From 3a44ee821138a9355c096048ea534acf0114cfc7 Mon Sep 17 00:00:00 2001
From: Juan Carlos Luciani <jluciani@novell.com>
Date: Thu, 9 Nov 2006 06:51:00 +0000
Subject: [PATCH] Completed necessary changes for Basic ATS Configuration Setup
 tool.

---
 .../package/linux/CASA_auth_token_svc.changes |  8 ++++
 .../package/linux/CASA_auth_token_svc.spec.in |  4 +-
 .../Jaas/linux/client_keystore_setup.sh       |  4 +-
 CASA-auth-token/java/server/Jaas/make_test.sh |  3 +-
 CASA-auth-token/java/server/Jaas/run_test.sh  |  4 +-
 CASA-auth-token/java/server/Svc/Makefile.am   | 10 ++---
 .../server/Svc/linux/CasaBasicATSSetup.sh     | 37 ++++++++-----------
 7 files changed, 37 insertions(+), 33 deletions(-)

diff --git a/CASA-auth-token/java/package/linux/CASA_auth_token_svc.changes b/CASA-auth-token/java/package/linux/CASA_auth_token_svc.changes
index 7312c9d7..62c50bf0 100644
--- a/CASA-auth-token/java/package/linux/CASA_auth_token_svc.changes
+++ b/CASA-auth-token/java/package/linux/CASA_auth_token_svc.changes
@@ -1,3 +1,11 @@
+-------------------------------------------------------------------
+Thu Nov  9 11:42:15 MST 2006 - jluciani@novell.com
+
+- Completed the ATS configuration story with a tool that
+  sets up all of the needed configuration files and
+  parameters with support for a single LDAP Realm and
+  server. 
+
 -------------------------------------------------------------------
 Tue Nov  7 10:42:24 MST 2006 - jluciani@novell.com
 
diff --git a/CASA-auth-token/java/package/linux/CASA_auth_token_svc.spec.in b/CASA-auth-token/java/package/linux/CASA_auth_token_svc.spec.in
index f2213b7c..3d651ec8 100644
--- a/CASA-auth-token/java/package/linux/CASA_auth_token_svc.spec.in
+++ b/CASA-auth-token/java/package/linux/CASA_auth_token_svc.spec.in
@@ -28,7 +28,7 @@ Release:       0
 Summary:       Novell Common Authentication Services Adapter Authentication Token Infrastructure "Java" (CASA_auth_token)
 Source:        %{name}-%{version}.tar.bz2
 BuildRoot:     %{_tmppath}/%{name}-%{version}-build
-Requires:      java-1_5_0-ibm servletapi5 tomcat5 sysvinit insserv identity-abstraction
+Requires:      java-1_5_0-ibm servletapi5 tomcat5 sysvinit insserv identity-abstraction sed
 PreReq:        %fillup_prereq %insserv_prereq
 PreReq:        /usr/bin/awk, /usr/bin/test, /bin/grep, /bin/cat, /usr/bin/install, /bin/pwd
 PreReq:        /usr/sbin/groupadd, /usr/sbin/useradd, /usr/sbin/userdel, /usr/bin/getent
@@ -129,6 +129,7 @@ install -d -m 700 %{buildroot}/etc/CASA/authtoken/svc/auth_mechanisms/Krb5Authen
 install -d -m 700 %{buildroot}/etc/CASA/authtoken/svc/auth_mechanisms/PwdAuthenticate
 install -d -m 700 %{buildroot}/etc/CASA/authtoken/svc/enabled_services
 install -d -m 700 %{buildroot}/etc/CASA/authtoken/svc/enabled_services/localhost
+install -d -m 755 %{buildroot}/etc/CASA/authtoken/svc/templates
 install -d -m 755 %{buildroot}/etc/CASA/authtoken/keys
 install -d -m 700 %{buildroot}/etc/CASA/authtoken/keys/server
 install -d -m 755 %{buildroot}/etc/CASA/authtoken/keys/client
@@ -296,6 +297,7 @@ userdel casaatsd
 %dir /etc/CASA/authtoken/svc/auth_mechanisms/PwdAuthenticate
 %dir /etc/CASA/authtoken/svc/enabled_services
 %dir /etc/CASA/authtoken/svc/enabled_services/localhost
+%dir /etc/CASA/authtoken/svc/templates
 %dir /etc/CASA/authtoken/keys/server
 /srv/www/casaats/webapps/CasaAuthTokenSvc.war
 %config /srv/www/casaats/conf/catalina.policy
diff --git a/CASA-auth-token/java/server/Jaas/linux/client_keystore_setup.sh b/CASA-auth-token/java/server/Jaas/linux/client_keystore_setup.sh
index 60134f3c..e1bf28f2 100755
--- a/CASA-auth-token/java/server/Jaas/linux/client_keystore_setup.sh
+++ b/CASA-auth-token/java/server/Jaas/linux/client_keystore_setup.sh
@@ -34,6 +34,8 @@
 #                                                           #
 #############################################################
 
+JAVA_HOME=/usr/lib/jvm/java-1.5.0-ibm
+
 # Do not do anything if the client keystore has already been created
 if [ -f /etc/CASA/authtoken/keys/client/jks-store ]; then
 	echo "The client keystore is already setup"
@@ -41,7 +43,7 @@ else
 	if [ -f /etc/CASA/authtoken/keys/casaatsdSigningCert ]; then
 		echo "Setting up the clients's keystore"
 
-                KEYTOOL_PATH=/usr/lib/jvm/java-1.5.0-ibm/bin/keytool
+                KEYTOOL_PATH=$JAVA_HOME/bin/keytool
 
 		# Import the certificate to the client's keystore
 		$KEYTOOL_PATH -import -noprompt -keystore /etc/CASA/authtoken/keys/client/jks-store -alias signingCert -storepass secret -keypass secret -file /etc/CASA/authtoken/keys/casaatsdSigningCert
diff --git a/CASA-auth-token/java/server/Jaas/make_test.sh b/CASA-auth-token/java/server/Jaas/make_test.sh
index f301a5b6..f04aef0a 100755
--- a/CASA-auth-token/java/server/Jaas/make_test.sh
+++ b/CASA-auth-token/java/server/Jaas/make_test.sh
@@ -1,4 +1,5 @@
 #!/bin/bash
+JAVA_HOME=/usr/lib/jvm/java-1.5.0-ibm
 if [ ! -d build-test ]; then
     mkdir build-test
     mkdir build-test/classes
@@ -8,6 +9,6 @@ else
     fi
 fi
 echo "*** Compiling the test application ***"
-/usr/lib/jvm/java-1.5.0-ibm/bin/javac -g -sourcepath src -classpath /usr/share/java/CASA/authtoken/CasaJaasSupport.jar:/usr/share/java/CASA/authtoken/CasaAuthToken.jar -d build-test/classes src/com/novell/casa/jaas/sample/SampleApp.java src/com/novell/casa/jaas/sample/SampleAppCallbackHandler.java
+$JAVA_HOME/bin/javac -g -sourcepath src -classpath /usr/share/java/CASA/authtoken/CasaJaasSupport.jar:/usr/share/java/CASA/authtoken/CasaAuthToken.jar -d build-test/classes src/com/novell/casa/jaas/sample/SampleApp.java src/com/novell/casa/jaas/sample/SampleAppCallbackHandler.java
 echo "*** Done compiling ***"
 
diff --git a/CASA-auth-token/java/server/Jaas/run_test.sh b/CASA-auth-token/java/server/Jaas/run_test.sh
index 48ae2d14..669f5210 100755
--- a/CASA-auth-token/java/server/Jaas/run_test.sh
+++ b/CASA-auth-token/java/server/Jaas/run_test.sh
@@ -1,4 +1,4 @@
 echo "*** Starting the test application ***"
-export JAVA_HOME=/usr/lib/jvm/java-1.5.0-ibm
-/usr/lib/jvm/java-1.5.0-ibm/bin/java -classpath build-test/classes:/usr/share/java/CASA/authtoken/CasaJaasSupport.jar:/usr/share/java/CASA/authtoken/CasaAuthToken.jar:/usr/share/java/CASA/authtoken/external/axis-ant.jar:/usr/share/java/CASA/authtoken/external/axis.jar:/usr/share/java/CASA/authtoken/external/commons-discovery-0.2.jar:/usr/share/java/CASA/authtoken/external/commons-logging-1.0.4.jar:/usr/share/java/CASA/authtoken/external/commons-logging-api.jar:/usr/share/java/CASA/authtoken/external/jaxrpc.jar:/usr/share/java/CASA/authtoken/external/log4j-1.2.8.jar:/usr/share/java/CASA/authtoken/external/saaj.jar:/usr/share/java/CASA/authtoken/external/wsdl4j-1.5.1.jar:/usr/share/java/CASA/authtoken/external/wss4j-1.5.0.jar:/usr/share/java/CASA/authtoken/external/xalan.jar:/usr/share/java/CASA/authtoken/external/xercesImpl.jar:/usr/share/java/CASA/authtoken/external/xml-apis.jar:/usr/share/java/CASA/authtoken/external/xmlsec-1.2.1.jar:/usr/share/java/xerces-j2.jar:/etc/CASA/authtoken/keys/client -Dorg.xml.sax.driver=org.apache.xerces.parsers.SAXParser -Djava.security.auth.login.config=src/com/novell/casa/jaas/sample/SampleApp.conf -Xrunjdwp:transport=dt_socket,address=5005,server=y,suspend=n com.novell.casa.jaas.sample.SampleApp
+JAVA_HOME=/usr/lib/jvm/java-1.5.0-ibm
+$JAVA_HOME/bin/java -classpath build-test/classes:/usr/share/java/CASA/authtoken/CasaJaasSupport.jar:/usr/share/java/CASA/authtoken/CasaAuthToken.jar:/usr/share/java/CASA/authtoken/external/axis-ant.jar:/usr/share/java/CASA/authtoken/external/axis.jar:/usr/share/java/CASA/authtoken/external/commons-discovery-0.2.jar:/usr/share/java/CASA/authtoken/external/commons-logging-1.0.4.jar:/usr/share/java/CASA/authtoken/external/commons-logging-api.jar:/usr/share/java/CASA/authtoken/external/jaxrpc.jar:/usr/share/java/CASA/authtoken/external/log4j-1.2.8.jar:/usr/share/java/CASA/authtoken/external/saaj.jar:/usr/share/java/CASA/authtoken/external/wsdl4j-1.5.1.jar:/usr/share/java/CASA/authtoken/external/wss4j-1.5.0.jar:/usr/share/java/CASA/authtoken/external/xalan.jar:/usr/share/java/CASA/authtoken/external/xercesImpl.jar:/usr/share/java/CASA/authtoken/external/xml-apis.jar:/usr/share/java/CASA/authtoken/external/xmlsec-1.2.1.jar:/usr/share/java/xerces-j2.jar:/etc/CASA/authtoken/keys/client -Dorg.xml.sax.driver=org.apache.xerces.parsers.SAXParser -Djava.security.auth.login.config=src/com/novell/casa/jaas/sample/SampleApp.conf -Xrunjdwp:transport=dt_socket,address=5005,server=y,suspend=n com.novell.casa.jaas.sample.SampleApp
 
diff --git a/CASA-auth-token/java/server/Svc/Makefile.am b/CASA-auth-token/java/server/Svc/Makefile.am
index b672f4da..7ec53bb0 100644
--- a/CASA-auth-token/java/server/Svc/Makefile.am
+++ b/CASA-auth-token/java/server/Svc/Makefile.am
@@ -22,9 +22,7 @@
 SUBDIRS = src
 DIST_SUBDIRS = src external tomcat5 linux manifest templates
 
-EXTRA_DIST = authtoken.settings \
-		identoken.settings \
-		README \
+EXTRA_DIST = README \
 		TODO \
 		web.xml
 
@@ -137,9 +135,9 @@ $(BUILDDIR)/%.class: %.java
 $(BUILDDIR)/$(WEBAPP): $(BUILDDIR) $(CLASSES)
 	@echo [======== Creating Webapp $@ ========]
 	cp web.xml $(BUILDDIR)/webapp/WEB-INF/web.xml
-	cp linux/svc.settings $(BUILDDIR)/webapp/WEB-INF/conf/svc.settings
-	cp authtoken.settings $(BUILDDIR)/webapp/WEB-INF/conf/authtoken.settings
-	cp identoken.settings $(BUILDDIR)/webapp/WEB-INF/conf/identoken.settings
+	cp templates/svc.settings $(BUILDDIR)/webapp/WEB-INF/conf/svc.settings
+	cp templates/authtoken.settings $(BUILDDIR)/webapp/WEB-INF/conf/authtoken.settings
+	cp templates/identoken.settings $(BUILDDIR)/webapp/WEB-INF/conf/identoken.settings
 	cp linux/crypto.properties $(BUILDDIR)/webapp/WEB-INF/classes/crypto.properties
 	cp src/com/novell/casa/authtoksvc/Krb5_mechanism.settings $(BUILDDIR)/webapp/WEB-INF/conf/installed_auth_mechanisms/Krb5Authenticate/mechanism.settings
 	cp src/com/novell/casa/authtoksvc/Pwd_mechanism.settings $(BUILDDIR)/webapp/WEB-INF/conf/installed_auth_mechanisms/PwdAuthenticate/mechanism.settings
diff --git a/CASA-auth-token/java/server/Svc/linux/CasaBasicATSSetup.sh b/CASA-auth-token/java/server/Svc/linux/CasaBasicATSSetup.sh
index 1164d531..8271428f 100755
--- a/CASA-auth-token/java/server/Svc/linux/CasaBasicATSSetup.sh
+++ b/CASA-auth-token/java/server/Svc/linux/CasaBasicATSSetup.sh
@@ -117,15 +117,10 @@ function setup_iaRealms_file
 
 function setup_authPolicy_file
 {
-   # Determine the file names 
-   TEMPLATE_FILE=$TEMPLATE_FILE_FOLDER/auth.policy
-   CONFIG_FILE=$CONFIG_FILE_FOLDER/auth.policy
+   EDITOR=/usr/share/java/CASA/authtoken/bin/CasaAuthPolicyEditor.sh
 
-   # Verify that the template file exists
-   if [ ! -f $TEMPLATE_FILE ]; then
-      echo "Template file $TEMPLATE_FILE does not exist"
-      return 2
-   fi
+   # Determine the file name
+   CONFIG_FILE=$CONFIG_FILE_FOLDER/auth.policy
 
    # Verify that the output folder exists
    if [ ! -d $CONFIG_FILE_FOLDER ]; then
@@ -138,8 +133,10 @@ function setup_authPolicy_file
 
    # Verify that all of the appropriate environment variables have been set
    if [ "$REALM" != "" ]; then
-      # Create and edit the output file
-      sed s:REALM:$REALM:g $TEMPLATE_FILE > $CONFIG_FILE
+      # Create and setup the auth.policy file
+      $EDITOR -create -file $CONFIG_FILE
+      $EDITOR -append -entry $REALM:Krb5Authenticate -file $CONFIG_FILE
+      $EDITOR -append -entry $REALM:PwdAuthenticate -file $CONFIG_FILE
       return 0
    else
       return 1
@@ -149,17 +146,12 @@ function setup_authPolicy_file
 
 function setup_svcSettings_file
 {
-   # Determine the file names 
-   TEMPLATE_FILE=$TEMPLATE_FILE_FOLDER/svc.settings
+   EDITOR=/usr/share/java/CASA/authtoken/bin/CasaSvcSettingsEditor.sh
+
+   # Determine the file name
    CONFIG_FILE=$CONFIG_FILE_FOLDER/svc.settings
    IAREALMS_FILE_PATH=$CONFIG_FILE_FOLDER/iaRealms.xml
 
-   # Verify that the template file exists
-   if [ ! -f $TEMPLATE_FILE ]; then
-      echo "Template file $TEMPLATE_FILE does not exist"
-      return 2
-   fi
-
    # Verify that the output folder exists
    if [ ! -d $CONFIG_FILE_FOLDER ]; then
       echo "Output folder $CONFIG_FILE_FOLDER does not exist"
@@ -169,8 +161,9 @@ function setup_svcSettings_file
    # Clean-up the output folder
    rm -f $CONFIG_FILE
 
-   # Create and edit the output file
-   sed s:IAREALMS_FILE_PATH:$IAREALMS_FILE_PATH:g $TEMPLATE_FILE > $CONFIG_FILE
+   # Create and setup the svc.settings file
+   $EDITOR -create -file $CONFIG_FILE
+   $EDITOR -set IAConfigFile $IAREALMS_FILE_PATH -file $CONFIG_FILE
    return 0
 }
 
@@ -187,13 +180,13 @@ if [ "$1" != "" ]; then
       exit 0
    fi
 else
-   TEMPLATE_FILE_FOLDER=DEFAULT_TEMPLATE_FILE_FOLDER
+   TEMPLATE_FILE_FOLDER=$DEFAULT_TEMPLATE_FILE_FOLDER
 fi
 
 if [ "$2" != "" ]; then
    CONFIG_FILE_FOLDER=$2
 else
-   CONFIG_FILE_FOLDER=DEFAULT_CONFIG_FILE_FOLDER
+   CONFIG_FILE_FOLDER=$DEFAULT_CONFIG_FILE_FOLDER
 fi
 
 # Setup the configuration files