diff --git a/CASA-auth-token/java/configure.in b/CASA-auth-token/java/configure.in
index cc99ae63..9c1a63f4 100644
--- a/CASA-auth-token/java/configure.in
+++ b/CASA-auth-token/java/configure.in
@@ -279,6 +279,7 @@ server/Svc/tomcat5/conf/Catalina/Makefile
server/Svc/tomcat5/conf/Catalina/localhost/Makefile
server/Svc/tomcat5/conf/linux/Makefile
server/Svc/linux/Makefile
+server/Svc/templates/Makefile
server/Svc/manifest/Makefile
server/Jaas/Makefile
server/Jaas/src/Makefile
diff --git a/CASA-auth-token/java/package/linux/CASA_auth_token_svc.spec.in b/CASA-auth-token/java/package/linux/CASA_auth_token_svc.spec.in
index a6dfb831..f2213b7c 100644
--- a/CASA-auth-token/java/package/linux/CASA_auth_token_svc.spec.in
+++ b/CASA-auth-token/java/package/linux/CASA_auth_token_svc.spec.in
@@ -150,14 +150,17 @@ ln -sf CasaSvcSettingsEditor-%{bldno}.jar %{buildroot}%{prefix}/share/java/CASA/
ln -sf CasaAuthPolicyEditor-%{bldno}.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/CasaAuthPolicyEditor.jar
# Settings and configuration files
-install -m 600 server/Svc/linux/svc.settings %{buildroot}/etc/CASA/authtoken/svc/svc.settings
-install -m 600 server/Svc/authtoken.settings %{buildroot}/etc/CASA/authtoken/svc/authtoken.settings
-install -m 600 server/Svc/identoken.settings %{buildroot}/etc/CASA/authtoken/svc/identoken.settings
+install -m 600 server/Svc/templates/svc.settings %{buildroot}/etc/CASA/authtoken/svc/templates/svc.settings
+install -m 600 server/Svc/templates/auth.policy %{buildroot}/etc/CASA/authtoken/svc/templates/auth.policy
+install -m 600 server/Svc/templates/iaRealms.xml %{buildroot}/etc/CASA/authtoken/svc/templates/iaRealms.xml
+install -m 600 server/Svc/templates/authtoken.settings %{buildroot}/etc/CASA/authtoken/svc/authtoken.settings
+install -m 600 server/Svc/templates/identoken.settings %{buildroot}/etc/CASA/authtoken/svc/identoken.settings
install -m 600 server/Svc/src/com/novell/casa/authtoksvc/Krb5_mechanism.settings %{buildroot}/etc/CASA/authtoken/svc/auth_mechanisms/Krb5Authenticate/mechanism.settings
install -m 600 server/Svc/src/com/novell/casa/authtoksvc/Pwd_mechanism.settings %{buildroot}/etc/CASA/authtoken/svc/auth_mechanisms/PwdAuthenticate/mechanism.settings
# Others
install -m 700 server/Svc/linux/server_keystore_setup.sh %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/server_keystore_setup.sh
+install -m 700 server/Svc/linux/CasaBasicATSSetup.sh %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/CasaBasicATSSetup.sh
install -m 700 server/Svc/linux/CasaAuthPolicyEditor.sh %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/CasaAuthPolicyEditor.sh
install -m 700 server/Svc/linux/CasaAuthTokenSettingsEditor.sh %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/CasaAuthTokenSettingsEditor.sh
install -m 700 server/Svc/linux/CasaIdenTokenSettingsEditor.sh %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/CasaIdenTokenSettingsEditor.sh
@@ -261,6 +264,7 @@ userdel casaatsd
%{prefix}/share/java/CASA/authtoken/CasaAuthTokenSvc-%{bldno}.war
%{prefix}/share/java/CASA/authtoken/CasaAuthTokenSvc.war
%{prefix}/share/java/CASA/authtoken/bin/server_keystore_setup.sh
+%{prefix}/share/java/CASA/authtoken/bin/CasaBasicATSSetup.sh
%{prefix}/share/java/CASA/authtoken/bin/CasaAuthPolicyEditor.sh
%{prefix}/share/java/CASA/authtoken/bin/CasaAuthTokenSettingsEditor.sh
%{prefix}/share/java/CASA/authtoken/bin/CasaIdenTokenSettingsEditor.sh
@@ -302,7 +306,9 @@ userdel casaatsd
%config /srv/www/casaats/conf/tomcat-users.xml
%config /srv/www/casaats/conf/web.xml
%config /etc/CASA/authtoken/svc/envvars
-%config /etc/CASA/authtoken/svc/svc.settings
+/etc/CASA/authtoken/svc/templates/svc.settings
+/etc/CASA/authtoken/svc/templates/auth.policy
+/etc/CASA/authtoken/svc/templates/iaRealms.xml
%config /etc/CASA/authtoken/svc/authtoken.settings
%config /etc/CASA/authtoken/svc/identoken.settings
%config /etc/CASA/authtoken/svc/auth_mechanisms/Krb5Authenticate/mechanism.settings
diff --git a/CASA-auth-token/java/server/Svc/Makefile.am b/CASA-auth-token/java/server/Svc/Makefile.am
index 8355be02..b672f4da 100644
--- a/CASA-auth-token/java/server/Svc/Makefile.am
+++ b/CASA-auth-token/java/server/Svc/Makefile.am
@@ -20,7 +20,7 @@
#######################################################################
SUBDIRS = src
-DIST_SUBDIRS = src external tomcat5 linux manifest
+DIST_SUBDIRS = src external tomcat5 linux manifest templates
EXTRA_DIST = authtoken.settings \
identoken.settings \
diff --git a/CASA-auth-token/java/server/Svc/README b/CASA-auth-token/java/server/Svc/README
index af03ee14..9d2a74fb 100644
--- a/CASA-auth-token/java/server/Svc/README
+++ b/CASA-auth-token/java/server/Svc/README
@@ -207,8 +207,8 @@ Note the following about the sample auth.policy file:
- The authentication mechanism entries are: mechanism and mechanism_info. The mechanism
entry specifies the name of the authentication mechanism. The mechanism_info specifies
- some mechanism specific information. Both authentication mechanism entries must be
- specified for an auth_source entry.
+ some mechanism specific information, the need for this entry is dependent on the
+ configuration requirements of the specified mechanism.
- The name of the Krb5 Authentication mechanism is "Krb5Authenticate". This mechanism
defaults the service principal name to host/hostname@KERBEROS_REALM. You can use a
@@ -238,7 +238,7 @@ Note the following about the sample authtoken.settings file:
- The TokenLifetime setting specifies the number of seconds for which a token is good
for after being issued. The default value for this setting is 3600 seconds. Note that
a larger value reduces overhead, but it also gives more time for an intruder to
- utilize the token if it becomes compromized.
+ utilize the token if it becomes compromised.
- The LifetimeShorter setting specifies the number of seconds that should be substracted
from the TokenLifetime when calculating the number of seconds that clients are told
diff --git a/CASA-auth-token/java/server/Svc/TODO b/CASA-auth-token/java/server/Svc/TODO
index 54e2b1c0..7b79a6c6 100644
--- a/CASA-auth-token/java/server/Svc/TODO
+++ b/CASA-auth-token/java/server/Svc/TODO
@@ -15,4 +15,5 @@ OUTSTANDING ITEMS
- Add logging.
- Create plug-in API for Identity Token Providers.
- Change printfs used for debugging into a suitable mechanism.
+- Create tool to connect Tomcat instance to Apache Server and disabling port 2645 listener.
diff --git a/CASA-auth-token/java/server/Svc/authtoken.settings b/CASA-auth-token/java/server/Svc/authtoken.settings
deleted file mode 100644
index 75f4b75c..00000000
--- a/CASA-auth-token/java/server/Svc/authtoken.settings
+++ /dev/null
@@ -1,4 +0,0 @@
-
-
- 3600
-
diff --git a/CASA-auth-token/java/server/Svc/identoken.settings b/CASA-auth-token/java/server/Svc/identoken.settings
deleted file mode 100644
index ac54afb5..00000000
--- a/CASA-auth-token/java/server/Svc/identoken.settings
+++ /dev/null
@@ -1,6 +0,0 @@
-
-
- false
- sn
-
-
diff --git a/CASA-auth-token/java/server/Svc/linux/CasaAuthPolicyEditor.sh b/CASA-auth-token/java/server/Svc/linux/CasaAuthPolicyEditor.sh
index d98cda40..bd859201 100755
--- a/CASA-auth-token/java/server/Svc/linux/CasaAuthPolicyEditor.sh
+++ b/CASA-auth-token/java/server/Svc/linux/CasaAuthPolicyEditor.sh
@@ -1,3 +1,37 @@
#!/bin/sh
+########################################################################
+#
+# Copyright (C) 2006 Novell, Inc. All Rights Reserved.
+#
+# This library is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public
+# License as published by the Free Software Foundation; version 2.1
+# of the License.
+#
+# This library is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# Library Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public
+# License along with this library; if not, Novell, Inc.
+#
+# To contact Novell about this file by physical or electronic mail,
+# you may find current contact information at www.novell.com.
+#
+# Author: Juan Carlos Luciani
+#
+########################################################################
+
+########################################################################
+#
+# Script for editing auth.policy files
+#
+########################################################################
+
+# Source our environment variables file
+. /etc/CASA/authtoken/svc/envvars
+
+# Perform the operation requested
$JAVA_HOME/bin/java -jar /usr/share/java/CASA/authtoken/bin/CasaAuthPolicyEditor.jar $*
diff --git a/CASA-auth-token/java/server/Svc/linux/CasaAuthTokenSettingsEditor.sh b/CASA-auth-token/java/server/Svc/linux/CasaAuthTokenSettingsEditor.sh
index b2d0fd66..8a8261c4 100755
--- a/CASA-auth-token/java/server/Svc/linux/CasaAuthTokenSettingsEditor.sh
+++ b/CASA-auth-token/java/server/Svc/linux/CasaAuthTokenSettingsEditor.sh
@@ -1,3 +1,37 @@
#!/bin/sh
+########################################################################
+#
+# Copyright (C) 2006 Novell, Inc. All Rights Reserved.
+#
+# This library is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public
+# License as published by the Free Software Foundation; version 2.1
+# of the License.
+#
+# This library is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# Library Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public
+# License along with this library; if not, Novell, Inc.
+#
+# To contact Novell about this file by physical or electronic mail,
+# you may find current contact information at www.novell.com.
+#
+# Author: Juan Carlos Luciani
+#
+########################################################################
+
+########################################################################
+#
+# Script for editing authtoken.settings files
+#
+########################################################################
+
+# Source our environment variables file
+. /etc/CASA/authtoken/svc/envvars
+
+# Perform the operation requested
$JAVA_HOME/bin/java -jar /usr/share/java/CASA/authtoken/bin/CasaAuthTokenSettingsEditor.jar $*
diff --git a/CASA-auth-token/java/server/Svc/linux/CasaBasicATSSetup.sh b/CASA-auth-token/java/server/Svc/linux/CasaBasicATSSetup.sh
new file mode 100755
index 00000000..1164d531
--- /dev/null
+++ b/CASA-auth-token/java/server/Svc/linux/CasaBasicATSSetup.sh
@@ -0,0 +1,221 @@
+#!/bin/sh
+########################################################################
+#
+# Copyright (C) 2006 Novell, Inc. All Rights Reserved.
+#
+# This library is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public
+# License as published by the Free Software Foundation; version 2.1
+# of the License.
+#
+# This library is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# Library Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public
+# License along with this library; if not, Novell, Inc.
+#
+# To contact Novell about this file by physical or electronic mail,
+# you may find current contact information at www.novell.com.
+#
+# Author: Juan Carlos Luciani
+#
+########################################################################
+
+########################################################################
+#
+# Scrip for setting up iaRealm.xml and auth.policy files for ATS
+# using a single LDAP Realm.
+#
+# Notice that this scrip is very basic and only supports a single LDAP
+# server.
+#
+########################################################################
+
+DEFAULT_TEMPLATE_FILE_FOLDER=/etc/CASA/authtoken/svc/templates
+DEFAULT_CONFIG_FILE_FOLDER=/etc/CASA/authtoken/svc
+
+function display_usage
+{
+ echo "usage: CasaBasicATSSetup.sh [-h] [TemplateFileFolder] [ConfigFileFolder]"
+ echo " where the position dependent parameters are:"
+ echo " -h - Display this information"
+ echo " TemplateFileFolder - Path to the folder containing the template files. If"
+ echo " not specified, the parameter defaults to"
+ echo " $DEFAULT_TEMPLATE_FILE_FOLDER."
+ echo " ConfigFileFolder - Path to the output file folder. If not specified, the"
+ echo " parameter defaults to $DEFAULT_CONFIG_FILE_FOLDER."
+ echo ""
+ echo " The following environment variables MUST be exported when"
+ echo " executing this script:"
+ echo " REALM - The name of the LDAP Realm, example: Tree name"
+ echo " LDAP_HOST_NAME - The host name of the LDAP server"
+ echo " PROXY_USER_NAME - The name of the LDAP Proxy User"
+ echo " PROXY_USER_PW - The password of the LDAP Proxy User"
+ echo ""
+ echo " The following environment variables MAY be exported when"
+ echo " executing this script:"
+ echo " LDAP_LISTEN_PORT - The port used by the LDAP server to listen for connections"
+ echo ""
+ echo " WARNING: CURRENTLY THERE IS A LIMITATION THAT PREVENTS YOU FROM"
+ echo " USING ENVIRONMENT VARIABLES WITH THE CHARACTER ':'."
+ echo ""
+}
+
+function setup_iaRealms_file
+{
+ # Determine the file names
+ TEMPLATE_FILE=$TEMPLATE_FILE_FOLDER/iaRealms.xml
+ CONFIG_FILE=$CONFIG_FILE_FOLDER/iaRealms.xml
+
+ # Verify that the template file exists
+ if [ ! -f $TEMPLATE_FILE ]; then
+ echo "Template file $TEMPLATE_FILE does not exist"
+ return 2
+ fi
+
+ # Verify that the output folder exists
+ if [ ! -d $CONFIG_FILE_FOLDER ]; then
+ echo "Output folder $CONFIG_FILE_FOLDER does not exist"
+ return 2
+ fi
+
+ # Clean-up the output folder
+ rm -f $CONFIG_FILE
+
+ # Verify that all of the appropriate environment variables have been set
+ if [ "$REALM" != "" ]; then
+ if [ "$LDAP_HOST_NAME" != "" ]; then
+ if [ "$PROXY_USER_NAME" != "" ]; then
+ if [ "$PROXY_USER_PW" != "" ]; then
+ # Create and edit the output file
+ sed s:REALM:$REALM:g $TEMPLATE_FILE > $CONFIG_FILE
+ sed -i s:LDAP_HOST_NAME:$LDAP_HOST_NAME:g $CONFIG_FILE
+ sed -i s:PROXY_USER_NAME:$PROXY_USER_NAME:g $CONFIG_FILE
+ sed -i s:PROXY_USER_PW:$PROXY_USER_PW:g $CONFIG_FILE
+ if [ "$LDAP_LISTEN_PORT" != '' ]; then
+ sed -i s:LDAP_LISTEN_PORT:$LDAP_LISTEN_PORT:g $CONFIG_FILE
+ else
+ sed -i s:LDAP_LISTEN_PORT:389:g $CONFIG_FILE
+ fi
+ return 0
+ else
+ return 1
+ fi
+ else
+ return 1
+ fi
+ else
+ return 1
+ fi
+ else
+ return 1
+ fi
+}
+
+
+function setup_authPolicy_file
+{
+ # Determine the file names
+ TEMPLATE_FILE=$TEMPLATE_FILE_FOLDER/auth.policy
+ CONFIG_FILE=$CONFIG_FILE_FOLDER/auth.policy
+
+ # Verify that the template file exists
+ if [ ! -f $TEMPLATE_FILE ]; then
+ echo "Template file $TEMPLATE_FILE does not exist"
+ return 2
+ fi
+
+ # Verify that the output folder exists
+ if [ ! -d $CONFIG_FILE_FOLDER ]; then
+ echo "Output folder $CONFIG_FILE_FOLDER does not exist"
+ return 2
+ fi
+
+ # Clean-up the output folder
+ rm -f $CONFIG_FILE
+
+ # Verify that all of the appropriate environment variables have been set
+ if [ "$REALM" != "" ]; then
+ # Create and edit the output file
+ sed s:REALM:$REALM:g $TEMPLATE_FILE > $CONFIG_FILE
+ return 0
+ else
+ return 1
+ fi
+}
+
+
+function setup_svcSettings_file
+{
+ # Determine the file names
+ TEMPLATE_FILE=$TEMPLATE_FILE_FOLDER/svc.settings
+ CONFIG_FILE=$CONFIG_FILE_FOLDER/svc.settings
+ IAREALMS_FILE_PATH=$CONFIG_FILE_FOLDER/iaRealms.xml
+
+ # Verify that the template file exists
+ if [ ! -f $TEMPLATE_FILE ]; then
+ echo "Template file $TEMPLATE_FILE does not exist"
+ return 2
+ fi
+
+ # Verify that the output folder exists
+ if [ ! -d $CONFIG_FILE_FOLDER ]; then
+ echo "Output folder $CONFIG_FILE_FOLDER does not exist"
+ return 2
+ fi
+
+ # Clean-up the output folder
+ rm -f $CONFIG_FILE
+
+ # Create and edit the output file
+ sed s:IAREALMS_FILE_PATH:$IAREALMS_FILE_PATH:g $TEMPLATE_FILE > $CONFIG_FILE
+ return 0
+}
+
+
+#### MAIN ####
+
+# Determine what folders to utilize based on the input
+# parameters and our defaults.
+if [ "$1" != "" ]; then
+ if [ "$1" != "-h" ]; then
+ TEMPLATE_FILE_FOLDER=$1
+ else
+ display_usage
+ exit 0
+ fi
+else
+ TEMPLATE_FILE_FOLDER=DEFAULT_TEMPLATE_FILE_FOLDER
+fi
+
+if [ "$2" != "" ]; then
+ CONFIG_FILE_FOLDER=$2
+else
+ CONFIG_FILE_FOLDER=DEFAULT_CONFIG_FILE_FOLDER
+fi
+
+# Setup the configuration files
+setup_iaRealms_file
+RETVAL=$?
+if [ "$RETVAL" = "0" ]; then
+ setup_authPolicy_file
+ RETVAL=$?
+ if [ "$RETVAL" = "0" ]; then
+ setup_svcSettings_file
+ RETVAL=$?
+ fi
+fi
+
+if [ "$RETVAL" != "0" ]; then
+ if [ "$RETVAL" = "1" ]; then
+ display_usage
+ fi
+ exit 1
+else
+ exit 0
+fi
+
+
+
diff --git a/CASA-auth-token/java/server/Svc/linux/CasaIdenTokenSettingsEditor.sh b/CASA-auth-token/java/server/Svc/linux/CasaIdenTokenSettingsEditor.sh
index 8abeaaa2..14c4e7c2 100755
--- a/CASA-auth-token/java/server/Svc/linux/CasaIdenTokenSettingsEditor.sh
+++ b/CASA-auth-token/java/server/Svc/linux/CasaIdenTokenSettingsEditor.sh
@@ -1,3 +1,37 @@
#!/bin/sh
+########################################################################
+#
+# Copyright (C) 2006 Novell, Inc. All Rights Reserved.
+#
+# This library is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public
+# License as published by the Free Software Foundation; version 2.1
+# of the License.
+#
+# This library is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# Library Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public
+# License along with this library; if not, Novell, Inc.
+#
+# To contact Novell about this file by physical or electronic mail,
+# you may find current contact information at www.novell.com.
+#
+# Author: Juan Carlos Luciani
+#
+########################################################################
+
+########################################################################
+#
+# Script for editing identoken.settings files
+#
+########################################################################
+
+# Source our environment variables file
+. /etc/CASA/authtoken/svc/envvars
+
+# Perform the operation requested
$JAVA_HOME/bin/java -jar /usr/share/java/CASA/authtoken/bin/CasaIdenTokenSettingsEditor.jar $*
diff --git a/CASA-auth-token/java/server/Svc/linux/CasaSvcSettingsEditor.sh b/CASA-auth-token/java/server/Svc/linux/CasaSvcSettingsEditor.sh
index 1471136e..adce8082 100755
--- a/CASA-auth-token/java/server/Svc/linux/CasaSvcSettingsEditor.sh
+++ b/CASA-auth-token/java/server/Svc/linux/CasaSvcSettingsEditor.sh
@@ -1,3 +1,37 @@
#!/bin/sh
+########################################################################
+#
+# Copyright (C) 2006 Novell, Inc. All Rights Reserved.
+#
+# This library is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public
+# License as published by the Free Software Foundation; version 2.1
+# of the License.
+#
+# This library is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# Library Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public
+# License along with this library; if not, Novell, Inc.
+#
+# To contact Novell about this file by physical or electronic mail,
+# you may find current contact information at www.novell.com.
+#
+# Author: Juan Carlos Luciani
+#
+########################################################################
+
+########################################################################
+#
+# Script for editing svc.settings files
+#
+########################################################################
+
+# Source our environment variables file
+. /etc/CASA/authtoken/svc/envvars
+
+# Perform the operation requested
$JAVA_HOME/bin/java -jar /usr/share/java/CASA/authtoken/bin/CasaSvcSettingsEditor.jar $*
diff --git a/CASA-auth-token/java/server/Svc/linux/Makefile.am b/CASA-auth-token/java/server/Svc/linux/Makefile.am
index 1ec53ccb..90bbf431 100644
--- a/CASA-auth-token/java/server/Svc/linux/Makefile.am
+++ b/CASA-auth-token/java/server/Svc/linux/Makefile.am
@@ -30,7 +30,7 @@ EXTRA_DIST = CasaAuthtokenSvcD \
envvars \
server_keystore_setup.sh \
crypto.properties \
- svc.settings \
+ CasaBasicATSSetup.sh \
CasaAuthPolicyEditor.sh \
CasaAuthTokenSettingsEditor.sh \
CasaIdenTokenSettingsEditor.sh \
diff --git a/CASA-auth-token/java/server/Svc/linux/server_keystore_setup.sh b/CASA-auth-token/java/server/Svc/linux/server_keystore_setup.sh
index 41aca13b..9c32988c 100755
--- a/CASA-auth-token/java/server/Svc/linux/server_keystore_setup.sh
+++ b/CASA-auth-token/java/server/Svc/linux/server_keystore_setup.sh
@@ -23,20 +23,26 @@
#
########################################################################
-#############################################################
-# #
-# CASA ATS Keystore Setup Script. #
-# #
-# An ATS signs tokens and communicates with clients over #
-# SSL. This scrip sets up the necessary key-pairs and #
-# certificates for the ATS to perform these functions. #
-# #
-# For token signing purposes, this scrip creates a self signed certificate that it then #
-# exports. At this time it is sufficient to utilize self #
-# signed certificates because they are meant to be consumed #
-# by entities of the local box. #
-# #
-#############################################################
+########################################################################
+#
+# CASA ATS Keystore Setup Script.
+#
+# An ATS signs tokens and communicates with clients over
+# SSL. This scrip sets up the necessary key-pairs and
+# certificates for the ATS to perform these functions.
+#
+# For token signing purposes, this scrip creates a self
+# signed certificate that it then exports. At this time it
+# is sufficient to utilize self signed certificates because
+# they are meant to be consumed by entities of the local
+# box.
+#
+########################################################################
+
+# Source our environment variables file
+. /etc/CASA/authtoken/svc/envvars
+
+# Perform the operation requested
# Do not do anything if the server keystore has already been created
if [ -f /etc/CASA/authtoken/keys/server/jks-store ]; then
@@ -46,7 +52,7 @@ if [ -f /etc/CASA/authtoken/keys/server/jks-store ]; then
else
echo "Setting up the server's keystore"
- KEYTOOL_PATH=/usr/lib/jvm/java-1.5.0-ibm/bin/keytool
+ KEYTOOL_PATH=$JAVA_HOME/bin/keytool
# Create the server keystore with the key that will be used for signing tokens
host=`hostname -f`
diff --git a/CASA-auth-token/java/server/Svc/linux/svc.settings b/CASA-auth-token/java/server/Svc/linux/svc.settings
deleted file mode 100644
index 0cee0ee2..00000000
--- a/CASA-auth-token/java/server/Svc/linux/svc.settings
+++ /dev/null
@@ -1,4 +0,0 @@
-
-
- /etc/CASA/authtoken/svc/iaRealms.xml
-
diff --git a/CASA-auth-token/java/server/Svc/src/com/novell/casa/authtoksvc/AuthPolicyEditor.java b/CASA-auth-token/java/server/Svc/src/com/novell/casa/authtoksvc/AuthPolicyEditor.java
index 5c0e2858..de3a471f 100644
--- a/CASA-auth-token/java/server/Svc/src/com/novell/casa/authtoksvc/AuthPolicyEditor.java
+++ b/CASA-auth-token/java/server/Svc/src/com/novell/casa/authtoksvc/AuthPolicyEditor.java
@@ -44,7 +44,7 @@ import java.util.Formatter;
public class AuthPolicyEditor
{
private static final String usage =
- "java auth_policy_editor -op [-entry realm:mechanismName[:mechanismInfo]] [-refentry realm:mechanismName] -file policyFilePath\n\n" +
+ "usage: AuthPolicyEditor -op [-entry realm:mechanismName[:mechanismInfo]] [-refentry realm:mechanismName] -file policyFilePath\n\n" +
" where:\n" +
" -op - Corresponds to one of the following operations:\n" +
" -create - Create new auth policy file\n" +
diff --git a/CASA-auth-token/java/server/Svc/src/com/novell/casa/authtoksvc/AuthTokenSettingsEditor.java b/CASA-auth-token/java/server/Svc/src/com/novell/casa/authtoksvc/AuthTokenSettingsEditor.java
index 55e638ab..e682b958 100644
--- a/CASA-auth-token/java/server/Svc/src/com/novell/casa/authtoksvc/AuthTokenSettingsEditor.java
+++ b/CASA-auth-token/java/server/Svc/src/com/novell/casa/authtoksvc/AuthTokenSettingsEditor.java
@@ -32,7 +32,7 @@ package com.novell.casa.authtoksvc;
public class AuthTokenSettingsEditor implements IVerifySetting
{
private static final String usage =
- "java authtoken_settings_editor -op [settingName [settingValue]] -file settingsFilePath\n\n" +
+ "usage: AuthTokenSettingsEditor -op [settingName [settingValue]] -file settingsFilePath\n\n" +
" where:\n" +
" -op - Corresponds to one of the following operations:\n" +
" -create - Create new authtoken settings file\n" +
diff --git a/CASA-auth-token/java/server/Svc/src/com/novell/casa/authtoksvc/IdenTokenSettingsEditor.java b/CASA-auth-token/java/server/Svc/src/com/novell/casa/authtoksvc/IdenTokenSettingsEditor.java
index 2f25f426..17e8631f 100644
--- a/CASA-auth-token/java/server/Svc/src/com/novell/casa/authtoksvc/IdenTokenSettingsEditor.java
+++ b/CASA-auth-token/java/server/Svc/src/com/novell/casa/authtoksvc/IdenTokenSettingsEditor.java
@@ -32,7 +32,7 @@ package com.novell.casa.authtoksvc;
public class IdenTokenSettingsEditor implements IVerifySetting
{
private static final String usage =
- "java identoken_settings_editor -op [settingName [settingValue]] -file settingsFilePath\n\n" +
+ "usage: IdenTokenSettingsEditor -op [settingName [settingValue]] -file settingsFilePath\n\n" +
" where:\n" +
" -op - Corresponds to one of the following operations:\n" +
" -create - Create new identoken settings file\n" +
diff --git a/CASA-auth-token/java/server/Svc/src/com/novell/casa/authtoksvc/SvcSettingsEditor.java b/CASA-auth-token/java/server/Svc/src/com/novell/casa/authtoksvc/SvcSettingsEditor.java
index 5a4a1c6c..9b9cf175 100644
--- a/CASA-auth-token/java/server/Svc/src/com/novell/casa/authtoksvc/SvcSettingsEditor.java
+++ b/CASA-auth-token/java/server/Svc/src/com/novell/casa/authtoksvc/SvcSettingsEditor.java
@@ -34,7 +34,7 @@ import java.io.File;
public class SvcSettingsEditor implements IVerifySetting
{
private static final String usage =
- "java svc_settings_editor -op [settingName [settingValue]] -file settingsFilePath\n\n" +
+ "usage: SvcSettingsEditor -op [settingName [settingValue]] -file settingsFilePath\n\n" +
" where:\n" +
" -op - Corresponds to one of the following operations:\n" +
" -create - Create new svc settings file\n" +
diff --git a/CASA-auth-token/java/server/Svc/templates/Makefile.am b/CASA-auth-token/java/server/Svc/templates/Makefile.am
new file mode 100644
index 00000000..128fa83b
--- /dev/null
+++ b/CASA-auth-token/java/server/Svc/templates/Makefile.am
@@ -0,0 +1,41 @@
+#######################################################################
+#
+# Copyright (C) 2006 Novell, Inc.
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public
+# License as published by the Free Software Foundation; either
+# version 2 of the License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public
+# License along with this program; if not, write to the Free
+# Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+#
+# Author: Juan Carlos Luciani
+#
+#######################################################################
+
+SUBDIRS =
+
+DIST_SUBDIRS =
+
+CFILES =
+
+EXTRA_DIST = auth.policy \
+ authtoken.settings \
+ iaRealms.xml \
+ identoken.settings \
+ svc.settings
+
+.PHONY: package package-clean package-install package-uninstall
+package package-clean package-install package-uninstall:
+ $(MAKE) -C $(TARGET_OS) $@
+
+maintainer-clean-local:
+ rm -f Makefile.in
+
diff --git a/CASA-auth-token/java/server/Svc/templates/auth.policy b/CASA-auth-token/java/server/Svc/templates/auth.policy
new file mode 100644
index 00000000..d9cf2413
--- /dev/null
+++ b/CASA-auth-token/java/server/Svc/templates/auth.policy
@@ -0,0 +1,11 @@
+
+
+
+REALM
+Krb5Authenticate
+
+
+REALM
+PwdAuthenticate
+
+
diff --git a/CASA-auth-token/java/server/Svc/templates/authtoken.settings b/CASA-auth-token/java/server/Svc/templates/authtoken.settings
new file mode 100644
index 00000000..b703427e
--- /dev/null
+++ b/CASA-auth-token/java/server/Svc/templates/authtoken.settings
@@ -0,0 +1,3 @@
+
+
+
diff --git a/CASA-auth-token/java/server/Svc/templates/iaRealms.xml b/CASA-auth-token/java/server/Svc/templates/iaRealms.xml
new file mode 100644
index 00000000..928c379b
--- /dev/null
+++ b/CASA-auth-token/java/server/Svc/templates/iaRealms.xml
@@ -0,0 +1,22 @@
+
+
+
+
+
+
+
+ ldap://LDAP_HOST_NAME:LDAP_LISTEN_PORT
+
+
+
+
+ REALM
+
+
+
diff --git a/CASA-auth-token/java/server/Svc/templates/identoken.settings b/CASA-auth-token/java/server/Svc/templates/identoken.settings
new file mode 100644
index 00000000..cbbf8cf8
--- /dev/null
+++ b/CASA-auth-token/java/server/Svc/templates/identoken.settings
@@ -0,0 +1,5 @@
+
+
+ sn
+
+
diff --git a/CASA-auth-token/java/server/Svc/templates/svc.settings b/CASA-auth-token/java/server/Svc/templates/svc.settings
new file mode 100644
index 00000000..64501cd7
--- /dev/null
+++ b/CASA-auth-token/java/server/Svc/templates/svc.settings
@@ -0,0 +1,4 @@
+
+
+ IAREALMS_FILE_PATH
+