From f27856d545f5c52499f1117497c6f094a082a5e2 Mon Sep 17 00:00:00 2001 From: Juan Carlos Luciani Date: Mon, 4 Jun 2007 17:24:49 +0000 Subject: [PATCH] Updated changes and todo files. --- CASA-auth-token/client/library/TODO | 7 +------ .../linux/CASA_auth_token_client.changes | 19 +++++++++++++++++ CASA-auth-token/server-java/TODO | 2 +- .../package/linux/CASA_auth_token_svc.changes | 21 +++++++++++++++++++ .../package/yast2-casa-ats.changes | 7 +++++++ 5 files changed, 49 insertions(+), 7 deletions(-) diff --git a/CASA-auth-token/client/library/TODO b/CASA-auth-token/client/library/TODO index 1281649f..eb1265bb 100644 --- a/CASA-auth-token/client/library/TODO +++ b/CASA-auth-token/client/library/TODO @@ -10,14 +10,9 @@ This file contains a list of the items still outstanding for libcasa_c_authtoken OUTSTANDING ITEMS -- Add mechanism to try communicating with ATS over port 443 if communications - over port 2645 fail. - - Enhance the AuthMechanism interface to support authentication schemes that require several token exchanges between the client and the server. This will also require the enhancement of the client/server protocol utilized for authentication. -- Add mechanism to allow a user to either accept or reject server certificates - considered invalid. - +- Enhance to dynamically learn about the location of ATSs. diff --git a/CASA-auth-token/client/package/linux/CASA_auth_token_client.changes b/CASA-auth-token/client/package/linux/CASA_auth_token_client.changes index 27129bb7..d0659855 100644 --- a/CASA-auth-token/client/package/linux/CASA_auth_token_client.changes +++ b/CASA-auth-token/client/package/linux/CASA_auth_token_client.changes @@ -1,3 +1,22 @@ +------------------------------------------------------------------- +Mon Jun 4 10:57:41 MDT 2007 - jluciani@novell.com + +- Commented out the line in the client.conf file which was allowing + clients to trust ATSs with Certificates that could not be validated. + This completes the changes necessary for the resolution of + BUG 242891. + +- Changed the client to allow a list of ATSs to be configured in + the client.conf file for the purposes of Fault-tolerance and also + the client now tries to contact an ATS at the same location as + the AuthToken consuming service in addition to the configured + ATSs. These changes were necessary to resolve BUG 242891. + +- The client now also attempts to access ATSs over port 443 in + addition to trying port 2645 if the ATS port number is not + configured. This will make it possible to access the ATSs + when connected to a Web Server. + ------------------------------------------------------------------- Tue Apr 17 09:07:57 MDT 2007 - jluciani@novell.com diff --git a/CASA-auth-token/server-java/TODO b/CASA-auth-token/server-java/TODO index d2fe93e0..fd522cd1 100644 --- a/CASA-auth-token/server-java/TODO +++ b/CASA-auth-token/server-java/TODO @@ -14,5 +14,5 @@ details outstanding items at the project level. OUTSTANDING ITEMS -- Create ATS Windows install. +- Add mechanism so that clients can dynamically discover ATSs. diff --git a/CASA-auth-token/server-java/package/linux/CASA_auth_token_svc.changes b/CASA-auth-token/server-java/package/linux/CASA_auth_token_svc.changes index 10f777a2..b4f87f03 100644 --- a/CASA-auth-token/server-java/package/linux/CASA_auth_token_svc.changes +++ b/CASA-auth-token/server-java/package/linux/CASA_auth_token_svc.changes @@ -1,3 +1,24 @@ +------------------------------------------------------------------- +Mon Jun 4 11:14:14 MDT 2007 - jluciani@novell.com + +- Changed to leverage the server key and certificate + (/etc/ssl/servercerts) if present as part of the solution + to BUG 242891. + +- Added a scrip to store the Signing Certificates from trusted + ATSs in the client store. This certificate is executed by the + Yast module when completing the configured ATS trust associations. + This is part of the solution to BUG 242891. + +- Changed the ATS to use the certificates in the Trusted ATS Keystore + (the client store) when verifying session tokens. This is part of + the solution to BUG 242891. + +- The envvars script for the client now specifies the path that Java + should be using to load native libraries in order to work-around + the problem of the 64bit JVM trying to load 32bit libraries. This + resolves BUG 278825. + ------------------------------------------------------------------- Thu May 24 09:48:00 MDT 2007 - jluciani@novell.com diff --git a/CASA-auth-token/yast2-casa-ats/package/yast2-casa-ats.changes b/CASA-auth-token/yast2-casa-ats/package/yast2-casa-ats.changes index b56a5653..542de404 100644 --- a/CASA-auth-token/yast2-casa-ats/package/yast2-casa-ats.changes +++ b/CASA-auth-token/yast2-casa-ats/package/yast2-casa-ats.changes @@ -1,3 +1,10 @@ +------------------------------------------------------------------- +Mon Jun 4 11:10:27 MDT 2007 - jluciani@novell.com + +- Updated to import the Signing Certificates from ATSs configured + as trusted. This was necessary as part of the solution to + BUG 242891. + ------------------------------------------------------------------- Fri May 18 16:02:10 MDT 2007 - jluciani@novell.com