geos_one/CASA
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Completed necessary changes for Basic ATS Configuration

Browse Source 
Setup tool.
This commit is contained in:
Juan Carlos Luciani
2006-11-09 06:51:00 +00:00
parent a999490245
commit 3a44ee8211
7 changed files with 37 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
CASA-auth-token/java/package/linux/CASA_auth_token_svc.changes
View File

@@ -1,3 +1,11 @@
-------------------------------------------------------------------
Thu Nov 9 11:42:15 MST 2006 - jluciani@novell.com
- Completed the ATS configuration story with a tool that
sets up all of the needed configuration files and
parameters with support for a single LDAP Realm and
server.
------------------------------------------------------------------- -------------------------------------------------------------------
Tue Nov 7 10:42:24 MST 2006 - jluciani@novell.com Tue Nov 7 10:42:24 MST 2006 - jluciani@novell.com

4
CASA-auth-token/java/package/linux/CASA_auth_token_svc.spec.in
View File

@@ -28,7 +28,7 @@ Release: 0
Summary: Novell Common Authentication Services Adapter Authentication Token Infrastructure "Java" (CASA_auth_token) Summary: Novell Common Authentication Services Adapter Authentication Token Infrastructure "Java" (CASA_auth_token)
Source: %{name}-%{version}.tar.bz2 Source: %{name}-%{version}.tar.bz2
BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRoot: %{_tmppath}/%{name}-%{version}-build
Requires: java-1_5_0-ibm servletapi5 tomcat5 sysvinit insserv identity-abstraction Requires: java-1_5_0-ibm servletapi5 tomcat5 sysvinit insserv identity-abstraction sed
PreReq: %fillup_prereq %insserv_prereq PreReq: %fillup_prereq %insserv_prereq
PreReq: /usr/bin/awk, /usr/bin/test, /bin/grep, /bin/cat, /usr/bin/install, /bin/pwd PreReq: /usr/bin/awk, /usr/bin/test, /bin/grep, /bin/cat, /usr/bin/install, /bin/pwd
PreReq: /usr/sbin/groupadd, /usr/sbin/useradd, /usr/sbin/userdel, /usr/bin/getent PreReq: /usr/sbin/groupadd, /usr/sbin/useradd, /usr/sbin/userdel, /usr/bin/getent
@@ -129,6 +129,7 @@ install -d -m 700 %{buildroot}/etc/CASA/authtoken/svc/auth_mechanisms/Krb5Authen
install -d -m 700 %{buildroot}/etc/CASA/authtoken/svc/auth_mechanisms/PwdAuthenticate install -d -m 700 %{buildroot}/etc/CASA/authtoken/svc/auth_mechanisms/PwdAuthenticate
install -d -m 700 %{buildroot}/etc/CASA/authtoken/svc/enabled_services install -d -m 700 %{buildroot}/etc/CASA/authtoken/svc/enabled_services
install -d -m 700 %{buildroot}/etc/CASA/authtoken/svc/enabled_services/localhost install -d -m 700 %{buildroot}/etc/CASA/authtoken/svc/enabled_services/localhost
install -d -m 755 %{buildroot}/etc/CASA/authtoken/svc/templates
install -d -m 755 %{buildroot}/etc/CASA/authtoken/keys install -d -m 755 %{buildroot}/etc/CASA/authtoken/keys
install -d -m 700 %{buildroot}/etc/CASA/authtoken/keys/server install -d -m 700 %{buildroot}/etc/CASA/authtoken/keys/server
install -d -m 755 %{buildroot}/etc/CASA/authtoken/keys/client install -d -m 755 %{buildroot}/etc/CASA/authtoken/keys/client
@@ -296,6 +297,7 @@ userdel casaatsd
%dir /etc/CASA/authtoken/svc/auth_mechanisms/PwdAuthenticate %dir /etc/CASA/authtoken/svc/auth_mechanisms/PwdAuthenticate
%dir /etc/CASA/authtoken/svc/enabled_services %dir /etc/CASA/authtoken/svc/enabled_services
%dir /etc/CASA/authtoken/svc/enabled_services/localhost %dir /etc/CASA/authtoken/svc/enabled_services/localhost
%dir /etc/CASA/authtoken/svc/templates
%dir /etc/CASA/authtoken/keys/server %dir /etc/CASA/authtoken/keys/server
/srv/www/casaats/webapps/CasaAuthTokenSvc.war /srv/www/casaats/webapps/CasaAuthTokenSvc.war
%config /srv/www/casaats/conf/catalina.policy %config /srv/www/casaats/conf/catalina.policy

4
CASA-auth-token/java/server/Jaas/linux/client_keystore_setup.sh
View File

@@ -34,6 +34,8 @@
# # # #
############################################################# #############################################################
JAVA_HOME=/usr/lib/jvm/java-1.5.0-ibm
# Do not do anything if the client keystore has already been created # Do not do anything if the client keystore has already been created
if [ -f /etc/CASA/authtoken/keys/client/jks-store ]; then if [ -f /etc/CASA/authtoken/keys/client/jks-store ]; then
echo "The client keystore is already setup" echo "The client keystore is already setup"
@@ -41,7 +43,7 @@ else
if [ -f /etc/CASA/authtoken/keys/casaatsdSigningCert ]; then if [ -f /etc/CASA/authtoken/keys/casaatsdSigningCert ]; then
echo "Setting up the clients's keystore" echo "Setting up the clients's keystore"
KEYTOOL_PATH=/usr/lib/jvm/java-1.5.0-ibm/bin/keytool KEYTOOL_PATH=$JAVA_HOME/bin/keytool
# Import the certificate to the client's keystore # Import the certificate to the client's keystore
$KEYTOOL_PATH -import -noprompt -keystore /etc/CASA/authtoken/keys/client/jks-store -alias signingCert -storepass secret -keypass secret -file /etc/CASA/authtoken/keys/casaatsdSigningCert $KEYTOOL_PATH -import -noprompt -keystore /etc/CASA/authtoken/keys/client/jks-store -alias signingCert -storepass secret -keypass secret -file /etc/CASA/authtoken/keys/casaatsdSigningCert

3
CASA-auth-token/java/server/Jaas/make_test.sh
View File

@@ -1,4 +1,5 @@
#!/bin/bash #!/bin/bash
JAVA_HOME=/usr/lib/jvm/java-1.5.0-ibm
if [ ! -d build-test ]; then if [ ! -d build-test ]; then
mkdir build-test mkdir build-test
mkdir build-test/classes mkdir build-test/classes
@@ -8,6 +9,6 @@ else
fi fi
fi fi
echo "*** Compiling the test application ***" echo "*** Compiling the test application ***"
/usr/lib/jvm/java-1.5.0-ibm/bin/javac -g -sourcepath src -classpath /usr/share/java/CASA/authtoken/CasaJaasSupport.jar:/usr/share/java/CASA/authtoken/CasaAuthToken.jar -d build-test/classes src/com/novell/casa/jaas/sample/SampleApp.java src/com/novell/casa/jaas/sample/SampleAppCallbackHandler.java $JAVA_HOME/bin/javac -g -sourcepath src -classpath /usr/share/java/CASA/authtoken/CasaJaasSupport.jar:/usr/share/java/CASA/authtoken/CasaAuthToken.jar -d build-test/classes src/com/novell/casa/jaas/sample/SampleApp.java src/com/novell/casa/jaas/sample/SampleAppCallbackHandler.java
echo "*** Done compiling ***" echo "*** Done compiling ***"

4
CASA-auth-token/java/server/Jaas/run_test.sh
View File

@@ -1,4 +1,4 @@
echo "*** Starting the test application ***" echo "*** Starting the test application ***"
export JAVA_HOME=/usr/lib/jvm/java-1.5.0-ibm JAVA_HOME=/usr/lib/jvm/java-1.5.0-ibm
/usr/lib/jvm/java-1.5.0-ibm/bin/java -classpath build-test/classes:/usr/share/java/CASA/authtoken/CasaJaasSupport.jar:/usr/share/java/CASA/authtoken/CasaAuthToken.jar:/usr/share/java/CASA/authtoken/external/axis-ant.jar:/usr/share/java/CASA/authtoken/external/axis.jar:/usr/share/java/CASA/authtoken/external/commons-discovery-0.2.jar:/usr/share/java/CASA/authtoken/external/commons-logging-1.0.4.jar:/usr/share/java/CASA/authtoken/external/commons-logging-api.jar:/usr/share/java/CASA/authtoken/external/jaxrpc.jar:/usr/share/java/CASA/authtoken/external/log4j-1.2.8.jar:/usr/share/java/CASA/authtoken/external/saaj.jar:/usr/share/java/CASA/authtoken/external/wsdl4j-1.5.1.jar:/usr/share/java/CASA/authtoken/external/wss4j-1.5.0.jar:/usr/share/java/CASA/authtoken/external/xalan.jar:/usr/share/java/CASA/authtoken/external/xercesImpl.jar:/usr/share/java/CASA/authtoken/external/xml-apis.jar:/usr/share/java/CASA/authtoken/external/xmlsec-1.2.1.jar:/usr/share/java/xerces-j2.jar:/etc/CASA/authtoken/keys/client -Dorg.xml.sax.driver=org.apache.xerces.parsers.SAXParser -Djava.security.auth.login.config=src/com/novell/casa/jaas/sample/SampleApp.conf -Xrunjdwp:transport=dt_socket,address=5005,server=y,suspend=n com.novell.casa.jaas.sample.SampleApp $JAVA_HOME/bin/java -classpath build-test/classes:/usr/share/java/CASA/authtoken/CasaJaasSupport.jar:/usr/share/java/CASA/authtoken/CasaAuthToken.jar:/usr/share/java/CASA/authtoken/external/axis-ant.jar:/usr/share/java/CASA/authtoken/external/axis.jar:/usr/share/java/CASA/authtoken/external/commons-discovery-0.2.jar:/usr/share/java/CASA/authtoken/external/commons-logging-1.0.4.jar:/usr/share/java/CASA/authtoken/external/commons-logging-api.jar:/usr/share/java/CASA/authtoken/external/jaxrpc.jar:/usr/share/java/CASA/authtoken/external/log4j-1.2.8.jar:/usr/share/java/CASA/authtoken/external/saaj.jar:/usr/share/java/CASA/authtoken/external/wsdl4j-1.5.1.jar:/usr/share/java/CASA/authtoken/external/wss4j-1.5.0.jar:/usr/share/java/CASA/authtoken/external/xalan.jar:/usr/share/java/CASA/authtoken/external/xercesImpl.jar:/usr/share/java/CASA/authtoken/external/xml-apis.jar:/usr/share/java/CASA/authtoken/external/xmlsec-1.2.1.jar:/usr/share/java/xerces-j2.jar:/etc/CASA/authtoken/keys/client -Dorg.xml.sax.driver=org.apache.xerces.parsers.SAXParser -Djava.security.auth.login.config=src/com/novell/casa/jaas/sample/SampleApp.conf -Xrunjdwp:transport=dt_socket,address=5005,server=y,suspend=n com.novell.casa.jaas.sample.SampleApp

10
CASA-auth-token/java/server/Svc/Makefile.am
View File

@@ -22,9 +22,7 @@
SUBDIRS = src SUBDIRS = src
DIST_SUBDIRS = src external tomcat5 linux manifest templates DIST_SUBDIRS = src external tomcat5 linux manifest templates
EXTRA_DIST = authtoken.settings \ EXTRA_DIST = README \
identoken.settings \
README \
TODO \ TODO \
web.xml web.xml
@@ -137,9 +135,9 @@ $(BUILDDIR)/%.class: %.java
$(BUILDDIR)/$(WEBAPP): $(BUILDDIR) $(CLASSES) $(BUILDDIR)/$(WEBAPP): $(BUILDDIR) $(CLASSES)
@echo [======== Creating Webapp $@ ========] @echo [======== Creating Webapp $@ ========]
cp web.xml $(BUILDDIR)/webapp/WEB-INF/web.xml cp web.xml $(BUILDDIR)/webapp/WEB-INF/web.xml
cp linux/svc.settings $(BUILDDIR)/webapp/WEB-INF/conf/svc.settings cp templates/svc.settings $(BUILDDIR)/webapp/WEB-INF/conf/svc.settings
cp authtoken.settings $(BUILDDIR)/webapp/WEB-INF/conf/authtoken.settings cp templates/authtoken.settings $(BUILDDIR)/webapp/WEB-INF/conf/authtoken.settings
cp identoken.settings $(BUILDDIR)/webapp/WEB-INF/conf/identoken.settings cp templates/identoken.settings $(BUILDDIR)/webapp/WEB-INF/conf/identoken.settings
cp linux/crypto.properties $(BUILDDIR)/webapp/WEB-INF/classes/crypto.properties cp linux/crypto.properties $(BUILDDIR)/webapp/WEB-INF/classes/crypto.properties
cp src/com/novell/casa/authtoksvc/Krb5_mechanism.settings $(BUILDDIR)/webapp/WEB-INF/conf/installed_auth_mechanisms/Krb5Authenticate/mechanism.settings cp src/com/novell/casa/authtoksvc/Krb5_mechanism.settings $(BUILDDIR)/webapp/WEB-INF/conf/installed_auth_mechanisms/Krb5Authenticate/mechanism.settings
cp src/com/novell/casa/authtoksvc/Pwd_mechanism.settings $(BUILDDIR)/webapp/WEB-INF/conf/installed_auth_mechanisms/PwdAuthenticate/mechanism.settings cp src/com/novell/casa/authtoksvc/Pwd_mechanism.settings $(BUILDDIR)/webapp/WEB-INF/conf/installed_auth_mechanisms/PwdAuthenticate/mechanism.settings

37
CASA-auth-token/java/server/Svc/linux/CasaBasicATSSetup.sh
View File

@@ -117,15 +117,10 @@ function setup_iaRealms_file
function setup_authPolicy_file function setup_authPolicy_file
{ {
# Determine the file names EDITOR=/usr/share/java/CASA/authtoken/bin/CasaAuthPolicyEditor.sh
TEMPLATE_FILE=$TEMPLATE_FILE_FOLDER/auth.policy
CONFIG_FILE=$CONFIG_FILE_FOLDER/auth.policy
# Verify that the template file exists # Determine the file name
if [ ! -f $TEMPLATE_FILE ]; then CONFIG_FILE=$CONFIG_FILE_FOLDER/auth.policy
echo "Template file $TEMPLATE_FILE does not exist"
return 2
fi
# Verify that the output folder exists # Verify that the output folder exists
if [ ! -d $CONFIG_FILE_FOLDER ]; then if [ ! -d $CONFIG_FILE_FOLDER ]; then
@@ -138,8 +133,10 @@ function setup_authPolicy_file
# Verify that all of the appropriate environment variables have been set # Verify that all of the appropriate environment variables have been set
if [ "$REALM" != "" ]; then if [ "$REALM" != "" ]; then
# Create and edit the output file # Create and setup the auth.policy file
sed s:REALM:$REALM:g $TEMPLATE_FILE > $CONFIG_FILE $EDITOR -create -file $CONFIG_FILE
$EDITOR -append -entry $REALM:Krb5Authenticate -file $CONFIG_FILE
$EDITOR -append -entry $REALM:PwdAuthenticate -file $CONFIG_FILE
return 0 return 0
else else
return 1 return 1
@@ -149,17 +146,12 @@ function setup_authPolicy_file
function setup_svcSettings_file function setup_svcSettings_file
{ {
# Determine the file names EDITOR=/usr/share/java/CASA/authtoken/bin/CasaSvcSettingsEditor.sh
TEMPLATE_FILE=$TEMPLATE_FILE_FOLDER/svc.settings
# Determine the file name
CONFIG_FILE=$CONFIG_FILE_FOLDER/svc.settings CONFIG_FILE=$CONFIG_FILE_FOLDER/svc.settings
IAREALMS_FILE_PATH=$CONFIG_FILE_FOLDER/iaRealms.xml IAREALMS_FILE_PATH=$CONFIG_FILE_FOLDER/iaRealms.xml
# Verify that the template file exists
if [ ! -f $TEMPLATE_FILE ]; then
echo "Template file $TEMPLATE_FILE does not exist"
return 2
fi
# Verify that the output folder exists # Verify that the output folder exists
if [ ! -d $CONFIG_FILE_FOLDER ]; then if [ ! -d $CONFIG_FILE_FOLDER ]; then
echo "Output folder $CONFIG_FILE_FOLDER does not exist" echo "Output folder $CONFIG_FILE_FOLDER does not exist"
@@ -169,8 +161,9 @@ function setup_svcSettings_file
# Clean-up the output folder # Clean-up the output folder
rm -f $CONFIG_FILE rm -f $CONFIG_FILE
# Create and edit the output file # Create and setup the svc.settings file
sed s:IAREALMS_FILE_PATH:$IAREALMS_FILE_PATH:g $TEMPLATE_FILE > $CONFIG_FILE $EDITOR -create -file $CONFIG_FILE
$EDITOR -set IAConfigFile $IAREALMS_FILE_PATH -file $CONFIG_FILE
return 0 return 0
} }
@@ -187,13 +180,13 @@ if [ "$1" != "" ]; then
exit 0 exit 0
fi fi
else else
TEMPLATE_FILE_FOLDER=DEFAULT_TEMPLATE_FILE_FOLDER TEMPLATE_FILE_FOLDER=$DEFAULT_TEMPLATE_FILE_FOLDER
fi fi
if [ "$2" != "" ]; then if [ "$2" != "" ]; then
CONFIG_FILE_FOLDER=$2 CONFIG_FILE_FOLDER=$2
else else
CONFIG_FILE_FOLDER=DEFAULT_CONFIG_FILE_FOLDER CONFIG_FILE_FOLDER=$DEFAULT_CONFIG_FILE_FOLDER
fi fi
# Setup the configuration files # Setup the configuration files