From 33b820c1eb537b8f66bfd95182268bfa1cb10e13 Mon Sep 17 00:00:00 2001 From: Juan Carlos Luciani Date: Mon, 13 Aug 2007 16:48:13 +0000 Subject: [PATCH] Changed the structure used to hold realms from a map to a list in order to avoid having the order in which the realms are entered altered. --- .../yast2-casa-ats/src/CasaAts.ycp | 988 +++++------ .../yast2-casa-ats/src/dialogs.ycp | 1494 ++++++++--------- 2 files changed, 1239 insertions(+), 1243 deletions(-) diff --git a/CASA-auth-token/yast2-casa-ats/src/CasaAts.ycp b/CASA-auth-token/yast2-casa-ats/src/CasaAts.ycp index 5bc35b23..b02bf41f 100644 --- a/CASA-auth-token/yast2-casa-ats/src/CasaAts.ycp +++ b/CASA-auth-token/yast2-casa-ats/src/CasaAts.ycp @@ -21,11 +21,11 @@ ***********************************************************************/ /** - * File: modules/CasaAts.ycp - * Package: Configuration of casa-ats - * Summary: CasaAts settings, input and output functions - * Authors: Juan Carlos Luciani - * Ryan Partridge + * File: modules/CasaAts.ycp + * Package: Configuration of casa-ats + * Summary: CasaAts settings, input and output functions + * Authors: Juan Carlos Luciani + * Ryan Partridge * * $Id: CasaAts.ycp 27914 2006-02-13 14:32:08Z locilka $ * @@ -104,7 +104,7 @@ global boolean() AbortFunction = Modified; global define boolean Abort() ``{ if(AbortFunction != nil) { - return AbortFunction () == true; + return AbortFunction () == true; } return false; } @@ -154,11 +154,11 @@ boolean ModifyFirewallPort() */ global boolean Read() { - y2milestone("Read Executing"); + y2milestone("Read Executing"); - string cmd = ""; - map ret = $[]; - integer exit = -1; + string cmd = ""; + map ret = $[]; + integer exit = -1; /* CasaAts read dialog caption */ string caption = _("Initializing CASA ATS Configuration"); @@ -171,263 +171,263 @@ global boolean Read() { // We do not set help text here, because it was set outside Progress::New( caption, " ", steps, [ - /* Progress stage 1/2 */ - _("Read the previous settings"), - /* Progress stage 2/2 */ - _("Read the firewall status") - ], [ - /* Progress step 1/2 */ - _("Reading the settings file..."), - /* Progress step 2/2 */ - _("Reading the firewall status..."), - /* Progress finished */ - _("Finished") - ], - "" + /* Progress stage 1/2 */ + _("Read the previous settings"), + /* Progress stage 2/2 */ + _("Read the firewall status") + ], [ + /* Progress step 1/2 */ + _("Reading the settings file..."), + /* Progress step 2/2 */ + _("Reading the firewall status..."), + /* Progress finished */ + _("Finished") + ], + "" ); // Read settings if (Abort()) return false; Progress::NextStage(); - // Set defaults - Settings["CONFIG_CASAATS_ENABLE"] = false; - Settings["CONFIG_CASAATS_DIRECT_ACCESS"] = true;; - Settings["CONFIG_CASAATS_WEB_ACCESS"] = false; - Settings["CONFIG_CASAATS_RECONFIG_INTERVAL"] = 60; + // Set defaults + Settings["CONFIG_CASAATS_ENABLE"] = false; + Settings["CONFIG_CASAATS_DIRECT_ACCESS"] = true;; + Settings["CONFIG_CASAATS_WEB_ACCESS"] = false; + Settings["CONFIG_CASAATS_RECONFIG_INTERVAL"] = 60; if (FileUtils::Exists("/etc/sysconfig/casa-ats")) { Settings["CONFIG_CASAATS_ENABLE"] = tolower((string)SCR::Read(.sysconfig.casa-ats.CONFIG_CASAATS_ENABLE)) == "yes"; - if ((Settings["CONFIG_CASAATS_ENABLE"]:false) == true) { - cmd = svcSettingsEditor + " -get ReconfigureInterval -file " + svcSettingsFile; - ret = (map) SCR::Execute(.target.bash_output, cmd); - integer exit = ret["exit"]:-1; - if (exit == 0) { - string cmd_output = ret["stdout"]:""; - list output_lines = splitstring(cmd_output, "\n"); - list reconfigIntervalLineComponents = splitstring(output_lines[0]:"ReconfigureInterval=60", "="); - Settings["CONFIG_CASAATS_RECONFIG_INTERVAL"] = tointeger(reconfigIntervalLineComponents[1]:"60"); - } - } + if ((Settings["CONFIG_CASAATS_ENABLE"]:false) == true) { + cmd = svcSettingsEditor + " -get ReconfigureInterval -file " + svcSettingsFile; + ret = (map) SCR::Execute(.target.bash_output, cmd); + integer exit = ret["exit"]:-1; + if (exit == 0) { + string cmd_output = ret["stdout"]:""; + list output_lines = splitstring(cmd_output, "\n"); + list reconfigIntervalLineComponents = splitstring(output_lines[0]:"ReconfigureInterval=60", "="); + Settings["CONFIG_CASAATS_RECONFIG_INTERVAL"] = tointeger(reconfigIntervalLineComponents[1]:"60"); + } + } } if (false) Report::Error(_("Cannot read settings file.")); sleep(sl); - // Read the trusted server config - y2milestone("Reading trusted server config"); - list trustedServerList = []; + // Read the trusted server config + y2milestone("Reading trusted server config"); + list trustedServerList = []; if (SCR::Read(.target.size, trustedServerConfigFile) > 0) { - string trustedServerListString = (string) SCR::Read(.target.string, trustedServerConfigFile); - if (trustedServerListString != nil) { - trustedServerList = splitstring(trustedServerListString, "\n"); - } - else { - y2error("Failed to read from " + trustedServerConfigFile); - } - } - Settings["CONFIG_CASAATS_TRUSTED"] = trustedServerList; + string trustedServerListString = (string) SCR::Read(.target.string, trustedServerConfigFile); + if (trustedServerListString != nil) { + trustedServerList = splitstring(trustedServerListString, "\n"); + } + else { + y2error("Failed to read from " + trustedServerConfigFile); + } + } + Settings["CONFIG_CASAATS_TRUSTED"] = trustedServerList; - // Check if we need to read the server configuration - if ((Settings["CONFIG_CASAATS_ENABLE"]:false) == true) { + // Check if we need to read the server configuration + if ((Settings["CONFIG_CASAATS_ENABLE"]:false) == true) { - // Read the auth.policy information - cmd = sformat("%1 -list -file %2", authPolicyEditor, authPolicyFile); - ret = (map) SCR::Execute(.target.bash_output, cmd); - map authPolicy = $[]; - exit = ret["exit"]:-1; - if (exit != 0) - y2error("Failed to read realm info from " + iaRealmsFile); - else { - string cmd_output = ret["stdout"]:""; - list authPolicyLines = splitstring(cmd_output, "\n"); - string realmId = ""; - string mechanism = ""; - foreach(string line, authPolicyLines, { - if (tolower(line) == "auth_source:") { - realmId = ""; - mechanism = ""; - } - else - { - list lineComponents = splitstring(line, "\t"); - foreach(string component, lineComponents, { - if (component != "") { - list settingValue = splitstring(component, ":"); - if (tolower(settingValue[0]:"") == "identity source") { - realmId = settingValue[1]:""; - } - else if (tolower(settingValue[0]:"") == "authentication mechanism") { - mechanism = settingValue[1]:""; - } - } - }); - } + // Read the auth.policy information + cmd = sformat("%1 -list -file %2", authPolicyEditor, authPolicyFile); + ret = (map) SCR::Execute(.target.bash_output, cmd); + map authPolicy = $[]; + exit = ret["exit"]:-1; + if (exit != 0) + y2error("Failed to read realm info from " + iaRealmsFile); + else { + string cmd_output = ret["stdout"]:""; + list authPolicyLines = splitstring(cmd_output, "\n"); + string realmId = ""; + string mechanism = ""; + foreach(string line, authPolicyLines, { + if (tolower(line) == "auth_source:") { + realmId = ""; + mechanism = ""; + } + else + { + list lineComponents = splitstring(line, "\t"); + foreach(string component, lineComponents, { + if (component != "") { + list settingValue = splitstring(component, ":"); + if (tolower(settingValue[0]:"") == "identity source") { + realmId = settingValue[1]:""; + } + else if (tolower(settingValue[0]:"") == "authentication mechanism") { + mechanism = settingValue[1]:""; + } + } + }); + } - if (realmId != "" && mechanism != "") { - map authMechs = (map) authPolicy[realmId]:$[]; - authMechs[mechanism] = true; - authPolicy[realmId] = authMechs; - } - }); - } + if (realmId != "" && mechanism != "") { + map authMechs = (map) authPolicy[realmId]:$[]; + authMechs[mechanism] = true; + authPolicy[realmId] = authMechs; + } + }); + } - // Get a list of the configured realms in the iaRealms.xml file - cmd = iaRealmsEditor + " -list -file " + iaRealmsFile; - ret = (map) SCR::Execute(.target.bash_output, cmd); - exit = ret["exit"]:-1; - if (exit != 0) - y2error("Failed to read configured realms from " + iaRealmsFile); - else { - string cmd_output = ret["stdout"]:""; - list realmIdList = splitstring(cmd_output, "\n"); - map realms = $[]; + // Get a list of the configured realms in the iaRealms.xml file + cmd = iaRealmsEditor + " -list -file " + iaRealmsFile; + ret = (map) SCR::Execute(.target.bash_output, cmd); + exit = ret["exit"]:-1; + if (exit != 0) + y2error("Failed to read configured realms from " + iaRealmsFile); + else { + string cmd_output = ret["stdout"]:""; + list realmIdList = splitstring(cmd_output, "\n"); + list realms = []; - // Read the information about each realm - foreach(string realmId, realmIdList, { - // Make sure that it is a valid id - if (realmId != "") { - // Read the realm info from the iaRealms.xml file - cmd = sformat("%1 -get %2 -file %3", iaRealmsEditor, realmId, iaRealmsFile); - ret = (map) SCR::Execute(.target.bash_output, cmd); - exit = ret["exit"]:-1; - if (exit != 0) - y2error("Failed to read realm info from " + iaRealmsFile); - else { - cmd_output = ret["stdout"]:""; - list realmIdComponents = splitstring(cmd_output, "\n"); - map realm = $[]; - list ldapUrls = []; - list searchRoots = []; - string stage = ""; - - realm["REALM_ID"] = realmId; - - foreach(string component, realmIdComponents, { - if (tolower(component) == "dirtype") { - stage = "DirType"; - } - else if (tolower(component) == "searchroots") { - stage = "SearchRoots"; - } - else if (tolower(component) == "ldapurls") { - stage = "LdapUrls"; - } - else { - if (stage == "DirType") { - if (component == "\teDir") { - y2milestone("%1 is eDir", realmId); - realm["EDIR_TYPE"] = true; - realm["AD_TYPE"] = false; - } - else { - y2milestone("%1 is %2", realmId, component); - realm["EDIR_TYPE"] = false; - realm["AD_TYPE"] = true; - } - } - else if (stage == "SearchRoots") { - list ctxList = splitstring(component, "\t"); - foreach(string value, ctxList, { - if (value != "") { - y2milestone("%1 ctx added", value); - searchRoots = add(searchRoots, value); - } - }); - } - else if (stage == "LdapUrls") { - list urlList = splitstring(component, "\t"); - foreach(string value, urlList, { - if (value != "") { - y2milestone("%1 url added", value); - ldapUrls = add(ldapUrls, value); - } - }); - } - else { - y2error("Error reading realm information"); - } - } - }); - realm["LDAP_URL_LIST"] = ldapUrls; - realm["SEARCH_ROOT_LIST"] = searchRoots; + // Read the information about each realm + foreach(string realmId, realmIdList, { + // Make sure that it is a valid id + if (realmId != "") { + // Read the realm info from the iaRealms.xml file + cmd = sformat("%1 -get %2 -file %3", iaRealmsEditor, realmId, iaRealmsFile); + ret = (map) SCR::Execute(.target.bash_output, cmd); + exit = ret["exit"]:-1; + if (exit != 0) + y2error("Failed to read realm info from " + iaRealmsFile); + else { + cmd_output = ret["stdout"]:""; + list realmIdComponents = splitstring(cmd_output, "\n"); + map realm = $[]; + list ldapUrls = []; + list searchRoots = []; + string stage = ""; + + realm["REALM_ID"] = realmId; + + foreach(string component, realmIdComponents, { + if (tolower(component) == "dirtype") { + stage = "DirType"; + } + else if (tolower(component) == "searchroots") { + stage = "SearchRoots"; + } + else if (tolower(component) == "ldapurls") { + stage = "LdapUrls"; + } + else { + if (stage == "DirType") { + if (component == "\teDir") { + y2milestone("%1 is eDir", realmId); + realm["EDIR_TYPE"] = true; + realm["AD_TYPE"] = false; + } + else { + y2milestone("%1 is %2", realmId, component); + realm["EDIR_TYPE"] = false; + realm["AD_TYPE"] = true; + } + } + else if (stage == "SearchRoots") { + list ctxList = splitstring(component, "\t"); + foreach(string value, ctxList, { + if (value != "") { + y2milestone("%1 ctx added", value); + searchRoots = add(searchRoots, value); + } + }); + } + else if (stage == "LdapUrls") { + list urlList = splitstring(component, "\t"); + foreach(string value, urlList, { + if (value != "") { + y2milestone("%1 url added", value); + ldapUrls = add(ldapUrls, value); + } + }); + } + else { + y2error("Error reading realm information"); + } + } + }); + realm["LDAP_URL_LIST"] = ldapUrls; + realm["SEARCH_ROOT_LIST"] = searchRoots; - // Set the authentication mechanism information for the realm - map authMechs = (map) authPolicy[realmId]:$[]; - if (authMechs != nil) { - if (authMechs["PwdAuthenticate"]:false == true) - realm["PASSWD_MECH"] = true; - else - realm["PASSWD_MECH"] = false; + // Set the authentication mechanism information for the realm + map authMechs = (map) authPolicy[realmId]:$[]; + if (authMechs != nil) { + if (authMechs["PwdAuthenticate"]:false == true) + realm["PASSWD_MECH"] = true; + else + realm["PASSWD_MECH"] = false; - if (authMechs["Krb5Authenticate"]:false == true) - realm["KRB_MECH"] = true; - else - realm["KRB_MECH"] = false; - } - else - { - y2error("Missing auth.policy info for " + realmId); - } + if (authMechs["Krb5Authenticate"]:false == true) + realm["KRB_MECH"] = true; + else + realm["KRB_MECH"] = false; + } + else + { + y2error("Missing auth.policy info for " + realmId); + } - realms[realmId] = realm; - } - } - }); - - Settings["CONFIG_CASAATS_REALMS"] = realms; - } + realms = add(realms, realm); + } + } + }); + + Settings["CONFIG_CASAATS_REALMS"] = realms; + } - // Get the Tomcat SSL connector statuses - cmd = tomcatConnectorEditor + " -s ssl"; - ret = (map) SCR::Execute(.target.bash_output, cmd); - exit = ret["exit"]:-1; - if (exit != 0) - y2error("Failed to read ssl connector status"); - else { - string cmd_output = ret["stdout"]:""; - list lines = splitstring(cmd_output, "\n"); - string statusLine = lines[2]:""; - if (statusLine == "Connector enabled") { - y2milestone("SSL connector enabled"); - Settings["CONFIG_CASAATS_DIRECT_ACCESS"] = true; - } - else { - y2milestone("SSL connector disabled"); - Settings["CONFIG_CASAATS_DIRECT_ACCESS"] = false; - } - } + // Get the Tomcat SSL connector statuses + cmd = tomcatConnectorEditor + " -s ssl"; + ret = (map) SCR::Execute(.target.bash_output, cmd); + exit = ret["exit"]:-1; + if (exit != 0) + y2error("Failed to read ssl connector status"); + else { + string cmd_output = ret["stdout"]:""; + list lines = splitstring(cmd_output, "\n"); + string statusLine = lines[2]:""; + if (statusLine == "Connector enabled") { + y2milestone("SSL connector enabled"); + Settings["CONFIG_CASAATS_DIRECT_ACCESS"] = true; + } + else { + y2milestone("SSL connector disabled"); + Settings["CONFIG_CASAATS_DIRECT_ACCESS"] = false; + } + } - // Get the Tomcat AJP connector statuses - cmd = tomcatConnectorEditor + " -s ajp"; - ret = (map) SCR::Execute(.target.bash_output, cmd); - exit = ret["exit"]:-1; - if (exit != 0) - y2error("Failed to read ajp connector status"); - else { - string cmd_output = ret["stdout"]:""; - list lines = splitstring(cmd_output, "\n"); - string statusLine = lines[2]:""; - if (statusLine == "Connector enabled") { - y2milestone("AJP connector enabled"); - Settings["CONFIG_CASAATS_WEB_ACCESS"] = true; - } - else { - y2milestone("AJP connector disabled"); - Settings["CONFIG_CASAATS_WEB_ACCESS"] = false; - } - } + // Get the Tomcat AJP connector statuses + cmd = tomcatConnectorEditor + " -s ajp"; + ret = (map) SCR::Execute(.target.bash_output, cmd); + exit = ret["exit"]:-1; + if (exit != 0) + y2error("Failed to read ajp connector status"); + else { + string cmd_output = ret["stdout"]:""; + list lines = splitstring(cmd_output, "\n"); + string statusLine = lines[2]:""; + if (statusLine == "Connector enabled") { + y2milestone("AJP connector enabled"); + Settings["CONFIG_CASAATS_WEB_ACCESS"] = true; + } + else { + y2milestone("AJP connector disabled"); + Settings["CONFIG_CASAATS_WEB_ACCESS"] = false; + } + } - // Get the Web Server status - integer status = (integer) SCR::Execute(.target.bash, webServerIsAvailableChecker); - if (status == 1) { - y2milestone("Web server available"); - Settings["WEB_SERVER_AVAILABLE"] = true; - } - else { - y2milestone("Web server un-available"); - Settings["WEB_SERVER_AVAILABLE"] = false; - } - } + // Get the Web Server status + integer status = (integer) SCR::Execute(.target.bash, webServerIsAvailableChecker); + if (status == 1) { + y2milestone("Web server available"); + Settings["WEB_SERVER_AVAILABLE"] = true; + } + else { + y2milestone("Web server un-available"); + Settings["WEB_SERVER_AVAILABLE"] = false; + } + } // read firewall settings if (Abort()) return false; @@ -458,7 +458,7 @@ global boolean Read() { */ global boolean Write() { - y2milestone("Write Executing"); + y2milestone("Write Executing"); /* CasaAts read dialog caption */ string caption = _("Saving casa-ats Configuration"); @@ -466,108 +466,108 @@ global boolean Write() { integer sl = 500; sleep(sl); - // Set the stages depending on whether we are configuring the - // server or not. + // Set the stages depending on whether we are configuring the + // server or not. integer steps = 0; - if ((Settings["CONFIG_CASAATS_ENABLE"]:false) == false) { - steps = 3; - Progress::New(caption, " ", steps, [ - /* Progress stage 1/3 */ - _("Write the trusted server settings"), - /* Progress stage 2/3 */ - _("Write the sysconfig settings"), - /* Progress stage 3/3 */ - _("Update runlevel settings"), - ], [ - /* Progress step 1/3 */ - _("Writing the trusted server settings..."), - /* Progress step 2/3 */ - _("Writing the sysconfig settings..."), - /* Progress step 3/3 */ - _("Updating runlevel settings..."), - /* Progress finished */ - _("Finished") - ], - "" - ); - } - else - { - steps = 4; - Progress::New(caption, " ", steps, [ - /* Progress stage 1/3 */ - _("Write the trusted server settings"), - /* Progress stage 2/3 */ - _("Write the sysconfig settings"), - /* Progress stage 4/4 */ - _("Adjust firewall"), - /* Progress stage 3/3 */ - _("Update runlevel settings") - ], [ - /* Progress step 1/3 */ - _("Writing the trusted server settings..."), - /* Progress step 2/3 */ - _("Writing the sysconfig settings..."), - /* Progress step 4/4 */ - _("Adjusting firewall..."), - /* Progress step 3/3 */ - _("Updating runlevel settings..."), - /* Progress finished */ - _("Finished") - ], - "" - ); - } + if ((Settings["CONFIG_CASAATS_ENABLE"]:false) == false) { + steps = 3; + Progress::New(caption, " ", steps, [ + /* Progress stage 1/3 */ + _("Write the trusted server settings"), + /* Progress stage 2/3 */ + _("Write the sysconfig settings"), + /* Progress stage 3/3 */ + _("Update runlevel settings"), + ], [ + /* Progress step 1/3 */ + _("Writing the trusted server settings..."), + /* Progress step 2/3 */ + _("Writing the sysconfig settings..."), + /* Progress step 3/3 */ + _("Updating runlevel settings..."), + /* Progress finished */ + _("Finished") + ], + "" + ); + } + else + { + steps = 4; + Progress::New(caption, " ", steps, [ + /* Progress stage 1/3 */ + _("Write the trusted server settings"), + /* Progress stage 2/3 */ + _("Write the sysconfig settings"), + /* Progress stage 4/4 */ + _("Adjust firewall"), + /* Progress stage 3/3 */ + _("Update runlevel settings") + ], [ + /* Progress step 1/3 */ + _("Writing the trusted server settings..."), + /* Progress step 2/3 */ + _("Writing the sysconfig settings..."), + /* Progress step 4/4 */ + _("Adjusting firewall..."), + /* Progress step 3/3 */ + _("Updating runlevel settings..."), + /* Progress finished */ + _("Finished") + ], + "" + ); + } // Write the trusted server list if (Abort()) return false; Progress::NextStage(); // Create trusted server config file if it does not exists, - // otherwise backup. - y2milestone("Writing trusted server config"); + // otherwise backup. + y2milestone("Writing trusted server config"); if (SCR::Read(.target.size, trustedServerConfigFile) < 0) - SCR::Write(.target.string, trustedServerConfigFile, ""); + SCR::Write(.target.string, trustedServerConfigFile, ""); else - SCR::Execute(.target.bash, "/bin/cp "+trustedServerConfigFile+" "+trustedServerConfigFile+".YaST2save"); + SCR::Execute(.target.bash, "/bin/cp "+trustedServerConfigFile+" "+trustedServerConfigFile+".YaST2save"); - // Create a fresh folder to hold the Signing Certs of the trusted ATSs - SCR::Execute(.target.bash, "/bin/rm -fr " + trustedServerCertsFolder); - SCR::Execute(.target.bash, "/bin/mkdir " + trustedServerCertsFolder); + // Create a fresh folder to hold the Signing Certs of the trusted ATSs + SCR::Execute(.target.bash, "/bin/rm -fr " + trustedServerCertsFolder); + SCR::Execute(.target.bash, "/bin/mkdir " + trustedServerCertsFolder); - // Update the trusted server config + // Update the trusted server config any anyRet = false; - list trustedServerList = Settings["CONFIG_CASAATS_TRUSTED"]:[]; - string trustedServerListString = ""; + list trustedServerList = Settings["CONFIG_CASAATS_TRUSTED"]:[]; + string trustedServerListString = ""; if (trustedServerList != []) { - // Merge all of the addresses onto the string - trustedServerListString = mergestring(trustedServerList, "\n"); + // Merge all of the addresses onto the string + trustedServerListString = mergestring(trustedServerList, "\n"); - // Import the Signing Certs from the trusted ATSs - foreach(string trustedATS, trustedServerList, { - if (trustedATS != "") - { - string cmd = sformat("curl -f --capath /etc/ssl/certs -o %1/%2 https://%3:443/CasaAuthTokenSvc/SigningCert", trustedServerCertsFolder, trustedATS, trustedATS); - integer exit = (integer) SCR::Execute(.target.bash, cmd); - if (exit != 0) - { - y2error("SigningCert import from " + trustedATS + "using port 443 failed with Curl error" + tostring(exit) + " trying port 2645"); - cmd = sformat("curl -f --capath /etc/ssl/certs -o %1/%2 https://%3:2645/CasaAuthTokenSvc/SigningCert", trustedServerCertsFolder, trustedATS, trustedATS); - exit = (integer) SCR::Execute(.target.bash, cmd); - if (exit != 0) - { - y2error("SigningCert import from " + trustedATS + "using port 2645 failed with Curl error" + tostring(exit)); - } - } - } - }); - } - anyRet = SCR::Write(.target.string, trustedServerConfigFile, trustedServerListString); + // Import the Signing Certs from the trusted ATSs + foreach(string trustedATS, trustedServerList, { + if (trustedATS != "") + { + string cmd = sformat("curl -f --capath /etc/ssl/certs -o %1/%2 https://%3:443/CasaAuthTokenSvc/SigningCert", trustedServerCertsFolder, trustedATS, trustedATS); + integer exit = (integer) SCR::Execute(.target.bash, cmd); + if (exit != 0) + { + y2error("SigningCert import from " + trustedATS + "using port 443 failed with Curl error" + tostring(exit) + " trying port 2645"); + cmd = sformat("curl -f --capath /etc/ssl/certs -o %1/%2 https://%3:2645/CasaAuthTokenSvc/SigningCert", trustedServerCertsFolder, trustedATS, trustedATS); + exit = (integer) SCR::Execute(.target.bash, cmd); + if (exit != 0) + { + y2error("SigningCert import from " + trustedATS + "using port 2645 failed with Curl error" + tostring(exit)); + } + } + } + }); + } + anyRet = SCR::Write(.target.string, trustedServerConfigFile, trustedServerListString); if (anyRet != true) - y2error("Failed to write to " + trustedServerConfigFile); + y2error("Failed to write to " + trustedServerConfigFile); - // Refresh the trusted ATS Keystore - SCR::Execute(.target.bash, "/usr/share/java/CASA/authtoken/bin/refresh_trusted_ats_keystore.sh"); + // Refresh the trusted ATS Keystore + SCR::Execute(.target.bash, "/usr/share/java/CASA/authtoken/bin/refresh_trusted_ats_keystore.sh"); // Write the /etc/sysconfig/casa-ats settings if(Abort()) return false; @@ -576,186 +576,186 @@ global boolean Write() { if (false) Report::Error (_("Cannot sysconfig settings.")); sleep(sl); - // Try to obtain the uid of casaatsd - string uid = ""; - map ret = (map) SCR::Execute(.target.bash_output, "id -u casaatsd"); - integer exit = ret["exit"]:-1; - if (exit == 0) - { - string cmd_output = ret["stdout"]:""; - list uidComponents = splitstring(cmd_output, "\n"); - uid = uidComponents[0]:""; - y2milestone("casaatsd uid = " + uid); + // Try to obtain the uid of casaatsd + string uid = ""; + map ret = (map) SCR::Execute(.target.bash_output, "id -u casaatsd"); + integer exit = ret["exit"]:-1; + if (exit == 0) + { + string cmd_output = ret["stdout"]:""; + list uidComponents = splitstring(cmd_output, "\n"); + uid = uidComponents[0]:""; + y2milestone("casaatsd uid = " + uid); - // Clear out the credentials that may have been saved in miCASA - // for this user. - string cmd = sformat("CASAcli -r -u %1", uid); - ret = (map) SCR::Execute(.target.bash_output, cmd); - exit = ret["exit"]:-1; - if (exit != 0) - y2error("Failed to remove casaatsd credentials"); - } + // Clear out the credentials that may have been saved in miCASA + // for this user. + string cmd = sformat("CASAcli -r -u %1", uid); + ret = (map) SCR::Execute(.target.bash_output, cmd); + exit = ret["exit"]:-1; + if (exit != 0) + y2error("Failed to remove casaatsd credentials"); + } - // Check if we need to save the server configuration - if ((Settings["CONFIG_CASAATS_ENABLE"]:false) == true) { + // Check if we need to save the server configuration + if ((Settings["CONFIG_CASAATS_ENABLE"]:false) == true) { - // Create svc.settings file - string cmd = "rm -f " + svcSettingsFile; - ret = (map) SCR::Execute(.target.bash_output, cmd); - cmd = svcSettingsEditor + " -create -file " + svcSettingsFile; - ret = (map) SCR::Execute(.target.bash_output, cmd); - exit = ret["exit"]:-1; - if (exit != 0) - y2error("Failed to create " + svcSettingsFile); + // Create svc.settings file + string cmd = "rm -f " + svcSettingsFile; + ret = (map) SCR::Execute(.target.bash_output, cmd); + cmd = svcSettingsEditor + " -create -file " + svcSettingsFile; + ret = (map) SCR::Execute(.target.bash_output, cmd); + exit = ret["exit"]:-1; + if (exit != 0) + y2error("Failed to create " + svcSettingsFile); - // Write the reconfigure interval value - cmd = sformat("%1 -set ReconfigureInterval %2 -file %3", - svcSettingsEditor, - tostring(Settings["CONFIG_CASAATS_RECONFIG_INTERVAL"]:60), - svcSettingsFile); - ret = (map) SCR::Execute(.target.bash_output, cmd); - exit = ret["exit"]:-1; - if (exit != 0) - y2error("Failed to set reconfigure interval"); + // Write the reconfigure interval value + cmd = sformat("%1 -set ReconfigureInterval %2 -file %3", + svcSettingsEditor, + tostring(Settings["CONFIG_CASAATS_RECONFIG_INTERVAL"]:60), + svcSettingsFile); + ret = (map) SCR::Execute(.target.bash_output, cmd); + exit = ret["exit"]:-1; + if (exit != 0) + y2error("Failed to set reconfigure interval"); - // Create the auth.policy file - cmd = "rm -f " + authPolicyFile; - ret = (map) SCR::Execute(.target.bash_output, cmd); - cmd = authPolicyEditor + " -create -file " + authPolicyFile; - ret = (map) SCR::Execute(.target.bash_output, cmd); - exit = ret["exit"]:-1; - if (exit != 0) - y2error("Failed to create " + authPolicyFile); + // Create the auth.policy file + cmd = "rm -f " + authPolicyFile; + ret = (map) SCR::Execute(.target.bash_output, cmd); + cmd = authPolicyEditor + " -create -file " + authPolicyFile; + ret = (map) SCR::Execute(.target.bash_output, cmd); + exit = ret["exit"]:-1; + if (exit != 0) + y2error("Failed to create " + authPolicyFile); - // Create the iaRealms.xml file - cmd = "rm -f " + iaRealmsFile; - ret = (map) SCR::Execute(.target.bash_output, cmd); - cmd = iaRealmsEditor + " -create -file " + iaRealmsFile; - ret = (map) SCR::Execute(.target.bash_output, cmd); - exit = ret["exit"]:-1; - if (exit != 0) - y2error("Failed to create " + iaRealmsFile); + // Create the iaRealms.xml file + cmd = "rm -f " + iaRealmsFile; + ret = (map) SCR::Execute(.target.bash_output, cmd); + cmd = iaRealmsEditor + " -create -file " + iaRealmsFile; + ret = (map) SCR::Execute(.target.bash_output, cmd); + exit = ret["exit"]:-1; + if (exit != 0) + y2error("Failed to create " + iaRealmsFile); - // Add the real information to auth.policy and iaRealms.xml files - map realms = (map) CasaAts::Settings["CONFIG_CASAATS_REALMS"]:$[]; - foreach (string key, map realm, realms, { - // Pull the realm parameters into local variables - string realmId = realm["REALM_ID"]:""; - boolean eDirType = realm["EDIR_TYPE"]:true; - boolean adType = realm["AD_TYPE"]:false; - boolean passwd_mech = realm["PASSWD_MECH"]:true; - boolean krb_mech = realm["KRB_MECH"]:false; - string proxy_username = realm["PROXY_USERNAME"]:""; - string proxy_password = realm["PROXY_PASSWD"]:""; - list ldapUrls = realm["LDAP_URL_LIST"]:[]; - list searchRoots = realm["SEARCH_ROOT_LIST"]:[]; + // Add the real information to auth.policy and iaRealms.xml files + list realms = (list) CasaAts::Settings["CONFIG_CASAATS_REALMS"]:[]; + foreach (map realm, realms, { + // Pull the realm parameters into local variables + string realmId = realm["REALM_ID"]:""; + boolean eDirType = realm["EDIR_TYPE"]:true; + boolean adType = realm["AD_TYPE"]:false; + boolean passwd_mech = realm["PASSWD_MECH"]:true; + boolean krb_mech = realm["KRB_MECH"]:false; + string proxy_username = realm["PROXY_USERNAME"]:""; + string proxy_password = realm["PROXY_PASSWD"]:""; + list ldapUrls = realm["LDAP_URL_LIST"]:[]; + list searchRoots = realm["SEARCH_ROOT_LIST"]:[]; - // Update the auth.policy - if (krb_mech == true) { - cmd = authPolicyEditor + " -append -entry " + realmId + ":Krb5Authenticate -file " + authPolicyFile; - ret = (map) SCR::Execute(.target.bash_output, cmd); - exit = ret["exit"]:-1; - if (exit != 0) - y2error("Failed to add entry to " + authPolicyFile); - } + // Update the auth.policy + if (krb_mech == true) { + cmd = authPolicyEditor + " -append -entry " + realmId + ":Krb5Authenticate -file " + authPolicyFile; + ret = (map) SCR::Execute(.target.bash_output, cmd); + exit = ret["exit"]:-1; + if (exit != 0) + y2error("Failed to add entry to " + authPolicyFile); + } - if (passwd_mech == true) { - cmd = authPolicyEditor + " -append -entry " + realmId + ":PwdAuthenticate -file " + authPolicyFile; - ret = (map) SCR::Execute(.target.bash_output, cmd); - exit = ret["exit"]:-1; - if (exit != 0) - y2error("Failed to add entry to " + authPolicyFile); - } + if (passwd_mech == true) { + cmd = authPolicyEditor + " -append -entry " + realmId + ":PwdAuthenticate -file " + authPolicyFile; + ret = (map) SCR::Execute(.target.bash_output, cmd); + exit = ret["exit"]:-1; + if (exit != 0) + y2error("Failed to add entry to " + authPolicyFile); + } - // Update the iaRealms.xml file - if (eDirType) - cmd = sformat("%1 -set \"%2\" -type eDir ", iaRealmsEditor, realmId); - else - cmd = sformat("%1 -set \"%2\" -type ActiveDirectory ", iaRealmsEditor, realmId); - foreach (string url, ldapUrls, { - cmd = sformat("%1 -url \"%2\"", cmd, url); - }); - foreach (string ctx, searchRoots, { - cmd = sformat("%1 -sr \"%2\"", cmd, ctx); - }); - cmd = sformat("%1 -file %2", cmd, iaRealmsFile); - ret = (map) SCR::Execute(.target.bash_output, cmd); - exit = ret["exit"]:-1; - if (exit != 0) - y2error("Failed to set realm " + realmId); + // Update the iaRealms.xml file + if (eDirType) + cmd = sformat("%1 -set \"%2\" -type eDir ", iaRealmsEditor, realmId); + else + cmd = sformat("%1 -set \"%2\" -type ActiveDirectory ", iaRealmsEditor, realmId); + foreach (string url, ldapUrls, { + cmd = sformat("%1 -url \"%2\"", cmd, url); + }); + foreach (string ctx, searchRoots, { + cmd = sformat("%1 -sr \"%2\"", cmd, ctx); + }); + cmd = sformat("%1 -file %2", cmd, iaRealmsFile); + ret = (map) SCR::Execute(.target.bash_output, cmd); + exit = ret["exit"]:-1; + if (exit != 0) + y2error("Failed to set realm " + realmId); - // Save Proxy User Credentials in miCASA if we have the uid of casaatsd - if (uid != "") - { - // Set the Proxy User Credentials in miCASA - cmd = sformat("KEYVALUE=\"%1\" CASAcli -s -u %2 -n %3 -k CN", proxy_username, uid, realmId); - ret = (map) SCR::Execute(.target.bash_output, cmd); - exit = ret["exit"]:-1; - if (exit != 0) - y2error("Failed to set Proxy Username in miCASA for realm " + realmId); - - cmd = sformat("KEYVALUE=\"%1\" CASAcli -s -u %2 -n \"%3\" -k Password", proxy_password, uid, realmId); - ret = (map) SCR::Execute(.target.bash_output, cmd); - exit = ret["exit"]:-1; - if (exit != 0) - y2error("Failed to set Proxy Password in miCASA for realm " + realmId); - } - else - { - y2error("Not setting proxy credentials in miCASA due to blank uid"); - } - }); + // Save Proxy User Credentials in miCASA if we have the uid of casaatsd + if (uid != "") + { + // Set the Proxy User Credentials in miCASA + cmd = sformat("KEYVALUE=\"%1\" CASAcli -s -u %2 -n %3 -k CN", proxy_username, uid, realmId); + ret = (map) SCR::Execute(.target.bash_output, cmd); + exit = ret["exit"]:-1; + if (exit != 0) + y2error("Failed to set Proxy Username in miCASA for realm " + realmId); + + cmd = sformat("KEYVALUE=\"%1\" CASAcli -s -u %2 -n \"%3\" -k Password", proxy_password, uid, realmId); + ret = (map) SCR::Execute(.target.bash_output, cmd); + exit = ret["exit"]:-1; + if (exit != 0) + y2error("Failed to set Proxy Password in miCASA for realm " + realmId); + } + else + { + y2error("Not setting proxy credentials in miCASA due to blank uid"); + } + }); - // Refresh the server Keystore - SCR::Execute(.target.bash, "/usr/share/java/CASA/authtoken/bin/refresh_server_keystore.sh"); + // Refresh the server Keystore + SCR::Execute(.target.bash, "/usr/share/java/CASA/authtoken/bin/refresh_server_keystore.sh"); - // Adjust the Tomcat connectors - // - // First disable them both and then re-enable as necessary - cmd = tomcatConnectorEditor + " -d ssl"; - exit = (integer) SCR::Execute(.target.bash, cmd); - if (exit != 0) - y2error("Failed to disable the SSL connector"); - else { - if ((Settings["CONFIG_CASAATS_DIRECT_ACCESS"]:false) == true) { - cmd = tomcatConnectorEditor + " -e ssl"; - exit = (integer) SCR::Execute(.target.bash, cmd); - if (exit != 0) - y2error("Failed to enable the SSL connector"); - } - } + // Adjust the Tomcat connectors + // + // First disable them both and then re-enable as necessary + cmd = tomcatConnectorEditor + " -d ssl"; + exit = (integer) SCR::Execute(.target.bash, cmd); + if (exit != 0) + y2error("Failed to disable the SSL connector"); + else { + if ((Settings["CONFIG_CASAATS_DIRECT_ACCESS"]:false) == true) { + cmd = tomcatConnectorEditor + " -e ssl"; + exit = (integer) SCR::Execute(.target.bash, cmd); + if (exit != 0) + y2error("Failed to enable the SSL connector"); + } + } - cmd = tomcatConnectorEditor + " -d ajp"; - exit = (integer) SCR::Execute(.target.bash, cmd); - if (exit != 0) - y2error("Failed to disable the AJP connector"); - else { - if (Settings["CONFIG_CASAATS_WEB_ACCESS"]:false == true) - { - cmd = tomcatConnectorEditor + " -e ajp"; - exit = (integer) SCR::Execute(.target.bash, cmd); - if (exit != 0) - y2error("Failed to enable the AJP connector"); - } - } + cmd = tomcatConnectorEditor + " -d ajp"; + exit = (integer) SCR::Execute(.target.bash, cmd); + if (exit != 0) + y2error("Failed to disable the AJP connector"); + else { + if (Settings["CONFIG_CASAATS_WEB_ACCESS"]:false == true) + { + cmd = tomcatConnectorEditor + " -e ajp"; + exit = (integer) SCR::Execute(.target.bash, cmd); + if (exit != 0) + y2error("Failed to enable the AJP connector"); + } + } - // Adjust firewall as needed - if (Abort()) return false; - Progress::NextStage(); - if (ModifyFirewallPort()) - { - // write settings - Progress::set(false); - SuSEFirewall::WriteOnly(); - if (!write_only) - { - SuSEFirewall::ActivateConfiguration(); - } - Progress::set(true); - } - if (false) Report::Error (_("Error adjusting firewall.")); - sleep(sl); - } + // Adjust firewall as needed + if (Abort()) return false; + Progress::NextStage(); + if (ModifyFirewallPort()) + { + // write settings + Progress::set(false); + SuSEFirewall::WriteOnly(); + if (!write_only) + { + SuSEFirewall::ActivateConfiguration(); + } + Progress::set(true); + } + if (false) Report::Error (_("Error adjusting firewall.")); + sleep(sl); + } // Enable/disable and start/stop service as needed if (Abort()) return false; diff --git a/CASA-auth-token/yast2-casa-ats/src/dialogs.ycp b/CASA-auth-token/yast2-casa-ats/src/dialogs.ycp index 2c364602..e476852e 100644 --- a/CASA-auth-token/yast2-casa-ats/src/dialogs.ycp +++ b/CASA-auth-token/yast2-casa-ats/src/dialogs.ycp @@ -21,11 +21,11 @@ ***********************************************************************/ /** - * File: include/casa-ats/dialogs.ycp - * Package: Configuration of casa-ats - * Summary: Dialogs definitions - * Authors: Juan Carlos Luciani - * Ryan Partridge + * File: include/casa-ats/dialogs.ycp + * Package: Configuration of casa-ats + * Summary: Dialogs definitions + * Authors: Juan Carlos Luciani + * Ryan Partridge * * $Id: dialogs.ycp 27914 2006-02-13 14:32:08Z locilka $ */ @@ -62,40 +62,40 @@ list realmSearchRootList = []; */ define term SearchRootEditDialog(integer id, term currVal) { - y2milestone("SearchRootEditDialog Executing"); + y2milestone("SearchRootEditDialog Executing"); term context = nil; context = `item(`id(id)); UI::OpenDialog(`opt(`decorated), - `VBox( - `HSpacing(1), - `VBox( - `TextEntry(`id(`context), _("&Search Root Context (i.e. cn=users,o=novell)"), currVal[1]:"") - ), - `HSpacing(1), - `HBox( - `PushButton(`id(`ok), `opt(`default), Label::OKButton()), - `PushButton(`id(`cancel), Label::CancelButton()) - ) - ) - ); + `VBox( + `HSpacing(1), + `VBox( + `TextEntry(`id(`context), _("&Search Root Context (i.e. cn=users,o=novell)"), currVal[1]:"") + ), + `HSpacing(1), + `HBox( + `PushButton(`id(`ok), `opt(`default), Label::OKButton()), + `PushButton(`id(`cancel), Label::CancelButton()) + ) + ) + ); UI::SetFocus(`id(`context)); any ret = nil; while (true) { - ret = UI::UserInput(); - if (ret != `ok) break; + ret = UI::UserInput(); + if (ret != `ok) break; - string value = (string) UI::QueryWidget(`id(`context), `Value); - context = add(context, value); - break; + string value = (string) UI::QueryWidget(`id(`context), `Value); + context = add(context, value); + break; } UI::CloseDialog(); - y2milestone("SearchRootEditDialog Exiting"); + y2milestone("SearchRootEditDialog Exiting"); if (ret != `ok) return nil; y2debug("context=%1", context); @@ -109,7 +109,7 @@ define term SearchRootEditDialog(integer id, term currVal) { */ any AuthRealmEditSearchRootsDialog() { - y2milestone("AuthRealmEditSearchRootsDialog Executing"); + y2milestone("AuthRealmEditSearchRootsDialog Executing"); string caption = _("CASA Authentication Realm Search Roots Configuration"); @@ -128,36 +128,36 @@ searches while trying to authenticate an entity.

integer max = 0; integer items = 0; list table_items = []; - list searchRootList = realmSearchRootList; + list searchRootList = realmSearchRootList; - // Read list of search roots already configured for this realm - foreach (string value, searchRootList, { - term context = `item(`id(items)); - context = add(context, value); - table_items = add(table_items, context); - items = items + 1; - max = max + 1; - }); + // Read list of search roots already configured for this realm + foreach (string value, searchRootList, { + term context = `item(`id(items)); + context = add(context, value); + table_items = add(table_items, context); + items = items + 1; + max = max + 1; + }); /* Dialog contents */ term contents = `HBox( - `HSpacing(5), - `VBox( - `VStretch(), - `Frame(_("Search Roots"), - `VBox( - `Table(`id(`table), `opt(`notify), `header(_("Context")), []), - `HBox(`PushButton(`id(`add), _("Ad&d")), - `PushButton(`id(`edit), `opt(`disabled), _("&Edit")), - `PushButton(`id(`delete), `opt(`disabled), _("De&lete"))))), - `VStretch() - ), - `HSpacing(5) + `HSpacing(5), + `VBox( + `VStretch(), + `Frame(_("Search Roots"), + `VBox( + `Table(`id(`table), `opt(`notify), `header(_("Context")), []), + `HBox(`PushButton(`id(`add), _("Ad&d")), + `PushButton(`id(`edit), `opt(`disabled), _("&Edit")), + `PushButton(`id(`delete), `opt(`disabled), _("De&lete"))))), + `VStretch() + ), + `HSpacing(5) ); Wizard::SetContentsButtons(caption, contents, help, - Label::BackButton(), Label::OKButton()); + Label::BackButton(), Label::OKButton()); UI::ChangeWidget(`id(`table), `Items, table_items); UI::SetFocus(`id(`table)); @@ -165,79 +165,79 @@ searches while trying to authenticate an entity.

any ret = nil; while (true) { - UI::ChangeWidget(`id(`edit), `Enabled, items > 0); - UI::ChangeWidget(`id(`delete), `Enabled, items > 0); - - y2milestone("AuthRealmEditSearchRootsDialog waiting for user input"); - ret = UI::UserInput(); - - /* abort? */ - if (ret == `abort || ret == `cancel || ret == `back) { - if (Popup::ReallyAbort(true)) break; - else continue; - } - /* edit context */ - else if (ret == `edit) { - y2milestone("Edit Search Root Entry Invoked"); - integer cur = (integer) UI::QueryWidget(`id(`table), `CurrentItem); - list cur_item = filter(term e, table_items, { - return cur == e[0, 0]:nil; - }); - - y2debug("cur=%1", cur); - y2debug("cur_item=%1", cur_item); - - term item = cur_item[0]:nil; - item = SearchRootEditDialog(cur, item); - if(item == nil) continue; - - table_items = maplist(term e, table_items, { - if(cur == e[0, 0]:-1) - return item; - return e; - }); - UI::ChangeWidget(`id(`table), `Items, table_items); - UI::ChangeWidget(`id(`table), `CurrentItem, cur); - continue; - } - /* add context */ - else if (ret == `add) { - y2milestone("Add Search Root Entry Invoked"); - term item = SearchRootEditDialog(max, `empty()); - if (item == nil) continue; - - table_items = add(table_items, item); - UI::ChangeWidget(`id(`table), `Items, table_items); - UI::ChangeWidget(`id(`table), `CurrentItem, max); - items = items + 1; - max = max + 1; - continue; - } - /* delete context */ - else if (ret == `delete) { - y2milestone("Delete Search Root Entry Invoked"); - items = items - 1; - integer cur = (integer) UI::QueryWidget(`id(`table), `CurrentItem); - table_items = filter(term e, table_items, { - return cur != e[0, 0]:nil; - }); - UI::ChangeWidget(`id(`table), `Items, table_items); - continue; - } - else if (ret == `next) { - realmSearchRootList = []; - foreach (term value, table_items,{ - realmSearchRootList = add(realmSearchRootList, value[1]:""); - }); - break; - } - else { - y2error("unexpected retcode: %1", ret); - continue; - } + UI::ChangeWidget(`id(`edit), `Enabled, items > 0); + UI::ChangeWidget(`id(`delete), `Enabled, items > 0); + + y2milestone("AuthRealmEditSearchRootsDialog waiting for user input"); + ret = UI::UserInput(); + + /* abort? */ + if (ret == `abort || ret == `cancel || ret == `back) { + if (Popup::ReallyAbort(true)) break; + else continue; + } + /* edit context */ + else if (ret == `edit) { + y2milestone("Edit Search Root Entry Invoked"); + integer cur = (integer) UI::QueryWidget(`id(`table), `CurrentItem); + list cur_item = filter(term e, table_items, { + return cur == e[0, 0]:nil; + }); + + y2debug("cur=%1", cur); + y2debug("cur_item=%1", cur_item); + + term item = cur_item[0]:nil; + item = SearchRootEditDialog(cur, item); + if(item == nil) continue; + + table_items = maplist(term e, table_items, { + if(cur == e[0, 0]:-1) + return item; + return e; + }); + UI::ChangeWidget(`id(`table), `Items, table_items); + UI::ChangeWidget(`id(`table), `CurrentItem, cur); + continue; + } + /* add context */ + else if (ret == `add) { + y2milestone("Add Search Root Entry Invoked"); + term item = SearchRootEditDialog(max, `empty()); + if (item == nil) continue; + + table_items = add(table_items, item); + UI::ChangeWidget(`id(`table), `Items, table_items); + UI::ChangeWidget(`id(`table), `CurrentItem, max); + items = items + 1; + max = max + 1; + continue; + } + /* delete context */ + else if (ret == `delete) { + y2milestone("Delete Search Root Entry Invoked"); + items = items - 1; + integer cur = (integer) UI::QueryWidget(`id(`table), `CurrentItem); + table_items = filter(term e, table_items, { + return cur != e[0, 0]:nil; + }); + UI::ChangeWidget(`id(`table), `Items, table_items); + continue; + } + else if (ret == `next) { + realmSearchRootList = []; + foreach (term value, table_items,{ + realmSearchRootList = add(realmSearchRootList, value[1]:""); + }); + break; + } + else { + y2error("unexpected retcode: %1", ret); + continue; + } } - y2milestone("AuthRealmEditSearchRootsDialog Exiting"); + y2milestone("AuthRealmEditSearchRootsDialog Exiting"); return ret; } @@ -251,54 +251,54 @@ searches while trying to authenticate an entity.

*/ define term LDAPUrlEditDialog(integer id, term currVal) { - y2milestone("LDAPUrlEditDialog Executing"); + y2milestone("LDAPUrlEditDialog Executing"); term url = nil; url = `item(`id(id)); UI::OpenDialog(`opt(`decorated), - `VBox( - `HSpacing(1), - `VBox( - `TextEntry(`id(`url), _("&Url (i.e. ldaps://ats1.novell.com)"), currVal[1]:"") - ), - `HSpacing(1), - `HBox( - `PushButton(`id(`ok), `opt(`default), Label::OKButton()), - `PushButton(`id(`cancel), Label::CancelButton()) - ) + `VBox( + `HSpacing(1), + `VBox( + `TextEntry(`id(`url), _("&Url (i.e. ldaps://ats1.novell.com)"), currVal[1]:"") + ), + `HSpacing(1), + `HBox( + `PushButton(`id(`ok), `opt(`default), Label::OKButton()), + `PushButton(`id(`cancel), Label::CancelButton()) + ) )); UI::SetFocus(`id(`url)); any ret = nil; while (true) { - ret = UI::UserInput(); - if (ret != `ok) break; + ret = UI::UserInput(); + if (ret != `ok) break; - string value = (string) UI::QueryWidget(`id(`url), `Value); + string value = (string) UI::QueryWidget(`id(`url), `Value); - // Check the Url - if (URL::Check(value) == true) { - map urlComponents = URL::Parse(value); - string scheme = tolower(urlComponents["scheme"]:""); - if (scheme == "ldaps" || scheme == "ldap") { - if (urlComponents["host"]:"" != "") { - url = add(url, value); + // Check the Url + if (URL::Check(value) == true) { + map urlComponents = URL::Parse(value); + string scheme = tolower(urlComponents["scheme"]:""); + if (scheme == "ldaps" || scheme == "ldap") { + if (urlComponents["host"]:"" != "") { + url = add(url, value); - // Report warning if not using SSL - if (scheme == "ldap") - Report::Warning(_("Not using LDAPS is a security risk")); - break; - } - } - } - Report::Error(_("URL entered is not valid")); + // Report warning if not using SSL + if (scheme == "ldap") + Report::Warning(_("Not using LDAPS is a security risk")); + break; + } + } + } + Report::Error(_("URL entered is not valid")); } UI::CloseDialog(); - y2milestone("LDAPUrlEditDialog Exiting"); + y2milestone("LDAPUrlEditDialog Exiting"); if (ret != `ok) return nil; y2debug("url=%1", url); @@ -312,7 +312,7 @@ define term LDAPUrlEditDialog(integer id, term currVal) { */ any AuthRealmEditLDAPUrlsDialog() { - y2milestone("AuthRealmEditLDAPUrlsDialog Executing"); + y2milestone("AuthRealmEditLDAPUrlsDialog Executing"); string caption = _("CASA Authentication LDAP Server URL Configuration"); @@ -329,38 +329,38 @@ multiple LDAP Server resources improves fault tolerance.

integer max = 0; integer items = 0; list table_items = []; - list ldapUrlList = realmLdapUrlList; + list ldapUrlList = realmLdapUrlList; - // Read list of ldap urls already configured for this realm - foreach (string value, ldapUrlList, { - term context = `item(`id(items)); - context = add(context, value); - table_items = add(table_items, context); - items = items + 1; - max = max + 1; - }); + // Read list of ldap urls already configured for this realm + foreach (string value, ldapUrlList, { + term context = `item(`id(items)); + context = add(context, value); + table_items = add(table_items, context); + items = items + 1; + max = max + 1; + }); /* Dialog contents */ term contents = `HBox( - `HSpacing(5), - `VBox( - `VStretch(), - `Frame(_("LDAP Server URLs"), - `VBox( - `Table(`id(`table), `opt(`notify), `header(_("Url") + " "), []), - `HBox(`PushButton(`id(`add), _("Ad&d")), - `PushButton(`id(`edit), `opt(`disabled), _("&Edit")), - `PushButton(`id(`delete), `opt(`disabled), _("De&lete")) - ) - )), - `VStretch() - ), - `HSpacing(5) + `HSpacing(5), + `VBox( + `VStretch(), + `Frame(_("LDAP Server URLs"), + `VBox( + `Table(`id(`table), `opt(`notify), `header(_("Url") + " "), []), + `HBox(`PushButton(`id(`add), _("Ad&d")), + `PushButton(`id(`edit), `opt(`disabled), _("&Edit")), + `PushButton(`id(`delete), `opt(`disabled), _("De&lete")) + ) + )), + `VStretch() + ), + `HSpacing(5) ); Wizard::SetContentsButtons(caption, contents, help, - Label::BackButton(), Label::OKButton()); + Label::BackButton(), Label::OKButton()); UI::ChangeWidget(`id(`table), `Items, table_items); UI::SetFocus(`id(`table)); @@ -368,80 +368,80 @@ multiple LDAP Server resources improves fault tolerance.

any ret = nil; while (true) { - UI::ChangeWidget(`id(`edit), `Enabled, items > 0); - UI::ChangeWidget(`id(`delete), `Enabled, items > 0); - - y2milestone("AuthRealmEditLDAPUrlsDialog waiting for user input"); - ret = UI::UserInput(); - - /* abort? */ - if (ret == `abort || ret == `cancel || ret == `back) { - if (Popup::ReallyAbort(true)) break; - else continue; - } - /* edit context */ - else if (ret == `edit) { - y2milestone("Edit LDAP Url Entry Invoked"); - integer cur = (integer) UI::QueryWidget(`id(`table), `CurrentItem); - list cur_item = filter(term e, table_items, { - return cur == e[0, 0]:nil; - }); - - y2debug("cur=%1", cur); - y2debug("cur_item=%1", cur_item); - - term item = cur_item[0]:nil; - item = LDAPUrlEditDialog(cur, item); - if(item == nil) continue; - - table_items = maplist(term e, table_items, { - if(cur == e[0, 0]:-1) - return item; - return e; - }); - UI::ChangeWidget(`id(`table), `Items, table_items); - UI::ChangeWidget(`id(`table), `CurrentItem, cur); + UI::ChangeWidget(`id(`edit), `Enabled, items > 0); + UI::ChangeWidget(`id(`delete), `Enabled, items > 0); + + y2milestone("AuthRealmEditLDAPUrlsDialog waiting for user input"); + ret = UI::UserInput(); + + /* abort? */ + if (ret == `abort || ret == `cancel || ret == `back) { + if (Popup::ReallyAbort(true)) break; + else continue; + } + /* edit context */ + else if (ret == `edit) { + y2milestone("Edit LDAP Url Entry Invoked"); + integer cur = (integer) UI::QueryWidget(`id(`table), `CurrentItem); + list cur_item = filter(term e, table_items, { + return cur == e[0, 0]:nil; + }); + + y2debug("cur=%1", cur); + y2debug("cur_item=%1", cur_item); + + term item = cur_item[0]:nil; + item = LDAPUrlEditDialog(cur, item); + if(item == nil) continue; + + table_items = maplist(term e, table_items, { + if(cur == e[0, 0]:-1) + return item; + return e; + }); + UI::ChangeWidget(`id(`table), `Items, table_items); + UI::ChangeWidget(`id(`table), `CurrentItem, cur); - continue; - } - else if (ret == `add) { - y2milestone("Add LDAP Url Entry Invoked"); - term item = LDAPUrlEditDialog(max, `empty()); - if (item == nil) continue; - - table_items = add(table_items, item); - UI::ChangeWidget(`id(`table), `Items, table_items); - UI::ChangeWidget(`id(`table), `CurrentItem, max); - items = items + 1; - max = max + 1; + continue; + } + else if (ret == `add) { + y2milestone("Add LDAP Url Entry Invoked"); + term item = LDAPUrlEditDialog(max, `empty()); + if (item == nil) continue; + + table_items = add(table_items, item); + UI::ChangeWidget(`id(`table), `Items, table_items); + UI::ChangeWidget(`id(`table), `CurrentItem, max); + items = items + 1; + max = max + 1; - continue; - } - else if (ret == `delete) { - y2milestone("Delete LDAP Url Entry Invoked"); - items = items - 1; - integer cur = (integer) UI::QueryWidget(`id(`table), `CurrentItem); - table_items = filter(term e, table_items, { - return cur != e[0, 0]:nil; - }); - UI::ChangeWidget(`id(`table), `Items, table_items); + continue; + } + else if (ret == `delete) { + y2milestone("Delete LDAP Url Entry Invoked"); + items = items - 1; + integer cur = (integer) UI::QueryWidget(`id(`table), `CurrentItem); + table_items = filter(term e, table_items, { + return cur != e[0, 0]:nil; + }); + UI::ChangeWidget(`id(`table), `Items, table_items); - continue; - } - else if (ret == `next) { - realmLdapUrlList = []; - foreach (term value, table_items,{ - realmLdapUrlList = add(realmLdapUrlList, value[1]:""); - }); - break; - } - else { - y2error("unexpected retcode: %1", ret); - continue; - } + continue; + } + else if (ret == `next) { + realmLdapUrlList = []; + foreach (term value, table_items,{ + realmLdapUrlList = add(realmLdapUrlList, value[1]:""); + }); + break; + } + else { + y2error("unexpected retcode: %1", ret); + continue; + } } - y2milestone("AuthRealmEditLDAPUrlsDialog Exiting"); + y2milestone("AuthRealmEditLDAPUrlsDialog Exiting"); return ret; } @@ -454,7 +454,7 @@ multiple LDAP Server resources improves fault tolerance.

*/ define map AuthRealmEditDialog(map currVal) { - y2milestone("AuthRealmEditDialog Executing"); + y2milestone("AuthRealmEditDialog Executing"); map realm = $[]; @@ -497,200 +497,200 @@ _("

The Search Roots button allows you to configure the LDAP contexts containing entities that can be authenticated.

"); - // Setup realm parameters with default values in variables that - // can be easily used. - string realm_id = ""; + // Setup realm parameters with default values in variables that + // can be easily used. + string realm_id = ""; boolean edir_type = true; boolean ad_type = false; boolean passwd_mech = true; boolean krb_mech = false; - string proxy_username = ""; - string proxy_passwd = ""; - string reentered_passwd = ""; - realmLdapUrlList = []; - realmSearchRootList = []; + string proxy_username = ""; + string proxy_passwd = ""; + string reentered_passwd = ""; + realmLdapUrlList = []; + realmSearchRootList = []; - // Update the variables with the parameters passed-in - if (currVal != nil) { - realm_id = currVal["REALM_ID"]:""; - edir_type = currVal["EDIR_TYPE"]:true; - ad_type = currVal["AD_TYPE"]:false; - passwd_mech = currVal["PASSWD_MECH"]:true; - krb_mech = currVal["KRB_MECH"]:true; - proxy_username = currVal["PROXY_USERNAME"]:""; - proxy_passwd = currVal["PROXY_PASSWD"]:""; - reentered_passwd = proxy_passwd; - realmLdapUrlList = currVal["LDAP_URL_LIST"]:[]; - realmSearchRootList = currVal["SEARCH_ROOT_LIST"]:[]; - } + // Update the variables with the parameters passed-in + if (currVal != nil) { + realm_id = currVal["REALM_ID"]:""; + edir_type = currVal["EDIR_TYPE"]:true; + ad_type = currVal["AD_TYPE"]:false; + passwd_mech = currVal["PASSWD_MECH"]:true; + krb_mech = currVal["KRB_MECH"]:true; + proxy_username = currVal["PROXY_USERNAME"]:""; + proxy_passwd = currVal["PROXY_PASSWD"]:""; + reentered_passwd = proxy_passwd; + realmLdapUrlList = currVal["LDAP_URL_LIST"]:[]; + realmSearchRootList = currVal["SEARCH_ROOT_LIST"]:[]; + } /* Dialog contents */ term contents = `HBox( - `HSpacing(3), - `VBox( - `VStretch(), - `TextEntry(`id(`realmid), _("Real&m Id"), realm_id), - `VSpacing(1), - `HBox( + `HSpacing(3), + `VBox( + `VStretch(), + `TextEntry(`id(`realmid), _("Real&m Id"), realm_id), + `VSpacing(1), + `HBox( `RadioButtonGroup(`id(`rb), - `VBox( - `Left(`Label("Directory Type?")), - `Left(`RadioButton(`id(`edir), "eDirector&y")), - `Left(`RadioButton(`id(`ad), "Acti&ve Directory" )) - ) - ), - `VBox( - `VStretch(), - `Frame(_("Authentication Mechanisms"), + `VBox( + `Left(`Label("Directory Type?")), + `Left(`RadioButton(`id(`edir), "eDirector&y")), + `Left(`RadioButton(`id(`ad), "Acti&ve Directory" )) + ) + ), + `VBox( + `VStretch(), + `Frame(_("Authentication Mechanisms"), `VBox( - `Left(`CheckBox(`id(`passwdmech), _("U&sername/Password"))), - `Left(`CheckBox(`id(`krbmech), _("&Kerberos V"))) - ) - ), - `VStretch() - ) - ), - `VSpacing(1), - `VBox( - `Frame(_("Proxy User Credentials"), - `VBox( - `Left(`TextEntry(`id(`username), _("&Username (i.e. cn=admin,o=novell)"))), - `Left(`Password(`id(`passwd), (_("&Password") + " "))), - `Left(`Password(`id(`repasswd), (_("&Confirm Password") + " "))) - ) - ), - `VStretch() - ), - `VSpacing(1), - `PushButton(`id(`urls), _("LDAP Server URLs")), - `VSpacing(1), - `PushButton(`id(`ctxs), _("Search Roots")), - `VStretch() - ), - `HSpacing(3) + `Left(`CheckBox(`id(`passwdmech), _("U&sername/Password"))), + `Left(`CheckBox(`id(`krbmech), _("&Kerberos V"))) + ) + ), + `VStretch() + ) + ), + `VSpacing(1), + `VBox( + `Frame(_("Proxy User Credentials"), + `VBox( + `Left(`TextEntry(`id(`username), _("&Username (i.e. cn=admin,o=novell)"))), + `Left(`Password(`id(`passwd), (_("&Password") + " "))), + `Left(`Password(`id(`repasswd), (_("&Confirm Password") + " "))) + ) + ), + `VStretch() + ), + `VSpacing(1), + `PushButton(`id(`urls), _("LDAP Server URLs")), + `VSpacing(1), + `PushButton(`id(`ctxs), _("Search Roots")), + `VStretch() + ), + `HSpacing(3) ); - boolean set_initial_focus = true; + boolean set_initial_focus = true; any ret = nil; while (true) { - Wizard::SetContentsButtons(caption, contents, help, - Label::BackButton(), Label::OKButton()); - - UI::ChangeWidget(`id(`realmid), `Value, realm_id); - UI::ChangeWidget(`id(`edir), `Value, edir_type); - UI::ChangeWidget(`id(`ad), `Value, ad_type); - UI::ChangeWidget(`id(`krbmech), `Value, krb_mech); - UI::ChangeWidget(`id(`passwdmech), `Value, passwd_mech); - UI::ChangeWidget(`id(`username), `Value, proxy_username); - UI::ChangeWidget(`id(`passwd), `Value, proxy_passwd); - UI::ChangeWidget(`id(`repasswd), `Value, reentered_passwd); + Wizard::SetContentsButtons(caption, contents, help, + Label::BackButton(), Label::OKButton()); + + UI::ChangeWidget(`id(`realmid), `Value, realm_id); + UI::ChangeWidget(`id(`edir), `Value, edir_type); + UI::ChangeWidget(`id(`ad), `Value, ad_type); + UI::ChangeWidget(`id(`krbmech), `Value, krb_mech); + UI::ChangeWidget(`id(`passwdmech), `Value, passwd_mech); + UI::ChangeWidget(`id(`username), `Value, proxy_username); + UI::ChangeWidget(`id(`passwd), `Value, proxy_passwd); + UI::ChangeWidget(`id(`repasswd), `Value, reentered_passwd); - if (set_initial_focus == true) { - UI::SetFocus(`id(`realmid)); - set_initial_focus = false; - } + if (set_initial_focus == true) { + UI::SetFocus(`id(`realmid)); + set_initial_focus = false; + } - y2milestone("AuthRealmEditDialog waiting for user input"); - ret = UI::UserInput(); + y2milestone("AuthRealmEditDialog waiting for user input"); + ret = UI::UserInput(); - // Refresh the local variables with the information in the widgets - realm_id = (string) UI::QueryWidget(`id(`realmid), `Value); - edir_type = (boolean) UI::QueryWidget(`id(`edir), `Value); - ad_type = (boolean) UI::QueryWidget(`id(`ad), `Value); - passwd_mech = (boolean) UI::QueryWidget(`id(`passwdmech), `Value); - krb_mech = (boolean) UI::QueryWidget(`id(`krbmech), `Value); - proxy_username = (string) UI::QueryWidget(`id(`username), `Value); - proxy_passwd = (string) UI::QueryWidget(`id(`passwd), `Value); - reentered_passwd = (string) UI::QueryWidget(`id(`repasswd), `Value); - - /* abort? */ - if (ret == `abort || ret == `cancel || ret == `back) { - // Update the local variables with - if (Popup::ReallyAbort(true)) break; - else - continue; - } - else if (ret == `next) { - y2milestone("Next entered"); + // Refresh the local variables with the information in the widgets + realm_id = (string) UI::QueryWidget(`id(`realmid), `Value); + edir_type = (boolean) UI::QueryWidget(`id(`edir), `Value); + ad_type = (boolean) UI::QueryWidget(`id(`ad), `Value); + passwd_mech = (boolean) UI::QueryWidget(`id(`passwdmech), `Value); + krb_mech = (boolean) UI::QueryWidget(`id(`krbmech), `Value); + proxy_username = (string) UI::QueryWidget(`id(`username), `Value); + proxy_passwd = (string) UI::QueryWidget(`id(`passwd), `Value); + reentered_passwd = (string) UI::QueryWidget(`id(`repasswd), `Value); + + /* abort? */ + if (ret == `abort || ret == `cancel || ret == `back) { + // Update the local variables with + if (Popup::ReallyAbort(true)) break; + else + continue; + } + else if (ret == `next) { + y2milestone("Next entered"); - // Do some parameter checking - if (realm_id == "") { - Report::Error(_("You must specify an Id for the realm.")); - continue; - } - if (size(realmLdapUrlList) == 0) { - Report::Error(_("You must at least configure one LDAP URL.")); - continue; - } - if (passwd_mech == false && krb_mech == false) { - Report::Error(_("You must specify at least one authentication mechanism.")); - continue; - } - if (proxy_username == "") { - Report::Error(_("You must specify a Proxy Username for the realm.")); - continue; - } - if (proxy_passwd == "") { - Report::Error(_("You must specify a Proxy Password for the realm.")); - continue; - } - if (proxy_passwd != reentered_passwd) { - Report::Error(_("The specified Proxy Passwords do not match.")); - proxy_passwd = ""; - reentered_passwd = ""; - continue; - } - if (ad_type == true && size(realmSearchRootList) == 0) { - Report::Error(_("You must specify a base search root for the realm.")); - continue; - } + // Do some parameter checking + if (realm_id == "") { + Report::Error(_("You must specify an Id for the realm.")); + continue; + } + if (size(realmLdapUrlList) == 0) { + Report::Error(_("You must at least configure one LDAP URL.")); + continue; + } + if (passwd_mech == false && krb_mech == false) { + Report::Error(_("You must specify at least one authentication mechanism.")); + continue; + } + if (proxy_username == "") { + Report::Error(_("You must specify a Proxy Username for the realm.")); + continue; + } + if (proxy_passwd == "") { + Report::Error(_("You must specify a Proxy Password for the realm.")); + continue; + } + if (proxy_passwd != reentered_passwd) { + Report::Error(_("The specified Proxy Passwords do not match.")); + proxy_passwd = ""; + reentered_passwd = ""; + continue; + } + if (ad_type == true && size(realmSearchRootList) == 0) { + Report::Error(_("You must specify a base search root for the realm.")); + continue; + } - break; - } - else if (ret == `urls) { - y2milestone("Edit LDAP Urls Invoked"); + break; + } + else if (ret == `urls) { + y2milestone("Edit LDAP Urls Invoked"); - /* Invoke the edit ldap urls dialog */ - ret = AuthRealmEditLDAPUrlsDialog(); - if (ret == `abort || ret == `cancel) - break; + /* Invoke the edit ldap urls dialog */ + ret = AuthRealmEditLDAPUrlsDialog(); + if (ret == `abort || ret == `cancel) + break; - continue;; - } - else if (ret == `ctxs) { - y2milestone("Edit Search Roots Invoked"); + continue;; + } + else if (ret == `ctxs) { + y2milestone("Edit Search Roots Invoked"); - /* Invoke the edit search roots dialog */ - ret = AuthRealmEditSearchRootsDialog(); - if (ret == `abort || ret == `cancel) - break; + /* Invoke the edit search roots dialog */ + ret = AuthRealmEditSearchRootsDialog(); + if (ret == `abort || ret == `cancel) + break; - continue;; - } - else { - y2error("unexpected retcode: %1", ret); - continue; - } + continue;; + } + else { + y2error("unexpected retcode: %1", ret); + continue; + } } - y2milestone("AuthRealmEditDialog Exiting"); + y2milestone("AuthRealmEditDialog Exiting"); - if (ret != `next) { - realm = nil; - } - else { - realm["REALM_ID"] = realm_id; - realm["EDIR_TYPE"] = edir_type; - realm["AD_TYPE"] = ad_type; - realm["PASSWD_MECH"] = passwd_mech; - realm["KRB_MECH"] = krb_mech; - realm["PROXY_USERNAME"] = proxy_username; - realm["PROXY_PASSWD"] = proxy_passwd; - realm["LDAP_URL_LIST"] = realmLdapUrlList; - realm["SEARCH_ROOT_LIST"] = realmSearchRootList; - } + if (ret != `next) { + realm = nil; + } + else { + realm["REALM_ID"] = realm_id; + realm["EDIR_TYPE"] = edir_type; + realm["AD_TYPE"] = ad_type; + realm["PASSWD_MECH"] = passwd_mech; + realm["KRB_MECH"] = krb_mech; + realm["PROXY_USERNAME"] = proxy_username; + realm["PROXY_PASSWD"] = proxy_passwd; + realm["LDAP_URL_LIST"] = realmLdapUrlList; + realm["SEARCH_ROOT_LIST"] = realmSearchRootList; + } return realm; } @@ -736,220 +736,216 @@ zero means that the server only reads its configuration during start up.

integer max = 0; integer items = 0; - map realms = (map) CasaAts::Settings["CONFIG_CASAATS_REALMS"]:$[]; + list realms = (list) CasaAts::Settings["CONFIG_CASAATS_REALMS"]:[]; list table_items = []; boolean direct_access = CasaAts::Settings["CONFIG_CASAATS_DIRECT_ACCESS"]:false; boolean web_access = CasaAts::Settings["CONFIG_CASAATS_WEB_ACCESS"]:false; integer reconfig_interval = CasaAts::Settings["CONFIG_CASAATS_RECONFIG_INTERVAL"]:60; - // Read list of search roots already configured for this realm - foreach (string key, map realm, realms, { - term item = `item(`id(max)); - item = add(item, realm["REALM_ID"]:""); - table_items = add(table_items, item); - items = items + 1; - max = max + 1; - }); + // Read list of realms already configured + foreach (map realm, realms, { + term item = `item(`id(max)); + item = add(item, realm["REALM_ID"]:""); + table_items = add(table_items, item); + items = items + 1; + max = max + 1; + }); /* Dialog contents */ - term contents = nil; - if (CasaAts::Settings["WEB_SERVER_AVAILABLE"]:false == true) - { - contents = `HBox( - `HSpacing(5), - `VBox( - `VStretch(), - `Frame(_("Authentication Realms"), - `VBox( - `Table(`id(`table), `opt(`notify), `header(_("Realm")), []), - `HBox(`PushButton(`id(`add), _("Ad&d")), - `PushButton(`id(`edit), `opt(`disabled), _("&Edit")), - `PushButton(`id(`delete), `opt(`disabled), _("De&lete")) - ) - ) - ), - `VSpacing(1), - `Left(`CheckBox(`id(`direct), `opt(`notify), _("Direc&t Access"))), - `VSpacing(1), - `Left(`CheckBox(`id(`web), _("&Web Server Access"))), - `VSpacing(1), - `Left(`TextEntry(`id(`interval), _("Recon&figure Interval"))), - `VStretch() - ), - `HSpacing(5) - ); - } - else - { - contents = `HBox( - `HSpacing(5), - `VBox( - `VStretch(), - `Frame(_("Authentication Realms"), - `VBox( - `Table(`id(`table), `opt(`notify), `header(_("Realm")), []), - `HBox(`PushButton(`id(`add), _("Ad&d")), - `PushButton(`id(`edit), `opt(`disabled), _("&Edit")), - `PushButton(`id(`delete), `opt(`disabled), _("De&lete")) - ) - ) - ), - `VSpacing(1), - `Left(`CheckBox(`id(`direct), `opt(`notify), _("Direc&t Access"))), - `VSpacing(1), - `Left(`CheckBox(`id(`web), `opt(`disabled), _("&Web Server Access"))), - `VSpacing(1), - `Left(`TextEntry(`id(`interval), _("Recon&figure Interval"))), - `VStretch() - ), - `HSpacing(5) - ); - } + term contents = nil; + if (CasaAts::Settings["WEB_SERVER_AVAILABLE"]:false == true) + { + contents = `HBox( + `HSpacing(5), + `VBox( + `VStretch(), + `Frame(_("Authentication Realms"), + `VBox( + `Table(`id(`table), `opt(`notify), `header(_("Realm")), []), + `HBox(`PushButton(`id(`add), _("Ad&d")), + `PushButton(`id(`edit), `opt(`disabled), _("&Edit")), + `PushButton(`id(`delete), `opt(`disabled), _("De&lete")) + ) + ) + ), + `VSpacing(1), + `Left(`CheckBox(`id(`direct), `opt(`notify), _("Direc&t Access"))), + `VSpacing(1), + `Left(`CheckBox(`id(`web), _("&Web Server Access"))), + `VSpacing(1), + `Left(`TextEntry(`id(`interval), _("Recon&figure Interval"))), + `VStretch() + ), + `HSpacing(5) + ); + } + else + { + contents = `HBox( + `HSpacing(5), + `VBox( + `VStretch(), + `Frame(_("Authentication Realms"), + `VBox( + `Table(`id(`table), `opt(`notify), `header(_("Realm")), []), + `HBox(`PushButton(`id(`add), _("Ad&d")), + `PushButton(`id(`edit), `opt(`disabled), _("&Edit")), + `PushButton(`id(`delete), `opt(`disabled), _("De&lete")) + ) + ) + ), + `VSpacing(1), + `Left(`CheckBox(`id(`direct), `opt(`notify), _("Direc&t Access"))), + `VSpacing(1), + `Left(`CheckBox(`id(`web), `opt(`disabled), _("&Web Server Access"))), + `VSpacing(1), + `Left(`TextEntry(`id(`interval), _("Recon&figure Interval"))), + `VStretch() + ), + `HSpacing(5) + ); + } - boolean set_initial_focus = true; + boolean set_initial_focus = true; any ret = nil; while (true) { - Wizard::SetContentsButtons(caption, contents, help, - Label::BackButton(), Label::OKButton()); - - UI::ChangeWidget(`id(`table), `Items, table_items); - UI::ChangeWidget(`id(`direct), `Value, direct_access); - UI::ChangeWidget(`id(`web), `Value, web_access); - UI::ChangeWidget(`id(`interval), `Value, tostring(reconfig_interval)); + Wizard::SetContentsButtons(caption, contents, help, + Label::BackButton(), Label::OKButton()); + + UI::ChangeWidget(`id(`table), `Items, table_items); + UI::ChangeWidget(`id(`direct), `Value, direct_access); + UI::ChangeWidget(`id(`web), `Value, web_access); + UI::ChangeWidget(`id(`interval), `Value, tostring(reconfig_interval)); - if (set_initial_focus == true) { - UI::SetFocus(`id(`table)); - set_initial_focus = false; - } + if (set_initial_focus == true) { + UI::SetFocus(`id(`table)); + set_initial_focus = false; + } - UI::ChangeWidget(`id(`edit), `Enabled, items > 0); - UI::ChangeWidget(`id(`delete), `Enabled, items > 0); - UI::ChangeWidget(`id(`cert), `Enabled, direct_access); - - y2milestone("ServerConfig waiting for user input"); - ret = UI::UserInput(); - - // Refresh the local variables with the information in the widgets - direct_access = (boolean) UI::QueryWidget(`id(`direct), `Value); - web_access = (boolean) UI::QueryWidget(`id(`web), `Value); - reconfig_interval = tointeger((string) UI::QueryWidget(`id(`interval), `Value)); - - if (ret == `abort || ret == `cancel || ret == `back) { - y2milestone("Abort, Cancel, or Back Invoked"); + UI::ChangeWidget(`id(`edit), `Enabled, items > 0); + UI::ChangeWidget(`id(`delete), `Enabled, items > 0); + UI::ChangeWidget(`id(`cert), `Enabled, direct_access); + + y2milestone("ServerConfig waiting for user input"); + ret = UI::UserInput(); + + // Refresh the local variables with the information in the widgets + direct_access = (boolean) UI::QueryWidget(`id(`direct), `Value); + web_access = (boolean) UI::QueryWidget(`id(`web), `Value); + reconfig_interval = tointeger((string) UI::QueryWidget(`id(`interval), `Value)); + + if (ret == `abort || ret == `cancel || ret == `back) { + y2milestone("Abort, Cancel, or Back Invoked"); - if (Popup::ReallyAbort(true)) break; - else continue; - } - else if (ret == `edit) { - y2milestone("Edit Authentication Realm Entry Invoked"); + if (Popup::ReallyAbort(true)) break; + else continue; + } + else if (ret == `edit) { + y2milestone("Edit Authentication Realm Entry Invoked"); - integer cur = (integer) UI::QueryWidget(`id(`table), `CurrentItem); - list cur_item = filter(term e, table_items, { - return cur == e[0, 0]:nil; - }); - - y2debug("cur=%1", cur); - y2debug("cur_item=%1", cur_item); - - term item = cur_item[0]:nil; + integer cur = (integer) UI::QueryWidget(`id(`table), `CurrentItem); + list cur_item = filter(term e, table_items, { + return cur == e[0, 0]:nil; + }); + + y2debug("cur=%1", cur); + y2debug("cur_item=%1", cur_item); + + term item = cur_item[0]:nil; - // Find the realm associated with this item - map realm = lookup(realms, item[1]:"", nil); - if (realm == nil) continue; + // Find the realm associated with this item + map realm = realms[cur]:nil; + if (realm == nil) continue; - y2milestone("Realm id : %1", realm["REALM_ID"]:""); + y2milestone("Realm id : %1", realm["REALM_ID"]:""); - map editedRealm = AuthRealmEditDialog(realm); - if (editedRealm == nil) continue; + map editedRealm = AuthRealmEditDialog(realm); + if (editedRealm == nil) continue; - // Update the realm map and the table - realms = remove(realms, realm["REALM_ID"]:""); - realms = add(realms, editedRealm["REALM_ID"]:"", editedRealm); - item[1] = editedRealm["REALM_ID"]:""; - - table_items = maplist(term e, table_items, { - if(cur == e[0, 0]:-1) - return item; - return e; - }); - UI::ChangeWidget(`id(`table), `Items, table_items); - UI::ChangeWidget(`id(`table), `CurrentItem, cur); - continue; - } - else if (ret == `add) { - y2milestone("Add Authentication Realm Entry Invoked"); + // Update the realm list and the table + realms[cur] = editedRealm; + item[1] = editedRealm["REALM_ID"]:""; + + table_items = maplist(term e, table_items, { + if(cur == e[0, 0]:-1) + return item; + return e; + }); + UI::ChangeWidget(`id(`table), `Items, table_items); + UI::ChangeWidget(`id(`table), `CurrentItem, cur); + continue; + } + else if (ret == `add) { + y2milestone("Add Authentication Realm Entry Invoked"); - map realm = AuthRealmEditDialog(nil); - if (realm == nil) continue; + map realm = AuthRealmEditDialog(nil); + if (realm == nil) continue; - y2milestone("Realm id : %1", realm["REALM_ID"]:""); + y2milestone("Realm id : %1", realm["REALM_ID"]:""); - // Add the realm to the realm map and the table - realms = add(realms, realm["REALM_ID"]:"", realm); - term item = nil; - item = `item(`id(max)); - item = add(item, realm["REALM_ID"]:""); - table_items = add(table_items, item); - UI::ChangeWidget(`id(`table), `Items, table_items); - UI::ChangeWidget(`id(`table), `CurrentItem, max); - items = items + 1; - max = max + 1; - continue; - } - else if (ret == `delete) { - y2milestone("Delete Authentication Realm Entry Invoked"); + // Add the realm to the realm map and the table + realms = add(realms, realm); + term item = nil; + item = `item(`id(max)); + item = add(item, realm["REALM_ID"]:""); + table_items = add(table_items, item); + UI::ChangeWidget(`id(`table), `Items, table_items); + UI::ChangeWidget(`id(`table), `CurrentItem, max); + items = items + 1; + max = max + 1; + continue; + } + else if (ret == `delete) { + y2milestone("Delete Authentication Realm Entry Invoked"); - items = items - 1; - integer cur = (integer) UI::QueryWidget(`id(`table), `CurrentItem); - list cur_item = filter(term e, table_items, { - return cur == e[0, 0]:nil; - }); - table_items = filter(term e, table_items, { - return cur != e[0, 0]:nil; - }); + items = items - 1; + integer cur = (integer) UI::QueryWidget(`id(`table), `CurrentItem); + list cur_item = filter(term e, table_items, { + return cur == e[0, 0]:nil; + }); + table_items = filter(term e, table_items, { + return cur != e[0, 0]:nil; + }); - term item = cur_item[0]:nil; - map realm = lookup(realms, item[1]:"", nil); - if (realm == nil) continue; - realms = remove(realms, realm["REALM_ID"]:""); + realms = remove(realms, cur); - UI::ChangeWidget(`id(`table), `Items, table_items); - continue; - } - else if (ret == `next) { - y2milestone("Next Invoked"); + UI::ChangeWidget(`id(`table), `Items, table_items); + continue; + } + else if (ret == `next) { + y2milestone("Next Invoked"); - /* Verify that a valid reconfigure interval has been entered */ - reconfig_interval = tointeger(UI::QueryWidget(`id(`interval), `Value)); - if (reconfig_interval == nil || reconfig_interval < 0) { - Report::Error(_("The reconfigure interval needs to be a non-negative number.")); - reconfig_interval = CasaAts::Settings["CONFIG_CASAATS_RECONFIG_INTERVAL"]:60; - continue; - } - /* Verify that the server can be accessed */ - if (direct_access != true && web_access != true) { - Report::Error(_("Specify server access type.")); - continue; - } - /* Verify that at least one realm has been configured */ - if (size(table_items) == 0) { - Report::Error(_("You must at least configure one Authentication Realm.")); - continue; - } + /* Verify that a valid reconfigure interval has been entered */ + reconfig_interval = tointeger(UI::QueryWidget(`id(`interval), `Value)); + if (reconfig_interval == nil || reconfig_interval < 0) { + Report::Error(_("The reconfigure interval needs to be a non-negative number.")); + reconfig_interval = CasaAts::Settings["CONFIG_CASAATS_RECONFIG_INTERVAL"]:60; + continue; + } + /* Verify that the server can be accessed */ + if (direct_access != true && web_access != true) { + Report::Error(_("Specify server access type.")); + continue; + } + /* Verify that at least one realm has been configured */ + if (size(table_items) == 0) { + Report::Error(_("You must at least configure one Authentication Realm.")); + continue; + } - // Save the server variables - CasaAts::Settings["CONFIG_CASAATS_REALMS"] = realms; - CasaAts::Settings["CONFIG_CASAATS_DIRECT_ACCESS"] = direct_access; - CasaAts::Settings["CONFIG_CASAATS_WEB_ACCESS"] = web_access; - CasaAts::Settings["CONFIG_CASAATS_RECONFIG_INTERVAL"] = reconfig_interval; - CasaAts::Settings["CONFIG_CASAATS_REALMS"] = realms; - break; - } - else { - y2error("unexpected retcode: %1", ret); - continue; - } + // Save the server variables + CasaAts::Settings["CONFIG_CASAATS_REALMS"] = realms; + CasaAts::Settings["CONFIG_CASAATS_DIRECT_ACCESS"] = direct_access; + CasaAts::Settings["CONFIG_CASAATS_WEB_ACCESS"] = web_access; + CasaAts::Settings["CONFIG_CASAATS_RECONFIG_INTERVAL"] = reconfig_interval; + CasaAts::Settings["CONFIG_CASAATS_REALMS"] = realms; + break; + } + else { + y2error("unexpected retcode: %1", ret); + continue; + } } } @@ -961,44 +957,44 @@ zero means that the server only reads its configuration during start up.

*/ define term TrustedATSEditDialog(integer id, term currVal) { - y2milestone("TrustedATSEditDialog Executing"); + y2milestone("TrustedATSEditDialog Executing"); term address = nil; address = `item(`id(id)); UI::OpenDialog(`opt(`decorated),`VBox( - `HSpacing(1), - `VBox( - /* TextEntry label */ - `TextEntry(`id(`address), _("D&NS Name or Dotted IP Address"), currVal[1]:"") - ), - `HSpacing(1), - `HBox( - `PushButton(`id(`ok), `opt(`default), Label::OKButton()), - `PushButton(`id(`cancel), Label::CancelButton()) - ) + `HSpacing(1), + `VBox( + /* TextEntry label */ + `TextEntry(`id(`address), _("D&NS Name or Dotted IP Address"), currVal[1]:"") + ), + `HSpacing(1), + `HBox( + `PushButton(`id(`ok), `opt(`default), Label::OKButton()), + `PushButton(`id(`cancel), Label::CancelButton()) + ) )); UI::SetFocus(`id(`address)); any ret = nil; while (true) { - ret = UI::UserInput(); - if(ret != `ok) break; + ret = UI::UserInput(); + if(ret != `ok) break; - string value = (string) UI::QueryWidget(`id(`address), `Value); + string value = (string) UI::QueryWidget(`id(`address), `Value); - // Check the address - if (Address::Check4(value) == true) { - address = add(address, value); - break; - } - Report::Error(_("Address entered is not valid")); + // Check the address + if (Address::Check4(value) == true) { + address = add(address, value); + break; + } + Report::Error(_("Address entered is not valid")); } UI::CloseDialog(); - y2milestone("TrustedATSEditDialog Exiting"); + y2milestone("TrustedATSEditDialog Exiting"); if (ret != `ok) return nil; y2debug("address=%1", address); @@ -1012,7 +1008,7 @@ define term TrustedATSEditDialog(integer id, term currVal) { */ any StartConfigDialog() { - y2milestone("StartConfigDialog Executing"); + y2milestone("StartConfigDialog Executing"); string caption = _("Casa Authentication Token Service Configuration"); @@ -1034,155 +1030,155 @@ from this device. Please, Configure Server if enabled.

integer max = 0; integer items = 0; - list trustedServerList = CasaAts::Settings["CONFIG_CASAATS_TRUSTED"]:[]; + list trustedServerList = CasaAts::Settings["CONFIG_CASAATS_TRUSTED"]:[]; list table_items = []; boolean server_enabled = CasaAts::Settings["CONFIG_CASAATS_ENABLE"]:false; - // Ready list of Trusted ATSs already configured to be - // used with our table. - foreach (string value, trustedServerList, { - term address = `item(`id(items)); - address = add(address, value); - table_items = add(table_items, address); - items = items + 1; - max = max + 1; - }); + // Ready list of Trusted ATSs already configured to be + // used with our table. + foreach (string value, trustedServerList, { + term address = `item(`id(items)); + address = add(address, value); + table_items = add(table_items, address); + items = items + 1; + max = max + 1; + }); /* Dialog contents */ term contents = `HBox( - `HSpacing(5), - `VBox( - `VStretch(), - `Frame(_("Trusted Authentication Token Servers"), - `VBox( - `Table(`id(`table), `opt(`notify), `header(_("Address")), []), - `HBox( - `PushButton(`id(`add), _("Ad&d")), - `PushButton(`id(`edit), `opt(`disabled), _("&Edit")), - `PushButton(`id(`delete), `opt(`disabled), _("De&lete")) - ) - )), - `VSpacing(1), - `HBox( - `Left(`CheckBox(`id(`enablesvc),`opt(`notify), _("Enable &Server"))), - `PushButton(`id(`srvconfig), `opt(`disabled), _("Confi&gure Server")) - ), - `VStretch() - ), - `HSpacing(5) + `HSpacing(5), + `VBox( + `VStretch(), + `Frame(_("Trusted Authentication Token Servers"), + `VBox( + `Table(`id(`table), `opt(`notify), `header(_("Address")), []), + `HBox( + `PushButton(`id(`add), _("Ad&d")), + `PushButton(`id(`edit), `opt(`disabled), _("&Edit")), + `PushButton(`id(`delete), `opt(`disabled), _("De&lete")) + ) + )), + `VSpacing(1), + `HBox( + `Left(`CheckBox(`id(`enablesvc),`opt(`notify), _("Enable &Server"))), + `PushButton(`id(`srvconfig), `opt(`disabled), _("Confi&gure Server")) + ), + `VStretch() + ), + `HSpacing(5) ); - boolean set_initial_focus = true; + boolean set_initial_focus = true; any ret = nil; while (true) { - Wizard::SetContentsButtons(caption, contents, help, - Label::BackButton(), Label::FinishButton()); + Wizard::SetContentsButtons(caption, contents, help, + Label::BackButton(), Label::FinishButton()); - UI::ChangeWidget(`id(`table), `Items, table_items); - UI::ChangeWidget(`id(`enablesvc), `Value, server_enabled); + UI::ChangeWidget(`id(`table), `Items, table_items); + UI::ChangeWidget(`id(`enablesvc), `Value, server_enabled); - if (set_initial_focus == true) { - UI::SetFocus(`id(`table)); - set_initial_focus = false; - } + if (set_initial_focus == true) { + UI::SetFocus(`id(`table)); + set_initial_focus = false; + } - UI::ChangeWidget(`id(`edit), `Enabled, items > 0); - UI::ChangeWidget(`id(`delete), `Enabled, items > 0); - UI::ChangeWidget(`id(`srvconfig), `Enabled, server_enabled == true); - - y2milestone("StartConfigDialog waiting for user input"); - ret = UI::UserInput(); - - // Refresh the local variables with the information in the widgets - server_enabled = (boolean) UI::QueryWidget(`id(`enablesvc), `Value); - - if (ret == `abort || ret == `cancel || ret == `back) { - y2milestone("Abort, Cancel, or Back Invoked"); + UI::ChangeWidget(`id(`edit), `Enabled, items > 0); + UI::ChangeWidget(`id(`delete), `Enabled, items > 0); + UI::ChangeWidget(`id(`srvconfig), `Enabled, server_enabled == true); + + y2milestone("StartConfigDialog waiting for user input"); + ret = UI::UserInput(); + + // Refresh the local variables with the information in the widgets + server_enabled = (boolean) UI::QueryWidget(`id(`enablesvc), `Value); + + if (ret == `abort || ret == `cancel || ret == `back) { + y2milestone("Abort, Cancel, or Back Invoked"); - if (Popup::ReallyAbort(true)) break; - else continue; - } - else if (ret == `edit) { - y2milestone("Edit Trusted ATS Entry Invoked"); + if (Popup::ReallyAbort(true)) break; + else continue; + } + else if (ret == `edit) { + y2milestone("Edit Trusted ATS Entry Invoked"); - integer cur = (integer) UI::QueryWidget(`id(`table), `CurrentItem); - list cur_item = filter(term e, table_items, { - return cur == e[0, 0]:nil; - }); - - y2debug("cur=%1", cur); - y2debug("cur_item=%1", cur_item); - - term item = cur_item[0]:nil; - item = TrustedATSEditDialog(cur, item); - if (item == nil) continue; - - table_items = maplist(term e, table_items, { - if(cur == e[0, 0]:-1) - return item; - return e; - }); - UI::ChangeWidget(`id(`table), `Items, table_items); - UI::ChangeWidget(`id(`table), `CurrentItem, cur); - continue; - } - else if (ret == `add) { - y2milestone("Add Trusted ATS Entry Invoked"); + integer cur = (integer) UI::QueryWidget(`id(`table), `CurrentItem); + list cur_item = filter(term e, table_items, { + return cur == e[0, 0]:nil; + }); + + y2debug("cur=%1", cur); + y2debug("cur_item=%1", cur_item); + + term item = cur_item[0]:nil; + item = TrustedATSEditDialog(cur, item); + if (item == nil) continue; + + table_items = maplist(term e, table_items, { + if(cur == e[0, 0]:-1) + return item; + return e; + }); + UI::ChangeWidget(`id(`table), `Items, table_items); + UI::ChangeWidget(`id(`table), `CurrentItem, cur); + continue; + } + else if (ret == `add) { + y2milestone("Add Trusted ATS Entry Invoked"); - term item = TrustedATSEditDialog(max, `empty()); - if (item == nil) continue; - - table_items = add(table_items, item); - UI::ChangeWidget(`id(`table), `Items, table_items); - UI::ChangeWidget(`id(`table), `CurrentItem, max); - items = items + 1; - max = max + 1; - continue; - } - else if (ret == `delete) { - y2milestone("Delete Trusted ATS Entry Invoked"); + term item = TrustedATSEditDialog(max, `empty()); + if (item == nil) continue; + + table_items = add(table_items, item); + UI::ChangeWidget(`id(`table), `Items, table_items); + UI::ChangeWidget(`id(`table), `CurrentItem, max); + items = items + 1; + max = max + 1; + continue; + } + else if (ret == `delete) { + y2milestone("Delete Trusted ATS Entry Invoked"); - items = items - 1; - integer cur = (integer) UI::QueryWidget(`id(`table), `CurrentItem); - table_items = filter(term e, table_items, { - return cur != e[0, 0]:nil; - }); - UI::ChangeWidget(`id(`table), `Items, table_items); - continue; - } - else if (ret == `enablesvc) { - y2milestone("Enabled Server changed"); + items = items - 1; + integer cur = (integer) UI::QueryWidget(`id(`table), `CurrentItem); + table_items = filter(term e, table_items, { + return cur != e[0, 0]:nil; + }); + UI::ChangeWidget(`id(`table), `Items, table_items); + continue; + } + else if (ret == `enablesvc) { + y2milestone("Enabled Server changed"); - continue; - } - else if (ret == `srvconfig) { - y2milestone("Config Server Invoked"); + continue; + } + else if (ret == `srvconfig) { + y2milestone("Config Server Invoked"); - ServerConfigDialog(); - continue; - } - else if (ret == `next) { - y2milestone("Next Invoked"); + ServerConfigDialog(); + continue; + } + else if (ret == `next) { + y2milestone("Next Invoked"); - // Save the variables - trustedServerList = []; - foreach (term value, table_items,{ - trustedServerList = add(trustedServerList, value[1]:""); - }); + // Save the variables + trustedServerList = []; + foreach (term value, table_items,{ + trustedServerList = add(trustedServerList, value[1]:""); + }); - CasaAts::Settings["CONFIG_CASAATS_TRUSTED"] = trustedServerList; - CasaAts::Settings["CONFIG_CASAATS_ENABLE"] = server_enabled; - break; - } - else { - y2error("unexpected retcode: %1", ret); - continue; - } + CasaAts::Settings["CONFIG_CASAATS_TRUSTED"] = trustedServerList; + CasaAts::Settings["CONFIG_CASAATS_ENABLE"] = server_enabled; + break; + } + else { + y2error("unexpected retcode: %1", ret); + continue; + } } - y2milestone("StartConfigDialog Exiting"); + y2milestone("StartConfigDialog Exiting"); return ret; } @@ -1201,18 +1197,18 @@ any Configure1Dialog () { term contents = `Label (_("First part of configuration of casa-ats")); Wizard::SetContentsButtons(caption, contents, HELPS["c1"]:"", - Label::BackButton(), Label::NextButton()); + Label::BackButton(), Label::NextButton()); any ret = nil; while(true) { - ret = UI::UserInput(); + ret = UI::UserInput(); - /* abort? */ - if(ret == `abort || ret == `cancel) { - if(Popup::ReallyAbort(true)) break; - else continue; - } + /* abort? */ + if(ret == `abort || ret == `cancel) { + if(Popup::ReallyAbort(true)) break; + else continue; + } else if(ret == `next || ret == `back) { break; }