Completed necessary changes for Basic ATS Configuration
Setup tool.
This commit is contained in:
Juan Carlos Luciani
parent
a999490245
commit
3a44ee8211
@ -1,3 +1,11 @@
|
||||
-------------------------------------------------------------------
|
||||
Thu Nov 9 11:42:15 MST 2006 - jluciani@novell.com
|
||||
|
||||
- Completed the ATS configuration story with a tool that
|
||||
sets up all of the needed configuration files and
|
||||
parameters with support for a single LDAP Realm and
|
||||
server.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Nov 7 10:42:24 MST 2006 - jluciani@novell.com
|
||||
|
||||
|
||||
@ -28,7 +28,7 @@ Release: 0
|
||||
Summary: Novell Common Authentication Services Adapter Authentication Token Infrastructure "Java" (CASA_auth_token)
|
||||
Source: %{name}-%{version}.tar.bz2
|
||||
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
||||
Requires: java-1_5_0-ibm servletapi5 tomcat5 sysvinit insserv identity-abstraction
|
||||
Requires: java-1_5_0-ibm servletapi5 tomcat5 sysvinit insserv identity-abstraction sed
|
||||
PreReq: %fillup_prereq %insserv_prereq
|
||||
PreReq: /usr/bin/awk, /usr/bin/test, /bin/grep, /bin/cat, /usr/bin/install, /bin/pwd
|
||||
PreReq: /usr/sbin/groupadd, /usr/sbin/useradd, /usr/sbin/userdel, /usr/bin/getent
|
||||
@ -129,6 +129,7 @@ install -d -m 700 %{buildroot}/etc/CASA/authtoken/svc/auth_mechanisms/Krb5Authen
|
||||
install -d -m 700 %{buildroot}/etc/CASA/authtoken/svc/auth_mechanisms/PwdAuthenticate
|
||||
install -d -m 700 %{buildroot}/etc/CASA/authtoken/svc/enabled_services
|
||||
install -d -m 700 %{buildroot}/etc/CASA/authtoken/svc/enabled_services/localhost
|
||||
install -d -m 755 %{buildroot}/etc/CASA/authtoken/svc/templates
|
||||
install -d -m 755 %{buildroot}/etc/CASA/authtoken/keys
|
||||
install -d -m 700 %{buildroot}/etc/CASA/authtoken/keys/server
|
||||
install -d -m 755 %{buildroot}/etc/CASA/authtoken/keys/client
|
||||
@ -296,6 +297,7 @@ userdel casaatsd
|
||||
%dir /etc/CASA/authtoken/svc/auth_mechanisms/PwdAuthenticate
|
||||
%dir /etc/CASA/authtoken/svc/enabled_services
|
||||
%dir /etc/CASA/authtoken/svc/enabled_services/localhost
|
||||
%dir /etc/CASA/authtoken/svc/templates
|
||||
%dir /etc/CASA/authtoken/keys/server
|
||||
/srv/www/casaats/webapps/CasaAuthTokenSvc.war
|
||||
%config /srv/www/casaats/conf/catalina.policy
|
||||
|
||||
@ -34,6 +34,8 @@
|
||||
# #
|
||||
#############################################################
|
||||
|
||||
JAVA_HOME=/usr/lib/jvm/java-1.5.0-ibm
|
||||
|
||||
# Do not do anything if the client keystore has already been created
|
||||
if [ -f /etc/CASA/authtoken/keys/client/jks-store ]; then
|
||||
echo "The client keystore is already setup"
|
||||
@ -41,7 +43,7 @@ else
|
||||
if [ -f /etc/CASA/authtoken/keys/casaatsdSigningCert ]; then
|
||||
echo "Setting up the clients's keystore"
|
||||
|
||||
KEYTOOL_PATH=/usr/lib/jvm/java-1.5.0-ibm/bin/keytool
|
||||
KEYTOOL_PATH=$JAVA_HOME/bin/keytool
|
||||
|
||||
# Import the certificate to the client's keystore
|
||||
$KEYTOOL_PATH -import -noprompt -keystore /etc/CASA/authtoken/keys/client/jks-store -alias signingCert -storepass secret -keypass secret -file /etc/CASA/authtoken/keys/casaatsdSigningCert
|
||||
|
||||
@ -1,4 +1,5 @@
|
||||
#!/bin/bash
|
||||
JAVA_HOME=/usr/lib/jvm/java-1.5.0-ibm
|
||||
if [ ! -d build-test ]; then
|
||||
mkdir build-test
|
||||
mkdir build-test/classes
|
||||
@ -8,6 +9,6 @@ else
|
||||
fi
|
||||
fi
|
||||
echo "*** Compiling the test application ***"
|
||||
/usr/lib/jvm/java-1.5.0-ibm/bin/javac -g -sourcepath src -classpath /usr/share/java/CASA/authtoken/CasaJaasSupport.jar:/usr/share/java/CASA/authtoken/CasaAuthToken.jar -d build-test/classes src/com/novell/casa/jaas/sample/SampleApp.java src/com/novell/casa/jaas/sample/SampleAppCallbackHandler.java
|
||||
$JAVA_HOME/bin/javac -g -sourcepath src -classpath /usr/share/java/CASA/authtoken/CasaJaasSupport.jar:/usr/share/java/CASA/authtoken/CasaAuthToken.jar -d build-test/classes src/com/novell/casa/jaas/sample/SampleApp.java src/com/novell/casa/jaas/sample/SampleAppCallbackHandler.java
|
||||
echo "*** Done compiling ***"
|
||||
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
echo "*** Starting the test application ***"
|
||||
export JAVA_HOME=/usr/lib/jvm/java-1.5.0-ibm
|
||||
/usr/lib/jvm/java-1.5.0-ibm/bin/java -classpath build-test/classes:/usr/share/java/CASA/authtoken/CasaJaasSupport.jar:/usr/share/java/CASA/authtoken/CasaAuthToken.jar:/usr/share/java/CASA/authtoken/external/axis-ant.jar:/usr/share/java/CASA/authtoken/external/axis.jar:/usr/share/java/CASA/authtoken/external/commons-discovery-0.2.jar:/usr/share/java/CASA/authtoken/external/commons-logging-1.0.4.jar:/usr/share/java/CASA/authtoken/external/commons-logging-api.jar:/usr/share/java/CASA/authtoken/external/jaxrpc.jar:/usr/share/java/CASA/authtoken/external/log4j-1.2.8.jar:/usr/share/java/CASA/authtoken/external/saaj.jar:/usr/share/java/CASA/authtoken/external/wsdl4j-1.5.1.jar:/usr/share/java/CASA/authtoken/external/wss4j-1.5.0.jar:/usr/share/java/CASA/authtoken/external/xalan.jar:/usr/share/java/CASA/authtoken/external/xercesImpl.jar:/usr/share/java/CASA/authtoken/external/xml-apis.jar:/usr/share/java/CASA/authtoken/external/xmlsec-1.2.1.jar:/usr/share/java/xerces-j2.jar:/etc/CASA/authtoken/keys/client -Dorg.xml.sax.driver=org.apache.xerces.parsers.SAXParser -Djava.security.auth.login.config=src/com/novell/casa/jaas/sample/SampleApp.conf -Xrunjdwp:transport=dt_socket,address=5005,server=y,suspend=n com.novell.casa.jaas.sample.SampleApp
|
||||
JAVA_HOME=/usr/lib/jvm/java-1.5.0-ibm
|
||||
$JAVA_HOME/bin/java -classpath build-test/classes:/usr/share/java/CASA/authtoken/CasaJaasSupport.jar:/usr/share/java/CASA/authtoken/CasaAuthToken.jar:/usr/share/java/CASA/authtoken/external/axis-ant.jar:/usr/share/java/CASA/authtoken/external/axis.jar:/usr/share/java/CASA/authtoken/external/commons-discovery-0.2.jar:/usr/share/java/CASA/authtoken/external/commons-logging-1.0.4.jar:/usr/share/java/CASA/authtoken/external/commons-logging-api.jar:/usr/share/java/CASA/authtoken/external/jaxrpc.jar:/usr/share/java/CASA/authtoken/external/log4j-1.2.8.jar:/usr/share/java/CASA/authtoken/external/saaj.jar:/usr/share/java/CASA/authtoken/external/wsdl4j-1.5.1.jar:/usr/share/java/CASA/authtoken/external/wss4j-1.5.0.jar:/usr/share/java/CASA/authtoken/external/xalan.jar:/usr/share/java/CASA/authtoken/external/xercesImpl.jar:/usr/share/java/CASA/authtoken/external/xml-apis.jar:/usr/share/java/CASA/authtoken/external/xmlsec-1.2.1.jar:/usr/share/java/xerces-j2.jar:/etc/CASA/authtoken/keys/client -Dorg.xml.sax.driver=org.apache.xerces.parsers.SAXParser -Djava.security.auth.login.config=src/com/novell/casa/jaas/sample/SampleApp.conf -Xrunjdwp:transport=dt_socket,address=5005,server=y,suspend=n com.novell.casa.jaas.sample.SampleApp
|
||||
|
||||
|
||||
@ -22,9 +22,7 @@
|
||||
SUBDIRS = src
|
||||
DIST_SUBDIRS = src external tomcat5 linux manifest templates
|
||||
|
||||
EXTRA_DIST = authtoken.settings \
|
||||
identoken.settings \
|
||||
README \
|
||||
EXTRA_DIST = README \
|
||||
TODO \
|
||||
web.xml
|
||||
|
||||
@ -137,9 +135,9 @@ $(BUILDDIR)/%.class: %.java
|
||||
$(BUILDDIR)/$(WEBAPP): $(BUILDDIR) $(CLASSES)
|
||||
@echo [======== Creating Webapp $@ ========]
|
||||
cp web.xml $(BUILDDIR)/webapp/WEB-INF/web.xml
|
||||
cp linux/svc.settings $(BUILDDIR)/webapp/WEB-INF/conf/svc.settings
|
||||
cp authtoken.settings $(BUILDDIR)/webapp/WEB-INF/conf/authtoken.settings
|
||||
cp identoken.settings $(BUILDDIR)/webapp/WEB-INF/conf/identoken.settings
|
||||
cp templates/svc.settings $(BUILDDIR)/webapp/WEB-INF/conf/svc.settings
|
||||
cp templates/authtoken.settings $(BUILDDIR)/webapp/WEB-INF/conf/authtoken.settings
|
||||
cp templates/identoken.settings $(BUILDDIR)/webapp/WEB-INF/conf/identoken.settings
|
||||
cp linux/crypto.properties $(BUILDDIR)/webapp/WEB-INF/classes/crypto.properties
|
||||
cp src/com/novell/casa/authtoksvc/Krb5_mechanism.settings $(BUILDDIR)/webapp/WEB-INF/conf/installed_auth_mechanisms/Krb5Authenticate/mechanism.settings
|
||||
cp src/com/novell/casa/authtoksvc/Pwd_mechanism.settings $(BUILDDIR)/webapp/WEB-INF/conf/installed_auth_mechanisms/PwdAuthenticate/mechanism.settings
|
||||
|
||||
@ -117,15 +117,10 @@ function setup_iaRealms_file
|
||||
|
||||
function setup_authPolicy_file
|
||||
{
|
||||
# Determine the file names
|
||||
TEMPLATE_FILE=$TEMPLATE_FILE_FOLDER/auth.policy
|
||||
CONFIG_FILE=$CONFIG_FILE_FOLDER/auth.policy
|
||||
EDITOR=/usr/share/java/CASA/authtoken/bin/CasaAuthPolicyEditor.sh
|
||||
|
||||
# Verify that the template file exists
|
||||
if [ ! -f $TEMPLATE_FILE ]; then
|
||||
echo "Template file $TEMPLATE_FILE does not exist"
|
||||
return 2
|
||||
fi
|
||||
# Determine the file name
|
||||
CONFIG_FILE=$CONFIG_FILE_FOLDER/auth.policy
|
||||
|
||||
# Verify that the output folder exists
|
||||
if [ ! -d $CONFIG_FILE_FOLDER ]; then
|
||||
@ -138,8 +133,10 @@ function setup_authPolicy_file
|
||||
|
||||
# Verify that all of the appropriate environment variables have been set
|
||||
if [ "$REALM" != "" ]; then
|
||||
# Create and edit the output file
|
||||
sed s:REALM:$REALM:g $TEMPLATE_FILE > $CONFIG_FILE
|
||||
# Create and setup the auth.policy file
|
||||
$EDITOR -create -file $CONFIG_FILE
|
||||
$EDITOR -append -entry $REALM:Krb5Authenticate -file $CONFIG_FILE
|
||||
$EDITOR -append -entry $REALM:PwdAuthenticate -file $CONFIG_FILE
|
||||
return 0
|
||||
else
|
||||
return 1
|
||||
@ -149,17 +146,12 @@ function setup_authPolicy_file
|
||||
|
||||
function setup_svcSettings_file
|
||||
{
|
||||
# Determine the file names
|
||||
TEMPLATE_FILE=$TEMPLATE_FILE_FOLDER/svc.settings
|
||||
EDITOR=/usr/share/java/CASA/authtoken/bin/CasaSvcSettingsEditor.sh
|
||||
|
||||
# Determine the file name
|
||||
CONFIG_FILE=$CONFIG_FILE_FOLDER/svc.settings
|
||||
IAREALMS_FILE_PATH=$CONFIG_FILE_FOLDER/iaRealms.xml
|
||||
|
||||
# Verify that the template file exists
|
||||
if [ ! -f $TEMPLATE_FILE ]; then
|
||||
echo "Template file $TEMPLATE_FILE does not exist"
|
||||
return 2
|
||||
fi
|
||||
|
||||
# Verify that the output folder exists
|
||||
if [ ! -d $CONFIG_FILE_FOLDER ]; then
|
||||
echo "Output folder $CONFIG_FILE_FOLDER does not exist"
|
||||
@ -169,8 +161,9 @@ function setup_svcSettings_file
|
||||
# Clean-up the output folder
|
||||
rm -f $CONFIG_FILE
|
||||
|
||||
# Create and edit the output file
|
||||
sed s:IAREALMS_FILE_PATH:$IAREALMS_FILE_PATH:g $TEMPLATE_FILE > $CONFIG_FILE
|
||||
# Create and setup the svc.settings file
|
||||
$EDITOR -create -file $CONFIG_FILE
|
||||
$EDITOR -set IAConfigFile $IAREALMS_FILE_PATH -file $CONFIG_FILE
|
||||
return 0
|
||||
}
|
||||
|
||||
@ -187,13 +180,13 @@ if [ "$1" != "" ]; then
|
||||
exit 0
|
||||
fi
|
||||
else
|
||||
TEMPLATE_FILE_FOLDER=DEFAULT_TEMPLATE_FILE_FOLDER
|
||||
TEMPLATE_FILE_FOLDER=$DEFAULT_TEMPLATE_FILE_FOLDER
|
||||
fi
|
||||
|
||||
if [ "$2" != "" ]; then
|
||||
CONFIG_FILE_FOLDER=$2
|
||||
else
|
||||
CONFIG_FILE_FOLDER=DEFAULT_CONFIG_FILE_FOLDER
|
||||
CONFIG_FILE_FOLDER=$DEFAULT_CONFIG_FILE_FOLDER
|
||||
fi
|
||||
|
||||
# Setup the configuration files
|
||||
|
||||
Loading…
Reference in New Issue
Block a user