------------------------------------------------------------------- Thu Nov 9 11:42:15 MST 2006 - jluciani@novell.com - Completed the ATS configuration story with a tool that sets up all of the needed configuration files and parameters with support for a single LDAP Realm and server. ------------------------------------------------------------------- Tue Nov 7 10:42:24 MST 2006 - jluciani@novell.com - The service is now only accessible via SSL. - Created tools for editing settings and policy files. ------------------------------------------------------------------- Fri Oct 20 09:53:55 MDT 2006 - jluciani@novell.com - Modified the CasaAuthTokenSvc war file to no longer include the identity-abstraction jars. The CASA_auth_token_svc rpm now requires the installation of the identity-abstraction rpm and the service is able to load its files from the location where they are installed with settings set in the server.xml file of our tomcat base. ------------------------------------------------------------------- Wed Oct 18 17:22:01 MDT 2006 - jluciani@novell.com - Updated the RPM install of the ATS to install it as a service and create the necessary signing keys. - Made changes to other components to integrate with the new RPM install changes. ------------------------------------------------------------------- Tue Oct 10 08:45:22 MDT 2006 - jluciani@novell.com - Brought up to date the README and TODO files. ------------------------------------------------------------------- Thu Sep 21 15:41:18 MDT 2006 - jluciani@novell.com - Reduced Kerberos configuration requirements. Now the ATS service principal name defaults to "host" and there is no need to set the "javax.security.auth.useSubjectCredsOnly" system property to "false" in the JAVA_OPTS. ------------------------------------------------------------------- Mon Sep 18 11:18:00 MDT 2006 - jluciani@novell.com - Updated the Svc to reduce the configuration requirements on services that want to leverage the infrastructure. - Modified the WSSecurity module to not include the X509 certificate in tokens if they are targeted to services residing on the same box as the ATS. This is being done in order to minimize the size of the tokens. ------------------------------------------------------------------- Thu Sep 14 09:57:00 MDT 2006 - jluciani@novell.com - Made changes to support the Authtoken Validate Service. This now fixes support of "C" services. - Switched to using IBMs java instead of SUNs. This was done in order to gain better Kerberos support (IBMs Kerberos modul supports more encryption types) and to get around a problem in SUN's Invocation API that was not letting us consume our AuthToken class from a native thread other than the thread which creates the JVM. ------------------------------------------------------------------- Fri Aug 18 11:49:22 MDT 2006 - jluciani@novell.com - Implemented securing Authentication and Session Tokens using WS-Security. This change temporarily breaks support of "C" services. "C" service support will be resumed once the necessary changes are made to the native authentication token APIs to support the new Authentication Tokens. ------------------------------------------------------------------- Mon Aug 14 14:25:27 MDT 2006 - jluciani@novell.com - Added some debug statements and added the sample Jaas application into the tar file that is submitted to autobuild. ------------------------------------------------------------------- Mon Aug 7 10:28:32 MDT 2006 - schoi@novell.com - This file has been created for CASA_auth_token_svc project for the first time. -------------------------------------------------------------------