrls.length); + newLdapUrls[ldapUrls.length] = args[i + 1]; + ldapUrls = newLdapUrls; + } + + i++; + } + else + { + argumentsError = true; + break; + } + } + else if (args[i].equalsIgnoreCase("-sr")) + { + // Search Root specified + // + // The next argument should contain the Search Root + if (args.length > (i + 1)) + { + // Make sure to preserve the order in which they are found + if (searchRoots == null) + { + searchRoots = new String[1]; + searchRoots[0] = args[i + 1]; + } + else + { + String[] newSearchRoots = new String[searchRoots.length + 1]; + System.arraycopy(searchRoots, 0, newSearchRoots, 0, searchRoots.length); + newSearchRoots[searchRoots.length] = args[i + 1]; + searchRoots = newSearchRoots; + } + + i++; + } + else + { + argumentsError = true; + break; + } + } + else + { + argumentsError = true; + } + } + + // Proceed based on the specified parameters + if (argumentsError == false) + { + if (filePath != null && op != null) + { + System.err.println("Dealing with iaRealms.xml file: " + filePath); + + // Proceed based on the operation requested + if (op.compareTo("list") == 0) + { + opPerformed = performListOperation(filePath); + } + else if (op.compareTo("create") == 0) + { + opPerformed = performCreateOperation(filePath); + } + else if (op.compareTo("get") == 0) + { + opPerformed = performGetOperation(filePath, realmId); + } + else if (op.compareTo("set") == 0) + { + if (dirType != null && ldapUrls != null) + { + opPerformed = performSetOperation(filePath, realmId, dirType, ldapUrls, searchRoots); + } + else + { + argumentsError = true; + } + } + else + { + System.err.println("Tool error"); + } + } + else + { + argumentsError = true; + } + } + + // Display the usage string if we encountered an error with the + // command line arguments. + if (argumentsError) + System.out.print(usage); + + // Set the exit code appropriatedly + if (opPerformed) + System.exit(0); + else + System.exit(1); + } +} diff --git a/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/IdenTokenSettingsEditor.java b/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/IdenTokenSettingsEditor.java index d2741ef6..4b185164 100644 --- a/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/IdenTokenSettingsEditor.java +++ b/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/IdenTokenSettingsEditor.java @@ -67,7 +67,7 @@ public final class IdenTokenSettingsEditor implements IVerifySetting else if (setting.equalsIgnoreCase(IdenTokenConfig.Attributes)) result = true; else - System.out.println("Invalid setting specified"); + System.err.println("Invalid setting specified"); return result; } @@ -96,7 +96,7 @@ public final class IdenTokenSettingsEditor implements IVerifySetting validSetting = IdenTokenConfig.Attributes; } else - System.out.println("Invalid setting specified"); + System.err.println("Invalid setting specified"); return validSetting; } @@ -249,7 +249,7 @@ public final class IdenTokenSettingsEditor implements IVerifySetting { if (filePath != null && op != null) { - System.out.println("Dealing with settings file: " + filePath); + System.err.println("Dealing with settings file: " + filePath); // Proceed based on the operation requested if (op.compareTo("list") == 0) diff --git a/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/Makefile.am b/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/Makefile.am index c5a4521e..9f09e928 100644 --- a/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/Makefile.am +++ b/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/Makefile.am @@ -58,7 +58,8 @@ JAVAFILES = ProtoDefs.java \ RealmsInfo.java \ SvcSettingsEditor.java \ SecureTokenUtil.java \ - TomcatConnectorEditor.java + TomcatConnectorEditor.java \ + IaRealmsEditor.java EXTRA_DIST = $(JAVAFILES) \ Krb5_mechanism.settings \ diff --git a/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/SettingsFileUtil.java b/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/SettingsFileUtil.java index acef64a1..fd451c4b 100644 --- a/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/SettingsFileUtil.java +++ b/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/SettingsFileUtil.java @@ -166,6 +166,9 @@ public final class SettingsFileUtil if (doc != null) { // Go through the elements of the document + // + // IMPORTANT WARNING - Do not change the output format without changing utilities + // that depend on it such as the yast2-ats module. Element root = doc.getDocumentElement(); Node child; Node next = root.getFirstChild(); @@ -217,16 +220,16 @@ public final class SettingsFileUtil } else { - System.out.println("File " + filePath + " already exists"); + System.err.println("File " + filePath + " already exists"); } } catch (IOException e) { - System.out.println("Error creating file " + filePath + ", exception: " + e.toString()); + System.err.println("Error creating file " + filePath + ", exception: " + e.toString()); } catch (SecurityException e) { - System.out.println("SecurityException creating " + filePath); + System.err.println("SecurityException creating " + filePath); } finally { @@ -271,6 +274,9 @@ public final class SettingsFileUtil { // Go through the elements of the document until // we find the one specified. + // + // IMPORTANT WARNING - Do not change the output format without changing utilities + // that depend on it such as the yast2-ats module. Element root = doc.getDocumentElement(); Node child; Node next = root.getFirstChild(); @@ -381,11 +387,11 @@ public final class SettingsFileUtil } catch (IOException e) { - System.out.println("Error writing to file " + filePath + ", exception: " + e.toString()); + System.err.println("Error writing to file " + filePath + ", exception: " + e.toString()); } catch (SecurityException e) { - System.out.println("SecurityException writting to file " + filePath); + System.err.println("SecurityException writting to file " + filePath); } finally { @@ -473,11 +479,11 @@ public final class SettingsFileUtil } catch (IOException e) { - System.out.println("Error writing to file " + filePath + ", exception: " + e.toString()); + System.err.println("Error writing to file " + filePath + ", exception: " + e.toString()); } catch (SecurityException e) { - System.out.println("SecurityException writting to file " + filePath); + System.err.println("SecurityException writting to file " + filePath); } finally { diff --git a/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/SvcSettingsEditor.java b/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/SvcSettingsEditor.java index 8cab4ad3..75c20211 100644 --- a/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/SvcSettingsEditor.java +++ b/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/SvcSettingsEditor.java @@ -83,7 +83,7 @@ public final class SvcSettingsEditor implements IVerifySetting else if (setting.equalsIgnoreCase(SvcConfig.SigningKeyPassword)) result = true; else - System.out.println("Invalid setting specified"); + System.err.println("Invalid setting specified"); return result; } @@ -113,7 +113,7 @@ public final class SvcSettingsEditor implements IVerifySetting } catch (NumberFormatException e) { - System.out.println("Invalid setting value specified"); + System.err.println("Invalid setting value specified"); } } else if (setting.equalsIgnoreCase(SvcConfig.LifetimeShorter)) @@ -128,7 +128,7 @@ public final class SvcSettingsEditor implements IVerifySetting } catch (NumberFormatException e) { - System.out.println("Invalid setting value specified"); + System.err.println("Invalid setting value specified"); } } else if (setting.equalsIgnoreCase(SvcConfig.IdentityAbstractionConfigFile)) @@ -139,12 +139,12 @@ public final class SvcSettingsEditor implements IVerifySetting File f = new File(value); if (f.exists() == false) { - System.out.println("Warning: File " + value + " does not exist"); + System.err.println("Warning: File " + value + " does not exist"); } } catch (SecurityException e) { - System.out.println("Warning: Not able to access file " + value); + System.err.println("Warning: Not able to access file " + value); } // Always succeed @@ -162,7 +162,7 @@ public final class SvcSettingsEditor implements IVerifySetting } catch (NumberFormatException e) { - System.out.println("Invalid setting value specified"); + System.err.println("Invalid setting value specified"); } } else if (setting.equalsIgnoreCase(SvcConfig.SigningKeyAliasName)) @@ -174,7 +174,7 @@ public final class SvcSettingsEditor implements IVerifySetting validSetting = SvcConfig.SigningKeyPassword; } else - System.out.println("Invalid setting specified"); + System.err.println("Invalid setting specified"); return validSetting; } @@ -326,7 +326,7 @@ public final class SvcSettingsEditor implements IVerifySetting { if (filePath != null && op != null) { - System.out.println("Dealing with settings file: " + filePath); + System.err.println("Dealing with settings file: " + filePath); // Proceed based on the operation requested if (op.compareTo("list") == 0) diff --git a/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/TomcatConnectorEditor.java b/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/TomcatConnectorEditor.java index 355ac406..a5be6a93 100644 --- a/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/TomcatConnectorEditor.java +++ b/CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/TomcatConnectorEditor.java @@ -354,7 +354,7 @@ public final class TomcatConnectorEditor { if (filePath != null) { - System.out.println("Dealing with properties file: " + filePath); + System.err.println("Dealing with properties file: " + filePath); // Process the properties if (processProperties(filePath) == 0) diff --git a/CASA-auth-token/server-java/package/linux/CASA_auth_token_svc.spec.in b/CASA-auth-token/server-java/package/linux/CASA_auth_token_svc.spec.in index 7b5db1d3..1c5b9813 100644 --- a/CASA-auth-token/server-java/package/linux/CASA_auth_token_svc.spec.in +++ b/CASA-auth-token/server-java/package/linux/CASA_auth_token_svc.spec.in @@ -147,6 +147,7 @@ install -m 755 %{_lib}/java/CasaIdenTokenSettingsEditor.jar %{buildroot}%{prefix install -m 755 %{_lib}/java/CasaSvcSettingsEditor.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/CasaSvcSettingsEditor-%{bldno}.jar install -m 755 %{_lib}/java/CasaAuthPolicyEditor.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/CasaAuthPolicyEditor-%{bldno}.jar install -m 755 %{_lib}/java/CasaTomcatConnectorEditor.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/CasaTomcatConnectorEditor-%{bldno}.jar +install -m 755 %{_lib}/java/CasaIaRealmsEditor.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/CasaIaRealmsEditor-%{bldno}.jar # Symbolic Links ln -sf CasaAuthTokenSvc-%{bldno}.war %{buildroot}%{prefix}/share/java/CASA/authtoken/CasaAuthTokenSvc.war @@ -155,6 +156,7 @@ ln -sf CasaIdenTokenSettingsEditor-%{bldno}.jar %{buildroot}%{prefix}/share/java ln -sf CasaSvcSettingsEditor-%{bldno}.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/CasaSvcSettingsEditor.jar ln -sf CasaAuthPolicyEditor-%{bldno}.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/CasaAuthPolicyEditor.jar ln -sf CasaTomcatConnectorEditor-%{bldno}.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/CasaTomcatConnectorEditor.jar +ln -sf CasaIaRealmsEditor-%{bldno}.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/CasaIaRealmsEditor.jar # Settings and configuration files install -m 600 Svc/templates/svc.settings %{buildroot}/etc/CASA/authtoken/svc/templates/svc.settings @@ -173,6 +175,7 @@ install -m 700 Svc/linux/server_keystore_setup.sh %{buildroot}%{prefix}/share/ja install -m 700 Svc/linux/CasaBasicATSSetup.sh %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/CasaBasicATSSetup.sh install -m 700 Svc/linux/CasaAuthPolicyEditor.sh %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/CasaAuthPolicyEditor.sh install -m 700 Svc/linux/CasaTomcatConnectorEditor.sh %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/CasaTomcatConnectorEditor.sh +install -m 700 Svc/linux/CasaIaRealmsEditor.sh %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/CasaIaRealmsEditor.sh install -m 700 Svc/linux/CasaAuthTokenSettingsEditor.sh %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/CasaAuthTokenSettingsEditor.sh install -m 700 Svc/linux/CasaIdenTokenSettingsEditor.sh %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/CasaIdenTokenSettingsEditor.sh install -m 700 Svc/linux/CasaSvcSettingsEditor.sh %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/CasaSvcSettingsEditor.sh @@ -260,6 +263,7 @@ rm -f /srv/www/casaats/conf/server.xml %{prefix}/share/java/CASA/authtoken/bin/CasaBasicATSSetup.sh %{prefix}/share/java/CASA/authtoken/bin/CasaAuthPolicyEditor.sh %{prefix}/share/java/CASA/authtoken/bin/CasaTomcatConnectorEditor.sh +%{prefix}/share/java/CASA/authtoken/bin/CasaIaRealmsEditor.sh %{prefix}/share/java/CASA/authtoken/bin/CasaAuthTokenSettingsEditor.sh %{prefix}/share/java/CASA/authtoken/bin/CasaIdenTokenSettingsEditor.sh %{prefix}/share/java/CASA/authtoken/bin/CasaSvcSettingsEditor.sh @@ -273,6 +277,8 @@ rm -f /srv/www/casaats/conf/server.xml %{prefix}/share/java/CASA/authtoken/bin/CasaAuthPolicyEditor.jar %{prefix}/share/java/CASA/authtoken/bin/CasaTomcatConnectorEditor-%{bldno}.jar %{prefix}/share/java/CASA/authtoken/bin/CasaTomcatConnectorEditor.jar +%{prefix}/share/java/CASA/authtoken/bin/CasaIaRealmsEditor-%{bldno}.jar +%{prefix}/share/java/CASA/authtoken/bin/CasaIaRealmsEditor.jar /etc/init.d/casa_atsd %defattr(-,casaatsd,casaauth) %dir /srv/www/casaats diff --git a/CASA-auth-token/server-java/package/linux/CASA_auth_token_svc_4zen.spec.in b/CASA-auth-token/server-java/package/linux/CASA_auth_token_svc_4zen.spec.in index 724804c1..e0f9049f 100644 --- a/CASA-auth-token/server-java/package/linux/CASA_auth_token_svc_4zen.spec.in +++ b/CASA-auth-token/server-java/package/linux/CASA_auth_token_svc_4zen.spec.in @@ -147,6 +147,7 @@ install -m 755 %{_lib}/java/CasaIdenTokenSettingsEditor.jar %{buildroot}%{prefix install -m 755 %{_lib}/java/CasaSvcSettingsEditor.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/CasaSvcSettingsEditor-%{bldno}.jar install -m 755 %{_lib}/java/CasaAuthPolicyEditor.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/CasaAuthPolicyEditor-%{bldno}.jar install -m 755 %{_lib}/java/CasaTomcatConnectorEditor.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/CasaTomcatConnectorEditor-%{bldno}.jar +install -m 755 %{_lib}/java/CasaIaRealmsEditor.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/CasaIaRealmsEditor-%{bldno}.jar # Symbolic Links ln -sf CasaAuthTokenSvc-%{bldno}.war %{buildroot}%{prefix}/share/java/CASA/authtoken/CasaAuthTokenSvc.war @@ -155,6 +156,7 @@ ln -sf CasaIdenTokenSettingsEditor-%{bldno}.jar %{buildroot}%{prefix}/share/java ln -sf CasaSvcSettingsEditor-%{bldno}.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/CasaSvcSettingsEditor.jar ln -sf CasaAuthPolicyEditor-%{bldno}.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/CasaAuthPolicyEditor.jar ln -sf CasaTomcatConnectorEditor-%{bldno}.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/CasaTomcatConnectorEditor.jar +ln -sf CasaIaRealmsEditor-%{bldno}.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/CasaIaRealmsEditor.jar # Settings and configuration files install -m 600 Svc/templates/svc.settings %{buildroot}/etc/CASA/authtoken/svc/templates/svc.settings @@ -173,6 +175,7 @@ install -m 700 Svc/linux/server_keystore_setup.sh %{buildroot}%{prefix}/share/ja install -m 700 Svc/linux/CasaBasicATSSetup.sh %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/CasaBasicATSSetup.sh install -m 700 Svc/linux/CasaAuthPolicyEditor.sh %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/CasaAuthPolicyEditor.sh install -m 700 Svc/linux/CasaTomcatConnectorEditor.sh %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/CasaTomcatConnectorEditor.sh +install -m 700 Svc/linux/CasaIaRealmsEditor.sh %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/CasaIaRealmsEditor.sh install -m 700 Svc/linux/CasaAuthTokenSettingsEditor.sh %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/CasaAuthTokenSettingsEditor.sh install -m 700 Svc/linux/CasaIdenTokenSettingsEditor.sh %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/CasaIdenTokenSettingsEditor.sh install -m 700 Svc/linux/CasaSvcSettingsEditor.sh %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/CasaSvcSettingsEditor.sh @@ -260,6 +263,7 @@ rm -f /srv/www/casaats/conf/server.xml %{prefix}/share/java/CASA/authtoken/bin/CasaBasicATSSetup.sh %{prefix}/share/java/CASA/authtoken/bin/CasaAuthPolicyEditor.sh %{prefix}/share/java/CASA/authtoken/bin/CasaTomcatConnectorEditor.sh +%{prefix}/share/java/CASA/authtoken/bin/CasaIaRealmsEditor.sh %{prefix}/share/java/CASA/authtoken/bin/CasaAuthTokenSettingsEditor.sh %{prefix}/share/java/CASA/authtoken/bin/CasaIdenTokenSettingsEditor.sh %{prefix}/share/java/CASA/authtoken/bin/CasaSvcSettingsEditor.sh @@ -273,6 +277,8 @@ rm -f /srv/www/casaats/conf/server.xml %{prefix}/share/java/CASA/authtoken/bin/CasaAuthPolicyEditor.jar %{prefix}/share/java/CASA/authtoken/bin/CasaTomcatConnectorEditor-%{bldno}.jar %{prefix}/share/java/CASA/authtoken/bin/CasaTomcatConnectorEditor.jar +%{prefix}/share/java/CASA/authtoken/bin/CasaIaRealmsEditor-%{bldno}.jar +%{prefix}/share/java/CASA/authtoken/bin/CasaIaRealmsEditor.jar /etc/init.d/casa_atsd %defattr(-,casaatsd,casaauth) %dir /srv/www/casaats